2. It is observed that because of global communication ,internet is
misused for criminal activities. Today many unethical things are
happening in Cyber space called cyber crime.
Cyber crime is refer to all activities done with the criminal
intent in Cyber space. People with intelligence and having bad
intention are misusing the aspect of internet to perpetuate criminal
activities in Cyber space.
The Criminal activities include various crime like Software
Piracy, Unauthorized Access, Transmission of
harmful software etc.
So there is need for cyber law.
3.
4. The earliest forms of computer crimes
revolved around using computers to illegally
obtain free long distance phone calls, known
as phreaking. This required the computer
users to hack into phone company
computers. Hacking became more
predominant in the 1980s when personal
computers and home modems were first
becoming readily available. Unfortunately,
the term “hacking” is also synonymous with
computer programming so the term “cracking”
is also sometimes used.
5. Cybercrime in a narrow sense
(computer crime):
Any illegal behavior directed
by means of electronic operations that targets the
security of computer systems and the data processed
by them.
Cybercrime in a broader sense
(computer-related crime):
Any illegal behavior committed
by means of, or in relation to, a computer system or
network, including such crimes as illegal possession
[and] offering or distributing information by means of a
computer system or network.
6. Denial of service (DDOS) attack.
Phishing.
Cyber-Terrorism.
Pornography.
Copyright infringement.
Malicious software.
7. Web servers are typically set up to handle a set number of
requests at a time
• For instance, a small web server might be set up to handle 20 requests
Web servers also are set up to offer a certain time period
before a “time out” occurs
• Perhaps 2 minutes
Now consider a single web server (1 machine) for a company
that is suddenly deluged with 10,000,000 requests
• Most of the requests get placed into a queue, waiting for attention by the
web server
• Most requests do not make it through the queue in time and are thus
timed out, so legitimate users get a denial of access to the web server (or
denial of service)
This is a tactic of sheer sabotage (or cyber terrorism) –
someone writes a program to generate millions of requests
and floods the target web server(s).
8. A web form is one of the few forms of input to a web page
• The web page is set up specifically so that a user (visitor) to that
web page can provide information or feedback
• Typically, forms use server side programs (scripts) to process the
data in the form
• This may include generating SQL queries to send to a database
• A clever user can fill in malicious SQL queries into a form and
thus, when submitted to the database, the SQL query is enacted
– this could be a query to overwrite previously stored data.
Like the denial of service, this is another form of sabotage or
terrorism
• Proper mechanisms must be in place to safeguard against this.
9. Jan 13, 2006 – Russian computer criminals broke into
Rhode Island government web site and stole credit card
data
June 29, 2007 – a computer criminal used an SQL
injection to deface the Microsoft UK website
Apr – Aug 2008, a number of attacks against various
computers using Microsoft’s IIS web server and SQL
Server database that, when successful, gives the user
(hacker) access to the entire computer system – an
estimated 500,000 web pages were exploited!
10. Illegally attempting to gain sensitive information
from people for the purpose of computer-based
fraud, these attempts can include
• social engineering – calling or emailing someone
pretending to be “official” and asking for confidential
information such as password or social security #
• password cracking – attempting to break into an
account by guessing a password (possibly trying all
possible passwords, or guessing based on what you
know of the person)
• link manipulation for website spoofing – here, an
email has a link pretending to be to a page you visit
(e.g., paypal) but in fact the link is to a spoofed or
forged site
11.
12. Cyber law or Internet law is a
term that encapsulates the legal issues
related to use of the Internet. It is less a
distinct field of law than intellectual
property or contract law, as it is a domain
covering many areas of law and regulation.
Some leading topics include internet
access and usage, privacy, freedom of
expression, and jurisdiction.
13. Cyber law refers to all legal aspect and
regulatory aspects of Internet, World Wide
Web (WWW), E-Commerce.
14. Florida Electronic Security Act
Illinois Electronic Commerce Security Act
Texas Penal Code - Computer Crimes Statute
Maine Criminal Code - Computer Crimes
Singapore Electronic Transactions Act
Malaysia Computer Crimes Act
UNCITRAL Model Law on Electronic
Commerce
Information Technology Act 2000 of India
Thailand Computer Crimes Act B.E.2550
15. IT ACT PASSED IN 2000
The primary purpose of the Act is to provide legal
recognition to electronic commerce and to facilitate filing
of electronic records with the Government.
The IT Act also penalizes various cyber crimes and
provides strict punishments (imprisonment terms upto
10years and compensation up to Rs 1 cr./-).
The IT Act was amended by the Negotiable Instruments
(Amendments and Miscellaneous Provisions) Act,
2002. This introduced the concept of electronic cheques
and truncated cheques.
16. Information Technology (Use of Electronic Records
and Digital Signatures) Rules, 2004 has provided the
necessary legal framework for filing of documents with
the Government as well as issue of licenses by the
Government.
The Cyber Regulations Appellate Tribunal (Salary,
Allowances and other terms and conditions of service of
Presiding Officer) Rules, 2003 prescribe the salary,
allowances and other terms for the Presiding Officer of
the CRAT.
17. Wikipedia (Wikimedia Foundation)
Information Technology
(Nirali Prakashan)
Hacking Exposed 5 (MacAfee ltd.)