Cybercrime is criminal activity done using computers and the Internet.

This includes anything from

downloading illegal music files to stealing millions of dollars from online bank accounts. Cybercrime
also includes non-monetary offenses, such as creating and distributing viruses on other computers or
posting confidential business information on the Internet.

Perhaps the most prominent form of cybercrime is identity theft, in which criminals use the Internet
to steal personal information from other users. Two of the most common ways this is done is
through phishing and pharming. Both of these methods lure users to fake websites (that appear to
be legitimate), where they are asked to enter personal information. This includes login information,
such as usernames and passwords, phone numbers, addresses, credit card numbers, bank account
numbers, and other information criminals can use to "steal" another person's identity. For this
reason, it is smart to always check the URL or Web address of a site to make sure it is legitimate
before entering your personal information.

Because cybercrime covers such a broad scope of criminal activity, the examples above are only a
few of the thousands of crimes that are considered cybercrimes. While computers and the Internet
have made our lives easier in many ways, it is unfortunate that people also use these technologies to
take advantage of others. Therefore, it is smart to protect yourself by using antivirus and spyware
blocking software and being careful where you enter your personal information. by

Parthasarathi Pati

. INTRODUCTION: 

The term ‘cyber crime’ is a misnomer. This term has nowhere been defined in any
statute /Act passed or enacted by the Indian Parliament. The concept of cyber crime is not
radically different from the concept of conventional crime. Both include conduct whether
act or omission, which cause breach of rules of law and counterbalanced by the sanction
of the state.

Before evaluating the concept of cyber crime it is obvious that the concept of conventional crime
be discussed and the points of similarity and deviance between both these forms may be
discussed.

 CONVENTIONAL CRIME-

 Crime is a social and economic phenomenon and is as old as the human society. Crime is a legal
concept and has the sanction of the law. Crime or an offence is “a legal wrong that can be
followed by criminal proceedings which may result into punishment.”(1) The hallmark of
criminality is that, it is breach of the criminal law. Per Lord Atkin “the criminal quality of an act
cannot be discovered by reference to any standard but one: is the act prohibited with penal
consequences”. (2)

 A crime may be said to be any conduct accompanied by act or omission prohibited by law and
consequential breach of which is visited by penal consequences.

 CYBER CRIME

 Cyber crime is the latest and perhaps the most complicated problem in the cyber world. “Cyber
crime may be said to be those species, of which, genus is the conventional crime, and where either
the computer is an object or subject of the conduct constituting crime” (13). “Any criminal
activity that uses a computer either as an instrumentality, target or a means for perpetuating
further crimes comes within the ambit of cyber crime”(12) 

A generalized definition of cyber crime may be “ unlawful acts wherein the computer is either a
tool or target or both”(3) The computer may be used as a tool in the following kinds of activity-
financial crimes, sale of illegal articles, pornography, online gambling, intellectual property
crime, e-mail spoofing, forgery, cyber defamation, cyber stalking. The computer may however be
target for unlawful acts in the following cases- unauthorized access to computer/ computer
system/ computer networks, theft of information contained in the electronic form, e-mail
bombing, data didling, salami attacks, logic bombs, Trojan attacks, internet time thefts, web
jacking, theft of computer system, physically damaging the computer system.

 DISTINCTION BETWEEN CONVENTIONAL AND CYBER CRIME-

 There is apparently no distinction between cyber and conventional crime. However on a deep
introspection we may say that there exists a fine line of demarcation between the conventional
and cyber crime, which is appreciable. The demarcation lies in the involvement of the medium in
cases of cyber crime. The sine qua non for cyber crime is that there should be an involvement, at
any stage, of the virtual cyber medium.

REASONS FOR CYBER CRIME:

Hart in his work “ The Concept of Law” has said ‘human beings are vulnerable so rule of law is
required to protect them’. Applying this to the cyberspace we may say that computers are
vulnerable so rule of law is required to protect and safeguard them against cyber crime. The
reasons for the vulnerability of computers may be said to be:

1. Capacity to store data in comparatively small space-

 The computer has unique characteristic of storing data in a very small space. This affords to
remove or derive information either through physical or virtual medium makes it much more
easier. 

2. Easy to access-

The problem encountered in guarding a computer system from unauthorised access is that
there is every possibility of breach not due to human error but due to the complex technology.
By secretly implanted logic bomb, key loggers that can steal access codes, advanced voice
recorders; retina imagers etc. that can fool biometric systems and bypass firewalls can be
utilized to get past many a security system.

3.Complex-

The computers work on operating systems and these operating systems in turn are composed
of millions of codes. Human mind is fallible and it is not possible that there might not be a
lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the
computer system.
 4.Negligence-

 Negligence is very closely connected with human conduct. It is therefore very probable that
while protecting the computer system there might be any negligence, which in turn provides a
cyber criminal to gain access and control over the computer system.

5. Loss of evidence-

 Loss of evidence is a very common & obvious problem as all the data are routinely
destroyed. Further collection of data outside the territorial extent also paralyses this system of
crime investigation.

CYBER CRIMINALS:

The cyber criminals constitute of various groups/ category. This division may be justified on the
basis of the object that they have in their mind. The following are the category of cyber criminals-

1. Children and adolescents between the age group of 6 – 18 years –

The simple reason for this type of delinquent behaviour pattern in children is seen mostly due
to the inquisitiveness to know and explore the things.  Other cognate reason may be to prove
themselves to be outstanding amongst other children in their group. Further the reasons may
be psychological even. E.g. the Bal Bharati (Delhi) case was the outcome of harassment of
the delinquent by his friends.

2. Organised hackers-

These kinds of hackers are mostly organised together to fulfil certain objective. The reason
may be to fulfil their political bias, fundamentalism, etc. The Pakistanis are said to be one of
the best quality hackers in the world. They mainly target the Indian government sites with the
purpose to fulfil their political objectives. Further the NASA as well as the Microsoft sites is
always under attack by the hackers.

3.      Professional hackers / crackers –

Their work is motivated by the colour of money. These kinds of hackers are mostly employed to
hack the site of the rivals and get credible, reliable and valuable information. Further they are ven
employed to crack the system of the employer basically as a measure to make it safer by detecting
the loopholes.

4.       Discontented employees-

  This group include those people who have been either sacked by their employer or are
dissatisfied with their employer. To avenge they normally hack the system of their employee.

 MODE AND MANNER OF COMMITING CYBER CRIME:

1. Unauthorized access to computer systems or networks / Hacking-

 This kind of offence is normally referred as hacking in the generic sense. However the framers of
the information technology act 2000 have no where used this term so to avoid any confusion we
would not interchangeably use the word hacking for ‘unauthorized access’ as the latter has wide
connotation.

2. Theft of information contained in electronic form-

This includes information stored in computer hard disks, removable storage media etc.  Theft
may be either by appropriating the data physically or by tampering them through the virtual
medium.

3. Email bombing-

This kind of activity refers to sending large numbers of mail to the victim, which may be an
individual or a company or even mail servers there by ultimately resulting into crashing. 

4. Data diddling-

This kind of an attack involves altering raw data just before a computer processes it and then
changing it back after the processing is completed. The electricity board faced similar
problem of data diddling while the department was being computerised.

5. Salami attacks-

 This kind of crime is normally prevalent in the financial institutions or for the purpose of
committing financial crimes. An important feature of this type of offence is that the alteration
is so small that it would normally go unnoticed. E.g. the Ziegler case wherein a logic bomb
was introduced in the bank’s system, which deducted 10 cents from every account and
deposited it in a particular account.

6. Denial of Service attack-

The computer of the victim is flooded with more requests than it can handle which cause it to
crash. Distributed Denial of Service (DDoS) attack is also a type of denial of service attack, in
which the offenders are wide in number and widespread. E.g. Amazon, Yahoo.

 7.    Virus / worm attacks-

 Viruses are programs that attach themselves to a computer or a file and then circulate
themselves to other files and to other computers on a network. They usually affect the data on
a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to
attach themselves to. They merely make functional copies of themselves and do this
repeatedly till they eat up all the available space on a computer's memory. E.g. love bug virus,
which affected at least 5 % of the computers of the globe. The losses were accounted to be $
10 million. The world's most famous worm was the Internet worm let loose on the Internet by
Robert Morris sometime in 1988.  Almost brought development of Internet to a complete halt.

8.     Logic bombs-

 These are event dependent programs. This implies that these programs are created to do
something only when a certain event (known as a trigger event) occurs. E.g. even some
viruses may be termed logic bombs because they lie dormant all through the year and
 become active only on a particular date (like the Chernobyl virus).

9.   Trojan attacks-

   This term has its origin in the word ‘Trojan horse’. In software field this means an
unauthorized programme, which passively gains control over another’s system by
representing itself as an authorised programme. The most common form of installing a Trojan
is through e-mail. E.g. a Trojan was installed in the computer of a lady film director in the
U.S. while chatting. The cyber criminal through the web cam installed in the computer
obtained her nude photographs. He further harassed this lady.

10.  Internet time thefts-

Normally in these kinds of thefts the Internet surfing hours of the victim are used up by
another person. This is done by gaining access to the login ID and the password. E.g. Colonel
Bajwa’s case- the Internet hours were used up by any other person. This was perhaps one of
the first reported cases related to cyber crime in India. However this case made the police
infamous as to their lack of understanding of the nature of cyber crime.

11.  Web jacking-

         This term is derived from the term hi jacking. In these kinds of offences the hacker
gains access and control over the web site of another. He may even mutilate or change the
information on the site. This may be done for fulfilling political objectives or for money.
E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the
Pakistani hackers and some obscene matter was placed therein. Further the site of
Bombay crime branch was also web jacked. Another case of web jacking is that of the
‘gold fish’ case. In this case the site was hacked and the information pertaining to gold
fish was changed. Further a ransom of US $ 1 million was demanded as ransom. Thus
web jacking is a process where by control over the site of another is made backed by
some consideration for it.

CLASSIFICATION:

The subject of cyber crime may be broadly classified under the following three groups. They are-

1. Against Individuals 

a. their person &

b. their property of an individual
 

2. Against Organization

a. Government
c. Firm, Company, Group of Individuals.
3. Against Society at large 

 The following are the crimes, which can be committed against the followings group 
Against Individuals: –

i. Harassment via e-mails.

ii. Cyber-stalking.
iii. Dissemination of obscene material.
iv. Defamation.
v. Unauthorized control/access over computer system.
vi. Indecent exposure
vii. Email spoofing
viii. Cheating & Fraud

Against Individual Property: - 

i. Computer vandalism.
ii. Transmitting virus.
iii. Netrespass
iv. Unauthorized control/access over computer system.
v. Intellectual Property crimes
vi. Internet time thefts

Against Organization: -

i. Unauthorized control/access over computer system

ii. Possession of unauthorized information.
iii. Cyber terrorism against the government organization.
iv. Distribution of pirated software etc.

Against Society at large: -

i.     Pornography (basically child pornography).

ii.    Polluting the youth through indecent exposure.
iii.   Trafficking
iv. Financial crimes
v.Sale of illegal articles
vi.Online gambling
vii. Forgery

 The above mentioned offences may discussed in brief as follows:

 1.       Harassment via e-mails- 

              Harassment through e-mails is not a new concept. It is very similar to harassing through
letters. Recently I had received a mail from a lady wherein she complained about the
same. Her former boy friend was sending her mails constantly sometimes emotionally
blackmailing her and also threatening her. This is a very common type of harassment via
e-mails. 

2. Cyber-stalking-

The Oxford dictionary defines stalking as "pursuing stealthily". Cyber stalking   involves
following a person's movements across the Internet by posting messages (sometimes
threatening) on the bulletin boards frequented by the victim, entering the chat-rooms
frequented by the victim, constantly bombarding the victim with emails etc.

  3.       Dissemination of obscene material/ Indecent exposure/ Pornography (basically

child pornography) / Polluting through indecent exposure-

  Pornography on the net may take various forms. It may include the hosting of web site
containing these prohibited materials. Use of computers for producing these obscene
materials. Downloading through the Internet, obscene materials. These obscene matters
may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.
Two known cases of pornography are the Delhi Bal Bharati case and the Bombay case
wherein two Swiss couple used to force the slum children for obscene photographs. The
Mumbai police later arrested them.

 4.   Defamation

It is an act of imputing any person with intent to lower the person in the estimation of the
right-thinking members of society generally or to cause him to be shunned or avoided or
to expose him to hatred, contempt or ridicule. Cyber defamation is not different from
conventional defamation except the involvement of a virtual medium. E.g. the mail
account of Rohit was hacked and some mails were sent from his account to some of his
batch mates regarding his affair with a girl with intent to defame him.

 4.      Unauthorized control/access over computer system-

 This activity is commonly referred to as hacking. The Indian law has however given a
different connotation to the term hacking, so we will not use the term "unauthorized
access" interchangeably with the term "hacking" to prevent confusion as the term used in
the Act of 2000 is much wider than hacking.

 5.      E mail spoofing-

 A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it's
origin to be different from which actually it originates. Recently spoofed mails were sent
on the name of Mr. Na.Vijayashankar (naavi.org), which contained virus.    

 Rajesh Manyar, a graduate student at Purdue University in Indiana, was arrested for
threatening to detonate a nuclear device in the college campus. The alleged e- mail was
sent from the account of another student to the vice president for student services.
However the mail was traced to be sent from the account of Rajesh Manyar.(15) 
  6.   Computer vandalism-

  Vandalism means deliberately destroying or damaging property of another. Thus

computer vandalism may include within its purview any kind of physical harm done to
the computer of any person. These acts may take the form of the theft of a computer,
some part of a computer or a peripheral attached to the computer or by physically
damaging a computer or its peripherals.

 7.  Transmitting virus/worms-

 This topic has been adequately dealt herein above.

  8.  Intellectual Property crimes / Distribution of pirated software-

 Intellectual property consists of a bundle of rights. Any unlawful act by which the owner
is deprived completely or partially of his rights is an offence. The common form of IPR
violation may be said to be software piracy, copyright infringement, trademark and
service mark violation, theft of computer source code, etc.

 The Hyderabad Court has in a land mark judgement has convicted three people and
sentenced them to six months imprisonment and fine of 50,000 each for unauthorized
copying and sell of pirated software. (16)

 9.  Cyber terrorism against the government organization

  At this juncture a necessity may be felt that what is the need to distinguish between
cyber terrorism and cyber crime. Both are criminal acts. However there is a compelling
need to distinguish between both these crimes. A cyber crime is generally a domestic
issue, which may have international consequences, however cyber terrorism is a global
concern, which has domestic as well as international consequences.  The common form of
these terrorist attacks on the Internet is by distributed denial of service attacks, hate
websites and hate emails, attacks on sensitive computer networks, etc.  Technology savvy
terrorists are using 512-bit encryption, which is next to impossible to decrypt. The recent
example may be cited of – Osama Bin Laden, the LTTE, attack on America’s army
deployment system during Iraq war.

Cyber terrorism may be defined to be “ the premeditated use of disruptive activities, or

the threat thereof, in cyber space, with the intention to further social, ideological,
religious, political or similar objectives, or to intimidate any person in furtherance of
such objectives” (4)

  Another definition may be attempted to cover within its ambit every act of cyber
terrorism.

A terrorist means a person who indulges in wanton killing of persons or in

violence or in disruption of services or means of communications essential to the
community or in damaging property with the view to –

(1) putting the public or any section of the public in fear; or

(2) affecting adversely the harmony between different religious, racial, language
 or regional groups or castes or communities; or

(3) coercing or overawing the government established by law; or

(4) endangering the sovereignty and integrity of the nation

and a cyber terrorist is the person who uses the computer system as a means or ends to
achieve the above objectives. Every act done in pursuance thereof is an act of cyber
terrorism.

    10.Trafficking

   Trafficking may assume different forms. It may be trafficking in drugs, human beings,
arms weapons etc. These forms of trafficking are going unchecked because they are
carried on under pseudonyms. A racket was busted in Chennai where drugs were being
sold under the pseudonym of honey.  

11. Fraud & Cheating

 Online fraud and cheating is one of the most lucrative businesses that are growing today in
the cyber space. It may assume different forms. Some of the cases of online fraud and
cheating that have come to light are those pertaining to credit card crimes, contractual crimes,
offering jobs, etc.

Recently the Court of Metropolitan Magistrate Delhi (17) found guilty a 24-year-old engineer
working in a call centre, of fraudulently gaining the details of Campa's credit card and bought a
television and a cordless phone from Sony website. Metropolitan magistrate Gulshan Kumar
convicted Azim for cheating under IPC, but did not send him to jail. Instead, Azim was asked to
furnish a personal bond of Rs 20,000, and was released on a year's probation.

   STATUTORY PROVISONS:

 The Indian parliament considered it necessary to give effect to the resolution by which the
General Assembly adopted Model Law on Electronic Commerce adopted by the United Nations
Commission on Trade Law. As a consequence of which the Information Technology Act 2000
was passed and enforced on 17th May 2000.the preamble of this Act states its objective to legalise
e-commerce and further amend the Indian Penal Code 1860, the Indian Evidence Act 1872, the
Banker’s Book Evidence Act1891 and   the Reserve Bank of India Act 1934.  The basic purpose
to incorporate the changes in these Acts is to make them compatible with the Act of 2000. So that
they may regulate and control the affairs of the cyber world in an effective manner.            

 The Information Technology Act deals with the various cyber crimes in chapters IX & XI. The
important sections are Ss. 43,65,66,67. Section 43 in particular deals with the unauthorised
access, unauthorised downloading, virus attacks or any contaminant, causes damage, disruption,
denial of access, interference with the service availed by a person. This section provide for a fine
up to Rs. 1 Crore by way of remedy. Section 65 deals with ‘tampering with computer source
documents’ and provides for imprisonment up to 3 years or fine, which may extend up to 2 years
or both. Section 66 deals with ‘hacking with computer system’ and provides for imprisonment up
to 3 years or fine, which may extend up to 2 years or both. Further section 67 deals with
publication of obscene material and provides for imprisonment up to a term of 10 years and also
with fine up to Rs. 2 lakhs. (14)

 ANALYSIS OF THE STATUTORY PROVISONS:

The Information Technology Act 2000 was undoubtedly a welcome step at a time when there was
no legislation on this specialised field. The Act has however during its application has proved to
be inadequate to a certain extent. The various loopholes in the Act are-

 1. The hurry in which the legislation was passed, without sufficient public debate, did not   really
serve the desired purpose (6)-

 Experts are of the opinion that one of the reasons for the inadequacy of the legislation
has been the hurry in which it was passed by the parliament and it is also a fact that
sufficient time was not given for public debate.

2. “Cyberlaws, in their very preamble and aim, state that they are targeted at aiding e-
commerce, and are not meant to regulate cybercrime”(6) –

  Mr. Pavan Duggal holds the opinion that the main intention of the legislators has been to
provide for a law to regulate the e-commerce and with that aim the I.T.Act 2000 was
passed, which also is one of the reasons for its inadequacy to deal with cases of cyber
crime.

 At this point I would like to express my respectful dissent with Mr. Duggal. I feel that the
above statement by Mr. Duggal is not fundamentally correct. The reason being that the
preamble does state that the Act aims at legalising e-commerce. However it does not stop
here. It further amends the I.P.C., Evidence Act, Banker’s Book Evidence and RBI Act
also. The Act also aims to deal with all matters connected therewith or incidental thereto. 
It is a cardinal rule of interpretation that “text should be read as a whole to gather the
meaning”. It seems that the above statement has been made in total disregard of this rule
of interpretation.  The preamble, if read as a whole, makes it very clear that the Act
equally aims at legalising e-commerce and to curb any offences arising there from.

3.Cyber torts-

  The recent cases including Cyber stalking cyber harassment, cyber nuisance, and cyber
defamation have shown that the I.T.Act 2000 has not dealt with those offences. Further it
is also contended that in future new forms of cyber crime will emerge which even need to
be   taken care of. Therefore India should sign the cyber crime convention. However the
I.T.Act 2000 read with the Penal Code is capable of dealing with these felonies.

 4.Cyber crime in the Act is neither comprehensive nor exhaustive-

  Mr. Duggal believes that we need dedicated legislation on cyber crime that can
supplement the Indian Penal Code. The contemporary view is held by Mr. Prathamesh
Popat who has stated- "The IT Act, 2000 is not comprehensive enough and doesn't even
define the term 'cyber crime". (8) Mr. Duggal has further commented, “India, as a nation,
has to cope with an urgent need to regulate and punish those committing cyber crimes,
but with no specific provisions to do so. Supporters of the Indian Penal Code School
vehemently argue that IPC has stood the test of time and that it is not necessary to
incorporate any special laws on cyber crime. This is because it is debated by them that the
 IPC alone is sufficient for all kinds of crime. However, in practical terms, the argument
does not have appropriate backing. It has to be distinctly understood that cyber crime and
cyberspace are completely new whelms, where numerous new possibilities and
opportunities emerge by the day in the form of new kinds of
crimes.”(6)                                                     

  I feel that a new legislation on cyber crime is totally unwarranted. The reason is that the
new legislation not come alone but will bring with it the same confusion, the same
dissatisfaction and the same desire to supplant it by further new legislation. Mr. Duggal
has stated above the need to supplement IPC by a new legislation. If that is the issue then
the present legislation along with the Penal Code when read harmoniously and co- jointly
is sufficient to deal with the present problems of cyber crime. Further there are other
legislations to deal with the intellectual property crimes on the cyber space such as the
Patents Act, Copy Right Act, Trade Marks Act.

5.Ambiguity in the definitions-

  The definition of hacking provided in section 66 of the Act is very wide and capable of
misapplication. There is every possibility of this section being misapplied and in fact the
Delhi court has misapplied it. The infamous go2nextjob has made it very clear that what
may be the fate of a person who is booked under section 66 or the constant threat under
which the netizens are till s. 66 exists in its present form.

 Further section 67 is also vague to certain extent. It is difficult to define the term
lascivious information or obscene pornographic information.  Further our inability to deal
with the cases of cyber pornography  has been proved by the Bal Bharati case.       

6. Uniform law-   

   Mr. Vinod Kumar (9) holds the opinion that the need of the hour is a worldwide
uniform cyber law to combat cyber crime. Cyber crime is a global phenomenon and
therefore the initiative to fight it should come from the same level. E.g. the author of the
love bug virus was appreciated by his countrymen.

7.Lack of awareness-

 One important reason that the Act of 2000 is not achieving complete success is the lack
of awareness among the s about their rights. Further most of the cases are going
unreported. If the people are vigilant about their rights the law definitely protects their
right. E.g. the Delhi high court in October 2002 prevented a person from selling
Microsoft pirated software over an auction site. Achievement was also made in the case
before the court of metropolitan magistrate Delhi wherein a person was convicted for
online cheating by buying Sony products using a stolen credit card. (17)

8. Jurisdiction issues-

   Jurisdiction is also one of the debatable issues in the cases of cyber crime due to the
very universal nature of cyber space. With the ever-growing arms of cyber space the
territorial concept seems to vanish. New methods of dispute resolution should give way to
the conventional  methods. The Act of 2000 is very silent on these issues.
9. Extra territorial application-

Though S.75 provides for extra-territorial operations of this law, but they could be
meaningful only when backed with provisions recognizing orders and warrants
for Information issued by competent authorities outside their jurisdiction and measure for
cooperation for exchange of material and evidence of computer crimes between law
enforcement agencies.

10. Raising a cyber army-

 By using the word ‘cyber army’ by no means I want to convey the idea of virtual army,
rather I am laying emphasis on the need for a well equipped task force to deal with the
new trends of hi tech crime. The government has taken a leap in this direction by
constituting cyber crime cells in all metropolitan and other important cities. Further the
establishment of the Cyber Crime Investigation Cell (CCIC) of the Central Bureau of
Investigation (CBI) 11) is definitely a welcome step in this direction. There are man
cases in which the C.B.I has achieved success. The present position of cases of cyber
crime (17) is –

Case 1: When a woman at an MNC started receiving obscene calls, CBI found her
colleague had posted her personal details on Mumbaidating.com.

Status: Probe on

Case 2: CBI arrested a man from UP, Mohammed Feroz, who placed ads offering jobs in
Germany. He talked to applicants via e-mail and asked them to deposit money in his bank
account in Delhi.

Status: Chargesheet not filed

Case 3: The official web-site of the Central Board of Direct Taxes was hacked last year.
As Pakistan-based hackers were responsible, authorities there were informed through
Interpol.

Status: Pak not cooperating.

11. Cyber savvy bench-

 Cyber savvy judges are the need of the day. Judiciary plays a vital role in
shaping the enactment according to the order of the day. One such stage, which
needs appreciation, is the P.I.L., which the Kerela High  Court has accepted
through an email. The role of the judges in today’s word may be gathered by the
statement- judges carve ‘law is’ to ‘law ought to be’. Mr T.K.Vishwanathan,
member secretary, Law Commission , has highlighted  the requirements for
introducing e-courts in India. In his article published in The Hindu he has stated
“if there is one area of Governance where IT can make a huge difference to
Indian public is in the Judicial System”.
12. Dynamic form of cyber crime-
   Speaking on the dynamic nature of cyber crime FBI Director Louis Freeh has
said, "In short, even though we have markedly improved our capabilities to fight
cyber intrusions the problem is growing even faster and we are falling further
behind.”  The (de)creativity of human mind cannot be checked by any law. Thus
 the only way out is the liberal construction while applying the statutory
provisions to cyber crime cases.  
13. Hesitation to report offences-
   As stated above one of the fatal drawbacks of the Act has been the cases going
unreported. One obvious reason is the non-cooperative police force. This was
proved by the Delhi time theft case. "The police are a powerful force today which
can play an instrumental role in preventing cybercrime. At the same time, it can
also end up wielding the rod and harassing innocent s, preventing them from
going about their normal cyber business."(10) This attitude of the administration
is also revelled by incident that took place at Merrut  and Belgam. (for the facts
of these incidents refer to naavi.com). For complete realisation of the provisions
of this Act a cooperative police force is require.

PREVENTION OF CYBER CRIME:

  Prevention is always better than cure. It is always better to take certain precaution while
operating the net. A  should make them his part of cyber life. Saileshkumar Zarkar,
technical advisor and network security consultant to the Mumbai Police Cyber crime Cell,
advocates the 5P mantra for online security: Precaution, Prevention, Protection,
Preservation and Perseverance.  A netizen should keep in mind the following things-

1.to prevent cyber stalking avoid disclosing any information pertaining to oneself.
This is as good as disclosing your identity to strangers in public place.
2.always avoid sending any photograph online particularly to strangers and chat
friends as there have been incidents of misuse of the photographs.
3.always use latest and up date anti virus software to guard against virus attacks.
4.always keep back up volumes so that one may not suffer data loss in case of
virus contamination
5.never send your credit card number to any site that is not secured, to guard
against frauds.
6.always keep a watch on the sites that your children are accessing to prevent any
kind of harassment or depravation in children.
7.it is better to use a security programme that gives control over the cookies and
send information back to the site as leaving the cookies unguarded might prove
fatal.
8.web site owners should watch traffic and check any irregularity on the site.
Putting host-based intrusion detection devices on servers may do this.
9.use of firewalls may be beneficial.
10. web servers running public sites must be physically separate protected from
internal corporate network.

Adjudication of a Cyber Crime - On the directions of the Bombay High Court the
Central Government has by a notification dated 25.03.03 has decided that the Secretary to
the Information Technology Department in each state by designation would be appointed
as the AO for each state.

 CONCLUSION:
  Capacity of human mind is unfathomable. It is not possible to eliminate cyber crime from
the cyber space. It is quite possible to check them. History is the witness that no
legislation has succeeded in totally eliminating crime from the globe. The only possible
step is to make people aware of their rights and duties (to report crime as a collective duty
towards the society) and further making the application of the laws more stringent to
check crime. Undoubtedly the Act is a historical step in the cyber world. Further I all
together do not deny that there is a need to bring changes in the Information Technology
Act to make it more effective to combat cyber crime. I would conclude with a word of
caution for the pro-legislation school that it should be kept in mind that the provisions of
the cyber law are not made so stringent that it may retard the growth of the industry and
prove to be counter-productive.

 REFERENCES:

Loans and Credit > Personal Loans & Debt Consolidation Articles > Cyber Theft: The More Advanced
Method of Identity Theft

Cyber Theft: The More Advanced Method of Identity Theft

View commentsComments

 Share
 Identity theft can happen to the best of us; even the
chairman of the powerful Federal Reserve Board, had his identity stolen in 2008. While credit
card theft and the subsequent fraud linked to it is the basic type of identity theft, there are
even more sinister forms of information theft leading to identity fraud.

One large scale form is the stealing of electronic records or stored data from data breaches of
private businesses and even government agencies. The Privacy Rights Clearinghouse (PRC),
a non-profit consumer advocacy organization, has estimated that well over 350 million
electronic records containing sensitive, personal information have gotten into the wrong
hands since January of 2005. This number is actually a conservative estimate since they do
not count records where they have no idea of the scope of the theft and cannot verify
numbers.
Visiting their Web site and checking out the chronology of data breaches is enlightening, but
also frightening. Two cases involving mass numbers of personal records provide glaring
examples of inadequate security for the electronic storage of records.

Heartland Payment Systems lost 130 million card numbers

In January 2009, Heartland Payment Systems, a payment processing company, disclosed that
their computer records had been hacked into and millions of personal records had been
exposed to cyber theft. This single incident was the result of global cyber-fraud conducted by
mastermind Albert Gonzalez, and two Russian conspirators who admitted later in court that
they had stolen more than 130 million credit and debit card numbers from Heartland and one
other company, the Hannaford Brothers. They had also stolen electronic records from 7-
Eleven and two other national retailers. This may have gone undetected by Heartland if it had
not been for Visa and MasterCard alerting the company of suspicious activity involved in
card transactions that passed through their system.

Health Net Potentially Lost 1.5 million Records of its Members

Health Net, a regional health plan based in Connecticut, had a portable disk drive disappear
last spring. The drive included the personal health records, Social Security numbers, and bank
account numbers for all of Health Net’s 446,000 Connecticut patients and possibly all 1.5
million patients nationally (specifically in Arizona, New Jersey and New York). In January of
this year, the attorney general of Connecticut sued Health Net for failing to adequately secure
patient’s private medical records and financial data. He is also seeking a court order
demanding that portable hard drives or other electronic devices be strongly encrypted to
prevent future theft.
This is quite scary because an individual can do very little to prevent the theft of their
information when companies don’t provide adequate security for electronic storage of
records.

Loans and Credit: Cyber Theft: The More Advanced Method of Identity Theft |
http://www.loansandcredit.com/cyber-theft-the-more-advanced-method-of-identity-theft_2010-02-
26/#ixzz15rDtujJH
http://www.loansandcredit.com/

1. rity
2. » Online Identity Theft
3. » Definition of Identity Cyber Theft

Top 5 To Try

 How to Defend Against Cyber Crime Charges

 Ways to Prevent Cyber Identity Theft
 What Are Cyber Crimes?
 Cyber Theft Laws
 Ways to Advoid Identity Theft

Related Topics

 Identity Theft
 Effects Of Identity Theft

Definition of Identity Cyber Theft

By Steven Miller, eHow Contributor

updated: January 12, 2010

Identity cyber theft is a serious problem in modern society.

Cyber identity theft is the use of computers and communication systems to steal an electronic
copy of information. Stealing this information often goes undetected and rarely, if ever, is the
criminal discovered or apprehended.
 Purpose

1. Cyber thieves who steal personal information online do so to take an individual's personal
information and use the information to create a new identity in which to commit illegal
activities or to use for other purposes.

Illegal Activities

2. There are some cyber thieves who use stolen information to obtain Social Security Numbers
and to commit credit card fraud. Also, some thieves use stolen identities to apply for a job
under the name of another person's identity.

Methods

3. Stealing the information of the individual is accomplished through the use of a computer
and communication devices. Because many computers and communication devices are
connected online, the Internet is the primary way that this is accomplished.

Hackers

4. Hackers use deficiencies in operating systems to infiltrate computers to destroy data and
steal information. Hackers are cyber thieves who steal information for their own illegal
purposes.

Vulnerability

5. According to the Better Business Bureau, because so many people are connected to the
Internet, protecting computers from cyber identity theft is not just a personal issue, it has to
do with protecting our national security.

Read more: Definition of Identity Cyber Theft | eHow.com

http://www.ehow.com/facts_5860930_definition-identity-cyber-theft.html#ixzz15rFe2uYb

HACKING
 This article does not cite any references or sources.
Please help improve this article by adding citations to reliable sources. Unsourced material may be
challenged and removed. (August 2010)

Hacking (English verb to hack, singular noun a hack) refers to the re-configuring or re-
programming of a system to function in ways not facilitated by the owner, administrator, or
designer. The term(s) have several related meanings in the technology and computer science
fields, wherein a "hack" may refer to a clever or quick fix to a computer program problem, or
to what may be perceived to be a clumsy or inelegant (but usually relatively quick) solution
to a problem, such as a "kludge".

The terms "hack" and "hacking" are also used to refer to a modification of a program or
device to give the user access to features that were otherwise unavailable, such as by circuit
bending. It is from this usage that the term "hacking" is often used to refer to more nefarious
criminal uses such as identity theft, credit card fraud or other actions categorized as computer
crime.

Contents
[hide]

 1 History
 2 See also
 3 References
 4 External links

[edit] History

The term "hack" was first used by US university computing centre staff in the mid-1960s.
The context determined whether the complimentary or derogatory meanings were implied.
Phrases such as "ugly hack" or "quick hack" generally referred to the latter meaning; phrases
such as "cool hack" or "neat hack", to the former. In modern computer programming, a
"hack" can refer to a solution or method which functions correctly but which is "ugly" in its
concept, which works outside the accepted structures and norms of the environment, or which
is not easily extendable or maintainable (see kludge). The programmer keeps beating on it
until a solution is found. The jargon used by hackers is called "Hackish" (see the Jargon file).
This should not be confused with "1337" or "leetspeak."

In a similar vein, a "hack" may refer to works outside of computer programming. For
example, a math hack means a clever solution to a mathematical problem. The GNU General
Public License has been described as[who?] a copyright hack because it cleverly uses the
copyright laws for a purpose the lawmakers did not foresee. All of these uses now also seem
to be spreading beyond MIT as well.

On many internet websites and in everyday language the word "hack" can be slang for
"copy", "imitation" or "rip-off."
A DIY musician probes the circuit board of a synthesizer for "bends" using a jeweler's screwdriver
and alligator clips

The term has since acquired an additional and now more common meaning, since
approximately the 1980s; this more modern definition was initially associated with crackers.
This growing use of the term "hack" is to refer to a program that (sometimes illegally)
modifies another program, often a computer game, giving the user access to features
otherwise inaccessible to them. As an example of this use, for Palm OS users (until the 4th
iteration of this operating system), a "hack" refers to an extension of the operating system
which provides additional functionality. The general media also uses this term to describe the
act of illegally breaking into a computer, but this meaning is disputed. This term also refers to
those people who cheat on video games using special software. This can also refer to the
jailbreaking of iPods.

The term is additionally used by electronics hobbyists to refer to simple modifications to

electronic hardware such as a graphing calculators, video game consoles, electronic musical
keyboards or other device (see CueCat for a notorious example) to expose or add
functionality to a device that was unintended for use by end users by the company who
created it. A number of techno musicians have modified 1980s-era Casio SK-1 sampling
keyboards to create unusual sounds by doing circuit bending: connecting wires to different
leads of the integrated circuit chips. The results of these DIY experiments range from
opening up previously inaccessible features that were part of the chip design to producing the
strange, dis-harmonic digital tones that became part of the techno music style. Companies
take different attitudes towards such practices, ranging from open acceptance (such as Texas
Instruments for its graphing calculators and Lego for its Lego Mindstorms robotics gear) to
outright hostility (such as Microsoft's attempts to lock out Xbox hackers or the DRM routines
on Blu-ray Disc players designed to sabotage compromised players).

Hacking is the process of achieving access to a computer or computer network without legal
authorization. It is the most common activity amongst teenagers and young adults. Many
hackers are keen to learn about computers and consider hacking as an art. They want to build
programs to display their problem solving skills and not to harm others. 

A hacker first tries their skills on easy targets and then after successful professional attacks
on more secured sites. Their goal is to have complete access on any computer so that they can
delete, edit or comply any files or directory and also can install any program. 
Computer hackers are employed by
many companies to get complete
access on the computer so that they
can delete, edit, copy any file or install
as their technical staff. These hackers
use their skills to find faults in
company’s security system so that it
can be repaired quickly. Sometimes
hacking also prevents serious identity
related crimes.

It is an offence if hackers steal private

information or changes some financial
or personal data. All the types of
unauthorized access can lead the
hacker towards the prison for 20
years. 

One way of hacking is to get a copy of

password file which stores all
usernames and password in encrypted
form or they can also use brute-force attack trying all the possible combinations of letters.
Hacking is also done by emailing a program to anyone that runs automatically when clicked
on some link or attachment. In this way you can install a program on a computer that can give
you access of that computer. Another method of hacking is IP spoofing. IP spoofing is the
creation of internet protocol packets with the fake IP address in order to conceal the identity
of the sender.   

To protect your computer from hacking, you should install firewalls or other antivirus
programs on the computer and also check for the updating of the machine at regular intervals.

Types of Hacking

Hacking Types

1) Inside Jobs - Most security breeches originate inside the network that is under attack.
Inside jobs include stealing passwords (which hackers then use or sell), performing industrial
espionage, causing harm (as disgruntled employees), or committing simple misuse. Sound
policy enforcement and observant employees who guard their passwords and PCs can thwart
many of these security breeches.

2) Rogue Access Points - Rogue access points (APs) are unsecured wireless access points
that outsiders can easily breech. (Local hackers often advertise rogue APs to each other.)
Rogue APs are most often connected by well-meaning but ignorant employees.
3) Back Doors - Hackers can gain access to a network by exploiting back
doors�'administrative shortcuts, configuration errors, easily deciphered passwords, and
unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find
any weakness in your network.

4) Viruses and Worms - Viruses and worms are self-replicating programs or code fragments
that attach themselves to other programs (viruses) or machines (worms). Both viruses and
worms attempt to shut down networks by flooding them with massive amounts of bogus
traffic, usually through e-mail.

5) Trojan Horses - Trojan horses, which are attached to other programs, are the leading
cause of all break-ins. When a user downloads and activates a Trojan horse, the hacked
software (SW) kicks off a virus, password gobbler, or remote-control SW that gives the
hacker control of the PC.

6) Denial of Service - DoS attacks give hackers a way to bring down a network without
gaining internal access. DoS attacks work by flooding the access routers with bogus traffic
(which can be e-mail or Transmission Control Protocol, TCP, packets).

Distributed DoSs (DDoS5) are coordinated DoS attacks from multiple sources. A DDoS is
more difficult to block because it uses multiple, changing, source IP addresses.

7) Anarchists, Crackers, and Kiddies - Who are these people, and why are they attacking I
your network?

Anarchists are people who just like to break stuff. They usually exploit any target of
opportunity.

Crackers are hobbyists or professionals who break passwords and develop Trojan horses or
other SW (called warez). They either use the SW themselves (for bragging rights) or sell it
for profit.

Script kiddies are hacker wannabes. They have no real hacker skills, so they buy or download
warez, which they launch.

Other attackers include disgruntled employees, terrorists, political operatives, or anyone else
who feels slighted, exploited, ripped off, or unloved.

8) Sniffing and Spoofing - Sniffing refers to the act of intercepting TCP packets. This
interception can happen through simple eavesdropping or something more sinister.

Spoofing is the act of sending an illegitimate packet with an expected acknowledgment

(ACK), which a hacker can guess, predict, or obtain by snooping.

Unlike most computer crime / misuse areas which are clear cut in terms of actions and
legalities (e.g. softwarepiracy), computer hacking is more difficult to define. Computer
hacking always involves some degree of infringement on the privacy of others or damage to
computer-based property such as files, web pages or software. The impact of computer
hacking varies from simply being simply invasive and annoying to illegal. There is an aura of
mystery that surrounds hacking,and a prestige that accompanies being part of a relatively
"elite" group of individuals who possess technological savvy and are willing to take the risks
required to become a true "hacker". An interesting alternative view of how hackers positively
impact areas such as software development and hacker ideology is presented in Technology
and Pleasure: Considering Hacking Constructive.

Even attempting to define the term "hacker" is difficult. Perhaps the premiere WWW
resource in introducing individuals to hacking is the The New Hacker's Dictionary
(http://www.logophilia.com/jargon/jargon_toc.html), a resource which encompasses
everything from hacker slang, jargon, hacker folklore, writing style and speech to general
appearance, dress, education and personality characteristics. According to TheNew Hacker's
Dictionary, a hacker can be defined as:

1. A person who enjoys exploring the details of programmable systems and how to
stretch their capabilities, as opposed to most users, who prefer to learn only the
minimum necessary.
2. One who programs enthusiastically (even obsessively) or who enjoys programming
rather than just theorizing about programming.
3. A person capable of appreciating hack value.
4. A person who is good at programming quickly.
5. An expert at a particular program, or one who frequently does work using it or on it.
6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.
7. One who enjoys the intellectual challenge of creatively overcoming or circumventing
limitations.
8. [deprecated] A malicious meddler who tries to discover sensitive information by
poking around. Hence 'password hacker', 'network hacker'. The correct term for this
sense is cracker.

Even within hacker society, the definitions range from societally very positive (dare I say
characteristic of gifted and talented individuals) to criminal. In his book, "Fighting Computer
Crime: A New Framework for Protecting Information" (1998), Donn B. Parker lists two basic
principles hacker live by:

1. The belief that information sharing is a powerful good and that it is the ethical duty of
hackers to share their expertise by writing free software and facilitating access to
information and to computing resources whenever possible.
2. The belief that system cracking for fun and exploitation is ethically OK as long as the
cracker commits no theft, vandalism or breach of confidentiality.

Parker differentiates between benign and malicious hackers based on whether damage is
performed, though in reality all hacking involves intrusion and a disregard for the efforts,
works and property of others.

Issues
A number of issues arise in considering hacking from the educator perspective. First, we need
to consider the fact that the public perception of hackers is mixed, and that "hacking" and
"being considered a hacker" can be quite appealing to students who are going through
developmental periods in which they are defining themselves, as well as challenging
authority and rules. There is often a Robin Hood mentality to early actions, though it is
unclear exactly who "the poor" are, and how they are "beingcompensated". Second, the
anonymity of actions which hackers perform against others often enhances the severity of
actions. For example, an adolescent who would never consider picking someone's pocket or
physically damaging someone else's property or home, might be quite willing to steal
people's credit card numbers or destroy poorly protected business or government files, since
files and credit card numbers are not tangible entities, and the damage is done anonymously.

The media often presents these individuals in a glamorous light. Adolescents may fantasize
about their degree of technological skills and, lacking the social skills required to be accepted
well by others, move online in search of those who profess to have technological skills the
students desire. A simple search using the term "hacker" with any search engine results in
hundreds of links to illegal serial numbers, ways to downloadand pirate commercial software,
etc. Showing this information off to others may result in the students being considered a
"hacker" by their less technologically savvy friends, further reinforcing antisocial behavior.
In some cases, individuals move on to programming and destruction of other individuals
programs through the writing of computer viruses and Trojan horses, programs which include
computer instructions to execute a hacker's attack. If individuals can successfully enter
computers via a network, they may be able to impersonate an individual with high level
security clearance access to files, modifying or deleting them or introducing computer viruses
or Trojan horses. As hackers become more sophisticated,they may begin using sniffers to
steal large amounts of confidential information, become involved in burglary of technical
manuals, larceny or espionage.

Ways to Minimize Potential for Hacking

There are a number of ways for schools to minimize potential for hacking.

1. Schools need to clearly establish acceptable use policies and delineate appropriate and
inappropriate actions to both students and staff.
2. Students and staff need to instructed regarding hacking, the mentality associated with
it, the consequences of various hacking actions and possible consequences of
interacting and forming online relationships with anonymous individuals who claim to
be proficient in invading others' privacy.
3. The use of filters may be considered in reducing access to unauthorized software
serial numbers and hacking-related materials, newsgroups, chatrooms and hacking
organizations.
4. Teachers need to be aware of student activities in the computer labs and pay special
attention to things they hear in terms of hacking behavior.