The Cyber space is a huge community comprising of billions of users and websites. Users access the cyber space for a variety of reasons, official, business, shopping, study, seeking information, movies, video games, financial transactions, ecommerce etc. This gives reasons to the criminals for malicious practice in the cyber world and take undue advantage. The cyber crime rate is increasing day by day. Due to this, the Cyber Security has become very important. Several laws have been made related to cyber crime and Cyber Cells have also been established in police stations to handle the related issues. The Cyber crime is a great threat in today’s world, security of nation, to someone’s personal data and information, individual security, however, with some basic awareness and security measures, people can safeguard themselves from such crime. It is very important to know about the types of cyber crime, the security measures to be taken and over all be Cyber Aware.
In today’s contemporary world, Information Technology is an emerging vocation, it provides a number of positive implications, in our routine life. Although what happens when some illicit individual decides to use the World Wide Web to conduct some misdemeanour? Internet can be subject various such violations, termed as ‘Cyber Crime’. In this digital era, the rate of cyber-crime has increased manifolds, as such, it is very important that one should be aware of the cyber crime and the laws related thereto.
A report (sponsored by McAfee), published in 2014, estimated that the annual damage to the global economy was $445 billion. Approximately $1.5 billion was lost in 2012 to online credit and debit card fraud in the US. In 2018, a study by Center for Strategic and International Studies (CSIS), in partnership with McAfee, concludes that close to $600 billion, nearly one percent of global GDP, is lost to cybercrime each year.
Cyber-crime is a crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Cyber-crime may threaten a person, company or a nation’s security and financial health.
The cyber-crime and the criminals are growing at a considerable speed. The key reasons for reckless growth of cyber-crime are-
a. No physical visit is required for the crime.
b. Can be committed from anywhere in the world to anywhere in the world.
c. The crime are mostly pre-programmed to execute at a pre decided time, place and target resources as planned.
d. Authorities are not very aware and prepared to handle the crime.
e. Can be executed on many victims at different location simultaneously.
f. Identification of the criminal can be hidden easily.
g. Ignorance of cyber laws
h. Poor practice of cyber safety measures
B. TYPES OF CYBER CRIME
The cyber crime can be classified as under-
1. According to usage of Computer
2. According to type of victim
3. According to the use of internet.
1. According to the usage of Computer-
As per this, the cyber-crime can be divided as under-
i. Computer used for any crime, such as making duplicate certificates, duplicate stamp papers, printing fake currency notes etc.
ii. Crimes targeting the computer/ computer resources viz. virus attack, e-mail bombing, e-mail spoofing, ransomware
iii. Using computer for unauthorised surveillance
2. According to type of victim-
i. Cybercrime against individuals, viz.
2. Cybercrime against property-
3. According to usage of the internet-
This type includes a variety of crimes such as- data theft, phishing, dark net, IPR violation, website defacement, cyber terrorism, spamming, internet forgery, cyber extortion, online gambling, illegal articles trading, cyber pornography, data diddling, email frauds, financial crimes, social networking misuses etc.
C. CYBER CRIME WAYS-
It is important to have the basic knowledge of the ill practice and crime being carried by the cyber criminals. Some of them are-
1. Hacking or Cracking– Hacking is the most common cyber crime. Accessing any computer without the consent is called hacking. The criminals make an unauthorised access to the computer resources/ network by breaking security codes/ passwords. It can for intents such as data theft, greed, publicity, revenge, destruction. The offence is punishable under section 66 of the Information Technology Act, 2000.
2. Denial of Service Attack (DoS)– In DoS attack, the compute system is chocked by sending more inputs at a time than it can handle. If more information are sent at a time, a computer system stops responding and becomes unavailable. This is a publishable offence under section 43F/66 The Information Technology Act, 2000.
3. Cyber stalking– Cyber stalking is unauthorised surveillance by any person on any other person by use of e-mail, instant messaging (IM), messages posted on a website or a discussion group. A cyber stalker targets the victim with threatening/abusive messages and follows them/their activities in the real world. It is used as for harassment and is punishable under section 354D of the Indian Penal Code, 1860.
4. Salami Attacks- It is an economic cyber-crime. Here, the software is so changed that small attacks add up to one major attack or amounts are add up that can go undetected due to the nature of this type of cyber crime. It is also known as salami slicing. Salami Attack is punishable under section 65/66 of the IT Act, 2000.
5. Trojan and key Loggers- An illegal computer programme which gets loaded into the computer secretly and damages the computer data and program. This provide the information from typing/ screen to the cyber-criminal for data stealing. It is punishable under section 43(c )/66 of the IT Act, 2000.
6. Intellectual property Right (IPR) Crime- Intellectual properties viz. trade mark, know how, innovation, design, patents are valuable assets for a business. Software piracy, copyright infringement, trade mark infringement, piracy of source code are some of the examples of intellectual property related crimes. It is punishable under section 65/66 of the IT Act, 2000 and also under the IPR laws.
7. Web Defacement- here, the original web page is replaced with some other page. It is a punishable offence under section 43 and 66 of the IT Act, 2000.
8. Web Jacking- A website is hijacked by cracking its security code/ password. This is done with the motive of getting ransom money from the owner of the website in lieu of releasing the website. It is punishable under section 66 of the IT Act, 2000.
9. Virus/ worm attack- Virus or malware attacks are getting common. These are rogue software programs which spread from one computer to another computer and can damage the data stored. It is punishable under section 43(c )/66 of the IT Act, 2000.
10. Internet Time Theft- It is the unauthorised use of the paid internet or resources by unauthorised person. Punishable under section 43(h)/66 of the IT Act, 2000.
11. Online Gambling- Betting/ gambling is prohibited in many countries including many states of India. There are websites which provide for online gambling, betting irrespective of the prohibition under the local laws. It is punishable crime in India.
12. Ransomware- Ransomware is extremely notorious virus which encrypts data in the computers where it attacks and the data becomes un usable for the user. The criminal demands ransom in the form of crypto currency such as bitcoin to release the data. Some of the ransomware are- Wannacry, Petya, Locky etc.
13. SIM card swapping- The criminals get duplicate Mobile SIM card issued for an existing Mobile SIM by giving fake KYC documents to the operators, thereby receiving all the transaction passwords, OTP on their mobile. Huge financial loss is occurred to the original mobile owner. Offence is punishable under action 66 of the IT Act, 2000.
14. Debit or Credit card data skimming and cloning of ATM Card- Cyber criminals attach a skimming device plus pin hole camera in an ATM machine. The ATM/ debit card when used by the User in an ATM machine, the card information gets collected in the skimming device and the PIN number also gets captured in the pin hole camera. With this information, a clone ATM card is made and is used for withdrawing the money, with the PIN captured in the camera. The offence is punishable under section 66 of the IT Act, 2000.
15. Bot Networks- Bot network is remotely controlled computer network, which is used for remote attacks like DoS, spoofing, phishing etc. Bots are computer programme and work according to their remote controller through control and command centre. Whenever a victim opens a mail loaded with the programme (Torjan), the computer becomes infected and becomes part of the Bot network and the victim computer is controlled completely. This is punishable under section 66 of the IT Act, 2000.
16. Phishing Attack- In phishing, a deceptively similar website is prepared in look and features, and the host the website at a deceptively similar URL. Now emails are sent to the prospective victims with a link containing phishing website. when the customer clicks the link, the deceptive website opens and the customer fills his user name, passwords and other important data in the phishing website. As such the information is passed to the criminal through the phishing website. Phishing is punishable under section 66C/66D of the IT Act, 2000.
17. Spear Phishing– It is an email spoofing attack that targets a specific organisation or individual, the spear phishing is similar to phishing in all other aspects. It is punishable under section 66C/66D of the IT Act, 2000.
18. Local File Inclusion (LFI) Attack– In LFI, some unwanted filed are attached to the files that are already present on the server, through the exploiting of vulnerable inclusion procedures implemented in the application. This is punishable under section 65/ 66 of the IT Act.
19. Man-in-the- Middle (MITM) Attack- MITM is a type of spying where communication between two users is monitored and also modified by an unauthorised party. This offence is punishable under section 66/66C/66D of the IT Act, 2000.
20. Crypto-Currency- Cryptocurrency Exchanges are the platform to buy and sell digital assets like bitcoin. Cyber criminals try to steal the crypto-currencies by various methods. As the exchanges function as the trading platform, they are most vulnerable for cyberattacks for the cryptocurrencies.
D. CYBER FRAUDS AND AWARENESS
A number of cyber frauds are committed every day throughout the world. In most of the case, the victim is ignorant of the Cyber world and the frauds.
There are several kind of Cyber frauds. Its very important to be aware of the frauds. Some of the cyber frauds are-
1. Financial Fraud
2. Data theft
3. Job Fraud
4. Matrimonial Fraud
5. Social Media Platform Frauds
Financial Frauds– With the growth of the digitization, more and more people are using the internet for financial transactions, fund transfer, for payment of bills, Online purchase etc. People often get calls asking for OTP, PIN etc. which results in huge financial losses. Never disclose your OTP, passwords, CVV Number, ATM PIN to any one on phone or in any way. Bank or RBI or banks never ask for the passwords or PIN.
Data theft- In today’s world, the data is a very important commodity and is considered equivalent to gold, oil or any other valuable resource. Individuals’ privacy and their personal data are at risk. Hacking, , identity theft, financial fraud, malware, medical fraud, messages, images, and video and audio recordings are ways of the data theft. One needs to be much conscious about personal and professional data so that it never gets vulnerable to cybercriminals.
Job Frauds- Job websites are used by the job seekers. Sometimes, some very lucrative job offers appear on some website giving very good offer and on making some payment. You can be called for the interview, but later would find that no such company existed and you ended with losing the amount. So, one should be very caution, should verify the vacancy before making any payment, use only verified websites and no company asks for any fee for appearing for the interview.
Matrimonial Frauds- There are number of good matrimonial websites which provides match for youth for life partners. The websites are used by the youth and also by their parents to find a suitable match. However, sometimes it may lead to frauds and a trap. So be caution and always use a trusted website for registration and a background search to be done of the prospective match, make proper enquiry, do not disclose your confidential information, do not share your sensitive photographs.
Social Media frauds- This is the widest spread and anyone using the social media should take some basic safety measures to avoid being trapped, facing frauds.
E. REPORTING OF CYBER CRIME-
The Government of India has established the Indian Cyber Crime Coordination Center (I4C) portal, to report Cyber Crime. The portal facilitate the reporting of all types of cybercrimes, with a special importance on those committed against women and children. The portal also provides an option of reporting an anonymous complaint for reporting online Child Pornography (CP) or sexually explicit content such as Rape/Gang Rape (RGR) content. The link for the portal is https://cybercrime.gov.in.
There are two options for reporting cybercrimes on the portal:
Report Crime related to Women/ Child – Under this section, you can report complaints pertaining to online Child Pornography (CP), Child Sexual Abuse Material (CSAM) or sexually explicit content such as Rape/Gang Rape (CP/RGR) content.
Report Other Cybercrimes – Under this option, you can report complaints pertaining to cybercrimes such as mobile crimes, online and social media crimes, online financial frauds, ransomware, hacking, cryptocurrency crimes and online cyber trafficking.
Information considered as evidence while filing complaint related to cybercrime-
As per the I4C FAQ, the following information can be the evidence while filing complaints-
Once you report the complaints on the Portal, the complaints shall be handled by the concerned State/UT police authorities based on your selection of State/ UT while reporting the complaint. A complaint filed under REPORT WOMEN/ CHILD RELATED CRIME section cannot be withdrawn. Complaint filed under REPORT OTHER CYBER CRIME section can be withdrawn before it is converted into FIR.
Cyber Cells have been established in the Police stations to hand such crimes where Online complaints can be lodged for the crimes such as – email related complaints, Social Media related complaints, Mobile app related complaints, Business email compromise complaints, Data theft complaints, ransomware complaints, Net Banking, ATM related complaints, fake calls frauds, Bitcoin related, cheating, online transactions related etc.
F. HOW TO PROTECT YOURSELF AGAINST CYBERCRIME
One can protect oneself from the dangers of the cyber-crime by taking some simple and basic measures.
– At least 8 characters—the more characters, the better.
– A mixture of both uppercase and lowercase letters.
– A mixture of letters and numbers.
– Including at least one special character, e.g., *&?]
G. Cyber security and role of Professionals
Cybersecurity is protecting your organization’s data, computer system and internet from cyber-attacks. Cyber Security in an organisation includes technologies, processes and practices in the organisation to protect networks, computers, programs, and data from unauthorized access or damage. The strategy is to ensure confidentiality, data integrity and safety. The Professionals can play a great role by taking responsibility of safeguarding the Organisation and the business from the threat of the cyber-crime. The following can be ensured by the professionals for cyber security-
H. SOME INSTANCES OF CYBER CRIME-
In conclusion, one can undoubtedly state the fact that cybercrime is a misdeed, and anyone using cyberspace can be its victim. We also now know all the major types of crimes that one may have to deal with, although in today’s world, offenders and hackers design new advance versions of violation each day, so one can never be too aware in the matter of self-security. Any individual’s precious personal data can be sold for as little as $0.20, up to $15.
Cyber Crime is a serious crime, it breaches someone’s privacy and confidential data and also exposes to financial losses. It involves infringement of human rights as well as of governmental laws. Therefore, one must consistently follow all the precautions discussed earlier, because ‘Prevention is better than cure’, as the well-known saying states.
It is also extremely crucial to spread awareness about cybercrime, as 21% of files aren’t protected (2018 Global Data Risk Report). Along with your computer, it is also important to protect your smart phones, as they contain almost all information.
Even after world class security, anyone can be a victim to an unethical hacker’s play. One such case is of the French President Emmanuel Macron, even after getting the utmost elite security, his emails were hacked.
So, it is not impossible to get victim of cyber crime even after following every measure, but the spread of education and awareness about the topic, can surely help many to be actually ready for the worst cases, and be prepared to fight the crime.
Disclaimer: This article has been prepared in good faith on the basis of information available on the date of publication without any independent verification. The Author does not guarantee or warrant the accuracy, reliability, completeness or currency of the information in this publication nor its usefulness in achieving any purpose. The Author will not be liable for any loss, damage, cost or expenses incurred or arising by reason of any person using or relying on information in this publication. Readers are requested to consult a professional before taking any action.
(Author – Sonika Bharati, FCS, LL.B. is a Company Secretary in Practice based at New Delhi and can be contacted at email@example.com)