Cyber-crimes, security and its remedies
Author : Yash Soni
University of Petroleum & Energy Studies, Dehradun.
Cyber-crime is a type of crime which falls under the virtual world that is known as “Cyberspace”. The Term Cyberspace is very broad with no barriers as in the current ERA we can see that the life is getting much easier and smoother which was not at all same in an earlier stage. Due to the latest technology advancements and this can be termed as CYBER ERA. As this ERA has made the communication with the world very strong and efficient, such as for booking tickets in the earlier times one had to stand in a long queue in the railway stations for getting tickets booked and if one wants some cancellations he again had to stand in a long queue, but today we only have to make few clicks of the mouse to get our tickets book and same for the cancellations. These days, a person can harm other person or the victim in two ways, it can be done either Offline also known as Physical damage or Online by attacking the person’s computer where it can be a PC, laptop, smartphones etc. in which the attacker can damage the personal files, useful content, manipulation of the media file and many other things. Cyber-crime is a crime which is committed in the cyberspace between the two entities i.e. on one side there exist an attacker computer while on other side is target computer. The attacker is the one who with the criminal intent tries to harm the target for which he can use various types of tools.
According to the survey report by IAMAI and Kantar, about 500 million internet users have been recorded till June 2018, and we know as the usage of the internet increases the crime rate increases simultaneously. A survey by the Government says, till 2017 more than 33,000 Cyber-attack cases have been registered in India. There are many countries which are facing these cases and India holds the 11th position in the world .
TYPES OF CYBER-CRIMES
Cyber-crimes, as we discussed above, revolves between the attacker computer and victim or target computer, it may affect an individual, his property or the society. Therefore, on this basis there are various types of cyber-crimes which we come across nowadays, here we will discuss a few of them.
- Hacking: Hacking in the simple language is getting unauthorized access to the victim’s computer and destroying the content or data files stored in it. Hackers are mainly programmers who have deep knowledge about the computers, their internal files, their loopholes, their virtual doors to get the unauthorized access. There are two types of hackers White Hat Hacker and the Black Hat Hacker. White Hat Hacker is the person who does hacking of computer for the purpose the security concern such as National Cyber Security Experts while Black Hat Hackers are the ones who do Hacking with the criminal intent or to harm others.
- Data Spying: It is for spying on the confidential information or data on the target computer. It is done remotely by the attacker.
- Data diddling: This attack involves altering raw data before processing and then changing it back after the processing is completed.
- Salami attack: This is newly discovered cyber-attack, it is used for the commission of financial crimes. Example- A bank employee inserts a program in the bank’s server that will deduct an insignificant amount of money from every customer’s account (say Rs.3), as this small amount is unnoticeable by the customer and is transferred to the employee’s (attacker’s) account.
- Internet time theft: As the name suggests, in this the attacker steals the paid internet time of the user.
- Virus/worms bombing: In this the attacker using an external device such as flash drives or through spam emails injects the virus into the target’s computer and if the attacker wants to harm the other computers as well than attacker uses worms which will multiply and spread in other computers that will damage or manipulate the files of the computers connected to the target’s computer.
- Cyber-stalking: It involves following the person’s movement across the internet by posting messages (threatening) on the bulletin boards frequented by the victim, entering the chat rooms frequented by the victim.
- Cyber/child pornography: All the obscene pornographic material online in the websites, produced using a computer or transferred using a computer or downloading through any website, editing any photo with an obscene picture, all this will fall under the Cyber-crime.
- Cyber defamation: Any act, gesture, word, deed etc. in cyberspace, designed to harm the person’s reputation on the internet or even offline, this will be considered as the Cyber-crime or particularly Cyber defamation.
- Cyber–money laundering: is a way to conceal illegally obtained funds. Money laundering works by transferring money in elaborate and complicated financial transactions which can mislead anyone who may seek to trace and review the transactions.
- Credit card fraud: Millions of rupees are lost because of the person who attacks the database where the information of the card is stored and the money from the account holder is stolen. Also, nowadays a new device called a skimmer is fitted in the card swiping machines which captures the card number also the Pin which is further used to empty the bank account.
- Cyberterrorism: In this, the tools are used to interrupt the national infrastructure security by shutting down of energy, transportation, communication, forcing government for the submissions. Online harassment, internet bomb threats, and other technology-driven crimes are considered as cyber-terrorism.
- Intellectual property crimes: These crimes include copyright, patent or design infringement, software piracy, industrial piracy, corporate piracy.
The “Cybersecurity” is the security or protection of the computer networks (includes Local area network and Wide area network), computer systems, files, confidential data, and other media files present in the cyberspace. Different level of securities is involved at every stage of the network layers, where the attacker makes the target to enter into the network and breach the security. In this digital era, IT infrastructure has become an important part of our daily routine, such as in telecommunication, banking systems, transportation, defence systems, etc. When we wake up in the morning, the first thing we are curious about is our mobile device regarding various text messages, e-mails etc., which means all the 24 hours we are surrounded by the electronic devices which stores so much confidential information and is connected with the internet, therefore, cyber security becomes the most important concern nowadays.
There are Cyber Security Experts who are the ones who are specialized in protecting the system from cyber-attacks, they are affiliated with the specialized cyber-security courses certification from various institutes. These experts are hired by the companies who are having transactions in millions, who have huge confidential information database, and other important data, to secure them from the attackers. Not safeguarding can lead to huge loss and we know the data is exponentially increasing day by day, so its security has become the most crucial concern to be prioritized.
If we talk about the basic level of security in our personal computers we are suggested to install anti-virus, switch on firewall, etc. to protect our personal data, but if we talk about the computers which are used as a servers through which so many computers are connected, they cannot be just protected by any antivirus as there are number of ways and the loopholes from where the attacker can target to enter into the server computer or inside the network. So, here the need occurs of Cyber-security experts who can handle the situation at every level of the network. We on a daily basis open or browse many websites. Also, on the top left side of the URL there is mentioned “Secured” then it means the website is secured by the Cyber-experts and can be used by the common person as they are not tracing of your path or not storing your cookie files (your computer’s information) for any kind of illegal activities, therefore the demand in this field of Cybersecurity experts is raised today.
After all this protection no one assures that the system is completely secure as there is no system in the world which is 100% secured there are loopholes.
These are few cyber-crimes involved in the different fields of the cyberspace, also there are various undiscovered cyber-crimes the count of cases solved is very less than that of the unsolved cases and each day the crime rate is increasing simultaneously with the internet usage and technological advancement.
For the victim of the cyber-crime, there are legal remedies which are governed by the Judiciary system of the country.
There was an enactment of a law to show the boundaries to these type of attackers for the commitment of Cyber-crimes i.e. Information Technology Act, 2000 later on amended in the year 2008, for the laymen this is commonly known as the Cyber-law. This Act consists of penalties and the compensation for the technology related crimes. Where the person is a victim of the cyber wrong than he has the option to visit the court for the legal proceedings against the wrongdoer.
- Under section 43A of the Information Technology Act, 2000 the victim has the right to appeal in the court for the compensation of the wrong done to him, as this section covers the penalties and the compensations which involve the offences like “damage to the computer, computer system or computer networks etc.”. Any body-corporate who is dealing with the sensitive data, information or maintaining it of its own or of other’s and if negligently compromises with such data or information that such body corporate will be liable under this section and will have to pay the compensation as per the discretion of the court.
- Section 65 of the Act covers the punishment for the offences which involve “tampering with computer source documents”, where according to the section, “Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy, or alter any computer source code used for a computer, computer program, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force, shall be punishable with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both”.
- There are still various loopholes in this IT Act, 2008 as there are newly discovered and undiscovered cyber-offences for which the law needs to stretch its arms and improve the strictness to deal with.
- Also there are offences which are not governed by the IT Act as they are already covered under other laws such as “Cyber-defamation” which is governed under Indian Penal Code, 1860, the term “Defamation” and its punishment is defined under this Act therefore, no specific definition is covered elsewhere because the impact of such online offence is the same as that of the offline.
We are living in the 21st Century in the country which is in a developing state, where the technology is getting advance and replacing the job of the humans. With the involvement of the internet using the online crime rate is also increasing consequently, for which there are legal remedies available with the victim. But we have seen that the cyber-crime case files are increasing more than that of the solved cases, this is due to the carelessness of the people and lack of the cyber experts who can handle these case. Therefore, we need better training institutes as well as a compulsory branch of Cyber-security subject which will help in solving the cyber-cases and will raise the trust towards the security, but we can try to secure ourselves –
- If we all take care of our own security by not providing the loopholes to the attackers in the social media,
- by not getting trap in social engineering,
- securing our data by giving the limit in the permissions to the websites,
- not using the unsecured websites,
- by not disclosing smart-phone locks,
- ATM card’s pin etc., then there are fewer chances of compromise with the data.
No one is completely secured or can be secured by any institution or by any anti-virus but trying the above-discussed methods we can secure our information, data, devices and ourselves.
Risks surround us everywhere, but precaution is always better than cure!
Mail your C.V at [email protected]