Unit – 2
CYBER–CRIME AND CYBER LAW
Cyber Crime
Cyber
crime is related to the criminal activities that are carried out over the
internet or through computer networks. This can include hacking, online fraud,
identity theft, spreading malware, cyberbullying, and various other forms of
criminal behaviour committed through digital means.
Cyber Law
Cyber law, also known as internet law or digital law, signifies
the legal regulations and frameworks governing digital activities. It covers a
large range of issues, including online communication, e-commerce, digital
privacy, and the prevention and prosecution of cybercrimes.
Classification of Cyber Crimes
Cybercrimes can be classified into various categories based on the
nature of the offense. Here are some common classifications:
Financial Fraud:
Scams like fake emails or websites to steal money or sensitive
information.
Unauthorized transactions or hacking into bank accounts.
Online Harassment and Bullying:
Sending mean messages, threats, or spreading rumors online.
Persistently following or monitoring someone online without their
consent.
Cyber Surveillance:
Stealing secrets, intellectual property, or sensitive information
for spying or competitive advantage.
Hacking into government or corporate networks for classified data.
Cyber Terrorism:
Using computers to create fear or chaos by disrupting critical
systems..
Sharing scary ideas or planning bad things using the internet to
scare people.
Malicious software encrypts data and demands payment for
decryption.
Holding data or systems hostage until a ransom is paid. (Malicious-to cause harm)
Intellectual Property Theft:
Illegally sharing or distributing copyrighted material like movies
or software.
Using trademarks or brand names without permission for profit.
Cyber Vandalism:
Breaking or messing up websites, emails, or computer systems on
purpose.
Creating trouble or spreading viruses online just to cause
problems or annoy people.
Identity Theft:
Phishing emails or fake websites tricking people into revealing
personal information.
Creating fake identities or accounts using stolen information for
fraudulent activities.
Common Cyber Crimes
Phishing: Deceiving people into sharing personal
information via fake emails or websites.Individuals to
reveal personal information, such as passwords and credit card
numbers.
Malware Attacks: Harmful software infecting computers
to steal data or damage systems.
Identity Theft: Stealing personal information to
impersonate someone for financial gain.
Online Fraud: Tricking individuals into giving
money or sensitive information through fake websites or ads.
Cyberbullying: Harassing or threatening others
online through messages or social media.When
someone expresses or suggests the possibility of harm, danger, or evil to
someone else:(to treat (someone) in a cruel, insulting, threatening, or
aggressive fashion)
Data Breaches:
Unauthorized access to sensitive information stored in databases.
Ransomware: Holding data or systems hostage until a
ransom is paid to unlock them.
Cyber Crime Targeting Computers and Mobiles
Cybercrime targeting computers and mobile devices involves illegal
activities done using technology like computers, smartphones, and the internet.
Malware Attacks: Harmful software sneaks into
computers and mobiles to steal data or cause damage. It can come from
suspicious downloads, emails, or websites. (Sneaks-move in a secret)
Phishing: Tricky emails or messages pretend to be from
trustworthy sources to trick users into revealing personal information like
passwords or credit card numbers.
Identity Theft: Personal information is stolen to
pretend to be someone else and commit fraud or other crimes. This can lead to
financial loss and damage to reputation. (Pretend-behave )
Online Fraud: Deceptive tactics are used to trick
people into giving away money or sensitive information, often through fake
websites, ads, or online marketplaces.
Cyberbullying: Harassment or threats are sent to
others online, causing emotional distress or harm. It can happen through social
media, messaging apps, or online forums.
Data Breaches: Hackers gain unauthorized access to
databases, stealing personal information like usernames, passwords, or credit
card details. This information can be sold on the dark web or used for identity
theft.
Ransomware: Malicious software locks up devices or files
until a ransom is paid. It can encrypt data or make devices unusable, causing
disruption and financial loss.
Social Engineering: Tricking people into revealing
sensitive information or performing actions that compromise security. This can
happen through manipulation, persuasion, or impersonation.
Mobile App Fraud: Fraudulent apps on mobile devices
deceive users into downloading them, stealing personal information, or
displaying ads without permission.
Unauthorized Access: Intruders (enter into) gain entry to
computers or mobile devices without permission, accessing sensitive data or
using the device for malicious activities such as spying or spreading malware.
Cyber Crime against Women and Children
Cybercrime against women and children, often referred to as
“online gender-based violence” or “cyber harassment”, is a serious and concerning
issue. These crimes can encompass various forms of online harassment,
exploitation, and abuse that target women and children.
Online Harassment: Women and children face bullying,
threats, or stalking online, causing emotional distress and sometimes leading
to offline harm. (Stalking-Sending unwanted,
frightening, or obscene emails, or text messages.)
Cyberstalking: Persistent monitoring or tracking of
women and children's online activities, often leading to fear for safety and
invasion of privacy.
Revenge Porn: Intimate images or videos are shared
without consent, causing humiliation, harassment, and potential harm to
reputation. (humiliation-a feeling of
shame or loss of self-respect)
Online Grooming: Predators befriend children online
to manipulate, exploit, or sexually abuse them, often by gaining their trust
and gradually escalating contact.
Sextortion: Threats or blackmail are used to force women
and children into providing sexual images or engaging in sexual acts online.
Cyberbullying: Children are subjected to bullying,
harassment, or exclusion online, leading to low self-esteem, depression, and
social isolation.
Child Exploitation: Children are trafficked, sexually
abused, or exploited through online platforms, often disguised as modeling opportunities
or relationships.
Identity Theft:Personal information of women and
children is stolen and misused for fraudulent activities, leading to financial
loss and reputational damage.
Unauthorized Sharing of Personal Information:Private
details of women and children are shared without consent, leading to risks of
stalking, harassment, or identity theft.
False Representation: Fake profiles or personas are
created to deceive women and children online, leading to trust violations and
potential exploitation or fraud.
Financial Frauds
Phishing: Phishing attacks often involve creating fake
links that appear to be from a legitimate organization. These links may use
misspelled URLs or subdomains to deceive the user.
Identity theft: Identity theft is the crime of using
the personal or financial information of another person to commit fraud, such
as making unauthorized transactions or purchases.
Ransomware: Malicious software encrypts a victim's
files, and the attacker demands payment (usually in cryptocurrency) for the
decryption key.
Credit Card Fraud: Unauthorized use of credit card
information, either through physical theft or online hacking, for making
purchases or withdrawals.
Investment Scams: Cybercriminals may create fake investment
opportunities, promising high returns to lure victims into investing money,
which is then stolen.
Online Banking Fraud: Criminals use various methods like
keyloggers or phishing to gain access to online banking credentials and conduct
unauthorized transactions.
Cryptocurrency Scams: Fraudulent schemes related to
cryptocurrencies, including fake initial coin offerings (ICOs), Ponzi schemes,
or fake exchanges
Business email compromise (BEC) is a type of cybercrime where the
scammer uses email to trick someone into sending money or divulging
confidential company info. The culprit poses
as a trusted figure, then asks for a fake
bill to be paid or for sensitive data they can use in another scam.
ATM Skimming: Criminals install devices on ATMs to
capture card information, enabling them to create counterfeit cards or make
unauthorized transactions.
Social Engineering attacks
Social engineering is the tactic of manipulating, influencing, or
deceiving a victim in order to gain control over a computer system, or to steal
personal and financial information
It uses psychological manipulation to trick users into making
security mistakes or giving away sensitive information.
Types of social engineering attacks
1) Phishing
Phishing scams are the most common type of social engineering
attack. They typically take the form of an email that looks as if it is from a
legitimate source.
2) Watering hole attacks
An attacker will set a trap by compromising a website that is
likely to be visited by a particular group of people, rather than targeting
that group directly. An example is
industry websites that are frequently visited by employees of a certain sector,
such as energy or a public service.
3) Business email
compromise attacks
Business email compromise (BEC) attacks are a form of email fraud
where the attacker masquerades as a C-level executive and attempts to trick the
recipient into performing their business function, for an illegitimate purpose,
such as wiring them money.
4) USB baiting
USB baiting sounds a bit unrealistic, but it happens more often
than you might think. Essentially what happens is that cybercriminals install
malware onto USB sticks and leave them in strategic places, hoping that someone
will pick the USB up and plug it into a corporate environment, thereby
unwittingly unleashing malicious code into their organization.
5) Physical social
engineering
Certain people in your organization--such as help desk staff,
receptionists, and frequent travelers-- are more at risk from physical social
engineering attacks, which happen in person.
Malware and Ransomware attacks
Ransomware is a specific type of malware that encrypts a user's
files or locks them out of their system, rendering the data inaccessible.
Evolution and Sophistication: Ransomware and
malware attacks continually evolve, with cybercriminals developing more
sophisticated techniques and methods to bypass security measures.
Ransomware-as-a-Service (RaaS):
Criminals often utilize RaaS platforms, enabling even non-technical individuals
to launch ransomware attacks. This commodification increases the prevalence of
such attacks.
Double Extortion: In addition to encrypting files,
modern ransomware often involves double extortion, where attackers threaten to
leak sensitive data unless a ransom is paid. This adds a layer of complexity
and urgency for victims.
Targeted Attacks: Some ransomware attacks are highly
targeted, focusing on specific organizations or industries. Cybercriminals may
conduct extensive reconnaissance to maximize the impact of their attacks
Supply Chain Attacks: Ransomware and malware can
infiltrate organizations through supply chain weaknesses. This includes
compromising software vendors, third-partyservices, or even trusted partners in
the supply chain.
Malware
Malware is a broader term encompassing various types of malicious
software. This includes viruses, worms, trojans, spyware, and other harmful
programs.
Objectives: Malware can have different objectives, such as
stealing sensitive information, disrupting system operations, or providing
unauthorized access to a computer system.
Types of Malware attacks:
Viruses: Malicious software that attaches itself to
legitimate programs and spreads when the infected program is executed
Worms: Self-replicating malware that spreads across
networks without human intervention.
Trojans: Disguised as legitimate software, trojans
trick users into installing them, often leading to unauthorized access or data
theft.
Spyware: Secretly monitors user activity, capturing
sensitive information without the user's knowledge.
Rootkits: Conceals the existence of malicious
software, often granting unauthorized access.
Botnets: Networks of compromised computers controlled
by a central server.
Keyloggers: Records keystrokes to capture sensitive
information like passwords.
Zero Day and Zero Click attacks
Zero-day attacks target vulnerabilities in software or hardware
that are unknown to the vendor or the public.
Exploitation Period: Attackers exploit these
vulnerabilities before the software vendor releases a patch or fix, leaving no
time for defenders to prepare.
Stealthy Nature: Zero-day attacks are often stealthy
and can go undetected for extended periods, making them particularly dangerous.
Targeted Exploitation: Zero-day vulnerabilities are
frequently used in targeted attacks against specific individuals,
organizations, or even nations.
High Market Value: Information about zero-day
vulnerabilities and their associated exploits can have a high value on the
black market, motivating attackers to discover and use them.
Challenges in Detection: Traditional security measures may
not detect zero-day attacks
since there are no known signatures or patterns to identify these
exploits. Zero-click attack
A zero-click attack is a type of cyber-attack that requires no
user interaction to exploit a vulnerability in a device or application. In
other words, the attacker can gain access to a device or network without the
user clicking on a link or downloading a file.
No User Interaction: Zero-click attacks do not rely on
user actions such as clicking on links or opening attachments. The exploitation
occurs automatically without any explicit involvement from the user.
Advanced Persistence: Zero-click attacks often involve
advanced and persistent threats that can remain undetected for extended
periods, increasing the potential damage.
Malware Delivery: Zero-click attacks may deliver
malware silently, allowing it to operate in the background without the user's
knowledge, leading to data theft, surveillance, or other malicious activities.
Supply Chain Exploitation: Zero-click
attacks can exploit weaknesses in the software supply chain, compromising
software before it even reaches the end user. This highlights the importance of
secure development practices and supply chain integrity.
Cyber Espionage: Zero-click attacks are frequently
associated with cyber espionage activities, allowing attackers to gain
persistent access to sensitive information without raising suspicion.
Cybercriminals modus - operandi
Modus operandi is the principle that a criminal is likely to use
the same technique repeatedly, and analysis or record of that technique used in
every serious crime will provide a means of identification in a particular
crime."
Certainly,
here's a more detailed breakdown of cybercriminal modus operandi in points:
Phishing: Creation of deceptive emails, messages, or
websites to trick individuals into revealing sensitive information, such as
usernames and passwords.
Malware Attacks: Deployment of malicious software,
including viruses, trojans, and ransomware, to compromise systems, steal data,
or disrupt operations.
Social Engineering: Manipulation of human psychology to
deceive individuals or employees into disclosing confidential information or
performing actions beneficial to the attacker.
Ransomware Attacks: Encryption of files or systems with
a demand for payment in exchange for restoring access.
Credential Stuffing: Use of stolen login credentials from
one service to gain unauthorized access to other accounts where users reuse
passwords.
Supply Chain Attacks: Exploitation of vulnerabilities in
third-party suppliers, software, or services to compromise the security of the
target organization.
Zero-Day Exploits: Utilization of unknown
vulnerabilities in software or hardware before vendors release patches.
Distributed Denial of Service (DDoS):
Overloading a target's network or website with traffic to disrupt normal
operations and cause service outages.
Crypto jacking: Covert use of a victim's computing
resources for cryptocurrency mining without their knowledge or consent.
Man-in-the-Middle (MitM) Attacks:
Intercepting and potentially altering communication between two parties to
eavesdrop or manipulate information.
Reporting of Cyber Crime
Reporting cybercrimes is essential to combat and prevent online
criminal activities. Reporting these incidents can help law enforcement
agencies and cybersecurity experts investigate and take action against
cybercriminals.
Here are the steps you should take to report cybercrimes:
1)Contact Local Law Enforcement
If you are a victim of a cybercrime, such ae hacking, online
harassment, identity theft, or fraud, you should contact your local police
department or law enforcement agency. They can guide you on how to proceed and
they may open an investigation if necessary·
2)Contact National Authorities
In many countries there are national agencies or specialized
cybercrime units responsible for investigating and handling cybercrimes. In the
United States, for example, you can report cybercrimes to the Federal Bureau of
Investigation (FBI) through its Inte et Crime Complaint Center (IC3).
3)Use Online Reporting Portals
Many countries have online reporting portals or websites where you
can report cybercrimes. Check your local government websites for cybercrime
reporting options. In the U.S., the IC3 website is a common platform for
reporting various types of cybercrimes.
4)Contact Your Internet Service provider (ISP)
If you suspect that you are a victim of cyberattacks or online
harassment, your ISP may be able to assist or guide you in reporting the issue.
5)Report to Financial Institutions
If you experience financial cybercrimes, such as credit card fraud
or unauthorized bank transactions, contact your bank or credit card company
immediately. They can help investigate and resolve these issues.
6)Cybersecurity Organizations
You can also report cybercrimes to cybersecurity organizations or
Computer Emergency Response Teams (CERTs) in your country. These organizations
are equipped to handle and investigate cyber incidents.
If you encounter Cyberbullying, harassment, or other malicious
activity on social media platforms or websites, report the incidents to those
platforms. They often have mechanism in place for reporting abusive behavior.
Remedial and Mitigation Measures
Remedial and mitigation measures are essential steps to address
and minimize the impact of cyber incidents and vulnerabilities. These actions
aim to remediate the damage caused by a cyber incident and reduce the risk of
future incidents.
Here are some key
remedial and mitigation measures:
Remedial Measures
Containment: Isolate affected systems or networks to
prevent the spread of the incident. This may involve disconnecting compromised
devices from the network.
Data Recovery: Restore lost or encrypted data from
backups. Ensure that backups are secure and regularly tested for reliability.
Malware Removal: Use antivirus and anti-malware tools
to detect and remove malicious software from infected systems.
Patch and Update: Apply patches and updates to
affected software, systems, and devices to close vulnerabilities that were
exploited in the incident.
Password Reset: Change passwords for compromised
accounts or systems to prevent unauthorized access.
Incident Documentation: Thoroughly document the incident,
including the timeline, actions taken, and evidence collected. This
documentation is valuable for investigations and post-incident analysis
Incident Documentation: Thoroughly document the incident,
including the timeline, actions taken, and evidence collected. This
documentation is valuable for investigations and post-incident analysis.
Communication: Notify affected parties, including
customers, partners, and • employees, about the incident and steps taken to
remediate it. Transparent and timely communication is essential for maintaining
trust.
Legal and Compliance Obligations:
Comply with legal requirements regarding data breach notifications, which may
vary by jurisdiction
Forensic Analysis: Conduct a forensic analysis to understand
the scopes and cause of the
incident, which can help prevent future occurrence.
Mitigation Measures
Risk Assessment: Regularly assess and prioritize
cyber risks to identify vulnerabilities and potential threats.
Network Segmentation: Isolate critical systems from less
secure ones to limit the spread of an attack.
Access Control: Implement the principle or least
privilege (PoLP) to restrict user and system access to only what is necessary.
Data Encryption: Encrypt sensitive data at rest and
in transit to protect it from unauthorized access.
Cybersecurity Training: Educate employees and users on
security best practices, including how to recognize phishing attempts and other
threats.
Intrusion Detection and Prevention:
Use intrusion detection and prevention systems (IDS/IPS) to identify and block
suspicious network activity.
Security Patch Management: Establish a
patch management process to keep software and systems up-to-date with the
latest security updates.
Incident Response Plan: Develop and maintain an incident
response plan to ensure a swift and organized response to future incidents.
Backup and Recovery Strategy: Regularly back
up critical data and maintain an effective disaster recovery plan to minimize
downtime in the event of an incident.
Legal Perspective of Cybercrimes
In India, cybercrimes have become a significant concern as the
country continues to embrace digital technologies and the internet. The
Information Technology Act, 2000 (amended in 2008) is the primary legislation
governing cybercrimes in India.
Here's an overview of cybercrimes from an Indian perspective:
Legal Framework: The Information Technology Act,2000 (IT Act) was
enacted to address various cyber-related offenses and provide a legal framework
to deal with cybercrimes. The
IT Act was subsequently amended in 2008 to
expand its scope and strengthen provisions related to cybercrime.
Punishments and Penalties: The IT Act
prescribes various penalties and imprisonment terms based on the severity of
the cybercrime committed. The penalties • can range from fines t. imprisonment
up to life, depending on the nature of e offense.
Cyber Cell and Law Enforcement:
Many states in India have established specialized cyber cells or cybercrime
units to investigate and tackle cybercrimes effectively. These units work
closely with the Indian Computer Emergency Response Team (CERT-In) and other
law enforcement agencies to address cyber threats.
Cyber Appellate Tribunal: The IT Act established the Cyber Appellate
Tribunal to hear appeals against orders issued by the Controller of Certifying
Authorities and adjudicate on certain cyber-related matters.
Data Protection and Privacy: India has been
working on enacting comprehensive data protection legislation to protect
individuals privacy and personal data. The Personal Data Protection Bill, 2019,
aims to regulate the collection, storage, processing, and transfer of personal
data and ensure data protection.
Cyber Security Initiatives: The Indian
government has initiated several cybersecurity measures to enhance the
country's resilience against cyber threats. Initiatives like Digital India and
cyber Swachh Kendra (Botnet Cleaning and malware Analysis Center) aim to
promote safe and secure digital practices.
International Cooperation: India actively
participate in international efforts to combat cybercrime and cooperate with
other countries in investigating cross-border cyber offenses. It is a signatory
to the Budapest Convention on Cybercrime, a globally accepted treaty on
combating cybercrime.
IT Act 2000 and its Amendments
The Indian Information Technology (IT) Act, 2000 is a significant
piece of legislation that governs various aspects of electronic transactions,
digital signatures, data protection, and cybercrimes in India. The act was
enacted on October 17, 2000, and later amended in 2008 to address emerging
challenges in the digital realm.
Here are some key
features and provisions of the Indian IT Act:
Digital Signature: The Act recognizes digital
signatures as legally valid and equivalent to physical signatures. It provides
a legal framework for the use of digital signatures in electronic transactions,
contracts, and other digital documents.
Electronic Records and Documents:
Act acknowledges the legal validity of electronic records and documents. It
enables the use of electronic records as evidence in legal proceedings.
Electronic Governance: The act promotes electronic
governance by mandating the use of electronic means for government
communications, filings, and transactions. It aims to reduce paperwork and
enhance the efficiency of government processes.
Cybercrime Offenses: The, IT Act addresses various cyber
offenses and provides penalties for unauthorized access to computer systems,
data theft, computer-related fraud, cyberterrorism, and other cybercrimes. It
also criminalizes the publishing or transmitting of obscene material in
electronic form.
Penalties and Adjudication: The act
prescribes penalties for offenses, which may include imprisonment and fines. It
also sets up Adjudicating Officers to adjudicate offenses under the act.
Cyber Crime and Offences
India Information Technology Act has been protecting citizens from
white-collar crimes to attacks by terrorist
The laws for cyber-crime safeguard citizens from dispensing
critical information to a stranger online. The rise of the 21st century marked
the evolution of cyberlaw in India with the Information Technology Act, 2000.
Cyber Crimes Offenses & Penalties in India
Organizations dealing with Cyber-crime and cyber security in India
Indian Cybercrime Coordination Centre (I4C) was
established by MHA (Ministry of Home Affairs), in New Delhi
to provide a framework and eco-system for Law
Enforcement Agencies (LEAs) for dealing with Cybercrime in a coordinated and comprehensive manner.
I4C is envisaged (imange, think of something as being possible) to
act as the nodal point to curb Cybercrime in the country.
The Expert Group identified the gaps and challenges in tackling
Cybercrime and made specific recommendations to combat Cybercrime in the
country.
The Expert Group recommended creation of Indian Cybercrime
Coordination Centre (I4C) to strengthen theoverall security apparatus to fight
against Cybercrime.
Objectives of I4C
To act as a nodal point to curb Cybercrime in the country.
To strengthen the fight against Cybercrime committed against women
and children.
Facilitate easy filing Cybercrime related complaints and
identifying Cybercrime trends and patterns.
To act as an early warning system for Law
Enforcement Agencies for proactive Cybercrime prevention and detection.
Awareness creation among public about preventing Cybercrime.
Assist States/Union Territories in capacity building of Police
Officers, Public Prosecutors and Judicial Officers in the area of cyber
forensic, investigation, cyber hygiene, cyber-criminology, etc.
No comments:
Post a Comment