Abstract:
Cyber crime is emerging as a serious threat. Worldwide governments, police departments and intelligence units have started to react. One of the many approaches to enable students and other peoples to protect themselves from the ever-increasing amount and range of cybercrime. This is relevant to students studying different aspects of undergraduate and postgraduate computing. This paper discusses the views of young generation on the potential risks on other relevant issues related cyber crime. The peoples may specialise in different aspects of computing from business information systems, through software development to networking. But we are just focusing on really they are aware about “what is cyber crime?” and its consequences. In this research paper we are discussing about who are cyber criminals, impact of cyber crime, security training.
Keywords: Cybercrime, networking, software, security.
I.Introduction
The Information Technology Act, 2000, does not define the term ‘cyber crime’. Cyber crime can generally defined as a criminal activity in which information technology systems are the means used for the commission of the crime. Based on the United Nations General Assembly resolution of January 30, 1997, the Government of India passed the Information Technology Act 2000 (Act No.21 of 2000) and notified it on October 17, 2000. The Information Technology Act, 2000, is the first step taken by the Government of India towards promoting the growth of the E-commerce and it was enacted with a view to provide legal recognition to
e-commerce and e-transactions, to facilitate
e-governance and prevent computer-based crimes. It is a first historical step. However, the rapid increase in the use of Internet has led to a spate in crime like child pornography, cyber terrorism, publishing sexually explicit content in electronic form. The need for a comprehensive amendment was consistently felt and after sufficient debate and much deliberation, the I.T. Amendment Act 2008 was passed. The ITAA 2008 got the President’s assent in February 2009 and was notified with effect from 27.10.2009. The new IT Amendment Act 2008 has brought a large number of cyber crimes under the ambit of the law. Some of the significant points in the Amendment Act include introduction of corporate responsibility for data protection with the concept of ‘reasonable security practices’ (Sec.43A), recognition of Computer Emergency Response Team – India (CERT-In) as the national nodal agency empowered to monitor and even block web-sites under specific circumstances, introduction of technological neutrality replacing digital signatures with electronic signatures etc. Besides, the CERT-In will also assist members of the Indian Community in implementing proactive measures to reduce the risks of computer security incidents.
The IT Act provides legal recognition for transactions carried out by means of electronic data interchange, and other means of electronic communication, commonly referred to as “electronic commerce”, involving the use of alternatives to paper-based methods of communication and storage of information. The IT Act facilitates electronic filing of documents with the Government agencies.
The Figure 1.1 shows that, the increasing complaints of cyber crime by every year from 2000 to 2010.
II.Definition
The term ‘cyber crime’ has not been defined in any Statute or Act. The Oxford Reference Online defines ‘cyber crime’ as crime committed over the Internet [3]. The Encyclopedia Britannica defines ‘cyber crime’ as any crime that is committed by means of special knowledge or expert use of computer technology. So what exactly is Cyber Crime? Cyber Crime could reasonably include a wide variety of criminal offences and activities. A generalized definition of cyber crime may be “unlawful acts wherein the computer is either a tool or target or both”[3]. CBI Manual defines cyber crime as:
(i) Crimes committed by using computers as a means, including conventional crimes. (ii) Crimes in which computers are targets.
III.Who are cyber criminals?
The cyber criminals constitute of various groups/category. This division may justify on the basis of the object that they have in their mind. The following are the category of cyber criminals- 1. Children and adolescents between the age group of 6-18 years: The simple reason for this type of committing crime behavior pattern in children is seen mostly due to the curiousness to know and explore the things. Further the reasons may be psychological even [1]. 2. Organized hackers- These kinds of hackers are mostly organized together to fulfill certain objective. The reason may be to fulfill their political bias, fundamentalism, etc [1]. E.g. The Pakistanis are said to be one of the best quality hackers in the world. They mainly target the Indian government sites with the purpose to fulfill their political objectives [1]. 3. Professional hackers / crackers their work of hackers is motivated by the color of money. These kinds of hackers are mostly employed to hack the site of the rivals and get credible, reliable and valuable information. Further they are van employed to crack the system of the employer basically as a measure to make it safer by detecting the loopholes [1]. 4. Discontented employees- This group includes those people who have been either sacked by their employer or are dissatisfied with their employer. To avenge they normally hack the system of their employee [1].
IV.Impacts of Cyber-Crime
Figure 2: Age Distribution of Internet Users [6]
From the Figure 1, the approximate age between 18 to 30 years constituted about 88 percent of their customers whilst the remaining 12 percent is shared among the ages of 31-35 and above 35 years. Suspects are the youth aged between 21-35 totaling 85 percent. So due to lack of awareness among young generation following impacts which we are suffering from those are as follows:
2.1. Potential Economic Impact:
The 2011 Norton Cyber crime disclosed that over 74 million people in the United States were victims of cyber crime in 2010. These criminal acts resulted in $32 billion in direct financial losses. Further analysis of this growing problem found that 69 percent of adults that are online have been victims of cyber crime resulting in 1 million cyber crime victims a day. Many people have the attitude that cyber crime is a fact of doing business online! [2]. As the economy increases its reliance on the internet, it is exposed to all the threats posed by cyber-criminals. Stocks are traded via internet, bank transactions are performed via internet, purchases are made using credit card via internet. All instances of fraud in such transactions impact the financial state of the affected company and hence the economy. Productivity is also at risk. Attacks from worms, viruses, etc take productive time away from the user. Machines could perform more slowly; servers might be in accessible, networks might be jammed, and so on. Such instances of attacks affect the overall productivity of the user and the organization. It has customer service impacts as well, where the external customer sees it as a negative aspect of the organization.
2.2. Impact on Market Value:
The economic impact of security breaches is of interest to companies trying to decide where to place their information security budget as well as for insurance companies that provide cyber-risk policies [7]. For example, a ruling in favor of Ingram. Micro stated that ―physical damage is not restricted to physical destruction or harm of computer circuitry but includes loss of use and functionality‖ [8]. This new and evolving view of damage becomes even more important as many firms rely on information systems in general and the Internet in particular to conduct their business. However, assessing the financial loss from a potential IS security breach is a difficult step in the risk assessment process for the following reasons: 1. Many organizations are unable or unwilling to quantify their financial losses due to security breaches. 2. Lack of historical data. Companies are also wary of competitors exploiting these attacks to gain competitive advantage [8]. 3. Additionally, companies maybe fearful of negative financial consequences resulting from public disclosure of a security breach. Previous research suggests that public news of an event that is generally seen as negative will cause a drop in the firm‘s stock price.
2.3. Impact on Consumer trust:
Since cyber-attackers intrude into others‘ space and try and break the logic of the page, the end customer visiting the concerned page will be frustrated and discouraged to use the said site on a long term basis. The site in question is termed as the fraudulent, while the criminal masterminding the hidden attack is not recognized as the root cause. This makes the customer lose confidence in the said site and in the internet and its strengths. Complicating the matter, consumer perceptions of fraud assess the state to be worse than it actually is. Consumer perception can be just as powerful – or damaging – as fact. Hence users‘concerns over fraud prevent many online shoppers from transacting business. Concern over the credibility of an e-business in terms of being unsafe or cluttered makes a shopper reluctant to transact business.
2.4. Areas Ripe for Exploitation: National Security
Modern military of most of the countries depends heavily on advanced computers. Information Warfare or IW including network attack, exploitation, and defense, isn’t a new national security challenge, but since 9/11 it has gained some additional importance. IW appeals because it can be low-cost, highly effective and provide deniability to the attacker. It can easily spread malware, causing networks to crash and spread misinformation. Since the emphasis is more on non-information warfare, information warfare is definitely ripe for exploration.
V.Security training for young generation
The human factor is the weakest link in any information security program. Communicating the importance of information security and promoting safe computing are key in securing a company against cyber crime. Below are a few best practices: •Do not share or write down any “passphrases.”
•Communicate/educate to the students, professionals, etc on the latest cyber security threats and what they can do to help protect critical information assets. •Do not click on links or attachments in e-mail from untrusted sources. •Do not send sensitive business files to personal email addresses. •Have suspicious/malicious activity reported to security personnel immediately. •Secure all mobile devices when traveling, and report lost or stolen items to the technical support for remote kill/deactivation. •Educate young generation about phishing attacks and how to report fraudulent activity. •Always avoid sending any photograph online particularly to strangers and chat friends as there have been incidents of misuse of the photographs. •Always use latest and updated antivirus software to guard against virus attacks. •Never send your credit card number to any site that is not secured, to guard against frauds. •Always keep a watch on the sites that children’s are accessing to prevent any kind of harassment or depravation in children. •It is better to use a security program that gives control over the cookies and send information back to the site as leaving the cookies unguarded might prove fatal. •Use of firewalls may be beneficial.
VI.Conclusion
This paper put eye not only on the awareness among youth and understanding of the cyber crimes but also explains the impacts over the different levels of the society. This will help to the community to secure all the online information critical organizations which are not safe due to such cyber crimes. The understanding of the behavior of cyber criminals and impacts of cyber crimes on society will help to find out the sufficient means to overcome the situation. Give more training of How to prevent against Cyber Crime to young generation mostly between 16-30 years will reduce cyber crime. The way to overcome these crimes can broadly be classified into three categories: Cyber Laws (referred as Cyber laws), Education and Policy making. All the above ways to handle cyber crimes either are having very less significant work or having nothing in many of the countries. This lack of work requires to improve the existing work or to set new paradigms for controlling the cyber attacks.
References
[1] Article: Cyber Crime Author: Dr. Jagdeep Singh
http://www.aygrt.net/PublishArticles/126.aspx
[2] Kevin G. Coleman (2011), Cyber Intelligence: The Huge Economic Impact of
Cyber Crime, Available at: http://gov.aol.com/2011/09/19/cyber-intelligence-the-huge-economic-impact-of-cyber-crime/, Visited: 28/01/2012 [3] Preventing Cyber Crime: A study regarding awareness of Cyber Crime (Ms.Arpana(PhD in Progress) Dr.Meenal Chauhan Lecturer Assistant Professor GJIMT, Ph-II,Mohali,India GJIMT,Ph-II, Mohali, India) [4] Cyber Crime and Cyber Security: A White Paper for Franchisors, Licensors, and Others (Bruce S. Schaeffer, Henfree Chan Henry Chan and Susan Ogulnick) [5] Nilkund Aseef, Pamela Davis, Manish Mittal, Khaled Sedky, Ahmed Tolba (2005), Cyber-Criminal Activity and Analysis,White Paper, Group 2. [6] International Telecommunications Union (ITU) (2007).
ICT Statistics Database, ITU, Geneva. Retrieved January 10, 2010, from http://www.itu.int/ITUD/icteye/Indicators/Indicators.aspx [7] Cyber-Crimes and their Impacts: A Review
(Hemraj Saini- Associate Professor & Head, Department of Computer Science & Engineering Alwar Institute of Engineering & Technology, MIA, Alwar- Yerra Shankar Rao- PhD Student, Department of Mathematics Shiksha ‗O‘ Anusandhan University, Bhubaneswar, T.C.Panda Principal Orissa Engineering College, Bhubaneswar).
[8] Kevin G. Coleman (2011), Cyber Intelligence: The Huge Economic Impact of Cyber Crime, Available at: http://gov.aol.com/2011/09/19/cyber-intelligence-the-huge-economic-impact-of-cyber-crime/