Volume 5, Issue 3, March 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Special Issue: E-Technologies in Anthropology Conference Held at Bon Secours College for Women, India Cyber Crime & Security Issues in Anthropology Sripriya.G Asst. Professor, Dept. of CA, Bon scours college for women, Thanjavur, Tamil Nadu, India Abstract: The implications of cyberspace crime for national security derive from the way technology is used by hostile elements. This article proposes a policy directed examination of the meaning of cyberspace crime and its impact on national security, without focusing on the widespread monetary assessments of the damage caused by cybercrime. Nowadays cyber crime is the most concerning issue for all developed and developing countries, because it harm governmental confidential data as well as people in daily life transactions.. And also discussed what types of crimes are on increase and decrease. Today as the technology is increasing more companies are connecting to the internet for doing E-business and E-commerce. This company is electronic transaction. For this security is main problem. Security is very important on internet because internet has important role. By implementing security we can minimize the threat. Today the whole world is depended on computer for doing anything such as traffic, train, etc. the regular use of internet increases the opportunity of crime. Keywords: ATS, CVV I. INTRODUCTION Computerization allows tasks to be broken down into small units and decentralizes processing; networking allows global access to information and focus on knowledge as a valuable product. Computerized technologies are implemented to change and enhance the efficiency of creative and working processes in every aspect of life, and the world of crime is no exception. The proposed definition of cybercrime is: ―The use of cyberspace for illegal ends, while exploiting unique cyberspace features, such as speed and immediacy; remote operation; encryption and obfuscation, making it difficult to identify the operation and the operator.‖ The debate on cybercrime continues. Over a decade ago, Grabovsky wondered what was new about cybercrime, whether it was not merely an old phenomenon making use of new tools. But most researchers try to analyze cybercrime as a unique phenomenon. Majid Yar categorizes it according to the object targeted: property, people, or the state. Shinder and Cross distinguish between types of crime according to the level of violence involved: violent and potentially violent crime, non-violent crime (drug trade, money laundering), and crime (still) perceived to fall within the white collar category (computer break-ins, theft, and fraud). According to Wall, cybercrime is ―the transformation of criminal or harmful behaviour by networked technology,‖ i.e., it developed as a result of the evolution of computerization and cyberspace and consequent new opportunities to attain, disrupt, or manipulate information for gain. Wall further classifies cybercrime into three categories: crime involving the integrity and good working order of computer systems (hacking); crime making use of cyberspace (encrypted communications among criminals, the sale of counterfeit pharmaceuticals); and crime involving computerized information contents (theft of secrets, dissemination of harmful contents). Table 1 categorizes crime on the basis of the role played by the computer in the commission of the crime, a position similar to that adopted by the European Convention on Cybercrime. Access to and dissemination of Malicious disruption or contents modification of data Use of communications • Secrets • Identity theft •Harassment • Knowledge/data • Fraud •Trade in forbidden • Harmful contents • Sabotage materials • Spam © 2015, IJARCSSE All Rights Reserved Page | 106 Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3), March- 2015, pp. 106-110 The computer as a target of crime Unauthorized access • Hacking Inserting malicious code • Malware, spyware, viruses Disruption of operation • Distributed denial of service (DDoS) Theft of service • Unauthorized use There is nothing unique or new in much of cybercrime – harassment, fraud, unlawful propaganda, pornography, theft, money laundering, espionage, and so on – except the use of cyberspace. But there is another level of crime that could not exist without cyberspace: spam, click fraud, various types of malware, networks of captive computers (botnets), 7 digital identity theft, camouflage and encryption8 of data and communications, computerized breaches of highly valuable secure facilities, and automatic, long term espionage in secure organizations, depriving them of control of intellectual property. Cyber criminals are exploiting the increasing value of digital data in all its forms, and the legal and judicial ways in which different countries handle cyberspace. II. COOPERATION BETWEEN CRIMINALS AND TERRORIST ORGANIZATIONS The interface between professional criminals and organized crime on the one hand, and terrorist organizations on the other, is likewise not a new phenomenon. Even if we look only at the Israeli reality, we can see that such cooperation causes damage at the national level. Since 1996, the media campaign over pirated CDs has claimed that profits are used to fund Palestinian terrorism, 22 as part of a close connection between money laundering and its consumers such as terrorist organizations.23 The widespread phenomenon of auto theft from Israel by West Bank thieves has been a feature of life in Israel for many years: the problem has hardly been confronted at national level because the threat was never considered to be a national security issue; the damage was covered by the insurance companies, which rolled it over onto the insured parties; the police took no action outside of sovereign Israeli territory; and the army – operating permanent security checkpoints on major roads – preferred to avoid dealing with a criminal population whose motivation was merely monetary, rather than nationalistic. During the ―suicide bombers intifada‖ years the modus operandi of these criminals changed: terrorist organizations recruited the expertise of Palestinian car thieves in order to obtain cars with Israeli license plates to reach their destinations, and also to find routes to evade security checks and deliver explosives and suicide bombers into the heart of Israel’s cities. 2.1 Towards Realizing the State’s Responsibility for Cyber Security The meaning of the cybercrime phenomenon needs to be clarified for researchers and policymakers. For the reasons stated above, monetary damage assessments do not provide a firm factual basis for understanding the concept or formulating policy. Therefore, a reassessment of cybercrime is required to design appropriate national policy. Even in the absence of agreement on the scope of direct and indirect damage caused by cybercrime, it certainly affects how citizens, organizations, and society as a whole function. Citizens and small businesses are variously damaged by cybercrime. Spam, internet fraud, digital identity theft, invasion of privacy, blackmail, economic espionage, and damage to intellectual property all are widespread and harm some citizens and organizations. Although monetary assessments seem to be exaggerated, the development of cyberspace increases numbers of potential victims and expands even further ways of committing crimes against citizens and groups. Given rising awareness of the problem and the actual increase in cybercrime, citizens of developed countries will reasonably demand the state take steps to provide personal, communal, and national cyber security. Growing media exposure of data breaches and cyber attacks is indicative of a proportionate growth of interest in the risks posed by cybercrime. The state is fundamentally responsible for law and order and for the safety of its citizens, and is required to act to minimize damage to them. Policy should develop on the basis of understanding the broad implications of the phenomenon and a rational, informed public debate. Below are some pointers for developing such a debate. The majority of the common phenomena classified as cybercrime have nothing to do with national security. What, then, is the significance of spreading hatred and incitement against Jews or the State of Israel while defacing Israeli websites, disseminating propaganda by means of social media and spam, hijacking social networks accounts, and creating internet videos and campaigns offensive to the public? Citizens will be vulnerable in cyberspace and the dignity of the nation and many of its citizens will be subjected to slander and defamation. However, experience shows that the public is not easily shaken by such acts. Beyond the professional realm of public relations, the damage at the national level is negligible. III. A DANGEROUS INTERFACE: CYBERCRIME AS A NATIONAL SECURITY THREAT Cybercrime continues to grow and challenges developed nations in different ways. Existing information about cybercrime is acquired from periodic reports by consulting, IT and information security companies, and law enforcement agencies. Given the problems inherent in identifying the phenomenon, the crude use of statistical methods for a quantitative analysis, and the inclusion of indirect damage in monetary assessments, it is apparent that existing © 2015, IJARCSSE All Rights Reserved Page | 107 Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3), March- 2015, pp. 106-110 information is not reliable. It seems that monetary assessments are consistently inflated. Nonetheless, that there is great potential danger in cybercrime cannot be overlooked. The analysis in this article shows that in effect a large range of cybercrime does not represent a threat to national security. Phenomena such as theft and industrial espionage, fraud, harmful contents, hate crime, destruction of websites, denial of service, and so on are liable to become a national security problem only if there is a marked increase in their incidence and their effects are lasting. Therefore, now is the time to take action to reduce the risk and make it more difficult for cybercriminals to operate in this realm. Past experience shows that hostile elements recruit criminal expertise to achieve operational goals. Because of the pace of technological developments, what today are advanced IT capabilities will within very few years become inexpensive, off-the-shelf commodities. The black market of computer services makes advanced capabilities readily accessible. The evidence exacerbates the concern that in cyberspace too, cooperation among criminal elements and hostile entities exists and is on the increase. The possibilities of crossing over the fenced Gaza Strip border were more limited than between the West Bank and Israel. Tunnels were dug towards the Rafiah Egyptian border crossing to provide various kinds of smuggling channels. Smuggling generates large profits for the tunnels operators and this activity persists despite Israel’s efforts to put a stop to it. The tunnels also became a national security problem when they were used to smuggle weapons from the Sinai Peninsula to the Gaza Strip and terrorists from the Gaza Strip to Sinai.24 It was the criminal organizations’ expertise in digging tunnels that made the June 25, 2006 attack on Kerem Shalom possible, in which two soldiers were killed and a third was taken hostage by Hamas. This was a clear case of criminal technical know-how used to damage Israel’s national security. IV. CURRENT OCCURING CRIME NEWS Many of us are not aware of the terms used for crime like stalking, phishing, vishing, bot networks, XSS etc. although we know nature of crime. 4.1 Stalking: Cyber stalking is one of the most common crime which are commenced on internet the modern world. Cyber stalking is use of the Internet or other electronic means to stalk someone. This term is used interchangeably with online harassment and online abuse. Stalking generally involves harassing or threatening behavior repeatedly such as following a person, appearing at a person's home or place of business, making harassing phone calls, leaving written messages or objects, or Vandalizing a person's property. Cyber stalkers use websites, chat rooms, discussion forums, open publishing websites (e.g. blogs and Indy media) and email to stalk victim. Report by Pawan Duggal, Cyberlawconsultant, president, cyberlaws.net 4.2 Hacking. "Hacking" is a crime, which entails cracking systems and gaining unauthorized access to the data stored in them. Hacking could be done easily by using Trojan horse virus. Cases of hacking reported in 2011 was 157 and reported in 2012 was435 thereby % variation in increase in cases over 2011 is 177.1%. Case related to hacking reported: Acting on a tip-off from the Department of Telecommunications (DoT), the Kolhapur unit of the Maharashtra AntiTerrorism Squad (ATS) nabbed a hacker from Kolhapur district on Saturday who reportedly hacked into several international calls. According to informed sources, the man named Sanjay ran a call centre as part of his modus operandi in Ichalkaranji Township. He also owned a sari shop as a front for his main operation — hacking international calls. The police said more than 100 SIM cards, ostensibly to be sold on fake identity proofs, had been retrieved from the call centre during the raid. ―This is the second such incident where we have arrested someone in possession of such a large number of SIM cards,‖ said a senior police officer. The surge in incidents wherein SIM cards with fake identity were used for initiating explosions through Improvised Explosive Devices (IEDs) have kept the State police on edge. MUMBAI: Cyber criminals hacked into the Mumbai-based current account of the RPG Group of companies and shifted Rs 2.4 crore recently. The bank has blocked the accounts of the illegal beneficiaries, but the hackers have already managed to withdraw some funds from them, sources said. Investigators said the cyber criminals followed a similar procedure to the one executed on January 31 when Rs 1 crore was siphoned off in Mulund from the current account of a cosmetics company. "Prima facie, the company officials may have responded to a Trojan mail sent by the fraudsters. The hacker then probably got the group's current account username and password when officials logged in," said an investigator. The arrested men said they allowed their bank accounts to be used in return for a good commission. A case has been filed under sections of the Indian Penal Code and IT Act. Investigators have also sought details from the bank on whether it has followed the Know Your Customer norms. 4.3 Phishing Phishing is just one type of the many frauds on the Internet, trying to fool people into parting with their money. Phishing © 2015, IJARCSSE All Rights Reserved Page | 108 Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3), March- 2015, pp. 106-110 refers to the receipt of unsought emails by customers of financial institutions, asked them to enter their username, password or other personal information to access their account for some reason. Customers are directed to a Website which could be fraud copy of the original institution's website when they click on the links on the email to enter their information, and so they remain unaware that the fraud has occurred. The criminal then has access to the customer's online bank account and to the funds contained in that account number. 4.4 HYDERABAD: An email allegedly from India's central bank, asking to secure their bank account details with the RBI is fake, and an attempt by new-age fraudsters to con people into giving away bank account details and lose hard-earned money, security experts said. The email says RBI has launched a new security system, asking users to click on a link to open a page with list of banks in place. Once anyone chooses a particular bank, it asks for all net banking details, including card numbers and the secret three digit CVV number, among others. "The email is so neat and I for once was thrilled that RBI is taking such a big step to ensure security of people. But at the advice of a friend, I checked with the police and learned that I would have lost all my savings to this racket," K Manoj, a resident said. RBI is cautioning people that the central bank, which controls the monetary policy of the Indian rupee, "has not developed any such software and nor has it sent any such mail asking online banking customers to update their account details to secure their online accounts."The RBI does not even have any mail id with extension@rbi.com, the central bank says. Times of India, "Now, a phishing email in the name of RBI‖, may14, 2013. 4.5 Vishing The name comes from ―voice,‖ and ―phishing,‖ Vishing is the act of using the telephone in an attempt to scam the user. Which is, of course, the use of spoofed emails designed to trap targets into clicking malicious links that leads to a toll free number? Instead of email, vishing generally relies on automated phone calls, which instruct targets to provide account numbers for the purpose of financial reward. How vishing scams work: Criminals set up an automated dialing system to text or call people in a particular region or area code (or sometimes they use stolen customer phone numbers from banks or credit unions). The victims receive messages like: ―There’s a problem with your account,‖ or ―Your ATM card needs to be reactivated,‖ and are directed to a phone number or website asking for personal information. Sometimes criminal quote some information about your account before asking you to enter information, so you could believe its an authenticated source. Sometimes, if a victim logs onto one of the phony websites with a Smartphone, they could also end up downloading malicious software that could give criminals access to anything on the phone. Mobile Threats Become More Sophisticated and Pervasive In March 2014 , several variants of a fake Netflix app that steals personal and credit card data were found pre-installed on a number of models of Android phones and tablets from different manufacturers. Although it’s not yet clear how the app came to be installed before the devices reached their users, one credible theory is that the malware authors targeted the supply chain, given that a relatively large number of individuals have physical access to Android devices along the way. This contrasts with Apple, which controls the device hardware and operating system from start to finish, making the supply chain much harder, if not impossible, to penetrate. Unlike the fake Netflix app, the objective of many financially motivated. Function Comment HTTP and SMS control Send commands to the bot over HTTP or via SMS from a designated phone number. Intercept all incoming SMS Send stolen SMS messages to the attacker’s web panel and the drop phone number. Send SMS from the victim’s phone to any number, without victim’s awareness Form of telephony fraud (monetization of mobile bots). Intercept (forward) all incoming calls Can enable hijacking of phone calls which will likely result in diverting security calls from the bank. © 2015, IJARCSSE All Rights Reserved Page | 109 Sripriya, International Journal of Advanced Research in Computer Science and Software Engineering 5 (3), March- 2015, pp. 106-110 Phone number, ICCID, IMEI, IMSI, Steal device-related information model, OS, network carrier, IP, geolocation, etc. Steal contact list (names and numbers) Capture audio using device Can possibly be used in an infection campaign. microphone Attacker can listen to and intercept the victim's private conversations. Persistence Reminiscent of 0bad, the app attempts to social engineer the victim into giving it super-user privileges, making it impossible to remove the app. (The bot can also send an SMS notifying the operator of an attempt to remove the app.) The iBanking mobile bot is capable of gaining access to: 1. All images stored on the device 2. A full list of the installed applications 3. The geo-location coordinates using the device’s GPS to pinpoint the exact location of the device. REFERENCES [1] Ammar Yassir, Samitha Nayak. ―Cyber Crime: Threat to Network Security‖, IJCSNS, VOL.12 No.2, Febuary, 2012. [2] Titu Kumar, Rohit Kumar Jha, Sitanshu Mohan Ray, ―Cyber Crime And Their Solution‖ , IJECS, VOL.1 Issue 1 Oct , 2012. [3] ―The Hindu‖- online e-paper. [4] ―The Tribune‖ – online e-paper [5] " Report on Cyber Crime-chapter 18‖- NCRB reportwww. ncrb.gov [6] N.S. Nappinai,‖Cyber Crime Law in India: Has Law Kept Pace With Emerging Trends‖ , Journal of International © 2015, IJARCSSE All Rights Reserved Page | 110
© Copyright 2024