Emerging trends in cyber crimes

images (2)

Crimes, in whatever form, always affect the society directly or indirectly. Internet has become our necessity and we use it in every field of society. Misuse of computer with the help of internet further leads to illegal acts which are often categorized as cyber crime such as fraud, stealing identities or violating privacy etc

Cyber crime is not defined anywhere in any legislation under Indian law but Information of technology Act 2000 deals with offences related such crimes in India.

In this Essay we would like to discuss the increase rate of cyber crimes, its impact on society, laws dealing with cyber crime in India and case laws related to cyber crime. We will also mention the different kinds of cyber crimes which commonly prevail.

 INTRODUCTION:-

Technology has transformed the shape of our lives. It has made an adverse impact on one’s day to day life. Whether personal or professional; technological development and its related risks go hand in hand. Those risks involved have lead to some severe offences and crimes commonly known as cyber crimes. Coalescing all the accepted definitions of cyber crimes, it could be found out that with the emergence of making our lives trouble-free, technology (involving computers, mobiles, internet etc.) has given a new type of crime where it is not necessarily wrapped up with any kind of physical harm, but instead involves a damage to one’s personal information and therefore impairing one’s reputation.

There are giant numbers of activities such as cyber stalking, identity threat, computer viruses, spam activities, financial fraud, harassment etc. Some statistical studies have divulged that cyber crime cases over the past two years have promptly augmented. There were 4192 cyber crimes in 2013 which were 2761 in 2012. If one considers such crimes as per Indian Penal Code also, the number of crimes was 5500. Police has arrested 3301criminals in this regard.[1]

The most common form of cyber crime is the harassment caused to victim over internet resulting in defaming one’s character. Such kinds of crimes target individual or group of individuals with a criminal motive to intentionally harm the reputation of that person. Physical harm is not necessary in such crimes but can harm victim mentally with the help of using modern telecommunication networks. Cyber crime is nowhere defined in any legislation under Indian law but the United Nations Manual on the Prevention and Control of Computer Related Crime includes fraud, forgery and unauthorized access in its definition of cyber-crime[2].

Basically there are two main activities which constitute cyber crime. Under first activity they target computer networks or devices such as viruses, malware, or denial of service attacks under second category covers crimes facilitated by computer networks or devices such as cyber-stalking, fraud, identity-theft, extortion, phishing(spam) and theft of classified information.

RECENT TREND IN CYBER CRIME:-

 In today’s time cyber crime has become a serious threat and is quite different from old-school crime, such as robbing, mugging or stealing. Criminals can commit it from remote location and they need not worry about the law enforcement agencies in the country where they are committing crimes.

Social networking sites has encouraged new ways to communicate and share information. Millions of people are using these websites daily. These websites were started with the purpose of connecting people and sharing information but now these are used for harassing people, stealing information, threatening and many other illegal activities which under the purview of cyber crime.

Most of the internet frauds reported in India are relating to phishing, usages of stolen Credit cards, debit card, unauthorized fraudulent real time gross settlement (RTGS) transactions, fictitious offers of funds transfer, remittance towards participation in lottery, money circulation schemes and other fictitious offer to cheap funds etc.[3] As per the report of standing committee on information technology there have been cyber attacks on the public sector and private sector IT infrastructures like website defacements, intrusions, network probing, and targeted attacks to steal some information, identity theft (phishing) and disruption of services. About 300 end user systems on an average are reported to be compromised on a daily basis. More than 100,000 viruses/worms variants are reported to be propagated on the net on a daily basis, of which 10,000 are new and unique.

There are three main trends are prevailing in the world and these are-

  • Internationalization of Organized Crime
  • Growth of Social Media
  • The Emergence of Advanced Persistent Attack

Internationalization of Organized Crime- Cyber criminals has spread their feet globally and because of that it has become harder to trace them and stop their illegal activities. A lack of international collaboration also makes it harder to track down hackers as they attack from multiple locations.[4] When Stuxnet hit India last year, it sent alarm bells ringing in the highest offices of the country, after all, India was the third-most infected country in the world.[5]

In the words of Mr. Krishna Sastry Pendyala, asst.government examiner, cyber Forensic Division, Director forensic science, “cyber crime is an organized crime, much like the mafia. There are powerful geographically dispersed actors in the scheme.” One of the biggest problem in the fight against international cyber crime is inter and intra national collaboration. With ambivalent cyber laws and a lack of international co-operation, cyber criminals are enjoying a free run says Pratap Reddy, director, cyber Security, Nasscom.

Growth of Social Media- We have accepted social media as a need of life. We share our information, promote our business and communicate with each other. It is the perfect opportunity for cyber attackers. They can easily steal company’s data and personal information through these websites. Use of these social websites is unstoppable. Earlier the use of social media was choice but now it has become a necessity. According to data from GISS (Global information for security survey), 49% of Indian enterprises intend to increase access to social media.

Social media plays a significant role in spear phishing attacks. According to a recent report by Cisco (E-mail Attacks: This Time It’s Personal), spear phishing levels have jumped three-fold in the last 12 months. There is one new concept of engineering attack that is click jacking. It is a way to encourage someone to do something which he won’t do otherwise. Click jacking is most commonly noticed on Facebook. For example a friend posts a shocking video on Facebook. If the post tickles your curiosity enough you’d be tempted to watch the video. But when you click on the play button, you notice that instead of the shocking video you’ve gone and liked the video and it goes as a news feed to all your friends.[6]

In one of the most popular and the very first case filed undr section 67 of information technology act, 2000- State of Tamil Nadu vs. Suhas Katti. It was the case of online harassment where the accused has posted obscene, defamatory and annoying messages about a divorcee woman in the yahoo message group. The victim also received e-mails by the accused in order to cause more nuisances over the internet. There is no doubt in the fact that making an e-mail id is way easier where it doesn’t require much of computer skills. Hence, the latest news so declared by the Gmail and yahoo that now they are to make phone nuber mandatory for the new e-mail ids. They claimed that this would help them to check spam e-mail senders.

“In an effort to protect our users from abuse, we sometimes ask users to prove they’re not a robot before they’re able to create or sign in to accounts. Having this additional confirmation via phone is an effective way to keep spammers from abusing our systems,” the website said.[7]

The Emergence of Advanced Persistent Attack- attackers steal data but do not destroy that data. These data remains undetected for long time. In March 2011, cyber attacker targeted RSA. It was most audacious security breach of the year. Attackers sent an e-mail to 12 people of an organization with an excel file titled as 2011 recruitment plan. 11 of them deleted the mail but one didn’t. One click on the attachment was enough for the attackers to sniff around the network, determine key servers and then slowly get access to them. These crimes also termed as APT (advanced persistent threats). In these crimes, criminals gather detail information regarding the target. With full preparation attackers attempt their work.

TYPES OF CYBER ATTACKS:-

Cyber crime is a broader term which includes different kinds of crimes. There is no universally categorization of cyber crime. Criminals keep changing their method and skills of crime. Here are few crimes which are commonly prevail-

Hacking- unauthorized access of computer and networks comes under hacking. Criminals steal information from computers and hard disks.

Email Bombing- it crashes the server by sending a large number of mails to the victim.

Salami attacks- such attacks are related to financial crimes. In such crimes criminal deducts very small amount of money from account and account holder generally did not notice such deduction but criminals collect huge amount by this way. It involves money transaction frauds popularly known as financial frauds or computer frauds. Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss.[8] Financial frauds leads to deleting data, destroying the output, mislead the person, having made unauthorized transactions, transferring money by using fake identity etc.

In one of the international cases, where there was a financial fraud of over US $ 466,000 in March 2010, where the money disappeared from the accounts of Village View Escrow, a small business in California that holds funds for real estate transactions. The money was siphoned in 26 online wire transactions that scattered funds to a network of people under orders to wire the money to banks in Eastern Europe via Western Union

Virus- viruses are computer programs and attached with computer only. It transfers from one computer to another through removable disks or by other way. Generally it affects the data of computer such as stealing hard aspace, accessing private information, corrupting data, spamming contacts etc.

Web jacking-it is similar to hacking. Criminal crack password and take control of other’s website. Actual owner doesn’t have control over website but hacker handles it, it is called web jacking.

Service Attack- it crashes the computer system by offering more resources and programs then it can handle. It is a special kind of hacking.

Data diddling- In data diddling covers the alteration of raw data in computer before producing.Electricity Boards in India have been victims to data diddling programs inserted when private parties were computerizing their systems.

Cyber stalking- online harassment by sending E-mails and online messages come under the cyber stalking. Criminals collect information by any way or may know the victim personally and start harassing and make the victim’s live miserable.

CONCLUSION:-

Criminals have developed a large network of cyber crime. They always come up with new skills and methods of crime.  The growth of cyber crime in India, as all over the world, is on the rise and to curb its scope and complexity is the pertinent need today. The law enforcement agencies are not able to make strong law to control cyber crime because these criminals keep changing their method and technology to quickly. Hence Commercial institutions and government organization need to look at other methods of safeguarding themselves. Cyber crimes are not going away, if anything it is getting stronger. We should learn from past incidents and use that information to prevent further crime. India has adopted The Information Technology Act 2000 to protect citizens from cyber crimes but problem is that cyber crime can be committed from anywhere in the world and global connectivity of internet helps these criminals to hide their identity and they make use of service provider to hide their traces.

 

[1]  Taken from report published at http://www.cyberlawclinic.org/casestudy.asp

[2] Cyber Law, introduction to cyber law

[3] 52nd report, Standing committee on information technology

[4] Disaster resource guide

[5] Trends in security, Varsha Chidambaram

[6] Trends in security, Varsha Chidambaram

[7] articles.economictimes.indiatimes.com/2014-08-10/news/52648335_1_mobile-number-phone-number-new-yahoo

[8] http://www.wikipedia.org/computercrimes

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s