Escolar Documentos
Profissional Documentos
Cultura Documentos
Cyber security
Cyber security refers to the body of technologies, processes, and practices designed to
protect networks, devices, programs, and data from attack, damage, or unauthorized
access. Cyber security may also be referred to as information technology security.
1
• The abuse of computers has also given birth to a gamut of new age
crimes that are addressed by the Information Technology Act,
2000.
• The Computer as a Target :-using a computer to attack other
computers.
e.g. Hacking, Virus attacks, DOS attack etc.
• The computer as a weapon: using a computer to commit real world
crimes.
e.g. Cyber Terrorism, IPR violations, Credit card frauds, Pornography
Cyberlaw
• Cyber law (also referred to as cyberlaw) is a term used to describe
the legal issues related to use of communications technology,
particularly "cyberspace", i.e. the Internet
• Cyberlaw is important because it touches almost all aspects of
transactions and activities on and concerning the Internet, the World
Wide Web and Cyberspace.
• Yes, Cyberlaw does concern you. As the nature of Internet is
changing and this new medium is being seen as the ultimate medium
ever evolved in human history, every activity of yours in Cyberspace
can and will have a Cyberlegal perspective.
These are used to make an online service unavailable and take the
network down by overwhelming the site with traffic from a variety of
sources. Large networks of infected devices known as Botnets are created
by depositing malware on users’ computers. The hacker then hacks into
the system once the network is down.
Botnets
2
attack other computers through these botnets. Botnets can also be used to
act as malware and perform malicious tasks.
Identity Theft
Social Engineering
Social engineering involves criminals making direct contact with you usually
by phone or email. They want to gain your confidence and usually pose as
a customer service agent so you’ll give the necessary information needed.
This is typically a password, the company you work for, or bank
information. Cybercriminals will find out what they can about you on the
internet and then attempt to add you as a friend on social accounts. Once
they gain access to an account, they can sell your information or secure
accounts in your name.
PUPs
Phishing
3
Prohibited/Illegal Content
Online Scams
These are usually in the form of ads or spam emails that include promises
of rewards or offers of unrealistic amounts of money. Online scams include
enticing offers that are “too good to be true” and when clicked on can cause
malware to interfere and compromise information.
Exploit Kits
4
• The Act provides a legal framework for electronic governance by
giving recognition to electronic records and digital signatures. It also
defines cyber crimes and prescribes penalties for them. The Act
directed the formation of a Controller of Certifying Authorities to
regulate the issuance of digital signatures. It also established a Cyber
Appellate Tribunal to resolve disputes rising from this new law.[3]The
Act also amended various sections of the Indian Penal Code, 1860,
the Indian, 1872, the Banker's Book Evidence Act, 1891, and
the Reserve Bank of India Act, 1934 to make them compliant with
new technologies.
5
A person fraudulently uses the
Imprisonment up to
Using password of password, digital signature or
66C three years, or/and with
another person other unique identification of
fine up to ₹100,000
another person.
If a person cheats someone Imprisonment up to
Cheating using
66D using a computer resource or three years, or/and with
computer resource
communication. fine up to ₹100,000
If a person captures, transmits or
Imprisonment up to
Publishing private publishes images of a person's
66E three years, or/and with
images of others private parts without his/her
fine up to ₹200,000
consent or knowledge.
If a person denies access to
authorised personnel to a
computer resource, accesses a
protected system or introduces
Acts
66F contaminant into a system, with Imprisonment up to life.
of cyberterrorism
the intention of threatening the
unity, integrity, sovereignty or
security of India, then he commits
cyberterrorism.
If a person publishes or transmits
or causes to be published in the
Publishing
electronic form, any material Imprisonment up to five
information which
67 which is lascivious or appeals to years, or/and with fine
is obscene in
the prurient interest or if its effect up to ₹1,000,000
electronic form.
is such as to tend to deprave and
corrupt persons
Imprisonment up to
Publishing images If a person publishes or transmits
seven years, or/and
67A containing sexual images containing a sexual
with fine up
acts explicit act or conduct.
to ₹1,000,000
Imprisonment up to five
years, or/and with fine
If a person captures, publishes or
up to ₹1,000,000 on
transmits images of a child in a
Publishing child first conviction.
sexually explicit act or conduct. If
67B porn or predating Imprisonment up to
a person induces a child into a
children online seven years, or/and
sexual act. A child is defined as
with fine up
anyone under 18.
to ₹1,000,000 on
second conviction.
Persons deemed as intermediary
Imprisonment up to
Failure to maintain (such as an ISP) must maintain
67C three years, or/and with
records required records for stipulated
fine.
time. Failure is an offence.
The appropriate Government
Securing access or Imprisonment up to ten
70 may, by notification in the Official
attempting to secure years, or/and with fine.
Gazette, declare that any
6
access to a computer, computer system or
protected system computer network to be a
protected system.
The appropriate Government
may, by order in writing,
authorise the persons who are
authorised to access protected
systems. If a person who secures
access or attempts to secure
access to a protected system,
then he is committing an offence.
If anyone makes any
misrepresentation to, or
suppresses any material fact Imprisonment up to
71 Misrepresentation from, the Controller or the three years, or/and with
Certifying Authority for obtaining fine up to ₹100,000
any license or Digital Signature
Certificate.
• The IT Act 2000 attempts to change outdated laws and provides ways to
deal with cyber crimes. We need such laws so that people can perform
purchase transactions over the Net through credit cards without fear of
misuse
• The IT Act 2000 attempts to change outdated laws and provides ways
to deal with cyber crimes. We need such laws so that people can
perform purchase transactions over the Net through credit cards without
fear of misuse.
• From the perspective of e-commerce in India, the IT Act 2000 and its
provisions contain many positive aspects. Firstly, the implications of
these provisions for the e-businesses would be that email would now be
a valid and legal form of communication in our country that can be duly
produced and approved in a court of law.
• Companies shall now be able to carry out electronic commerce using
the legal infrastructure provided by the Act.
• Digital signatures have been given legal validity and sanction in the Act.
7
address, residential information or contact details but they are labelled as a
‘prostitute’ or a person of ‘loose character’. This leads to harassment of the
victim.
Provisions applicable: Sections 66A, 67 of IT Act and Section 509 of the
Indian Penal Code.
2) Online hate community: Online hate community is created inciting a
religious group to act or pass objectionable remarks against a country,
national figures etc.
Provisions applicable: Section 66A of IT Act and 153A & 153B of the Indian
Penal Code.
3) Email account hacking: If victim’s email account is hacked and
obscene emails are sent to people in victim’s address book.
Provisions applicable: Sections 43, 66, 66A, 66C, 67, 67A and 67B of IT
Act.
4) Credit card fraud: Unsuspecting victims would use infected computers
to make online transactions.
Provisions applicable: Sections 43, 66, 66C, 66D of IT Act and section 420
of the IPC.
5) Introducing viruses, bugs: All of the above are some sort of malicious
programs which are used to destroy or gain access to some electronic
information.
Provisions applicable: Sections 43, 66, 66A of IT Act and Section 426 of
Indian Penal Code.
6) Cyber terrorism: Many terrorists are using virtual (G-Drive, FTP sites)
and physical storage media (USB’s, hard drives) for hiding information and
records of their illicit business.
Provisions applicable: Conventional terrorism laws may apply along with
Section 69 of IT Act.
7) Online sale of illegal articles: Applicable when the sale of narcotics,
drugs weapons and wildlife is facilitated by the internet.
Provisions applicable: Generally conventional laws apply in these cases.
8) Cyber pornography: This is among the largest businesses on the
internet. Pornography may not be illegal in many countries, but child
pornography is.
Provisions applicable: Sections 67, 67A and 67B of the IT Act.
9) Phishing and email scams: Phishing involves fraudulently acquiring
sensitive information through masquerading as a trusted entity. (E.g.
Passwords, credit card information)
Provisions Applicable: Section 66, 66A and 66D of IT Act and Section 420
of IPC
8
10) Theft of confidential information: Many business organizations store
their confidential information in computer systems. This information is
targeted by rivals, criminals and disgruntled employees.
Provisions applicable: Sections 43, 66, 66B of IT Act and Section 426 of
Indian Penal Code.
9
The latest case is from Guntur in Andhra Pradesh, where a man was
arrested by the police for impersonating a woman on a dating app
called Locanto, and asking people for money. After being scammed
on Locanto himself, the accused, Veeramreddy Suman Reddy (29)
had decided to use the same app and methods to meet people and
ask for money, and allegedly cheated 507 people of Rs. 21.58 lakh.
While Reddy was booked under Section 420 (cheating), the police
also registered a case under Section 66A of the IT Act (misleading
people through electronic communication).
• The patently illegal use of Section 66A of the Act is not dissimilar
from the current moment in which banks and private companies
continue to demand Aadhaar numbers from citizens, despite being
expressly forbidden from doing so by the Supreme Court last month.
• The patently illegal use of Section 66A of the Act is not dissimilar
from the current moment in which banks and private companies
continue to demand Aadhaar numbers from citizens, despite being
expressly forbidden from doing so by the Supreme Court last month.
• “See, the law doesn't change just because the Supreme Court says
something," said Praveen Kumar Sinha, IGP and commissioner of
police, Jalandhar
10
• The next day, a local journalist called Rana to warn him that an FIR
had been lodged against him. A few hours later, an interlocutor
informed Rana that the Bajrang Dal wanted him to come to their
office.
• "They told the common friend that I had to go down on my knees, lie
prostrate and beg for their forgiveness," Rana said. "I was ready to
say sorry, but I was not okay with being humiliated like that.“
• That was the night police arrived at his doorstep and took him to the
police station. He was charged under Section 153-A of IPC for
'promoting disharmony’.
• The next morning, Rana's lawyer posted bail and he was released.
• Since then, Rana says, many Hindu families, who empathize with
Hindu far-right organizations in Sardhana, have distanced themselves
from him.
• Rana was planning to travel abroad for his son's higher studies, but
the family has shelved the plans as getting visas and passports could
get complicated.
• Rana is just one of dozens of Indians arrested for sharing memes,
cartoons, and messages criticizing Modi since his government swept
to power in 2014.
• Over the past four years, news reports of arrests for insulting Modi
have appeared with alarming regularity. The arrested
include teachers, students, businessmen, auto-rickshaw drivers, and
members of the police and paramilitary forces.
11
Others: 4 per cent
Cyber law experts, meanwhile, feel the low detection of cyber crimes
is also due to lack of technical knowledge among the police staff and
that there should be more training centres and courses so that they
can upgrade themselves.
They cite the infamous Blue Whale Challenge, and stress that
parents need to be aware of what games their children play in the
virtual world. (Blue Whale Challenge, created by 21-year-old Russian
Phillip Budeikin, has claimed an estimated 130 lives across the world
during 2015-2016, according to recent reports.
More than 86 per cent of the mobile apps targeted towards children
are not safe. Lack of consent, excessive permissions and needless
privacy-intrusive features like in-app ads and purchase options make
children’s apps unsafe, says the study titled “State of Privacy of
Indian Apps and Websites - 2018.”
Conclusion
Types of Cyber Fraud to be Aware of:
Social Engineering – A hacker may dig through your social media
accounts to get your personal information to crack your online
banking password
Phishing – Fraudsters try to extract sensitive information such as
personal details like bank account number and password by sending
fake emails.
SIM Cloning – This has come out after OTP became mandatory for
banking and card transactions. The fraudster gets hold of your
account details and identity proof to get a duplicate SIM after getting
the original SIM deactivated.
ATM Skimming - For obtaining the pin, the fraudster places a
camera which focuses on the keypad or uses a fake keypad.
Card Cloning - When you leave your card attended in the hands of a
stranger, the stranger just has to swipe the card for the skimming
device to capture all the data. The fraudster just needs to note down
your CVV number.
12
Vishing – Scamsters dial an individual posing as a bank
representative and weave a web of deceit to extract card details.
13