Ways to fight cyber crime by individuals.

To fight back the individual and businessman should be proactive, not reactive We do not have to remain at the receiving end of crime forever. The fight against cyber crime starts in our very own home .We should not reply any e-mail from unknown persons, we should learn to report spam mails to the e-mail servers .We should not upload our personal information on social networking sites or our account details on other such sites. Also the use antivirus soft wares can be a great help to fight against viruses and worms. Ways to fight cyber crime by government The author of the "Lovebug" virus remains free because his nation did not have cyber crime laws. The "AnnaKournikova" virus caused billions of dollars in damage, but the individual who distributed it received only 150 hours of community service as a penalty Cybercrime is not armed robbery, not pen and paper crime and should not be handle as such. Fighting Cybercrime requires intelligent knowledge and that has to be IT intelligence. What I mean is this, men of the regular Police force should not be allowed to investigate crimes committed over the internet. IT experts should be recruited into law enforcement agencies to assist in the fight.At this hour when cyber crime is growing in leaps and bounds with growing technology the government need to strengthen criminal penalties against computer crimes; work to harmonize laws against cyber crime internationally; and improve coordination among law enforcement authorities in different jurisdictions. Conclusion There will always be new and unexpected challenges to stay ahead of cyber criminals and cyber terrorists but we can win only through partnership and collaboration of both individuals and government. There is much we can do to ensure a safe, secure and trustworthy computing environment. It is crucial not only to our national sense of well-being, but also to our national security and economy.

21. CLASSIFICATION OF CYBER CRIMES It can be classified in to 4 major categories as (A) Cyber crime against Individual (B) Cyber crime Against Property (C) Cyber crime Against Organization (D) Cyber crime Against Society

(A) Against Individuals (i) Email spoofing : A spoofed email is one in which e-mail header is forged so that mail appears to originate from one source but actually has been sent from another source (ii) Spamming : Spamming means sending multiple copies of unsolicited mails or mass e-mails such as chain letters. (iii) Cyber Defamation : This occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information. (iv) Harassment & Cyber stalking : Cyber Stalking Means following the moves of an individual's activity over internet. It can be done with the help of many protocols available such at e- mail, chat rooms, user net groups.

(B) Against Property: (i) Intellectual Property crimes : These include Software piracy: illegal copying of programs, distribution of copies of software. Copyright infringement, Trademarks violations,Theft of computer source code: (ii) Internet time theft : the usage of the Internet hours by an unauthorized person which is actually paid by another person.

(C) Against Organisation (i) Unauthorized Accessing of Computer: Accessing the computer/network without permission from the owner. it can be of 2 forms: a) Changing/deleting data: Unauthorized changing of data. b) Computer voyeur: The criminal reads or copies confidential or proprietary information,

but the data is neither deleted nor changed. (ii) Denial Of Service : When Internet server is flooded with continuous bogus requests so as to denying legitimate users to use the server or to crash the server. (iii) Virus attack : A computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of it. Viruses can be file infecting or affecting boot sector of the computer. Worms, unlike viruses do not need the host to attach themselves to. (iv) Email Bombing : Sending large numbers of mails to the individual or company or mail servers thereby ultimately resulting into crashing. (v) Salami Attack : When negligible amounts are removed & accumulated in to something larger. These attacks are used for the commission of financial crimes. (vi) Logic Bomb : Its an event dependent programme , as soon as the designated event occurs, it crashes the computer, release a virus or any other harmful possibilities. (vii) Trojan Horse : an unauthorized program which functions from inside what seems to be an authorized program, thereby concealing what it is actually doing.

(viii) Data diddling : This kind of an attack involves altering raw data just before it is processed by a computer and then changing it back after the processing is completed.

D) Against Society (i) Forgery : currency notes, revenue stamps, mark sheets etc can be forged using computers and high quality scanners and printers. (ii) Cyber Terrorism : Use of computer resources to intimidate or coerce others.

(iii) Web Jacking : Hackers gain access and control over the website of another, even they change the content of website for fulfilling political objective or for money

Citied from: http://www.reportcybercrime.com/index.php.

Extending the rule of law into cyberspace is a critical step to create a trustworthy environment for people and businesses. Because that extension remains a work in progress, organizations today must first and foremost defend their own systems and information from attack, be it from outsiders or from within. They may rely only secondarily on the deterrence that effective law enforcement can provide. To provide this self-protection, organizations should focus on implementing cyber security plans addressing people, process, and technology issues. Organizations need to commit the resources to educate employees on security practices, develop thorough plans for the handling of sensitive data, records and transactions, and incorporate robust security technology-such as firewalls, anti-virus software, intrusion detection tools, and authentication services-throughout the organizations' computer systems. These system protection tools--the software and hardware for defending information systems--are complex and expensive to operate. To avoid hassles and expense, system

manufacturers and system operators routinely leave security features turned off, needlessly increasing the vulnerability of the information on the systems. Bugs and security holes with known fixes are routinely left uncorrected. Further, no agreed-upon standards exist to benchmark the quality of the tools, and no accepted methodology exists for organizations to determine how much investment in security is enough. The inability to quantify the costs and benefits of information security investments leave security managers at a disadvantage when competing for organizational resources. Much work remains to improve management and technical solutions for information protection. Industry-wide efforts are underway to address prevention, response, and cooperation. Around the world, various industries have been establishing information sharing and analysis centers (ISACs) to share real-time information related to threats, vulnerabilities, attacks, and countermeasures. A recent Global Information Security Summit sponsored by the World Information Technology and Services Alliance (www.witsa.org) brought together industry, governments, and multilateral organizations across economic sectors to share information and build partnerships. Post-summit working groups are now developing cooperative approaches to addressing the most critical information security problems. The results of that work will be taken up at a second summit in Belfast in May 2001. That summit will also provide an opportunity to revisit the progress of nations in updating their laws to cover cyber crimes.

Conclusions 1. Reliance on terrestrial laws is an untested approach. Despite the progress being made in many countries, most countries still rely on standard terrestrial law to prosecute cyber crimes. The majority of countries are relying on archaic statutes that predate the birth of cyberspace and have not yet been tested in court. 2. Weak penalties limit deterrence. The weak penalties in most updated criminal statutes provide limited deterrence for crimes that can have large-scale economic and social effects. 3. Self-protection remains the first line of defense. The general weakness of statutes increases the importance of private sector efforts to develop and adopt strong and efficient technical solutions and management practices for information security. 4. A global patchwork of laws creates little certainty. Little consensus exists among countries regarding exactly which crimes need to be legislated against. Figure 2 illustrates the

kinds of gaps that remain, even in the 19 countries that have already taken steps to address cyber crimes. In the networked world, no island is an island. Unless crimes are defined in a similar manner across jurisdictions, coordinated efforts by law enforcement officials to combat cyber crime will be complicated. 5. A model approach is needed. Most countries, particularly those in the developing world, are seeking a model to follow. These countries recognize the importance of outlawing malicious computer-related acts in a timely manner in order to promote a secure environment for ecommerce. But few have the legal and technical resources necessary to address the complexities of adapting terrestrial criminal statutes to cyberspace. A coordinated, public-private partnership to produce a model approach can help eliminate the potential danger from the inadvertent creation of cyber crime havens

Recommendations The weak state of global legal protections against cyber crime suggests three kinds of action. 1. Firms should secure their networked information. Laws to enforce property rights work only when property owners take reasonable steps to protect their property in the first place. As one observer has noted, if homeowners failed to buy locks for their front doors, should towns solve the problem by passing more laws or hiring more police? Even where laws are adequate, firms dependent on the network must make their own information and systems secure. And where enforceable laws are months or years away, as in most countries, this responsibility is even more significant. 2. Governments should assure that their laws apply to cyber crimes. National governments remain the dominant authority for regulating criminal behavior in

most places in the world. One nation already has struggled from, and ultimately improved, its legal authority after a confrontation with the unique challenges presented by cyber crime. It is crucial that other nations profit from this lesson, and examine their current laws to discern whether they are composed in a technologically neutral manner that would not exclude the prosecution of cyber criminals. In many cases, nations will find that current laws ought to be updated. Enactment of enforceable computer crime laws that also respect the rights of individuals are an essential next step in the battle against this emerging threat.

REFERENCES

http://www.uscollegesearch.org/blog/criminal-justice-info/cyber-crime-statistics