Awareness in the fields of IT, Space, Computers,

Date: January 22, 2015

Cyber law virus. NeGP Malware

Question- What is cyber crime? what types of cyber security threats are there? also explain India's attempts to tackle these issues?

Answer-

Cybercrimes consist of specific crimes dealing with computers and networks, such as hacking, phishing and the facilitation of traditional crime through the use of computers (child pornography, hate crimes, telemarketing/internet fraud). A brief introduction to some common cyber related violations, or cybercrimes as they are more commonly referred to are discussed below:

Hacking Hacking in simple terms means an illegal intrusion into a computer system and/or network. There is an equivalent term to hacking i.e. cracking, but from Indian legal perspective there is no difference between the term hacking and cracking. Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer.

Cyber Stalking This term is used to refer to the use of the internet, e-mail, or other electronic communications devices to stalk another person. Cyber stalking can be defined as the repeated acts of harassment or threatening behaviour of the cyber-criminal towards the victim by using internet services.

Denial of Service This is a technology driven cyber intrusion, where by the influencer floods the bandwidth or blocks the user’s mails with spam mails depriving the user, access to the Internet and the services provided therefrom. A DoS Attack (as it is commonly known) can be perpetrated in a number of ways.

Dissemination of Malicious Software (Malware) Malware is defined as a software designed to perform an unwanted illegal act via the computer network. It could be also defined as software with malicious intent. Malware can be classified based on how they get executed, how they spread, and/or what they do. Some of them are discussed below.

a) Virus A virus is a program that can infect other programs by modifying them to include a possible evolved copy of itself. A virus can spread throughout a computer or network using the authorization of every user using it to infect their program. Every program so infected may also act as a virus and thus the infection grows. Viruses normally affect program files, but in some cases they also affect data files disrupting the use of data and destroying them completely.

b) Worms Worms are also disseminated through computer networks, unlike viruses, computer worms are malicious programs that copy themselves from system to system, rather than infiltrating legitimate files. For example, a mass mailing e-mail worm is a worm that sends copies of itself via e-mail. A network worm, on the other hand makes copies of itself throughout a network, thus disrupting an entire network.

c) Trojans Trojan is another form of Malware, trojans do things other than what is expected by the user. Trojan or trojan horse is a program that generally impairs the security of a system. Trojans are used to create back-doors (a program that allows outside access into a secure network) on computers belonging to a secure network so that a hacker can have access to the secure network.

Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.

d) Hoax Hoax is an e-mail that warns the user of a certain system that is harming the computer. The message thereafter instructs the user to run a procedure (most often in the form of a download) to correct the harming system. When this program is run, it invades the system and deletes an important file.

e) Spyware Spyware invades a computer and, as its name implies, monitors a user’s activities without consent. Spywares are usually forwarded through unsuspecting e-mails with bonafide e-mail i.ds. Spyware continues to infect millions of computers globally.

 Phishing Phishers lure users to a phony web site, usually by sending them an authentic appearing e-mail. Once at the fake site, users are tricked into divulging a variety of private information, such as passwords and account numbers.

E-mail spamming/ e-mail bombing Spam refers to sending of unsolicited messages in bulk. Technically, it overflows the limited-sized memory by excessively large input data. In relation to e-mail accounts, it means bombing an e-mail account with a large number of messages maybe the same or different messages

Spam is an unsolicited message requiring one’s time and effort to get rid off. A regular supply of such spam messages would naturally result in considerable annoyance. It would also directly hamper the interest of the user in his electronic mailbox where he does not expect any interference and encroachment. The result, apart from loss of Internet working hours and thwarting one’s regular e-mail stream, could be one of mental agony and distress.

India's attempt-

The government has conducted several awareness and training programmes on cyber crimes for law enforcement agencies including those on the use of cyber Forensics Software packages and the associated procedures with it to collect digital evidence from the scene of crime.

Special training programmes have also been conducted for the judiciary to train them on the techno-legal aspects of cyber crimes and on the analysis of digital evidence presented before them. Both the CBI and many state police organizations are today geared to tackle cybercrime through specialised cyber crime cells that they have set up.

Cyber security initiatives and projects in India are very less in numbers. Even if some projects have been proposed, they have remained on papers only.

The list is long but sufficient is to talk about the projects like National Critical Information Infrastructure Protection Centre (NCIPC) of India, National Cyber Coordination Centre (NCCC) of India, Tri Service Cyber Command for Armed Forces of India, Cyber Attacks Crisis Management Plan Of India, etc. None of them are “Coordinating” with each other and all of them are operating in different and distinct spheres. Recently, the National Technical Research Organization (NTRO) was entrusted with the responsibility to protect the critical ICT infrastructures of India.
India has already launched e-surveillance projects like National Intelligence Grid (NATGRID), Central Monitoring System (CMS), Internet Spy System Network and Traffic Analysis System (NETRA) of India, etc. None of them are governed by any Legal Framework and none of them are under Parliamentary Scrutiny. Thus, these projects are violate of Civil Liberties Protection in Cyberspace and provisions of

National Informatics Centre (NIC) has been formed which provides network backbone Manages IT services, E -GOV initiatives to central and state governments.