A MINOR PROJECT REPORT

ON

A PROJECT REPORT ON CYBER CRIME

Submitted in partial fulfillment of requirement of Bachelor of Business Administration (B.B.A) General

BBA IIIrd Semester (Evening)

Batch 2016-2019

Submitted to: Submitted by:

Jasleen Kaur Anmol Dauneria
Assistant Professor
JAGANNATH INTERNATIONAL MANAGEMENT SCHOOL KALKAJI

ACKNOWLEDGEMENTS

A lot of effort has gone into this training report. My thanks are due to many people with whom I have been closely
associated.

I would like all those who have contributed in completing this project. First of all, I would like to send my sincere

thanks to _______________ for his helpful hand in the completion of my project.

I would like to thank my entire beloved family & friends for providing me monetary as well as non – monetary
support, as and when required, without which this project would not have completed on time. Their trust and
patience is now coming out in form of this thesis
CONTENTS
CHAPTER I
INTRODUCTION TO THE TOPIC

Over the past twenty years,

unscrupulous computer users have
continued to use the computer to
commit crimes; this has greatly
fascinated people and evoked a mixed
feeling of admiration and fear. This
phenomenon has seen sophisticated
and unprecedented increase recently
and has called for quick response in
providing laws that would protect the
cyber space and its users. The level of
sophistication has gone high to the point
of using the system to commit murder
and other havoc. Cyber crime, or computer related crime, is crime that involves a computer and a network .The
computer may have been used in the commission of a crime, or it may be the target .Cybercrimes can be defined
as: "Offences that are committed against individuals or groups of individuals with a criminal motive to
intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or
indirectly, using modern telecommunication networks such as Internet (networks including but not limited to Chat
rooms, emails, (Bluetooth/SMS/MMS)".Cybercrime may threaten a person or a nation's security and financial
health. This work seeks to define the concept of cyber-crime, identify reasons for cyber-crime, how it can be
eradicated, look at those involved and the reasons for their involvement, we
would look at how best to detect a criminal mail and in conclusion, recommendations that would help in
checking the increasing rate of cybercrimes and criminals. A report (sponsored by McAfee) estimates that the
annual damage to the global economy is at $445 billion, however, a Microsoft report shows that such survey-based
estimates are "hopelessly flawed" and exaggerate the true losses by orders of magnitude.Approximately $1.5
billion was lost in 2012 to online credit and debit card fraud in the US. In 2016, a study by Juniper Research
estimated that the costs of cybercrime could be as high as 2.1 trillion by 2019.

2.0.2 WHAT IS CYBER CRIME?

Cyber-crime by definition is any harmful act committed from or against a computer or network. According to
McConnell International, Cyber Crime
are most terrestrial crimes in four ways:
Firstly they are easy to learn. Secondly,
they require few resources relative to
the potential damages caused. Thirdly,they can be committed in a jurisdiction without being physically present in it
and fourthly, they are often not clearly
illegal.
Another definition given by the
Director of Computer Crime Research
Centre (CCRC) during an interview on
the 27th April 2004 is that "Cyber-
Crime"(‘computer crime’) is any illegal
behaviour directed by means of
electronic operations that targets the
security of computer systems and the
data processed by them. In essence,
cyber-crime is crime committed in a
8
virtual space and a virtual space is
fashioned in a way that information
about persons, objects, facts, events,
phenomena or processes are
represented in mathematical, symbol or
any other way and transferred through
local and global networks.
From the above, we can deduce
that cyber crime has to do with
wrecking of havoc on computer data or
networks through interception,
interference or destruction of such data
or systems. It involves committing
crime against computer systems or the
use of the computer in committing
crimes.
2.0.3 CAUSES OF CYBER CRIME
There are many reasons
why cyber-criminals commit cybercrime,
chief among them are these
three listed below:
9
Cyber crimes can be committed for
the sake of recognition. This is
basically committed by youngsters
who want to be noticed and feel
among the group of the big and tough
guys in the society. They do not mean
to hurt anyone in particular; they fall
into the category of the Idealists; who
just want to be in spotlight.
Another cause of cyber-crime is to
make quick money. This group is
greed motivated and is career
criminals, who tamper with data on
the net or system especially, ecommerce,
e-banking data information
with the sole aim of committing fraud
and swindling money off unsuspecting
customers.
Thirdly, cyber-crime can be
committed to fight a cause one thinks
he believes in; to cause threat and
most often damages that affect the
recipients adversely. This is the most
dangerous of all the causes of cybercrime.
Those involve believe that they
are fighting a just cause and so do not
mind who or what they destroy in their
10
quest to get their goals achieved.
These are the cyber-terrorists.
2.0.4 TYPES OF CYBER CRIME
Theft of telecommunication
services
Communication in furtherance of
criminal c
conspiracies
Telecommunication piracy
 Dissemination of offensive
material
Electronic money laundering and
tax evasion
Electronic vandalism, terrorism
and extortion
Sales and investment fraud
Illegal interception of
telecommunications
Electronic funds transfer fraud
11
2.0.5 CYBER CRIME HOW TO
ERADICATE
Research has shown that no
law can be put in place to effectively
eradicate the scourge of cyber-crime.
Attempts have been made locally and
internationally, but these laws still have
shot-comings. What constitutes a crime
in a country may not in another, so this
has always made it easy for cyber
criminals to go free after being caught.
12
It has been proven that they
help big companies and government see
security holes which career criminals or
even cyber-terrorist could use to attack
them in future. Most often, companies
engage them as consultants to help them
build solid security for their systems and
data. The Idealists often help the society
through their highly mediatised and
individually harmless actions, they help
important organizations to discover their
high-tech security holes. The
enforcement of law on them can only
trigger trouble, because they would not
stop but would want to defy the law.
Moreover, if the goal of the cyber-crime
legislation is to eradicate cyber-crime, it
mint well eradicate instead a whole new
culture. Investments in education is a
much better way to prevent their actions.
Another means of
eradicating cyber-crime is to harmonize
international cooperation and law, this
goes for the greed motivated and cyberterrorists.
They cannot be fought by
education, because they are already
established criminals, so they can not
13
behave. The only appropriate way to
fight them is by enacting new laws,
harmonize international legislations and
encourage coordination and cooperation
between national law enforcement
agencies.
CLASSIFICATION

Computer crime encompasses a broad range of activities.

Fraud and financial crimes

Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing
something which causes loss. In this context, the fraud will result in obtaining a benefit by:

 Altering in an unauthorized way. This requires little technical expertise and is common form of theft by
employees altering the data before entry or entering false data, or by entering unauthorized instructions or
using unauthorized processes;
 Altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions. This is
difficult to detect;
  Altering or deleting stored data;

Other forms of fraud may be facilitated using computer systems, including bank fraud, carding, identity theft,
extortion, and theft of classified information.

A variety of internet scams, many based on phishing and social engineering, target consumers and businesses.

Cyber Terrorism

Main article: Cyber Terrorism

Government officials and information technology security specialists have documented a significant increase in
Internet problems and server scans since early 2001. But there is a growing concern among federal officials that
such intrusions are part of an organized effort by cyber terrorists, foreign intelligence services, or other groups to
map potential security holes in critical systems. A cyber terrorist is someone who intimidates or coerces a
government or an organization to advance his or her political or social objectives by launching a computer-based
attack against computers, networks, or the information stored on them.

Cyberterrorism in general can be defined as an act of terrorism committed through the use of cyberspace or
computer resources (Parker 1983). As such, a simple propaganda piece in the Internet that there will be bomb
attacks during the holidays can be considered cyberterrorism. There are also hacking activities directed towards
individuals, families, organized by groups within networks, tending to cause fear among people, demonstrate
power, collecting information relevant for ruining peoples' lives, robberies, blackmailing etc.[9]

Cyber Extortion

Main article: Extortion

Cyberextortion occurs when a website, e-mail server, or computer system is subjected to or threatened with
repeated denial of service or other attacks by malicious hackers. These hackers demand money in return for
promising to stop the attacks and to offer "protection". According to the Federal Bureau of Investigation, cyber
Extortionists are increasingly attacking corporate websites and networks, crippling their ability to operate and
demanding payments to restore their service. More than 20 cases are reported each month to the FBI and many go
unreported in order to keep the victim's name out of the public domain. Perpetrators typically use a distributed
denial-of-service attack.[10]

An example of cyber Extortion was the attack on Sony Pictures of 2014.[11]

Cyber Warfare

Sailors analyze, detect and defensively respond to unauthorized activity within U.S. Navy information systems and
computer networks
Main article: Cyber Warfare

The U.S. Department of Defense (DoD) notes that the cyberspace has emerged as a national-level concern through
several recent events of geo-strategic significance. Among those are included, the attack on Estonia's infrastructure
in 2007, allegedly by Russian hackers. "In August 2008, Russia again allegedly conducted cyberattacks, this time
in a coordinated and synchronized kinetic and non-kinetic campaign against the country of Georgia. Fearing that
such attacks may become the norm in future warfare among nation-states, the concept of cyberspace operations
impacts and will be adapted by warfighting military commanders in the future.[12]

Computer as a target

These crimes are committed by a selected group of criminals. Unlike crimes using the computer as a tool, these
crimes require the technical knowledge of the perpetrators. As such, as technology evolves, so too does the nature
of the crime. These crimes are relatively new, having been in existence for only as long as computers have—which
explains how unprepared society and the world in general is towards combating these crimes. There are numerous
crimes of this nature committed daily on the internet:
Crimes that primarily target computer networks or devices include:

 Computer viruses
 Denial-of-service attacks
 Malware (malicious code)

Computer as a tool

Main articles: Internet fraud, Spamming, Phishing, and Carding (fraud)

When the individual is the main target of cybercrime, the computer can be considered as the tool rather than the
target. These crimes generally involve less technical expertise. Human weaknesses are generally exploited. The
damage dealt is largely psychological and intangible, making legal action against the variants more difficult. These
are the crimes which have existed for centuries in the offline world. Scams, theft, and the likes have existed even
before the development in high-tech equipment. The same criminal has simply been given a tool which increases
his potential pool of victims and makes him all the harder to trace and apprehend.[13]

Crimes that use computer networks or devices to advance other ends include:

 Fraud and identity theft (although this increasingly uses malware, hacking and/or phishing, making it an
example of both "computer as target" and "computer as tool" crime)
 Information warfare
 Phishing scams
 Spam
 Propagation of illegal obscene or offensive content, including harassment and threats

The unsolicited sending of bulk email for commercial purposes (spam) is unlawful in some jurisdictions.
Phishing is mostly propagated via email. Phishing emails may contain links to other websites that are affected by
malware.[14] Or, they may contain links to fake online banking or other websites used to steal private account
information.

Obscene or offensive content

The content of websites and other electronic communications may be distasteful, obscene or offensive for a variety
of reasons. In some instances these communications may be legal.

The extent to which these communications are unlawful varies greatly between countries, and even within nations.
It is a sensitive area in which the courts can become involved in arbitrating between groups with strong beliefs.

One area of Internet pornography that has been the target of the strongest efforts at curtailment is child
pornography, which is illegal in most jurisdictions in the world.

Harassment

Various aspects needed to be considered when understanding harassment online.

See also: Cyberbullying, Online predator, Cyberstalking, and Internet troll

Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments
at specific individuals focusing for example on gender, race, religion, nationality, sexual orientation. This often
occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties. Harassment on the
internet also includes revenge porn.

There are instances where committing a crime using a computer can lead to an enhanced sentence. For example, in
the case of United States v. Neil Scott Kramer, Kramer was served an enhanced sentence according to the U.S.
Sentencing Guidelines Manual §2G1.3(b)(3)[15] for his use of a cell phone to "persuade, induce, entice, coerce, or
facilitate the travel of, the minor to engage in prohibited sexual conduct." Kramer argued that this claim was
insufficient because his charge included persuading through a computer device and his cellular phone technically is
not a computer. Although Kramer tried to argue this point, U.S. Sentencing Guidelines Manual states that the term
computer "means an electronic, magnetic, optical, electrochemically, or other high speed data processing device
performing logical, arithmetic, or storage functions, and includes any data storage facility or communications
facility directly related to or operating in conjunction with such device."[16]

Connecticut was the U.S. state to pass a statute making it a criminal offense to harass someone by computer.
Michigan, Arizona, and Virginia and South Carolina[17] have also passed laws banning harassment by electronic
means.[18][19]

Harassment as defined in the U.S. computer statutes is typically distinct from cyberbullying, in that the former
usually relates to a person's "use a computer or computer network to communicate obscene, vulgar, profane, lewd,
lascivious, or indecent language, or make any suggestion or proposal of an obscene nature, or threaten any illegal
or immoral act," while the latter need not involve anything of a sexual nature.

Although freedom of speech is protected by law in most democratic societies (in the US this is done by the First
Amendment), it does not include all types of speech. In fact spoken or written "true threat" speech/text is
criminalized because of "intent to harm or intimidate", that also applies for online or any type of network related
threats in written text or speech.[20] The US Supreme Court definition of "true threat" is "statements where the
speaker means to communicate a serious expression of an intent to commit an act of unlawful violence to a
particular individual or group".[20]

Drug trafficking

Darknet markets are used to buy and sell recreational drugs online. Some drug traffickers use encrypted messaging
tools to communicate with drug mules. The dark web site Silk Road was a major online marketplace for drugs
before it was shut down by law enforcement (then reopened under new management, and then shut down by law
enforcement again). After Silk Road 2.0 went down, Silk Road 3 Reloaded emerged. However, it was just an older
marketplace named Diabolus Market, that used the name for more exposure from the brand's previous success.
CASES THAT ARE DOCUMENTED

 One of the highest profiled banking computer crime occurred during a course of three years beginning in
1970. The chief teller at the Park Avenue branch of New York's Union Dime Savings Bank embezzled over
$1.5 million from hundreds of accounts.

 A hacking group called MOD (Masters of Deception), allegedly stole passwords and technical data from
Pacific Bell, Nynex,
and other telephone companies as well as several big credit agencies and two major universities. The
damage caused was extensive, one company, Southwestern Bell suffered losses of $370,000 alone.

 In 1983, a nineteen-year-old UCLA student used his PC to break into a Defense Department international
communications system.

 Between 1995 and 1998 the Newscorp satellite pay to view encrypted SKY-TV service was hacked several
times during an ongoing technological arms race between a pan-European hacking group and Newscorp. The
original motivation of the hackers was to watch Star Trek re-runs in Germany; which was something which
Newscorp did not have the copyright to allow.

 On 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically sent
that document and a copy of the virus spread via e-mail to other people.

 In February 2000, an individual going by the alias of MafiaBoy began a series denial-of-service attacks
against high-profile websites, including Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN.
About fifty computers at Stanford University, and also computers at the University of California at Santa
Barbara, were amongst the zombie computers sending pings in DDoS attacks. On 3 August 2000, Canadian
federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of ten
counts of mischief to data for his attacks.
 The Russian Business Network (RBN) was registered as an internet site in 2006. Initially, much of its
activity was legitimate. But apparently the founders soon discovered that it was more profitable to host
illegitimate activities and started hiring its services to criminals. The RBN has been described by VeriSign as
"the baddest of the bad".[24] It offers web hosting services and internet access to all kinds of criminal and
objectionable activities, with an individual activities earning up to $150 million in one year. It specialized in
and in some cases monopolized personal identity theft for resale. It is the originator of MPack and an alleged
operator of the now defunct Storm botnet.

 On 2 March 2010, Spanish investigators arrested 3 in infection of over 13 million computers around the
world. The "botnet" of infected computers included PCs inside more than half of the Fortune 1000
companies and mo re than 40 major banks, according to investigators.

 In August 2010 the international investigation Operation Delego, operating under the aegis of the
Department of Homeland Security, shut down the international pedophile ring Dreamboard. The website had
approximately 600 members, and may have distributed up to 123 terabytes of child pornography (roughly
equivalent to 16,000 DVDs). To date this is the single largest U.S. prosecution of an international child
pornography ring; 52 arrests were made worldwide.

 In January 2012 Zappos.com experienced a security breach after as many as 24 million customers' credit
card numbers, personal information, billing and shipping addresses had been compromised.

 In June 2012 LinkedIn and eHarmony were attacked, compromising 65 million password hashes. 30,000
passwords were cracked and 1.5 million EHarmony passwords were posted online.

 December 2012 Wells Fargo website experienced a denial of service attack. Potentially compromising 70
million customers and 8.5 million active viewers. Other banks thought to be compromised: Bank of
America, J. P. Morgan U.S. Bank, and PNC Financial Services.
  April 23, 2013 saw the Associated Press' Twitter account's hacked - the hacker posted a hoax tweet about
fictitious attacks in the White House that they claimed left President Obama injured. This hoax tweet
resulted in a brief plunge of 130 points from the Dow Jones Industrial Average, removal of $136 billion
from S&P 500 index, and the temporary suspension of AP's Twitter account. The Dow Jones later restored
its session gains.

 In May 2017, 74 countries logged a ransomware cybercrime, called "WannaCry"

HOMELAND
SECURITY
14
1.2.1INTRODUCTI
ON
Homeland security is an American
umbrella term for "the national effort to
ensure a homeland that is safe, secure,
and resilient against terrorism and other
hazards where American interests,
aspirations, and ways of life can thrive
to the national effort to prevent terrorist
attacks within the United States, reduce
the vulnerability of the U.S. to terrorism,
and minimize the damage from attacks
that do occur.
Ten years after the 9/11 terrorist
attacks, policymakers continue to
grapple with the definition of homeland
security. Prior to 9/11, the United States
15
addressed crises through the separate
prisms of national defence, law
enforcement, and emergency
management. 9/11 prompted a strategic
process that included a debate over and
the development of homeland security
policy. Today, this debate and
development has resulted in numerous
federal entities with homeland security
responsibilities. For example, there are
30 federal entities that receive annual
homeland security funding excluding the
Department of Homeland Security
(DHS). The Office of Management and
Budget (OMB) estimates that 48% of
annual homeland security funding is
appropriated to these federal entities,
with the Department of Defence(DOD)
receiving approximately 26% of total
federal homeland security funding. DHS
receives approximately 52%.
1.2.2 Evolution of Homeland
Security Concept
16
The concept of homeland security has
evolved over the last decade. Homeland
security as a concept was precipitated
by the terrorist attacks of 9/11.
However, prior to 9/11 such entities as
the Gilmore Commission and the United
States Commission on National Security
discussed the need to evolve the way
national security policy was
conceptualized due to the end of the
Cold War and the rise of radicalized
terrorism. After 9/11, policymakers
concluded that a new approach was
needed to address the large-scale
terrorist attacks. A presidential council
and department were established, and a
series of presidential directives were
issued in the name of "homeland
security". These developments
established that homeland security was
a distinct, but undefined concept. Later,
the federal, state, and local government
responses to disasters such as Hurricane
Katrina expanded the concept of
homeland security to include significant
disasters, major public health
emergencies, and other events that
17
threaten the United States, its economy,
the rule of law, and government
operations. This later expansion of the
concept of homeland security solidified
it as something distinct from other
federal government security operations
such as homeland defence.
1.2.3 WHAT dhs DO in
homeland security
DHS Science and
Technology Directorate (S&T)
strengthens America’s security and
resiliency by providing knowledge
products and innovative technology
solutions for the Homeland Security
Enterprise (HSE). Homeland Security
Advanced Research Projects Agency
(HSARPA) focuses on identifying,
developing, and transitioning
technologies and capabilities to counter
chemical, biological, explosive, and
18
cyber terrorism threats, as well as
protect our nation’s borders and
infrastructure. HSARPA divisions work
directly with DHS components to better
understand and address their highpriority
requirements and define
operational context by conducting
analyses of current missions, systems,
and processes. This process ultimately
identifies operational gaps where S&T
can have the greatest impact on
operating efficiency and increasing
capability. In addition, Apex Technology
Engines (Engines) power open
innovation by harnessing subject matter
experts and capabilities across DHS.
Efforts include basic technical
evaluations, knowledge products,
developmental improvements, full lifecycle
research, and piloting of new and
existing technologies.
19
1.2.4 DIVISION IN HOMELAND
To accomplish its mission, HSI is
organized into the following divisions:
Borders and Maritime
Security Division: Prevents
contraband, criminals, and terrorists
from entering the United States,
while permitting the lawful flow of
commerce and visitors.
Chemical and Biological
Defence Division: Detects, protects
against, responds to, and recovers
from biological or chemical threats
and events.
Cyber Security Division:
Creates a safe, secure, and resilient
cyber environment.
Explosives Division: Detects,
prevents, and mitigates explosives
attacks against people and
infrastructure.
20
Resilient Systems Division:
Enhances resilience to prevent and
protect against threats, mitigates
hazards, responds to disasters, and
expedites recovery.
1.2.5 GOALS OF HOMELAND
SECURITY
Prevent and disrupt terrorist
attacks
Protect the American people, our
critical infrastructure, and key
resources;
Respond to and recover from
incidents that do occur
Continue to strengthen the
foundation to ensure our long-term
success.
2.2.1 TAPPING CASES

The Greek wiretapping case of

2004-2005, also referred to as Greek
Watergate involved the illegal tapping of
more than 100 mobile phones on
the Vodafone Greece network belonging
mostly to members of
the Greek government and top-ranking
civil servants. The taps began sometime
near the beginning of August 2004 and
were removed in March 2005 without
discovering the identity of the
perpetrators.
The phones tapped included
those of the Prime Minister Kostas
Karamanlis and members of his family,
the Mayor of Athens, Dora Bakoyannis,
and the top officers at the Ministry of
Defence, the Ministry of Foreign Affairs,
the Ministry for Public Order, members of
the ruling party, ranking members of the
opposition Panhellenic Socialist
Movement party (PASOK), the Hellenic
33
Navy General Staff, the previous Minister
of Defence and one, a locally hired Greek
American employee of the American
Embassy. Phones of Athens-based Arab
businessmen were also tapped.
Foreign and Greek media have
raised United States intelligence
agencies as the main
suspects. AFP reported that one Greek
official stated on background that the
likely initial penetration occurred during
the run-up to the 2004 Athens Olympics,
stating: "it is evident that the wiretaps
were organized by foreign intelligence
agencies, for security reasons related to
the 2004 Olympic Games. The leader of
the PASOK socialist opposition George
Papandreou said that the Greek
government itself had pointed towards
the US as responsible for the wiretaps by
giving up the zone of listening range, in
which the US embassy was included.
34
2.2.2 DISCOVERY OF ILLEGAL
TAPS
On January 24, 2005, an
intruder update of exchange software
resulted in customer text messages not
being sent. Vodafone Greece sent
firmware dumps of the affected
exchanges to Ericsson for analysis. On
March 4, 2005, Ericsson located the
rogue code, 6500 lines of code written
in the PLEX programming language used
by Ericsson AXE switches. Writing such
sophisticated code in a very esoteric
language required a high level of
expertise. Much of Ericsson's software
development for AXE had been done by
an Athens-based company named
Intracom Telecom, so the skills needed
to write the rogue software were likely
available within Greece.
On March 7, 2005, Ericsson
notified Vodafone of the existence of
rogue wiretaps and software in their
systems. The next day the general
manager of the Greek Vodafone branch,
35
George Koronias, asked for the software
to be removed and deactivated.
Because the rogue software was
removed before law enforcement had an
opportunity to investigate, the
perpetrators were likely alerted that
their software had been found and had
ample opportunity to turn off the
"shadow" phones to avoid detection. On
March 9, the Network Planning Manager
for Vodafone Greece, Kostas Tsalikidis,
was found dead in an apparent suicide.
According to several experts questioned
by the Greek press, Tsalikidis was a key
witness in the investigation of
responsibility of the wiretaps. After fourmonth
investigation of his death,
Supreme Court prosecutor Dimitris Linos
said that the death of Kostas Tsalikidis
was directly linked to the scandal. "If
there had not been the phone tapping,
there would not have been a suicide.
A preliminary judicial investigation was
carried out, which, due to the
complexity of the case, lasted until
February 1, 2006. The preliminary
investigation did not point out any
36
persons connected with the case. The
investigation was hindered by the fact
that Vodafone disabled the interception
system, and therefore locating the
intercepting phones was no longer
possible (the phones were apparently
switched off), and that Vodafone had
incorrectly purged all access logs. Police
rounded up and questioned as suspects
persons who called the monitoring
phones, but all callers claimed they
called these phones because their
number was previously used by another
person.
2.2.3 FALLOUT
The investigation into the
matter was further hampered when
Greek law enforcement officials began
to make accusations at both Vodafone
and Ericsson, which forced experts on
the defensive. .A recent appeal of the
main opposition party, PASOK, to form
an investigating parliamentary
committee was rejected by the
governing party.
37
In December 2006 Vodafone
Greece was fined €76 million by the
Communications Privacy Protection
Authority, a Greek privacy watchdog
group, for the illegal wiretapping of 106
cell phones. The fine was calculated as
€500,000 for each phone that was
eavesdropped on, as well as a €15
million fine for impeding their
investigation.
On October 19, 2007,
Vodafone Greece was again fined €19
million by EETT, the national
telecommunications regulator, for
alleged breach of privacy rules. On
September 2011, new evidence
emerged indicated the US Embassy in
Athens was behind the telephone
interceptions. The key evidence of
complicity was that out of the 14
anonymous prepaid mobile phones used
for the interception, three had been
purchased by the same person at the
same time as a fourth one. The fourth
phone called mobile phones and
landlines registered with the US
Embassy in Athens. With a sim card
38
registered to the US Embassy, it also
called two telephone numbers in Ellicott
City and Catonsville, Maryland, both
NSA bedroom communities. A criminal
investigation was launched, and in
February 2015, Greek investigators were
finally able to finger a suspect, William
George Basil, a NSA operative from a
Greek immigrant background. Greek
authorities have issued a warrant for
Basil's arrest, who has since gone into
hiding.

AGENCIES THAT ARE COMBATING COMPUTER CRIME

 Australian High Tech Crime Centre

 National White Collar Crime Center

Australian High Tech Crime Centre :

The Australian High Tech Crime Centre (AHTCC) is an Australia-wide policing initiative to coordinate the
efforts of Australian law enforcement in combating serious, complex and multi-jurisdictional Internet-based
crimes, particularly those beyond the capability of individual police agencies in Australia. Other roles include
protecting the information infrastructure of Australia, and providing information to other law enforcement to help
combat online crime.

OrganisationEdit

They are hosted by the Australian Federal Police (AFP) at their headquarters in Canberra. Under the auspices of
the AFP, the AHTCC is party to the formal Joint Operating Arrangement established between the AFP, the
Australian Security Intelligence Organisation and the Computer Network Vulnerability Team of the Australian
Signals Directorate.

Law enforcement in Australia

Law enforcement in Australia is one of the three major components of the country's justice system, along with
courts and corrections. There are law enforcement officers employed by all three levels of government – federal,
state / territory, and local.

Federally, the main law enforcement agency is the Australian Federal Police (AFP), which has a wide mandate to
enforce Australian criminal law and protect its national interests. There are also a number of other agencies that
have powers confined to specific areas, such as national security (ASIO), customs and immigration (ABF), and
white-collar crime (ATO, ACCC, ASIC). Each branch of the Australian Defence Force (ADF) has its own military
police, although there is also an overarching ADF Investigative Service for more complex investigations.

As each Australian state enacts its own laws, general law enforcement duties are the responsibility of state police
forces, who are in turn responsible to a government minister (usually the Minister for Police). These forces carry
out the bulk of general policing throughout the entire state, including in metropolitan areas. Other state-government
departments may also have investigative powers for specific offences within their purview. The Northern Territory
also has its own police force, but in Australia's other territories (including the Australian Capital Territory) law
enforcement is handled by the federal government.
Australian state and federal police routinely carry firearms. While on duty, most officers' duty belts consist of a
handgun, a Taser, an expandable baton, pepper spray, a set of handcuffs, ammunition magazines, gloves, torch and
a two-way radio. Local governments have their own smaller force of authorised officers – known as council
rangers – to enforce local laws pertaining solely to individual local government jurisdictions. Council rangers
generally do not have full police powers

Crime in Australia
Page issues

Crime in Australia is combated by the Australian police and other agencies.

The number of offenders proceeded against by police during 2013–2014 increased by 4%.[1]

In 2013–2014 the offender rate, which is the number of offenders in the population of Australia, increased by 2%.
The number of Youth offenders fell by 4%.[1]

The most prevalent offences are Public Disorder offences, followed by illicit drug offences. The largest percentage
increase are sexual assault and related offences which increased by 19%.[1]

From the National Australian Homicide Monitoring program report 2012: "The homicide rate has continued to
decline each year, since 1989-90. The periods 2010–2011 and 2011–2012 are the lowest homicide rate since data
collection began in 1989".

Crime statisticsEdit

Data from the Australian Bureau of Statistics (ABS) shows that during the 2009/10 year police took action against
375,259 people,[3] up by 4.8 percent from 2008/09 figures.[3] Young offenders aged 10 to 19 comprised about 29
percent of the total offender population across Australia.[3] In the 2009/10 financial year, 84,100 women had police
action taken against them across Australia, up by six percent compared with the previous year.[3] 290,400 men had
police action taken against them in 2009/10, an annual increase of 4 percent. [3] About 30 percent of the women
were accused of theft, whereas the most common principal offence for men was intention to cause injury and
matters related to public order.[3] Research from the Australian Institute of Criminology, shows that from 1990
until the middle of 2011, 40 percent of people who were fatally shot by police were suffering from a mental illness.
In NSW, the fatalities included Adam Salter (shot dead in Sydney in 2009); Elijah Holcombe (shot dead in
Armidale in 2009); and Roni Levi (shot dead on Bondi Beach in 1997). In Victoria, the fatalities included the 2008
highly controversial shooting death of Tyler Cassidy. At age 15, Cassidy is believed to be the youngest person ever
shot dead by police in Australia.[4] As of 2010, the homicide rate of Australia is 1.2 per 100,000.[5]

2015- 2016

Between 2015 and 2016, in Australia, the number of victims for the majority of offence categories decreased:[6]

 Homicide (decrease of 3.0% or 13 victims);

 Kidnapping/abduction (decrease of 7.7% or 46 victims);
 Robbery (decrease of 16% or 1,825 victims);
 Unlawful entry with intent (decrease of 6.5% or 12,650 victims);
 Motor vehicle theft (decrease of 4.4% or 2,322 victims);
 Other theft (decrease of 1.7% or 8,324 victims).

In contrast, there was an increase between 2015 and 2016 in the number of victims for the following offences:[6]

 Sexual assault (increase of 3.3% or 652 victims);

 Blackmail/extortion (increase of 3.5% or 18 victims)

Murder

There were 238 reported murder victims in Australia during 2014, compared to 245 in 2015.[7]

In Australia during 2015:

  The murder victimisation rate fell to a five-year low of 1.0 victim per 100,000 persons;
 Nearly two in three victims of murder (61% or 146 victims) were male;
 The proportion of murder victims was largest for males aged between 35 and 44 years (16% or 38 victims)
and males aged between 25 and 34 years (11% or 27 victims);
 Two in three murders (66% or 158 victims) occurred at a residential location;
 Of weapons used in murder, a knife was the most common (44% or 69 victims); and
 Over three-quarters (77%) of all murder investigations (184 victims) were finalised by police within 30 days.

Attempted murder

The number of attempted murder victims in Australia decreased from 164 in 2013 to a five-year low of 151 in
2015.[7]

In Australia during 2016:

 The attempted murder victimisation rate dropped slightly to 0.6 victims per 100,000 persons, compared with
0.7 victims per 100,000 persons in 2013;
 About two in three victims of attempted murder (68% or 102 victims) were male;
 Males aged between 35 and 44 years accounted for the largest proportion of attempted murder victims (19%
or 29 victims);
 Nearly two in three attempted murders (62% or 93 victims) occurred at a residential location;
 Of weapons used in attempted murder, the most common were a firearm (38% or 42 victims) and a knife
(36% or 40 victims); and
 74% of all attempted murder investigations (111 victims) were finalised by police within 30 days.

Manslaughter

There were 24 manslaughter victims in Australia in 2014, compared to 23 in 2015.[7]

In Australia during 2016:

 The manslaughter victimisation rate was 0.1 victims per 100,000 persons for the second consecutive year;
and
 71% of all manslaughter investigations (17 victims) were finalised by police within 30 days.

Sexual assault

There was a 3.3% increase in the number of sexual assault victims in Australia, from 20,025 in 2013 to a five year
high of 20,677 in 2014.

In Australia during 2016:

 The sexual assault victimisation rate increased to a five year high of 88 victims per 100,000 persons;
 The majority of sexual assault victims (83% or 17,072 victims) were female;
 Persons aged 19 years and under accounted for 60% (12,446 victims) of all victims of sexual assault;
 Over a quarter (29% or 1,014 victims) of male sexual assault victims were aged 0–9 years;
 Over two-thirds (68% or 14,105 victims) of sexual assaults occurred at a residential location; and
 41% of all sexual assault investigations (8,507 victims) were finalised by police within 30 days

Kidnapping

There was a 7.7% decrease in the number of kidnapping/abduction victims in Australia, from 596 in 2015 to a five-
year low of 550 in 2016.

In Australia during 2016:

 The kidnapping/abduction victimisation rate decreased to a five-year low of 2.3 victims per 100,000 persons;
 The decrease in the umber of kidnapping/abduction victims was largest for persons aged between 10 and 14
years (down 47% or 51 victims from 2015);
  Females accounted for a slightly larger proportion of all kidnapping/abduction victims (57% or 315 victims);
 Private dwellings were the most common location for kidnapping/abduction to occur +(39% or 214 victims);
and
 Just over half (51%) of all kidnapping/abduction investigations (280 victims) were finalised by police within
30 days.

Robbery

There was a 16% decrease in the number of robbery victims (both person and non-person victims) in Australia,
from 11,711 in 2013 to a five-year low of 9,886 in 2014.[10]

In Australia during 2015:

 Street/footpath ws the most common location for robbery to occur (37% or 3,707 victims);
 Of weapons used in robbery, a knife was the most common (48% or 2,312 victims); and
 38% of all robbery investigations (3,726 victims) were finalised by police within 30 days.

Of total robbery victims, 82% (8,130 victims) were persons, and of these:

 72% (5,864 victims) were male; and

 Persons aged between 25 and 34 years accounted for the largest proportion (24% or 1,932 victims).

Armed robbery

There was a 14% decrease in the number of armed robbery victims (both person and non-person victims) in
Australia, from 5,631 in 2013 to a five-year low of 4,855 in 2014. Of total armed robbery victims, 72% (3,505
victims) were persons, and of these:[10]

 Just over three in four victims (76% or 2,679 victims) were male; and
  Persons aged between 25 and 34 years accounted for the largest proportion of armed robbery victims (26%
or 896 victims).

Unarmed robbery

There was a 17% decrease in the number of unarmed robbery victims (both person and non-person victims) in
Australia, from 6,076 in 2013 to a five-year low of 5,033 in 2014. Of total unarmed robbery victims, 92% (4,627
victims) were persons, and of these:[10]

 Just over two in three victims (69% or 3,187 victims) were male; and
 Persons aged 25 to 34 years of age accounted for the largest proportion of unarmed robbery victims (22% or
1,033 victims).

Blackmail and extortion

There was a 3.5% increase in the number of blackmail/extortion victims (both person and non-person victims) in
Australia, from 509 in 2013 to a five year high of 527 in 2014. During 2014, 40% of all blackmail/extortion
investigations (211 victims) were finalised by police within 30 days.[11]

Of total blackmail/extortion victims in 2014, 93% (492 victims) were persons, and of these:

 Nearly three-quarters of victims (73% or 361) were male; and

 Persons aged 25 to 34 years accounted for the largest proportion of blackmail/extortion victims (24% or 119
victims).

Unlawful entry with intent

There was a 6.5% decrease in the number of victims of unlawful entry with intent in Australia, from 194,529 in
2013 to a five-year low of 181,879 in 2014.
In Australia during 2014:

 The most common location for unlawful entry with intent to occur was a residential location (71% or
129,941 victims);
 Nearly seven in ten victims of unlawful entry with intent had property taken (68% or 122,952 victims); and
 11% of all unlawful entry with intent investigations (20,051 victims) were finalised by police within 30 days.

Motor vehicle theft

There was a 4.4% decrease in the number of victims of motor vehicle theft in Australia, from 52,508 in 2013 to a
five-year low of 50,186 in 2014.[13]

In Australia during 2014:

 The most common location in which motor vehicle theft occurred was an outbuilding or residential land
(46% or 22,872 victims); and
 17% of all motor vehicle theft investigations (8,594 victims) were finalised by police within 30 days.

Other theft

There was a 1.7% decrease in the number of victims of other theft in Australia, from 493,540 in 2013 to 485,216 in
2014. [14]

In Australia during 2014:

 The most common location for other theft to occur was a retail location (33% or 159,349 victims); and
 36% of all other theft investigations (175,271 victims) were finalised by police within 30 days.
Place of Birth

The Australian Bureau of Statistics regularly publishes characteristics of those incarcerated including country of
birth. The 2014 figures show that in general Australians have a higher percentage when compared to their
proportion of the population but amongst foreigners, some nations have higher rates than both the average and
Australians particularly in relation to homicide. [15]

Prisoner Characteristics 2014

Country of Birth Homicide and related offences% All Crime% National Population%
Australia 76.3 81.1 69.8
New Zealand 3.3 3.0 2.2
Vietnam 2.1 2.3 0.9
United Kingdom 3.2 1.8 5.1
China 0.9 0.7 1.5
Lebanon 0.6 0.6 0.4
Sudan 0.3 0.4 0.1
Iraq 0.6 0.4 0.2
Philippines 0.5 0.4 0.8
Fiji 0.5 0.4 0.3
Other 10.0 7.9 18.7
National White Collar Crime Center :

The National White Collar Crime Center, also known as NW3C, is a congressionally funded non-profit
corporation which trains state and local law enforcement agencies to combat emerging economic and cyber crime
problems. The NW3C provides the general public with information and research on preventing economic and
cyber crime. Their partnership with the Internet Crime Complaint Center, allows Internet crime victims to submit
their reports to the appropriate local, state, and federal authorities.

Purpose

The National White Collar Crime Center provides training, investigative support, and research to organizations
involved in preventing, investigating and prosecuting economic and high tech crime.

Partner agencies

 Bureau of Justice Assistance

 Federal Bureau of Investigation
 Fraternal Order of Police
 International Association of Chiefs of Police
 Internet Crime Complaint Center
 National Organization of Black Law Enforcement Executives
 National Sheriffs' Association
Cyber Law of India : Introduction

In Simple way we can say that cyber crime is unlawful acts wherein the computer is either a tool or a
target or both

Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud,
forgery, defamation and mischief, all of which are subject to the Indian Penal Code. The abuse of
computers has also given birth to a gamut of new age crimes that are addressed by the
Information Technology Act, 2000.

We can categorize Cyber crimes in two ways

The Computer as a Target :-using a computer to attack other computers.

e.g. Hacking, Virus/Worm attacks, DOS attack etc.

The computer as a weapon :-using a computer to commit real world crimes.

e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc.

Cyber Crime regulated by Cyber Laws or Internet Laws.

Technical Aspects

Technological advancements have created new possibilities for criminal activity, in particular the
criminal misuse of information technologies such as
a. Unauthorized access & Hacking:-

Access means gaining entry into, instructing or communicating with the logical, arithmetical, or
memory function resources of a computer, computer system or computer network.

Unauthorized access would therefore mean any kind of access without the permission of either the
rightful owner or the person in charge of a computer, computer system or computer network.

Every act committed towards breaking into a computer and/or network is hacking. Hackers write or
use ready-made computer programs to attack the target computer. They possess the desire to
destruct and they get the kick out of such destruction. Some hackers hack for personal monetary
gains, such as to stealing the credit card information, transferring money from various bank accounts
to their own account followed by withdrawal of money.

By hacking web server taking control on another persons website called as web hijacking

b. Trojan Attack:-

The program that act like something useful but do the things that are quiet damping. The programs of
this kind are called as Trojans.

The name Trojan Horse is popular.

Trojans come in two parts, a Client part and a Server part. When the victim (unknowingly) runs the
server on its machine, the attacker will then use the Client to connect to the Server and start using
the trojan.

TCP/IP protocol is the usual protocol type used for communications, but some functions of the trojans
use the UDP protocol as well.
c. Virus and Worm attack:-

A program that has capability to infect other programs and make copies of itself and spread into other
programs is called virus.

Programs that multiply like viruses but spread from computer to computer are called as worms.

d. E-mail & IRC related crimes:-

1. Email spoofing

Email spoofing refers to email that appears to have been originated from one source when it was
actually sent from another source. Please Read

2. Email Spamming

Email "spamming" refers to sending email to thousands and thousands of users - similar to a chain
letter.

3 Sending malicious codes through email

E-mails are used to send viruses, Trojans etc through emails as an attachment or by sending a link of
website which on visiting downloads malicious code.

4. Email bombing

E-mail "bombing" is characterized by abusers repeatedly sending an identical email message to a

particular address.

5. Sending threatening emails

6. Defamatory emails

7. Email frauds

8. IRC related

Three main ways to attack IRC are: "verbalâ⦣8218;?Ŧ#8220; attacks, clone attacks, and flood attacks.

e. Denial of Service attacks:-

Flooding a computer resource with more requests than it can handle. This causes the resource to
crash thereby denying access of service to authorized users.

Examples include

attempts to "flood" a network, thereby preventing legitimate network traffic

attempts to disrupt connections between two machines, thereby preventing access to a service

attempts to prevent a particular individual from accessing a service

attempts to disrupt service to a specific system or person.

Cyber Law Introduction

Distributed DOS
A distributed denial of service (DoS) attack is accomplished by using the Internet to break into computers and
using them to attack a network.

Hundreds or thousands of computer systems across the Internet can be turned into “zombies” and used to attack
another system or website.

Types of DOS

There are three basic types of attack:

a. Consumption of scarce, limited, or non-renewable resources like NW bandwith, RAM, CPU time. Even
power, cool air, or water can affect.

b. Destruction or Alteration of Configuration Information

c. Physical Destruction or Alteration of Network Components

e. Pornography:-

The literal mining of the term 'Pornography' is “describing or showing sexual acts in order to cause sexual
excitement through books, films, etc.”

This would include pornographic websites; pornographic material produced using computers and use of internet to
download and transmit pornographic videos, pictures, photos, writings etc.

Adult entertainment is largest industry on internet.There are more than 420 million individual pornographic
webpages today.

Research shows that 50% of the web-sites containing potentially illegal contents relating to child abuse were ‘Pay-
Per-View’. This indicates that abusive images of children over Internet have been highly commercialized.
Pornography delivered over mobile phones is now a burgeoning business, “driven by the increase in sophisticated
services that deliver video clips and streaming video, in addition to text and images.”

Effects of Pornography

Research has shown that pornography and its messages are involved in shaping attitudes and encouraging behavior
that can harm individual users and their families.

Pornography is often viewed in secret, which creates deception within marriages that can lead to divorce in some
cases.

In addition, pornography promotes the allure of adultery, prostitution and unreal expectations that can result in
dangerous promiscuous behavior.

Some of the common, but false messages sent by sexualized culture.

Sex with anyone, under any circumstances, any way it is desired, is beneficial and does not have negative
consequences.

Women have one value - to meet the sexual demands of men.

Marriage and children are obstacles to sexual fulfillment.

Everyone is involved in promiscuous sexual activity, infidelity and premarital sex.

Pornography Addiction

Dr. Victor Cline, an expert on Sexual Addiction, found that there is a four-step progression among many who
consume pornography.
1.Addiction: Pornography provides a powerful sexual stimulant or aphrodisiac effect, followed by sexual release,
most often through

masturbation.

2.Escalation: Over time addicts require more explicit and deviant material to meet their sexual "needs."

3.Desensitization: What was first perceived as gross, shocking and disturbing, in time becomes common and
acceptable.

4.Acting out sexually: There is an increasing tendency to act out behaviors viewed in pornography.

g. Forgery:-

Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using sophisticated
computers, printers and scanners.

Also impersonate another person is considered forgery.

h. IPR Violations:-

These include software piracy, copyright infringement, trademarks violations, theft of computer source code,
patent violations. etc.

Cyber Squatting- Domain names are also trademarks and protected by ICANN’s domain dispute resolution policy
and also under trademark laws.

Cyber Squatters registers domain name identical to popular service provider’s domain so as to attract their users
and get benefit from it.
i. Cyber Terrorism:-

Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic control,
telecommunication networks are the most likely targets. Others like police, medical, fire and rescue systems etc.

Cyberterrorism is an attractive option for modern terrorists for several reasons.

1.It is cheaper than traditional terrorist methods.

2.Cyberterrorism is more anonymous than traditional terrorist methods.

3.The variety and number of targets are enormous.

4.Cyberterrorism can be conducted remotely, a feature that isespecially appealing to terrorists.

5.Cyberterrorism has the potential to affect directly a larger number of people.

j. Banking/Credit card Related crimes:-

In the corporate world, Internet hackers are continually looking for opportunities to compromise a company’s
security in order to gain access to confidential banking and financial information.

Use of stolen card information or fake credit/debit cards are common.

Bank employee can grab money using programs to deduce small amount of money from all customer accounts and
adding it to own account also called as salami.

k. E-commerce/ Investment Frauds:-

Sales and Investment frauds. An offering that uses false or fraudulent claims to solicit investments or loans, or that
provides for the purchase, use, or trade of forged or counterfeit securities.

Merchandise or services that were purchased or contracted by individuals online are never delivered.

The fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or
the non-delivery of products purchased through an Internet auction site.

Investors are enticed to invest in this fraudulent scheme by the promises of abnormally high profits.

l. Sale of illegal articles:-

This would include trade of narcotics, weapons and wildlife etc., by posting information on websites, auction
websites, and bulletin boards or simply by using email communication.

Research shows that number of people employed in this criminal area. Daily peoples receiving so many emails
with offer of banned or illegal products for sale.

m. Online gambling:-

There are millions of websites hosted on servers abroad, that offer online gambling. In fact, it is believed that many
of these websites are actually fronts for money laundering.

n. Defamation: -

Defamation can be understood as the intentional infringement of another person's right to his good name.

Cyber Defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g.
someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory
information to all of that person's friends. Information posted to a bulletin board can be accessed by anyone. This
means that anyone can place

Cyber defamation is also called as Cyber smearing.

Cyber Stacking:-

Cyber stalking involves following a persons movements across the Internet by posting messages (sometimes
threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim,
constantly bombarding the victim with emails etc.

In general, the harasser intends to cause emotional distress and has no legitimate purpose to his communications.

p. Pedophiles:-

Also there are persons who intentionally prey upon children. Specially with a teen they will let the teen know that
fully understand the feelings towards adult and in particular teen parents.

They earns teens trust and gradually seduce them into sexual or indecent acts.

Pedophiles lure the children by distributing pornographic material, then they try to meet them for sex or to take
their nude photographs including their engagement in sexual positions.

q. Identity Theft :-

Identity theft is the fastest growing crime in countries like America.

Identity theft occurs when someone appropriates another's personal information without their knowledge to commit
theft or fraud.
Identity theft is a vehicle for perpetrating other types of fraud schemes.

r. Data diddling:-

Data diddling involves changing data prior or during input into a computer.

In other words, information is changed from the way it should be entered by a person typing in the data, a virus that
changes data, the programmer of the database or application, or anyone else involved in the process of having
information stored in a computer file.

It also include automatic changing the financial information for some time before processing and then restoring
original information.

s. Theft of Internet Hours:-

Unauthorized use of Internet hours paid for by another person.

By gaining access to an organisation's telephone switchboard (PBX) individuals or criminal organizations can
obtain access to dial-in/dial-out circuits and then make their own calls or sell call time to third parties.

Additional forms of service theft include capturing 'calling card' details and on-selling calls charged to the calling
card account, and counterfeiting or illicit reprogramming of stored value telephone cards.

t. Theft of computer system (Hardware):-

This type of offence involves the theft of a computer, some part(s) of a computer or a peripheral attached to the
computer.

u. Physically damaging a computer system:-

Physically damaging a computer or its peripheralseither by shock, fire or excess electric supply etc.

v. Breach of Privacy and Confidentiality

Privacy

Privacy refers to the right of an individual/s to determine when, how and to what extent his or her personal data
will be shared with others.

Breach of privacy means unauthorized use or distribution or disclosure of personal information like medical
records, sexual preferences, financial status etc.

Confidentiality

It means non disclosure of information to unauthorized or unwanted persons.

In addition to Personal information some other type of information which useful for business and leakage of such
information to other persons may cause damage to business or person, such information should be protected.

Generally for protecting secrecy of such information, parties while sharing information forms an agreement about
he procedure of handling of information and to not to disclose such information to third parties or use it in such a
way that it will be disclosed to third parties.

Many times party or their employees leak such valuable information for monitory gains and causes breach of
contract of confidentiality.

Special techniques such as Social Engineering are commonly used to obtain confidential information.