CYBER CRIMES

A study on internet crimes

G. Haritha (II B. Tech, CSIT)
G. Sushma Reddy (II B. Tech, CSIT)
G. PULLAREDDY ENGINEERING COLLEGE, KURNOOL
haritha9009@gmail.com, sushmareddy135@gmail.com
Abstract— There are different types of crimes commerce, which are the new mantras and
in our society. The new breed of crime, which iselectronic transactions and dominate the overall
either perpetrated using computers, or is business paradigm. In this rapidly evolving e-
otherwise related to them, is broadly termed as world that depends on free flowing information,
Cyber Crime. The term “cyber crime” is a broad security is the major problem to be considered.
term that is usually applied to a broad range ofSecurity on Internet is challenging. Security on
crimes in which computers are, in some manner, an Internet is important because information has
involved. This term, however, is vague and significant value. Implementing security
actually refers to a collection of dissimilar involves assessing the possible threats to one’s
forms of criminal conduct that are powered by network, servers and information. The goal is
different motives. Cyber crime is becoming ever then to attempt to minimize the threat as much
more serious. In this paper, we define differentas possible. This developing world of
types of cyber crimes and criminals and reasons information technology has a negative side
for the occurrence of these crimes and some effect. It has opened the door to antisocial and
preventive methods of these crimes. We focus criminal behavior.
on a case study of fighting cyber crimes in India A. The Computer Dependent Age:
and discuss problems faced. Finally, we propose The modern world relies on
several recommendations to advance the work computerized system for almost every thing in
of fighting cyber crimes. the life, from air, train and bus traffic control to
Cyber crimes fall into
medical services. Systems play a prominent
three categories: role in human lives. The society depends on
(1) A computer is the target of criminal activity
computer system, therefore has profound human
(2) The computer is the tool used or is integraldimension too. The rapid expansion of large-
to the commission of the crime scale computer networks and the ability to
(3) The computer is only an incidental aspect ofaccess systems through regular telephone lines
the crime. increase the vulnerability to these systems. And
Cyber crime is a
it also increases the opportunity for misuse or
relatively new phenomenon. Services such as criminal activity. Security is needed for both
telecommunications, banking and finance, external and internal threats.
transportation, electrical energy, water supply, B. History of computer crimes:
emergency services, and government operations It is difficult to determine
rely completely on computers for control, when the first crime involving a computer
management, and interaction amongactually took place. The computer has been
themselves. Cyber crimes would be impossible around in some form since the abacus, which is
without the Internet. known to exist in 3500BC in Japan, China, and
India. In 1801, profit motives encouraged
Keywords— Fraud by computer manipulation, Joseph Jacquard, a textile manufacturer in
Computer France, to design the forerunner of the computer
Forgery, Email-bombing, Trojan attack, card. This device allowed the repetition of
services of stamps in the weaving of special
fabrics. However Jacquard’s employees were
committed to discourage further use of new
I. INTRODUCTION technology.
Today an increasing number of C. Definition of computer crimes:
companies are connecting to the Internet to A generalized
support sales activities or to provide their definition of cyber crime may be “unlawful acts
employees and customers with faster wherein the computer is either a tool or target or
information and services. The virtual world has both”. Experts debated on what exactly
taken over the real one, E-business and E- constitutes computer crime or a computer
related crime. Even after several years there is
no internationally recognized definition of these
terms. A global definition of computer crime
has not been achieved. Computer crime has
been defined as “any illegal unethical or
unauthorized behavior involving automatic
processing or transmission of data”.
Threats come in two categories:
a. Passive threats.
b. Active threats.
a. Passive threats:
This involves monitoring the
transmission data of an organization. Here the
goal of the assembler if to obtain information
that is being transmitted. Passive threats are
difficult to detect because they do not involve
alterations of data.
These are of two types:
Release of message content.
Traffic analysis.
b. Active threats:
These threats involve some
modification of data stream or the creation of a
false stream. These are of three types:
Modification.
Denial of message service.
Masquerade.
2.REASONS FOR CYBER CRIMES:
Hart in his work “The Concept of Law” has said
‘human beings are vulnerable so rule of law is
required to protect them’. Applying this to the
cyberspace we may say that computers are
vulnerable so rule of law is required to protect
and safeguard them against cyber crime. The
reasons for the vulnerability of computers may
be said to be:
1.Capacity to store data in comparatively small
space
2.Easy to access
3.Complex
4.Negligence
5. Loss of evidence
3. TYPES OF CYBER CRIMES:
A. Fraud by computer manipulation:
Intangible assets represented in
data format such as money on deposits or hours
of work are the most common targets related to
fraud. Modern business is quickly replacing
cash with deposits transacted on computer
system creating computer fraud. Credit card
information as well as personal and financial
information on credit card has been frequently
targeted by organized criminal crimes. Assets
represented in data format often have a
considerably higher value than traditionally
economic assets resulting in potentially greater
economic class.
B. Computer Forgery:
This happens when data is
altered which is stored in documents that are in
computerized form. Computers however can
also be used as instruments for committing
forgery. A new generation of fraudulent
alteration or duplication emerged when
computerized color laser copies became
available. These copies are capable of high-
resolution copying, modification of documents
that are even creating false documents without
benefit of original. They produce documents
with an equality that is indistinguishable from
original documents. Experts can only
distinguish this.
C. E-mail bombing:
This kind of activity refers to
sending large numbers of mail to the victim,
which may be and individual or a company or
even mail servers there by ultimately resulting
into crashing.
D. Data diddling:
 This kind of attack involves
altering the raw data before it is processed by a
system and re-altering it after processing. The
electricity board faced similar problem of data
diddling while the department was being
computerized.

E. Salami attack:
This kind of crime is
normally prevalent in the financial institutions
or for the purpose of committing financial
crimes. An important feature of this type of
offence is that the alteration is so small that it
would normally go unnoticed. For example a
bank employee deducts five rupees from every
customers account. The individual customers
are unlikely to notice this small change but the
employee will make a significant earning.

F. Trojan attack:
In software field this means H. Distributed denial of service:
an unauthorized program, which passively gains This is a denial of service
control over another’s system by representing attack in which the perpetrators are more than
itself as an authorized program. The most one in number and geographically displaced. It
common form of installing a Trojan is through is very difficult to control such attacks.
e-mail. I. E-mail spoofing:
H. Distributed denial of service: A spoofed email is one,
This is a denial of service which appears to originate from one source but
attack in which the perpetrators are more than actually originates from another.
one in number and geographically displaced. It
is very difficult to control such attacks.
I. E-mail spoofing:
A spoofed email is one,
which appears to originate from one source but
actually originates from another.
G. Denial of service attack:
This involves flooding the
computer resource with more requests than it
can handle. This causes the resource to crash,
thereby denying the authorized users the
service.

J. Intellectual property crime:
This is a crime, which
involves the unauthorized copying and
distributing of copyrighted software. Software
piracy is an example.
K. Cyber stalking:
This involves following a
person on the Internet and causing harassment.
L. Web jacking:
This term is derived from
the term hi jacking. In these kinds of offences
the hacker gains access and control over the
web site of another. He may even mutilate or
change the information on the site. This may be
done for fulfilling political objectives or for
money.
E.g. Recently the site of
MIT (Ministry of Information Technology) was
hacked by the Pakistani hackers and some
obscene matter was placed therein. Further the
site of Bombay crime branch was also web
jacked.
Another case of web
jacking is that of the ‘gold fish’ case. In this
case the site was hacked and the information
pertaining to gold fish was changed. Further a
ransom of US $ 1 million was demanded as
ransom.
Thus web jacking is a process where
by control over the site of another is made
backed by some consideration for it.
F. Damage to Data/Programs:
This category of criminal
activity involves either direct or search
unauthorized access to computer system by
introducing new programs.
They are
a. viruses
b. worms
c. logic bombs.
The unauthorized modification suppression or
erasure of computer data or functions with the
Internet to hinder normal functioning of the
system is clearly a criminal activity and is
commonly referred to as computer sabotage.
a. VIRUS: (Vital information resources
under seize)
Virus is a series of program
codes with the ability to attach itself to
legitimate programs and propagate itself to
other computer programs. Viruses are file and
boot sector viruses. It attacks the fat so that
there is no sequence of file content and it
destroys the data content.
b. WORMS: (Write Once Read Many)
They are just added to the files
and they do not manipulate. It differs from a
virus in that it does not have the ability to
replicate itself.
c. LOGIC BOMB:
As it involves the
programming the destruction or modification of
data is at a specific time in the future.
G. Unauthorized access:
The desire to gain
unauthorized access to computer system can be
prompted by several motives
From simple curiosity.
To computer sabotage
International unjustified
access by a person not authorized by the owners
or operators of a system may often constitute
criminal behavior. Unauthorized access creates
the opportunity to cause additional unintended
damage to data and system crashes. Accessing
is often accomplished from a remote location
along a telecommunication network by one of
several means. The intruder may be able to take
advantage of security measures to gain access or
may find loopholes in existing security
measures or system procedures. Frequently
hackers impersonate legitimate users. This is
especially common in systems.
 5. PREVENTIVE METHODS:
4.CYBER CRIMINALS: Prevention is always
The cyber criminals constitute of various better than cure. It is always better to take
groups/ category. This division may be justified certain precaution while operating the net. All
on the basis of the object that they have in their should make them part of cyber life. Sailesh
mind. The following are the category of cyber kumar Zarkar technical advisor and network
criminals- security consultant to the Mumbai Police Cyber
A. Children and adolescents between the age crime Cell, advocates the 5P mantra for online
group of 6 – 18 years: security: Precaution, Prevention, Protection,
The simple reason for this Preservation and Perseverance. A net operator
type of delinquent behaviour pattern in children should keep in mind the following things-
is seen mostly due to the inquisitiveness to A. Disclose information:
know and explore the things. Other cognate To prevent cyber stalking
reason may be to prove them selves to be avoid disclosing any information pertaining to
outstanding amongst other children in their one self. This is as good as disclosing your
group. Further the reasons may be identity to strangers in public place.
psychological even. B. Avoid strangers:
E.g. the Bal Bharati (Delhi) case was the Always avoid sending any
outcome of harassment of the delinquent by his photograph online particularly to strangers and
friends. chat friends as there have been incidents of
B. Organized Hackers: misuse of the photographs.
These kinds of hackers are C. Update antivirus:
mostly organized together to fulfill certain Always use latest and up date
objective. The reason may be to fulfill their anti virus software to guard against virus
political bias, fundamentalism, etc. The attacks.
Pakistanis are said to be one of the best quality D. Back up:
hackers in the world. They mainly target the Always keep back up volumes
Indian government sites with the purpose to so that one may not suffer data loss in case of
fulfill their political objectives. virus contamination
Further E. Avoid sending credit card numbers:
the NASA as well as the Microsoft sites is Never send your credit card
always under attack by the hackers. number to any site that is not secured, to guard
against frauds.
C. Professional hackers / crackers: F. Watch on sites:
Their work is motivated by Always keep a watch on the
the color of money. These kinds of hackers are sites that your children are accessing to prevent
mostly employed to hack the site of the rivals any kind of harassment or depravation in
and get credible, reliable and valuable children.
information. Further they are when employed to G. Having security program:
crack the system of the employer basically as a It is better to use a security
measure to make it safer by detecting the loop program that gives control over the cookies and
holes. send information back to the site as leaving the
D. Discontented employees: cookies unguarded might prove fatal.
This group include those H. Checking sites:
people who have been either sacked by their Web site owners should watch
employer or are dissatisfied with their employer. traffic and check any irregularity on the site.
To avenge they normally hack the system of Putting host-based intrusion detection devices
their employee. on servers may do this.
I. Firewalls:
 These are programs, which • Choose your chatting nickname carefully so
protect a user from unauthorized access attacks as others.
while on a network. They provide access to only O. Physical Security:
known users, or people who the user permits. Physical security is most
J. Frequent password changing: sensitive component, as prevention from cyber
With the advent of multi- crime Computer network should be protected
user systems, security has become dependent on from the access of unauthorized persons.
passwords. Thus one should always keep P. Access Control:
passwords to sensitive data secure. Changing Access Control system is
them frequently and keeping them sufficiently generally implemented using firewalls, which
complex in the first place can do this. provide a centralized point from which to
permit or allow access. Firewalls allow only
K. Safe surfing: authorized communications between the
This is a practice, which internal and external network.
should be followed by all users on a network. Q. Using Encryption:
Safe surfing involves keeping ones e-mail Encryption is able to
address private, not chatting on open systems, transform data into a form that makes it almost
which do not have adequate protection methods, impossible to read it without the right key. This
visiting secure sites. Accepting data from only key is used to allow controlled access to the
known users, downloading carefully, and then information to selected people. The information
from known sites also minimizes risk. can be passed on to any one but only the people
L. Frequent virus checks: with the right key are able to see the
One should frequently information. Encryption allows sending
check ones computer for viruses and worms. confidential documents by E-mail or save
Also any external media such as floppy disks confidential information on laptop computers
and CD ROMS should always be virus checked without having to fear that if someone steals it
before running. the data will become public. With the right
M. Email filters: encryption/decryption software installed, it will
These are programs, hook up to mail program and encrypt/decrypt
which monitor the inflow of mails to the inbox messages automatically without user
and delete automatically any suspicious or interaction.
useless mails thus reducing the chances of being R. Detection of Cyber Crimes: Some of the
bombed or spoofed. Cyber Crimes like network Intrusion are
N. General Information: difficult to detect and investigation even though
Don’t delete harmful most of crimes against individual like cyber
communications (emails, chats etc). They will stalking, cyber defamation, cyber pornography
provide vital information about system and can be detected and investigated through
address of the person behind these. following steps:
• Try not to panic. After receiving such type of mail
• If you feel any physical danger, contact your (1) Give command to computer to show full
local police. header of mail.
• Avoid getting into huge arguments online (2) In full header find out the IP number and
during chat and discussions with other users. time of delivery of number and this IP number
• Remember that all other Internet users are always different for every mail. From this IP
strangers; you do not know who you are number we can know who the Internet service
chatting with. So be careful. provider for that system from which the mail
• Be extremely careful about how you share had come was.
personal information about yourself online.
 (3) To know about Internet Service Provider To avoid the information from
from IP number, take the service of search hackers we use the passwords secretly and we
engine like nic.com, apnic.com, arin.com. change the passwords regularly. We cannot use
(4) After opening the website of any of above our names, initials as passwords that are easily
mentioned search engine, feed the IP number traced. We should not download any executable
and after some time name of ISP can be files from unknown sources, information from
obtained. any sources without checking for virus. We
(5) After getting the name of ISP we can get have to use licensed anti-virus software. Also
the information about the sender from the ISP teams like CERT and FIRST assist in solving
by giving them the IP number, date and time of hacker attacks and to disseminate information
sender. on security.
(6) ISP will provide the address and phone
number of the system, which was used to send 7. REFERENCES:
the mail with bad intention. Bibliography:
After Knowing the address and phone number 1. Cyber Crime (article), Silicon Times, Vol.
criminal can be apprehended by using 2, Issue 12, December 2002
conventional police methods. 2. Computer Vulnerabilities, Eric Knight,
CISSP, Electronic Edition, March 2000, release
6. CONCLUSION: 4
. Everything 3. An Unofficial Guide to Ethical Hacking,
about our lives is in some manner affected by Ankit Fadia, Macmillan India Ltd., 2001
computers. Under the circumstances it is high 4. The Little Black Book of Computer
time we sat up and took notice of the events Viruses, Mark Ludwig, Electronic Edition,
shaping our destinies on the information American Eagle Publications, 1996
highway. Cyber crime is everyone’s problem. 5. Balkin, J., Grimmelmann, J., Katz, E.,
And it is time we did something to protect Kozlovski, N., Wagman, S. & Zarsky, T. (2006)
ourselves. The issue of network and Internet (eds) Cybercrime: Digital Cops in a
security has become increasingly more Networked Environment, New York University
important as more and more business and Press, New York.
people go on-line.
Law in an Era of Smart Technology, Oxford: Oxford University Press