` `

White Hat considered one of nice guys, a white hat hacker is one who hacks and the informs the owner of the hacking Black Hat in contrast, the black hat hacker is considered a criminal and uses his/her skills to break the law Gray Hat as one would imagine, a gray hat hacker sometimes is good, and sometimes is criminal; a combination of the white and black hat

` `

` ` `

` `

Script Kiddie a demeaning term, used for those who hack but do so by following directions and not creating anything of their own Trojan horse deceptive programs that pretend they do one thing, only to enter the computer system and do another; however, they need not be bad for the computer Virus a self-replicating program that inserts itself into executable codes or documents Worm also a self-replicating program, but a worm breeds itself in computer systems.

` `

` `

` `

Tools Hackers Need To Get Into Websites

`

Some of the tools that a hacker may use are often varied and constantly changing. One such tool that was used last year allowed a hacker to gain control of the computers of those who simply mistyped the word Google - when trying to get the popular search engine. This automatically directed them to a special website that would give them such malware items as Trojan downloaders, backdoors and spyware. Another tool would be the robot spider. These can be sent out and put on automatic and will look for ports of access into your computer. These spiders are running around all the time and some say that they may hit most computers that are online - up to 50 times a day.

Other tools use email attachments. It is claimed that as much as 65% of all email is spam. And as much as 1 in about 30 emails contains a virus, or some form of malware. This is why having your own virus and spam protection is a must, as well as a good spyware remover. Someone is busy. Once someone has been hacking information on a computer they will often leave a Trojan file that will give them further access - often more than one file. Then they could use your computer to send out spam attacks - without you even knowing that it is taking place. Or, they could simply be hacking your personal information off of your computer. These are just a few of their tools.

DeCSS 1.2b is used as a cracking tool, is highly engineered software that has been designed in order to modify the other software with an intention to remove the usage restriction. Coldlife 4.0 is another tool for website hacking that falls in the category of flooder. This is a program that has been designed to overload the connection by certain mechanisms like a fast pinging that causes a sudden DoS Attack.

Best Hacking Tools Available

`

` `

PCHelps Network Tracer is the other name that uses standard network query utilities in order to work up a handy report on a specified Internet address. Hacking websites have become easy with the other strong and download hacking tools called IntelliTamper 2.07. This is a probe tool that scans websites for all types of information that the hacker programs is searching for by exploring into another system looking for the vulnerable points where to launch an attack from.

` ` ` `

Trojan is a program that acts as one of the salient causes of breaking into the systems with a hidden intent. The word Trojan adds subversive functionality to an existing program. A trojaned login program is created to accept a certain password for any user's account that the hackers can use to log into the system at any time and from wherever he wants.

` `

John The Ripper 1.0 is a password cracking tool, which is a program used to make an algorithmic approach to decrypt the passwords and password files. NMap Win 1.2.12 is also one of the most important tools, which is used in planning an attack on a remote system. This also helps the programmer to develop other tools for such attacks.

` `

Profiles of Famous Computer Hackers

` ` `

Bill Gates, co-founder of Microsoft Steve Jobs came back with the introduction of several new products in Apple. Although Linus Torvalds was known among the hacker community as the hero who created Linux, the open source operating system, it hasn't been until recent years that people started to wonder if there was another option apart from using Microsoft's operating system.

Profiles of Bad Hackers

`

One of the most famous black hackers is Kevin Mitnick, who broke into the computers of several organizations, including Fujitsu, Motorola, Sun Microsystems and Nokia. Another famous hacker is Vladimir Levin, a mathematician who led a group of Russian hackers and stole ten million dollars from Citibank. Until this day, no one knows how they did it. Jonathan James case is a bit more complicated. He was the first juvenile from the teen hackers of the USA to be prosecuted for computer hacking. But that didn't stop him. Later, he was able to access the computer systems of NASA and the US Department of Defense. Finally, he was imprisoned.

Example of Hackers

Dennis Ritchie, Ken Thompson, and Brian Kernighan

Example of Hackers(2)

Bill Gates and Paul Allen

Paul Baran

Bjarne Stroustrup

Linus Torvalds

Example of Crackers

Kevin Mitnik

Hackers
`

` `

The computer hackers actually trespass or circumvent artistically, yet scientifically into the other computer system with a hunger to know the programmable systems, how they perform and their internal structures a hacker generally does not have intention destroy data maliciously or to steel things. a hacker who cracks and hacks systems is not only interested in breaking the security of the system but also in knowing about the system's details, by which he gains much more than by simply cracking systems.

Crackers
`

Cracking means to break off the computer's security system. This is a subject matter of hard-core science with an aesthetic undertone of artistic skill that has attracted a few millions of teenagers and young adults all over the world. The cracker breaks through the system's security and proves to be far more dangerous than the hackers who just quench his or her thirst by simply discovering the workings of a system.

Ethical Hacker
`

They dedicate their skills to serve their clients. Instead of spending long nights inside obscure rooms filled with computers looking for some victim, they work inside corporations, finding ways to protect the networks and computer systems.

Defining Cyber Crime

`

In the early 1990's, when hacker efforts stopped AT&T communications altogether, the U.S. Government launched its program to go after the hackers. One of the most famous for his computer crimes hacking was Kevin Mitnick, who was tracked by computer, and caught in 1995. He served a prison sentence of about five years. Others have likewise been caught. Another case is that of Vasily Gorshkov from Russia, who was 26 years old when convicted in 2001.

How To Defeat The Attempts Of A Black Hat Hacker

Basic Knowledge ` So, the first thing that we need to know is that computers, and networks, are like houses. If they don't have the windows and doors properly secured, anyone can enter. Firewall ` In order to secure our "house", we need to have a firewall installed and properly configured. A firewall is like a lock that assures that all the entrances to your computer are properly closed, so no one from the outside can access it.

Anti Virus Software ` Antivirus have been around since the first personal computers since viruses have always existed. Unfortunately, the internet has generated a demographic explosion and now they wander, freely, through the net. There are several software packages in the market, so test the ones with which you feel more comfortable and stay with the one that is more convenient for you. ` Regular Updates

Regular Updates ` The next step is to update your operating system, especially if it is Windows XP. Ninety percent of the worldwide operating system market is owned by Microsoft. For that reason, it is the preferred choice for crackers in the entire world. They are constantly looking for ways to bypass the security of this operating system, looking for weaknesses of all kind (even in something as innocent as the Media Player). In order to stop them, maintain your operating system updated.

Education in Security Techniques ` Finally, if you are inside a company, assure yourself that the users are trained. They must be able to detect if they are being victims of cracker scam. ` It can be through the internet messaging system, an email or even an innocent looking PowerPoint attachment sent by a friend. People are the last line of defense against black hat hacking.

FI R EWALL

What is firewall ?
Firewall Firewall is hardware / software protects the resources of a private network from users from other networks

Organization , universities , companies use firewall systems Firewall can act as gateway Firewall can act as proxy Firewall filter Incoming & Outgoing information

LAN

INTERNET

Main purpose of using firewalls

` `

Packet filtering
`

Analyzing packets Provide access to other networks e.g INTERNET

Proxy service
`

INTERNET

LAN

How a firewall works ?

Sniffing Mode 1) An attacker tries to compromise a service on the protected network. 2) The Firewall identifies the attempt.
Reset

Harden

Alert

The FIREWALL can now:

LOG

Log the attempt Alert the admin Harden the firewall Or reset a TCP/IP connection

Types of firewalls ?
Firewalls use one or more of three methods to control traffic flowing in and out of the network . 1 # FILTER BASED FIREWALL 2# PROXY BASED FIREWALL 3# STATEFUL INSPECTION Filter based firewalls are configured with a table of addresses that characterize the packets they will , and will not, forward . By addresses, we mean more than just the destinations IP address,although this in one possibility. Ex : (*,*,128.7.6.5,80) Generally. Each entry in the table is a 4tuple : it gives the IP address and TCP port number for both source and destination . It sometimes called as LEVEL 4 SWITCHES. To understand proxy based firewalls works and why you would want one - consider a corporate web server,where the company wants to make some the servers page accessible to all external users ,but it wants to restrict certain of the pages to corporate users at one or more remote sites . Continues...

The solution is to put an HTTP proxy on the firewall . Remote users establish an HTTP/TCP connection to the proxy , which looks at the URL contained in the request message . If the requested page is allowed for source host,the proxy establishes a second HTTP/TCP connection to the server and forwards the request on to the server. The proxy then forwards the response in the reverse direction between the two TCP connection. A newer method that doesnt examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics . If the comparison yields a reasonable match, the information is allowed through . Otherwise it is discarded .

 Advantages

Packet Filter Based Firewall

Generally faster than other firewalls because they perform fewer evaluations Can provide NAT -- Network Address Translation Least Expensive

Disadvantages
Limited capabilities -- typically only Source & Destination Cannot address protocol subsets other than IP -- most TCP only, not UDP. This can impact DNS. Cannot perform checks on higher-level protocols No value add features such a s URL filtering, HTTP caching, authentication, anti-spoofing, etc.
Applications Presentation Sessions Transport Network DataLink Physical Applications Presentation Sessions Transport Network DataLink Physical Applications Presentation Sessions Transport Network DataLink Physical

Circuit Proxy Based Firewall

 

Forces the client and the server to address their packets to the proxy. Intercepts and re-addresses all packets reAdvantages
More control than a Packet Filter Client has no way to learn the server IP address SOCKS 5 allows optional user authentication & encryption

Disadvantages
Requires client modifications Still a relatively high level of granularity-- Does not address packet contents granularity- No anti-spoofing antiApplications Presentation Sessions Transport Network DataLink Physical Applications Presentation Sessions Transport

PROXY

Network DataLink Physical

Stateful Inspection
Advantages
Operates at 2nd/3rd layer in the OSI stack -- faster than Application Proxy Application independent More granularity then Circuit Proxy or Packet Filter Disadvantages Less granularity than Application Proxy
Applications Applications Presentation Sessions Transport Network DataLink Physical DataLink Physical Presentation Sessions Transport Network Applications Presentation Sessions Transport Network DataLink Physical

INSPECT Engine

State Tables

What firewall protects us from

` ` ` ` ` ` ` ` `

Remote login Application backdoors Operating system bugs Denial of service E-mail bombs Viruses SPAMs Trojans .

Popular hardware & software firewalls

Software Firewall Ms. ISA Server Norton Internet Security Mcafee Internet Security ZoneAlarm Kerio BlackICE Outpost Hardware Firewall Cisco PIX Fortiguard Cyberoam Check Point NetScreen NetD WatchGuard

What is proxy ?
Proxy Proxy is hardware / software Indirect access to other networks e.g INTERNET. all computers on the local network have to go through it before accessing information on the Internet. Organization , universities , companies use proxy systems Proxy act as gateway Proxy act as Cache Server/Firewall Proxy share a connection to others

LAN

INTERNET

Main purpose of using proxies

`

Improve Performance
` `

Act as Cache server Bandwidth control Prevent access to some web sites!!! Prevent access to some protocols Time division Browsing the WWW without any identification!!!

Filter Requests
` ` `

Surfing Anonymously
`

Improve Performance
`

Caching
` `

Reduce latency Reduce Network Traffic

Caching can greatly speed up Internet access. If one or more Internet sites are frequently requested, they are kept in the proxy's cache, so that when a user requests them, they are delivered directly from the proxy's cache instead of from the original Internet site. Caches diminish the need for network bandwidth, typically by 35% or more, by reducing the traffic from browsers to content servers.

Bandwidth control
Policy-based Bandwidth Limits Deny by content type

512 Kbps 128 Kbps 64 Kbps 1 Mbps

INTERNET

Filter Requests
`

Prevent access to some web sites!!!

`

Categories web sites

` ` ` ` ` ` ` `

Adult/Sexually Explicit Advertisements & Pop-Ups Chat Gambling Games Hacking Peer-to-Peer .Exe / .Com .Mid / .MP3 / .Wav .Avi / .Mpeg / .Rm

Check by content type

` ` `

What do you need for proxy installation?

` ` ` ` ` `

Proxy Software
`

Ms ISA Server , Squid , WinRoute ,

Server At least 2 network cards DIRECT INTERNET connection (Public IP Address) Switch/Hub (elective) Private IP Address
`

10.0.0.1/8 172.16.0.1/16 192.168.0.1/24

How a proxy works ?

See the next Demo

Source IP
LAN

IP

: 172.16.0.2

172.16.0.2 www.yahoo.com Dest IP 209.191.93.52

Gw : 172.16.0.1

IP : 172.16.0.1

Proxy Server INTERNET

IP

: 217.219.66.2

Gw : 217.219.66.1

LAN

IP

: 172.16.0.2

Gw : 172.16.0.1

Source IP 172.16.0.2 www.yahoo.com Dest IP 209.191.93.52 Source IP 217.219.66.2 www.yahoo.com Dest IP 209.191.93.52 Change Source IP Address

IP : 172.16.0.1

Proxy Server INTERNET

IP

: 217.219.66.2

Gw : 217.219.66.1

LAN

IP

: 172.16.0.2

Gw : 172.16.0.1

IP : 172.16.0.1

Proxy Server

IP

: 217.219.66.2

Source IP 209.191.93.52

INTERNET

Gw : 217.219.66.1

Dest IP 217.219.66.2 Change Source IP Address & Destination IP Address

LAN

IP

: 172.16.0.2

Gw : 172.16.0.1

Source IP 209.191.93.52 Dest IP 172.16.0.2 Source IP 209.191.93.52 Dest IP 217.219.66.2

IP : 172.16.0.1

Change Dest. IP Address

Proxy Server INTERNET

IP

: 217.219.66.2

Gw : 217.219.66.1

LAN

IP

: 172.16.0.2

Gw : 172.16.0.1

Source IP 209.191.93.52 Dest IP 172.16.0.2

IP : 172.16.0.1

Proxy Server INTERNET

IP

: 217.219.66.2

Gw : 217.219.66.1

Proxy types
` ` ` `

Web proxies Caching proxies Transparent proxies Open proxies

Proxy setting in IE

Popular hardware & software proxies

Software Proxy Ms. ISA Server Squid WWWOFFLE Ziproxy SafeSquid tinyproxy Privoxy WinGate Hardware Proxy Cisco PIX Blue Coat Cyberoam Alacer

Introduction to Cyber Crime

`

Computer Crime, E-Crime, Hi-Tech Crime or Electronic Crime is where a computer is the target of a crime or is the means adopted to commit a crime. Most of these crimes are not new. Criminals simply devise different ways to undertake standard criminal activities such as fraud, theft, blackmail, forgery, and embezzlement using the new medium, often involving the Internet

Computer vulnerability
` ` ` ` `

Computers store huge amounts of data in small spaces Ease of access Complexity of technology Human error One of the key elements that keeps most members of any society honest is fear of being caught the deterrence factor. Cyberspace changes two of those rules. First, it offers the criminal an opportunity of attacking his victims from the remoteness of a different continent and secondly, the results of the crime are not immediately apparent. Need new laws and upgraded technology to combat cyber crimes

Different Types of Cybercrimes

Cyber crimes Web jacking

Hacking

Information Theft

E-mail bombing

Salami attacks

Denial of Service attacks

Trojan attacks

Types of Cyber crimes

` ` ` ` `

` ` ` ` ` `

Credit card frauds Cyber pornography Sale of illegal articles-narcotics, weapons, wildlife Online gambling Intellectual Property crimes- software piracy, copyright infringement, trademarks violations, theft of computer source code Email spoofing Forgery Defamation Cyber stalking (section 509 IPC) Phising Cyber terrorism

Crime against Government

Crime against property

Crime against persons

TYPES OF CYBER CRIMES

E-Mail bombing: Email bombing refers to sending a large amount of e-mails to the victim resulting in interruption in the victims e-mail account or mail servers. Data diddling: This kind of an attack involves altering the raw data just before it is processed by a computer and then changing it back after the processing is completed. Salami attacks: These attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed e.g. A bank employee inserts a program into banks servers, that deducts a small amount from the account of every customer Denial of Service: This involves flooding computer resources with more requests than it can handle. This causes the resources to crash thereby denying authorized users the service offered by the resources.

Phishing
`

Phishing, the mass distribution of spoofed e-mail messages, which appear to come from banks, insurance agencies, retailers or credit card companies and are designed to fool recipients into divulging personal data such as account names, passwords, or credit card numbers.

Phishing
`

Delhi doctor Sanjay Sood discovered this modus operandi recently. He received an official-sounding email, supposedly from the website administrator, asking for an update of his name, date of birth and pin code. Reassured that it did not ask for his password, he quickly provided the information. Apparently, these details were used to decode his password and hijack his email ID. Next morning, he was flooded with the kind of distress calls that have been extensively reported these days. Somebody had sent emails to all my contacts to kindly send dollars to my bank account as I was supposedly stranded in Malaysia. Sood had fallen to yet another instance of phishing, a criminal act of pretending to be an official website or email of typically a bank, payment site or website administrator. Private information thus collected is used to access bank accounts and defraud in other ways.

Carding
`

Carding, which entails using stolen credentials (and can include package reshipping, money moving, and identity theft schemes)

How to hack PayPal and get up to $40,000 USD in your account!

`

) Visit (CLICK HERE TO DOWNLOAD) to order a special donation code (SEE PROGRAM BELOW) to access my program that captures and decrypts SSL money packets going around from PayPal users around the world and adds that money to your account. In other words, you will be receiving lots and lots of "random" payments from people you never knew, as seen below in my payments page. This program does not NEED your Paypal password like all the scams you see on youtube that steal your account. This is by far the only working Paypal Bypass, below is a free trial. DONATION CODE IS: H3J1K0VNDK IT IS REQUIRED TO LOGIN THE PROGRAM CONTROL PANEL.

2) After your donation, you will receive a special code that you will need to access my program. Next, open my program (download it below), enter the email you want the money to go to, and how much money would you like to hack and add to this account in the box provided. . and finally, enter the donation code.

3) That's It!! This tool will do everything you need for you from here on. You may log in your Paypal account afterwords and watch the payments come one by one in real time! No more logging out and waiting !!!

Bot Attack
`

Compromised servers or bots, which may be launching cyber attacks or sending Spam

Infect the machine with password stealing Trojan, the Trojan steals Mail Client settings, extracts the username, password, email id , SMTP server address and uploads this information to the central repository. Alternatively, they may also start sending out spam using these credentials from the infected machine. From the central repository , this information is then collected and an attack is coordinated, utilizing the BotNetworks. It seems to be a coordinated bot-net attack, wherein, the compromised user-ids along with their passwords and the connecting server DNS is being utilized to send SPAM , masked an authenticated user.

The conclusion has been arrived at, after observing that the originating IP of these authenticated users kept on changing every1 min. Due to which, Company servers are accepting the mails and since they are from authenticated users, mail relay is being allowed. Since only the authenticated users (on the external server, i.e. Server used for accepting mails after authenticating the user) have been compromised, it is safe to assume that the user-list was gathered from this server. This List was then fed into the bot-net system and the attack was initiated.

There are two possibilities, as to how this list was being used by Bot-Nets, the first being, one of the servers containing the list of users was compromised, this possibility cannot be confirmed, as it is outside the purview of this document. The Second possibility, presumes a virus infection on a large scale at all Company Locations by a password stealing malware/Trojan, which steals from the infected systems and uploads to the central repository..

Computer Viruses
`

Viruses

A computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of it. Note that a program does not have to perform outright damage (such as deleting or corrupting files) in order to be called a "virus".

A computer virus is a program that can copy itself and infect a computer without permission or knowledge of the user.

Why Do people Create These Viruses?

`

To distribute political message.

To attack the products of specific companies.

Some consider their creations to be works of art, and see as a creative hobby.

Financial gain from identity theft

Types of Viruses
Types of viruses

Armored virus

Companion virus

Polymorphic virus

Macro virus

Boot sector virus

Stealth virus

Logic bomb

Sparse infector

Network viruses

Cyber Threats
Cyber Threats
`

Cyber threats to a control system refer to persons who attempt unauthorised access to a control system device and network using a data communications pathway.

Main threats to cyber crime is Hacking. Hacking involves gaining unauthorised access to a computer and altering the system in such a way as to permit continued access, along with changing the configuration, purpose, or operation of the target machine, all without the knowledge or approval of the systems owners.

New Internet Threats

`

All computers need internet security Home users can lose valuable personal data with one click to the wrong website. Children trading games also exchange viruses unknowingly. You receive an email requesting an update to your payment details, and a hacker gains access to your bank account. A backdoor is installed on your machine, and your PC becomes a zombie, spewing out spam.

New technologies - new anti-malware solutions As cyber threats have evolved, so has software to deflect such threats. Sophisticated antispyware and antivirus solutions capable of detecting the most complex new viruses are now available.

What Is Spam
`

Spam is the equivalent of physical junk mail and unsolicited telemarketing phone calls. It has become one of the largest nuisances to computer users for both home and business users. There are two main types of spam, and they have different effects on Internet users.Cancellable Usenet spam is a single message sent to 20 or more Usenet newsgroups. (Through long experience, Usenet users have found that any message posted to so many newsgroups is often not relevant to most or all of them.) Usenet spam is aimed at "lurkers", people who read newsgroups but rarely or never post and give their address away. Usenet spam robs users of the utility of the newsgroups by overwhelming them with a barrage of advertising or other irrelevant posts. Furthermore, Usenet spam subverts the ability of system administrators and owners to manage the topics they accept on their systems. Email spam targets individual users with direct mail messages. Email spam lists are often created by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses. Email spams typically cost users money out-of-pocket to receive. Many people - anyone with measured phone service - read or receive their mail while the meter is running, so to speak. Spam costs them additional money. On top of that, it costs money for ISPs and online services to transmit spam, and these costs are transmitted directly to subscribers.

Frequency of incidents of Cyber crimes in India

Denial of Service: Section 43 Virus: Section: 66, 43 Data Alteration: Sec. 66 U/A Access : Section 43 Email Abuse : Sec. 67, 500, Other IPC Sections Data Theft : Sec 66, 65

Source: Survey conducted by ASCL

Frequency of reporting Cyber crimes in India

`

During the year 2005, 179 cases were registered under IT Act as compared to 68 cases during 2004 21.2% cases reported from Karnataka, followed by Maharashtra(26) , Tamil Nadu(22) and Chhattisgarh and Rajasthan (18 each) out of 179 cases, 50% were related to Section 67 IT Act.,125 persons were arrested. 74 cases of hacking were reported wherein 41 were arrested.

Combating cyber crimes

`

Technological measures- Public key cryptography, Digital signatures ,Firewalls, honey pots Cyber investigation- Computer forensics is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable in courts of law. These rules of evidence include admissibility (in courts), authenticity (relation to incident), completeness, reliability and believability. Legal framework-laws & enforcement

Combating Cyber crime-Indian legal framework

`

Information Technology Act, 2000-came into force on 17 October 2000. Information technology Act 2000 consists of 94 sections segregated into 13 chapters. Four schedules form part of the Act. Extends to whole of India and also applies to any offence or contravention there under committed outside India by any person {section 1 (2)} read with Section 75- Act applies to offence or contravention committed outside India by any person irrespective of his nationality, if such act involves a computer, computer system or network located in India Section 2 (1) (a) Access means gaining entry into ,instructing or communicating with the logical, arithmetic or memory function resources of a computer, computer resource or network IT Act confers legal recognition to electronic records and digital signatures (section 4,5 of the IT Act,2000)

Civil Wrongs under IT Act

` `

Chapter IX of IT Act, Section 43 Whoever without permission of owner of the computer

` ` ` `

Secures access (mere U/A access) ` Not necessarily through a network Downloads, copies, extracts any data Introduces or causes to be introduced any viruses or contaminant Damages or causes to be damaged any computer resource ` Destroy, alter, delete, add, modify or rearrange ` Change the format of a file Disrupts or causes disruption of any computer resource ` Preventing normal continuance of computer

Civil Wrongs under IT Act (Contd.)

` ` `

` ` ` `

Denies or causes denial of access by any means ` Denial of service attacks Assists any person to do any thing above ` Rogue Websites, Search Engines, Insiders providing vulnerabilities Charges the services availed by a person to the account of another person by tampering or manipulating any computer resource ` Credit card frauds, Internet time thefts Liable to pay damages not exceeding Rs. One crore to the affected party Investigation by ADJUDICATING OFFICER Powers of a civil court

Data diddling: changing data prior or during input into a computer

` `

Section 66 and 43(d) of the I.T. Act covers the offence of data diddling Penalty: Not exceeding Rs. 1 crore Case in point : NDMC Electricity Billing Fraud Case: A private contractor who was to deal with receipt and accounting of electricity bills by the NDMC, Delhi. Collection of money, computerized accounting, record maintenance and remittance in his bank who misappropriated huge amount of funds by manipulating data files to show less receipt and bank remittance.

Section 46 IT Act
`

Section 46 of the IT Act states that an adjudicating officer shall be adjudging whether a person has committed a contravention of any of the provisions of the said Act, by holding an inquiry. Principles of Audi alterum partum and natural justice are enshrined in the said section which stipulates that a reasonable opportunity of making a representation shall be granted to the concerned person who is alleged to have violated the provisions of the IT Act. The said Act stipulates that the inquiry will be carried out in the manner as prescribed by the Central Government All proceedings before him are deemed to be judicial proceedings, every Adjudicating Officer has all powers conferred on civil courts Appeal to cyber Appellate Tribunal- from decision of Controller, Adjudicating Officer {section 57 IT act}

Section 47, IT Act

`

Section 47 of the Act lays down that while adjudging the quantum of compensation under this Act, the adjudicating officer shall have due regard to the following factors, namely(a) the amount of gain of unfair advantage, wherever quantifiable, made as a result of the default; (b) the amount of loss caused to any person as a result of the default; (c) the repetitive nature of the default

Cybercrime provisions under IT Act,2000

Offence Relevant Section under IT Act Sec.65 Sec.66 Sec.67 Sec.70 Sec.72 Sec.73

Tampering with Computer source documents Hacking with Computer systems, Data alteration Publishing obscene information Un-authorized access to protected system Breach of Confidentiality and Privacy Publishing false digital signature certificates

Section 65: Source Code

` ` `

Most important asset of software companies Computer Source Code" means the listing of programmes, computer commands, design and layout Ingredients ` Knowledge or intention ` Concealment, destruction, alteration ` computer source code required to be kept or maintained by law Punishment ` imprisonment up to three years and / or ` fine up to Rs. 2 lakh

Section 66: Hacking

Ingredients

Intention or Knowledge to cause wrongful loss or damage to the public or any person Destruction, deletion, alteration, diminishing value or utility or injuriously affecting information residing in a computer resource

Punishment
imprisonment up to three years, and / or fine up to Rs. 2 lakh Cognizable, Non Bailable,
Section 66 covers data theft aswell as data alteration

Sec. 67. Pornography

`

Ingredients ` Publishing or transmitting or causing to be published ` in the electronic form, ` Obscene material Punishment ` On first conviction ` imprisonment of either description up to five years and ` fine up to Rs. 1 lakh ` On subsequent conviction ` imprisonment of either description up to ten years and ` fine up to Rs. 2 lakh Section covers ` Internet Service Providers, ` Search engines, ` Pornographic websites Cognizable, Non-Bailable, JMIC/ Court of Sessions

Computer Related Crimes under IPC and Special Laws

Sending threatening messages by email Sending defamatory messages by email Forgery of electronic records Bogus websites, cyber frauds Email spoofing Online sale of Drugs Web - Jacking Online sale of Arms Sec 503 IPC Sec 499, 500 IPC Sec 463, 470, 471 IPC Sec 420 IPC Sec 416, 417, 463 IPC NDPS Act Sec. 383 IPC Arms Act

Some more offences dealt with under IPC

` ` ` `

Criminal breach of trust/Fraud- Sec. 405,406,408,409 IPC Destruction of electronic evidence-Sec.204,477 IPC False electronic evidence-Sec.193 IPC Offences by or against public servantSec.167,172,173,175 IPC

Email spoofing:
`

Pranab Mitra , former executive of Gujarat Ambuja Cement posed as a woman, Rita Basu, and created a fake e-mail ID through which he contacted one V.R. Ninawe an Abu Dhabi businessmen . After long cyber relationship and emotional massages Mitra sent an e-mail that she would commit suicide if Ninawe ended the relationship. He also gave him another friend Ruchira Senguptas e-mail ID which was in fact his second bogus address. When Ninawe mailed at the other ID he was shocked to learn that Mitra had died and police is searching Ninawe. Mitra extorted few lacs Rupees as advocate fees etc. Mitra even sent e-mails as high court and police officials to extort more money. Ninawe finally came down to Mumbai to lodge a police case.

Legal provisions to counter identity theft

`

The IT Act 2000 in its present form does not have any specific provision to deal with identity theft. However, the Expert Committee on Amendments to the IT Act 2000 (whose report is presently under consideration by the government for adoption) has recommended amending the Indian Penal Code (IPC) by inserting in it two new sections: section 417A which prescribes punishment of up to 3 years imprisonment and fine for 'cheating by using any unique identification feature of any other person'; and section 419A that prescribes punishment of up to 5 years imprisonment and fine for 'cheating by impersonation' using a network or computer resource.

Forgery
`

Andhra Pradesh Tax Case

In the explanation of the Rs. 22 Crore which was recovered from the house of the owner of a plastic firm by the sleuths of vigilance department, the accused person submitted 6000 vouchers to legitimize the amount recovered, but after careful scrutiny of vouchers and contents of his computers it revealed that all of them were made after the raids were conducted . All vouchers were fake computerized vouchers.

Cyber stalking
`

Ritu Kohli (first lady to register the cyber stalking case) is a victim of cyber-stalking. A friend of her husband gave her phone number and name on a chat site for immoral purposes. A computer expert, Kohli was able to trace the culprit. Now, the latter is being tried for "outraging the modesty of a woman", under Section 509 of IPC.

Cyber defamation
`

SMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra: Indias first case of cyber

defamation was reported when a companys employee (defendant) started sending derogatory, defamatory and obscene e-mails about its Managing Director. The e-mails were anonymous and frequent, and were sent to many of their business associates to tarnish the image and goodwill of the plaintiff company. The plaintiff was able to identify the defendant with the help of a private computer expert and moved the Delhi High Court. The court granted an adinterim injunction and restrained the employee from sending, publishing and transmitting e-mails, which are defamatory or derogatory to the plaintiffs.

Online gambling: virtual casinos, Cases of money laundering

`

Cyber lotto case: In Andhra Pradesh one Kola Mohan created

a website and an email address on the Internet with the address 'eurolottery@usa.net.' which shows his own name as beneficiary of 12.5 million pound in Euro lottery. After getting confirmation with the email address a telgu newspaper published this as news. He gathered huge sums from the public as well as from some banks. The fraud came to light only when a cheque amounting Rs 1.73 million discounted by him with Andhra bank got dishonored.

FIR NO 76/02 PS PARLIAMENT STREET

` `

Mrs. SONIA GANDHI RECEIVED THREATING E-MAILS E- MAIL FROM

` `

missonrevenge84@khalsa.com missionrevenge84@hotmail.com

THE CASE WAS REFERRED ACCUSED PERSON LOST HIS PARENTS DURING 1984 RIOTS

Cyber Crime Online Challenges

Brand exploitation Unauthorized use of trademarks Increased difficulty in managing online distribution channel Sale of counterfeit goods

Current online Environment

` `

Easy to hide in plain sight Easy to confuse customers due to the high quality of digital copies Difficult to track infringements Easy to establish a professional-looking website

` `

Common Forms of Online Threats

Trademark and Brand Infringement Domain Name
` ` ` ` ` ` ` `

Commercial sites (e.g., offensive content or competing companies) Domain name monetization (e.g., click-through advertising) Unhappy consumer sites (e.g., xxx-sucks. COM) (generally, protected) Sale of Counterfeit Goods in Auction Sites Logo, Text, and Meta Tag Use in Commercial Sites Stopping unauthorized parties from using your trademarks Managing partners use of logos and trademarks Protecting against Google bombing

Domain theft
`

Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases, identity theft is used to trick the domain registrar into allowing the hijacker to change the registration information to steal control of a domain from the legitimate owner. Some registrars are quick to set things right when these cases are discovered. However, it is well documented that some registrars will admit no fault in accepting the forged credentials and will refuse to correct the record until forced by legal action. In many of these cases, justice is not done and the hijacker retains control of the domain.

Challenges of Cyber Security

The Environment


Explosion of computer and broadband internet availability (over a billion internet users today). Low priority of security for software developers. Challenge of timely patching vulnerabilities on all systems. Graphical user interface (GUI) based tools that exploit known software vulnerabilities.

  

Electronic World
`

Electronic document produced by a computer. Stored in digital form, and cannot be perceived without using a computer
` ` ` `

It can be deleted, modified and rewritten without leaving a mark Integrity of an electronic document is genetically impossible to verify A copy is indistinguishable from the original It cant be sealed in the traditional way, where the author affixes his signature

The functions of identification, declaration, proof of electronic documents carried out using a digital signature based on cryptography.

Electronic World
` `

Digital signatures created and verified using cryptography Public key System based on Asymmetric keys
`

An algorithm generates two different and related keys

` `

Public key Private Key

` `

Private key used to digitally sign. Public key used to verify.

Public Key Infrastructure

` `

Allow parties to have free access to the signers public key This assures that the public key corresponds to the signers private key
`

Trust between parties as if they know one another

Parties with no trading partner agreements, operating on open networks, need to have highest level of trust in one another

Role of the Government

`

Government has to provide the definition of ` the structure of PKI ` the number of levels of authority and their juridical form (public or private certification) ` which authorities are allowed to issue key pairs ` the extent to which the use of cryptography should be authorised for confidentiality purposes ` whether the Central Authority should have access to the encrypted information; when and how ` the key length, its security standard and its time validity

Section 3 Defines Digital Signatures

` ` `

The authentication to be affected by use of asymmetric crypto system and hash function The private key and the public key are unique to the subscriber and constitute functioning key pair Verification of electronic record possible

Secure digital signature-S.15

`

If by application of a security procedure agreed to by the parties concerned, it can be verified that a digital signature, at the time it was affixed, was: (a) unique to the subscriber affixing it; (b) capable of identifying such subscriber; (c) created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated, then such digital signature shall be deemed to be a secure digital signature

IT Act overview of other relevant provisions

` ` ` `

Section 16- Central Government to prescribe security procedures Sec 17 to 34- Appointment and Regulation of Controller and certifying authority Sec 35 to 39- Obtaining DSC Sec 40 to 42- Duties of Subscriber of DSC- exercise due care to retain the private key

Threats to cyber security- Methods Used To Penetrate Victim Machines

`

Trojan droppers and downloaders injected into pirate software which is distributed via file sharing p2p networks (kazaa, eDonkey etc.)

Exploiting vulnerabilities in MS Windows and popular applications such as IE & Outlook.

Email worms

Password Authentication protocol



Password authentication protocol, sometimes abbreviated PAP, is a simple authentication protocol used to a network access server used for example by internet service provider. PAP is used by point to point protocol. Authentication is a process of validating a user before allowing them access to server resources. Almost all network operating system remote servers support PAP.

10 Ways To Wireless Security

` `

Use encryption - chances are bad guys wont bother breaking it. Use strong encryption - in case they are trying to break it, make it harder for them. Change the default admin password - avoid using password as the password. Turn off SSID broadcasting - dont shout to everybody in the neighborhood "come and try me." Turn off WAP when not in use - do you leave your TV on running when you are not at home?

10 Ways To Wireless Security

`

Change your default SSID - yes, there are at least 50 other linksys stations around, and they are easier to find. Use MAC filtering - you give keys to your home only to trusted people - do the same with the wireless network. Isolate the wireless LAN from the rest of the network - why did you think Titanic sank? Create levels of protection. Control the wireless signal - unless you want to power the whole city, there is no need to use signal amplifiers. Transmit on a different frequency - this is why we havent intercepted the aliens yet

Protection of Personal Information

`

Identifying Purposes:- The purposes for which personal information is

collected shall be identified by the organization at or before the time the information is collected. Accuracy:- Personal information shall be as accurate, complete, and up-todate as is necessary for the purposes for which it is to be used. Safeguards:- Personal information shall be protected by security safeguards appropriate to the sensitivity of the information. Accountability:- An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organizations compliance with the following principles. Openness:- An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.

` ` `

Recommended cyber safety tips

` ` ` ` ` ` ` ` ` `

Use antivirus softwares change passwords frequently insert firewalls Adopt regular scanning against spyware install software patches uninstall unnecessary software separate user accounts maintain backup check security settings Perform IT audits