The Menace of Cyber Crime

For a warrior, nothing is higher than a war against evil. The warrior confronted 
with Such a war should be pleased, Arjuna, for it comes as an open gate to heaven. 
But if You do not participate in this battle against evil, you 
will incur sin, violating your
Dharma and your honour. - Bhagavad-Gita 2.31

The word cyber and its relative dot.com are probably the most commonly used terminologies of the modern era. In the information age the rapid development of computers, telecommunications and other technologies has led to the evolution of new forms of trans-national crimes known as “cyber crimes”. Cyber crimes have virtually no boundaries and may affect every country in the world. They may be defined as “any crime with the help of computer and telecommunication technology”, with the purpose of influencing the functioning of computer or the computer systems. The extent of loss involved worldwide of cyber crimes is tremendous as it is estimated that about 500 million people who use the Internet can be affected by the emergence of cyber crimes. Cyber crimes are a very serious threat for the times to come and pose one of the most difficult challenges before the law enforcement machinery Most cyber crimes do not involve violence but rather greed, pride, or play on some character weakness of the victims. It is difficult to identify the culprit, as the Net can be a vicious web of deceit and can be accessed from any part of the globe. For these reasons, cyber crimes are considered as “white-collar crimes". To understand cyber crime as a significantly new phenomenon, with potentially profoundly new consequences, it is necessary to recognize it as a constituent aspect of the wider political, social and economic reconstructing currently effecting countries worldwide. This new technology not only provides opportunities for the profitable development of an international information market but has also raised the specter of new criminal activities to exploit them. The very technology that enables multinationals to do business more effectively and challenge the individual controls and regulations of nation states, also offers the prospect of globally organized criminal networks. Moreover the free flow of uncensored information on electronic networks and web- sites is as attractive to insurgents and extremist groups as it is to dissidents proclaiming their human rights. Just as crimes have changed with the growth of information technology so have the categories of criminals who engage in such crimes. There are three basic categories of criminals who engage in such crimes, ranging from hackers, information merchants and mercenaries, to terrorists, extremists and deviants.

The Vast Range of Cyber Crimes

Hacking:

It is the most common type of Cyber crime being committed across the world. Hacking has been defined in section 66 of The Information Technology Act, 2000 as follows "whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means commits hacking".

Punishment for hacking under the above mentioned section is imprisonment for three years or fine which may extend Upto two lakh rupees or both. A Hacker is a person who breaks in or trespasses a computer system. Hackers are of different types ranging from code hackers to crackers to cyber punks to freaks. Some hackers just enjoy cracking systems and gaining access to them as an ordinary pastime; they do not desire to commit any further crime. Whether this itself would constitute a crime is a matter of fact. At most such a crime could be equated with criminal trespass.

Security Related Cyber Crimes:

With the growth of the internet, network security has become a major concern. Private confidential information has become available to the public. Confidential information can reside in two states on the network. It can reside on the physical stored media, such as hard drive or memory or it can reside in the transit across the physical network wire in the form of packets. These two information states provide opportunities for attacks from users on the internal network, as well as users on the Internet.

Network Packet Sniffers

Network computers communicate serially where large information pieces are broken into smaller ones. The information stream would be broken into smaller pieces even if networks communicated in parallel. These smaller pieces are called network packets. Since these network packets are not encrypted they can be processed and understood by any application that can pick them off the network and process them. A network protocol specifies how packets are identified and labeled which enables a computer to determine whether a packet is intended for it. The specifications for network protocols such as TCP/IP are widely published. A third party can easily interpret the network packets and develop a packet sniffer. A packet sniffer is a software application that uses a network adapter card in a promiscuous mode (a mode in which the network adapter card sends all packets received by the physical network wire to an application for processing) to capture all network packets that are sent !across a local network. A packet sniffer can provide its users with meaningful and often sensitive information such as user account names and passwords.

IP Spoofing

An IP attack occurs when an attacker outside the network pretends to be a trusted computer either by using an IP address that is within its range or by using an external IP address that you trust and to which you wish to provide access to specified resources on your network. Normally, an IP spoofing attack is limited to the injection of data or commands into an existing stream of data passed between client and server application or a peer to peer network connection.

Password attacks

Password attacks can be implemented using several different methods like the brute force attacks, Trojan horse programmes. IP spoofing can yield user accounts and passwords. Password attacks usually refer to repeated attempts to identify a user password or account. These repeated attempts are called brute force attacks.

Distribution of sensitive internal information to external sources: 
At the core of these security breaches is the distribution of sensitive information to competitors or others who use it to the owners’ disadvantage. While an outside intruder can use password and IP spoofing attacks to copy information, an internal user could place sensitive information on an external computer or share a drive on the network with other users

Man-in-the-middle-attacks

This attack requires that the attacker have access to network packets that come across the networks. The possible use of such attack are theft of information, hijacking an ongoing session to gain access to your internal network resources, traffic analysis to drive information about one’s own network and its users, denial of service, corruption of transmitted data, and introduction of new information into network sessions.

Fraud on The Internet

This is a form of white collar crime. Internet fraud is a common type of crime whose growth has been proportionate to the growth of internet itself. The internet provides companies and individuals with the opportunity of marketing their products on the net. It is easy for people with fraudulent intention to make their messages look real and credible. There are innumerable scams and frauds most of them relating to investment schemes and have been described in detail below as follows: 

Online investment newsletters

Many newsletters on the internet provide the investors with free advice recommending stocks where they should invest. Sometimes these recommendations are totally bogus and cause loss to the investors.

Bulletin boards 
This is a forum for sharing investor information and often fraud is perpetrated in this zone causing loss of millions who bank on them.

E-mail scams
Since junk mail ( E mail which contains useless material ) is easy to create, fraudsters often find it easy to spread bogus investment schemes or spread false information about a company.

Credit card fraud
With the electronic commerce rapidly becoming a major force in national economies it offers rich pickings for criminals prepared to undertake fraudulent activities. In U.S.A. the ten most frequent fraud reports involve undelivered and online services; damaged, defective, misrepresented or undelivered merchandise; auction sales; pyramid schemes and multilevel marketing and of the most predominant among them is credit card fraud.

Something like half a billion dollars is lost to consumers in card fraud alone. Publishing of false digital signature .According to section 73 of the I.T. Act 2000, if a person knows that a digital 
signature certificate is erroneous in certain particulars and still goes ahead and publishes it, is guilty of having contravened the Act. He is punishable with imprisonment for a term that may extend to two years or with fine of a lakh rupees or with both.

Making available digital signature for fraudulent purpose 
This is an offence punishable under section 74 of the above mentioned act, with imprisonment for a term that may extend to two years or with fine of two lakh rupees or with both.

Alteration And Destruction of Digital Information

The corruption and destruction of digital information is the single largest menace facing the world of computers. This is introduced by a human agent with the help of various programmes which have been described in detail below as follows:
Virus Just as a virus can infect the human immunity system there exist programs, which, can destroy or hamper computer systems. A computer virus is a programme designed to replicate and spread, generally with the victim being oblivious to its existence. Computer viruses spread by attaching themselves to programmes like word processor or spreadsheets or they attach themselves to the boot sector of a disk. When an infected file is activated or when the computer is started from an infected disk, the virus itself is also executed.

Pornography on The Net

The growth of technology has flip side to it causing multiple problems in everyday life. Internet has provided a medium for the facilitation of crimes like pornography. Cyber porn as it is popularly called is widespread. Almost 50% of the web sites exhibit pornographic material on the Internet today. Pornographic materials can be reproduced more quickly and cheaply on new media like hard disks, floppy discs and CD-Roms. The new technology is not merely an extension of the existing forms like text, photographs and images. Apart from still pictures and images, full motion video clips and complete movies are also available. Another great disadvantage with a media like this is its easy availability and accessibility to children who can now log on to pornographic web-sites from their own houses in relative anonymity and the social and legal deterrents associated with physically purchasing an adult magazine from the stand are no longer present. Furthermore, there are more serious offences which have universal disapproval like child pornography and far easier for offenders to hide and propagate through the medium of the internet.

The Information and Technology Act 2000 makes the publishing of information which is obscene in electronic form punishable as under:

" Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent Conviction, with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees."

This new law will operate upon anyone who is within its jurisdictional net. Any one within the country or the area of operation of the law who is carrying on a business of cyber porn will be liable under section 67 of the above mentioned Act. Apart from this, a multi-layered governance programme should be ushered in. This will mainly include a mixture of national and international legislations and self imposed regulations by internet service providers and users like parents for their children, hotlines and special organizations to report pornographic content. In this way the balance between the freedom of the individual and the greatest good of the society can be maintained.

cryptography, privacy and national security concerns:

The Internet has provided its users with a new forum to express their views and concerns on a world wide platform. As a necessary corollary to the freedom to communicate and speak is the fact that this must be allowed with as little State interference as possible; in other words, in the absence of State intrusion. This immediately raises the controversial issue of the right to privacy. It can be considered a logical corollary to the freedom of speech and expression. At the same time it is common knowledge that liberty cannot thrive without certain restrictions put on them so that each individual in society can be best protected. The practice of encryption and its study which is known as cryptography provides individuals with means of communication that no third party can understand unless specifically permitted by the communicators themselves. It would therefore seem that this practice is a legitimate utilization of the right to freedom of speech and expression and the right to have a private conversation without intrusion.

Breach of Confidentiality And Privacy Under The Information And Technology Act 2000
According to section 72 of the above mentioned Act, if a person has secured access to any electronic record, book, register correspondence, information, document or other material without the consent of the person concerned and discloses the same to any other person then he shall be punishable with imprisonment upto two years, or with fine which may extend to one lakh rupees, or with both.

Encryption And Cryptography
Encryption is like sending a postal mail to another party with a lock code on the envelope which is known only to the sender and the recipient. This therefore has the effect of ensuring total privacy even in open networks like the internet. Encryption involves the use of secret codes and ciphers to communicate information electronically from one person to another in such a way that the only person so communicating, would know to use the codes and ciphers. The field of cryptography on the other hand deals with the study of secret codes and ciphers and the innovations that occur in the field. It is also defined as the art and the science of keeping messages secure. Thus while encryption is the actual process, cryptography involves a study of the same and is of wider connotation.

The Right To Privacy And Encryption

It is usually agreed upon that in most democracies there do exist private and public spheres in every citizen’s life and that these two spheres are distinct and have to be treated as such. Although the line of distinction is blurred and continues to be the subject of much debate especially with regard to certain subjects such as pornography or the use of narcotics, it is generally agreed that the liberal democratic state has no power to interfere with the private aspect of its citizen’s lives. There is a common misconception that the right to privacy is merely a weapon to ensure confidentiality in human affairs. This however does not present the complete picture. It must be remembered that the right to confidentiality arises only after information regarding human transaction or affairs have reached third parties. It may be said that privacy involves the right to control one’s personal information and the ability to determine it and how that information should be used and obtained. This principle has sometimes been referred to as the right to “informational self-determination". This principle becomes all the more relevant with the onset of the internet and e-commerce. The volume and the varying nature of the transaction carried out on the net are such that the right to privacy must extend at least to a limited extent. At the same time, the very same factors, volume and the nature of transactions also raise the issue of security concerns as to the political, social and economic health of the country. Encryption of the details of our personal transactions would certainly assure us of greater degree of privacy but may also encroach upon the domain of national security concerns and two ends may be said to be in conflict.

Restrictions on Cryptography In India

The use of the cryptography and encryption in India is a relatively new phenomenon. The use of this technology for the purposes of communication has begun only over the last 15-20 years in India. According to a recent report in India there are very few companies involved in the development of cryptography. Further, cryptography remains within the domain of the defense sector. It is only as late as 1995 that India introduced a list of items that required licensing before export. The list only included encryption software for telemetry systems in specific and did not relate to encryption software in general. The Information and Technology Act 2000 seeks to introduce some sort of control over the use of encryption for communication in India.

Conclusion
The internet is analogous to the high seas. No one owns it, yet people of all nationalities use it. It would perhaps be ideal if unification of internet laws could be so achieved so as to minimize the discrepancies in application of such laws. This is vital considering the growth of commercial activities on the internet. Changes need to be made to the existing Information and Technology Act 2000 in order to combat the numerous problems caused by the internet.

There is one spectacle grander than the sea, that is the sky, there is one
spectacle grander than the sky, 
that is the interior soul - Victor Hugo

The author can be reached at: [email protected] / Print This Article

More Articles:
Cyber Law
Copyright of Software
Cyber Squatting- Clear and Present Danger
I.T. Act -  Amendments

Follow the Procedure Below To Submit Your Articles

Submit your Article by using our online form Click here
Note* we only accept Original Articles, we will not accept Articles Already Published in other websites.
For Further Details Contact: [email protected]

Divorce by Mutual Consent in Delhi/NCR

Right Away Call us at Ph no: 9650499965

Articles of Yesteryears

Click on the link Below to check articles submitted in previous years:
Law Articles 2017 - Law Articles 2016 - Law Articles 2015 - Law Articles 2014 - Law Articles 2013 - Law Articles 2012 - Law Articles 2011 - Law Articles 2010 - Law Articles 2009 - Law Articles 2008 - Articles 2007 - Law Articles 2006 - Law Articles 2000-05 - Archive