CYBER CRIME :

Indian Scenario & Its Impact

 Project Report
(Submitted for the Degree of B.Com. Honours in Accounting & Finance under the
University of Calcutta)

Title of the Project

CYBER CRIME

Submitted by

Name of the Candidate : ANUJA GUPTA

Registration No. ………………………..
Name of the College : SHRI SHIKSHAYATAN COLLEGE
College Roll No. 184

Supervised by

Name of the Supervisor:

SHRI SHIKSHAYATAN COLLEGE

JANUARY,2014

Supervisor's Certificate

This is to certify that Ms ANUJA GUPTA a student of B.Com. Honours in Accounting &
Finance in Business of SHRI SHIKSHAYATAN COLLEGE under the University of Calcutta
has worked under my supervision and guidance for her Project Work and prepared a
Project Report with the title CYBER CRIME which she is submitting, is her genuine and
original work to the best of my knowledge.

Signature
Place: Name:
Date: Designation:
Name of the College:

Student's Declaration
I hereby declare that the Project Work with the title of CYBER CRIME submitted by me for
the partial fulfilment of the degree of B.Com. Honours in Accounting & Finance in Business
under the University of Calcutta is my original work and has not been submitted earlier to
any other University /Institution for the fulfilment of the requirement for any course of
study.
I also declare that no chapter of this manuscript in whole or in part has been incorporated
in this report from any earlier work done by others or by me. However, extracts of any
literature which has been used for this report has been duly acknowledged providing
details of such literature in the references.

Signature
Name:
Address:

Registration No.

Place:
Date:
 ACKNOWLEDGEMENT:

This project could not have been completed without the help and support of a number of
people. They are the people who have guided me whenever I needed, put in endless effort
along with me to get bring this term paper to completion. I would like to thank Ma’am
, the principal of my college, and Ma’am Papiya Chaudhary ,the H.O.D. ,who has provided us
with this opportunity to do this research to enable us to gain experience that will stand us
in good stead in future.

I would like to thank my guide professor Ma’am for her help, guidance and constant
support. I would also like to show my gratitude to my college librarians. They have helped
me find various references for my work as and when they were needed. I take this
opportunity to thank them all.

I would like to extend my thanks to the various author, writers, researchers,

columnists, and bloggers for their various works and articles which acted as a
guideline for my work. This term paper has been a very insightful experience as it
enlightened my perspective on various aspects of the subjects and topics I studied.
I hope I am able to deliver the value that is expected of.
 PREFACE

This report contains a detailed study about the CYBER CRIME.

A lot of us have a limited knowledge of crime occurring in "cyberspace", known as

cybercrime, which happens on computer and the Internet, however, cybercrime has a
severe potential for remarkable impact on the lives of individuals and our society.
Therefore, a detailed introduction of cybercrime needs to be presented. There are many
terms used to describe cybercrime. The former descriptions were "computer crime",
"computer-related crime" or "crime by computer". With the pervasion of digital technology,
some new terms like "high-technology" or "information-age" crime were added to the
definition. Also, Internet brought other new terms, like "cybercrime" and "net" crime. Other
forms include "digital", "electronic", "virtual" , "IT", "high-tech" and technology-enabled"
crime.

However, on the one hand, each of them didn't cover the whole meaning of cybercrime,
because there is no incorporation of networks. On the other hand, terms such as "high-
tech" or "electronic" crime might be too broad to specify that the crime is the exact
cybercrime, since other fields also have "hi-tech" developments like nanotechnology and
bioengineering. Currently, although no one term has become totally dominant in use,
"cybercrime" is the term used most pervasively.
 CONTENTS
 Chapter 1: Page no.

1.1 BACKGROUND 8

1.2 LITERATURE REVIEW 8

1.3 OBJECTIVES 9

1.4 RESEARCH METHODOLOGY 9

1.5 LIMITATION OF THE STUDY 9

1.6 CHAPTER PLANNING 10

 Chapter 2:

2.1 CONCEPTUAL FRAMEWORK 11

2.2 CLASSIFICATION 12

 Chapter 3:

3.1 National & international findings 14

3.2 INTERNATIONAL CYBERCRIME 20

 Chapter 4:

4.1 ANALYSIS OF FINDINGS 26

 Conclusion. 35

 Recommendations. 36

 Bibliography. 39
 CHAPTER 1

INTRODUCTION

1.1 BACKGROUND
Computer crime refers to any crime that involves a computer and a network The
computer may have been used in the commission of a crime, or it may be the target. Net
crime refers to criminal exploitation of the Internet. Dr. Debarati Halder and Dr. K.
Jaishankar (2011) defines Cybercrimes as: "Offences that are committed against
individuals or groups of individuals with a criminal motive to intentionally harm the
reputation of the victim or cause physical or mental harm to the victim directly or
indirectly, using modern telecommunication networks such as Internet (Chat rooms,
emails, notice boards and groups) and mobile phones (SMS/MMS) Such crimes may
threaten a nation’s security and financial health Issues surrounding these types of crimes
have become high-profile, particularly those surrounding cracking, copyright
infringement, child pornography, and child grooming. There are also problems
of privacy when confidential information is lost or intercepted, lawfully or otherwise.

An Australian nationwide survey conducted in 2006 found that two in three convicted
cyber-criminals were between the ages of 15 and 26.

Internationally, both governmental and non-state actors engage in cybercrimes,

including espionage, financial theft, and other cross-border crimes. Activity crossing
international borders and involving the interests of at least one nation state is sometimes
referred to as cyber warfare. The international legal system is attempting to hold actors
accountable for their actions through the International Criminal Court. Cybercrime in the
United States is estimated to cost $100 billion annually.

1.2 LITERATURE REVIEW:

The history of cybercrime is short compared with traditional crimes. The first published
report of cybercrime occurred in the 1960s, when computers were large mainframe
systems. Since mainframes were not connected with other ones and only few people can
access them, the cybercrimes were always "insider" cybercrimes, which means
employment allowed them to access into mainframe computers. Actually, in the 1960s and
1970s, the cybercrime, which was "computer crime" in fact, was different from the
cybercrime we faced with today, because of no Internet in that era. In following decades,
the increasing of computer network and personal computers transformed "computer
crime" into real cybercrime. Since Internet was invented, people began to exchange
information based on networks of computers, also keep data in computer rather than
paper. At the same time, the cybercrime was not only restricted in target cybercrime, but
expanded into tool cybercrime and computer incidental. This process is similar to the
process of learning one language. In childhood, we learn language itself; then, when we
grow up and are good at it, we will use it to communicate with each other but itself is not a
prime element. In general, current consensus on the classification of cybercrime is to divide
it into three categories that are said in the first paragraph above. We can set another
analogy: target cybercrime is like crossword, which focuses on the magic of language itself;
tool cybercrime is similar to fraud or harassment on street or in other face-to-face ways,
but the place in which tool cybercrime happens is not physical environment but
cyberspace; computer incidental including some electronic proof is saved in computer or
the camera captures the criminal withdrawing money in a bank.

1.3 BROAD OBJECTIVES

1.4 RESEARCH METHODOLOGY

The researcher has used secondary data, magazines, internet, books, some market survey
using marketing tools like asking question through phone, etc.The period of study for this
project is 12 years i.e. 2000-2012.

1.5 LIMITATION OF THE STUDY

 Skill set shortage

 Maintaining high quality standards

 Lack of talent pool

 Unable to do primary research

 Confidentiality.

 Enhanced risk management

 Time constraint
1.6 CHAPTER PLANNING

 Conceptual overview based on national and international scenario.

 Presentation of data.

 Analysis of collected data.

 Findings.

 Conclusions and Recommendations.

 Summary of Observations.
 CHAPTER 2:

2.1 CONCEPTUAL FRAMEWORK

Cybercrime, also called computer crime, the use of a computeras an instrument to

further illegal ends, such as committingfraud, trafficking in child pornography and
intellectual property, stealing identities, or violating privacy. Cybercrime, especially
through the Internet, has grown in importance as the computer has become central to
commerce, entertainment, and government.

New technologies create new criminal opportunities but few new types of crime. What
distinguishes cybercrime from traditional criminal activity? Obviously, one difference is the
use of the digital computer, but technology alone is insufficient for any distinction that
might exist between different realms of criminal activity. Criminals do not need a computer
to commit fraud, traffic in child pornography and intellectual property, steal an identity, or
violate someone’s privacy. All those activities existed before the “cyber” prefix became
ubiquitous. Cybercrime, especially involving the Internet, represents an extension of
existing criminal behaviour alongside some novel illegal activities.
Most cybercrime is an attack on information about individuals, corporations, or
governments. Although the attacks do not take place on a physical body, they do take place
on the personal or corporate virtual body, which is the set of informational attributes that
define people and institutions on the Internet. In other words, in the digital age our virtual
identities are essential elements of everyday life: we are a bundle of numbers and
identifiers in multiple computer databases owned by governments and corporations.
Cybercrime highlights the centrality of networked computers in our lives, as well as the
fragility of such seemingly solid facts as individual identity.
An important aspect of cybercrime is its nonlocal character: actions can occur in
jurisdictions separated by vast distances. This poses severe problems for law enforcement
since previously local or even national crimes now require international cooperation
2.1 CLASSIFICATION
Computer crime encompasses a broad range of activities. Generally, however, it may be
divided into two categories (1) crimes that target computers directly; (2) crimes facilitated
by computer networks or devices, the primary target of which is independent of the
computer network or device.

Crimes that primarily target computer networks or devices include:

 Computer viruses
 Denial-of-service attacks
 Malware (malicious code)
Crimes that use computer networks or devices to advance other ends include:

 Cyberstalking
 Fraud and identity theft
 Information warfare


 The term Information Warfare (IW) is primarily an American concept involving the
use and management of information technology in pursuit of a competitive advantage
over an opponent. Information warfare may involve collection of tactical
information, assurance(s) that one's own information is valid, spreading
of propaganda or disinformation to demoralize or manipulate[1] the enemy and the
public, undermining the quality of opposing force information and denial of
information-collection opportunities to opposing forces. Information warfare is
closely linked to psychological warfare.

 Cyberstalking is the use of the Internet or other electronic means

to stalk or harass an individual, a group of individuals, or an organization. It may
include the making of false accusations or statements of fact (as in defamation),
monitoring, making threats, identity theft, damage to data or equipment, the
solicitation of minors for sex, or gathering information that may be used to harass.
The definition of "harassment" must meet the criterion that a reasonable person, in
possession of the same information, would regard it as sufficient to cause another
reasonable person distress

 A computer virus is a type of malware that, when executed, replicates by inserting

copies of itself (possibly modified) into other computer programs, data files, or
the boot sector of the hard drive; when this replication succeeds, the affected areas
are then said to be "infected".Viruses often perform some type of harmful activity on
infected hosts, such as stealing hard disk space or CPUtime, accessing private
information, corrupting data, displaying political or humorous messages on the user's
screen, spamming their contacts, or logging their keystrokes. However, not all viruses
carry a destructive payload or attempt to hide themselves—the defining
characteristic of viruses is that they are self-replicating computer programs which
install themselves without the user's consent..

 Malware, short for malicious software, is software used to disrupt computer

operation, gather sensitive information, or gain access to private computer systems. It
can appear in the form of code, scripts, active content, and other software. 'Malware'
is a general term used to refer to a variety of forms of hostile or intrusive software.
 In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS)
attack is an attempt to make a machine or network resource unavailable to its
intended users. Although the means to carry out, motives for, and targets of a DoS
attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt
or suspend services of a host connected to the Internet.

CHAPTER 3:

3.1 National & international findings.

CYBER CRIME IN INDIA

Why India?

A rapidly growing online user

 121 Million Internet Users

 65 Million Active Internet Users, up by 28% from 51 million in 2010

 50 Million users shop online on Ecommerce and Online shopping sites.

 46+ Million Social Network

 346 million mobile users had subscribed to Data Packages.

The majority of cybercrimes are centered on forgery, fraud and Phishing,India is the third-
most targeted country for Phishing attacks after the US and the UK,Social networks as well
as ecommerce sites are major targets, 6.9 million bot-infected systems in 2010,14,348
website defacements in 2010,6,850 .in and 4,150 .com domains were defaced during
2011,15,000 sites hacked in 2011,India is the number 1 country in the world for generating
spam.
Computers as target of crimes

Due to the Home PC the use of computers has grown widely, such computers can
become target of crime either in the physical or in the virtual manner, i.e. parts of the
computer can be stolen example the hard disk thus leading to physical break-ins.
Unauthorized access to the computer leading to confidential data loss will amount to
crime of data theft, which is termed as hacking in the ordinary parlance. Other forms of
crimes in which the computer is the target include offences such as – Blackmail based
on the information stolen in the form of medical information, personal data etc. this
category can also include offences like the theft of Intellectual property, or important
data of corporations like the marketing information etc. Further these crimes could also
be committed with a mean intent by causing impediments in the business operation.
Gaining access to the government records and making false passports, driver’s licenses,
manipulating the tax record, land record, accessing the intelligence files etc. The type of
victim’s targeted also helps in establishing the typology of the Cyber crimes Individuals:
Most of the cyber crimes fall under this type, cyber staking is an example of an
individual being affected through internet, or an individual may be affected even
though he may have nothing to do with the cyberspace but still be victimized for
instance online baking transaction frauds committed by hackers who gain entry into the
computer systems of the banks.

National Security

E–mail as its is popularly referred to started becoming utilized for military applications.
With the development of the World Wide Web this technology was inducted in the
public domain. This is the starting point where the virtual medium started being
utilized for criminal activities, and with the growth of terrorism, the terrorists also have
adopted this technology. The terrorist’s organizations all over the world have started
using the internet to spread their ideology, and also for bringing in ability to their
nefarious activities against any state or society at large. Further there are attempts
done by terrorist organizations to disrupt the communications hubs of the states, so
that their activities could be carried with greater effect causing larger damage. In the
context of national security, especially viz. military applications information plays a
major role, on the basis of which military victories become decisive. This game of
intelligence and counterintelligence is carried out in the virtual medium as most of the
military activities and the information management of most of the advanced nations is
based on the use of computers and the internet. Thus disrupting the information’s
network of the advanced nations through the virtual medium has become a cost-
effective technique resorted by the nation who do not have the military supremacy.
Economic crimes

This is one of the most widely committed crimes and with the society with every
passing day more and more members of the society accepting e-commerce as a means
to do commerce, crime through the virtual medium will be the one of the major
dilemma which will necessarily be required to be contained through the agency are:
Hacking, Virus, Cyber frauds, Software piracy and violation of copyrights, Industrial
espionages by rival corporations Forgery and counterfeiting etc. The content of the
information also forms the basis for classification in deciding the typology of the

Cyber Crimes – The quantum of information being exchanged on the internet is

beyond imagination. Not all the information being exchanged on the net has remained
within the limits of public morality, thus the net has become a fertile ground for
exchange of immoral information further leading to misuse of the right of freedom of
speech and expression.

Society is dynamic

However due to rapid technological advancements in communications and the

computer technology have left the law trailing behind to such an extent that it is facing
the complex challenges posed by the criminals of the new generation, who commit
modern crimes with the help of technology. The focal use of the net is to transfer files,
exchange mails, for video conferencing, and the latest to add to these various purposes
of communications is voice interface, these above mentioned forms of communications
are carried out between the computer and a distantly accessible host computer, this
form of communications becomes all the more important in the age where E–commerce
has become a inevitable means of doing business.

Jurisdiction

Territorial limitation on the internet becomes of peripheral nature in the virtual

medium as the web pages on the net can reach almost every province in the nation and
conceivably almost every nation on the globe. This is where the point of friction
between the cyber world and the territorial world begins as in the territorial world
there are limitations set up by the sovereignty of the nation which is not the case in the
cyber world. A judicial system can function effectively if it is well regulated; it is these
regulations that identify every functional aspect of the judicial system including the
jurisdiction of the courts. A court in order to deliver effective judgments must have
proper and well defined jurisdiction, as without a jurisdiction the court’s judgments
would be ineffective Jurisdictions are of two types namely, Personal and Subject Matter
jurisdiction, and for a judgment to be effective both these types must exist
contemporaneously. Further the conventional requirement as to a party can sue
 another is at the place where the defendant resides or where the cause of action arises.
This itself is the problem with Internet jurisdiction as on the net it is difficult to
establish the above two criteria’s with certainty. Issues of this nature have contributed
to the complete confusion and contradiction that plague judicial decisions in the area of
Internet jurisdiction.

The Future of Cyber-Crimes in India

 Continued Website Hacks and Defacements

 Data and Information theft

 Increasing phishing attacks on Ecommerce and Financial Websites

 Cybercriminals targeting Social and Professional Networks

 Threats directed at the Mobile Platform: Smartphones and Tablets

INTERNATIONAL CYBERCRIME

There is no commonly agreed single definition of “cybercrime”. Broadly speaking, it refers

to illegal internet-mediated activities that often take place in global electronic
networks Cybercrime is "international" or "transnational" – there are ‘no cyber-borders
between countries'. International cybercrimes often challenge the effectiveness of
domestic and international law and law enforcement. Because existing laws in many
countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes
on the Internet in order to take advantages of the less severe punishments or difficulties of
being traced. No matter in developing or developed countries, governments and industries
have gradually realized the colossal threats of cybercrime on economic and political
security and public interests. However, complexity in types and forms of cybercrime
increases the difficulty to fight back. In this sense, fighting cybercrime calls for
international cooperation. Various organizations and governments have already made joint
efforts in establishing global standards of legislation and law enforcement both on a
regional and on an international scale. U.S.-China's cooperation is one of the most striking
progress recently because they are the top two source countries of cybercrime.

Information and communication technology (ICT) plays an important role in helping

ensure interoperability and security based on global standards. General countermeasures
have been adopted in cracking down cybercrime, such as legal measures in perfecting
legislation and technical measures in tracking down crimes over the network,
Internet content control, using public or privateproxy and computer
forensics, encryption and plausible deniability, etc. Due to the heterogeneity of law
enforcement and technical countermeasures of different countries, this article will mainly
focus on legislative and regulatory initiatives of international cooperation.
Report Cyber Crime Costs Global Economy Up to $500B a Year.

Cyber evildoers are inflicting serious damage to the world’s already-sluggish economy.
According to a newly-released report sponsored by McAfee, global cyber activity is costing
up to $500 billion each year, which is almost as much as the estimated cost of drug
trafficking.

In the U.S. alone, the report estimates that cyber crime is the catalyst behind the loss of as
many as 500,000 jobs as companies grapple with the loss of coveted intellectual property,
confidential strategies that are snooped on, and suffer reputational harm.

“Extracting value from the computers of unsuspecting companies and government agencies
is a big business,” the 20-page report from McAfee and the Center for Strategic and
International Studies says.

“These losses could just be the cost of doing business or they could be a major new risk for
companies and nations as these illicit acquisitions damage global economic
competitiveness and undermine technological advantage," the report said.

McAfee, which is a unit of Intel (INTC), and CSIS said their work is the first research to use
actual economic modeling to forecast the financial costs of cyber crime.
These costs are only likely to rise as hacking continues to grow in size and intensity.

A report released last week by security firm Prolexic found that the number of distributed
denial of service (DDoS) attacks jumped 20% in the second quarter from the first quarter.
The average packet-per-second rate of these attacks surged 1,655% year-over-year to 47.4
million.
In recent years a slew of major U.S. companies have revealed being the victims of cyber
crime, including Google (GOOG), Facebook (FB), Apple (FB) and The New York Times Co.
(NYT).
Hackers have also set their sights on financial exchanges, targeting NYSE Euronext (NYX)
New York Stock Exchange and Nasdaq OMX Group (NDAQ).
The CSIS report estimates global cyber activity costs between $100 billion and $500 billion
each year, compared with $600 billion in costs associated with drug trafficking and $1
billion to $16 billion in costs tied to piracy..

Cyber crime also has a real impact on employment, which remains painfully low after the
worst economic crisis since the Great Depression.

Given that the Commerce Department estimated in 2011 that $1 billion in exports equaled
5,080 jobs, CSIS said the high end estimated cost of about $100 billion translates to
approximately 508,000 lost jobs, or a 0.33% decrease in employment.

“If workers displaced by cyber espionage do not find jobs that pay as well or better, the
victim country would be worse off,” the report said. “The effect of cyber espionage may be
to move workers from high paying blue-collar jobs into lower paying work or
unemployment.”

The report cautions that it is difficult to estimate the losses associated with cyber crime, in
part because it’s not known precisely how much malicious activity actually occurs as
companies and governments attempt to keep many events quiet.

“I’m glad there is an attempt to provide some metrics to this issue. The truth is, it is
impossible to quantify the damage to the U.S. economy due to malware attacks,” Dov Yoran,
CEO of malware analysis and threat intelligence firm ThreatGRID, said in an email. “Very
few organizations will talk about it even after they discover them.”
“How do you measure the long-term drain on the U.S. economy of intellectual property
syphoned off by the train loads? How do you measure losing major global projects across
various sectors of the economy?” said Yoran. “The truth is you can’t measure them, but
there is certainly an economic consequence of lost money and lost projects.”
 International Cyber Law
 G8

Group of Eight (G8) is made up of the heads of eight industrialized countries: the U.S., the
United Kingdom, Russia, France, Italy, Japan, Germany, and Canada.

In 1997, G8 released a Ministers' Communiqué that includes an action plan and principles
to combat cybercrime and protect data and systems from unauthorized impairment. G8
also mandates that all law enforcement personnel must be trained and equipped to
address cybercrime, and designates all member countries to have a point of contact on a
24 hours a day/7 days a week basis.

 United Nations
In 1990 the UN General Assembly adopted a resolution dealing with computer crime
legislation. In 2000 the UN GA adopted a resolution on combating the criminal misuse of
information technology. In 2002 the UN GA adopted a second resolution on the criminal
misuse of information technology.

 ITU

The International Telecommunication Union (ITU), as a specialized agency within the

United Nations, plays a leading role in the standardization and development of
telecommunications and cybersecurity issues. The ITU was the lead agency of the World
Summit on the Information Society (WSIS).

In 2003, Geneva Declaration of Principles and the Geneva Plan of Action were released,
which highlights the importance of measures in the fight against cybercrime.

In 2005, the Tunis Commitment and the Tunis Agenda were adopted for the Information
Society.

 Council of Europe

Council of Europe is an international organisation focusing on the development of human

rights and democracy in its 47 European member states.

In 2001, the Convention on Cybercrime, the first international convention aimed at

Internet criminal behaviors, was co-drafted by the Council of Europe with the addition of
USA, Canada, and Japan and signed by its 46 member states. But only 25 countries ratified
later. It aims at providing the basis of an effective legal framework for fighting cybercrime,
through harmonization of cybercriminal offences qualification, provision for laws
empowering law enforcement and enabling international cooperation.
 CHAPTER 4:
4.1 ANALYSIS OF FINDINGS

LATEST NEWS AND CONFERENCE

2013
 Second Roundtable Meeting on Cybercrime, EWI Brussels Office, October 2, 2013

 Europol - INTERPOL Cybercrime Conference, The Hague, September 24-25, 2013.

 EWI Working Group on Cybercrime Workshop, University of Lausanne, Switzerland,

September 4-5, 3013.

 Roundtable Meeting on Cybercrime, EWI Brussels Office, May 15, 2013

 Conference on Partnership between State, Civil Society and Business in the Field of
International Information Security, organised by Lomonoso, Moscow State University
Institute of Information Security Issues, Garmisch Partenkirchen, Germany, April 22-24,
2013.

 International Engagement on Cyber: Developing International Norms for a Safe, Stable &
Predictable Cyber Enviroment, Georgetown University, Washington DC, USA, April 10,
2013.

 ERA training course on legal and technical aspects of cybercrime for judges and prosecutors,
Trier, Germany, February 14-15, 2013.

 A conference on Identity Theft is organized in Oslo, Norway, February 12-13, 2013, by

NorSIS, Norway, in cooperation with Oberthur Technologies.

2012

 The 11th Annual Conference ICLN «Combating Cybercrime» in The Hague, December 13,
2012

 The Third EastWest Institute (EWI) Worldwide Cybersecurity Summit, New Dehli, India,
October 30 -31, 2012

 13th International Law Congress, Queenstown, New Zealand, September 12-16, 2012

 ERA Conference on Cybercrime, Milan, May 24-25, 2012

Popular Articles About Cybercrime (IN ECONOMIC TIMES)

Cyber-crime costs up to $500 billion to world economy

July 23, 2013 | PTI
WASHINGTON: Cybercrime costs the global economy between a whopping $100 billion and
$500 billion annually, according to a first-of-its-kind report quantifying the economic
impact of malicious cyber activity. The research by the security firm McAfee and the Center
for Strategic and International Studies (CSIS) also posits a $100 billion annual loss to the US
economy and as many as 508,000 US jobs lost as a result of cyber crime. To help measure
the real loss from...

Most stock exchanges see cyber-crime as systemic risk: Survey

July 17, 2013 | PTI
NEW DELHI: A majority of stock exchanges worldwide came under cyber attacks last year
and almost 90 per cent of them perceive such activities to be a potential systemic risk,
according to a survey. For the bourses, cyber-crimes -- whose nature is becoming more
complex -- could result in "massive financial and reputational impact," among other
adverse fallouts. The findings are part of the 2012-13 Cyber-Crime Survey jointly
conducted by the IOSCO Research Department...

Cybercrime cost India $8 billion in last 12 months: Norton

September 11, 2012 | PTI
NEW DELHI: More than 42 million people in India have fallen prey to cybercrime in the
past 12 months, suffering about $ 8 billion in direct financial losses, estimates a report by
security solutions firm Norton. The 'Norton Cybercrime Report 2012' found, based on
experiences of more than 13,000 adults across 24 countries (including 1,000 from India),
said direct costs associated with global consumer cybercrime are pegged at $ 110 billion
over the past twelve months. ...

76 pc Indians have fallen victim to cybercrime: Symantec

September 26, 2010 | PTI
NEW DELHI: India seems to be the worst affected nation online, with over three-quarters of
Indian web surfers having fallen victim to cybercrimes , including computer viruses, online
credit card fraud and identity theft, security solutions provider Symantec said. According to
a study titled 'Norton Cybercrime Report: The Human Impact', about 65 per cent of
Internet users globally have fallen victim to cybercrime, while the number is much higher
for India...

Laws Against Cyber Crime

Although each country has its own set of laws, these laws cannot be extended to deal with
cyber crime committed in another country. Many countries have yet to establish laws
against cyber crime, which makes it more difficult for officials to tackle cyber crime.
Moreover, most third-world countries lack the resources to deal with cyber crime. The
resources in this case include personnel with the skills and knowledge to handle cyber-
related offences, technology to track cyber criminals and finally the necessary legal
framework.

Role of The Interpol

The Interpol has a program that is structured to fight cyber crime. The program offers
training for personnel to handleemerging threats from all around the world. Essentially,
Interpol ensures that there is an adequate exchange of information among different
countries. As a result, the countries are able to share vital information on tackling cyber
crime in conferences and other organized meetings with the help of Interpol. Currently,
Interpol plays the biggest role in dealing with cyber crime in the world. Among other
things that the organization does to this end, Interpol assists its member countries with
investigations on cyber crime in the event of such attacks.

Most first-world countries have well established laws that help to prevent and punish
cyber criminals. At the same time, Google has also taken up the challenge of fighting
against cyber crime. Through its search capabilities, Google has turned the tables against
cyber criminals who use the Internet as the company uses its systems to expose the
criminals. In the United States, legislators are working on policies targeting the area of
cyber security, and hopefully these efforts will turn into laws that are effective in the near
future.

Cyber crime poses a big threat to both national and international security. Every country
in the world needs to have establish laws to protect itself from cyber crime. However, the
establishment of these laws alone is not enough, educating the masses against cyber crime
and strict enforcement of these laws is also necessary.

Cyber Laws in India

 Under The Information Technology Act, 2000

CHAPTER XI – OFFENCES – 66. Hacking with computer system.

Whoever with the Intent to cause or knowing that he is likely to cause Wrongful Loss or
Damage to the public or any person Destroys or Deletes or Alters any Information Residing
in a Computer Resource or diminishes its value or utility or affects it injuriously by any
means, commits hack.

Whoever commits hacking shall be punished with imprisonment up to three years, or with
fine which may extend up to two lakh rupees, or with both.

 Denial of Service section 43

 Virus: Section: 66, 43

 Data Alteration sec 66

 U/A Access Section 43

 Email Abuse Sec. 67, 500, Other IPC Sections

 Data Theft Sec 66, 65

CONCLUSION

As someone rightly said that “Bytes Are Replacing Bullets In The Crime World”. The
growth of cyber crime in India, as all over the world, is on the rise and to curb its scope and
complexity is the pertinent need today. Cyber space offers a plethora of opportunities for
cyber criminals either to cause harm to innocent people, or to make a fast buck at the
expense of unsuspecting citizens. India’s profile and wealth have risen enormously in the
world due to the constructive use of information technology. At the same time, India ranks
fifth in the world for cyber crime, according to a report last year by the U.S.-based Internet
Crime Complaint Center, a partnership between the Federal Bureau of Investigation and
the National White Collar Crime Center. Even under the IT Act, investigations in India are
not easy. This is mainly due to the lack of what is called “cyber forensics.” We know that
forensic evidence is important in normal criminal investigations. But the collection and
presentation of electronic evidence to prove cyber crimes have posed a challenge to
investigation and prosecution agencies and the judiciary.To sum up, India needs a good
combination of laws and technology, in harmony with the laws of other countries and
keeping in mind common security standards. In the era of e-governance and e-commerce, a
lack of common security standards can create havoc for global trade as well as military
matters

Hackers and cyber criminals have been around almost as long as computers have existed.
In recent decades, with advances in technology and the rise of the internet, cyber crimes
have evolved in unexpected ways. In today’s world, people spend as much, if not more, of
their day connected to the internet than they do without it. Cyber criminals have taken
advantage of this by exploiting e-commerce and violating intellectual properties both in the
United States and abroad. News viruses, hacking techniques, and criminals emerge every
day. In many cases, the legal system can not keep up, but it is trying. Initially, the internet
was compared to the wild west, with no rules or laws governing it. Now, cyber law is
beginning to catch up, and it is becoming increasingly harder to break the law online.
However, the system is not perfect, and it is still much easier to get away with a crime on
the internet than it is in real life. As we have seen by analyzing some of the most relevant
laws and cases related to these issues, some aspects of the law are working, and others are
not. Technology isn’t going anywhere, and people are continuing to spend more time (and
money) on the internet. Every time someone is online, they can be a target of a cyber
criminal. As we have discussed, current cyber law generally does a good job of catching
criminals when they are employers working within a victimized company. However,
criminals are harder to catch when they are unknown hackers working from anywhere in
the world. This is why it is essential to continue working with our foreign allies to
strengthen cyber laws not just in our country but in others.
Another area that needs work is law protecting intellectual property owners against online
piracy. Thousands of file sharing sites still exist because they operate in countries where
online piracy is legal. We need to focus on these countries and pressure them to make it
illegal for these websites to operate, especially when our citizens have access to them. We
can also help by cracking down harder on our own citizens who choose to use these sites to
download stolen content. Cyber crime and hacking is not going away, if anything it is
getting stronger. By studying past incidents, we can learn from them and use that
information to prevent future crime. Cyber law will need to change and evolve as quickly as
hackers do if it has any hopes of controlling cyber crime. Law must also find a balance
between protecting citizens from crime, and infringing on their rights. The great thing
about the internet is how vast and free it is. Will it be able to remain the same way while
becoming tougher on criminals? Only time will tell.

It can be seen that the threat of computer crime is not as big as the authority claim. This
means that the method s that they introducing to combat it represents an unwarranted
attack on human rights and is not proportionate to the threat posed by cyber-criminals.
Part of the problem is that there are no reliable statistics on the problem; this means that it
is hard to justify the increased powers that the Regulation of Investigatory Powers Act has
given to the authorities. These powers will also be ineffective in dealing with the problem
of computer. The international treaties being drawn up to deal with it are so vague that
they are bound to be ineffective in dealing with the problem. It will also mean the civil
liberties will be unjustly affected by the terms of the treaties since they could, conceivably,
imply that everybody who owns a computer fitted with a modem could be suspected of
being a hacker. The attempts to outlaw the possession of hacking software could harm
people who trying to make the internet more secure as they will not be able to test there
systems; therefore the legislation could do more harm than good.

Various organisations need to be pro-active against such crimes rather than re-active.This
could secure them to the best.
Recommendation

Most people are aware of the obvious aspects of cyber security, such as having an
appropriate firewall, up to date anti-spyware, and anti-virus software. But, there are
areas that even experienced computer users may fall prey to traps.

People should be aware of viruses, worms, Trojans, and spyware, which are arguably
the most dangerous parts in regards to the security of your computer. Whenever a
person visits a website, there are cookies that are posted to the person’s computer.
Later, trawlers can determine which websites a person visited and gather information
on that person. Visiting websites, such as porn sites greatly increases the risk to a
person’s computer security. Pop-ups are also dangerous. Some of them are set up to
look like a regular window, so when a user goes to close the window, it is actually a
button to download spyware. Thus it is recommended to use Alt + F4 function to close
the popup window. This way, the window is actually closed, without putting your
computer in peril. Examples of such perils include what is referred to as ‘keystroke
loggers’. Keystroke loggers are programs that can capture information about a person
when they use their computer. Imagine having this spyware on your computer. When
ordering products online, someone can view your credit card number, your name, and
expiration date. This can wreak havoc on your credit history, because disputes must
be filed within 60 days, and few people read their credit history that frequently. Even
when proper police forms are filled out, the victim may still incur the credit charges
that do not belong to them. The intended audience range from children to senior
citizens, both the novice and lay person to the experienced computer users and those
in academia. In the section on cyber bullying and stalking, Therefore it is
recommended that children to tell their parents of the situation to resolve it. . The
section on online dating advises senior citizens that a 20’s something younger man
may not really be after their hearts, but their wallets instead.

This are some of the instances and the list goes on. Thus In my recommendation to
prevent damage to your computer and personal information & data because of
increasing crimes in cyberspace now. This are some of the checks that people should
mandatorily should take care of:

 Don't click on links in suspicious emails, even those that appear to be from
friends. Emailed viruses and malware are the most prevalent cyberthreat of identity
theft. Just think of how many emails you've gotten in the last year that appeared to
be from friends whose email accounts were hijacked.

 Know how to recognize phishing. Your bank won't send you an email telling you
that your account has been compromised and asking you to provide sensitive
 account and personal information it already has. The FBI and Internal Revenue
Service won't do that either. These are phishing attempts.

 Recognize that your smartphone is really a pocket-size computer and is prone

to the same types of attacks directed at your laptop and desktop. Take steps to
protect it, such as keeping your operating system current and creating a strong
password.

 Keep your personal information to yourself. For instance, don't put your entire
birth date, including the year, on Facebook. Think about the security questions
normally posed by your bank and other secure locations: "first school you
attended," "name of favorite pet" and the like. Are your answers on display online?

 Know the pitfalls of public Wi-Fi.CreditCards.com says, "Avoid public wireless

Internet connections unless you have beefed-up security protection."

 Beware of public computers, too. For instance, Kiplinger says, "Don't access your
accounts or personal information on public hotel computers, which could have
software that logs keystrokes and records your passwords and account numbers."

 Use credit cards, rather than debit cards, when making purchases online. In case
of fraud, you'll get much better protection from liability with a credit card.

 Purchase only from reputable websites (and look for "https" in the Web address).
"It is really easy to create a fake online store or to create a store that sells stuff, but
its real purpose is to collect credit card information," former identity thief Dan
DeFelippi told CreditCards.com.
  Check your accounts and your credit reports regularly. Some experts
recommend that you check bank account and credit card activity every day. You can
pull a free credit report every four months from AnnualCreditReport.com to verify
that fraudulent accounts have not been created in your name.

How to prevent cyber crime ?

According to Forbes, there are two steps :

 Education and Training

 Securing Computers, Digital Assets, and Networking.

Advise

A SCOTTISH cyber crime expert has gone to the extent to advise online users to lie
about personal details to prevent identity theft. Dr Ian Ferguson a digital forensics
expert based at the University of Abertay has warned people to be careful about the
information they provide online. Giving out personal details such as date of birth on
the internet leaves online users open to crime. He said: “There was never any reason
why someone should tell the truth with birth dates or your mother’s maiden name –
it’s just a secret you can remember.” He also suggests lying about personal details on
social networking sites such as Facebook. The advice comes after the admission of
Google last week that they had copied household computer passwords and emails
while gathering images with its Street View cameras. Dr Ferguson said: “People think:
‘I’m being asked and I should tell the truth.’ But they don’t know the way the
information is being used and it’s the kind of data that can be relatively easy to find out
if someone wanted to commit identity fraud. “Giving a false birthday is a relatively easy
way to make yourself identity fraud proof. I’m sure some online banks have never
checked if you have entered your actual birthdate.”

The recommendations made by the university lecturer mean that a person would have
to remember alternative birth dates and any other fabricated details. Dr Ferguson
admitted that these may be more difficult to remember and if written down could pose
a security risk. Information security and data protection officer with business and IT
consultants Logica, Elaine McKinney said that “invented” data for social networking or
auction sites is adequate for authenticating an account. She said: “Service providers
need to get more imaginative about the data they request for people to gain access to
services and they need to decide whether it is adequate to authenticate or do they truly
need to identify the person.”
In contrast to Dr Ferguson, the Scottish Business Crime Centre, which launched a new
e-crime website last week, advises that people should not lie online. Assistant director
of the Crime Centre, Gary Ritchie, said: “I would never condone lying. I don’t think you
should ever give false details over the internet. “If we are going to do this properly, you
need to challenge the provider why they want a particular piece of information, what
they intend to do with that, and how they intend to keep it safe. If they cannot answer
those questions, then I would not use that service.”
Bibliography

Website

 www.cybercrime.org

 cybercrimeindia.org

 en.wikipedia.org/wiki/computer_crime

 laws-on-cyber.rapidfinder.co.in/

Books

 Cyber power & National security

By Franklin D Kramer

Publication year 2009

 Cyber crime in India.

By Dr M Dasgupta

Publication year 2009