O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Unit 3 Cyber Crimes and Torts 8 hr

1.325 visualizações

Publicada em

Introduction to Cyber Wrongs, Conventional Crimes and Torts Through Computers,
Crimes and Torts Committed on a Computer Network and Relating to Electronic
Mail, Crimes Relating to Data Alteration/Destruction, Issues of Jurisdiction and
Applicable Law in Cyberspace, Enforcement Issues in Cyberspace, Online Dispute
Resolution, cyber stalking; cyber pornography; forgery and fraud; crime related to
IPRs; Cyber terrorism; computer vandalism

Publicada em: Educação
  • Login to see the comments

Unit 3 Cyber Crimes and Torts 8 hr

  1. 1. Cyber Crimes and Torts
  2. 2. Introducation to Cyber Wrongs  Computer wrongs includes both civil wrongs and crimes. ‘Cyber crimes’ is used in a generic sense which tends to cover all kinds of civil and criminal wrongs related to a computer. However, the phrase ‘cyber crimes’ has two limitations to it: 1. cyber generally tends to convey the feeling of ‘internet’ or being ‘online’ and hence, does not cover other computer related activities; 2. crimes restricts the application of the phrase to criminal wrongs. It would not include civil wrongs. Thus, it would be preferable to understand the concept of any wrong related to computer as being a ‘computer wrong’.
  3. 3. CLASSIFICATION OF COMPUTER CRIMES A) Where computer is used a tool to commit the crime. B) B) Where the computer is the target for the crime. There is a third category as well, where computers are considered as incidental to a crime.
  4. 4. CHALLENGES TO LAWS India is today re-discovering itself – technologically. Being a developing country, it realises that the Internet and the use of computers are powerful tools for its economic development. Economic development presupposes existence of an appropriate regulatory regime.
  5. 5. CONVENTIONAL CRIMES THROUGH COMPUTER CYBER DEFAMATION  Every individual has a private right to protect his reputation. Every individual has a right to its own personal space and he would not want others to interfere in that ‘space’. However, a public right to freedom of speech and expression guaranteed under Article 19(1)(a) of the Constitution of India makes enforcement of our private right a challenge.  A delicate balance has to be maintained. The law of defamation has been designed to protect the reputation of an injured person and provide such balance between private and public rights by giving him the right to sue for damages.
  6. 6. Hacking  This is a type of crime wherein a person’s computer is broken into so that his personal or sensitive information can be accessed. In the United States, hacking is classified as a felony and punishable as such. This is different from ethical hacking, which many organizations use to check their Internet security protection.  In hacking, the criminal uses a variety of software to enter a person’s computer and the person may not be aware that his computer is being accessed from a remote location.
  7. 7. Theft  This crime occurs when a person violates copyrights and downloads music, movies, games and software.  There are even peer sharing websites which encourage software piracy and many of these websites are now being targeted by the FBI.  Today, the justice system is addressing this cyber crime and there are laws that prevent people from illegal downloading.
  8. 8. Cyber Stalking  This is a kind of online harassment wherein the victim is subjected to a barrage of online messages and emails.  Typically, these stalkers know their victims and instead of resorting to offline stalking, they use the Internet to stalk.  However, if they notice that cyber stalking is not having the desired effect, they begin offline stalking along with cyber stalking to make the victims’ lives more miserable.
  9. 9. Indian Law  Chapter 22 of the Indian Penal Code deals with criminal intimidation, insult and annoyance  Section 503 provides that whoever threatens another with any injury to his person, reputation or property.  Cyber stalking in effect is committing criminal intimidation with the help of computers.  However, the end-result being the same, cyber stalking is merely criminal intimidation under section 503 of the IPC.
  10. 10. Identity Theft  This has become a major problem with people using the Internet for cash transactions and banking services.  In this cyber crime, a criminal accesses data about a person’s bank account, credit cards, Social Security, debit card and other sensitive information to siphon money or to buy things online in the victim’s name.  It can result in major financial losses for the victim and even spoil the victim’s credit history.
  11. 11. Malicious Software  These are Internet-based software or programs that are used to disrupt a network.  The software is used to gain access to a system to steal sensitive information or data or causing damage to software present in the system.
  12. 12. DDoS attacks  DDoS attacks are used to make an online service unavailable and bring it down, by bombarding or overwhelming it with traffic from multiple locations and sources.  Large networks of infected computers, called Botnets are developed by planting malware on the victim computers.  The idea is normally to draw attention to the DDOS attack, and allow the hacker to hack into a system. Extortion and blackmail could be the other motivations.
  13. 13. DIGITAL FORGERY  Forgery is creation of a document which one knows is not genuine and yet projects the same as if it is genuine. In common parlance, it is used more in terms of affixing somebody else’s signature on a document.  Digital forgery implies making use of digital technology to forge a document. Desktop publishing systems, colour laser and ink-jet printers, colour copiers, and image scanners enable crooks to make fakes, with relative ease, of cheques, currency, passports, visas, birth certificates, ID cards, etc.
  14. 14. Indian Law  Section 91 of the IT Act (read with the Second Schedule) amended the provisions of the IPC in relation to ‘forgery’ to include ‘electronic records’ as well as Section 29A has been inserted in the Indian Penal Code to provide for a definition of ‘electronic record’.  The words ‘electronic record’ will have the same meaning which is assigned to it in section 2(1)(t)2 of the IT Act.  Section 464 of the IPC was amended by section 91 of the IT Act to include a false electronic record. Under section 464, a person is said to make a false electronic record
  15. 15. CYBER PORNOGRAPHY  Pornography literally means, “Writings, pictures or films designed to be sexually exciting”. Developing, distributing and propagating the same over the Internet is termed as cyber pornography.  This would include pornographic Web sites, pornographic magazines produced using computers to publish and print the material and the Internet to download and transmit pornographic pictures, photos, writings, etc.  Information technology has made it much easier to create and distribute pornographic materials through the Internet; such materials can be transmitted all over the world in a matter of seconds.
  16. 16. Indian Law  The issue of cyber pornography has been dealt with in section 67 of the IT Act where publishing of information which is obscene in electronic form has been made an offence. Section 67 reads as under: 67. Publishing of information which Is obscene in electronic form.  In case one is found committing an offence under section 67, he shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees. It is worth noticing that the obscenity test in section 67 is the same as that in section 292 of the IPC which deals with sale of obscene books, etc.
  17. 17. ONLINE GAMBLING  Gambling is in many countries illegal. Computer is a medium for the purposes of online gambling. The act of gambling is categorised as an offence in some countries and has a legal sanctity in others.  The main concern with online gambling is that most virtual casinos are based offshore making them difficult to regulate.  This means that people offer gambling services on the Internet from countries where gambling is permitted where players, from such countries where gambling is illegal, play and bet.
  18. 18. Indian Law  The Public Gambling Act, 1867 prohibits gambling. Section 3 of the Act imposes a fine on the person opening a common gaming-house for others. However, it is also worth noting that the Act presumes a physical place where gambling will take place.
  19. 19. CRIMES AND TORTS COMMITTED ON A COMPUTER NETWORK AND RELATING TO ELECTRONIC MAIL:  HACKING/UNAUTHORIZED ACCESS Trespassing is a word known to us. Simply put, it means entering upon or into a property owned by someone else without his or her permission. In the offline world, ‘entering’ would imply physical entry into the property. Trespassing has both civil and criminal consequences. Trespassing has a digital counterpart which is referred to as hacking. Hacking means unauthorized access to a computer system.
  20. 20.  Hacker Ethics Hacking has generally been understood as interacting with a computer in a playful and exploratory rather than goal-directed way. The word ‘hack’ at the Massachusetts Institute of Technology (MIT) usually refers to a clever, benign, and “ethical” prank or practical joke, which is both challenging for the perpetrators and amusing to the MIT community (and sometimes even the rest of the world!).
  21. 21. Indian Law  Under the Indian law, however, ‘hacking’ has been given a wider dimension then mere ‘illegal access’ as contemplated under the Cyber Crime Convention.  Hacking simpliciter entails civil consequences whereas hacking along with commission of other act like downloading information or lodging a virus results in criminal charges.  The definition provided under the Indian law surpasses the generally accepted meaning of hacking. Section 66(1) of the IT Act requires hacking to mean:
  22. 22. ENFORCEMENT ISSUES IN CYBERSPACE  Computer crimes generally and crimes committed through the Internet in particular are extremely challenging because of their sophistication and variance from crime in the ordinary sense.  Crimes on the Internet are characterised by high technological innovation, anonymity, distance from the scene of crime, extent of its reach and most important, the unusual profile of the criminal, many times a juvenile.  There is significant difference between crime on the Internet and a crime with another modern technology like the telephone. While crimes are rarely directed against a telephone as an instrument, computers often become the victims of attack.
  23. 23. ONLINE DISPUTE RESOLUTION (ODR)  The terminology ‘online dispute resolution’ (ODR) can, on a prima facie screening, have two connotations. Firstly, it can be viewed as resolution of online disputes. That would mean resolution of online disputes. COMMUNICATION MODES IN ODR One of the advantages of online environment over offline environment is the availability of various communication modes to a user. It becomes important to select the appropriate mode to conduct the ODR process since different kinds of disputes require different types of modes.
  24. 24. Communication Model in ODR  ODR process since different kinds of disputes require different types of modes 1. E-mail 2. Discussion Boards 3. Instant Messaging 4. Audio Conferencing 5. Video Conferencing
  25. 25. KINDS OF ODR  Blind Bidding or Blind Negotiation  Online Negotiation  Online Negotiation-cum-Mediation  Document/E-mail Arbitration for Disputes Arising from E-commerce Transactions  Online Arbitration Through Video-conferencing
  26. 26. Cyber Terrorism  According to the U.S. Federal Bureau of Investigation, cyberterrorism is any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents. Unlike a nuisance virus or computer attack that results in a denial of service, a cyber terrorist attack is designed to cause physical violence or extreme financial harm.  According to the U.S. Commission of Critical Infrastructure Protection, possible cyber terrorist targets include the banking industry, military installations, power plants, air traffic control centers, and water systems.  Cyber terrorism is sometimes referred to as electronic terrorism or information war.
  27. 27. U.S. military  The US Department of Defense (DoD) charged the United States Strategic Command with the duty of combating cyberterrorism. This is accomplished through the Joint Task Force-Global Network Operations, which is the operational component supporting USSTRATCOM in defense of the DoD's Global Information Grid. This is done by integrating GNO capabilities into the operations of all DoD computers, networks, and systems used by DoD combatant commands, services and agencies.
  28. 28. Cyber Crime (Case Study)  An operation can be done by anyone anywhere in the world, for it can be performed thousands of miles away from a target.  An attack can cause serious damage to a critical infrastructure which may result in casualties.  Attacking an infrastructure can be power grids, monetary systems, dams, media, and personal information.
  29. 29. Some attacks are conducted in furtherance of political and social objectives, as the following examples illustrate:  In 1996, a computer hacker allegedly associated with the White Supremacist movement temporarily disabled a Massachusetts ISP and damaged part of the ISP's record keeping system.  The ISP had attempted to stop the hacker from sending out worldwide racist messages under the ISP's name.  The hacker signed off with the threat, "you have yet to see true electronic terrorism. This is a promise."
  30. 30. Case Study 2  In 1998, ethnic Tamil guerrillas attempted to disrupt Sri Lankan embassies by sending large volumes of e-mail. The embassies received 800 e-mails a day over a two- week period.  The messages read "We are the Internet Black Tigers and we're doing this to disrupt your communications."  Intelligence authorities characterized it as the first known attack by terrorists against a country's computer systems.
  31. 31. Case Study 3  In March 2013, the New York Times reported on a pattern of cyber attacks against U.S. financial institutions believed to be instigated by Iran as well as incidents affecting South Korean financial institutions that originate with the North Korean government.
  32. 32. Case Study 4  In August 2013, media companies including the New York Times, Twitter and the Huffington Post lost control of some of their websites Tuesday after hackers supporting the Syrian government breached the Australian Internet company that manages many major site addresses.  The Syrian Electronic Army, a hacker group that has previously attacked media organisations that it considers hostile to the regime of Syrian president Bashar al-Assad, claimed credit for the Twitter and Huffington Post hacks in a series of Twitter messages. Electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group before it went dark
  33. 33. Computer vandalism  A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user.  Since such applets or little application programs can be embedded in any HTML file, they can also arrive as an e-mail attachment or automatically as the result of being pushed to the user.  Vandals can be viewed as viruses that can arrive over the Internet stuck to a Web page.  Vandals are sometimes referred to as "hostile applets."
  34. 34. Vandals can be harmful in two general ways:  They can get access to sensitive information within the computer system where they execute, such as passwords and encryption keys.  They can cause loss or denial of service within the local computer system. For example, they can flood the system with data so that it runs out of memory, or they can slow down Internet connections.  The best way to protect yourself against a hostile applet is to know who you are downloading a Web page from or who has sent you an HTML page as an e-mail attachment.  Major corporate Web sites or major Web publishers are unlikely to be the source of a vandal (but it can happen).