Introduction

to Cyber
Security
(BETCK105I)
Module 1
Dept. of CSE
The National Institute of
Engineering
Introduction
• Cyber is an adjective or prefix that means relating to computers,
computer networks, or the internet. For example, "cyberspace" is an
electronic medium where online communication takes place.
•
Cybersecurity is a critical business issue for organizations, and it's a
combination of physical and cyber security that protects against
unauthorized access to data centers and other computerized systems
• A cybercrime is explained as a type of crime that targets or uses a computer or a group of computers
under one network for the purpose of harm.
•
• Cybercrimes are committed using computers and computer networks. They can be targeting
individuals, business groups, or even governments.
•
• Investigators tend to use various ways to investigate devices suspected to be used or to be a target
of a cybercrime.
Who are The Cybercriminals?

• A cybercriminal is a person who uses his skills in technology to do malicious acts and illegal activities
known as cybercrimes. They can be individuals or teams.
•
• Cybercriminals are widely available in what is called the “Dark Web” where they mostly provide their
illegal services or products.
•
• Not every hacker is a cybercriminal because hacking itself is not considered a crime as it can be used
to reveal vulnerabilities to report and batch them which is called a “white hat hacker”.
•
• However, hacking is considered a cybercrime when it has a malicious purpose of conducting any
harmful activities and we call this one “black hat hacker” or a cyber-criminal.
Cybercriminals can be individuals who are trading in illegal online content or
scammers or even drug dealers.

So here are some examples of cybercriminals:

- Black hat hackers
- Cyberstalkers
- Cyber terrorists
- Scammers
• Cyber criminals may commit cyber crimes for a variety of reasons,
including:
•
Financial gain
• Access to sensitive data
• Intellectual property theft
• Identity theft
• Network penetration
• Ransomware
• Cyber extortion
• Cybercrime: A crime conducted in which a computer was directly and
significantly instrumental.
• Vulnerability:A vulnerability is a weakness that can be
exploited by cybercriminals to gain unauthorized access to
a computer system.
• Malicious:Malicious activity in cyber crime refers to any harmful
action that threatens the public's safety, national security, or
economic security. Malicious cyber activity can include
 • Cybercrime: Definition and Origins of the
Word
• Cybercrime and Information Security
• Who are Cybercriminals?
Agenda • Classifications of Cybercrimes
• Cybercrime: The Legal Perspectives
• Cybercrimes: An Indian, Perspective
• Cybercrime and the Indian ITA 2000
• A Global Perspective on Cybercrimes
Cybercrime: Definition and Origins of the Word

• Growth of Internet and

unrestricted access (billions of
devices)
• Cybercrime, is it new? First
recorded crime in 1980.
• Situation is India is not better.
 Definition

• A crime conducted in which a computer was directly

and significantly instrumental.

Alternative definitions
Definition and • Any illegal act where a special knowledge of
Origins of the computer technology is essential for its perpetration,
investigation pr prosecution.
Word • Any traditional crime that has acquired a new
dimension or order of magnitude through the aid of a
(Continued) computer, and abuses that have come into being
because of computer.
• Any financial dishonesty that takes place in a
computer environment.
• Any threats to the computer itself, such as theft of
hardware/software, sabotage and demands for
ransom.
 • Cybercrime is any illegal behaviour, directed by
means of electronic operations, that targets the
security of computer systems and the data
processed by them.
Definition • A crime committed using computer and the Internet
to steal a person’s identity or sell contraband or
and Origins stalk victims or disrupt operations with malevolent
programs.
of the Word • Crimes completed either on or with a computer.
(Continued) • Any illegal activity done through the Internet or on
the computer.
• All criminal activities done using the medium of
computers, the Internet, cyberspace and the WWW.
 • Synonyms: Computer-related crimes,
Computer crime, Internet crime, E-crime,
High-tech crime, etc.
Definition • Opportunities for exploitation due to
and Origins weakness in information security because of
exponential growth of Internet connection.
of the Word • Cybercrime may be internal or external.
(Continued) • Two types of attacks:
• Techno-crime
• Techno-vandalism
 Techno-crime
• Premeditated act against a system/s, with
the intent to copy, steal, prevent access,
Definition corrupt, deface or damage parts of the
computer system.
and Origins • 24x7 Internet connection makes this possible
for trained personals.

of the Word Techno-vandalism

(Continued) • Brainless defacement of websites, copying
files and publicizing contents and are
opportunistic in nature.
• Tight internal security and safeguards can
prevent it.
Techno crime, also known as cybercrime, is a type of crime that uses
technology to attack computers or computer networks:

• Malware: Malicious software that can infiltrate a computer system or mobile device to steal information or damage
data. Examples of malware include banking trojans, ransomware, and phishing.
• Denial of service attacks: An attack that targets a computer network.
• Fraudulent use of automated teller machines: A type of computer crime.
• Credit card fraud: A type of computer crime.
• Telecommunications fraud: A type of computer crime.
• Software piracy: A type of computer crime.
• Black marketeering: A type of computer crime.
• Theft of computer equipment: A type of computer crime.
• Phishing: Criminals send emails that appear to be from legitimate businesses, but are actually fraudulent.
• Harassment: Cyberstalkers use electronic communication to stalk and harass people.
• Ransomware: Cyber criminals install malicious software that holds important information hostage until the victim pays a
ransom.
• cyber vandals may deface a website (such as Wikipedia), create
malware that damages electronic files or elements that interrupt its
normal utilization, or remove a disk drive to disable a computer
system.
•Malware: Malicious software that damages computer elements. Malware can cause a distributed denial of service (DDoS)
attack, which is when a website is flooded with traffic until it crashes.
•DDoS attacks:The most common type of cyber vandalism, where a website is flooded with traffic until it crashes.
•Cyberstalking:A type of cyber-harassment that involves targeted and repeated intimidation, threats, and harassment
directed toward one person.
• Cyberterrorism:The act of using the internet to cause harm and damage, often in a way that causes mass panic or fear. For
example, using a computer to cause a power outage.
•Phishing:A social engineering attack that targets the user and tricks them by sending fake messages and emails.
•Hacking:Malicious hacking involves stealing login information and passwords to access corporate or personal data.
• Ransomware:A serious threat to individuals and organizations, with more advanced attack methods forcing payouts from
victims.
• Identity theft:Occurs when someone unlawfully obtains another individual's personal information and uses it to commit
theft or fraud.
 • Cybercrimes differ from terrestrial crimes in
following ways:
• How to commit them is easier to learn.
• They require few resources relative to the
potential damage caused.
Definition • They can be committed in a jurisdiction without
being physically present in it.
and Origins • They are often not clearly illegal.
of the Word • Cyberterrorism
(Continued) • Any person/group, with terrorist intent, utilizes
access or aids in accessing a computer/network
/electronic system by any means and engages
in/attempts to engage in a terrorist act.
• Cyberterrorists try to cause damage to the
intangible sensitive information.
 Lack of information security can significantly contribute to the rise of cybercrimes
in several ways:
1.Vulnerabilities: Without proper security measures, systems and networks are
more vulnerable to attacks. Cybercriminals can exploit these vulnerabilities to gai
n unauthorized access, steal data, or disrupt services.
2.Data Breaches: Inadequate security can lead to data breaches, where sensitive
information such as personal details, financial data, and login credentials are exp

Cybercrime osed. This information can be used for identity theft, fraud, and other malicious a
ctivities.
3.Phishing Attacks: Poor security practices can make it easier for cybercriminals t

and o carry out phishing attacks, tricking users into providing sensitive information thr
ough fake websites or emails.
4.Malware and Ransomware: Lack of security can allow malware and ransomwar

Information e to infiltrate systems, encrypting data and demanding ransom payments for its r
elease.
5.Insufficient Monitoring: Without proper monitoring and detection systems, cy

Security berattacks can go unnoticed for longer periods, allowing attackers to cause more
damage.
6.Weak Passwords: Inadequate security often includes the use of weak password
s, making it easier for attackers to guess or crack them.
7.Outdated Software: Failing to keep software and systems up to date with the la
test security patches leaves them open to known vulnerabilities that cybercrimin
als can exploit
• Indian Information Technology Act (ITA 2008) defines Cybersecurity as “protecting
information, equipment, devices, computer, computer resource, communication device
and information stored from unauthorized access, use, disclosure, disruption,
modification or destruction”.
❑Provide legal recognition for electronic transactions
❑Make electronic records legally binding
❑Reduce cybercrime
❑Facilitate safe online transactions
❑Amend the Indian Penal Code, the Indian Evidence Act, and other acts .
• Financial losses
• Difficult to predict the value of corporate data, usually approximated.
• Most organizations restrain from reporting incidents of cybercrimes.
 • Cybercrimes involves credit card fraud,
cyberstalking, defaming others online,
unauthorized access, ignoring copyrights,
software licensing, overriding encryption to
make illegal copies, software piracy, stealing
Who are identity, etc.
cybercriminals? • They can be categorized into three
categories:
• Type I: Cybercriminals – hungry for recognition
• Type II: Cybercriminals – not interested in
recognition
• Type III: Cybercriminals – the insiders
 Type I: Cybercriminals – hungry for recognition
• Hobby hackers
• IT professionals (social engineering)
• Politically motivated hackers
• Terrorist organizations
Type II: Cybercriminals – not interested in recognition
Who are • Psychological perverts
• Financially motivated hackers (corporate espionage)
cybercriminals? • State-sponsored hacking (national espionage,
(Continued) sabotage)
• Organized criminals
Type III: Cybercriminals – the insiders
• Disgruntled or former employees seeking revenge
• Competing companies using employees to gain
economic advantage
Type I cybercriminals are those who are hungry for recognition and seek fame for their
action.
This category includes:
a. Hobby hackers: A person who enjoys exploring the limits of what is possible in the
spirit of play full cleverness
b. IT professionals: ethical hacker
c. Politically motivated hackers: promote the objective of individuals groups or Nation
supporting a variety of causes such as anti-globalization transitional conflict and
protest.
d. Terrorist organizations: cyber terrorism terrorist using the internet for attacks, large
scale destruction of computer networks
• type II cybercriminals are those who are not interested to seek and
recognition and seek fame for their action. This category includes:
a. Psychological perverts: Express sexual Desire deviate from normal
behaviour
b. Financially motivated hackers: make money from cyberattacks: bots
for hire; fraud through phishing information theft, spam and extortion.
c. State actors: Extremely professional groups working for
governments.
d. Organized criminals: have the ability to worm into the network of
media, major corporations and different departments
• Type III cybercriminals are the insiders or internal attackers like:
a. former employees seeking revenge
b. Competing companies using employees to gain economic advantage
through the damage for theft.
 Cybercrimes against individual.

Cybercrimes against property.

Classification
Cybercrimes against organization.
of
Cybercrimes
Cybercrimes against society.

Cybercrimes emanating from Usenet

newsgroup.
 • Cybercrimes against individual
• Email Spoofing and online fraud
Classification • Phishing
•
of •
Spamming
Cyberdefamation
Cybercrimes • Cyberstalking and harassment
(Continued) • Computer sabotage
• Pornographic offenses
• Password sniffing
Examples of Cybercrime against Individual

• 1. Phishing and Scam:

Phishing is a sort of social engineering attack and cybercrime against an individual where the
attacker deceives them by sending phony messages and emails in order to get sensitive information
about the user or to attempt to download malicious software and exploit it on the target machine.
• 2. Theft of Identity:
Identity theft happens when a cybercriminal utilizes another person’s personal information, such as
credit card details or personal photographs, to perpetrate fraud or a crime without their permission.
• 3. Ransomware Infection:
Ransomware attacks are a sort of cybercrime against individuals that is fairly widespread. It is a sort
of virus that may restrict users from accessing all of their personal data on the device by encrypting
it and then demanding a ransom to get access.
• 4. Malware Attacks:
These are cyber crimes against individuals who use cell phones with internet access and are
sometimes tracked for their location, online searches, usernames, and passwords input on their
devices, webcams, and so on.
• 5. Cyberstalking:
Cyberstalking is a type of cybercrime against an individual where someone follows
somebody on social media, online websites, or search engines, exposing the user to
a barrage of online messages or emails threatening his or her safety.
• 6. Social Media Hacking:
Hacking on social media is a cybercrime against an individual when someone
creates a phoney account and gains the followers or friends of the general public.
This then provides the false account the ability to send out mass emails to inboxes.
• 7. Web Jacking:
Digital marketing has become the new normal, enticing firms to create their own
websites. More website traffic suggests that more people are aware of their
products/services/brands.
 • Cybercrimes against organization
• Unauthorized accessing of computer
• Password sniffing
• Denial-of-service attacks
• Virus attack/dissemination of viruses
Classification • E-mail bombing
of • Salami attack
• Logic bomb
Cybercrimes • Trojan horse
(Continued) • Data diddling
• Crimes emanating from Usenet newsgroup
• Industrial espionage
• Computer network intrusions
• Software piracy
• A password sniffer is a software application that scans and records
passwords that are used or broadcasted on a computer or network
interface. It listens to all incoming and outgoing network traffic and
records any instance of a data packet that contains a password.
• A denial-of-service (DoS) attack is a cyber attack that aims to make a
network resource or machine unavailable to its intended users. The
attacker does this by flooding the target with illegitimate requests,
which can cause the target to become unresponsive, slow, or
inaccessible
1.Virus attack/dissemination of viruses: A virus is a type of malicious software that, when executed
, replicates itself by modifying other computer programs and inserting its own code. It spreads by at
taching itself to legitimate programs or documents, and can cause various types of damage, from co
rrupting data to stealing information.

2.Email bombing: This is a form of cyber attack where an attacker sends a massive volume of emails
to a specific email address with the intent to overflow the mailbox and overwhelm the mail server.
This can disrupt the normal functioning of the email system and potentially cause downtime.

3.Salami attack: This is a type of cybercrime where small, seemingly insignificant amounts of money
or data are stolen over time. The name comes from the idea of slicing off thin pieces of data or fun
ds, much like slicing a salami, which can accumulate to a significant amount over time.
4.Logic bomb: A logic bomb is a piece of code intentionally inserted int
o a software system that triggers a malicious function when specific co
nditions are met. For example, it might be programmed to delete files o
n a certain date or when a particular user is logged in

5.Trojan horse: A Trojan horse is a type of malware that disguises itself

as legitimate software to trick users into installing it. Once installed, it c
an perform a variety of malicious activities, such as stealing data, creati
ng backdoors for remote access, or even downloading additional malw
are
6.Data diddling: This involves the manipulation of data with malicious intent, such as changing, dele
ting, or inserting false data into a system. It is often done to gain fraudulent benefits or to disrupt op
erations.
7.Crimes emanating from Usenet newsgroups: Usenet newsgroups were early internet discussion f
orums where users could post messages on various topics. Some newsgroups became hubs for illeg
al activities, such as sharing pirated software, distributing malware, or coordinating cyber attacks.
8.Industrial espionage: This involves the theft of trade secrets, proprietary information, or intellectu
al property from companies by competitors or foreign entities. It can be done through cyber attacks,
physical infiltration, or social engineering.
9.Computer network intrusions: These are unauthorized access to computer networks with the inte
nt to steal data, disrupt services, or cause damage. Intrusions can be carried out using various meth
ods, including malware, phishing, or exploiting vulnerabilities in software.
10.Software piracy: This is the unauthorized copying, distribution, or use of software. It can involve
downloading cracked versions of software, sharing license keys, or using counterfeit copies.
 • Cybercrimes against property
• Credit card frauds
• Intellectual Property (IP) crimes
Classification • Internet time theft
• Cybercrimes against society
of • Forgery
Cybercrimes • Cyberterrorism
(Continued) • Web jacking
• Cybercrimes emanating from Usenet groups
• Carry offensive, harmful, inaccurate, deceptive
material.
1.Sony Pictures Hack (2014): This highprofile cyberattack involved hackers infiltrating Sony Pictures Entertainm
ent's network, stealing and leaking sensitive data, including employee information and unreleased films. The at
tack caused significant financial and reputational damage to the company.
2.Equifax Data Breach (2017): Hackers exploited a vulnerability in Equifax's system, gaining access to the perso
nal information of approximately 147 million people. The breach included sensitive data such as Social Security
numbers, birth dates, and addresses, leading to widespread identity theft and financial fraud.
3.Target Data Breach (2013): Cybercriminals gained access to Target's network through a third-
party vendor, stealing credit and debit card information of over 40 million customers. The breach resulted in sig
nificant financial losses and damage to Target's reputation.
4.Yahoo Data Breaches (2013-
2014): Yahoo experienced two major data breaches, compromising the personal information of over 3 billion u
ser accounts. The stolen data included names, email addresses, phone numbers, and security questions, leadin
g to widespread identity theft and financial fraud.
5.Marriott Data Breach (2018): Hackers gained unauthorized access to Marriott's Starwood guest reservation
database, compromising the personal information of approximately 500 million guests. The breach included se
nsitive data such as passport numbers, credit card information, and travel details.
 • E-mail Spoofing
• One that appears to originate from one source
but actually has been sent from another source.
Classification • Spamming
of •
•
Electronic spam.
Sending unsolicited bulk messages.
Cybercrimes • Advertisers use it.
(Continued) • CAN-SPAM Act of 2003 (It gives recipients the
right to easily request that a business stop
sending them emails and outlines penalties for
violations.)
 • Spamming (Continued)
• Search engine spamming.
• Alteration or creation of a document with the intent to
deceive an electronic catalog.
• Authors use subversive techniques to ensure that their
Classification site appears more frequently.
• Web publishing techniques to be avoided are:
of • Repeating keywords
• Use of unrelated keywords
Cybercrimes • Use of fast meta refresh
• Redirection
(Continued) • IP cloaking (show different sides to different IPs)
• Use of coloured text on same colour backgrounds
• Tiny text usage
• Duplication of pages with different URLs
• Hidden links
• Use of different pages that bridge to the same URL
 • Cyberdefamation
• Defamation is the general term for a legal claim
Classification involving injury to one's reputation caused by a
false statement of fact and includes both libel
of (defamation in written or fixed form) and
slander (spoken defamation).
Cybercrimes • If this happens online (electronic form), then it is
known as Cyberdefamation.
(Continued) • Something is posted on social media site,
website or an email is sent with defamatory
contents.
 • Cyberdefamation (Continued)
• According to IPC Section 499:
• Applicable even to deceased person (family and
relatives are hurt).
• Defamation of company or association or group
Classification of people.
• Imputation (Accusation) in the form of an
of alternative or expressed ironically.
• Anything that lowers the moral or intellectual
Cybercrimes character of person, lowers respect with respect
to caste or body of the person.
(Continued) • Even if there is no damage to a person’s
reputation, the person who made the
allegations may still be held responsible for
defamation.
 • Cyberdefamation (Continued)
Classification • Balance between right to an unimpaired
of reputation and the right to freedom of
expression.
Cybercrimes • One may not even encounter a person or a
(Continued) company and may defame using Internet.
 • Internet Theft Time
Classification • Unauthorized person uses the Internet hours
paid for by another person.
of • Person gets access to someone else’s ISP user ID
Cybercrimes and password without legit user’s knowledge.
• It comes under Identity Theft and come can be
(Continued) identified by frequency of recharge.
 • Salami Attack / Salami Technique
• Financial crime, make alteration so insignificant
Classification that in a single case if would go completely
unnoticed.
of • Example: A bank employee executes a program
Cybercrimes on bank server to deduct Rs. 2 from all bank
accounts and transfer this to his account. If there
(Continued) were 10 Lakh account holder then the total
amount stolen will be Rs. 20 Lakh.
• What is this is repeated every month?
 • Data Diddling
• Altering raw data just before it is processed by a
computer and then changing it back after the
Classification processing is completed.
• Electricity boards example.
of • Forgery
Cybercrimes • Counterfeit currency notes, postage and
(Continued) revenue stamps, marksheets etc, using
computers, printers and scanners.
• Booming business because of monetary amount.
 • Web Jacking
• Someone forcefully takes control of a website.
• Password is sniffed and the actual owner has no
Classification control over the website.

of • Newsgroup spam/Crimes emanating from

Usenet Newsgroup
Cybercrimes • Excessive multiple posting (EMP).
(Continued) • Google groups because of all userbase.
• The first ever Usenet spam was “Global alert for
all: Jesus is coming soon”.
 • Industrial Spying / Espionage
• Spying is not limited to Govt, corporations aften
spy on the enemy (Competitors).
• Information about product finances, research
and development, and marketing strategy.
Classification • Public availability of trojans and spyware
of materials, even low-skilled individuals can
generate high profit from Industrial spying.
Cybercrimes • These are targeted attacks.
• Organizations keep quite to avoid negative
(Continued) publicity.
• Israeli Trojan story: London based software
developer created a trojan to extract critical data
gathered from machines infected by this.
• Sold this trojan to companies in Israel.
 • Hacking
• Purpose of hacking
• Greed, Power, Publicity, Revenge, Adventure, Desire
to access forbidden information, Destructive mindset
Classification • Act committed toward breaking into a
computer/ network is hacking and it is an
of offense.
Cybercrimes • Write programs or use ready made programs.
• Desire to destruct, enjoyment, monetary gains,
(Continued) extort money from corporates.
• Hackers, crackers, phrackers.
• “Hack” – elegant, witty or inspired way of doing
anything, originated from MIT.
 • Online Frauds
• Spoofing website, Email security alerts, hoax
emails about virus threats.
• Fraudsters create authentic looking websites
Classification that are spoof.
• Makes user to enter their personal and bank
of information.
• Email spoofs – Link to spoofed sites, users enter
Cybercrimes username and password thinking it is legit site.
(Continued) • Virus hoax email, warnings may be genuine, but
verify link before clicking on it.
• Lottery frauds, deposit processing fee.
• Spoofing – illegal intrusion, posing as a genuine
user.
 • Pornographic Offenses
• Child pornography – visual depiction, including
but not limited to:
Classification • Any photograph considered as obscene, noy suitable
for child viewer.
of • Film, video, picture.
• Computer-generated picture, use of minor engaging
Cybercrimes in sexually explicit conduct.
• Abusers are using Internet to reach children
(Continued) online.
• Pedophiles are people who physically or
psychologically coerce minors to engage in
sexual activities.
 • Pornographic Offenses (Continued)
• Pedophiles operate as follows:
1. Use false identity to trap children/teenagers.
2. Seek children online (Online gaming arenas)
Classification 3. They befriend children/teens.
of 4. Extract personal information after gaining their
confidence.
Cybercrimes 5. Start other mode of communication, email,
(Continued) phone, etc.
6. Send pornographic images/text including child
pornographic images to create an illusion that
it is normal.
7. Meet them and sexually exploit them.
 • Pornographic Offenses (Continued)
Classification • Irony of digital world, how to identify and avoid
of such people online?
• Parents and children must be educated about
Cybercrimes the dangers and consequences of such acts.
• Children’s Online Privacy Protection Act (COPPA).
(Continued) • Software to block such sites.
 • Software Piracy
• Theft of software through the illegal copying of
genuine programs of the counterfeiting and
distribution of products intended to pass for the
Classification original.
• End-user copying, hard-disk loading with illicit
of means, counterfeiting, illegal downloads from
the Internet.
Cybercrimes • Illegal copies:
(Continued) • Untested software
• May contain hard-disk infecting virus.
• No technical support in case of failure.
• No warranty protection.
• No legal right to use the product.
 • Computer Sabotage
• Use of the Internet to hinder the normal
Classification functioning of a computer system by introducing
of worms, viruses or logic bombs.
• Gain economic advantage, promote illegal
Cybercrimes activities, steal data for extortion.
• Logic bombs are event dependent programs,
(Continued) created to do something only when a certain
event occurs.
 • Email Bombing
• Sending large number of emails to the victim to
crash victim’s email account or to make victim’s
mails servers crash.
• Computer program to repeat this task on a
Classification regular basis.
• Usenet Newsgroup as the Source of
of Cybercrimes
• Usenet is means of sharing and distributing
Cybercrimes information on the web with respect to different
topics.
(Continued) • Distribution/sale of pornographic material.
• Distribution/sale of pirated software packages.
• Distribution of hacking software.
• Sale of stolen credit card numbers.
• Sale of stolen data/stolen property.
 • Computer Network Intrusions
• Hackers can break into computer systems from
anywhere in the world and steal data, plant
viruses, create backdoors, insert trojan horses,
Classification etc.
of • Capture login id and password using program.
• Strong password and frequently change it.
Cybercrimes • Password Sniffing
(Continued) • Programs that monitor and record the name and
password of network users as they login.
• Use these credentials to access restricted
documents.
 • Credit Card Frauds
• Security of cardholder data has been one of the
biggest issues among on the payment card
industry.
Classification • Millions of dollars are lost.
• Large database breaches.
of
• Identity Theft
Cybercrimes • Fraud involving other person’s identity for an
(Continued) illicit purpose.
• Obtaining credit, stealing money from victim’s
bank, credit card access, utility companies,
renting apartment, etc.
 • In most cybercrimes, computers and other
Classification devices are used as follows:
of • Used as tool for committing cybercrimes.
• Crime involving attack against the computer.
Cybercrimes • Use for storing information related to
(Continued) cybercrime/info useful for committing
cybercrime.
 Cybercrime: The Legal Perspectives
Cybercrime: Criminal Justice Resource Manual (1979): any illegal act for which knowledge of
computer technology is essential for a successful prosecution.
International legal aspects study: encompass any illegal act for which knowledge of computer
technology is essential for its perpetration.
Cybercrime is an outcome of Globalization, globalized information systems.

One of the most globalized threat to the present and to the future.

Solution 1: Divide the information systems into segments bordered by state boundaries.

Solution 2: Incorporate legal system into an integrated entity obliterating these state
boundaries.
 India is the 2nd largest Internet user in the world.

Medium age is in 30s and most of the mobile users

use Internet.

Cybercrimes: Cybercrimes have also increased, and majority of

these crimes are committed by people aged 18 to 30.
An Indian Cybercrime police and Economic Offenses Wing.
Perspective
More and more police personals are being trained.

Handling a cybercrime case is different from handling

a traditional crime case.
 Cybercrime and the Indian ITA 2000
Section Offence Penalty
65 Tampering with computer source documents Imprisonment up to three years, or/and with fine up to ₹200,000
66 Hacking with computer system Imprisonment up to three years, or/and with fine up to ₹500,000
Receiving stolen computer or communication
66B Imprisonment up to three years, or/and with fine up to ₹100,000
device
66C Using password of another person Imprisonment up to three years, or/and with fine up to ₹100,000
66D Cheating using computer resource Imprisonment up to three years, or/and with fine up to ₹100,000
66E Publishing private images of others Imprisonment up to three years, or/and with fine up to ₹200,000
66F Acts of cyberterrorism Imprisonment up to life.
Publishing information which is obscene in
67 Imprisonment up to five years, or/and with fine up to ₹1,000,000
electronic form.
Imprisonment up to seven years, or/and with fine up
67A Publishing images containing sexual acts
to ₹1,000,000
Imprisonment up to five years, or/and with fine up to ₹1,000,000
Publishing child porn or predating
67B on first conviction. Imprisonment up to seven years, or/and with
children online
fine up to ₹1,000,000 on second conviction.
 Cybercrime and the Indian ITA 2000 (Continued)
Section Offence Penalty
67C Failure to maintain records Imprisonment up to three years, or/and with fine.
Imprisonment up to 2 years, or/and with fine up
68 Failure/refusal to comply with orders
to ₹100,000
69 Failure/refusal to decrypt data Imprisonment up to seven years and possible fine.
Securing access or attempting to secure access to a
70 Imprisonment up to ten years, or/and with fine.
protected system
Imprisonment up to 2 years, or/and with fine up
71 Misrepresentation
to ₹100,000
Imprisonment up to 2 years, or/and with fine up
72 Breach of confidentiality and privacy
to ₹100,000
Disclosure of information in breach of lawful Imprisonment up to 3 years, or/and with fine up
72A
contract to ₹500,000
Publishing electronic signature certificate false in Imprisonment up to 2 years, or/and with fine up
73
certain particulars to ₹100,000
Imprisonment up to 2 years, or/and with fine up
74 Publication for fraudulent purpose
to ₹100,000
 • Broad meaning of cybercrime provided by
Council of Europe’s Cyber Crime Treaty.
• Cybercrime is used as an umbrella term to refer
A Global to an array of criminal activity including offenses
against computer data and systems, computer-
Perspective on related offenses, content offenses and copyright
offenses.
Cybercrimes • Anti-spam legislation, technical solutions by ISPs
and end users.
• Growing spam usage for fraudulent activities,
masquerading trusted companies.
• International cooperation for the anti-spam law.
 • Cybercrime and the extended enterprise
• Average user is not adequately educated to
understand the threats and how to protect
oneself.
A Global • Threats and opportunities that “connectivity”
Perspective on and “mobility” presents.
• Extended enterprise: A company is not just
Cybercrimes made of its employees, board members and
(Continued) executives, but also its business partners,
suppliers and customers.
• It can be successful if all entities have the
information needed to do business.
• Interconnected for seamless flow of
information.
• Global cybersecurity can be achieved using
coordinated efforts.
 • Cybercrime era: Survival Mantra for the
Netizens
• Netizens are Internet users, has a
A Global considerable amount of online presence.
• 5P mantra – Precaution, Prevention,
Perspective on Protection, Preservation, Perseverance.
Cybercrimes • Stranger is danger.
(Continued) • Protect customer’s data, employee’s
privacy and company.
• Matters of cybercrimes must be
immediately reported.
• Users must save electronic information
trail on their computers.
• ITA 2000 and its abuse.