Introduction to Cybercrime Module 1 Text PDF

Summary

This document introduces cybercrime, outlining its various types, origins, legal implications, and the global and Indian context. It includes discussions on cyberspace, cybersquatting, and cyberwarfare, providing a basic understanding of this evolving field.

Full Transcript

1 Introduction to Cybercrime Learning Objectives Afer reading this chapter, you will able to: Learn what cybercrime is and appreciate the Get an overview of cybercrime scenario as the to...

1 Introduction to Cybercrime Learning Objectives Afer reading this chapter, you will able to: Learn what cybercrime is and appreciate the Get an overview of cybercrime scenario as the topic. in India as well as the overall global importance of cybercrime Understand the different types of cybercrime. perspective. Understand the difference between cybercrime Understand the legal perspective on cyber and cyberfraud. crime including the Indian ITA 2000 and. Learn about different types of cybercriminals its latest amendment known as the ITA and the motives behind them. 2008. 1.1 Introduction Almost everyone is aware of the phenomenal growth of the Internet (the statistics on Indian growth for Internet and mobile usage are indicated through links provided in Ref. #26, Additional Useful Web References, Furcher Reading).Given the unrestricted number of free websites, the Internet has undeniably opened a new way of exploitation known as cybercrime. These activities involve the use of computers, the Internet, cyber space (see Box 1.1) and the worldwide web (Www). Interestingly, cybercrime is not a new phenomena; the hrst recorded cybercrime took place in the year 1820. It is one of the most talked about topics in the recent years. Figure 1.1, based on a 2008 survey in Australia, shows refer to Appendix L. th cybercrime trend. Also any better, Indian While the worldwide scenario on cybercrime looks bleak, the situation in India is not corporate and government sites have been attacked or defaced more than 780 times between February 2000 and December 2002. There are also stories/news of other attacks; for example, according to a story posted on 3 December 2009, a - total of 3,286 Indian websites were hacked in 5 months berween January and June 2009 (see Ref. #2, Articles and Research Papers, Further Reading). tables show statistics related Oilar data for later years is presented in Tables 1.1-1.4; the data in those to various cybercrimes suspects in States and Union Territories and cases registered under cybercrimes by motives and (UT). 2 Cybercrime: Definition and Origins of the Word With the backdrop of presented in Tables 1.1 and 1.2, let us understand information in the previous section and the statistics on adefinition of computer the origins of theterm ybercrime. Reaching consensus Understanding Cyber Crimes, Computer Forensics and Legal Perspectives Box 1.1 Cyberspace, Cybersquatting, Cyberpunk, Cyberwarfare and Cyberterrorism Cyberspace This is a term coined by William Gibson, a - science fiction writer, in his Sci-fi novel Neuromancer (pub- IIshed in 1984) he suggested it as a "consensual halucinaticon." According to his vision about ne future computer network (as at the time when he coined the term in 184), "cyberspace" is where Users mentally travel through matrices of data.Conceptualy. "cyberspace" is the "nebulous plo where humans interact over computer networks. The term "cyberspace" is now Used to describefh Internet and other computer networks. In terms of computer science, "cyberspace" is a worldwicie network of computer networks that uses the Transmission Control Protocol/Internet Protocol (TCPIP Tor communication to failitate transmission and exchange of data. A common factor in almost ol definitions of cyberspace is the sense of place that they convey - cyberspace is most definitely a place where youchat, explore, research and play. Cybersquatting The termis derived from"squatting" which is the act of occupyingan abandoned/unoccupied spacel building that the squatter does not own, rent or otherwise have permission to use. Cybersquatting. however, is a bit different in that the domain names that are being squatted are (sometimes but not always) being paid for by the cybersquatters through the registration process. Cybersquatters USUally ask for prices far greater than those at which they purchased it. Some cybersquatters put up derogatory or defamatory remarks about the person or company the domain is meant to repre sent in an effort to encOurage the subiject to bUy the domain from them. This term explained heres is because, in a way, it relates to cybercrime given the intent of cybersquatting. Cybersquatting name, with the intent of selling the act of registering popular Internet address, usually a company a it to its rightful owner. From an affected individual's point of view, cybersquatting means register-. ing, selling or using a domain name with the intent of profiting from the goodwill of someone else's CybersqUatting is the trademark. In this nature, it can be considered to be type of cybercrime. a names. In other words, cyber practice of buying "domain names" that have existing businesses as domain names. squatting involves the pre-emptive registration of trademarks by third parties to earn profit. Comparing cybersquatting It is done with the intent to sell those "domain names" to online extortion, Senator Spencer Abraham, a Michigan Republican, introduced to Congress the Ani-Cybersquatting Consumer Protection Act. This bill, enacted, would make cybersquat ting illegal. Violators would be charged a fine of up to $300,000. The World !ntellectual Property endorsed by Organization (WIPO) has also outlined anti-cybersquatting tactics, which have been someone recently Internet Corporation for Assigned Names and Numbers (|CANN). Ironically enough, dollars. Even though registered www.wipo.com in order to sell it back to WIPO forcourt-case several thousand decisions are against cybers legislation has not been enacted, almost all cybersquatting is cybersquatting. quatters. We can see that the topic of "domain name disputes" closely connected with because domain name disputes arise largely from thefirst-served practice of cybersquatting. Such disputes nature of the domain name reg happen because cybersquatters exploit the first-come, istration system to register names of trademarks, famous people or businesses with which they have names is relatively simple, cybersquatters Can register no connection. Since registration of domain numerOUS examples of such names as domain names. As the holders of these registrations, cybers or directly to the com quattersoften then put the domain names up for auction, offer them for sale can keep pany or person involved, at prices far beyond the cost of registration, Alternatively, they name 10 person or business associated with that domain the registration and use the name of the attract business for their own sites. In India, "cybersquatting" is considered to be an "Intellectual Property Right" (PR) evi (b Ref. #29, Additional Useful Web References, Further Readina). In India, "cybersquatfing" is Seenie interfere with the "Uniform Dispute Resolution Policy'" (a contractual obligation to which al aoi name registrants are presently subjected to). It also affects the rights of Indians who have To l in respect of international generic domain names such as dot Com, u charges of "Squatfing" org, etc. The terms "trademark" and "intellectual property" are explained in Chapter 10. Introduction to Cybercrime 3 Cyberspace, Cybersquatting, (Continued) Box 1.1 | (yberwarfare Cyberpunk and words "cyber" and "punk" emphasize the two basic science fiction literature) the "individualism." The ferm "cyberpunk" cOuld mean.some- ACCording to and cyberpunk: "technology" aspects of machines" Ormachin/computer rebel movement." This word first appeared "anarchy via "Cyberpunk" by Bruce Bethke. publishedin science fiction stories magazine, hinglke of a short story was coined the title November 1983. it is quite interesting to note that the word in as the 57, No. 4, AMAZING, Vol. applied the to "bizarre, hard-edged, high-tech" science fiction emerging in of 1980, and The idea behind callingit "cyber- earyspring story is about a bunch teenage hackers/crackers.of of The will express the juxtaposition punk attifudes and high technol- the was to invent a new term that 1980s. may like to refer to specific pages of the "crackers' and others, readers punk" terms "hackers," of Also refer to Chapter 10. ogy. Forthe this box. mentioned at the end meansinformnation warriors unleashing vicious attacks against Cyberwartare, for many people, sOUrce nationis. This per- opponent's computer networks, wreaking havoc and paralyzinggot historical con- an unsuspecting and cyberterrorism have seems to be correct as the terms cyberwarfareThe term "information infrastructure" refers to ception context of attacks against infrastructure. or popu- nection in the resources, including communication systêms that support an industry, institutionmajorimpli- information as threat to military forces and the Internet has Cyberattacks are offen presented Ref. #9, Books, Further Reading) covers lation. and warfare. Information warfare (seeimportant. cations for espionage may be the least arange of activities of which cyberattacks Cyberterrorism Institute for Security ond Barry Colin, a senior research fellow at the a Thic term was coined in 1997 by seems to be a controversial term. Some authors choose Intelligence in California. Cyberterorism of disruption attacks. Vey nomowdefinition, relating to deployments, by known terrorist organizations,panic. However, this ggginst information systems for the primary purpose of creating alarm andThere is a broad defini any instances of cyberterrorism. narow defnition makes it difficult to identify lnstitute: tion stated by Kevin G. Coleman of the Technolytics computers and/or or the threat thereof, against The premeditated use of disruptive activities,or further social, ideological, religious, political or networks, with the intention to cause harm similar objectives or to intimidate any person in furtherance of such objectives. familiar in the definition of cyberterrorism, the term consisting of Ihere a lot of is misinterpretation term we can understand "terrorism." Although "cyber" the is Word "cyber" and less familiar word in the definition brings in is difficult to define. The ambiguity 1.2), the term terrorism may be (See Section ""an E-Mail bomb' guenesS in action, as D. Denning pointed in her work saying that(for terms SUch as "activism," some and 'cvberterrorism' by others" Reading). Osiaered as 'hacktivism' by Additional Web References, Further KIVISm" and "cyberterorism". see Ref #13. from the popular m is degree of understanding of the meanings of cyberterrorism, either specialists use different or experience: however, the personal "terrorisms" appear as a mixture ofas defniti" secondary soUrces as well as other contemporary cyberterrorism Worde yoerterrorism", of application, Barry Collin defined of an area words terrorism and a agent for the the convergence of meaning same year, Mark Pollitt, special cybernetics and terrorism. In the FBl, offers a working definition: computer Cyberterrorism motivated attack against information, targets systerns, is the premeditated, politically noncombatant computer programs and data which result in violence against / Sub national groups or clandestine agents. groups means by terrorist information technology and Can also ond agents. define cyberterrorism as: Use of Refer to Source: Chapter 10. Frameworks and Best Ning Godbole Practices Manggement, Metrics, (Box 11.2, (2009). Information Systems Security: Security p. 170 and Box 38.12, p. 926), Wiley India. Security: Understanding Cyber Crimes, Computer ForensicsS and Legal Perspective 14% - 12% 10% 8% 6% 4% 2% 0% gainsystem competitor for Commercial political government advantage skili interests political grievance damage rate demonstra: cess attack soSysten gai financial resources Unsolicite attacker Indiscriminate Unknown utilize Other s est utilize Illicit Personal To Foreign D To resoiuthe unau Figure 1.1 Cybercrime trend. Source: 2008 Pacific Islands Computer Crime and Security Threats, Challenges presentation by Wipul Survey. Adapted from Cybercrime: Jayawickrama at the Computer Security Week 2008 in Brisbane, Australia (reproduced with permission). crime is difhcult. One definition that is advocated is, "a crime conducted which a computer was significantly instrumental." This definition is in not universally accepted. It, however, directly and to narrow the scope of the definition for cybercrime": initiates further disciussion for example, we can propose the following alternative definitions of computer crime: 1. Any illegal act wherea special knowledge of computer technology is essential investigation or prosecution. for its perpetration, 2. Any traditional crime that has acquired a new a computer, and abuses dimension or order of magnitude through the aid of that have come into being because computers. 3. Any financial dishohesty that takes place a of in computer environment. 4. Any threats to the computer itself, such as theft of hardware or software, sabotage ransom. and demands for Here is yet another definition: "cybercrime (computer cime) is any illegal electronic operations, that targets behavior, directed by means of the security of computer systems wider sense, "computer-related çrime can and the data processed by them, Note that in a be any illegal behavior committed a computer system or network; however, this is not cybercrime. by means of, or in relation to, Statute and treaty law both refer to "cybercrime." The term "cybêrcrime that may sometimes be used interchangeably relates to a number of other terms to describe crimes committed rime, Computer crime, Internet crime, using computers. Computer-relat E-crime, High-tech crime, etc. are pecifically can be defined in a the other synonymous terms. Cybercrims number of ways; a few definitions are: A 1. crime committed using a computer and the Internet to steal a person's sellcontraband or stalk victims or identity disrupt operations with malevolent programs. (identity they Refer to Chapter 3 2006 2007 -26.5 -20.7 -75 6.2 Over 50.0 in 0.0 2007 2 25 23 86 0 0 11 0 3 3 154 Arrested 2006 8 34 29 81 0 0 0 0 2 154 Persons 2005 10 27 14 125 0 0 3 13 192 2007 2004 0 31 1 21 0 0 0 0 7 60 2004 Variation 2006 2007 during 10.0 -20.0 35.3 43.5 200.0 200.0 45.8 over in Act 2009). IT 20062007 under 11 207 11 20 46 99 2 2 4 0 3 9 February arrested 142 0 0 0 1 3 (28 Reois 10 25 34 69 0 2003.pdf persons Cases 2005 3 177 0 0 0 1 10 33 41 88 1 India and 2004 0 0 0 68 in http:l/www.nasscom.org/download/Cybercrimes 0 0 registered 2 14 12 34 0 system in signature misrepresentation/sup infor certificate confidentiality/privacy publication/transmission govern signature /Cybercrimes/cases system to computer the access/attempt computer source of decrypting digital compliancelorders Authority by digital signature computer intercepted computer protected or to Loss/damage resource/utility agency icence fact false Heads Unauthorized digital with form Certifying in assist by Obtaining certificate of Publishing certificate of Tampering Hacking mation documents pression Crime Hacking Obscene electronic ment to access Fraud Breach Other Total 7.1 Failure Of To Source: Table () (ii) (i) (i) 9 No. 7 2 3 4 6 Cyber Security: Understanding Cyber Crimes, Computer Forensics and Legal Perspectivee Table 1.2 Cybercrimes/cases registered and persons arrested under IPC during 2004-2007 Sr. Crime Heads Cases Registered 6 Variation Persons Arrested No. % Variation in 2007 2004 2005 2006 2007 0ver 2006 in 2007 over 2004 2005 2006 2007 1 Offences by/ 2006 0 0 against public servant 2 False electronic evidence 3 Destruction 0 0 0 0 of electronic evidence 4 Forgery 77 48 160 217 35.6 81 71 194 5 264 36.1 Criminal 173 186 90 73 -18.9 181 215 121 85 breach of trust/ -29.8 fraud 6 Counterfeiting () Propertyl 12 0 13 8 -38.5 8 7 23 228.6 mark (i) Tampering 7 5 16 0 (ii) Currency/ 10 59 48 36 -25.0 43 82 89 49 stamps -44.9 7 Total 279 302 311 339 9.0 329 368 411 429 4.4 Source: http://www.nasscom.org/download/Cybercrimes in India 2003.pdf (28 February 2009). 2. Crimes completed either on or with a computer. 3. Any illegal activity done through the Internet or on the computer. 4. All criminal activities done using the medium of computers, the Internet, cyberspace and the WWW. According to one information security access to commit a glossary," cybercrime is any criminal criminal act. Opportunities for activity which uses netwotk security are multiplying because the the exploitation due to weaknesses in information of exponential growth of Internet connection Useful Web References, Further (see Ref. #26, Additiondl Reading). Cybercrime may be internal or toperpetrate. The term cybercrime" has evolved over the past years external, with the former easier nection on a global scale with few since the adoption of Internet con hundreds of millions of users. Cybercrime criminal act using cyberspace as refers to the act of performing a the communications vehicle (the term Some people argue that a cybercrime 'cyberspace" is explained in Box 1.1). is not a crime as it is a or property. However, crime against software and not against a person while the legal systems around criminals (refer to Section the world scramble to introduce laws to combat 1.5), two types of attack are cber prevalent: 1. Techno-crime: A premeditated act against a system or systems, vent access, corrupt or with the intent to copy, steal, otherwise deface or damage 24 ×7 connection to the parts of or the complete computer Syst Internet makes this type of anywhere in the world, cybercrime a real possibility engnec from leaving few, if any, to "inger prints."

Use Quizgecko on...
Browser
Browser