Cyber crime: Prevention better till foolproof firewalls in place
Cyber crime is clearly an area where prevention would certainly be better than cure because even if one gets lucky to track the offender, the legal framework is still on shaky legs.india Updated: Dec 22, 2003 14:20 IST
Ritu Kohli, a Delhi housewife was shocked when she suddenly started getting obscene calls from people who claimed that she had been talking to them online. Further interrogation revealed that Manish Kathuria, an acquaintance, had hacked into Ritu's identity. He had been passing her phone number to people on porn sites. In the first case of cyber crime in Delhi, Kathuria was arrested under section 509 of IPC.
Ritu's case is not an isolated one. While the Internet superhighway has enabled communication workers to connect effectively, it has also played into the hands of nefarious elements to propagate a new category of crime called the cyber crime.
Cyber crime is a wide-ranging phrase that can be used to define information technology-enabled offence, from simple password theft to hacking into sensitive systems.
"Any criminal activity that uses a computer either as an instrument, target or a means for perpetuating crimes comes within the ambit of cyber crime," says cyber law specialist Pavan Duggal.
Even Home Secretary N. Gopalaswami has admitted that India has to work hard in order to counter the growing threat of cyber crime and cyber terrorism.
As Symantec Sales Head Ambarish Deshpande says: Being online can be very unsafe.
Broadband makes hacking even easier as despite the faster connection and the permanent Domain Name System (DNS) address, there is a path that is always available to your PC. Malicious hackers can steal or destroy your files by tunnelling through your broadband connection straight to your hard drive using mobile code.
Then there are ActiveX controls that can give hackers a back door into your PC. One example is Microsoft's Office Assistant known as Clippy (because of its paper clip persona). Clippy is actually back door for Microsoft to allow macros to help users when needed. Unfortunately, Clippy also turned out to be a security hole.
The details you give to various websites, especially e-commerce sites, can also be hazardous. According to Deshpande, digital means of commerce must be kept safe.
Criminals also use modern technology to propagate their schemes. The terrorist who attacked Parliament last year used laptop for communication and fake identifications. However, our law enforcement agencies failed to intercept electronic transmission. Since 9-11 FBI has been monitoring emails on a big scale. "Cyber crime will be one of the FBI's highest priorities for the foreseeable future," FBI Assistant Director Jana Monroe wrote in a report on cyber crime.
It's not easy for websites themselves to stay away from cyber criminals. Rediff.com chairman and CEO Ajit Balakrishnan says that intrusion detection systems and firewalls are necessary to disallow any syn flood or denial of service attack. About 10,000 India sites were hacked in August alone, according to ASCL (Asian School of Cyber Laws).
One man's poison is another man's food. Certainly with increasing security threats, one industry that is booming is the Internet security space. According to José Ruggero, Gartner vice president, Internet security is becoming more and more important and companies are spending greater amounts to ensure secure systems.
Customisable products from Norton, McAfee and Trend Micro can hide your computer from hackers and help prevent identity thieves from obtaining your personal information. They also help in rooting out unwanted spyware and cookies, protecting online activities from prying eyes.
Special password programmes can help keep a track of various passwords. Firewalls and proxy servers are foolproof measures for remote hacking, while use of encrypted emails and data should ensure safe communication.
According to Niraj Kaushik, country manager, Trend Micro India, small steps such as scanning all attachments and deleting cookies and updating software can go a long way in cyber protection.
The best way to prevent misuse of identity while giving your details on a website is to check websites for secure servers. Your browser must display a "locked" icon and the URL should begin with https://.
Much work is being done within the country also. R. K. Verma, executive director, CDAC, says that development of cyber forensics and cyber security tools is the need of the day and his organisation is investing heavily into it. Sify has set-up a subsidiary called Safe Scrypt to provide digital security solutions.
Prevention better than cure
Cyber crime is clearly an area where prevention would certainly be better than cure because even if one gets lucky to track the offender, the legal framework is still on shaky legs.
Over the years, we have seen many breakthroughs in cyber crime cases and offenders have been booked for a variety of cyber crimes like cyber stalking in chatrooms, identity thefts, Nigerian email scams, online sale of pirated software and even credit card frauds. But till date only one judgement has been delivered.
Even the IT Act 2000 leaves large number of grey areas. It does not have much scope for regulating electronic payment gateways and is unclear about crimes like cyber stalking, harassment and cyber terrorism while ignores the issue of intellectual property rights.
Fredrik Nystrom, Director, Plus Four Six, a digital rights management company says that Indian cyber space has no respect for intellectual property, due to poor policing and reporting.
According to Duggal, most cases remain unreported due to lack of awareness. Of every 500 cases, 50 are reported and only one of them acted upon. Spreading awareness and ushering in the latest technology are the only options to tackle cyber criminals.
According to Kaushik, the government needs to clearly phrase definition of cyber crimes and its constituents, create mechanisms that pin accountability on perpetrators of such activities and also legislate stringent laws which take offenders to task."
Till this is done, prevention is certainly a better idea.
How to counter it
* Use latest software and update them
* Use Internet security software
* Keep broadband connection locked
* Delete all cookies
* Close ActiveX controls
* Backup database
* Be vigil while giving information to website
* Use secure websites only
* Use encrypted mails