Introduction to Cyber Crimes,

Cyber Security and Legal

Aspects

By: Dean AHR

This note is exclusive only for introduction to cyber crime students.

 LESSON: Introduction to Cyber Crimes, Cyber Security and Legal Aspects
Table of Contents:
1. Learning Outcomes
2. Introduction
3. Cyber crime
3.1 Distinction between Cyber Crime and Conventional Crime
3.2 Categories of Cyber Crimes
3.3 Different kinds of Cyber Crimes
4. Computer Security
5. Cyber Security

1. Learning Outcomes:
After reading this chapter, you would be able to
 Understand the meaning of cyber crime,
 Differentiate between cyber crime and conventional crime,
 Know various categories and kinds of cyber crimes,
 Understand the meaning of computer and cyber security,

This note is exclusive only for introduction to cyber crime students.

 2. Introduction:
Cybercrimes can be simply defined as “crimes directed at a computer or computer system”. In such
computer crimes human being does not play much role but the major activities are carried out by the
automated machines. Cybercrime is the latest type of crime which affects many people and cybercrimes are
normally committed by young teens, recreational computer programmers, professional hackers and other
persons having vested interest.
The present lesson covers categories as well as kinds of cybercrimes, differentiates between the
cybercrimes and the conventional crimes and also cyber security and legal aspects of internet.
Cyber Crime

Source: http://www.digit.in/technology-guides/fasttrack-to-cyber-crime/what-is-
cyber-crime.html
Meaning of Cyber Crime
Computer crime or cybercrime refers to any crime committed with the use of computers or especially
through the internet. Computer crime, cybercrime, electronic crime or hi-tech crime normally refers to a
criminal activity where computer or network is used as a tool or target of a crime.
Computer as a tool
When individual is the main target of the crime committed by the offenders then the computer can be
described as a tool and not the target (e.g., cyber stalking, cyber theft etc.).
Computer as a target
These crimes are committed by a selected group of people with technical knowledge by committing a series
of acts in the planned manner (e.g., web defacement, cyber

This note is exclusive only for introduction to cyber crime students.

 terrorism etc.).

Value Addition 1: Further Understanding

What is Cyber Crime?

Open the link below for a detailed explanation of cyber crimes:

http://www.digit.in/technology-guides/fasttrack-to-cyber-crime/what- is-cyber-
crime.html

3.1 Distinction between Cyber Crimes and Conventional Crimes

The term ‘Cybercrime’ is a misnomer (wrong name) and is used to broadly describe criminal or unlawful
activity in which computer or computer networks are a source, tool, a target, or a place of criminal activity
and include everything from electronic cracking to denial-of-service attacks. It is also used to include
traditional crimes in which computer or networks are used to enable the illicit activity.
The concept of cybercrime is not radically different from the concept of conventional crime. Both include
act whether act or omission, which cause abuse of rules of law and counter balanced by the sanction of the
state. There is apparently no distinction between cyber and conventional crimes. However, on a deep
introspection we may say that there exists a visible line of demarcation between conventional and
cybercrimes which lies in the involvement of the electronic medium in cases of cybercrime. The main point
to be borne in mind for cybercrime is that there should be an involvement, at any stage of the virtual cyber
medium.
3.2 Categories of Cyber Crimes:
The major categories of cybercrimes are as follows:
1. Cyber crimes against persons:
These crimes include harassment of someone with the use of a computer via e-mails, hacking (unauthorized
access to a computer system), assault by threat, defamation (sending derogatory/ objectionable mails) etc.
2. Cybercrimes against property:
These crimes include intellectual property crimes, cyber vandalism (destruction of property pertaining to
another), transmitting harmful programs like virus etc.
3. Cybercrimes against government/firm/company/group of individuals:
These crimes include cyber terrorism, possession of unauthorized information, distribution of pirated
software etc.
4. Cybercrimes against society:
These crimes include pornography (exhibition of pornographic material on the website), online gambling
(sending mass mails to addressee), forgery (alteration of computerized documents), sale of illegal articles
(e.g., narcotics) etc.

This note is exclusive only for introduction to cyber crime students.

 Categories of Cyber Crimes

Cyber Crimes against

Cyber Crimes Cyber Crimes Cyber Crimes
Government/ Firm/
against Persons against Property against
Company/ Group of
Society
Individuals

Figure1: Categories of Cyber Crimes

3.3 Different kinds of Cyber Crimes:

Unathorised
Access &
Hacking
Cyber Virus,Worms &
Stalking Trojan Attack

Web
Defacement E-mail related crimes

Kinds of
Cyber
Crimes Internet Relay
Intellectual Chat relating
Property Crimes crimes

Sale of
Phishing Illegal
Articles
Online
Gambling

Figure 2: Kinds of Cyber Crimes

This note is exclusive only for introduction to cyber crime students.

Various kinds of cyber crimes may be discussed as follows:
1. Unauthorized Access and Hacking:
Unauthorized access refers to any kind of access without seeking the permission of either the true owner or the
person in charge of a computer, computer system (CS) or computer network (CN).
Hacking is a crime which entails cracking systems and gaining unauthorized access to the data stored in them.
Hacking is also known as cracking. In hacking, the criminal uses a variety of software to enter a person’s
computer and persons may be ignorant of the fact that somebody is accessing his computer from a distant
location.
Section 66 of IT Act, 2000 defines hacking as follows:
A person commits hacking if he deliberately:
a) causes or is likely to cause wrongful loss or damage to the public or any person.
b) destroys, deletes or alters any information.
(i) residing in a computer resource,
(ii) diminishes its value or utility,
(iii) affects the computer resource injuriously by any means.
The punishment for a hacker under above mentioned section is imprisonment for a period of 3 years or
fine which may extend to ₹2 lakhs or both.
Hackers involve themselves in this criminal activity because of personal monetary gain (e.g., stealing of credit
card information and transferring the proceeds to their account and then withdrawal of that money).
2. Virus, Worms and Trojan Attack
Virus: A program that is capable of infecting other program and making copies of itself is called virus. This
program is designed to replicate as well as spread. Computer viruses spread by attaching themselves to program
such as word-processors or spreadsheets. They also attach themselves to the boot sector of a disk.
Virus

Source: http://www.stayprotected.com/2014/01/trojan-mobileos-tapsnake-virus-pop- up-how-to-remove/

This note is exclusive only for introduction to cyber crime students.

 Worms: Programs that multiply like viruses but spread from one computer system to another is called worm.
Unlike viruses worms are not required to attach themselves to a host programme.

Computer Worm
Source: https://www.sophos.com/zh-cn/press-office/pressreleases/2003/09/va_ tonyblair.aspx
Trojan attack: A Trojan, a friendly looking enemy, is an unauthorized program which functions from inside
what looks like authorized program, thereby concealing what it is actually doing.
Warning message for a Trojan Horse

Source: http://www.winstudent.com/difference-between-computer-virus-worm-and- trojan-horse/

This note is exclusive only for introduction to cyber crime students.

3. Denial of service (DOS) attack:
As the name implies it is a kind of service attack on a network by sending of disproportionate data to the
victim’s server beyond the limit that the server is capable to handle and hence resulting in server to crash. This
attack deprives him of the service he is entitled to access.

Denial of service (DOS) attack

Source: https://bogner.sh/wp-content/uploads/2015/05/dos-1.png

4. E-mail related crimes. Some of these crimes have been explained below :

i. E-mail spoofing:
It refers to e-mail that appears to have been originated from one source where as it was actually sent from
some different source. Thus, it is a fraudulent email activity with intent to cheat the other party.

ii. E-mail spamming:

It refers to sending of bulk-mails to thousands and thousands of users by an identified or unidentified
source. Spamming results in reduction of productivity and wastage of time.

This note is exclusive only for introduction to cyber crime students.

 Value Addition 2: Illustration

E-mail Spoofing

Gujarat Ambuja Cement executive case is the best example of email spoofing in India
where the former executive of the said company posed as a woman and generated a fake
email ID through which he contacted Abu Dhabi based NRI businessman and deceived
him for crores by blackmailing tactics.

iii. E-mail bombing:

It refers to sending huge volumes of e-mails to a particular address which results in crashing of victim’s
e-mail account or mail servers. The email bomber blocks your inbox continuously with numerous
identical emails.
There are two variants of E-mail bombing:
(i) mass mailing and
(ii) list linking

Value Addition 3: Case Study

E-mail Bombing

There is a famous case relating to email bombing in which a foreigner was a resident of
Shimla (India) for almost 30 years. The Shimla Housing Board launched a scheme to
sell land at lower rates. The foreigner had applied under this scheme but his application
was not accepted on the ground that the scheme was available for citizens of India. He
decided to take revenge. Subsequently he sent thousands of emails to Shimla Housing
Board and frequently kept sending huge volumes of email till their servers crashed.

5. Sale of illegal articles:

This includes sale of narcotics drugs, weapons and wild life etc. Websites, auction websites and bulletins boards
may be used for posting such information. This may also be communicated by e-mail. In all these cases
consideration is illegal and therefore the agreement is void and unenforceable.
6. Online gambling and Cyber Pornography:
Online Gambling: There are thousands and millions of websites, all hosted on the server abroad, that offer
online gambling.

This note is exclusive only for introduction to cyber crime students.

 Cyber Pornography: It may include:
 Hosting of website exhibiting prohibited materials
 Use of computers for producing these obscene materials
 Downloading and transmitting through the internet, obscene materials, video clips, pictures etc.

Value Addition 4: Case Study

First case of Pornography, Air Force Bal Bharti School, New Delhi

Facts of the Case:

In this case, a student of Air Force Bal Bharti School, New Delhi was tortured by all
his classmates. With the spirit of revenge, he decided to get back at his tormentors. He
generated a website at the URL www.amazing-gents.8m.net. The website was hosted
by him on the free web space. The website contained obscene and prohibited
comments about some women teachers and girls of this school.
Filing of Case & Action Taken:
The Delhi Police Cyber Crime Cell registered a case under Section
67 of the IT Act, 2000. The Delhi Police arrested the concerned student and he was
kept at Timarpur (Delhi) Juvenile Home. After one week the Juvenile Board granted
bail to the 16 year old offender who was also rusticated from the school.

7. Phishing:
It refers to acquiring sensitive information such as username, password, credit card details, account data etc. by
disguising as a trustworthy entity. For example, your bank may send you email (which appears genuine to you)
asking you to update your personal information by clicking at a specified link. As it appears genuine, you may
be asked to visit a fraudulent site where all your sensitive information is acquired and subsequently used for
used for cybercrimes and frauds. Phishing is punishable under Sections 66, 66A & 66D of the IT Act, 2000.
8. Intellectual property crimes:
These include distribution of pirated software, copyright infringement, trademarks violations etc. Alternatively,
this is also known as Cyber Squatting. Satyam Infoway Ltd. vs. Sifynet Solutions (2004) is the most widely
known case pertaining to Cyber Squatting.
9. Web defacement:
It refers to substitution of the original homepage of a website with another page by a hacker or cracker. The
substituted page contains normally pornographic or defamatory material. Sections 43, 66, 66F, 67 and 70 of the
IT Act are applicable in some cases of web defacement.

This note is exclusive only for introduction to cyber crime students.

10. Cyber Stalking and Cyber Vandalism (Destruction of others’ property)
Cyber Stalking: It refers to the use of internet, e-mail or other electronic communication devices to stalk
(harass) or threatens another person by making harassing phone calls, leaving written messages or objects etc.
Cyber stalking is also known as online harassment or online abuse and many people especially young teenage
girls complain about. If the stalkers notice that cyber stalking is not working effectively they resort to offline
stalking along with cyber stalking with a view to make the victims’ life more miserable. Most of the stalkers
are: dejected lovers or ex-lovers who had mindset of taking revenge because they could not satisfy their secret
desire.
Various countries have enacted different laws relating to stalking but in India we do not have any legislation
relating to Cyber Stalking. India’s first Cyber Law, IT Act, 2000 does not contain any provision relating to
Cyber Stalking but Chapter XI of IT Act, 2000 has laid down various Cyber Crimes.
Cyber Vandalism: It refers to damaging or destroying the data or property rather than stealing or misusing
them.
Cyber terrorism: The term ‘Cyber terrorism’ is a controversial term and proper definition of this term has not
been provided anywhere [Sec. 66F, Inserted vide ITAA, 2008].
Simply speaking, the term “Cyber terrorism” refers to the adaptation of terrorism to computer resources with
intent to cause fear or terror in the minds of group of people by attacking electronic resources. This section
provides that a person commits cyber terrorism if he uses cyber space with intent to threaten the unity, integrity,
security or sovereignty of India or to strike terror in the people or any section of the people.
A person commits cyber terrorism by:
(i) denying or cause the denial of access to any person authorized to access computer
resource ; or
(ii) attempting to access a computer resource without authorization or exceeding authorized access ;
or
(iii) introducing or causing to introduce any computer contaminant.
The punishment for cyber terrorism under above mentioned section is imprisonment which may extend to
life imprisonment.

Value Addition 5: Activity

Cyber Crime

A and B are into live-in-relationship for the last 5 years. One day they found that an
unauthorized person posted their photographs on the social networking site.
What do you think is this act of the persons involved a cyber crime?
If yes, name the type of cyber crime involved and discuss with your peers whether it is
punishable or not?

This note is exclusive only for introduction to cyber crime students.

 There may be multiple motives for committing crimes such as greed, power, publicity, destructive mindset
etc. Cyber criminals can be classified into various categories based on the objective of committing the
crime. These are: children and adults between the age groups of 6-18 years, organized hackers, professional
hackers or crackers, discontented or sacked employees etc.
4. Computer Security:
Computer security refers to the ability of a system to protect information (personal or business) and system
resources with respect to confidentiality and integrity.
Scammers, hackers, and identity thieves try to steal the personal information and money of the users.
However the users can take steps protect themselves like keeping the computer software up-to-date and
giving out their personal information only when there is a good reason.
Computer Security

Source: http://mindfulsecurity.com/2009/09/19/free-threats-security-awareness- posters/

5. Cyber Security:
Cyber security refers to the technologies and processes designed to protect computers, networks and data
from unauthorized access and attacks delivered via the internet by cyber criminals. Cyber security is
necessary since it helps in securing data from threats such as data theft or misuse, hacking etc. It also
safeguards the

This note is exclusive only for introduction to cyber crime students.

 system from viruses. In other words, cyber security involves protection of sensitive, personal and business
information through prevention, detection and response to diverse electronic attacks.
Major Security Threats and Solutions
1. Virus: It is a program (e.g., love bug) that is loaded on to your computer without your knowledge and
causes damage to data and files on a computer system.
Solution:
Install anti-virus software that protects the computer against threats such as viruses and worms. After
scanning all your systems for the existence of the virus, it should be ensured that virus has been
completely cleaned.
2. Hackers: Generally a hacker is a person who uses computers, usually to gain unauthorized access to
administrative controls.
Prevention of Hacking:
It can be prevented through effective security controls including strong passwords which are difficult for
the thieves to steal and the use of firewalls.
3. Malware: The word “Malware” is a general term which has been derived from the term “Malicious
Software”. Malware is unwanted software that infects and damages your computer system without your
knowledge and permission.
Solution:
Download an anti-malware program that also helps prevent infections. Activate Network Threat
Protection, Firewall, and Antivirus.

Malware Warning

This note is exclusive only for introduction to cyber crime students.

 Source: http://www.easyfixvirus.com/
4. Trojan Horses. These are email viruses that can duplicate themselves, damage or delete files, or harm the
computer system. These viruses are the most serious threat to computers as they destroy files and slow
down your computer.
Solution:
Security suites such as Avast Internet Security help in prevention of downloading Trojan Horses.
5. Password Cracking. It refers to password attacks committed by hackers who are able to determine
passwords or find passwords to different protected electronic areas and social network sites such as
Facebook, linkedin etc.
How to secure password?
 Use always strong password which will be difficult for thieves to guess.
 Keep on changing your password from time to time.
 Don’t give personal information unless required.
 Don’t exercise option that permits your computer to remember your password.

This note is exclusive only for introduction to cyber crime students.

 

This note is exclusive only for introduction to cyber crime students.