Muhammad Salim (Ism)

download Muhammad Salim (Ism)

of 34

Transcript of Muhammad Salim (Ism)

  • 8/8/2019 Muhammad Salim (Ism)





    CYBER CRIMESUnder the subject


    Submitted to

    Submitted by

    Ms. Vanisha Malik Muhammad Salim (07217003909)

    Faculty, MBA Sunil Kumar Gupta (07417003909)

    TIAS Praveen Kumar (05617003909)

    SESSION: 2010 - 2011

    TECNIA INSTITUTE OF ADVANCED STUDIES(Approved by AICTE, Ministry of HRD, Govt. of India)

    Affiliated To Guru Gobind Singh Indraprastha University, DelhiINSTITUTIONAL AREA, MADHUBAN CHOWK, ROHINI, DELHI- 110085

    E-Mail:[email protected], Website: www.tecniaindia.orgFax No: 27555120, Tel: 27555121-24

  • 8/8/2019 Muhammad Salim (Ism)



    At the outset, we wish to express our sincere thanks to almighty for showering his

    blessing on us to develop this report. We wish to thank our parents who always believed in usand have faith in us in whatever we wished to do.

    We would like to acknowledge our sincere thanks to Ms. Vanisha Malik, Faculty of

    Information System Management, Tecnia Institute of Advanced Studies for her excellent

    guidance and supervision for the completion of this report successfully.

    Last but not the least we wish to thank each one of us to do so much wonderful teamwork

    with trust and faith.

    Muhammad Salim

    Sunil Kumar Gupta

    Praveen Kumar

  • 8/8/2019 Muhammad Salim (Ism)



    SR. No. PARTICULARS PAGE No.1 Evolution of cyber crime 12 Definition 23 Cyber criminals 24 Modes of committing cyber crime 3

    5Some case studies

    Pune Citibank Emphasis Call Centre Fraud

    State of Tamil Nadu Vs Suhas Katti


    Nasscom vs. Ajay Sood & OthersSMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra

    Online Stock Exchange Fraud

    Fake Travel Agent

    Illegal Data Mining

    Brute force

    Shoulder Surfing: District Data Breach










    6 Classification of effects of cyber crimeAgainst Individuals

    Against Organization

    Against Society at large


    7 Statutory provisions 258 The access and security trade-off 269 Prevention of cyber crime 299 Conclusion 30

    10 References 31

  • 8/8/2019 Muhammad Salim (Ism)



    The first recorded cyber crime took place in the year 1820 !

    That is not surprising considering the fact that the abacus, which is thought to be the

    earliest form of a computer, has been around since 3500 B.C. in India, Japan and China. The era

    of modern computers, however, began with the analytical engine of Charles Babbage.

    In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom.

    This device allowed the repetition of a series of steps in the weaving of special fabrics. This

    resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood

    were being threatened. They committed acts of sabotage to discourage Jacquard from further use

    of the new technology. This is the first recorded cyber crime!

    Today, computers have come a long way with neural networks and nano-computing

    promising to turn every atom in a glass of water into a computer capable of performing a billion

    operations per second.

    In a day and age when everything from microwave ovens and refrigerators to nuclear

    power plants are being run on computers, cyber crime has assumed rather sinister implications.

    Cyber crime can involve criminal activities that are traditional in nature, such as theft,

    fraud, forgery, defamation and mischief. The abuse of computers has also given birth to a gamutof new age crimes such as hacking, web defacement, cyber stalking, web jacking etc. A simple

    yet sturdy definition of cyber crime would be unlawful acts wherein the computer is either a

    tool or a target or both .

    The term computer used in this definition does not only mean the conventional desktop or

    laptop computer. It includes Personal Digital Assistants (PDA), cell phones, sophisticated

    watches, cars and a host of gadgets.

    Recent global cyber crime incidents like the targeted denial of service attacks on Estoniahave heightened fears. Intelligence agencies are preparing against coordinated cyber attacks that

    could disrupt rail and air traffic controls, electricity distribution networks, stock markets,

    banking and insurance systems etc. Unfortunately, it is not possible to calculate the true social

    and financial impact of cyber crime. This is because most crimes go unreported.

    Page | 1

  • 8/8/2019 Muhammad Salim (Ism)


    CYBER CRIMECyber crime is the latest and perhaps the most complicated problem in the cyber world.

    Cyber crime may be said to be those species, of which, genus is the conventional crime, and

    where either the computer is an object or subject of the conduct constituting crime.

    Any criminal activity that uses a computer either as an instrumentality, target or a

    means for perpetuating further crimes comes within the ambit of cyber crime.

    A generalized definition of cyber crime may be unlawful acts wherein the computer is

    either a tool or target or both. The computer may be used as a tool in the following kinds of

    activity- financial crimes, sale of illegal articles, pornography, online gambling, intellectual

    property crime, e-mail spoofing, forgery, cyber defamation, cyber stalking. The computer may

    however be target for unlawful acts in the following cases- unauthorized access to computer/computer system/ computer networks, theft of information contained in the electronic form, e-

    mail bombing, data didling, salami attacks, logic bombs, Trojan attacks, internet time thefts, web

    jacking, theft of computer system, physically damaging the computer system.


    The cyber criminals constitute of various groups/ category. This division may be justified on

    the basis of the object that they have in their mind. The following are the category of cyber


    1. Children and adolescents between the age group of 6 18 years

    The simple reason for this type of delinquent behaviour pattern in children is seen mostly due

    to the inquisitiveness to know and explore the things. Other cognate reason may be to prove

    themselves to be outstanding amongst other children in their group. Further the reasons may

    be psychological even. E.g. the Bal Bharati (Delhi) case was the outcome of harassment of

    the delinquent by his friends.

    2. Organised Hackers -

    Page | 2

  • 8/8/2019 Muhammad Salim (Ism)


    These kinds of hackers are mostly organised together to fulfil certain objective. The reason

    may be to fulfil their political bias, fundamentalism, etc. The Pakistanis are said to be one of

    the best quality hackers in the world. They mainly target the Indian government sites with the

    purpose to fulfil their political objectives. Further the NASA as well as the Microsoft sites is

    always under attack by the hackers.

    3. Professional hackers / crackers

    Their work is motivated by the color of money. These kinds of hackers are mostly employed

    to hack the site of the rivals and get credible, reliable and valuable information. Further they

    are van employed to crack the system of the employer basically as a measure to make it safer

    by detecting the loopholes.

    4. Discontented employees -

    This group include those people who have been either sacked by their employer or are

    dissatisfied with their employer. To avenge they normally hack the system of their employee.


    1. Unauthorized access to computer systems or networks / Hacking-

    This kind of offence is normally referred as hacking in the generic sense. However the

    framers of the information technology act 2000 have no where used this term so to avoid any

    confusion we would not interchangeably use the word hacking for unauthorized access as

    the latter has wide connotation.

    2. Theft of information contained in electronic form-

    This includes information stored in computer hard disks, removable storage media etc. Theft

    may be either by appropriating the data physically or by tampering them through the virtual


    Page | 3

  • 8/8/2019 Muhammad Salim (Ism)


    3. Email bombing-

    Email bombing refers to sending a large number of emails to the victim resulting in the

    victim's email account (in case of an individual) or mail servers (in case of a company or an

    email service provider) crashing. In one case, a foreigner who had been residing in Simla,

    India for almost thirty years wanted to avail of a scheme introduced by the Simla Housing

    Board to buy land at lower rates. When he made an application it was rejected on the grounds

    that the 169 schemes were available only for citizens of India. He decided to take his

    revenge. Consequently he sent thousands of mails to the Simla Housing Board and repeatedly

    kept sending e-mails till their servers crashed.

    4. Data diddling-

    This kind of an attack involves altering raw data just before it is processed by a computer and

    then changing it back after the processing is completed. Electricity Boards in India have been

    victims to data diddling programs inserted when private parties were computerizing their


    5. Salami attacks-

    These attacks are used for the commission of financial crimes. The key here is to make thealteration so insignificant that in a single case it would go completely unnoticed. E.g. a bank

    employee inserts a program, into the bank's servers, that deducts a small amount of money

    (say Rs. 5 a month) from the account of every customer. No account holder will probably

    notice this unauthorized debit, but the bank employee will make a sizable amount of money

    every month.

    To cite an example, an employee of a bank in USA was dismissed from his job. Disgruntled

    at having been supposedly mistreated by his employers the man first introduced a logic bomb

    into the bank's systems.

    Logic bombs are programmes, which are activated on the occurrence of a particular

    predefined event. The logic bomb was programmed to take ten cents from all the accounts in

    Page | 4

  • 8/8/2019 Muhammad Salim (Ism)


    the bank and put them into the account of the person whose name was alphabetically the last

    in the bank's rosters. Then he went and opened an account in the name of Ziegler. The

    amount being withdrawn from each of the accounts in the bank was so insignificant that

    neither any of the account holders nor the bank officials noticed the fault.

    It was brought to their notice when a person by the name of Zygler opened his account in that

    bank. He was surprised to find a sizable amount of money being transferred into his account

    every Saturday.

    6. Denial of Service attack-

    This involves flooding a computer resource with more requests than it can handle. This

    causes the resource (e.g. a web server) to crash thereby denying authorized users the serviceoffered by the resource. Another variation to a typical denial of service attack is known as a

    Distributed Denial of Service (DDoS) attack wherein the perpetrators are many and are

    geographically widespread. It is very difficult to control such attacks. The attack is initiated

    by sending excessive demands to the victim's computer(s), exceeding the limit that the

    victim's servers can support and making the servers crash. Denial-of-service attacks have had

    an impressive history having, in the past, brought down websites like Amazon, CNN, Yahoo

    and eBay!

    7. Virus / worm attacks-

    Viruses are programs that attach themselves to a computer or a file and then circulate

    themselves to other files and to other computers on a network. They usually affect the data

    on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to

    attach themselves to. They merely make functional copies of themselves and do this

    repeatedly till they eat up all the available space on a computer's memory. The

    VBS_LOVELETTER virus (better known as the Love Bug or the ILOVEYOU virus) was

    reportedly written by a Filipino undergraduate.

    In May 2000, this deadly virus beat the Melissa virus hollow - it became the world's most

    prevalent virus. It struck one in every five personal computers in the world. When the virus

    Page | 5

  • 8/8/2019 Muhammad Salim (Ism)


    was brought under check the true magnitude of the losses was incomprehensible. Losses

    incurred during this virus attack were pegged at US $ 10 billion.

    The original VBS_LOVELETTER utilized the addresses in Microsoft Outlook and emailed

    itself to those addresses. The e-mail, which was sent out, had "ILOVEYOU" in its subject

    line. The attachment file was named "LOVE-LETTER-FORYOU. TXT.vbs". The subject

    line and those who had some knowledge of viruses did not notice the tiny .vbs extension and

    believed the file to be a text file conquered people wary of opening e-mail attachments. The

    message in the e-mail was "kindly check the attached LOVELETTER coming from me".

    Since the initial outbreak over thirty variants of the virus have been developed many of them

    following the original by just a few weeks. In addition, the Love Bug also uses the Internet

    Relay Chat (IRC) for its propagation.

    It e-mails itself to users in the same channel as the infected user.

    Unlike the Melissa virus this virus does have a destructive effect. Whereas the Melissa, once

    installed, merely inserts some text into the affected documents at a particular instant during

    the day, VBS_LOVELETTER first selects certain files and then inserts its own code in lieu

    of the original data contained in the file. This way it creates ever-increasing versions of itself.

    Probably the world's most famous worm was the Internet worm let loose on the Internet by

    Robert Morris sometime in 1988. The Internet was, then, still in its developing years and this

    worm, which affected thousands of computers, almost brought its development to a complete

    halt. It took a team of experts almost three days to get rid of the worm and in the meantime

    many of the computers had to be disconnected from the network.

    8. Logic bombs-

    These are event dependent programs. This implies that these programs are created to do

    something only when a certain event (known as a trigger event) occurs. E.g. even some

    viruses may be termed logic bombs because they lie dormant all through the year and

    become active only on a particular date (like the Chernobyl virus ).

    Page | 6

  • 8/8/2019 Muhammad Salim (Ism)


    9. Trojan attacks-

    A Trojan as this program is aptly called, is an unauthorized program which functions from

    inside what seems to be an authorized program, thereby concealing what it is actually doing.

    There are many simple ways of installing a Trojan in someone's computer. To cite and

    example, two friends Rahul and Mukesh (names changed), had a heated argument over one

    girl, Radha (name changed) whom they both liked. When the girl, asked to choose, chose

    Mukesh over Rahul, Rahul decided to get even. On the 14th of February, he sent Mukesh a

    spoofed e-card, which appeared to have come from Radha's mail account. The e-card actually

    contained a Trojan. As soon as Mukesh opened the card, the Trojan was installed on his

    computer. Rahul now had complete control over Mukesh's computer and proceeded to harass

    him thoroughly.

    10. Internet time thefts-

    This connotes the usage by an unauthorized person of the Internet hours paid for by another

    person. In a case reported before the enactment of the Information Technology Act, 2000

    Colonel Bajwa, a resident of New Delhi, asked a nearby net caf owner to come and set up

    his Internet connection. For this purpose, the net caf owner needed to know his username

    and password.

    After having set up the connection he went away with knowing the present username and

    password. He then sold this information to another net caf. One week later Colonel Bajwa

    found that his Internet hours were almost over. Out of the 100 hours that he had bought, 94

    hours had been used up within the span of that week. Surprised, he reported the incident to

    the Delhi police. The police could not believe that time could be stolen. They were not aware

    of the concept of time-theft at all. Colonel Bajwa's report was rejected.

    He decided to approach The Times of India, New Delhi. They, in turn carried a report about

    the inadequacy of the New Delhi Police in handling cyber crimes. The Commissioner of

    Police, Delhi then took the case into his own hands and the police under his directions raided

    Page | 7

  • 8/8/2019 Muhammad Salim (Ism)


    and arrested the net caf owner under the charge of theft as defined by the Indian Penal Code.

    The net caf owner spent several weeks locked up in Tihar jail before being granted bail.

    11. Web jacking-

    This occurs when someone forcefully takes control of a website (by cracking the password

    and later changing it). The actual owner of the website does not have any more control over

    what appears on that website In a recent incident reported in the USA the owner of a hobby

    website for children received an e-mail informing her that a group of hackers had gained

    control over her website. They demanded a ransom of 1 million dollars from her. The owner,

    a schoolteacher, did not take the threat seriously. She felt that it was just a scare tactic and

    ignored the e-mail. It was three days later that she came to know, following many telephone

    calls from all over the country, that the hackers had web jacked her website. Subsequently,

    they had altered a portion of the website which was entitled 'How to have fun with goldfish'.

    In all the places where it had been mentioned, they had replaced the word 'goldfish' with the

    word 'piranhas'. Piranhas are tiny but extremely dangerous flesh-eating fish. Many children

    had visited the popular website and had believed what the contents of the website suggested.

    These unfortunate children followed the instructions, tried to play with piranhas, which they

    bought from pet shops, and were very seriously injured!

    12. Theft of computer system

    This type of offence involves the theft of a computer, some part(s) of a computer or a

    peripheral attached to the computer.

    13. Physically damaging a computer system

    This crime is committed by physically damaging a computer or its peripherals.

    Page | 8

  • 8/8/2019 Muhammad Salim (Ism)



    1. Pune Citibank Emphasis Call Centre Fraud

    US $ 3,50,000 from accounts of four US customers were dishonestly transferred to bogus

    accounts. This will give a lot of ammunition to those lobbying against outsourcing in US. Such

    cases happen all over the world but when it happens in India it is a serious matter and we cannot

    ignore it. It is a case of sourcing engineering. Some employees gained the confidence of the

    customer and obtained their PIN numbers to commit fraud. They got these under the guise of

    helping the customers out of difficult situations. Highest security prevails in the call centres in

    India as they know that they will lose their business. There was not as much of breach of security

    but of sourcing engineering. The call centre employees are checked when they go in and out so

    they cannot copy down numbers and therefore they could not have noted these down.

    They must have remembered these numbers, gone out immediately to a cyber caf and accessed

    the Citibank accounts of the customers. All accounts were opened in Pune and the customers

    complained that the money from their accounts was transferred to Pune accounts and thats how

    the criminals were traced. Police has been able to prove the honesty of the call centre and has

    frozen the accounts where the money was transferred. There is need for a strict background

    check of the call centre executives. However, best of background checks can not eliminate the

    bad elements from coming in and breaching security. We must still ensure such checks when a person is hired. There is need for a national ID and a national data base where a name can be

    referred to. In this case preliminary investigations do not reveal that the criminals had any crime

    history. Customer education is very important so customers do not get taken for a ride. Most

    banks are guilt of not doing this.

    2. State of Tamil Nadu Vs Suhas Katti

    The Case of Suhas Katti is notable for the fact that the conviction was achieved successfully

    within a relatively quick time of 7 months from the filing of the FIR. Considering that similar

    cases have been pending in other states for a much longer time, the efficient handling of the case

    which happened to be the first case of the Chennai Cyber Crime Cell going to trial deserves a

    special mention.

    Page | 9

  • 8/8/2019 Muhammad Salim (Ism)


    The case related to posting of obscene, defamatory and annoying message about a divorcee

    woman in the yahoo message group. E-Mails were also forwarded to the victim for information

    by the accused through a false e-mail account opened by him in the name of the victim. The

    posting of the message resulted in annoying phone calls to the lady in the belief that she was

    soliciting. Based on a complaint made by the victim in February 2004, the Police traced the

    accused to Mumbai and arrested him within the next few days. The accused was a known family

    friend of the victim and was reportedly interested in marrying her. She however married another

    person. This marriage later ended in divorce and the accused started contacting her once again.

    On her reluctance to marry him, the accused took up the harassment through the Internet. On 24-

    3-2004 Charge Sheet was filed u/s 67 of IT Act 2000, 469 and 509 IPC before The Honble

    Addl. CMM Egmore by citing 18 witnesses and 34 documents and material objects. The same

    was taken on file in C.C.NO.4680/2004.

    On the prosecution side 12 witnesses were examined and entire documents were marked as

    Exhibits. The Defence argued that the offending mails would have been given either by ex-

    husband of the complainant or the complainant herself to implicate the accused as accused

    alleged to have turned down the request of the complainant to marry her. Further the Defence

    counsel argued that some of the documentary evidence was not sustainable under Section 65 B

    of the Indian Evidence Act. However, the court relied upon the expert witnesses and other

    evidence produced before it, including the witnesses of the Cyber Cafe owners and came to theconclusion that the crime was conclusively proved. Ld. Additional Chief Metropolitan

    Magistrate, Egmore, delivered the judgement on 5-11-04 as follows:

    The accused is found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000

    and the accused is convicted and is sentenced for the offence to undergo RI for 2 years

    under 469 IPC and to pay fine of Rs.500/-and for the offence u/s 509 IPC sentenced to

    undergo 1 year Simple imprisonment and to pay fine of Rs.500/- and for the offence u/s 67

    of IT Act 2000 to undergo RI for 2 years and to pay fine of Rs.4000/- All sentences to runconcurrently.

    The accused paid fine amount and he was lodged at Central Prison, Chennai. This is considered

    as the first case convicted under section 67 of Information Technology Act 2000 in India.

    Page | 10

  • 8/8/2019 Muhammad Salim (Ism)



    India saw its first cybercrime conviction recently. It all began after a complaint was filed by

    Sony India Private Ltd, which runs a website called, targeting Non

    Resident Indians. The website enables NRIs to send Sony products to their friends and relativesin India after they pay for it online. The company undertakes to deliver the products to the

    concerned recipients. In May 2002, someone logged onto the website under the identity of

    Barbara Campa and ordered a Sony Colour Television set and a cordless head phone. She gave

    her credit card number for payment and requested that the products be delivered to Arif Azim in

    Noida. The payment was duly cleared by the credit card agency and the transaction processed.

    After following the relevant procedures of due diligence and checking, the company delivered

    the items to Arif Azim. At the time of delivery, the company took digital photographs showing

    the delivery being accepted by Arif Azim. The transaction closed at that, but after one and a half

    months the credit card agency informed the company that this was an unauthorized transaction as

    the real owner had denied having made the purchase. The company lodged a complaint for

    online cheating at the Central Bureau of Investigation which registered a case under Section 418,

    419 and 420 of the Indian Penal Code. The matter was investigated into and Arif Azim was


    Investigations revealed that Arif Azim, while working at a call centre in Noida gained access to

    the credit card number of an American national which he misused on the companys site. The

    CBI recovered the colour television and the cordless head phone. In this matter, the CBI had

    evidence to prove their case and so the accused admitted his guilt. The court convicted Arif

    Azim under Section 418, 419 and 420 of the Indian Penal Code this being the first time that a

    cybercrime has been convicted. The court, however, felt that as the accused was a young boy of

    24 years and a first-time convict, a lenient view needed to be taken. The court therefore released

    the accused on probation for one year. The judgment is of immense significance for the entire

    nation. Besides being the first conviction in a cybercrime matter, it has shown that the Indian

    Penal Code can be effectively applied to certain categories of cyber crimes which are not

    covered under the Information Technology Act 2000. Secondly, a judgment of this sort sends out

    a clear message to all that the law cannot be taken for a ride.

    Page | 11

  • 8/8/2019 Muhammad Salim (Ism)


    4. Nasscom vs. Ajay Sood & Others

    In a landmark judgment in the case of National Association of Software and Service Companies

    Vs Ajay Sood & Others, delivered in March, 05, the Delhi High Court declared `phishing on

    the internet to be an illegal act, entailing an injunction and recovery of damages. Elaborating onthe concept of phishing, in order to lay down a precedent in India, the court stated that it is a

    form of internet fraud where a person pretends to be a legitimate association, such as a bank or

    an insurance company in order to extract personal data from a customer such as access codes,

    passwords, etc. Personal data so collected by misrepresenting the identity of the legitimate party

    is commonly used for the collecting partys advantage. court also stated, by way of an example,

    that typical phishing scams involve persons who pretend to represent online banks and siphon

    cash from e-banking accounts after conning consumers into handing over confidential banking


    The Delhi HC stated that even though there is no specific legislation in India to penalise

    phishing, it held phishing to be an illegal act by defining it under Indian law as a

    misrepresentation made in the course of trade leading to confusion as to the source and origin of

    the e-mail causing immense harm not only to the consumer but even to the person whose name,

    identity or password is misused. The court held the act of phishing as passing off and tarnishing

    the plaintiffs image. The plaintiff in this case was the National Association of Software and

    Service Companies (Nasscom), Indias premier software association. The defendants were

    operating a placement agency involved in head-hunting and recruitment. In order to obtain

    personal data, which they could use for purposes of headhunting, the defendants composed and

    sent e-mails to third parties in the name of Nasscom. The high court recognised the trademark

    rights of the plaintiff and passed an ex-parte adinterim injunction restraining the defendants from

    using the trade name or any other name deceptively similar to Nasscom.

    The court further restrained the defendants from holding themselves out as being associates or a

    part of Nasscom. The court appointed a commission to conduct a search at the defendants

    premises. Two hard disks of the computers from which the fraudulent e-mails were sent by the

    defendants to various parties were taken into custody by the local commissioner appointed by the

    court. The offending e-mails were then downloaded from the hard disks and presented as

    evidence in court. During the progress of the case, it became clear that the defendants in whose

    Page | 12

  • 8/8/2019 Muhammad Salim (Ism)


    names the offending e-mails were sent were fictitious identities created by an employee on

    defendants instructions, to avoid recognition and legal action. On discovery of this fraudulent

    act, the fictitious names were deleted from the array of parties as defendants in the case.

    Subsequently, the defendants admitted their illegal acts and the parties settled the matter throughthe recording of a compromise in the suit proceedings. According to the terms of compromise,

    the defendants agreed to pay a sum of Rs1.6 million to the plaintiff as damages for violation of

    the plaintiffs trademark rights. The court also ordered the hard disks seized from the defendants

    premises to be handed over to the plaintiff who would be deceptively similar to Nasscom. The

    court further restrained the defendants from holding themselves out as being associates or a part

    of Nasscom. The court appointed a commission to conduct a search at the defendants premises.

    Two hard disks of the computers from which the fraudulent e-mails were sent by the defendants

    to various parties were taken into custody by the local commissioner appointed by the court. The

    offending e-mails were then downloaded from the hard disks and presented as evidence in court.

    During the progress of the case, it became clear that the defendants in whose names the

    offending e-mails were sent were fictitious identities created by an employee on defendants

    instructions, to avoid recognition and legal action. On discovery of this fraudulent act, the

    fictitious names were deleted from the array of parties as defendants in the case. Subsequently,

    the defendants admitted their illegal acts and the parties settled the matter through the recording

    of a compromise in the suit proceedings. According to the terms of compromise, the defendants

    agreed to pay a sum of Rs1.6 million to the plaintiff as damages for violation of the plaintiffs

    trademark rights. The court also ordered the hard disks seized from the defendants premises to

    be handed over to the plaintiff who would be the owner of the hard disks. This case achieves

    clear milestones: It brings the act of phishing into the ambit of Indian laws even in the absence

    of specific legislation; It clears the misconception that there is no damages culture in India for

    violation of IP rights; This case reaffirms IP owners faith in the Indian judicial systems ability

    and willingness to protect intangible property rights and send a strong message to IP owners thatthey can do business in India without sacrificing their IP rights.

    Page | 13

  • 8/8/2019 Muhammad Salim (Ism)


    5. SMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra

    In India's first case of cyber defamation, a Court of Delhi assumed jurisdiction over a matter

    where a corporates reputation was being defamed through emails and passed an important ex-

    parte injunction.In this case, the defendant Jogesh Kwatra being an employ of the plaintiff company started

    sending derogatory, defamatory, obscene, vulgar, filthy and abusive emails to his employers as

    also to different subsidiaries of the said company all over the world with the aim to defame the

    company and its Managing Director Mr. R K Malhotra. The plaintiff filed a suit for permanent

    injunction restraining the defendant from doing his illegal acts of sending derogatory emails to

    the plaintiff.

    On behalf of the plaintiffs it was contended that the emails sent by the defendant were distinctlyobscene, vulgar, abusive, intimidating, humiliating and defamatory in nature. Counsel further

    argued that the aim of sending the said emails was to malign the high reputation of the plaintiffs

    all over India and the world. He further contended that the acts of the defendant in sending the

    emails had resulted in invasion of legal rights of the plaintiffs. Further the defendant is under a

    duty not to send the aforesaid emails. It is pertinent to note that after the plaintiff company

    discovered the said employ could be indulging in the matter of sending abusive emails, the

    plaintiff terminated the services of the defendant.

    After hearing detailed arguments of Counsel for Plaintiff, Hon'ble Judge of the Delhi High Court

    passed an ex-parte ad interim injunction observing that a prima facie case had been made out by

    the plaintiff. Consequently, the Delhi High Court restrained the defendant from sending

    derogatory, defamatory, obscene, vulgar, humiliating and abusive emails either to the plaintiffs

    or to its sister subsidiaries all over the world including their Managing Directors and their Sales

    and Marketing departments. Further, Hon'ble Judge also restrained the defendant from

    publishing, transmitting or causing to be published any information in the actual world as also in

    cyberspace which is derogatory or defamatory or abusive of the plaintiffs.

    This order of Delhi High Court assumes tremendous significance as this is for the first time that

    an Indian Court assumes jurisdiction in a matter concerning cyber defamation and grants an ex-

    parte injunction restraining the defendant from defaming the plaintiffs by sending derogatory,

    defamatory, abusive and obscene emails either to the plaintiffs or their subsidiaries.

    Page | 14

  • 8/8/2019 Muhammad Salim (Ism)


    6. Online Stock Exchange Fraud

    Background: A complaint was received from the director of a securities firm stating that there

    was an unauthorized execution of a call option resulting in a loss to the complainant. The

    complainant company was dealing in sale and purchase of shares on behalf of clients. As a broker of the stock exchange they were providing trading facilities of the equity and futures and

    options markets to their sub-brokers/ high net worth individual clients. This was done at the

    clients premises through ISDN lines/ normal telephone lines/ VPN with predefined passwords

    and user IDs on their trading terminals. As per the complaint a fraudulent trade was executed by

    selling a call option by using the user ID and password provided to one of the complainants

    client. An interesting aspect was that this call option was the most inactive for trading purposes

    and no trade had taken place except for the fraudulent trade.

    The said call option was compulsorily exercised by the exchange thus resulting in a loss of INR

    0.05 million to the complainant and wrongful gain to the culprits.

    Investigation: The stock exchange provided the details of the trade log for call option of buyer

    and seller. The user ID that was used to book the order could be traced from the information

    provided. Some of the information that was provided was:

    Date - Buy Client Name/Address

    Trade Number - Sell Member Code Trade Time - Sell Trading Member Name Trade Quantity - Sell Client Code/Name/Address Buy Time - Buy Order Number Buy Name - Sell Order Number Buy Client Code

    The complainants client was examined who stated that they had not executed this trade. The

    data of the computer installed at their premises was scrutinized for system error log, access log,

    event log and broadcast server log. The analysis of the logs revealed that the computer system of

    the client was not logged during the days when the fraudulent trades were executed. The

    configuration indicated that for executing the transaction through the internet, access to the

    network was imperative. Such access was authorized by the firewall installed at the network of

    the complainant.

    Page | 15

  • 8/8/2019 Muhammad Salim (Ism)


    The firewall (which generated the log details) provided the IP address used to logon to the

    system to execute the transaction. The firewall details as well as the server of the complainant

    were taken to the police computer lab and analyzed using forensic tools. The transactions logs

    could not be recovered from the firewall server as the same was designed to be emailed to a

    specific email ID. However, the information collected from a securities firm revealed the details

    of an account through which the fraudulent transaction was executed.

    The ownership details and logs for the email ID were collected from a web host company and

    were found to be belonging to the very person who had designed the firewall for the complainant

    company. Thereafter, the mobile phone details of the accused were collected which revealed that

    he was in contact with the co-accused (the person who had designed the firewall for the

    complainant company). This gave the first indication that a conspiracy existed between the

    accused persons.

    Based on this information simultaneous raids were conducted and the accused were arrested. The

    interrogation of the accused revealed the modus operandi on how the fraudulent transaction had

    been executed. The accused had provided the copy of the programme (which had access, firewall

    file, password and other details that were required for configuring the computer system) to the


    The Central Processing Unit was configured by the co-accused and the same was taken to cyber

    cafe and on the pretext of downloading software. The accused downloaded the software from the

    attachment in his e-mail account and executed the transaction by installing the software on the


    Current status: Under investigation, the accused are in judicial custody.

    7. Fake Travel Agent

    Background: The accused in this case was posing to be a genuine railway ticket agent and had been purchasing tickets online by using stolen credit cards of non residents. The accused created

    fraudulent electronic records/ profiles, which he used to carry out the transactions.

    The tickets so purchased were sold for cash to other passengers. Such events occurred for a

    period of about four months.

    Page | 16

  • 8/8/2019 Muhammad Salim (Ism)


    The online ticket booking service provider took notice of this and lodged a complaint with the

    cyber crime investigation cell.

    Investigation: The service provider gave the IP addresses, which were used for the fraudulent

    online bookings, to the investigating team. IP addresses were traced to cyber cafes in twolocations.

    The investigating team visited the cyber cafs but was not able to get the desired logs as they

    were not maintained by the cyber caf owners. The investigating team was able to short list the

    persons present at cyber cafes when the bookings were made. The respective owners of the cyber

    cafes were able to identify two persons who would regularly book railway tickets.

    The investigating team then examined the passengers who had travelled on these tickets. They

    stated that they had received the tickets from the accused and identified the delivery boy whodelivered the tickets to them. On the basis of this evidence the investigating team arrested two

    persons who were identified in an identification parade.

    Current status: The charge sheet has been submitted in the court.

    8. Illegal Data Mining

    The owner of Snipermail, a business that distributes advertisements via the Internet to e-mailaddresses on behalf of advertisers or their brokers was indicted for conspiracy, unauthorized

    access of a protected computer, access device fraud, money laundering and obstruction of justice.

    It was alleged that Scott Levine and other Snipermail employees illegally accessed a computer

    database owned and operated by Acxiom Corporation, a company that stores, processes, and

    manages personal, financial, and corporate data on behalf of its clients. On numerous occasions,

    Levine and others illegally entered into an Acxiom file transfer protocol (ftp) server and

    downloaded significant amounts of data. The intrusions were traced back to an internet protocol

    address that belonged to one of Snipermails computers. The downloading of the databases lasted

    for period of a year and a half and represented 8.2 gigabytes of data. While the stolen data

    contained personal information about a great number of individuals and could have resulted in

    tremendous loss if the information were used in a fraudulent way, there was no evidence to date

    that any of the data was misused in this way. Acxiom, immediately notified law enforcement

    Page | 17

  • 8/8/2019 Muhammad Salim (Ism)


    upon discovery of intrusions into its system and assisted with the investigation which was

    conducted by a task force formed the Federal Bureau of Investigation (FBI) and the United

    States Secret Service (USSS).

    9. Brute force

    In cryptography, a brute force attack or exhaustive key search is a strategy that can in theory be

    used against any encrypted data by an attacker who is unable to take advantage of any weakness

    in an encryption system that would otherwise make his task easier. It involves systematically

    checking all possible keys until the correct key is found. In the worst case, this would involve

    traversing the entire search space.

    Hackers used brute force password cracking program to break into the districts computers and

    initiated a batch of bogus transfers out of the schools payroll account. The transfers were kept

    below $10,000 to avoid the anti-money laundering reporting requirements. The hackers had

    almost 20 accomplices they had hired through work at home job scams. Over $100,000 was

    successfully removed from the account. Two days later a school employee noticed the bogus

    payments. Unfortunately, unlike consumers who typically have up to 60 days from the receipt of

    a monthly statement to dispute any unauthorized charges, organizations and companies have

    roughly two business days to spot and dispute unauthorized activity. This is because schoolorganizations that bank online fall under the Uniform Commercial Code. Due to this law, the

    district was able to get less than $20,000 of the transfers reversed.

    10. Shoulder Surfing: District Data Breach

    A Washington State man has been sentenced to 10 years in prison after pleading guilty to 31

    counts of criminal activity, most related to a school district data breach. Christopher Berge, now

    21, was a student at Mountain View High School in Evergreen Public Schools when he

    "shoulder surfed"--physically observed--a password used by a district employee.

    Berge later used the password to gain access to the district's student information system, hosted

    by the Washington School Information Processing Cooperative (WSIPC). From there, he was

    able to gain access to the payroll data of another district in the state, Vancouver Public Schools.

    Page | 18

  • 8/8/2019 Muhammad Salim (Ism)


  • 8/8/2019 Muhammad Salim (Ism)



    The subject of cyber crime may be broadly classified under the following three groups. They are-

    1. Against Individuals

    a. Their person &

    b. their property of an individual

    2. Against Organization

    a. Government

    b. Firm, Company, Group of Individuals.

    3. Against Society at large

    The following are the crimes, which can be committed against the followings group

    Against Individuals:

    I. Harassment via e-mails.

    II. Cyber-stalking.

    III. Dissemination of obscene material.

    IV. Defamation.

    V. Unauthorized control/access over computer system.

    VI. Indecent exposure

    VII. Email spoofing Cheating & Fraud

    Against Individual Property: -

    I. Computer vandalism.II. Transmitting virus.

    III. Netrespass

    IV. Unauthorized control/access over computer system.

    Page | 20

  • 8/8/2019 Muhammad Salim (Ism)


    V. Intellectual Property crimes

    VI. Internet time thefts

    Against Organization: -

    I. Unauthorized control/access over computer system

    II. Possession of unauthorized information.

    III. Cyber terrorism against the government organization.

    IV. Distribution of pirated software etc.

    Against Society at large: -

    I. Pornography (basically child pornography).

    II. Polluting the youth through indecent exposure.

    III. Trafficking

    IV. Financial crimes

    V. Sale of illegal articles

    VI. Online gambling

    VII. Forgery

    The above mentioned offences discussed in brief as follows:

    1. Harassment via e-mails-

    Harassment through e-mails is not a new concept. It is very similar to harassing through letters.

    Recently I had received a mail from a lady wherein she complained about the same. Her former

    boy friend was sending her mails constantly sometimes emotionally blackmailing her and also

    threatening her. This is a very common type of harassment via e-mails.

    2. Cyber-stalking-

    The Oxford dictionary defines stalking as "pursuing stealthily". Cyber stalking involves

    following a person's movements across the Internet by posting messages (sometimes threatening)

    Page | 21

  • 8/8/2019 Muhammad Salim (Ism)


    on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the

    victim, constantly bombarding the victim with emails etc.

    3. Dissemination of obscene material/ Indecent exposure / Pornography (basically child

    pornography) / Polluting through indecent exposure-Pornography on the net may take various forms. It may include the hosting of web site

    containing these prohibited materials. Use of computers for producing these obscene materials.

    Downloading through the Internet, obscene materials. These obscene matters may cause harm to

    the mind of the adolescent and tend to deprave or corrupt their mind. Two known cases of

    pornography are the Delhi Bal Bharati case and the Bombay case wherein two Swiss couple

    used to force the slum children for obscene photographs. The Mumbai police later arrested them.

    4. Defamation

    It is an act of imputing any person with intent to lower the person in the estimation of the right-

    thinking members of society generally or to cause him to be shunned or avoided or to expose

    him to hatred, contempt or ridicule. Cyber defamation is not different from conventional

    defamation except the involvement of a virtual medium. E.g. the mail account of Rohit was

    hacked and some mails were sent from his account to some of his batch mates regarding his

    affair with a girl with intent to defame him.

    5. Unauthorized control/access over computer system-

    This activity is commonly referred to as hacking. The Indian law has however given a different

    connotation to the term hacking, so we will not use the term "unauthorized access"

    interchangeably with the term "hacking" to prevent confusion as the term used in the Act of 2000

    is much wider than hacking.

    6 . E mail spoofing-

    A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it's origin to be

    different from which actually it originates. Recently spoofed mails were sent on the name of Mr.

    N a.Vijayashankar (, which contained virus.

    Rajesh Manyar , a graduate student at Purdue University in Indiana, was arrested for threatening

    to detonate a nuclear device in the college campus. The alleged e- mail was sent from the

    Page | 22

  • 8/8/2019 Muhammad Salim (Ism)


    account of another student to the vice president for student services. However the mail was

    traced to be sent from the account of Rajesh Manyar .

    7 . Computer vandalism-

    Vandalism means deliberately destroying or damaging property of another. Thus computer vandalism may include within its purview any kind of physical harm done to the computer of any

    person. These acts may take the form of the theft of a computer, some part of a computer or a

    peripheral attached to the computer or by physically damaging a computer or its peripherals.

    8. Intellectual Property crimes / Distribution of pirated software-

    Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is

    deprived completely or partially of his rights is an offence. The common form of IPR violation

    may be said to be software piracy, copyright infringement, trademark and service mark violation,

    theft of computer source code, etc.

    The Hyderabad Court has in a land mark judgement has convicted three people and sentenced

    them to six months imprisonment and fine of 50,000 each for unauthorized copying and sell of

    pirated software.

    9 . Cyber terrorism against the government organization

    At this juncture a necessity may be felt that what is the need to distinguish between cyber terrorism and cyber crime. Both are criminal acts. However there is a compelling need to

    distinguish between both these crimes. A cyber crime is generally a domestic issue, which may

    have international consequences, however cyber terrorism is a global concern, which has

    domestic as well as international consequences. The common form of these terrorist attacks on

    the Internet is by distributed denial of service attacks, hate websites and hate emails, attacks on

    sensitive computer networks, etc. Technology savvy terrorists are using 512-bit encryption,

    which is next to impossible to decrypt. The recent example may be cited of Osama Bin Laden ,

    the LTTE , attack on Americas army deployment system during Iraq war.

    Cyber terrorism may be defined to be the premeditated use of disruptive activities, or the threat

    thereof, in cyber space, with the intention to further social, ideological, religious, political or

    similar objectives, or to intimidate any person in furtherance of such objectives

    Another definition may be attempted to cover within its ambit every act of cyber terrorism.

    Page | 23

  • 8/8/2019 Muhammad Salim (Ism)


  • 8/8/2019 Muhammad Salim (Ism)



    The Indian parliament considered it necessary to give effect to the resolution by which

    the General Assembly adopted Model Law on Electronic Commerce adopted by the United Nations Commission on Trade Law. As a consequence of which the Information Technology Act

    2000 was passed and enforced on 17th May 2000. the preamble of this Act states its objective to

    legalise e-commerce and further amend the Indian Penal Code 1860, the Indian Evidence Act

    1872, the Bankers Book Evidence Act1891 and the Reserve Bank of India Act 1934 . The

    basic purpose to incorporate the changes in these Acts is to make them compatible with the Act

    of 2000. So that they may regulate and control the affairs of the cyber world in an effective


    The Information Technology Act deals with the various cyber crimes in chapters IX &

    XI. The important sections are Ss. 43,65,66,67. Section 43 in particular deals with the

    unauthorised access, unauthorised downloading, virus attacks or any contaminant, causes

    damage, disruption, denial of access, interference with the service availed by a person. This

    section provide for a fine up to Rs. 1 Crore by way of remedy. Section 65 deals with tampering

    with computer source documents and provides for imprisonment up to 3 years or fine, which

    may extend up to 2 years or both. Section 66 deals with hacking with computer system and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both. Further

    section 67 deals with publication of obscene material and provides for imprisonment up to a term

    of 10 years and also with fine up to Rs. 2 lakhs.

    Page | 25

  • 8/8/2019 Muhammad Salim (Ism)



    Today, extending access to applications for the users who need them is no longer a "nice to

    have" - but a key determinant of who will win and who will lose. Legacy applications and

    databases, for example, contain invaluable customer information and provide a great resource for

    partners and other trusted third parties; email and other messaging applications are indispensable

    for seemingly instantaneous communication; and 'emerging' applications, such as audio and

    video conferencing, are now the critical enabler of 'real-time business,' resulting in huge gains in

    both productivity and profitability. Facilitating the rollout and accessibility of these applications,

    IP networks - both private and public, wired and wireless - make access to applications possible

    for any user from any corner of the globe. Why, then, are CIOs constantly refereeing a tug-of-

    war between the lines of business who want to realize the value of their applications by

    extending them to the users who need them and the network administrators who want to insulate

    their network from attack by increasingly limiting access for untrusted third parties?

    What is driving this zero sum game where any access gained by the business results in a

    corresponding decrease in network security? The answer lies in the use of network security to

    deploy applications. That is, network security, which by its design disrupts and limits

    connectivity between networks, is also used to enable connectivity. These products - while

    critical for protecting the physical network - were not intended to protect and extend applications

    and consequently using them to deploy applications inevitably results in the access and security

    trade off.

    The solution, however, is not to increase the IT budget to buy more point solutions or deploy an

    army of network administrators to provide the highly-oxymoronic 'brute force flexibility,' but to

    deploy a new conceptual network called the Application Network. The Application Network is a

    logical network that overlays the physical IP network and leverages its communicationsinfrastructure while not undermining its physical security. The Application Network also

    underlies the applications that need the physical network for connectivity, providing robust and

    extensible application-layer security. When deployed, the Application Networks allow

    enterprises to use the applications their businesses require and securely extend those to the users

    Page | 26

  • 8/8/2019 Muhammad Salim (Ism)


    who need them - while taking advantage of, not compromising, the network security


    A Little History

    Thirty years have passed since the U.S. Defense Advanced Research Projects Agency (DARPA)

    initiated the project to determine a method of linking together many disparate packet networks to

    enable cross-network communication. According to history, the initiative was referred to as the

    Internetworking project and the resulting mesh of linked packet networks was called the Internet.

    The Internet at that time was an aggregation of packet networks funded and hosted by

    government and educational enterprises throughout the United States. Enabling this inter-

    communication was the development of the Internet Protocol (IP), which defined how data

    packets are routed across the various networks. Until the 1980's the Internet was a combination

    of public networks that allowed primarily academic and government to communicate freely and

    openly. Applications utilizing the TCP/IP protocol suite could be extended to users with routable

    IP addresses, a requirement of the early Internet. Soon, however, and by design, the Internet and

    its obvious business benefits began to get the attention of commercial enterprises as well as

    foreign governments and soon these organizations began to adhere to the IP protocol and connect

    their local networks to this public communications infrastructure. Now, users were diverse,

    unknown and not necessarily trusted while the information accessible was no longer academic, but sensitive business and governmental intelligence. Network security was born.

    The Purpose of Network Security

    Necessity certainly bred invention with the advent of network security. At a very high level,

    organizations needed to protect their physical networks from this 'untrusted' Internet and were

    eager to find solutions that allowed them limited access to the public networks while insulating

    their networks from potential attack and information theft. Answering this demand, firewallswere developed to protect the physical network. Firewalls, often utilizing Network Address

    Translation (NAT) for non-routable addresses that are hidden from the outside,were designed to

    limit network access by breaking the two fundamental rules of IP routing - that is that all

    network nodes must know of other nodes and all addresses of devices must be known. From the

    Page | 27

  • 8/8/2019 Muhammad Salim (Ism)


    outset, the purpose of basic network security was to protect the physical network from attack by

    limiting connectivity between the two networks.

    Emergence of the Security and Access Trade Off

    The unfortunate downside of physical security that limits connectivity for untrusted users is that

    it also limits connectivity for trusted users. To provide access for trusted users,network

    administrators were forced to start 'fixing' the networking rules broken by the physical security

    as required by the users and the access they required. Opening holes in the perimeter security,

    however, to allow ingress and egress is exactly that: opening holes. Network administrators

    quickly realized that the amount of access granted to users was inversely proportional to the

    security of their network. A seemingly zero sum game, this network security and application

    access trade off is now a common dilemma within organizations large and small, domestic and


    Page | 28

  • 8/8/2019 Muhammad Salim (Ism)



    Prevention is always better than cure. It is always better to take certain precaution while

    operating the net. A should make them his part of cyber life. Saileshkumar Zarkar, technical

    advisor and network security consultant to the Mumbai Police Cyber crime Cell, advocates the5P mantra for online security : Precaution, Prevention, Protection, Preservation and

    Perseverance. A netizen should keep in mind the following things-

    1. To prevent cyber stalking avoid disclosing any information pertaining to oneself. This is

    as good as disclosing your identity to strangers in public place.

    2. Always avoid sending any photograph online particularly to strangers and chat friends as

    there have been incidents of misuse of the photographs.

    3. Always use latest and updated antivirus software to guard against virus attacks.

    4. Always keep back up volumes so that one may not suffer data loss in case of virus


    5. Never send your credit card number to any site that is not secured, to guard against


    6. Always keep a watch on the sites that your children are accessing to prevent any kind of

    harassment or depravation in children.

    7. It is better to use a security programme that gives control over the cookies and send

    information back to the site as leaving the cookies unguarded might prove fatal.

    8. Web site owners should watch traffic and check any irregularity on the site. Putting host-

    based intrusion detection devices on servers may do this.

    9. Use of firewalls may be beneficial.

    10. Web servers running public sites must be physically separate protected from internalcorporate network.

    Adjudication of a Cyber Crime - On the directions of the Bombay High Court the Central

    Government has by a notification dated 25.03.03 has decided that the Secretary to the

    Page | 29

  • 8/8/2019 Muhammad Salim (Ism)


    Information Technology Department in each state by designation would be appointed as the AO

    for each state.


    Capacity of human mind is unfathomable. It is not possible to eliminate cyber crime from

    the cyber space. It is quite possible to check them. History is the witness that no legislation has

    succeeded in totally eliminating crime from the globe. The only possible step is to make people

    aware of their rights and duties (to report crime as a collective duty towards the society) and

    further making the application of the laws more stringent to check crime. Undoubtedly the Act is

    a historical step in the cyber world. Further we all together do not deny that there is a need to

    bring changes in the Information Technology Act to make it more effective to combat cyber

    crime. We would conclude with a word of caution for the pro-legislation school that it should bekept in mind that the provisions of the cyber law are not made so stringent that it may retard the

    growth of the industry and prove to be counter-productive.

    Page | 30

  • 8/8/2019 Muhammad Salim (Ism)





    3) Cyber-crime: the challenge in Asia - By Roderic G. Broadhurst, Peter N. Grabosky