Workshop on “Cyber Crime” Wednesday, 18th June 2010 - Hotel Bristol, M.G. Road, Gurgaon Session II- Overview of Cyber crimes , data thefts and identity thefts By Karnika Seth Managing Partner, SETH ASSOCIATES Presentation plan
Wednesday, 18th June 2010 - Hotel Bristol, M.G. Road, Gurgaon
Session II- Overview of Cyber crimes , data thefts and identity thefts
By Karnika Seth
Managing Partner, SETH ASSOCIATES
Source: Government Accountability Office (GAO), Department of Homeland Security's (DHS's) Role in Critical Infrastructure Protection (CIP) Cybersecurity, GAO-05-434 (Washington, D.C.: May, 2005).
- Paul Judge, Senior Vice President and chief Technology Officer, Secure Computing
-Chris Rouland- Chief Technology Officer, IBM Internet security Systems and IBM Distinguished Engineer
The typical lifecycle of spam that originates from a botnet:(1) Spammer's web site (2) Spammer (3) Spamware (4) Infected computers (5) Virus or trojan (6) Mail servers (7) Users (8) Web traffic
EMERGING CHALLENGE: SECURITY AND SAFETY IN CYBERSPACE by Richard O. Hundley and Robert H. Anderson in IEEE Technology and Society, pp. 19–28 (Winter 1995/1996).
“In this cyberspace world, the distinction between “crime” and “warfare” in cyberspace also blurs the distinction between police responsibilities, to protect societal interests from criminal acts in cyberspace, and military responsibilities, to protect societal interests from acts of war in cyberspace.”
Jon Ramsey, chief technology officer for Secure Works attributes increasing cyber warfare activity to the following:
According to the section 2 of Information Technology Act,
“Data” means a representation of information, knowledge, facts, concepts or instruction which are being prepared or have been prepared in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.
“Data Theft”- It is the term used when any information in the form of data is illegally copied or taken from a business or other individual without his knowledge or consent.
Most offences introduced by the 2008 amendments prescribe punishment of upto 3 yrs , fine of one lac/2 lac
For hacking term of imprisonment remains upto 3yrs but fine increased from 2 lakhs to 5 lacs
In S.67 imprisonment term reduced from 5 yrs to three yrs. Fine increased from one lac to 5 lacs.
Most Offences are cognisable but bailable
This is a new challenge for cyberlaw enforcement authorities- need quick action by trained investigators to collect and preserve evidence as probability of tampering increases .
Applicable to communications made through cell phones ,PDAs
Conferred legal validity and recognition to electronic documents & digital signatures
Legal recognition to e-contracts
Set up Regulatory regime to supervise Certifying Authorities
Laid down civil and criminal liabilities for contravention of provisions of IT Act,2000
Created the office of Adjudicating Authority to adjudge contraventions
IT Act is a special law, most IT experts are of common consensus that it does not cover or deal specifically with every kind of cyber crime
Protection of corporate networks