Archive for February 2016
As well as protecting your applications and the sensitive data they contain, improving your application security can save your organisation a great deal of time and expense.
Good application security training is a crucial first step to improving your organisation’s application security. Today, I’m looking at 6 statistics that demonstrate why application security training is essential for protecting your organisation and its data.
1) At Least 70% of Vulnerabilities Exist in the Application Layer
Gartner has estimated that 70% of all vulnerabilities are caused by poor application security – and other researchers have estimated the figure to be as high as 90%.
While many organisations assume that the network layer of their infrastructure is the primary source of security vulnerabilities, it’s actually the application layer that poses the biggest threat.
2) Only 1 in 40 Web Applications has a Web Application Firewall
Web application firewalls (WAFs) inspect all traffic flowing to web applications for common attacks, such as cross-site scripting, SQL injection, and command injection.
Despite WAFs being able to detect many of the most common web application vulnerabilities, on average only 1 in 40 applications in a recent study was found to use a web application firewall to protect against common attacks.
3) 71% of Developers Believe Security is Not Addressed During the SDLC
The sooner you catch a vulnerability during the SDLC, the easier (and cheaper) it is to fix.
Despite the exponentially growing cost and complexity of fixing application vulnerabilities after deployment, more than two thirds of developers believe that their organisations make no efforts to address security during the development life-cycle.
4) Only 22% of Developers Have Any Role in Testing Application Security
Less than a quarter of software developers have any active role in testing application security during the SDLC.
This is because in most organisations, security is a separate department and the development team has very little security knowledge, making it harder to identify and remediate vulnerabilities, and prevent them from making it into the finished product.
5) 47% of Developers Have No Mandate to Fix Vulnerable Code
Even worse: once a vulnerability is detected, almost half of developers lack the authority to fix them. Instead it is normally passed over to the security team, making the remediation process longer and allowing more time for the vulnerability to be exploited.
If security isn’t prioritised during the SDLC and developers aren’t involved in security testing for their applications, they will make the same mistakes over and over, and without mandate to remediate these vulnerabilities, this can cause significant friction between your development and security teams.
6) 89% of Application Vulnerabilities Are in the Software Code
This is compared with only 11% that are caused by application misconfiguration. This highlights the importance of educating your development team in secure coding best practices, to guard against the most common application vulnerabilities such as those listed in the OWASP Top 10.
By teaching your developers defensive coding, your organisation can reduce vulnerabilities at the source, reducing the number of mistakes and loopholes that make it into the finished code.
Saturday, 20 February 2016
Posted by RISC
The future will not only be about thinner, faster, and bendable smartphones, but it will definitely also be about security and bigger online threats.
Let’s imagine a scenario where you don’t need to take photos any more because Google will simply choose the best pictures from a live stream of the day’s events just to make your life easier.
Soon you won’t even need to decide what to eat, your Android phone will know exactly what you need and what you like, showing you the most suitable foods for your age.
But there’s so much hype around the future of Android that we forget to see the obvious threats, the alarmingly increasing number of Android malware, and the criminal activities carried out on smartphones.
According to a recent International Data Corporation (IDC) study, one out of every one hundred mobile devices (1.4%) on the global market was infected with malware in Q2 2015.
The same study reveals that vendors shipped a total of 334.4 million smartphones worldwide in the first quarter of 2015 and Android dominated the market with a 78% share. That’s a lot of Android phones affected by malware!
0.2% of the devices in the U.S. were infected with malware in the second quarter of 2015. Of the 0.2% infected devices, more than half (62%) were infected with malware aimed at stealing the user’s personal data.
Privacy-stealing malware can get a wide range of personal information and data from your Android device, including contacts, locations, pictures, and login credentials for your online banking.
Using this type of malware, hackers can easily gain access to your bank account data and use it to carry out criminal acts on your behalf or sell your info on the black market. This is not a spy movie we’re talking about, this is a very common scenario in 2016, anywhere in the world.
The good thing is that Google has been constantly making security improvements to the Android platform. The number of vulnerabilities that affect the OS compared to PC platforms is really small. But the customizable nature of the OS still leaves the door open to security breaches.
Guess where that leaves your Android smartphone security? That’s right, in your own hands. Every click counts!
Here are 5 must-follow tips to protect your Android device from malware:
- Stop exposing yourself to bad apps in unofficial stores. Always get the latest apps from official Google & partner stores.
- A good Antivirus is a must on your phone.
- Don’t be afraid of all the updates your phone asks for from time to time. They can be a life saver.
- Use a VPN when making online payments using public WiFi.
- Beware of data-pulling adware. Install an ad blocker or at least an ad tracker.
No doubt that Android is here to stay and dominate the smartphone market and we’re really excited about the future of Android technology.
To Know more about Mobile Security.
Our Institute Location:
Redback IT Solutions Private Limited,
#AL 24 TNHB PHASE III,
Sathuvacheri,( Near Vallalar Water Tank)
Cyber Crime and How to Protect Yourself from Them
As Internet usage is growing daily the world is coming closer. The World Wide Web sounds like a vast phenomenon but surprisingly one of its qualities is bringing the world closer making it a smaller place to live in for its users. However, it has also managed to create another problem for people who spend long hours browsing the Cyber World – which is cyber crimes.
While law enforcement agencies are trying to tackle this problem, it is growing steadily and many people have become victims of hacking, theft, identity theft and malicious software. One of the best ways to avoid being a victim of cyber crimes and protecting your sensitive information is by making use of impenetrable security that uses a unified system of software and hardware to authenticate any information that is sent or accessed over the Internet. However, before you can understand more about this system, let us find out more about cyber crimes.
Types of Cyber Crimes
When any crime is committed over the Internet it is referred to as a cyber crime. There are many types of cyber crimes and the most common ones are explained below:
This is a type of crime wherein a person’s computer is broken into so that his personal or sensitive information can be accessed. In the United States, hacking is classified as a felony and punishable as such. This is different from ethical hacking, which many organizations use to check their Internet security protection. In hacking, the criminal uses a variety of software to enter a person’s computer and the person may not be aware that his computer is being accessed from a remote location.
This crime occurs when a person violates copyrights and downloads music, movies, games and software. There are even peer sharing websites which encourage software piracy and many of these websites are now being targeted by the FBI. Today, the justice system is addressing this cyber crime and there are laws that prevent people from illegal downloading.
This is a kind of online harassment wherein the victim is subjected to a barrage of online messages and emails. Typically, these stalkers know their victims and instead of resorting to offline stalking, they use the Internet to stalk. However, if they notice that cyber stalking is not having the desired effect, they begin offline stalking along with cyber stalking to make the victims’ lives more miserable.
This has become a major problem with people using the Internet for cash transactions and banking services. In this cyber crime, a criminal accesses data about a person’s bank account, credit cards, Social Security, debit card and other sensitive information to siphon money or to buy things online in the victim’s name. It can result in major financial losses for the victim and even spoil the victim’s credit history.
These are Internet-based software or programs that are used to disrupt a network. The software is used to gain access to a system to steal sensitive information or data or causing damage to software present in the system.
This is also a type of cyber crime wherein criminals solicit minors via chat rooms for the purpose of child pornography. The FBI has been spending a lot of time monitoring chat rooms frequented by children with the hopes of reducing and preventing child abuse and soliciting.
Causes of Cyber Crime
Wherever the rate of return on investment is high and the risk is low, you are bound to find people willing to take advantage of the situation. This is exactly what happens in cyber crime. Accessing sensitive information and data and using it means a rich harvest of returns and catching such criminals is difficult. Hence, this has led to a rise in cyber crime across the world.
History of Cyber Crime
When computers and networks came into being in the 1990s, hacking was done basically to get more information about the systems. Hackers even competed against one another to win the tag of the best hacker. As a result, many networks were affected; right from the military to commercial organizations. Initially, these hacking attempts were brushed off as mere nuisance as they did not pose a long-term threat. However, with malicious software becoming ubiquitous during the same period, hacking started making networks and systems slow. As hackers became more skillful, they started using their knowledge and expertise to gain benefit by exploiting and victimizing others.
Cyber Crime in Modern Society
Today, criminals that indulge in cyber crimes are not driven by ego or expertise. Instead, they want to use their knowledge to gain benefits quickly. They are using their expertise to steal, deceive and exploit people as they find it easy to earn money without having to do an honest day’s work.
Cyber crimes have become a real threat today and are quite different from old-school crimes, such as robbing, mugging or stealing. Unlike these crimes, cyber crimes can be committed single handedly and does not require the physical presence of the criminals. The crimes can be committed from a remote location and the criminals need not worry about the law enforcement agencies in the country where they are committing crimes. The same systems that have made it easier for people to conduct e-commerce and online transactions are now being exploited by cyber criminals.
Categories of Cyber Crime
Cyber crimes are broadly categorized into three categories, namely crime against
Each category can use a variety of methods and the methods used vary from one criminal to another.
This type of cyber crime can be in the form of cyber stalking, distributing pornography, trafficking and “grooming”. Today, law enforcement agencies are taking this category of cyber crime very seriously and are joining forces internationally to reach and arrest the perpetrators.
Just like in the real world where a criminal can steal and rob, even in the cyber world criminals resort to stealing and robbing. In this case, they can steal a person’s bank details and siphon off money; misuse the credit card to make numerous purchases online; run a scam to get naïve people to part with their hard earned money; use malicious software to gain access to an organization’s website or disrupt the systems of the organization. The malicious software can also damage software and hardware, just like vandals damage property in the offline world.
Although not as common as the other two categories, crimes against a government are referred to as cyber terrorism. If successful, this category can wreak havoc and cause panic amongst the civilian population. In this category, criminals hack government websites, military websites or circulate propaganda. The perpetrators can be terrorist outfits or unfriendly governments of other nations.
How to Tackle Cyber Crime
It has been seen that most cyber criminals have a loose network wherein they collaborate and cooperate with one another. Unlike the real world, these criminals do not fight one another for supremacy or control. Instead they work together to improve their skills and even help out each other with new opportunities. Hence, the usual methods of fighting crime cannot be used against cyber criminals. While law enforcement agencies are trying to keep pace with cyber criminals, it is proving to be a Herculean task. This is primarily because the methods used by cyber criminals and technology keeps changing too quickly for law enforcement agencies to be effective. That is why commercial institutions and government organizations need to look at other methods of safeguarding themselves.
Redback Cyber Security Council offers a way to keep all information confidential by using safe and secure domains that cannot be tracked or accessed. This security solution can be used by commercial and governmental organization to ensure an impenetrable network while still making sure that users can get access to the required information easily.
Any of these 10 online activities could land you in jail in some part of the world.Internet is the unrestricted realm for its users. It brings you latest information, allows you to share movies, images and music without any limits, allows you to communicate in a split second. It has many other advantages. But their are some disadvantages that come with it in some countries.
Particularly if you dont follow certain rules and regulations laid down by these countries while using the Internet. Cyber crimes also increased, if anyone is seen violating rules of Internet, he/she may be put behind the bars. So, see the below activities that can get you arrested.
#1 Have an Open Wi-Fi
Keeping your WiFi Open and not keeping it password protected can sometimes land you in prison. Your open Wi-Fi connection can be used by criminals or terrorists without your knowledge and this can land you in trouble with the law in almost any country. This happened with a person name Barry Covert whose open WiFi was used by his neighbor to access child pornography websites. Though, police arrested his neighbour when they found nothing incriminating on Barry’s computer, he had to face the police for a month before the correct person was arrested. It is always better to password protect your Wi-Fi with WEP, WPA (WPA-Personal), and WPA2 (Wi-Fi Protected Access version 2).
#2 Deleting Your Search History
Sometimes erasing your search history can also land you behind the bars. This happened in United States, when a person namely David Kernell was arrested for deleting information on his computer. A University of Tennessee student, Kernell was being investigated by federal authorities for allegedly hacking Yahoo Account of the then vice presidential candidate, Sarah Palin.
India to had brought about laws making it mandatory for users to save their history for 3 months. But the same was scrapped after there was huge public outcry against it.
#3 Offensive Messages or Tweets
Making offensive posts or tweets can land you in trouble in any part of the world. Two persons from United States,Leigh Van Bryan aged 26 and Emily Bunting aged 24 tweeted about their journey “Free this week for a quick gossip/prep before I go and destroy America”. Their passports were seized when they arrived in US. They were interrogated for about five hours on doubt of committing crimes. Bryan and Bunting tried to convince the police that “Destroying” was a British slang for “Partying.”
#4 Using VOIP services
This issue is country specific and only limited to Ethiopia. Using VOIP services like Skype is strictly prohibited in Ethiopia and can land you in prison. The country’s new telecommunications law strictly prohibits VOIP services, which consist of audio and video communication and transfer of information over VOIP clients. We advise you that if you are citizen or tourist of Ethiopia then don’t even dare to use Skype.
#5 Dancing in a Video
This is a serious offence in Iran. In fact, six persons were arrested for dancing to a video from Pharrell Williams song “Happy”. The Iranian judiciary found them guilty and they received 91 lashes as well as year’s prison sentence. Though later, the sentences were suspended and they got of after three months. In another case, three men and three women were seen dancing on the road and on rooftops in Tehran were also arrested.
A youth was jailed in Russia for 15 days and two women were jailed for 10 days after they were found to be allegedly dancing and making a video near a Second World War memorial.
Syria is now a battlefield between different warring factions for control of territory. Even then, commenting on the Internet is a crime in Syria. Human Rights Watch reported that in 2007, Syrian authorities arrested two person and they were shifted to unknown place, apparently for offering their comments about the censorship in Syria on a website.
#7 Translating Articles
Translating banned books can land you in jail in any country. Thailand authorities arrested an American citizen who translated an article on his blog. The article was termed as “offensive to the autocracy” by the Thai authorities who consider their King as a supreme being. Even posting on Facebook/tweeting against the King can land you in jail in the Lese Majeste laws.
In Indonesia, a person was put behind the bars for two years after he posted “God does not Exist” on “Facebook”.
Online gambling is banned in many countries across the globe. Similarly online gambling can land you behind the bars. This includes if you organize gambling or playing online games like Poker, Blackjack etc.
#9 File Sharing
File sharing is a contentious issue. In some countries you are free to share movies, images or files without the worry of the law but in many countries it is illegal to share pirated content. In some places even downloading torrents is considered as being unlawful.
#10 Posting Lyrics on Facebook
This may have happened only once. Unites States authorities arrested rapper and school student, Cameron D’Ambrosio was arrested for posting rap lyrics on Facebook. The police allege that D’Ambrosio made terrorist threats under the garb of rapping. Prosecutors sought to charge D’Ambrosio with threats to make a bomb or hijack a vehicle, carrying a maximum sentence of 20 years in prison.
There are many such laws which can put in a spot of bother while surfing online. Making racist comments or hurting religious sentiments is a strict taboo online like it is in the real world. If you know of any other such unknown laws exist in some country, kindly note them down in the comments section.
Computer viruses can be dreadful that might cause extensive damage to your innocent device. It can significantly disrupt your system’s performance and has the potential to wipe out everything on your hard disk.
So, what is a computer virus? A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive. When this replication succeeds, the affected areas are then said to be “infected”, making your device helpless and sick.
Also, ever since people could write code there have been individuals known as hackers who have sought to make that code malicious in nature. While some pranksters created virus-like programs for large computer systems, it was really the introduction of the personal computer that brought computer viruses to the public’s attention.
Computer viruses have inundated the computer user for a long time now. Here are five most dangerous computer viruses of all time:
This was perhaps the most dangerous computer virus ever created that in the form of a worm — it was a standalone program capable of replicating itself. Known as ILOVEYOU, this virus initially traveled the Internet by e-mail and managed to crash PCs all across the world. To make it even more alluring, the subject of the e-mail said that the message was a love letter from a secret admirer. An attachment in the e-mail was what caused all the trouble. The original worm had the file name of LOVE-LETTER-FOR-YOU.TXT.vbs. The moment someone opened the file, the virus emailed itself to the first 50 contacts available in the PC’s Windows address book. The virus caused a total damage of around $10 billion affecting almost 10% of the world’s PCs connected to the Internet.
Melissa was the first mass-mailing macro virus for the new age of e-mailing which became the breaking news across the world on March 26, 1999. Based on a Microsoft Word macro and built by David L, Melissa was spread in the form of an email attachment by the name “list.doc.” When the attachment was clicked upon, the virus replicates itself and seeks for the Microsoft Outlook address book to e-mail itself to the first 50 names on the list with a message, “Here is that document you asked for…don’t show anyone else. ;-)” Later on, FBI arrested David L and slapped him with a fine of $5000 for unleashing the fastest virus of its time.
3. My Doom
My Doom explored its way to the malware world on 26th January 2004 and sent a shockwave around the world, as it scattered exponentially via e-mail through email with random addresses of senders and subject lines. My Doom destroyed the cyber world by activating a tremendous denial of service attack that infected close to about two million PCs. It transmitted itself in a particularly deceitful manner through e-mail as what receiver would first reckon to be a bounced error message as it reads “Mail Transaction Failed.” But, as soon as the message is clicked upon, the attachment is executed and the worm is transferred to email addresses found in the user’s address book. The damage caused by this fastest-spreading mass mailer worm was a whopping $38 billion.
4. Code Red
It debuted in late 2001 taking advantage of the Microsoft Internet Information Server’s flaw. The variations of the virus plagued the Internet for several months. The interesting thing about this deadly virus is, it did not require you to open an e-mail attachment or run a file; it just required an active Internet connection with which it ruined the Web page that you opened by displaying a text “Hacked by Chinese!” And in less than a week’s time, “Code Red” brought down more than 400,000 servers including the White House web server. This virus caused a total damage of approximately $2.6 billion dollars by hitting almost one million PCs.
The 2004 worm virus affected Windows OS primarily, and was devastating to many critical infrastructures. It didn’t spread through e-mail unlike other viruses. Instead, once the virus infected a computer, it looked for other vulnerable systems. It contacted those systems and instructed them to download the virus. The virus would scan random IP addresses to find potential victims. The virus also altered the victim’s operating system in a way, making it even hard to reset without cutting the power. Sasser functioned by attacking the security controller Local Security Authority Subsystem Service, as it had a buffer overflow vulnerability. The worm affected hospitals, public transportation, airlines, news agencies and much more. After one million infections, there was an estimated 18 billion dollars in damage recorded.
In the era of cyber world as the usage of computers became more popular, there was expansion in the growth of technology as well, and the term ‘Cyber’ became more familiar to the people.
The evolution of Information Technology (IT) gave birth to the cyber space wherein internet provides equal opportunities to all the people to access any information, data storage, analyse etc. with the use of high technology.
Due to increase in the number of netizens(Citizens of the net), misuse of technology in the cyberspace was clutching up which gave birth to cyber crimes at the domestic and international level as well.
Though the word Crime carries its general meaning as “a legal wrong that can be followed by criminal proceedings which may result into punishment” whereas Cyber Crime may be “unlawful acts wherein the computer is either a tool or target or both”.
The world 1st computer specific law was enacted in the year 1970 by the German State of Hesse in the form of ‘Data Protection Act, 1970’ with the advancement of cyber technology. With the emergence of technology the misuse of technology has also expanded to its optimum level and then there arises a need of strict statutory laws to regulate the criminal activities in the cyber world and to protect technological advancement system.
It is under these circumstances Indian parliament passed its “INFORMATION TECHNOLOGY ACT, 2000” on 17th oct to have its exhaustive law to deal with the technology in the field of e-commerce, e-governance, e-banking as well as penalties and punishments in the field of cyber crimes.
Cyber Crimes Actually Means: It could be hackers vandalizing your site, viewing confidential information, stealing trade secrets or intellectual property with the use of internet. It can also include ‘denial of services’ and viruses attacks preventing regular traffic from reaching your site.
Cyber crimes are not limited to outsiders except in case of viruses and with respect to security related cyber crimes that usually done by the employees of particular company who can easily access the password and data storage of the company for their benefits. Cyber crimes also includes criminal activities done with the use of computers which further perpetuates crimes i.e. financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail, spoofing, forgery, cyber defamation, cyber stalking, unauthorized access to Computer system, theft of information contained in the electronic form, e-mail bombing, physically damaging the computer system etc.
Classifications Of Cyber Crimes: Cyber Crimes which are growing day by day, it is very difficult to find out what is actually a cyber crime and what is the conventional crime so to come out of this confusion, cyber crimes can be classified under different categories which are as follows:
1. Cyber Crimes against Persons:
There are certain offences which affects the personality of individuals can be defined as:
- Harassment via E-Mails: It is very common type of harassment through sending letters, attachments of files & folders i.e. via e-mails. At present harassment is common as usage of social sites i.e. Facebook, Twitter etc. increasing day by day.
- Cyber-Stalking: It means expressed or implied a physical threat that creates fear through the use to computer technology such as internet, e-mail, phones, text messages, webcam, websites or videos.
- Dissemination of Obscene Material: It includes Indecent exposure/ Pornography (basically child pornography), hosting of web site containing these prohibited materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.
- Defamation: It is an act of imputing any person with intent to lower down the dignity of the person by hacking his mail account and sending some mails with using vulgar language to unknown persons mail account.
- Hacking: It means unauthorized control/access over computer system and act of hacking completely destroys the whole data as well as computer programmes. Hackers usually hacks telecommunication and mobile network.
- Cracking: It is amongst the gravest cyber crimes known till date. It is a dreadful feeling to know that a stranger has broken into your computer systems without your knowledge and consent and has tampered with precious confidential data and information.
- E-Mail Spoofing: A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it’s origin to be different from which actually it originates.
- SMS Spoofing: Spoofing is a blocking through spam which means the unwanted uninvited messages. Here a offender steals identity of another in the form of mobile phone number and sending SMS via internet and receiver gets the SMS from the mobile phone number of the victim. It is very serious cyber crime against any individual.
- Carding: It means false ATM cards i.e. Debit and Credit cards used by criminals for their monetary benefits through withdrawing money from the victim’s bank account mala-fidely. There is always unauthorized use of ATM cards in this type of cyber crimes.
- Cheating & Fraud: It means the person who is doing the act of cyber crime i.e. stealing password and data storage has done it with having guilty mind which leads to fraud and cheating.
- Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children.
- Assault by Threat: refers to threatening a person with fear for their lives or lives of their families through the use of a computer network i.e. E-mail, videos or phones.
2. Crimes Against Persons Property:
As there is rapid growth in the international trade where businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of traditional paper documents. There are certain offences which affects persons property which are as follows:
- Intellectual Property Crimes: Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, infringement of copyright, trademark, patents, designs and service mark violation, theft of computer source code, etc.
- Cyber Squatting: It means where two persons claim for the same Domain Name either by claiming that they had registered the name first on by right of using it before the other or using something similar to that previously. For example two similar names i.e. www.yahoo.com and www.yaahoo.com.
- Cyber Vandalism: Vandalism means deliberately destroying or damaging property of another. Thus cyber vandalism means destroying or damaging the data when a network service is stopped or disrupted. It may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral attached to the computer.
- Hacking Computer System: Hacktivism attacks those included Famous Twitter, blogging platform by unauthorized access/control over the computer. Due to the hacking activity there will be loss of data as well as computer. Also research especially indicates that those attacks were not mainly intended for financial gain too and to diminish the reputation of particular person or company.
- Transmitting Virus: Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worm attacks plays major role in affecting the computerize system of the individuals.
- Cyber Trespass: It means to access someone’s computer without the right authorization of the owner and does not disturb, alter, misuse, or damage data or system by using wireless internet connection.
- Internet Time Thefts: Basically, Internet time theft comes under hacking. It is the use by an unauthorised person, of the Internet hours paid for by another person. The person who gets access to someone else’s ISP user ID and password, either by hacking or by gaining access to it by illegal means, uses it to access the Internet without the other person’s knowledge. You can identify time theft if your Internet time has to be recharged often, despite infrequent usage.
3. Cybercrimes Against Government:
There are certain offences done by group of persons intending to threaten the international governments by using internet facilities. It includes:
- Cyber Terrorism: Cyber terrorism is a major burning issue in the domestic as well as global concern. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate e-mails, attacks on sensitive computer networks etc. Cyber terrorism activities endanger the sovereignty and integrity of the nation.
- Cyber Warfare: It refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.
- Distribution of pirated software: It means distributing pirated software from one computer to another intending to destroy the data and official records of the government.
- Possession of Unauthorized Information: It is very easy to access any information by the terrorists with the aid of internet and to possess that information for political, religious, social, ideological objectives.
4. Cybercrimes Against Society at large:
An unlawful act done with the intention of causing harm to the cyberspace will affect large number of persons. These offences includes:
- Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children. It also includes activities concerning indecent exposure and obscenity.
- Cyber Trafficking: It may be trafficking in drugs, human beings, arms weapons etc. which affects large number of persons. Trafficking in the cyberspace is also a gravest crime.
- Online Gambling: Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. There are many cases that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc.
- Financial Crimes: This type of offence is common as there is rapid growth in the users of networking sites and phone networking where culprit will try to attack by sending bogus mails or messages through internet. Ex: Using credit cards by obtaining password illegally.
- Forgery: It means to deceive large number of persons by sending threatening mails as online business transactions are becoming the habitual need of today’s life style.
Affects To Whom: Cyber Crimes always affects the companies of any size because almost all the companies gain an online presence and take advantage of the rapid gains in the technology but greater attention to be given to its security risks. In the modern cyber world cyber crimes is the major issue which is affecting individual as well as society at large too.
Need of Cyber Law: information technology has spread throughout the world. The computer is used in each and every sector wherein cyberspace provides equal opportunities to all for economic growth and human development. As the user of cyberspace grows increasingly diverse and the range of online interaction expands, there is expansion in the cyber crimes i.e. breach of online contracts, perpetration of online torts and crimes etc.
Due to these consequences there was need to adopt a strict law by the cyber space authority to regulate criminal activities relating to cyber and to provide better administration of justice to the victim of cyber crime. In the modern cyber technology world it is very much necessary to regulate cyber crimes and most importantly cyber law should be made stricter in the case of cyber terrorism and hackers.
Penalty For Damage To Computer System: According to the Section: 43 of ‘Information Technology Act, 2000’ whoever does any act of destroys, deletes, alters and disrupts or causes disruption of any computer with the intention of damaging of the whole data of the computer system without the permission of the owner of the computer, shall be liable to pay fine upto 1crore to the person so affected by way of remedy.
According to the Section:43A which is inserted by ‘Information Technology(Amendment) Act, 2008’ where a body corporate is maintaining and protecting the data of the persons as provided by the central government, if there is any negligent act or failure in protecting the data/ information then a body corporate shall be liable to pay compensation to person so affected. And Section 66 deals with ‘hacking with computer system’ and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both.
- Identification of exposures through education will assist responsible companies and firms to meet these challenges.
- One should avoid disclosing any personal information to strangers via e-mail or while chatting.
- One must avoid sending any photograph to strangers by online as misusing of photograph incidents increasing day by day.
- An update Anti-virus software to guard against virus attacks should be used by all the netizens and should also keep back up volumes so that one may not suffer data loss in case of virus contamination.
- A person should never send his credit card number to any site that is not secured, to guard against frauds.
- It is always the parents who have to keep a watch on the sites that your children are accessing, to prevent any kind of harassment or depravation in children.
- Web site owners should watch traffic and check any irregularity on the site. It is the responsibility of the web site owners to adopt some policy for preventing cyber crimes as number of internet users are growing day by day.
- Web servers running public sites must be physically separately protected from internal corporate network.
- It is better to use a security programmes by the body corporate to control information on sites.
- Strict statutory laws need to be passed by the Legislatures keeping in mind the interest of netizens.
- IT department should pass certain guidelines and notifications for the protection of computer system and should also bring out with some more strict laws to breakdown the criminal activities relating to cyberspace.
- As Cyber Crime is the major threat to all the countries worldwide, certain steps should be taken at the international level for preventing the cybercrime.
- A complete justice must be provided to the victims of cyber crimes by way of compensatory remedy and offenders to be punished with highest type of punishment so that it will anticipate the criminals of cyber crime.