Documente Academic
Documente Profesional
Documente Cultură
A computer cannot recognize crimes, only zeros and ones. People cannot be classified into
good and bad. They change colours to good upon necessity and to bad upon opportunity. A
crime will happen only when the opportunity avails itself. Networking computers opens up a
plethora of opportunities for people. Information in computers like water flows, but unlike it,
in both directions as naturally. Restricting this flow makes productive use of it. People act
with tools available to them. The sharper the knife, the deeper the wound. Technologies are
morally neutral, until people apply them. “Intent” of a person is the factor to decide the act
committed.
Page 1 of 13
Below are presented the viewpoints of different simulated characters to justify the actions
Hacker’s Perspective
As I await my turn, to list hobbies, a hundreds of thoughts are running in my mind. Should I
tell Madame about it? What will she think? Can she comprehend? And if so, can she
appreciate it? “I like to paint”, Madame. “Good, what is your best painting?”; “Robin Hood”,
came the reply without a thought. He is the hero of my life and will be the one if I have to
paint. Back home, I pilot my aeroplane, my computer. Mom and Dad are scientists and are
As I finish checking mails, the daemon programs configured at startup get me the list of IIS
servers; and the boy at the store rings the door and delivers my chicken pizza. The
vulnerability that I have discovered in IIS allows me to get into the corporate Intranets.
There I leave a worm, similar to the Haiku, telling that Robin Hood has visited them. It has
already come up in the Internet and shall percolate to media sooner. There shall be lot of
hype and the pursuit is thrilling. Soon they will discover it as a bug and will work on a fix,
and the software evolves, and so do i. This is my hobby and I am a hacker. Doing actions
without revealing identity is what I do, anonymity is the name of the game.
Hackers are highly intellectual people and mostly prodigies. They are benefactors of
evolution. There is also a certain ego satisfaction in identifying oneself as a hacker. Hacking
pursuits do not intend to condone damage on the systems that are hacked.
However to err, is human. After gaining control over a system, unintentional operations may
cause damage to the existing infrastructure. Loss could be accrued for which there is a
liability. The Indian Act discourages unauthorized access, a fraud prevention activity.
Intrusion Detection Softwares are evolving to detect fraud. A skilled intruder will avoid
extensive connection time on a victim machine at all costs. He will do this by disabling the
Page 2 of 13
record operations into history files. Only when a file cannot be browsed or database queried
Experience is what we get when we do not get what we want. 5 years of experience did not
leave my table cleaner. System Administration is hard work rather than intelligent work.
Installing the same software on 50 machines makes it monotonous. And it is a thankless job
too. People come to doctors, police, lawyers and system administrators only when there is a
problem. My experience says that offences are committed due to negligence of users and
People use passwords that are same as user name, some don’t, some share passwords
among colleagues, bosses divulge them to sincere subordinates, some shout them over.
Some companies have floppies on all systems and no restrictions at entry. This is due to
lack of security policy. Intellectual property is the main tangible asset of a company; it has
to be protected. where as mostly it lies in the network, unencrypted and open to prying
eyes.
Systems have to be in place for prevention rather than detection. Chat clients like Yahoo,
MSN and ICQ reveal the IP address of the receptor over the Internet, which can further be
used to commit crimes. Virus Protection Software, Firewalls, Proxies and Gateways can be
erected but unless there is a change in attitude, there is a high probability of offences being
They have not captivated our heroes, but our spirit of freedom and happiness. They have
bombed our cities like we sow seeds in our farms. Now, the time has come for them to reap
the fruits of their actions. An email shall be sent at 11:45 PM today to all the network points
Page 3 of 13
indicating the target EFT servers. That is the time when their business day gets started as
usual, but this day will be unusual for them. Once you get the command list, start the
attack. As soon as the task assigned to you is complete, send a confirmation mail. In case
of an incomplete task, send a void mail. The tasks at all domains shall be completed by 2
AM.
I advice you to have a peaceful sleep. The toil of sleepless nights is over. As the sun rises in
our region, it brings hope and freedom and by the time it sets in their region, will dawn their
money with technologies. They realize that money that went into the bytes can never be
reconverted. Our mission will be accomplished and our dreams fulfilled. Allah has sent us to
punish the wicked and so shall they not go unpunished, as we hit them where it hurts the
most. Jihaaad.
Distributed Denial of Service (DDoS) can mean more harm than what the name conveys.
Not only is unavailability of service the target of well-planned terrorists but a higher harm
can be contemplated. One country cannot by itself enact laws the comprehensively address
the problems of Internet offences without the cooperation from other countries. Never
before has it been so easy to commit an offence in one jurisdiction while hiding behind the
jurisdiction of another.
Employee’s perspective
Ours is one of the world’s leading MNC. We develop state-of-the-art softwares. With
branches in 70 countries, we feel at home in any point of the globe. Most of the
communication formal, semi formal, supplier, vendor and the 360 degree one is done
through emails. Each country’s office has a group id to which if a mail sent, will be delivered
to all the personnel in that country. The HR and Management use this account to
communicate if there is any point prominent to make. Some times emotional professionals
Page 4 of 13
Monday, the day of return to routines and I start checking the mails, sipping a cup of coffee,
as is our trend. A mail from our CEO, Umm! Are we making profits? And, astonishing
news. “ Are you aware of the affair between Celina and Douglas? Do you think it is love?”.
Holy Shit! Why will our CEO send such a mail? It is the act of some idiot. But who are these
Celina and Douglas? As these thoughts run on my mind, they run on the minds of all our
employees and soon it is known that they are the Project Manager and Software Engineer of
the product, “Zombie Protection System”. The V.P commissions them to his office and asks
them for an explanation of their acts that has resulted in such a mail, for which they reply
by submitting their resignation letters. The System Admin is called and he remains silent, as
he could not say, “ It has been done, as it could be done”. Now my company cannot start
training sessions on professional ethics and policies on whistling, shouts the V.P in a fit of
temper.
Defamation, a cheap tricked played by people who are jealous, is the cause of unnecessary
Competition exists across companies producing similar items in the market. An E-commerce
site gives provision to its customers, while shopping, to select any Payment gateway among
the multiple gateways it supports. A Company corrupts its rival gateway by denial of
service. As transaction translates to money, it is a loss for the company not just in terms of
transaction failure, but loss of goodwill of the customer who never selects a failed payment
Cracker’s Perspective
Crackers are never caught and those that are caught are not crackers, they are playing the
game in a silly manner. Some are real kiddies below 15. The police catch them and do not
know what to do with them. They are sympathized; not to say admired by the society. A
cracker is always two steps ahead of the police and intrusion detection systems. He is
Page 5 of 13
SYN flood attacks, UCP flood attacks and ICMP flood attacks are old ways of doing things.
And there are people who get success using these techniques too. Not all have taken care to
protect their networks. And there are network security companies selling their softwares,
containing vulnerability analysis of known bugs and making a good business. They can
never know what the crackers do, as the new methods created by them to break the
History is full of stories of strong systems conquering the weaker ones. Rama listening to
Vibhishana hits Ravana in his weak point, and so does Bheema to Duryodhana, Drona to
Ekalavya and Yudhistira to Drona. So, for survival one always has to be better than his
enemy. There are five types of people in the world, people that make news, people that
write news, people that read news, people that ask what’s happening and people that are
not bothered. The fourth and fifth are always the target. Crackers belong to the first group.
Public Key Infrastructure which is conceived as demi-god equivalent in terms of trust has
also got the weaknesses. They are compromise on the part of private key, certifying
authority and breakage of cryptographic algorithm. For any system all that the “ker”s do is
A cracker has a philosophy that is intoxicatingly convincing and a cracker will never say that
he is one. Strength and weakness are two corners of a scale with the world within. So is
good and bad. An offence has multi dimensional factors to scale. There are strong systems
and weak systems in the Internet. There are people with right intentions and wrong
intentions. When ever a strong system is in the hands of wrong people or a good system in
HR Manager’s Perspective
becoming permanent. This year new costs are expected from the HR field, apart from costs
of recruiting; that is the cost of retaining. People are jumping from one company to another
like monkeys. A typical strategy by an employee is to show an appointment letter of his new
Page 6 of 13
job and get a salary hike from us and show the hike to his recruiter and start off on a higher
note. While all of this is fine as long as the management concedes and there are people
worth the mettle, we are busier than ever. Conducting recruitment drives on weekends, and
moving to new cities for newer talents is very common. Another concept that is in action is
the concept of flexible timings. Time difference between our country and our business
partners has made such changes imperative. The employees working in night shifts are less
Few bachelors are eager to stay in the company on Saturdays and Sundays in the pretext of
acquiring new skills. Such people are admired or sympathized but never monitored. Tonnes
of songs and other unwanted material is downloaded and put on the network in a computer
other than the employee’s and sometimes in a hidden format. These employees assume
privileges on resources such as printers, Internet and most importantly the corporate
network.
Valuable IP of the company resides there. While some people make the best advantage of
these resources for the benefit of themselves and their company, all are not so. And it is
virtually impossible to filter the wheat from the chaff. To make a general observation, it is
observed that the element of “namak” is missing in the new generation techies. One
unmonitored and disgruntled employee can cause havoc to the company. As HR Managers
we know it better.
September 11th is the day on which a point has been made. Aeroplane and Building are used
as tools. Hearts of Americans are struck with terror. Computers can be used as tools to
commit offences that are traditional in nature. This opens up new combinations. Murder
using computer, Credit thefts are not unheard of. A system cannot be made foolproof as
nature always produces a better fool. Often a new technology or infrastructure is conceived
as a remedy for existing weakness, but a new technology comes with it’s own set of
loopholes for the explorer to exploit. IP address is a basic information obtained in any
internet transaction. Most offences are committed based upon IP Addresses. A reverse
Page 7 of 13
lookup on the IP address tracks down the system and also the route to the offence.
Software such as Samspade, tracert, or Visual Route can be used for the purpose.
Information is a valuable asset. Not only is the transfer of information, but even
unauthorized viewing may diminish its value. If a system is connected to the Internet there
is every chance of it being attacked. Once IP address is known, DOS attacks such as Ping of
Death, Smurf, UDP flooding or modem disconnection can be committed. Control over a
system is acquired by looking at open ports on an IP. An offence is termed as a crime only
when proved in a court of law. Law does not distinguish between crime and mischief,
Security is an overhead for the network but it gives protection to the resources. Network
policy for security is also vital. To maintain a secure operation, one has to stay a step ahead
of the “ker”s. Keeping up to date on software patches is critical to any security plan. The
massive attack.
Another example of attack is that of an open access point in a Wireless network. Wireless
access points have been added to many corporate networks without proper renovation of
overall security policy. War Driving is a mechanism of sniffing 802.11 networks that have
open ports. Each network card is associated with a MAC (Media Access Control) address,
which uniquely identifies the device. A macof program can be used to cause a switch to fail
open and mailsnorf program to capture emails that reach any person into one’s system.
Both the tools are from Dsniff suite. The CAM (Content Addressable Memory) is where the
switch stores the MAC info and when this fills up, the switch begins to flood the unknown
MAC addresses to every port on the VLAN, in effect failing open. This could be made use of
by the offender to access all the data that goes into and out of the network.
An offence always starts in the mind of the aggressor and ends in the mind of the victim.
The stages in the life cycle of an offence are intended (but not committed), committed (but
Page 8 of 13
not permitted), permitted (but not identified), identified (but not conveyed), conveyed (but
not tracked), tracked (but not convicted), convicted but loss not recovered.
No computer or network could ever be 100% secure but understanding and prevention is
the key factor. One weak node could compromise the entire network. Most computer
criminals thrive not on knowledge but blossom due to ignorance on the part of System
Administrators. There are countless cyber crimes that are not made public due to private
industry’s reluctance to publicize its vulnerabilities and government’s concern for security.
There are bugs in various software’s and exploitation of these bugs result in a hack.
Computer crime is a low risk, high profit affair. Information for some organizations is an
asset, like money. Crimes are classified as done against a person or an organization. A
stalker may post a controversial message on the board under the name, phone number,
email of the victim resulting in subsequent responses being sent to the victim. This is an
example of using personal information to commit offences. Most entities provide services
requesting information from users, but never authenticate this information. This could be
the cause for a lot of crimes as anonymity is respected here. Accidental, Negligent and
errors, not their absence. There is no internationally recognized definition for cyber crime.
When someone fires a bullet from a gun, it is actually the bullet that does the killing while
the actual physical firing is pulling the trigger on the instrument. Similarly bits of data that
have been set into action from a computer is an extension of an actor’s person. Computer
crime and security may not just be hardware or software problem but a people-ware
problem.
Fraud Detection
Fraud detection has three aspects to it; intrusion detection, intrusion identification and
assigning intrusion to fraud. Using specialized software such as BlackIce, Snort, NetRanger
it is possible to sniff intrusion. It can be seen that a number of users, robots and other
entities will be constantly accessing the system once the computer is on the Internet.
However not all of these intrusions are with false intent. Even most softwares give false
alerts and it is essential to keep a person to check this. Answering the questions, ”Why will
Page 9 of 13
anybody be interested in my network”, Who will be interested and What will he be
interested in?” will help the filtration process. Intrusion Detection is based on the
assumption that avoiding each and every security breach is practically impossible. Instead,
security and to assess the damage they've caused. An Intrusion Detection System (IDS)
tries to detect attempted intrusions into a system or network and alert users. An IDS
constantly works away in the background in your system, notifying you only when it detects
something it considers suspicious or illegal. However, whether that notification will be of any
Anomaly detection: The most common approach for sniffing out an intrusion in a network
like CPU utilization, disk activity, user logins, file activity and so on. The system can then
trigger off whenever there's a deviation from this baseline. The good thing about this
approach is that it can detect the anomalies without having to understand the cause. Let's
say you monitor the traffic from individual workstations. The system notes that at 2 AM,
many of these workstations start logging into the servers and carrying out tasks. This may
Signature recognition: Most commercial IDSs examine network traffic, looking for well-
known patterns of attack. This means for every hacker technique, engineers code
something into the system. This can be as simple as a pattern match can. The classic
example is to check every packet on the wire for the pattern '/cgi-bin': this may indicate
that somebody was trying to access this vulnerable CGI script on a Web server. Some IDSs
are built from large databases with hundreds (or thousands) of such strings. They just plug
into the wire and trigger on every packet they see having one of these strings.
Data diddling: This kind of an attack involves altering the raw data just before it is
processed by a computer and then changing it back after the processing is completed
Trojan Horse Attack: A program that hits the machine at an unexpected time and remains
Page 10 of 13
Logic Bomb: A virus that has been configured to attack the system at a specified time.
Worm: A software program that multiplies like a virus but causes no harm.
Salami Technique: A technique using which the developers credit the fractional amounts in
The vulnerable infrastructures that are targeted are Power Grid, Communications, Financial
and Transportation.
Cyber Stalking: The Oxford dictionary defines stalking as "pursuing stealthily". Cyber
stalking involves following a person's movements across the Internet by posting messages
(sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-
rooms frequented by the victim, constantly bombarding the victim with emails etc.
Page 11 of 13
References
• Cyber Crimes, Notorious Aspects of humans and the Net. Yogesh Barua and Denzyl P.
Page 12 of 13
Author: Avinash Mangipudi (MBA)
Page 13 of 13