Are you safe online?
Although the concept of Cybercrime is not new, there is a considerable misunderstanding among academics, computer security specialists, and consumers about the scope of actual Cybercrime. We examine the area of computer-based crime in this study, including a description of the terms “Cybercrime” and “Crimeware.” We then categorize Cybercrime into type I Cybercrime, which is primarily technological in origin, and Type II Cybercrime, which has a more robust human component. The role of crimeware in different types of Cybercrime is then illustrated using two case studies. Some observations on the part of cognition in the process of Cybercrime are made. Finally, we provide several suggestions for future work in the area of Cybercrime.
It is my privilege to express my heartfelt gratitude to all those people who contributed to this research work either directly or indirectly.
I would like to express my gratitude to Aaweg Charitable Trust and NGO for their sincere guidance and inspiration throughout the research work.
I would also like to thank my friends and family for supporting me and encouraging me towards writing this research paper. I will always be indebted to them.
Last but not the least, I would like to appreciate those who could not be mentioned here but have played their role from behind the curtain.
People have become more reliant on information and communication technologies in the modern era of science and technology. More sensitive information is stored and exchanged in electronic form, necessitating increased attention to the privacy and security of such information. The fast rise of the Internet and social networks in cyberspace demonstrates that information and communications technology (ICT) is now part of everyday life. Whether we are looking for travel information or purchasing tickets, we can do so at any time and from the comfort of our own home or office. As a result, information, and communication technology (ICT) has become an essential role of trade and government.
India aspires to transform its civilization into an information society by implementing the “Digital India” paradigm. The government, business sector, and citizens rely entirely on the Internet to conduct sensitive transactions and store critical data in the cloud. As a result, India is vulnerable to cyber-attacks. Academic publications, generalist computer magazines, newspaper pieces, and online articles all discuss Cybercrime; it has also been the topic of films, television shows, and radio broadcasts. Despite the apparent popularity and familiarity with the phrase, there are widely divergent perspectives on Cybercrime.
This ambiguity in definitions is significant because it affects every aspect of prevention and repair. Furthermore, data indicate that the number of people and businesses affected by various types of perceived cybercrime is increasing, with no indications of slowing down. We look at many aspects of cybercrime in this study; after looking at some of these definitions, we give a more encompassing definition before dividing these crimes into two kinds. We also define the phrase “crimeware,” which is now widely used but has a wide range of meanings, many of which are context-based, and show how our definition compares and contrasts with other explanations.
Even though the term “cybercrime” has become widely used, many individuals would struggle to define it accurately. Furthermore, there is no single name to describe the tools and software utilized to commission specific online crimes. In the following two parts, we will attempt to define Cybercrime and establish a new term, crimeware, which encompasses a wide range of Trojans, Viruses, Bots, Spyware, and Worms that aid in the facilitation of various Cybercrimes.
Crimeware is a term used to describe the software used in cybercrime. We define crimeware as software that is utilized (directly or indirectly) in the commission of a criminal act, is not usually considered a beneficial software program from the standpoint of the computer user and is not unwillingly assisting the crime. For example, a browser with a vulnerability isn’t always crimeware — it’s simply harmful software. However, the crime committed isn’t defined. This is significant divergence from other definitions of crimeware, which often confine the term to software used in financial crimes. This is a false distinction since it defines a program based on its use rather than its content.
Cybercrime, like traditional crime, has many elements and occurs in a wide range of events and environments. Cybercrime definitions have developed throughout time as a result of personal experience. They differ depending on the observer/and protector’s victim’s perspectives and are partially a product of the geographic evolution of computer-related crimes. The Cybercrime Treaty of the Council of Europe, for example, uses the word “Cybercrime” to refer to offenses ranging from data theft to content and copyright infringement. Zevia-Geese, on the other hand, thinks the term should be broader, encompassing things like fraud, unlawful access, child pornography, and cyberstalking. In its definition of cybercrime, the United Nations Manual on the Prevention and Control of Computer-Related Crime encompasses fraud, forgery, and illegal access.
As you can see from these three definitions, cybercrime encompasses a wide range of activities. Our argument about cybercrime is comparable in many ways to our prior opinion on the utility of the term “cyberterrorism” . The computer or device could be the perpetrator, facilitator, or target of the crime; in fact, the offense could occur on the computer alone or in other non – virtual locations.
ACTIVITIES INCLUDED IN CYBERCRIME:
Following are the few examples of cybercrime:
♣ Cyber stalking: Stalking encompasses all forms of internet harassment and abuse. It usually entails a pattern of harassing or threatening activity, such as following someone, showing up at their home or place of business, making harassing phone calls, leaving written messages or items, or vandalizing their property. Many stalkers (online or off) are driven by a desire to control their victims, and cyberstalking shares many of the same traits as offline stalking. One of the most severe consequences of internet abuse is a victim’s avoidance of friends, family, and social activities.
♣ Intellectual Property Crimes: Intellectual property is a collection of rights. Any illegal conduct that deprives the owner of all or part of his rights constitutes a crime. Software piracy, copyright infringement, trademark infringement, patent infringement, design, service mark infringement, and theft of computer source code are all examples of IPR violations.
♣ Bot Networks: The term “botnet” is derived from the phrase’s “robot” and “network.” Bot Networks are a type of cybercrime in which hackers use malware software to remotely control machines. When computers run malicious software, they might become part of a botnet. The botnet’s creator has remote control over the group.
♣ Transmitting Virus: Viruses that transmit themselves are programs that attach themselves to a computer or a file and then spread to other files and computers on a network. They usually have an impact on a computer’s data by modifying or removing it. Worm attacks have a significant role in affecting people’s computer systems.
♣ Hacking: In general, hacking entails looking for and exploiting flaws in a computer system’s or network’s security to gain unauthorized access. A hacker is a person who engages in hacking. To hack any computer system, hackers require computer expertise as well as tools or scripts.
♣ Internet Time Thefts: Internet time theft is classified as a type of hacking. It is the unauthorized use of another person’s paid Internet hours by a third party. Someone who gains access to another person’s ISP user ID and password, either through hacking or unlawful means, uses it to access the Internet without the other person’s knowledge.
♣ Cracking: Knowing that a stranger has broken into a user’s computer system without the user’s knowledge or consent and tampered with valuable personal data and information is a terrifying experience. Crackers differ from hackers in that hackers are employed by businesses to audit network security or test software. In contrast, crackers conduct the same task for personal gain or to do harm to others.
♣ Phishing: Phishing refers to the use of electronic communication to obtain information such as usernames, passwords, credit card numbers, personal information, and so on. Phishing is a type of fraud that involves sending out fraudulent emails or messages that contain a link to a virus or malware-infected website. These websites need users to provide personal information.
CYBER LAWS IN INDIA:
The government’s initial step in combating cybercrime was to pass a cyber law. According to Indian law, cybercrime must be voluntary and purposeful, and it must involve an act or omission that causes harm to a person or property. Regulations connected to cybercrime, electronic and digital signatures, intellectual property, data protection, and privacy are all covered by cyber law. On October 17, 2000, the Indian parliament passed the first “”Information Technology Act, 2000″” to address cybercrime in the areas of e-commerce, e governance, and e-banking, as well as sanctions and punishments. The Information Technology (IT) Act of 2000 defines the offenses that are punished. The Information Technology (Certifying Authorities) Rules, 2000, and the Cyber Regulations Appellate Tribunal (Procedure) Rules, 2000 went into effect on October 17, 2000. The Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003, were passed on March 17, 2003.
They provide forth rules for secure digital signatures and secure electronic records. On February 27, 2003, a significant order relating to website blocking was issued. According to the law, the Computer Emergency Response Team (CERT-IND) has the authority to ask the Department of Telecommunications (DOT) to restrict a website. Several cyber offenses are punishable under the Indian Penal Code (as amended by the IT Act). Forgery of electronic records, cyber scams, and the destruction of electronic evidence are only a few examples. According to the Indian Evidence Act, digital proof must be collected and proven in court (as amended by the IT Act). The provisions of the Bankers’Bankers’ Book Evidence Act (as revised by the IT Act) apply to bank records. Cybercrimes are investigated and adjudicated in line with the Code of Criminal Procedure and the IT Act. The IT Act also changed the Reserve Bank of India Act.
PENALTY FOR DAMAGE TO COMPUTER SYSTEM:
According to Section 43 of the ‘Information Technology Act, 2000,’ anyone who destroys, deletes, modifies, disturbs, or causes disruption of any computer intending to cause damage to the entire data of the computer system without the authorization of the computer’s owner is penalized. According to Section:43A of the ‘Information Technology (Amendment) Act, 2008,’ where a body corporate is maintaining and protecting the data of persons as provided by the central government, if there is any negligent act or failure in protecting the data/information, the body corporate is liable to pay compensation to the person so affected. Section 66 deals with computer system hacking and carries a penalty of up to three years in prison, a fine of up to two years, or both.
SECURITY MEASURE FOR PREVENTION OF CYBERCRIME:
Below mentioned security guidelines and good practices may be followed to minimize the security risk of Cybercrime:
♣ By updating the computer:
Update your computer’s operating system and antivirus software regularly to avoid cyber threats. While keeping a computer up to date will not protect users from all assaults, it will make it much more difficult for hackers to get access to the system and totally block many basic and automated attempts.
♣ By choosing strong passwords:
Passwords are used to establish an online identity. Choose a password with at least eight characters and a mix of letters, numbers, and symbols (for example, # $ percent!?). Use non dictionary words instead of easy passwords like your name or city name. Keep passwords in a secure location and avoid using the same password for many online services. Passwords should be changed regularly, at least once every 90 days.
♣ By protecting computer with security software:
Firewall and antivirus software are famous examples of security software. A firewall regulates who and what is allowed to communicate with a computer via the Internet. Antivirus software keeps track of all internet actions and guards against viruses, worms, Trojan horses, and other harmful software. Antivirus and antispyware software should be set to automatically update whenever you access the Internet.
♣ Online offers that look too good to be true usually are:
It’s possible that the free software or service requested was packed with advertising software that tracks user behaviour and displays unwanted commercials. When downloading free software, be cautious.
♣ Review bank and credit card statements regularly:
If users can detect identity theft and online crimes as soon as their data is stolen or as soon as they see symptoms, the impact of identity theft and online crimes can be considerably reduced. Check your bank and credit card statements regularly. Many banks and services now have fraud protection systems in place that alert them to strange purchase patterns.
♣ Be Social-Media Savvy:
Make sure your social media profiles (such as Facebook, Twitter, and others) are set to private. Check your security settings regularly. Use caution when posting information on the Internet.
♣ Secure Mobile Devices:
Be aware that your mobile device might be infected with malware and hacked. Apps should only be downloaded from reputable sources.
♣ Shield personal information:
Users will be required to supply personal information to manage invoicing and shipping of purchased goods using various online services. The following are some tips on how to disclose personal information safely online: – Phishing communications will frequently instruct you to respond immediately to keep your account open and upgrade your security, or else something horrible will happen. You should not react to them. – Do not reply to emails that request personal information. Genuine businesses will never ask for personal information via email. – Instead of following a link in an email or instant message, type the URL directly into the Web browser when visiting a website.
Unfortunately, most of the essential changes and enhancements to the cybercrime security framework will not occur until after a significant cyber-attack on a government system has occurred. A vast number of attacks on a country’s essential firms and industries could also elicit support. It will be complicated to construct an effective response if these attacks occur since many new offenders will attack once they discover that the security system is inadequate. To generate the support needed to build a security framework, the harm to a country’s government or corporations would have to be serious, triggering a shutdown of the victim’s computer systems. The level of destruction, damage, and loss of precious resources required to elevate cybercrime to the forefront of security risks is rapidly approaching. In 1999, global investment in computer virus eradication and protection, as well as lost productivity, totalled $12.1 billion (Fonseca, 1, 18 Jan 2000). As figures like these continue to rise, more governments will become aware of the problem and begin to take steps to combat it. Furthermore, once one or two industrialized countries have established robust security arrangements, many more will follow suit and construct their own. This would, once again, boost international cooperation. Following a significant attack, funds will be readily accessible to build a strong security structure. Until then, funding and support for the authorities presently combating the cybercrime problem would be restricted. In most countries, the emerging concerns of cybercrime and information warfare have not yet become a significant security concern. This will become a huge security issue as the danger rises and more examples of cybercrime and information warfare emerge. When governments and corporations take this issue seriously, they will devote a significant number of resources to combating it. These funds should be used to improve existing security mechanisms as well as to develop new ones. Furthermore, the funds must be used globally to build multilateral agreements between governments on cooperation and jurisdiction concerns. Not only must these issues be addressed, but efforts must also be made to understand why criminals commit crimes and what steps can be taken to prevent them. Overall, the threat of cybercrime is very high right now, and it will only get worse as more people learn about computers and other modern devices. This hazard can be mitigated now, when it is still tiny, or later when it is considerably larger. This is contingent on the measures taken by governments and corporations around the world right now.
1) Research methodology used was Qualitative to a large extent. The study was conducted based on statistical data from various reliable data experts of which individual data samples differ with respect to time frame and demographic characteristics.
2) There is not a lot of data available from varied sources to analyze thus increasing chances of one-dimensional outlook.
3) Due to paucity of time, only major relevant topics could be studied that are already established.
Crime in India: 2011-Compendium (2012), National Crime Records Bureau, Ministry of Home Affairs, Government of India, New Delhi, India.
Cyber Law & Information Technology (2011) by Talwant Singh, Additional District & Sessions Judge, New Delhi, India.
Introduction to Indian Cyber Law (2008) by Rohas Nagpal, Asian School of Cyber Laws, Pune, India Cyber Crime (2003) by R.K. Suri and T.N. Chhabra, Pentagon Press, New Delhi, India.
International Journal of Basic and Applied Sciences Kandpal & Singh Vol. 2. No.4 ISSN: 2277-1921 156 Online version available at: www.crdeep.org Cyber Laws in the Information Technology Age (2009) by Karnika Seth, Jain Book Depot, New Delhi, India.
Cyber Security: Understanding Cyber Crimes, Computer Forensics and Legal Perspectives (2012) by Nina Godbole and Sunil Belapure, Wiley India Pvt. Ltd, New Delhi, India.
Cyber Crime and the Victimization of Women: Laws, Rights and Regulations (2011) by Debarati Haldaer (Centre for Cyber Victim Counseling, India) and K. Jaishankar (Manonmaniam Sundaranar University, India), IGI Global, USA.