Cyber crime investigation
Cyber Crime Investigation
A simple yet sturdy definition of cyber crime would be “unlawful acts wherein the computer is either a tool or a target or both”. Defining cyber crimes, as “acts that are punishable by the information Technology Act” would be unsuitable as the Indian Penal Code also covers many cyber crimes, such as e-mail spoofing, cyber defamation etc.,
- Financial Claims: This would include cheating, credit card frauds, money laundering etc.
- Sale of illegal articles: This would include sale of narcotics, weapons and wildlife etc., by posting information on websites, bulletin boards or simply by using e-mail communications.
- Intellectual Property Crimes: These include software piracy, copyright infringement, trademarks violations etc.
- E-Mail spoofing: A spoofed email is one that appears to originate from one source but actually has been sent from another source. This can also be termed as E-Mail forging.
- Cyber Defamation: This occurs when defamation takes place with the help of computers and or the Internet e.g. someone published defamatory matter about someone on a websites or sends e-mail containing defamatory information to all of that person’s friends.
- Cyber Stalking: Cyber stalking involves following a person’s movements across the Internet by posting messages on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim.
- E-Mail bombing: Email bombing refers to sending a large amount of e-mails to the victim resulting in the victims’ e-mail account or mail servers.
PREVENTIVE STEPS FOR ORGANISATIONS AND GOVERNMENT
- PHYSICAL SECURITY: Physical security is most sensitive component, as prevention from cyber crime Computer network should be protected from the access of unauthorized persons.
- ACCESS CONTROL: Access Control system is generally implemented using firewalls, which provide a centralized point from which to permit or allow access. Firewalls allow only authorized communications between the internal and external network.
- PASSWORD: Proof of identity is an essential component to identify intruder. The use of passwords in the most common security for network system including servers, routers and firewalls. Mostly all the systems are programmed to ask for username and password for access to computer system. This provides the verification of user. Password should be charged with regular interval of time and it should be alpha numeric and should be difficult to judge.
- FINDING THE HOLES IN NETWORK: System managers should track down the holes before the intruders do. Many networking product manufactures are not particularly aware with the information about security holes in their products. So organization should work hard to discover security holes, bugs and weaknesses and report their findings as they are confirmed.
- USING NETWORK SCANNING PROGRAMS: There is a security administration’s tool called UNIX, which is freely available on Internet. This utility scans and gathers information about any host on a network, regardless of which operating system or services the hosts were running. It checks the known vulnerabilities include bugs, security weakness, inadequate password protection and so on. There is another product available called COPS (Computer Oracle and Password System). It scans for poor passwords, dangerous file permissions, and dates of key files compared to dates of CERT security advisories.
- USING INTRUSION ALERT PROGRAMS: As it is important to identify and close existing security holes, you also need to put some watchdogs into service. There are some intrusion programs, which identify suspicious activity and report so that necessary action is taken. They need to be operating constantly so that all unusual behaviour on network is caught immediately.
- USING ENCRYPTION: - Encryption is able to transform data into a form that makes it almost impossible to read it without the right key. This key is used to allow controlled access to the information to selected people. The information can be passed on to any one but only the people with the right key are able to see the information. Encryption allows sending confidential documents by E-mail or save confidential information on laptop computers without having to fear that if someone steals it the data will become public. With the right encryption/decryption software installed, it will hook up to mail program and encrypt/decrypt messages automatically without user interaction.