Archive for February 2016
6 Statistics that Prove You Need Application Security Training
As well as protecting your applications and the sensitive
data they contain, improving your application security can save your
organisation a great deal of time and expense.
Good application security training is a crucial first
step to improving your organisation’s application security. Today,
I’m looking at 6 statistics that demonstrate why application security training
is essential for protecting your organisation and its data.
1) At Least 70% of Vulnerabilities Exist in the
Application Layer
Gartner has estimated that
70% of all vulnerabilities are caused by poor application security – and other
researchers have estimated the figure to be as high as 90%.
While many organisations
assume that the network layer of their infrastructure is the primary source of
security vulnerabilities, it’s actually the application layer that poses the
biggest threat.
2) Only 1 in 40 Web Applications has a Web Application
Firewall
Web application firewalls (WAFs) inspect all traffic
flowing to web applications for common attacks, such as cross-site scripting, SQL injection, and command
injection.
Despite WAFs being able to
detect many of the most common web application vulnerabilities, on average only
1 in 40 applications in a recent study was found to use a web application
firewall to protect against common attacks.
3) 71% of Developers Believe Security is Not Addressed
During the SDLC
The sooner you catch a
vulnerability during the SDLC, the easier (and cheaper) it is to fix.
Despite the exponentially
growing cost and complexity of fixing application vulnerabilities after
deployment, more than two thirds of developers believe that their organisations
make no efforts to address security during the development life-cycle.
4) Only 22% of Developers Have Any Role in Testing
Application Security
Less than a quarter of
software developers have any active role in testing application security during
the SDLC.
This is because in most
organisations, security is a separate department and
the development team has very little security knowledge, making it harder to identify
and remediate vulnerabilities, and prevent them from making it into
the finished product.
5) 47% of Developers Have No Mandate to Fix Vulnerable
Code
Even worse: once a
vulnerability is detected, almost half of developers lack the authority to fix them.
Instead it is normally passed over to the security team, making the remediation
process longer and allowing more time for the vulnerability to be exploited.
If security isn’t
prioritised during the SDLC and developers aren’t involved in security testing
for their applications, they will make the same mistakes over and over, and
without mandate to remediate these vulnerabilities, this can cause significant
friction between your development and security teams.
6) 89% of Application Vulnerabilities Are in the Software
Code
This is compared with only
11% that are caused by application misconfiguration. This highlights the importance of educating your development team in secure coding best practices, to guard
against the most common application vulnerabilities such as those listed in the OWASP Top 10.
By teaching your developers
defensive coding, your organisation can reduce vulnerabilities at the source,
reducing the number of mistakes and loopholes that make it into the finished
code.
Saturday, February 27, 2016
Posted by Sivapriya
Top 10 Skills Required to Become a Pro-Hacker
The term hacker literally means a person who uses computers in order to get unauthorized access to data. Hacking is not crime unless and until you do it to get unauthorized access. In this article, you will see the skills required to become a pro-hacker. Stealing data and hacking into networks are not the only things that hacker does. The skills mentioned below can also help you to tackle with hackers who do hacking to obtain unauthorized access data.
Top 10 Skills Required to Become a Pro-Hacker
#1 Basic Computer Skills
You may laugh at this skill, however it is very necessary for a hacker to get strong hold on the functioning of the computer. Also you must be able to use the command line in Windows and editing the registry and setting own networking parameters.
#2 Networking Skills
The skills mentioned below will be really helpful for those persons wishing to become hackers as these skills will help them to understand about its functioning.
DHCP, NAT, Subnetting, IPv4, IPv6, Public v Private IP, DNS, Routers and switches, VLANs, OSI model, MAC addressing, ARP.
#3 Linux Skills
No Doubt, Linux is the most favorite operating system of hackers. Almost all the tools that we use as being as a hacker are developed for Linux. It has more potential that hacker requires but are not available on Windows. That’s why hacker prefer to use Linux Operating System.
#4 Wireshark
Wireshark is open source packet analyzer and available for free. It is particularly used for network troubleshooting, analysis, software and communications protocol development as well as in Education.
#5 Virtualization
It literally means the making of virtual version of something like operating system, server, storage device or network resources. It helps in testing the hack that is going to take place before making your hack go live and it also helps to test and revise the hacks before making it go live.
#6 Security Concepts
It is also vital skill in order to understand security concepts as well as technologies. Person having strong hold on security can control the barriers set by security administrators. It is also important for a hacker to learn skills like Public Key Infrastructure (PKI), Secure Sockets Layer (SSL), Intrusion Detection System (IDS), Firewalls and more. If you are learner in hacking, you can get most of these skills in a security course like Security +.
#7 Wireless Technologies
Wireless Technology literally means the procedure of sending information via invisible waves in the air. Persons who wish to hack wireless devices must first understand the functioning of it. So you must learn encryption algorithm like WEP, WPA, WPA2, the four way handshake and WPS. Moreover you can also learn and understand things like protocol for connection and authentication as well as restrictions on wireless technologies.
#8 Scripting
It is considered as important skill in order to become a pro-hacker because if any hacker is using tools of other hacker, he/she will be dis-rated for using them. Also, security administrators are vigilant about the hacking attempt and they come with new tool in order to cope with hackers.
#9 Database
Database is a structured set of data present in computer and which is accessible in numerous ways. For those hacker’s who wish to hack database, then it is necessary for them to understand the functioning of the databases. It consists of SQL Language. It is better to understand the big DBMS like Oracle, MySQL or Oracle.
#10 Web Applications
Web Applications is software which you use on the Internet via your Web Browser. It has been witnessed that web applications have also became a prime target of the hackers since the last few years. You will be be victorious in your task if you understand the functioning of web applications and the databases backing them. Moreover it will also help you to make your own website for the purpose of phishing or other.
Why Android Malware is worse than you thought.
The future will not only
be about thinner, faster, and bendable smartphones, but it will definitely also
be about security and bigger online threats.
Let’s imagine a scenario
where you don’t need to take photos any more because Google will simply choose
the best pictures from a live stream of the day’s events just to make your life
easier.
Soon you won’t even need
to decide what to eat, your Android phone will know exactly what you need and
what you like, showing you the most suitable foods for your age.
But there’s so much hype
around the future of Android that we forget to see the obvious threats, the
alarmingly increasing number of Android malware, and the criminal activities
carried out on smartphones.
According to a recent
International Data Corporation (IDC) study, one out of every one hundred mobile
devices (1.4%) on the global market was infected with malware in Q2 2015.
The same study reveals
that vendors shipped a total of 334.4 million smartphones worldwide in the
first quarter of 2015 and Android dominated the market with a 78% share. That’s
a lot of Android phones affected by malware!
0.2% of the devices in
the U.S. were infected with malware in the second quarter of 2015. Of the 0.2%
infected devices, more than half (62%) were infected with malware aimed at
stealing the user’s personal data.
Privacy-stealing malware
can get a wide range of personal information and data from your Android device,
including contacts, locations, pictures, and login credentials for your online
banking.
Using this type of
malware, hackers can easily gain access to your bank account data and use it to
carry out criminal acts on your behalf or sell your info on the black market.
This is not a spy movie we’re talking about, this is a very common scenario in
2016, anywhere in the world.
The good thing is that
Google has been constantly making security improvements to the Android
platform. The number of vulnerabilities that affect the OS compared to PC
platforms is really small. But the customizable nature of the OS still leaves
the door open to security breaches.
Guess where that leaves
your Android smartphone security? That’s right, in your own hands. Every click
counts!
Here are 5 must-follow
tips to protect your Android device from malware:
- Stop exposing yourself to bad
apps in unofficial stores. Always get the latest apps from official Google
& partner stores.
- A good Antivirus is a must on
your phone.
- Don’t be afraid of all the
updates your phone asks for from time to time. They can be a life saver.
- Use a VPN when making online
payments using public WiFi.
- Beware of data-pulling adware.
Install an ad blocker or at least an ad tracker.
No doubt that Android is here to
stay and dominate the smartphone market and we’re really excited about the
future of Android technology.
To Know more about Mobile Security.
Our Institute Location:
Redback IT Solutions
Private Limited,
#AL 24 TNHB PHASE III,
Sathuvacheri,( Near
Vallalar Water Tank)
Vellore. 632602
Contact :
Training Coordinator
8189985551
Cyber Crime & How to Protect Yourself From Them
Cyber Crime and How to
Protect Yourself from Them
As Internet usage is growing daily the world
is coming closer. The World Wide Web sounds like a vast phenomenon but
surprisingly one of its qualities is bringing the world closer making it a
smaller place to live in for its users. However, it has also managed to create
another problem for people who spend long hours browsing the Cyber World –
which is cyber crimes.
While law enforcement agencies are trying to tackle this
problem, it is growing steadily and many people have become victims of hacking,
theft, identity theft and malicious software. One of the best ways to avoid
being a victim of cyber crimes and protecting your sensitive information is by
making use of impenetrable security that uses a unified system of software and
hardware to authenticate any information that is sent or accessed over the
Internet. However, before you can understand more about this system, let us
find out more about cyber crimes.
Types of Cyber Crimes
When any crime is committed over the Internet
it is referred to as a cyber crime. There are many types of cyber crimes and
the most common ones are explained below:
Hacking: This is a type of crime wherein a person’s computer is
broken into so that his personal or sensitive information can be accessed. In
the United States, hacking is classified as a felony and punishable as such.
This is different from ethical hacking, which many organizations use to check
their Internet security protection. In hacking, the criminal uses a variety of
software to enter a person’s computer and the person may not be aware that his
computer is being accessed from a remote location.
Theft: This crime occurs when a person violates copyrights and
downloads music, movies, games and software. There are even peer sharing
websites which encourage software piracy and many of these websites are now
being targeted by the FBI. Today, the justice system is addressing this cyber
crime and there are laws that prevent people from illegal downloading.
Cyber Stalking: This is a kind of online harassment
wherein the victim is subjected to a barrage of online messages and emails.
Typically, these stalkers know their victims and instead of resorting to
offline stalking, they use the Internet to stalk. However, if they notice that
cyber stalking is not having the desired effect, they begin offline stalking
along with cyber stalking to make the victims’ lives more miserable.
Identity Theft: This has become a major problem with
people using the Internet for cash transactions and banking services. In this
cyber crime, a criminal accesses data about a person’s bank account, credit
cards, Social Security, debit card and other sensitive information to siphon
money or to buy things online in the victim’s name. It can result in major
financial losses for the victim and even spoil the victim’s credit history.
Malicious Software: These are Internet-based software or
programs that are used to disrupt a network. The software is used to gain
access to a system to steal sensitive information or data or causing damage to
software present in the system.
Child soliciting and Abuse: This is also a type of cyber crime
wherein criminals solicit minors via chat rooms for the purpose of child
pornography. The FBI has been spending a lot of time monitoring chat rooms
frequented by children with the hopes of reducing and preventing child abuse
and soliciting.
Causes of Cyber Crime
Wherever the rate of return on investment is
high and the risk is low, you are bound to find people willing to take
advantage of the situation. This is exactly what happens in cyber crime.
Accessing sensitive information and data and using it means a rich harvest of
returns and catching such criminals is difficult. Hence, this has led to a rise
in cyber crime across the world.
History of Cyber Crime
When computers and networks came into being in
the 1990s, hacking was done basically to get more information about the
systems. Hackers even competed against one another to win the tag of the best
hacker. As a result, many networks were affected; right from the military to
commercial organizations. Initially, these hacking attempts were brushed off as
mere nuisance as they did not pose a long-term threat. However, with malicious
software becoming ubiquitous during the same period, hacking started making
networks and systems slow. As hackers became more skillful, they started using
their knowledge and expertise to gain benefit by exploiting and victimizing
others.
Cyber Crime in Modern Society
Today, criminals that indulge in cyber crimes
are not driven by ego or expertise. Instead, they want to use their knowledge
to gain benefits quickly. They are using their expertise to steal, deceive and
exploit people as they find it easy to earn money without having to do an
honest day’s work.
Cyber crimes have become a real threat today
and are quite different from old-school crimes, such as robbing, mugging or
stealing. Unlike these crimes, cyber crimes can be committed single handedly
and does not require the physical presence of the criminals. The crimes can be
committed from a remote location and the criminals need not worry about the law
enforcement agencies in the country where they are committing crimes. The same
systems that have made it easier for people to conduct e-commerce and online
transactions are now being exploited by cyber criminals.
Categories of Cyber Crime
Cyber crimes are broadly categorized into
three categories, namely crime against
1. Individual
2. Property
3. Government
Each category can use a variety of methods and
the methods used vary from one criminal to another.
Individual: This type of cyber crime can be in the form of cyber
stalking, distributing pornography, trafficking and “grooming”. Today, law
enforcement agencies are taking this category of cyber crime very seriously and
are joining forces internationally to reach and arrest the perpetrators.
Property: Just like in the real world where a criminal can steal and
rob, even in the cyber world criminals resort to stealing and robbing. In this
case, they can steal a person’s bank details and siphon off money; misuse the
credit card to make numerous purchases online; run a scam to get naïve people
to part with their hard earned money; use malicious software to gain access to
an organization’s website or disrupt the systems of the organization. The
malicious software can also damage software and hardware, just like vandals
damage property in the offline world.
Government: Although not as common as the other two categories, crimes
against a government are referred to as cyber terrorism. If successful, this
category can wreak havoc and cause panic amongst the civilian population. In
this category, criminals hack government websites, military websites or
circulate propaganda. The perpetrators can be terrorist outfits or unfriendly
governments of other nations.
How to Tackle Cyber Crime
It has been seen that most cyber criminals
have a loose network wherein they collaborate and cooperate with one another.
Unlike the real world, these criminals do not fight one another for supremacy
or control. Instead they work together to improve their skills and even help
out each other with new opportunities. Hence, the usual methods of fighting
crime cannot be used against cyber criminals. While law enforcement agencies
are trying to keep pace with cyber criminals, it is proving to be a Herculean
task. This is primarily because the methods used by cyber criminals and
technology keeps changing too quickly for law enforcement agencies to be
effective. That is why commercial institutions and government organizations
need to look at other methods of safeguarding themselves.
Redback Cyber Security Council offers a way to
keep all information confidential by using safe and secure domains that cannot
be tracked or accessed. This security solution can be used by commercial and
governmental organization to ensure an impenetrable network while still making
sure that users can get access to the required information easily.
Wednesday, February 17, 2016
Posted by Sivapriya
10 Online Activities That can get you Arrested in some part of the world.
Any of these 10 online activities could land you in jail in some part of the world.Internet is the unrestricted realm for its users. It brings you latest information, allows you to share movies, images and music without any limits, allows you to communicate in a split second. It has many other advantages. But their are some disadvantages that come with it in some countries.
Particularly if you dont follow certain rules and regulations laid down by these countries while using the Internet. Cyber crimes also increased, if anyone is seen violating rules of Internet, he/she may be put behind the bars. So, see the below activities that can get you arrested.
#1 Have an Open Wi-Fi
Keeping your WiFi Open and not keeping it password protected can sometimes land you in prison. Your open Wi-Fi connection can be used by criminals or terrorists without your knowledge and this can land you in trouble with the law in almost any country. This happened with a person name Barry Covert whose open WiFi was used by his neighbor to access child pornography websites. Though, police arrested his neighbour when they found nothing incriminating on Barry’s computer, he had to face the police for a month before the correct person was arrested. It is always better to password protect your Wi-Fi with WEP, WPA (WPA-Personal), and WPA2 (Wi-Fi Protected Access version 2).
#2 Deleting Your Search History
Sometimes erasing your search history can also land you behind the bars. This happened in United States, when a person namely David Kernell was arrested for deleting information on his computer. A University of Tennessee student, Kernell was being investigated by federal authorities for allegedly hacking Yahoo Account of the then vice presidential candidate, Sarah Palin.
India to had brought about laws making it mandatory for users to save their history for 3 months. But the same was scrapped after there was huge public outcry against it.
#3 Offensive Messages or Tweets
Making offensive posts or tweets can land you in trouble in any part of the world. Two persons from United States,Leigh Van Bryan aged 26 and Emily Bunting aged 24 tweeted about their journey “Free this week for a quick gossip/prep before I go and destroy America”. Their passports were seized when they arrived in US. They were interrogated for about five hours on doubt of committing crimes. Bryan and Bunting tried to convince the police that “Destroying” was a British slang for “Partying.”
#4 Using VOIP services
This issue is country specific and only limited to Ethiopia. Using VOIP services like Skype is strictly prohibited in Ethiopia and can land you in prison. The country’s new telecommunications law strictly prohibits VOIP services, which consist of audio and video communication and transfer of information over VOIP clients. We advise you that if you are citizen or tourist of Ethiopia then don’t even dare to use Skype.
#5 Dancing in a Video
This is a serious offence in Iran. In fact, six persons were arrested for dancing to a video from Pharrell Williams song “Happy”. The Iranian judiciary found them guilty and they received 91 lashes as well as year’s prison sentence. Though later, the sentences were suspended and they got of after three months. In another case, three men and three women were seen dancing on the road and on rooftops in Tehran were also arrested.
A youth was jailed in Russia for 15 days and two women were jailed for 10 days after they were found to be allegedly dancing and making a video near a Second World War memorial.
Syria is now a battlefield between different warring factions for control of territory. Even then, commenting on the Internet is a crime in Syria. Human Rights Watch reported that in 2007, Syrian authorities arrested two person and they were shifted to unknown place, apparently for offering their comments about the censorship in Syria on a website.
#7 Translating Articles
Translating banned books can land you in jail in any country. Thailand authorities arrested an American citizen who translated an article on his blog. The article was termed as “offensive to the autocracy” by the Thai authorities who consider their King as a supreme being. Even posting on Facebook/tweeting against the King can land you in jail in the Lese Majeste laws.
In Indonesia, a person was put behind the bars for two years after he posted “God does not Exist” on “Facebook”.
Online gambling is banned in many countries across the globe. Similarly online gambling can land you behind the bars. This includes if you organize gambling or playing online games like Poker, Blackjack etc.
#9 File Sharing
File sharing is a contentious issue. In some countries you are free to share movies, images or files without the worry of the law but in many countries it is illegal to share pirated content. In some places even downloading torrents is considered as being unlawful.
#10 Posting Lyrics on Facebook
This may have happened only once. Unites States authorities arrested rapper and school student, Cameron D’Ambrosio was arrested for posting rap lyrics on Facebook. The police allege that D’Ambrosio made terrorist threats under the garb of rapping. Prosecutors sought to charge D’Ambrosio with threats to make a bomb or hijack a vehicle, carrying a maximum sentence of 20 years in prison.
There are many such laws which can put in a spot of bother while surfing online. Making racist comments or hurting religious sentiments is a strict taboo online like it is in the real world. If you know of any other such unknown laws exist in some country, kindly note them down in the comments section.
Monday, February 15, 2016
Posted by Sivapriya
5 most dangerous computer viruses of all time
Computer viruses can be dreadful that might cause extensive damage to your innocent device. It can significantly disrupt your system’s performance and has the potential to wipe out everything on your hard disk.
So, what is a computer virus? A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive. When this replication succeeds, the affected areas are then said to be “infected”, making your device helpless and sick.
Also, ever since people could write code there have been individuals known as hackers who have sought to make that code malicious in nature. While some pranksters created virus-like programs for large computer systems, it was really the introduction of the personal computer that brought computer viruses to the public’s attention.
Computer viruses have inundated the computer user for a long time now. Here are five most dangerous computer viruses of all time:
1. ILOVEYOU
This was perhaps the most dangerous computer virus ever created that in the form of a worm — it was a standalone program capable of replicating itself. Known as ILOVEYOU, this virus initially traveled the Internet by e-mail and managed to crash PCs all across the world. To make it even more alluring, the subject of the e-mail said that the message was a love letter from a secret admirer. An attachment in the e-mail was what caused all the trouble. The original worm had the file name of LOVE-LETTER-FOR-YOU.TXT.vbs. The moment someone opened the file, the virus emailed itself to the first 50 contacts available in the PC’s Windows address book. The virus caused a total damage of around $10 billion affecting almost 10% of the world’s PCs connected to the Internet.
2. Melissa
Melissa was the first mass-mailing macro virus for the new age of e-mailing which became the breaking news across the world on March 26, 1999. Based on a Microsoft Word macro and built by David L, Melissa was spread in the form of an email attachment by the name “list.doc.” When the attachment was clicked upon, the virus replicates itself and seeks for the Microsoft Outlook address book to e-mail itself to the first 50 names on the list with a message, “Here is that document you asked for…don’t show anyone else. ;-)” Later on, FBI arrested David L and slapped him with a fine of $5000 for unleashing the fastest virus of its time.
3. My Doom
My Doom explored its way to the malware world on 26th January 2004 and sent a shockwave around the world, as it scattered exponentially via e-mail through email with random addresses of senders and subject lines. My Doom destroyed the cyber world by activating a tremendous denial of service attack that infected close to about two million PCs. It transmitted itself in a particularly deceitful manner through e-mail as what receiver would first reckon to be a bounced error message as it reads “Mail Transaction Failed.” But, as soon as the message is clicked upon, the attachment is executed and the worm is transferred to email addresses found in the user’s address book. The damage caused by this fastest-spreading mass mailer worm was a whopping $38 billion.
4. Code Red
It debuted in late 2001 taking advantage of the Microsoft Internet Information Server’s flaw. The variations of the virus plagued the Internet for several months. The interesting thing about this deadly virus is, it did not require you to open an e-mail attachment or run a file; it just required an active Internet connection with which it ruined the Web page that you opened by displaying a text “Hacked by Chinese!” And in less than a week’s time, “Code Red” brought down more than 400,000 servers including the White House web server. This virus caused a total damage of approximately $2.6 billion dollars by hitting almost one million PCs.
5. Sasser
The 2004 worm virus affected Windows OS primarily, and was devastating to many critical infrastructures. It didn’t spread through e-mail unlike other viruses. Instead, once the virus infected a computer, it looked for other vulnerable systems. It contacted those systems and instructed them to download the virus. The virus would scan random IP addresses to find potential victims. The virus also altered the victim’s operating system in a way, making it even hard to reset without cutting the power. Sasser functioned by attacking the security controller Local Security Authority Subsystem Service, as it had a buffer overflow vulnerability. The worm affected hospitals, public transportation, airlines, news agencies and much more. After one million infections, there was an estimated 18 billion dollars in damage recorded.
Thursday, February 11, 2016
Posted by Sivapriya
CYBER CRIMES AND THE LAW
In the era of cyber world as the usage of computers became more popular, there was expansion in the growth of technology as well, and the term ‘Cyber’ became more familiar to the people.
The evolution of Information Technology (IT) gave birth to the cyber space wherein internet provides equal opportunities to all the people to access any information, data storage, analyse etc. with the use of high technology.
Due to increase in the number of netizens(Citizens of the net), misuse of technology in the cyberspace was clutching up which gave birth to cyber crimes at the domestic and international level as well.
Though the word Crime carries its general meaning as “a legal wrong that can be followed by criminal proceedings which may result into punishment” whereas Cyber Crime may be “unlawful acts wherein the computer is either a tool or target or both”.
The world 1st computer specific law was enacted in the year 1970 by the German State of Hesse in the form of ‘Data Protection Act, 1970’ with the advancement of cyber technology. With the emergence of technology the misuse of technology has also expanded to its optimum level and then there arises a need of strict statutory laws to regulate the criminal activities in the cyber world and to protect technological advancement system.
It is under these circumstances Indian parliament passed its “INFORMATION TECHNOLOGY ACT, 2000” on 17th oct to have its exhaustive law to deal with the technology in the field of e-commerce, e-governance, e-banking as well as penalties and punishments in the field of cyber crimes.
Cyber Crimes Actually Means: It could be hackers vandalizing your site, viewing confidential information, stealing trade secrets or intellectual property with the use of internet. It can also include ‘denial of services’ and viruses attacks preventing regular traffic from reaching your site.
Cyber crimes are not limited to outsiders except in case of viruses and with respect to security related cyber crimes that usually done by the employees of particular company who can easily access the password and data storage of the company for their benefits. Cyber crimes also includes criminal activities done with the use of computers which further perpetuates crimes i.e. financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail, spoofing, forgery, cyber defamation, cyber stalking, unauthorized access to Computer system, theft of information contained in the electronic form, e-mail bombing, physically damaging the computer system etc.
Classifications Of Cyber Crimes: Cyber Crimes which are growing day by day, it is very difficult to find out what is actually a cyber crime and what is the conventional crime so to come out of this confusion, cyber crimes can be classified under different categories which are as follows:
1. Cyber Crimes against Persons:
There are certain offences which affects the personality of individuals can be defined as:
- Harassment via E-Mails: It is very common type of harassment through sending letters, attachments of files & folders i.e. via e-mails. At present harassment is common as usage of social sites i.e. Facebook, Twitter etc. increasing day by day.
- Cyber-Stalking: It means expressed or implied a physical threat that creates fear through the use to computer technology such as internet, e-mail, phones, text messages, webcam, websites or videos.
- Dissemination of Obscene Material: It includes Indecent exposure/ Pornography (basically child pornography), hosting of web site containing these prohibited materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.
- Defamation: It is an act of imputing any person with intent to lower down the dignity of the person by hacking his mail account and sending some mails with using vulgar language to unknown persons mail account.
- Hacking: It means unauthorized control/access over computer system and act of hacking completely destroys the whole data as well as computer programmes. Hackers usually hacks telecommunication and mobile network.
- Cracking: It is amongst the gravest cyber crimes known till date. It is a dreadful feeling to know that a stranger has broken into your computer systems without your knowledge and consent and has tampered with precious confidential data and information.
- E-Mail Spoofing: A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it’s origin to be different from which actually it originates.
- SMS Spoofing: Spoofing is a blocking through spam which means the unwanted uninvited messages. Here a offender steals identity of another in the form of mobile phone number and sending SMS via internet and receiver gets the SMS from the mobile phone number of the victim. It is very serious cyber crime against any individual.
- Carding: It means false ATM cards i.e. Debit and Credit cards used by criminals for their monetary benefits through withdrawing money from the victim’s bank account mala-fidely. There is always unauthorized use of ATM cards in this type of cyber crimes.
- Cheating & Fraud: It means the person who is doing the act of cyber crime i.e. stealing password and data storage has done it with having guilty mind which leads to fraud and cheating.
- Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children.
- Assault by Threat: refers to threatening a person with fear for their lives or lives of their families through the use of a computer network i.e. E-mail, videos or phones.
2. Crimes Against Persons Property:
As there is rapid growth in the international trade where businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of traditional paper documents. There are certain offences which affects persons property which are as follows:
- Intellectual Property Crimes: Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, infringement of copyright, trademark, patents, designs and service mark violation, theft of computer source code, etc.
- Cyber Squatting: It means where two persons claim for the same Domain Name either by claiming that they had registered the name first on by right of using it before the other or using something similar to that previously. For example two similar names i.e. www.yahoo.com and www.yaahoo.com.
- Cyber Vandalism: Vandalism means deliberately destroying or damaging property of another. Thus cyber vandalism means destroying or damaging the data when a network service is stopped or disrupted. It may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral attached to the computer.
- Hacking Computer System: Hacktivism attacks those included Famous Twitter, blogging platform by unauthorized access/control over the computer. Due to the hacking activity there will be loss of data as well as computer. Also research especially indicates that those attacks were not mainly intended for financial gain too and to diminish the reputation of particular person or company.
- Transmitting Virus: Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worm attacks plays major role in affecting the computerize system of the individuals.
- Cyber Trespass: It means to access someone’s computer without the right authorization of the owner and does not disturb, alter, misuse, or damage data or system by using wireless internet connection.
- Internet Time Thefts: Basically, Internet time theft comes under hacking. It is the use by an unauthorised person, of the Internet hours paid for by another person. The person who gets access to someone else’s ISP user ID and password, either by hacking or by gaining access to it by illegal means, uses it to access the Internet without the other person’s knowledge. You can identify time theft if your Internet time has to be recharged often, despite infrequent usage.
3. Cybercrimes Against Government:
There are certain offences done by group of persons intending to threaten the international governments by using internet facilities. It includes:
- Cyber Terrorism: Cyber terrorism is a major burning issue in the domestic as well as global concern. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate e-mails, attacks on sensitive computer networks etc. Cyber terrorism activities endanger the sovereignty and integrity of the nation.
- Cyber Warfare: It refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.
- Distribution of pirated software: It means distributing pirated software from one computer to another intending to destroy the data and official records of the government.
- Possession of Unauthorized Information: It is very easy to access any information by the terrorists with the aid of internet and to possess that information for political, religious, social, ideological objectives.
4. Cybercrimes Against Society at large:
An unlawful act done with the intention of causing harm to the cyberspace will affect large number of persons. These offences includes:
- Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children. It also includes activities concerning indecent exposure and obscenity.
- Cyber Trafficking: It may be trafficking in drugs, human beings, arms weapons etc. which affects large number of persons. Trafficking in the cyberspace is also a gravest crime.
- Online Gambling: Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. There are many cases that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc.
- Financial Crimes: This type of offence is common as there is rapid growth in the users of networking sites and phone networking where culprit will try to attack by sending bogus mails or messages through internet. Ex: Using credit cards by obtaining password illegally.
- Forgery: It means to deceive large number of persons by sending threatening mails as online business transactions are becoming the habitual need of today’s life style.
Affects To Whom: Cyber Crimes always affects the companies of any size because almost all the companies gain an online presence and take advantage of the rapid gains in the technology but greater attention to be given to its security risks. In the modern cyber world cyber crimes is the major issue which is affecting individual as well as society at large too.
Need of Cyber Law: information technology has spread throughout the world. The computer is used in each and every sector wherein cyberspace provides equal opportunities to all for economic growth and human development. As the user of cyberspace grows increasingly diverse and the range of online interaction expands, there is expansion in the cyber crimes i.e. breach of online contracts, perpetration of online torts and crimes etc.
Due to these consequences there was need to adopt a strict law by the cyber space authority to regulate criminal activities relating to cyber and to provide better administration of justice to the victim of cyber crime. In the modern cyber technology world it is very much necessary to regulate cyber crimes and most importantly cyber law should be made stricter in the case of cyber terrorism and hackers.
Penalty For Damage To Computer System: According to the Section: 43 of ‘Information Technology Act, 2000’ whoever does any act of destroys, deletes, alters and disrupts or causes disruption of any computer with the intention of damaging of the whole data of the computer system without the permission of the owner of the computer, shall be liable to pay fine upto 1crore to the person so affected by way of remedy.
According to the Section:43A which is inserted by ‘Information Technology(Amendment) Act, 2008’ where a body corporate is maintaining and protecting the data of the persons as provided by the central government, if there is any negligent act or failure in protecting the data/ information then a body corporate shall be liable to pay compensation to person so affected. And Section 66 deals with ‘hacking with computer system’ and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both.
Case Study-Attacks on Cyberspace:
Worm Attack: The Robert Tappan Morris well Known as First Hacker, Son of former National Security Agency Scientist Robert Morris, was the first person to be prosecuted under the ‘Computer and Fraud Act, 1986’. He has created worm while at Cornell as student claiming that he intended to use the worm to check how large the internet was that time. The worm was uncontrollable due to which around 6000 computer machines were destroyed and many computers were shut down until they had completely malfunctioned. He was ultimately sentenced to three years probation, 400 hours of community service and assessed a fine of $10500. So there must be strict laws to punish the criminals who are involved in cyber crime activities.
Hacker Attack: Fred Cohen, a Ph.D. student at the University of Southern California wrote a short program in the year 1983, as an experiment, that could “infect” computers, make copies of itself, and spread from one machine to another. It was beginning & it was hidden inside a larger, legitimate program, which was loaded into a computer on a floppy disk and many computers were sold which can be accommodate at present too. Other computer scientists had warned that computer viruses were possible, but Cohen’s was the first to be documented. A professor of his suggested the name “virus”. Cohen now runs a computer security firm.
Internet Hacker: Wang Qun, who was known by the nickname of “playgirl”, was arrested by chinese police in the Hubei province first ever arrest of an internet hacker in China. He was a 19 year old computing student, arrested in connection with the alleged posting of pornographic material on the homepages of several government-run web sites. Wang had openly boasted in internet chat rooms that he had also hacked over 30 other web sites too.
Preventive Measures For Cyber Crimes:
Prevention is always better than cure. A netizen should take certain precautions while operating the internet and should follow certain preventive measures for cyber crimes which can be defined as:
- Identification of exposures through education will assist responsible companies and firms to meet these challenges.
- One should avoid disclosing any personal information to strangers via e-mail or while chatting.
- One must avoid sending any photograph to strangers by online as misusing of photograph incidents increasing day by day.
- An update Anti-virus software to guard against virus attacks should be used by all the netizens and should also keep back up volumes so that one may not suffer data loss in case of virus contamination.
- A person should never send his credit card number to any site that is not secured, to guard against frauds.
- It is always the parents who have to keep a watch on the sites that your children are accessing, to prevent any kind of harassment or depravation in children.
- Web site owners should watch traffic and check any irregularity on the site. It is the responsibility of the web site owners to adopt some policy for preventing cyber crimes as number of internet users are growing day by day.
- Web servers running public sites must be physically separately protected from internal corporate network.
- It is better to use a security programmes by the body corporate to control information on sites.
- Strict statutory laws need to be passed by the Legislatures keeping in mind the interest of netizens.
- IT department should pass certain guidelines and notifications for the protection of computer system and should also bring out with some more strict laws to breakdown the criminal activities relating to cyberspace.
- As Cyber Crime is the major threat to all the countries worldwide, certain steps should be taken at the international level for preventing the cybercrime.
- A complete justice must be provided to the victims of cyber crimes by way of compensatory remedy and offenders to be punished with highest type of punishment so that it will anticipate the criminals of cyber crime.
Conclusion:
Since users of computer system and internet are increasing worldwide, where it is easy to access any information easily within a few seconds by using internet which is the medium for huge information and a large base of communications around the world. Certain precautionary measures should be taken by netizens while using the internet which will assist in challenging this major threat Cyber Crime.
Saturday, February 6, 2016
Posted by Sivapriya