cyber crime.pptx
DESCRIPTION
legalTRANSCRIPT
CYBER LAW & CYBER CRIME• Information
Technology Act.• Cyber Law.• Cyber crimes .• Types and Penalties
thereof. • E-commerce and E-
contract. • Internet policy of
Government of India.
By K. VINOTHINI. G. DIVYA.
CYBER LAW
What is Cyber Law?• Cyber Law is the law governing cyber space. Cyber space is a very wide term and includes
computers, networks, software, data storage devices (such as hard disks, USB disks etc), the internet, websites, emails and even electronic devices such as cell phones, ATM machines etc.
• Law encompasses the rules of conduct:1. that have been approved by the government, and 2. which are in force over a certain territory, and 3. which must be obeyed by all persons on that territory.
• Violation of these rules could lead to government action such as imprisonment or fine or an order to pay compensation.
• Cyber law encompasses laws relating to:1. Cyber Crimes 2. Electronic and Digital Signatures 3. Intellectual Property 4. Data Protection and Privacy
Need for Cyber Law
There are various reasons why it is extremely difficult for conventional law to cope with cyberspace. Some of these are discussed below.
1. Cyberspace is an intangible dimension that is impossible to govern and regulate using conventional law.
2. Cyberspace has complete disrespect for jurisdictional boundaries. A person in India could break into a bank’s electronic vault hosted on a computer in USA and transfer millions of Rupees to another bank in Switzerland, all within minutes. All he would need is a laptop computer and a cell phone.
3. Cyberspace handles gigantic traffic volumes every second. Billions of emails are crisscrossing the globe even as we read this, millions of websites are being accessed every minute and billions of dollars are electronically transferred around the world by banks every day.
4. Cyberspace is absolutely open to participation by all. A tenyear-old in Bhutan can have a live chat session with an eightyear-old in Bali without any regard for the distance or the anonymity between them.
5. Cyberspace offers enormous potential.
CYBER LAW AND IT ACT 2000
• Provides legal recognition to electronic documents and a framework to support e-filing and e-commerce transactions and also provides a legal framework to mitigate, check cyber crimes.
• IT Act 2000.• IT (Amendment) Act, 2008.
Information Technology Act, 2000• In India the Information Technology Act, 2000 is the Mother Legislation
that deals with issues related to use of computers, computer systems ,
computer networks and the Internet.
• Information Technology Act, 2000-came into force on 17 October 2000
• amended by the Information Technology (Amendment )Act, 2008.
• Extends to whole of India and also applies to any offence or
contravention there under committed outside India by any person
{section 1 (2)}
Contents of IT act• Penalties and adjudication for various offences
involving computers, computer systems and computer networks..
• Imprisonment and fine for various cybercrimes defined..
• Various cyber offences defined..• Cyber offences to be investigated only by a
Police Officer not bellow the rank of the Inspector (now), Deputy Superintendent of Police(earlier).
Civil Wrongs under IT Act• Chapter IX of IT Act, Section 43• Whoever without permission of owner of the computer
– Secures access (mere U/A access)• Not necessarily through a network
– Downloads, copies, extracts any data– Introduces or causes to be introduced any viruses or
contaminant– Damages or causes to be damaged any computer resource
• Destroy, alter, delete, add, modify or rearrange• Change the format of a file
– Disrupts or causes disruption of any computer resource
CYBER CRIME
• It is a CRIMINAL activity committed on the internet. This is a broad term that describes everything from Electronic cracking to denial of service attacks that cause electronic commerce sites to lose money.
Classification of cyber crimes
• The computer as a target - attacking the computers of others (spreading viruses is an example).
• The computer as a weapon - using a computer to commit "traditional crime" that we see in the physical world (such as fraud or illegal gambling).
• The computer as an accessory - using a computer as a "fancy filing cabinet" to store illegal or stolen information.
Types of Cyber crimes• Hacking• Credit card frauds• Cyber pornography • Sale of illegal articles-narcotics,
weapons, wildlife• Online gambling• Intellectual Property crimes- software
piracy, copyright infringement, trademarks violations, theft of computer source code
• Email spoofing• Forgery• Defamation• Cyber stalking (section 509 IPC)• Phising • Cyber terrorism• Denial of service attack• Virus Disseemination• Software piracy
Common cyber crimesHacking
Computer hacking is when someone modifies computer hardware or software in a way that alters the creator's original intent. People who hack computers are known as hackers. Hackers are usually real technology buffs who enjoy learning all they can about computers and how they work.
SpamThe most common type of cyber crime is spam. While email spam laws are fairly new, there have been laws on the books regarding "unsolicited electronic communication" for many years.
FraudCredit fraud is another common form of cyber crime. Certain computer viruses can log keystrokes on your keyboard and send them to hackers, who can then take your Social Security number, credit card number and home address. This information will be used by the hacker for his own means.
Cyber BullyingHarassment, or cyber bullying, is a growing problem among teenagers. Many countries in Europe and several states in the United States have laws to punish those who consistently harass somebody over the Internet.
Drug Trafficking Believe it or not, drug trafficking is happening over the Internet. Many traffickers use encrypted email or password-protected message boards to arrange drug deals.
Cyber Terrorism There are many forms of cyberterrorism. Sometimes it's a rather smart hacker breaking into a government website, other times it's just a group of like-minded Internet users who crash a website by flooding it with traffic. No matter how harmless it may seem, it is still illegal.
Piracy Far and away the most talked about form of cyber crime is thievery. Yes, downloading music from peer-to-peer websites is illegal and therefore a form of cyber crime.
Penalties
• On first conviction - imprisonment of either description for a term which may extend to three years and with fine which may extend to five lakh rupees.
• Second or subsequent conviction – imprisonment of either description for a term which may extend to five years and also with fine which may extend to ten lakh rupees.
Section 66: Hacking
• Ingredients– Intention or Knowledge to cause wrongful loss
or damage to the public or any person– Destruction, deletion, alteration, diminishing
value or utility or injuriously affecting information residing in a computer resource
• Punishment– imprisonment up to three years, and / or – fine up to Rs. 2 lakh
• Cognizable, Non Bailable,
15
Section 66 covers data theft aswell as data alteration
Sec. 67. Pornography• Ingredients
– Publishing or transmitting or causing to be published – in the electronic form, – Obscene material
• Punishment– On first conviction
• imprisonment of either description up to five years and • fine up to Rs. 1 lakh
– On subsequent conviction • imprisonment of either description up to ten years and • fine up to Rs. 2 lakh
• Section covers– Internet Service Providers,– Search engines, – Pornographic websites
• Cognizable, Non-Bailable, JMIC/ Court of Sessions
Sec 69: Decryption of information• Ingredients
– Controller issues order to Government agency to intercept any information transmitted through any computer resource.
– Order is issued in the interest of the• sovereignty or integrity of India, • the security of the State, • friendly relations with foreign States, • public order or • preventing incitement for commission of a cognizable offence
– Person in charge of the computer resource fails to extend all facilities and technical assistance to decrypt the information-punishment upto 7 years.
Arms ActOnline sale of Arms
Sec. 383 IPCWeb-Jacking
NDPS ActOnline sale of Drugs
Sec 416, 417, 463 IPCEmail spoofing
Sec 420 IPCBogus websites, cyber frauds
Sec 463, 470, 471 IPCForgery of electronic records
Sec 499, 500 IPCSending defamatory messages by email
Sec 503 IPC Sending threatening messages by email
Computer Related Crimes under IPC and Special Laws
18
CASE:FIR NO 76/02 PS PARLIAMENT STREET
CASE:FIR NO 76/02 PS PARLIAMENT STREET
• Mrs. SONIA GANDHI RECEIVED THREATING E-MAILS• E- MAIL FROM
– [email protected]– [email protected]
• THE CASE WAS REFERRED • ACCUSED PERSON LOST HIS PARENTS DURING 1984
RIOTS(1984 anti-Sikh riots)
19
Case: Phishing
• With the tremendous increase in the use of online banking, online share trading and ecommerce, there has been a corresponding growth in the incidents of phishing being used to carry out financial frauds.
• Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details etc) by masquerading as a trusted entity.
Scenario 1: The victim receives an email that appears to have been sent from his bank. The email urges the victim to click on the link in the email. When the victim does so, he is taken to “a secure page on the bank’s website”. The victim believes the web page to be authentic and he enters his username, password and other information. In reality, the website is a fake and the victim’s information is stolen and misused. The law Sections 43 and 66 of Information Technology Act and sections 419, 420 and 468 of Indian Penal Code.
Who is liable?All persons involved in creating and sending the fraudulent emails and creating and maintaining
the fake website. The persons who misuse the stolen or “phished” information are also liable.The motive
Illegal financial gain.Modus Operandi• The suspect registers a domain name using fictitious details. The domain name is usually such that can be
misused for spoofing e.g. Noodle Bank has its website at www.noodle.com The suspects can target Noodle customers using a domain name like www.noodle-bank-customerlogin.com
• The suspect then sends spoofed emails to the victims. e.g. the emails may appear to come from [email protected]
• The fake website is designed to look exactly like the original website.
The Cost of Cybercrime
In India in 2010:
– 29.9 million people fell victim to cybercrime– $4 billion in direct financial losses – $3.6 billion in time spent resolving the crime– 4 in 5 online adults (80%) have been a victim of cybercrime– 17% of adults online have experienced cybercrime on their
mobile phone
Source: Norton Cybercrime Report 2011
Why India?
A rapidly growing online user base
– 121 million internet users – 65 million active internet users, up 28% from
51 million in 2010– 50 million users shop online on ecommerce
and online shopping sites– 46+ million social network users– 346 million mobile users had subscribed to
data packages
Source: IAMAI; Juxt; wearesocial 2011
What kind of cybercrimes?
• The majority of cybercrimes are centered on forgery, fraud and phishing
• India is the third-most targeted country for phishing attacks after the US and the UK
• Social networks as well as ecommerce sites are major targets• 6.9 million bot-infected systems in 2010• 14,348 website defacements in 2010• 6,850 .in and 4,150 .com domains were defaced during 2011• 15,000 sites hacked in 2011• India is the number 1 country in the world for generating spam
What should government tackle?• The police have recorded 3,038 cases but
made only 2,700 arrests in 3 years (between 2007 and 2010)
• India registered only 1,350 cases under the IT Act and IPC in 2010
• 50% of cybercrimes are not even reported
• Why are so few cases are reported and does that mean the legislation is inadequate?
Arrests & Reports under IT Act• Under the IT Act, 966 cybercrime cases were filed in 2010 420
in 2009)• Geographic breakdown of cases reported:
– 153 from Karnataka,– 148 from Kerala – 142 from Maharashtra – 105 Andhra Pradesh – 52 Rajasthan – 52 Punjab
• 233 persons were arrested in 2010• 33% of the cases registered were related to hacking
Source: National Crime Records Bureau
The future of cybercrimes in India
• Continued website hacks and defacements
• Data and information theft
• Increasing phishing attacks on ecommerce and financial websites
• Cybercriminals targeting social and professional networks
• Threats directed at the mobile platform: smartphones and tablets
Better Enforcement initiatives
• Mumbai Cyber lab is a joint initiative of Mumbai police and NASSCOM –more exchange
and coordination of this kind
• Suggested amendments to the IT Act,2000-new provisions for child pornography, etc
• More Public awareness campaigns
• Training of police officers to effectively combat cyber crimes
• More Cyber crime police cells set up across the country
• Effective E-surveillance
• Websites aid in creating awareness and encouraging reporting of cyber crime cases.
• Specialised Training of forensic investigators and experts
• Active coordination between police and other law enforcement agencies and authorities
is required.
Recommendations
1. Firms should secure their networked information.
2. Governments should assure that their laws apply to cyber crimes.
3. Firms, governments, and civil society should work cooperatively to strengthen legal frameworks for cyber security.
E-commerce and E-contract. Internet policy of Government of India.
• Electronic contracts (contracts that are not paper based but rather in electronic form) are born out of the need for speed, convenience and efficiency.
For further Reading…Please refer
• http://www.cyberlawsindia.net/
• http://dict.mizoram.gov.in/uploads/attachments/cyber_crime/intro-indian-cyber-law.pdf
• http://www.iibf.org.in/documents/Cyber-Laws-chapter-in-Legal-Aspects-Book.pdf
E Contract:• http://dict.mizoram.gov.in/uploads/attachments/cyber_crime/electronic-contracts