Introduction to Cyber Crime is very necessary and useful for Forensic Science students serving in the cybercrime field and also useful for the general public. Types and Examples of Cyber Crime, How to prevent and report cybercrime, investigating cybercrime.
2. Introduction to
Cyber Crime &
Digital Evidences
Raghu Khimani
Cyber Crime Expert / Advisor
Contact: raghukhimani2007@gmail.com
3. It is rightly said that..
• Yesterday we were afraid of rockets destroying buildings and
computer centers... , Today we should be aware of software
destroying rockets and missiles!!
4. DIGITAL CRIME
• Digital Crime is any illegal activity involving an information technology
infrastructure, including: unauthorized or illegal access, interception
(by technical means of transmissions of computer data to, from or
within a computer system), data interference (unauthorized damaging,
deletion, deterioration, alteration or suppression of computer data),
systems interference (interfering with the functioning of a computer
system by inputting, transmitting, damaging, deleting, deteriorating,
altering or suppressing computer data).
5. Definition of Cyber Crime as per IT ACT 2000
• Cyber crime refers to all the activities done with criminal intent in
cyber space or using the medium of Internet. These could be either
the criminal activities in the conventional sense or activities, newly
evolved with growth of the new medium. Any activity, which
basically offends human sensibilities, can be included in the ambit
of Cyber Crime.
6. INDIAN SCENARIO
• As is being seen world over, cyber crimes are on the rise in India also and so are the arrests made in cyber
crimes cases.
• According to “Crime in India 2016” report published by NCRB, there has been an increase of over 9.30% in the
number of cyber crimes reported under The Information Technology Act 2000 (IT Act) in 2016 over the
corresponding figures for 2015.
• A total of 12317 cases under IT Act and cyber crimes under IPC provisions were registered during the year
2016. The following four major categories of crimes were reported in India as per NCRB constitutes nearly
90% of the cyber crimes:
1. Hacking of Computer System
2. Forgery / counterfeiting using Computers
3. Publication / Transmission of obscene information in electronic form i.e. Pornography
4. Breach of Trust / Frauds.
7. INDIAN SCENARIO
• Cyber Crime Motives – Year 2016
1. Illegal Gain
2. Revenge
3. Insult to Modesty of Women
4. Extortion / Blackmailing
5. Sexual Exploitation
6. Causing Disrepute
7. Developing Own Business / Interest
8. Political Motives
9. Disrupt Public Services
10.Piracy
11.Steal information for Espionage
12.Sale / Purchase of Illegal Drugs / Other
Items
8. INDIAN SCENARIO
• Some states which have taken lead in establishing Cyber Crime Police
Stations and, Cyber Crime Cells have shown registration of larger number of
Cyber Crime cases than the states which do not have such specialized focus.
• According to Director, CBI, “The use of modern technology has resulted in
traditional crime becoming global. This has made the task of investigation
more difficult and complex. There are several examples of kidnapping,
terrorist attacks, economic crimes, bank frauds and financial scams being
committed with the help of computers”. Thus, the task before the law
enforcement authorities is going to grow in complexity and, urgent focus is
needed to build capacity to tackle this growing menace.
9. TYPES OF CYBER CRIMES
Types of Cyber
Crimes
Crimes In Which
Computer Systems
Are Used As
Tools/Instruments
Crimes Targeting to
Computer System
10. Crimes Targeting Computer Systems
• Under Section 66 ITAA 2008Hacking
• Under Section 66 of ITAA 2008
Denial of Service
(DoS) attack or
Distributed Denial-
of-Service (DDoS)
attack
• Under Section 66 of ITAA,2008 or Sec.66F
ITAA,2008 in case if it is done against
country or to strike terror in the people
Spreading Viruses &
Malware
• Under Section 66 of ITAA 2008 or Sec. 66F
ITAA, 2008 in case if it is done against
country or to strike terror in the people
Website Defacement
11. Crimes Targeting Computer Systems
• Under Section 66F ITAA 2008
Cyber
Terrorism
• Under Section 66A, 66D of ITAA 2008Spoofing
• Under Section 66C of ITAA 2008Skimming
• Under Section 66C, 66D of ITAA 2008Pharming
• Under Section 66A of ITAA 2008Spamming
12. Crimes In Which Computer Systems Are Used
As Tools/Instruments
Financial Fraud
• Several sections
under IPC, ITAA -
2008 and other
applicable laws
Data
Modification
• Under Section 66 of
ITAA 2008 and
sections
403,406,408,409 of
IPC as applicable
Identity Theft
And It’s Misuse
• Under Section 66C,
66D of ITAA 2008
Cyber
Bullying/Stalking
• Under Section 66A
of ITAA 2008 and
sections
500,504,506,507,50
8,509 of IPC as
applicable
13. Crimes In Which Computer Systems Are Used
As Tools/Instruments
Data Theft
• Under Section 66 of
ITAA 2008 and
section 379 IPC
Pornography
• Under Section66E,
67, 67A and 67 B of
ITAA 2008 and
section 292 IPC
Theft Of Trade
Secrets And
Intellectual Property
• Under Section 66 of
ITAA 2008, IPR laws
and other
applicable laws
Espionage On
Protected
Systems
• Under Sections 66,
70 of ITAA 2008
and other
applicable laws
14. Tools and Techniques used to Commit Cyber
Crimes
• Cyber Crimes make use of various tools and techniques and
many of these tools are used for the commission of the
cybercrimes and are installed on the victim’s systems through
- exploitation of the vulnerabilities in the systems / networks
or by surreptitiously gaining access to the victim’s systems
which may include physical access or by making use of the
intermediary systems or by deceiving the victim to allow
access to his system or by gathering the victim information.
15. Buffer
Overflow:
The condition when a program or process tries to store
more data in a buffer (temporary data storage area) than
it was intended to hold. Since buffers are created to
contain a finite amount of data, the extra information -
which has to go somewhere - can overflow into adjacent
buffers, corrupting or overwriting the valid data held in
them.
Cracking:
Cracking is breaking into someone else’s computer
system, often on a network; bypassing passwords or
licenses in computer programs; or in other ways
intentionally breaches computer security. A cracker can
be doing this either for profit, or maliciously, or for some
purpose or cause.
16. Data
Didling:
Involves altering the raw data just before a computer
processes it and then changing it back after
processing is completed.
Malware:
A program that is inserted into a system, usually
covertly, with the intent of compromising the
confidentiality, integrity, or availability of the victim’s
data, applications, or operating system or of
otherwise annoying or disrupting the victim.
17. Phishing:
Using spoof E-mails or directing the people to fake
web sites to deceive them into divulging personal
financial details so that criminals can access their
accounts.
Rootkit:
A set of tools that enables continued privileged access to a
computer, while actively hiding its presence from the
administrator. Typically, a cracker installs a rootkit on a
computer after first obtaining user-level access, either by
exploiting a known vulnerability or cracking a password. Once
the rootkit is installed, it allows the attacker to mask intrusion
and gain root or privileged access to the computer and,
possibly, other machines on the network
18. Salami
Attack:
A programmed attack which is implemented in small
(meant to be unnoticeable) increments. This attack
involves making alteration so insignificant that it is
easily concealed and would go completely unnoticed.
Attacks are used for commission of financial crimes.
Sniffer:
A program and/or device that monitors data traveling over
a network. Sniffers can be used both for legitimate
network management functions and for stealing
information off a network. Unauthorized sniffers can be
extremely dangerous to a network’s security because they
are virtually impossible to detect and can be inserted
almost anywhere.
19. Social
Engineering:
A hacker term which involves non-technical intrusion
for deceiving or manipulating unwitting people into
giving out information about a network or how to
access it.
Spoofing:
Refers to a situation in which the incoming information
from an attacker is masked as one that appears to come
from a trusted source to the recipient or to the recipient
network. Often the messages from the fraudster
appearing to be from a genuine source (like bank), seeks
personally identifiable information to perpetrate fraud on
the victim.
20. Spyware:
It is a type of malware that is secretly or surreptitiously
installed into an information system to gather information
on individuals or organisations without their knowledge; a
type of malicious code.
Steganography:
The art and science of writing hidden messages in
such a way that no one, apart from the sender and
intended recipient, suspects the existence of the
message. An image file may contain hidden messages
between terror groups, which will be known only to
the intended recipient and the sender.
21. Trojan:
A malicious program that masquerades as a benign
application and can take complete control of the
victim’s computer system.
Virus: A self-replicating program that runs and spreads by
modifying other programs or files.
A self-replicating, self-propagating, self-contained
program that uses networking mechanisms to spread
itself.
A program that is installed on a system to cause it to
attack other systems.
Worm:
Zombie:
22. Some Examples of Cyber Crime
• E-mail Account Hacking
• E-mail Spoofing
• E-mail Bombing
• Cyber Stalking
• Cyber Defamation
• Online Gambling
• Credit Card Fraud
• Online Share Trading Fraud
• Source Code Theft
• Tax Evasion & Money Laundering (- to transfer
illegal money online)
• Theft of Confidential Info.
• Pornography
• Online Sale of Illegal Articles
• Usenet Newsgroup (Forums)
• Virus Dissemination
• Web Defacement
• Web Jacking
• Email Frauds
• Software Piracy
• Music Piracy
• Intellectual Property Crimes
• Drug Trafficking
• Proxy Scan
• Cyber Terrorism
• Social Engineering Scams
• Forgery
• Data Diddling (altering the raw data)
• Denial of Service Attack
• Salami Attacks
• Trojans & Key loggers
• Internet Time Theft
23. Preventing Cyber-Crime
• General Tips:
• Do not give out identifying information such as your name, home address, or
telephone number in a chat room. Even vital details like age, gender should never
be disclosed to anyone.
• Do not send your photograph to any one on the net unless you know the person
well enough.
• Do not respond to messages or bulletin board items that are obscene or
threatening.
• Never arrange a face-to-face meeting with someone who you have just ‘met’ on the
Internet. In case you have to meet this person, make sure you have someone with
you for the meeting. And inform someone of the person and place you will be going
to. Remember, people online are not always who they seem to be.
24. • E-mail Safety:
• If you ever get an email containing an embedded link, and a
request for you to enter secret details, treat it as suspicious.
• Do not input any sensitive information that might help provide
access to your bank accounts, even if the page appears
legitimate.
• No reputable company ever sends emails of this type.
• Virus Warning:
• Virus warnings are a very common occurrence in the mail box.
• While you shouldn’t take these warnings lightly, a lot of times,
such warnings are hoaxes and will do more harm than good.
• Always check the story out by visiting an anti-virus site such as
Quick Heal, McAfee or Symantec before taking any action,
including forwarding them to friends and colleagues.
25. How to report Cyber-Crime?
• Filing a complaint/ Writing an application letter
• Includes your details like name, email address, telephone number and specific
details on how offence was committed along with names and addresses of
suspects.
• Type of documents should be included in application which can be
considered as proof or evidence in regard to your complaint.
• E-mail printouts which should contain full email header information,
• Chat-room or newsgroup text or screenshots if taken by you,
• Transaction acknowledgements or receipts,
• Credit card records, transaction details and receipts,
• Envelopes or letters received via post courier,
• FAX copies and Phone bills,
• Printed or preferably electronic copies of web pages
26. • What should you do if you believe your complaint is time
sensitive?
• You should contact your local police station directly if you believe your matter is
time sensitive.
• For more complicated cases, you can get the crime related
information on other below mentioned web sites links:-
• If you think you or anyone you know are in immediate danger, please
contact your local police station or main control room (Phone no. 100)
immediately! Online reporting should NEVER be used in the event of an
emergency requiring immediate attention.
Mumbai Police www.mumbaipolice.org
Pune Police www.punepolice.com
Thane Police www.thanepolice.org
Indian Computer Emergency
Response Team (CERT-IN)
www.cert-in.org
27. How to Fulfill Your Role as Concerned Citizens?
• Use anti-virus , spyware software and firewalls - keep them up to date
• Keep your operating system up to date with critical security updates and patches
• Use hard-to-guess passwords. Don’t use words found in a dictionary. Remember that
password cracking tools exist
• Back-up your computer data on disks or CDs often
• Don't share access to your computers with strangers
• If you have a Wi-Fi network, password protect it
• Disconnect from the Internet when not in use
• Reevaluate your security on a regular basis
• Make sure your employees and family members know this info too!
• Don't open emails or attachments from unknown sources
28. Investigating Cyber Crime
•5 Questions for Investigators:
• Why – Why someone committed the crime?
• Who – Who committed the crime?
• When – When did he/they do it?
• Where – Where did they do it?
• How – How was it done?
Notas del editor
Deterioration = બગાડવું
The difference between damage and deterioration is that damage is injury or harm; the condition or measure of something not being intact while deterioration is the process of making or growing worse, or the state of having grown worse.
Data suppression is used whenever there is chance that the information contained in a publicly available report could be used to reveal or infer the identities of specific individuals.
Cyber space = WWW
Conventional = પરંપરાગત
Offends = displeases = નાખુશ કરવું
Sensibilities = સંવેદનશીલતા
Ambit = area
Perpetration = ગુનો
Prosecution = કાર્યવાહી
Constraint = અવરોધ
Intangible = unable to be touched; not having physical presence
NCRB – National Crime Record Bureau
Forgery / Counterfeiting = બનાવટી / નકલી કાગળ બનાવવા
Obscene = અશ્લીલ
Breach of Trust = વિશ્વાસ ભંગ
Fraud = છેતરપીંડી
Modesty = મર્યાદા
Espionage = જાસુસી
Menace = જોખમ / ખતરો
ITAA = IT Act Amendment
Website Defamation = A website defacement is an attack on a website that changes the visual appearance of the site or a webpage.
Cyber Terrorism = Cyberterrorism is the use of Internet attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.
Spoofing = In computer networking, IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a source IP address, with the purpose of concealing the identity of the sender or impersonating another computing system.
Skimming (FRAUD) = A form of white collar crime, skimming is slang for taking cash "off the top" of the daily receipts of a business (or from any cash transaction involving a third interested party) and officially reporting a lower total. – Example of Restaurant, Call Centers, ATM
Pharming = Pharming (pronounced 'farming') is a form of online fraud very similar to phishing as pharmers rely upon the same bogus websites and theft of confidential information.
Spamming = Electronic spamming is the use of electronic messaging systems to send unsolicited messages (spam), especially advertising. As well as sending messages repeatedly on the same site.
Cyber Bullying / Stalking = Cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, a group, or an organization.
Cyber-bullying could be limited to posting rumors or gossips about a person in the internet bringing about hatred in other’s minds; or it may go to the extent of personally identifying victims and publishing materials severely defaming and humiliating them.
Trade Secrets = A trade secret is an invented formula, practice, process, design, instrument, pattern, commercial method, or compilation of information which is not generally known or reasonably ascertainable by others, and by which a business can obtain an economic advantage over competitors or customers.
Espionage on Protected Systems = Espionage or, casually, spying involves a spy ring, government, company/firm or individual obtaining information considered secret or confidential without the permission of the holder of the information. – Intelligence Gathering for Military or IB Dept.
Exploitation = લાભપ્રદ ઉપયોગ
Vulnerabilities = નબળાઈ
Exploitation of the vulnerabilities = નબળાઈઓ નો લાભપ્રદ ઉપયોગ (Ex. NO Antivirus)
Surreptitiously = ગુપ્ત રીતે
Deceiving = છેતરીને
Covertly = છૂપી રીતે
Integrity =પ્રમાણિકતા
Annoying =હેરાન કરવું
Disrupting =ભાંગી નાખવું, છિન્નભિન્ન કરી નાખવું.
Deceive = છેતરવું
Divulging = જાહેર કરાવવું
Intrusion = ઘૂસણખોરી
Benign = Gentle, Kindly
Propagate = Spread and promote widely
Email spoofing = the creation of email messages with a forged sender address. An attacker alters his identity so that some one
thinks he is some one else .
Email Bombing = repeatedly sending an email message to a particular address in an attempt to overflow the mailbox or overwhelm the server.
Cyber stalking = the use of the Internet or other electronic means to stalk or harass an individual, a group of individuals, or an organization
Cyber Defamation = The Criminal sends emails containing defamatory matters to all concerned of the victim or post the defamatory matters on a website. (Disgruntled employee may do this against boss, ex-boys friend against girl, divorced husband against wife etc)
Tax Evasion = કરચોરી & Money Laundering = પૈસાની ગેરકાયદે હેરફેર કરવી અને પૈસા છુપાવવા
Virus Dissemination = It just means deliberately releasing/spreading a computer virus.
Web Defacement = Hack the website and paste their own page.
Drug Trafficking = the cultivation, manufacturing, distribution, and sale of drugs that are subject to drug prohibition laws
Cyber Terrorism = the use of Internet based attacks in terrorist activities.
Data Diddling = Altering of raw data.
Internet Time Theft = the use by an unauthorized person of the Internet hours paid for by another person.
Web Jacking = Social Engineering sites phishing.
Email fraud = is the intentional deception made for personal gain or to damage another individual through email.