Cyber Crime is an evil having its origin in the growing dependence on computers in modern life.
A simple yet sturdy definition of cyber crime would be "unlawful acts wherein the computer is either a tool or a target or both". Defining cyber crimes, as "acts that are punishable by the information Technology Act" would be unsuitable as the Indian Penal Code also covers many cyber crimes, such as e-mail spoofing, cyber defamation etc.
Types of Cyber Crime
Cyber Crime refers to all activities done with criminal intent in cyberspace. This fall into three slots:
- Those against persons.
- Against Business and Non-business organizations.
- Crime targeting the government.
Let us examine the acts wherein the computer is a tool for an unlawful act. This kind of activity usually involves a modification of a conventional crime by using computer. Some examples are:
| Financial Claims: | This would include cheating, credit card frauds, money laundering etc. |
| Cyber Pornography: | This would include pornographic websites; pornographic magazines produced using computer and the Internet (to down load and transmit pornographic pictures, photos, writings etc.) |
| Sale of illegal articles: | This would include sale of narcotics, weapons and wildlife etc., by posting information on websites, bulletin boards or simply by using e-mail communications. |
| Online gambling: | There are millions of websites, all hosted on servers abroad, that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering. |
| Intellectual Property Crimes: | These include software piracy, copyright infringement, trademarks violations etc. |
PREVENTIVE STEPS FOR ORGANISATIONS AND GOVERNMENT
| Physical Security: | Physical security is most sensitive component, as prevention from cyber crime computer network should be protected from the access of unauthorized persons. |
| Access Control: | Access Control system is generally implemented using firewall, which provide a centralized point from which to permit or allow access. Firewalls allow only authorized communications between the internal and external network. |
| Password: | Proof of identity is an essential component to identify intruder. The use of passwords in the most common security for network system including servers, routers and firewalls. Mostly all the systems are programmed to ask for username and password for access to computer system. This provides the verification of user. Password should be charged with regular interval of time and it should be alpha numeric and should be difficult to judge. |
| Finding the Holes in Network: | System managers should track down the holes before the intruders do. Many networking product manufactures are not particularly aware with the information about security holes in their products. So organization should work hard to discover security holes, bugs and weaknesses and report their findings as they are confirmed. |
| Using Network Scanning Programs: | There is a security administration's tool called UNIX, which is freely available on Internet. This utility scans and gathers information about any host on a network, regardless of which operating system or services the hosts were running. It checks the known vulnerabilities include bugs, security weakness, inadequate password protection and so on. There is another product available called COPS (Computer Oracle and Password System). It scans for poor passwords, dangerous file permissions, and dates of key files compared to dates of CERT security advisories. |