Cyber Crime & Security Issues in Anthropology

Volume 5, Issue 3, March 2015
ISSN: 2277 128X
International Journal of Advanced Research in
Computer Science and Software Engineering
Research Paper
Available online at: www.ijarcsse.com
Special Issue: E-Technologies in Anthropology
Conference Held at Bon Secours College for Women, India
Cyber Crime & Security Issues in Anthropology
Sripriya.G
Asst. Professor, Dept. of CA,
Bon scours college for women, Thanjavur,
Tamil Nadu, India
Abstract: The implications of cyberspace crime for national security derive from the way technology is used by hostile
elements. This article proposes a policy directed examination of the meaning of cyberspace crime and its impact on
national security, without focusing on the widespread monetary assessments of the damage caused by cybercrime.
Nowadays cyber crime is the most concerning issue for all developed and developing countries, because it harm
governmental confidential data as well as people in daily life transactions.. And also discussed what types of crimes
are on increase and decrease. Today as the technology is increasing more companies are connecting to the internet
for doing E-business and E-commerce. This company is electronic transaction. For this security is main problem.
Security is very important on internet because internet has important role. By implementing security we can minimize
the threat. Today the whole world is depended on computer for doing anything such as traffic, train, etc. the regular
use of internet increases the opportunity of crime.
Keywords: ATS, CVV
I. INTRODUCTION
Computerization allows tasks to be broken down into small units and decentralizes processing; networking allows global
access to information and focus on knowledge as a valuable product. Computerized technologies are implemented to
change and enhance the efficiency of creative and working processes in every aspect of life, and the world of crime is no
exception. The proposed definition of cybercrime is: ―The use of cyberspace for illegal ends, while exploiting unique
cyberspace features, such as speed and immediacy; remote operation; encryption and obfuscation, making it difficult to
identify the operation and the operator.‖
The debate on cybercrime continues. Over a decade ago, Grabovsky wondered what was new about cybercrime, whether
it was not merely an old phenomenon making use of new tools. But most researchers try to analyze cybercrime as a
unique phenomenon. Majid Yar categorizes it according to the object targeted: property, people, or the state. Shinder and
Cross distinguish between types of crime according to the level of violence involved: violent and potentially violent
crime, non-violent crime (drug trade, money laundering), and crime (still) perceived to fall within the white collar
category (computer break-ins, theft, and fraud). According to Wall, cybercrime is ―the transformation of criminal or
harmful behaviour by networked technology,‖ i.e., it developed as a result of the evolution of computerization and
cyberspace and consequent new opportunities to attain, disrupt, or manipulate information for gain. Wall further
classifies cybercrime into three categories: crime involving the integrity and good working order of computer systems
(hacking); crime making use of cyberspace (encrypted communications among criminals, the sale of counterfeit
pharmaceuticals); and crime involving computerized information contents (theft of secrets, dissemination of harmful
contents).
Table 1 categorizes crime on the basis of the role played by the computer in the commission of the crime, a position
similar to that adopted by the European Convention on Cybercrime.
Access
to
and
dissemination
of Malicious disruption or
contents
modification of data
Use of communications
• Secrets
• Identity theft
•Harassment
• Knowledge/data
• Fraud
•Trade in forbidden
• Harmful contents
• Sabotage
materials
• Spam
© 2015, IJARCSSE All Rights Reserved
Page | 106
Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3),
March- 2015, pp. 106-110
The computer as a target of crime
Unauthorized
access
• Hacking
Inserting malicious code
• Malware,
spyware,
viruses
Disruption of
operation
• Distributed
denial of
service (DDoS)
Theft of service
• Unauthorized
use
There is nothing unique or new in much of cybercrime – harassment, fraud, unlawful propaganda, pornography, theft,
money laundering, espionage, and so on – except the use of cyberspace. But there is another level of crime that could not
exist without cyberspace: spam, click fraud, various types of malware, networks of captive computers (botnets), 7 digital
identity theft, camouflage and encryption8 of data and communications, computerized breaches of highly valuable secure
facilities, and automatic, long term espionage in secure organizations, depriving them of control of intellectual property.
Cyber criminals are exploiting the increasing value of digital data in all its forms, and the legal and judicial ways in
which different countries handle cyberspace.
II.
COOPERATION BETWEEN CRIMINALS AND TERRORIST ORGANIZATIONS
The interface between professional criminals and organized crime on the one hand, and terrorist organizations on the
other, is likewise not a new phenomenon. Even if we look only at the Israeli reality, we can see that such cooperation
causes damage at the national level. Since 1996, the media campaign over pirated CDs has claimed that profits are used
to fund Palestinian terrorism, 22 as part of a close connection between money laundering and its consumers such as
terrorist organizations.23 The widespread phenomenon of auto theft from Israel by West Bank thieves has been a feature
of life in Israel for many years: the problem has hardly been confronted at national level because the threat was never
considered to be a national security issue; the damage was covered by the insurance companies, which rolled it over onto
the insured parties; the police took no action outside of sovereign Israeli territory; and the army – operating permanent
security checkpoints on major roads – preferred to avoid dealing with a criminal population whose motivation was
merely monetary, rather than nationalistic. During the ―suicide bombers intifada‖ years the modus operandi of these
criminals changed: terrorist organizations recruited the expertise of Palestinian car thieves in order to obtain cars with
Israeli license plates to reach their destinations, and also to find routes to evade security checks and deliver explosives
and suicide bombers into the heart of Israel’s cities.
2.1 Towards Realizing the State’s Responsibility for Cyber Security
The meaning of the cybercrime phenomenon needs to be clarified for researchers and policymakers. For the reasons
stated above, monetary damage assessments do not provide a firm factual basis for understanding the concept or
formulating policy. Therefore, a reassessment of cybercrime is required to design appropriate national policy.
Even in the absence of agreement on the scope of direct and indirect damage caused by cybercrime, it certainly affects
how citizens, organizations, and society as a whole function. Citizens and small businesses are variously damaged by
cybercrime. Spam, internet fraud, digital identity theft, invasion of privacy, blackmail, economic espionage, and damage
to intellectual property all are widespread and harm some citizens and organizations. Although monetary assessments
seem to be exaggerated, the development of cyberspace increases numbers of potential victims and expands even further
ways of committing crimes against citizens and groups. Given rising awareness of the problem and the actual increase in
cybercrime, citizens of developed countries will reasonably demand the state take steps to provide personal, communal,
and national cyber security. Growing media exposure of data breaches and cyber attacks is indicative of a proportionate
growth of interest in the risks posed by cybercrime.
The state is fundamentally responsible for law and order and for the safety of its citizens, and is required to act to
minimize damage to them. Policy should develop on the basis of understanding the broad implications of the
phenomenon and a rational, informed public debate. Below are some pointers for developing such a debate.
The majority of the common phenomena classified as cybercrime have nothing to do with national security. What,
then, is the significance of spreading hatred and incitement against Jews or the State of Israel while defacing Israeli
websites, disseminating propaganda by means of social media and spam, hijacking social networks accounts, and
creating internet videos and campaigns offensive to the public? Citizens will be vulnerable in cyberspace and the dignity
of the nation and many of its citizens will be subjected to slander and defamation. However, experience shows that the
public is not easily shaken by such acts. Beyond the professional realm of public relations, the damage at the national
level is negligible.
III. A DANGEROUS INTERFACE: CYBERCRIME AS A NATIONAL SECURITY THREAT
Cybercrime continues to grow and challenges developed nations in different ways. Existing information about
cybercrime is acquired from periodic reports by consulting, IT and information security companies, and law enforcement
agencies. Given the problems inherent in identifying the phenomenon, the crude use of statistical methods for a
quantitative analysis, and the inclusion of indirect damage in monetary assessments, it is apparent that existing
© 2015, IJARCSSE All Rights Reserved
Page | 107
Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3),
March- 2015, pp. 106-110
information is not reliable. It seems that monetary assessments are consistently inflated. Nonetheless, that there is great
potential danger in cybercrime cannot be overlooked.
The analysis in this article shows that in effect a large range of cybercrime does not represent a threat to national security.
Phenomena such as theft and industrial espionage, fraud, harmful contents, hate crime, destruction of websites, denial of
service, and so on are liable to become a national security problem only if there is a marked increase in their incidence
and their effects are lasting. Therefore, now is the time to take action to reduce the risk and make it more difficult for
cybercriminals to operate in this realm.
Past experience shows that hostile elements recruit criminal expertise to achieve operational goals. Because of the pace
of technological developments, what today are advanced IT capabilities will within very few years become inexpensive,
off-the-shelf commodities. The black market of computer services makes advanced capabilities readily accessible. The
evidence exacerbates the concern that in cyberspace too, cooperation among criminal elements and hostile entities exists
and is on the increase.
The possibilities of crossing over the fenced Gaza Strip border were more limited than between the West Bank and Israel.
Tunnels were dug towards the Rafiah Egyptian border crossing to provide various kinds of smuggling channels.
Smuggling generates large profits for the tunnels
operators and this activity persists despite Israel’s efforts to put a stop to it. The tunnels also became a national security
problem when they were used to smuggle weapons from the Sinai Peninsula to the Gaza Strip and terrorists from the
Gaza Strip to Sinai.24 It was the criminal organizations’ expertise in digging tunnels that made the June 25, 2006 attack
on Kerem Shalom possible, in which two soldiers were killed and a third was taken hostage by Hamas. This was a clear
case of criminal technical know-how used to damage Israel’s national security.
IV.
CURRENT OCCURING CRIME NEWS
Many of us are not aware of the terms used for crime like stalking, phishing, vishing, bot networks, XSS etc. although we
know nature of crime.
4.1 Stalking:
Cyber stalking is one of the most common crime which are commenced on internet the modern world. Cyber stalking is
use of the Internet or other electronic means to stalk someone. This term is used interchangeably with online harassment
and online abuse. Stalking generally involves harassing or threatening behavior repeatedly such as following a person,
appearing at a person's home or place of business, making harassing phone calls, leaving written messages or objects, or
Vandalizing a person's property.
Cyber stalkers use websites, chat rooms, discussion forums, open publishing websites (e.g. blogs and Indy media) and
email to stalk victim.
Report by Pawan Duggal, Cyberlawconsultant, president, cyberlaws.net
4.2 Hacking.
"Hacking" is a crime, which entails cracking systems and gaining unauthorized access to the data stored in them.
Hacking could be done easily by using Trojan horse virus. Cases of hacking reported in 2011 was 157 and reported in
2012 was435 thereby % variation in increase in cases over 2011 is 177.1%.
Case related to hacking reported:
Acting on a tip-off from the Department of Telecommunications (DoT), the Kolhapur unit of the Maharashtra AntiTerrorism Squad (ATS) nabbed a hacker from Kolhapur district on Saturday who reportedly hacked into several
international calls.
According to informed sources, the man named Sanjay ran a call centre as part of his modus operandi in Ichalkaranji
Township. He also owned a sari shop as a front for his main operation — hacking international calls.
The police said more than 100 SIM cards, ostensibly to be sold on fake identity proofs, had been retrieved from the call
centre during the raid.
―This is the second such incident where we have arrested someone in possession of such a large number of SIM cards,‖
said a senior police officer.
The surge in incidents wherein SIM cards with fake identity were used for initiating explosions through Improvised
Explosive Devices (IEDs) have kept the State police on edge.
MUMBAI: Cyber criminals hacked into the Mumbai-based current account of the RPG Group of companies and shifted
Rs 2.4 crore recently. The bank has blocked the accounts of the illegal beneficiaries, but the hackers have already
managed to withdraw some funds from them, sources said.
Investigators said the cyber criminals followed a similar procedure to the one executed on January 31 when Rs 1 crore
was siphoned off in Mulund from the current account of a cosmetics company. "Prima facie, the company officials may
have responded to a Trojan mail sent by the fraudsters. The hacker then probably got the group's current account
username and password when officials logged in," said an investigator. The arrested men said they allowed their bank
accounts to be used in return for a good commission. A case has been filed under sections of the Indian Penal Code and
IT Act. Investigators have also sought details from the bank on whether it has followed the Know Your Customer norms.
4.3 Phishing
Phishing is just one type of the many frauds on the Internet, trying to fool people into parting with their money. Phishing
© 2015, IJARCSSE All Rights Reserved
Page | 108
Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3),
March- 2015, pp. 106-110
refers to the receipt of unsought emails by customers of financial institutions, asked them to enter their username,
password or other personal information to access their account for some reason. Customers are directed to a Website
which could be fraud copy of the original institution's website when they click on the links on the email to enter their
information, and so they remain unaware that the fraud has occurred. The criminal then has access to the customer's
online bank account and to the funds contained in that account number.
4.4 HYDERABAD:
An email allegedly from India's central bank, asking to secure their bank account details with the RBI is fake, and an
attempt by new-age fraudsters to con people into giving away bank account details and lose hard-earned money, security
experts said.
The email says RBI has launched a new security system, asking users to click on a link to open a page with list of banks
in place. Once anyone chooses a particular bank, it asks for all net banking details, including card numbers and the secret
three digit CVV number, among others. "The email is so neat and I for once was thrilled that RBI is taking such a big
step to ensure security of people. But at the advice of a friend, I checked with the police and learned that I would have
lost all my savings to this racket," K Manoj, a resident said.
RBI is cautioning people that the central bank, which controls the monetary policy of the Indian rupee, "has not
developed any such software and nor has it sent any such mail asking online banking customers to update their account
details to secure their online accounts."The RBI does not even have any mail id with extension@rbi.com, the central
bank says.
Times of India, "Now, a phishing email in the name of RBI‖, may14, 2013.
4.5 Vishing
The name comes from ―voice,‖ and ―phishing,‖ Vishing is the act of using the telephone in an attempt to scam the user.
Which is, of course, the use of spoofed emails designed to trap targets into clicking malicious links that leads to a toll
free number?
Instead of email, vishing generally relies on automated phone calls, which instruct targets to provide account numbers for
the purpose of financial reward.
How vishing scams work:
Criminals set up an automated dialing system to text or call people in a particular region or area code (or sometimes they
use stolen customer phone numbers from banks or credit unions). The victims receive messages like: ―There’s a problem
with your account,‖ or ―Your ATM card needs to be reactivated,‖ and are directed to a phone number or website asking
for personal information. Sometimes criminal quote some information about your account before asking you to enter
information, so you could believe its an authenticated source.
Sometimes, if a victim logs onto one of the phony websites with a Smartphone, they could also end up downloading
malicious software that could give criminals access to anything on the phone.
Mobile Threats Become More Sophisticated and Pervasive
In March 2014 , several variants of a fake Netflix app that steals personal and credit card data were found pre-installed on
a number of models of Android phones and tablets from different manufacturers. Although it’s not yet clear how the app
came to be installed before the devices reached their users, one credible theory is that the malware authors targeted the
supply chain, given that a relatively large number of individuals have physical access to Android devices along the way.
This contrasts with Apple, which controls the device hardware and operating system from start to finish, making the
supply chain much harder, if not impossible, to penetrate. Unlike the fake Netflix app, the objective of many financially
motivated.
Function
Comment
HTTP and SMS control
Send commands to the bot over
HTTP or via SMS from a designated
phone number.
Intercept all incoming SMS
Send stolen SMS messages to the
attacker’s web panel and the drop
phone number.
Send SMS from the victim’s phone
to any number, without victim’s
awareness
Form
of
telephony
fraud
(monetization of mobile bots).
Intercept (forward) all incoming
calls
Can enable hijacking of phone calls
which will likely result in diverting
security calls from the bank.
© 2015, IJARCSSE All Rights Reserved
Page | 109
Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3),
March- 2015, pp. 106-110
Phone number, ICCID, IMEI, IMSI,
Steal device-related information
model, OS, network carrier, IP,
geolocation, etc.
Steal contact list (names and
numbers)
Capture audio using device
Can possibly be used in an infection
campaign.
microphone Attacker can listen to
and intercept the victim's private
conversations.
Persistence
Reminiscent of 0bad, the app
attempts to social engineer the victim
into giving it super-user privileges,
making it impossible to remove the
app. (The bot can also send an SMS
notifying the operator of an attempt
to remove the app.)
The iBanking mobile bot is capable of gaining access to:
1. All images stored on the device
2. A full list of the installed applications
3. The geo-location coordinates using the device’s GPS to pinpoint the exact location of the device.
REFERENCES
[1]
Ammar Yassir, Samitha Nayak. ―Cyber Crime: Threat to Network Security‖, IJCSNS, VOL.12 No.2, Febuary,
2012.
[2]
Titu Kumar, Rohit Kumar Jha, Sitanshu Mohan Ray, ―Cyber Crime And Their Solution‖ , IJECS, VOL.1 Issue
1 Oct , 2012.
[3]
―The Hindu‖- online e-paper.
[4]
―The Tribune‖ – online e-paper
[5]
" Report on Cyber Crime-chapter 18‖- NCRB reportwww. ncrb.gov
[6]
N.S. Nappinai,‖Cyber Crime Law in India: Has Law Kept Pace With Emerging Trends‖ , Journal of
International
© 2015, IJARCSSE All Rights Reserved
Page | 110