Computer crime, cybercrime, e-crime, hi-tech crime or electronic crime generally refers to

criminal activity where a computer or network is the source, tool, target, or place of a crime.
These categories are not exclusive and many activities can be characterized as falling in one or
more. Additionally, although the terms computer crime and cybercrime are more properly
restricted to describing criminal activity in which the computer or network is a necessary part of
the crime, these terms are also sometimes used to include traditional crimes, such as fraud, theft,
blackmail, forgery, and embezzlement, in which computers or networks are used. As the use of
computers has grown, computer crime has become more important.

Computer crime can broadly be defined as criminal activity involving an information technology
infrastructure, including illegal access (unauthorized access), illegal interception (by technical
means of non-public transmissions of computer data to, from or within a computer system), data
interference (unauthorized damaging, deletion, deterioration, alteration or suppression of
computer data), systems interference (interfering with the functioning of a computer system by
inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data),
misuse of devices, forgery (ID theft), and electronic fraud.[1]

Computer crime issues have become high-profile, particularly those surrounding hacking,
copyright infringement through warez, child pornography, and child grooming. There are also
problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.

Contents
[hide]

 1 Generally
 2 Specific computer crimes
o 2.1 Spam
o 2.2 Fraud
o 2.3 Obscene or offensive content
o 2.4 Harassment
o 2.5 Drug trafficking
o 2.6 Cyberterrorism
 3 Documented cases
 4 Applicable laws
o 4.1 United States
o 4.2 Canada
o 4.3 United Kingdom
o 4.4 Australia
o 4.5 Malaysia
o 4.6 Pakistan
o 4.7 Singapore
o 4.8 Latin America
o 4.9 Venezuela
 o 4.10 India
o 4.11 Others
 5 External links
o 5.1 Government resources
 6 See also
 7 References

[edit] Generally
Computer crime encompass a broad range of potentially illegal activities. Generally, however, it
may be divided into one of two types of categories: (1) crimes that target computer networks or
devices directly; (2) crimes facilitated by computer networks or devices, the primary target of
which is independent of the computer network or device.

Examples of crimes that primarily target computer networks or devices would include,

 Malware and malicious code

 Denial-of-service attacks
 Computing viruses

Examples of crimes that merely use computer networks or devices would include,

 Cyber stalking
 Fraud and identity theft
 Phishing scams
 Information warfare

A common example is when a person starts to steal information from sites, or cause damage to, a
computer or computer network. This can be entirely virtual in that the information only exists in
digital form, and the damage, while real, has no physical consequence other than the machine
ceases to function. In some legal systems, intangible property cannot be stolen and the damage
must be visible, e.g. as resulting from a blow from a hammer. Where human-centric terminology
is used for crimes relying on natural language skills and innate gullibility, definitions have to be
modified to ensure that fraudulent behavior remains criminal no matter how it is committed.

A computer can be a source of evidence. Even though the computer is not directly used for
criminal purposes, it is an excellent device for record keeping, particularly given the power to
encrypt the data. If this evidence can be obtained and decrypted, it can be of great value to
criminal investigators.

[edit] Specific computer crimes

[edit] Spam
Spam, or the unsolicited sending of bulk email for commercial purposes, is unlawful to varying
degrees. As applied to email, specific anti-spam laws are relatively new, however limits on
unsolicited electronic communications have existed in some forms for some time.[2] ss

[edit] Fraud

Computer fraud is any dishonest misrepresentation of fact intended to induce another to do or

refrain from doing something which causes loss.[citation needed] In this context, the fraud will result in
obtaining a benefit by:

 altering computer input in an unauthorized way. This requires little technical expertise
and is not an uncommon form of theft by employees altering the data before entry or
entering false data, or by entering unauthorized instructions or using unauthorized
processes;
 altering, destroying, suppressing, or stealing output, usually to conceal unauthorized
transactions: this is difficult to detect;
 altering or deleting stored data; or
 altering or misusing existing system tools or software packages, or altering or writing
code for fraudulent purposes. This requires real programming skills and is not common.

Other forms of fraud may be facilitated using computer systems, including bank fraud, identity
theft, extortion, and theft of classified information(Csonka, 2000)

[edit] Obscene or offensive content

The content of websites and other electronic communications may be distasteful, obscene or
offensive for a variety of reasons. In some instances these communications may be illegal.

Many jurisdictions place limits on certain speech and ban racist, blasphemous, politically
subversive, libelous or slanderous, seditious, or inflammatory material that tends to incite hate
crimes.

The extent to which these communications are unlawful varies greatly between countries, and
even within nations. It is a sensitive area in which the courts can become involved in arbitrating
between groups with entrenched beliefs.

[edit] Harassment

Whereas content may be offensive in a non-specific way, harassment directs obscenities and
derogatory comments at specific individuals focusing for example on gender, race, religion,
nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by
sending hate e-mail to interested parties (see cyber bullying, cyber stalking, harassment by
computer, hate crime, Online predator, and stalking). Any comment that may be found
derogatory or offensive is considered harassment.

[edit] Drug trafficking

Drug traffickers are increasingly taking advantage of the Internet to sell their illegal substances
through encrypted e-mail and other Internet Technology. Some drug traffickers arrange deals at
internet cafes, use courier Web sites to track illegal packages of pills, and swap recipes for
amphetamines in restricted-access chat rooms.

The rise in Internet drug trades could also be attributed to the lack of face-to-face
communication. These virtual exchanges allow more intimidated individuals to more
comfortably purchase illegal drugs. The sketchy effects that are often associated with drug trades
are severely minimized and the filtering process that comes with physical interaction fades away.
Furthermore, traditional drug recipes were carefully kept secrets. But with modern computer
technology, this information is now being made available to anyone with computer access.

[edit] Cyberterrorism

Government officials and Information Technology security specialists have documented a

significant increase in Internet problems and server scans since early 2001. There is a growing
concern among federal officials[who?] that such intrusions are part of an organized effort by
cyberterrorists, foreign intelligence services, or other groups to map potential security holes in
critical systems. A cyberterrorist is someone who intimidates or coerces a government or
organization to advance his or her political or social objectives by launching computer-based
attack against computers, network, and the information stored on them.

Cyberterrorism in general, can be defined as an act of terrorism committed through the use of
cyberspace or computer resources (Parker 1983). As such, a simple propaganda in the Internet,
that there will be bomb attacks during the holidays can be considered cyberterrorism. At worst,
cyberterrorists may use the Internet or computer resources to carry out an actual attack. As well
there are also hacking activities directed towards individuals, families, organised by groups
within networks, tending to cause fear among people, demonstrate power, collecting information
relevant for ruining peoples' lives, robberies, blackmailing etc.

[edit] Documented cases

 The Yahoo! website was attacked at 10:30 PST on Monday, 7 February 2000. The attack
lasted three hours. Yahoo was pinged at the rate of one gigabyte/second.
 On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of
illegal access to computers, plus a total of ten counts of mischief to data for his attacks on
Amazon.com, eBay, Dell Computer, Outlaw.net, and Yahoo. MafiaBoy had also attacked
other websites, but prosecutors decided that a total of 66 counts was enough. MafiaBoy
pleaded not guilty.
 About fifty computers at Stanford University, and also computers at the University of
California at Santa Barbara, were amongst the zombie computers sending pings in DDoS
attacks.
 In 26 March 1999, the Melissa worm infected a document on a victim's computer, then
automatically sent that document and copy of the virus via e-mail to other people.
 The first recorded cyber crime took place in the year 1820! That is not surprising considering
the fact that the abacus, which is thought to be the earliest form of a computer, has been
 around since 3500 B.C. in India, Japan and China. The era of modern computers, however,
began with the analytical engine of Charles Babbage.
 In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This
device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted
in a fear amongst Jacquard's employees that their traditional employment and livelihood were
being threatened. They committed acts of sabotage to discourage Jacquard from further use of
the new technology. This is the first recorded cyber crime!

Frequently Used Cyber Crimes

Unauthorized access to computer systems or

This activity is commonly referred to as hacking. The Indian law has however given a different
connotation to the term hacking, so we will not use the term "unauthorized access" interchangeably
with the term "hacking".

Theft of information contained in electronic form

This includes information stored in computer hard disks, removable storage media etc.

Email bombing

Email bombing refers to sending a large number of emails to the victim resulting in the victim's email
account (in case of an individual) or mail servers (in case of a company or an email service provider)
crashing. In one case, a foreigner who had been residing in Simla, India for almost thirty years
wanted to avail of a scheme introduced by the Simla Housing Board to buy land at lower rates. When
he made an application it was rejected on the grounds that the 169 schemes was available only for
citizens of India. He decided to take his revenge. Consequently he sent thousands of mails to the
Simla Housing Board and repeatedly kept sending e-mails till their servers crashed.

Data diddling

This kind of an attack involves altering raw data just before it is processed by a computer and then
changing it back after the processing is completed. Electricity Boards in India have been victims to
data diddling programs inserted when private parties were computerizing their systems.

Salami attacks

These attacks are used for the commission of financial crimes. The key here is to
make the alteration so insignificant that in a single case it would go completely
unnoticed. E.g. a bank employee inserts a program, into the bank's servers, that
deducts a small amount of money (say Rs. 5 a month) from the account of every
customer. No account holder will probably notice this unauthorized debit, but the
bank employee will make a sizable amount of money every month.

To cite an example, an employee of a bank in USA was dismissed from his job.
Disgruntled at having been supposedly mistreated by his employers the man first
introduced a logic bomb into the bank's systems.

Logic bombs are programmes, which are activated on the occurrence of a particular predefined event.
The logic bomb was programmed to take ten cents from all the accounts in the bank and put them
into the account of the person whose name was alphabetically the last in the bank's rosters. Then he
went and opened an account in the name of Ziegler. The amount being withdrawn from each of the
accounts in the bank was so insignificant that neither any of the account holders nor the bank officials
noticed the fault.

It was brought to their notice when a person by the name of Zygler opened his account in that bank.
He was surprised to find a sizable amount of money being transferred into his account every Saturday.

Denial of Service attack

This involves flooding a computer resource with more requests than it can handle. This causes the
resource (e.g. a web server) to crash thereby denying authorized users the service offered by the
resource. Another variation to a typical denial of service attack is known as a Distributed Denial of
Service (DDoS) attack wherein the perpetrators are many and are geographically widespread. It is
very difficult to control such attacks. The attack is initiated by sending excessive demands to the
victim's computer(s), exceeding the limit that the victim's servers can support and making the servers
crash. Denial-of-service attacks have had an impressive history having, in the past, brought down
websites like Amazon, CNN, Yahoo and eBay!

Virus / worm attacks

Viruses are programs that attach themselves to a computer or a file and then circulate themselves to
other files and to other computers on a network. They usually affect the data on a computer, either by
altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They
merely make functional copies of themselves and do this repeatedly till they eat up all the available
space on a computer's memory. 170 The VBS_LOVELETTER virus (better known as the Love Bug or
the ILOVEYOU virus) was reportedly written by a Filipino undergraduate.

In May 2000, this deadly virus beat the Melissa virus hollow - it became the world's most prevalent
virus. It struck one in every five personal computers in the world. When the virus was brought under
check the true magnitude of the losses was incomprehensible. Losses incurred during this virus attack
were pegged at US $ 10 billion.

The original VBS_LOVELETTER utilized the addresses in Microsoft Outlook and emailed itself to those
addresses. The e-mail, which was sent out, had "ILOVEYOU" in its subject line. The attachment file
was named "LOVE-LETTER-FORYOU. TXT.vbs". The subject line and those who had some knowledge of
viruses, did not notice the tiny .vbs extension and believed the file to be a text file conquered people
wary of opening e-mail attachments. The message in the e-mail was "kindly check the attached
LOVELETTER coming from me".

Since the initial outbreak over thirty variants of the virus have been developed many of them following
the original by just a few weeks. In addition, the Love Bug also uses the Internet Relay Chat (IRC) for
its propagation. It e-mails itself to users in the same channel as the infected user. Unlike the Melissa
virus this virus does have a destructive effect. Whereas the Melissa, once installed, merely inserts
some text into the affected documents at a particular instant during the day, VBS_LOVELETTER first
selects certain files and then inserts its own code in lieu of the original data contained in the file. This
way it creates ever-increasing versions of itself. Probably the world's most famous worm was the
Internet worm let loose on the Internet by Robert Morris sometime in 1988. The Internet was, then,
still in its developing years and this worm, which affected thousands of computers, almost brought its
development to a complete halt. It took a team of experts almost three days to get rid of the worm
and in the meantime many of the computers had to be disconnected from the network.

Logic bombs

These are event dependent programs. This implies that these programs are created to do something
only when a certain event (known as a trigger event) occurs. E.g. even some viruses may be termed
logic bombs because they lie dormant all through the year and become active only on a particular date
(like the Chernobyl virus).
Trojan attacks

A Trojan as this program is aptly called, is an unauthorized program which functions from inside what
seems to be an authorized program, thereby concealing what it is actually doing.

There are many simple ways of installing a Trojan in someone's computer. To cite and example, two
friends Rahul and Mukesh (names changed), had a heated argument over one girl, Radha (name
changed) whom they both liked. When the girl, asked to choose, chose Mukesh over Rahul, Rahul
decided to get even. On the 14th of February, he sent Mukesh a spoofed e-card, which appeared to
have come from Radha's mail account. The e-card actually contained a Trojan. As soon as Mukesh
opened the card, the Trojan was installed on his computer. Rahul now had complete control over
Mukesh's computer and proceeded to harass him thoroughly.

Internet time thefts

This connotes the usage by an unauthorized person of the Internet hours paid for by another person.
In a case reported before the enactment of the Information Technology Act, 2000 Colonel Bajwa, a
resident of New Delhi, asked a nearby net café owner to come and set up his Internet connection. For
this purpose, the net café owner needed to know his username and password. After having set up the
connection he went away with knowing the present username and password. He then sold this
information to another net café. One week later Colonel Bajwa found that his Internet hours were
almost over. Out of the 100 hours that he had bought, 94 hours had been used up within the span of
that week. Surprised, he reported the incident to the Delhi police. The police could not believe that
time could be stolen. They were not aware of the concept of time-theft at all. Colonel Bajwa's report
was rejected. He decided to approach The Times of India, New Delhi. They, in turn carried a report
about the inadequacy of the New Delhi Police in handling cyber crimes. The Commissioner of Police,
Delhi then took the case into his own hands and the police under his directions raided and arrested the
net café owner under the charge of theft as defined by the Indian Penal Code. The net café owner
spent several weeks locked up in Tihar jail before being granted bail.

Web jacking

This occurs when someone forcefully takes control of a website (by

cracking the password and later changing it). The actual owner of the
website does not have any more control over what appears on that
website In a recent incident reported in the USA the owner of a hobby
website for children received an e-mail informing her that a group of
hackers had gained control over her website. They demanded a ransom of
1 million dollars from her. The owner, a schoolteacher, did not take the
threat seriously. She felt that it was just a scare tactic and ignored the e-
mail. It was three days later that she came to know, following many
telephone calls from all over the country, that the hackers had web jacked
her website. Subsequently, they had altered a portion of the website
which was entitled 'How to have fun with goldfish'. In all the places where
it had been mentioned, they had replaced the word 'goldfish' with the
word 'piranhas'. Piranhas are tiny but extremely dangerous flesh-eating
fish. Many children had visited the popular website and had believed what
the contents of the website suggested. These unfortunate children
followed the instructions, tried to play with piranhas, which they bought from pet shops, and were
very seriously injured!

Theft of computer system

This type of offence involves the theft of a computer, some part(s) of a computer or a peripheral
attached to the computer.

Physically damaging a computer system

This crime is committed by physically damaging a computer or its peripherals.

Previous Page

An Overview of other cyber related

   
offences.
       
Cyber Crime may be defined in a general way as an unlawful act wherein
the computer is either a tool or a target or both.
     
Cyber Crime can be categorized as:-
             
             
  Unauthorized access Email bombing    
         
  Data diddling Salami attack    
         
  Internet time theft Logic bomb    
         
  Virus / worm attack Trojan attack    
         
Distributed denial of service
  Denial of Service attack    
attack
         
  Email spoofing Cyber pornography    
             
  Intellectual Property Crime Cyber Stalking    
           
             
             
             
  Unauthorized access        
       
Unauthorized access to computer systems or networks means any
  person who secures access or attempts to secure access to a protected    
system.
             
           
             
             
  Email bombing        
       
Email bombing refers to sending a large amount of emails to the victim
  resulting in the victim's email account (in case of an individual) or mail    
server (in case of a company or an email service provider) crashing.
             
             
           
             
  Data diddling        
       
This kind of an attack involves altering the raw data just before it is
  processed by a computer and then changing it back after the processing    
is completed.
             
             
           
             
             
  Salami attack        
       
This attack is used for the commission of financial crimes. The key here
is to make the alteration so insignificant that in a single case it would go
completely unnoticed, e.g. a bank employee inserts a program into the
  bank's servers, that deducts a small amount of money (say Rs.5 a    
month) from the account of every customer. No single account holder
will probably notice this unauthorized debit, but the bank employee will
make a sizable amount of money every month.
             
             
           
             
  Internet time theft        
       
This connotes the usage by an unauthorized person of the Internet hours
  paid for by another person.
   
             
             
           
             
             
  Logic bomb        
       
  This is event dependent program. This implies that this program is    
created to do something only when a certain event (known as a trigger
event) occurs, e.g. some viruses may be termed logic bombs because
 they lie dormant all through the year and become active only on a
particular date (like the Chernobyl virus).
             
             
           
             
  Virus / worm attack        
       
Virus is a program that attach itselves to a computer or a file and then
circulate itselves to other files and to other computers on a network.
They usually affect the data on a computer, either by altering or deleting
  it. Worms, unlike viruses do not need the host to attach themselves to.    
They merely make functional copies of themselves and do this
repeatedly till they eat up all the available space on a computer's
memory.
             
             
           
             
  Trojan attack        
       
A Trojan, the program is aptly called an unauthorized program which
  functions from inside what seems to be an authorized program, thereby    
concealing what it is actually doing.
             
             
           
             
  Denial of service attack        
       
This involves flooding a computer resource with more requests than it
  can handle. This causes the resource (e.g. a web server) to crash    
thereby denying authorized users the service offered by the resource.
             
             
           
             
  Distributed denial of Service attack        
       
This is a denial of service attack wherein the perpetrators are many and
  are geographically widespread. It is very difficult to control such attacks.
   
             
             
           
             
  Cyber pornography        
       
This would include pornographic websites; pornographic magazines
produced using computers (to publish and print the material) and the
  Internet (to download and transmit pornographic pictures, photos,
   
writings etc.)
             
             
           
             
  Email spoofing        
       
A spoofed email is one that appears to originate from one source but
  actually has been sent from another source.
   
             
             
           
             
  Intellectual Property Crime        
       
This includes software piracy, copyright. infringement, trademarks
  violations etc.
   
             
             
           
             
  Cyber Stalking        
       
The Oxford dictionary defines stalking as "pursuing stealthily". Cyber
stalking involves following a person's movements across the Internet by
  posting messages (sometimes threatening) on the bulletin boards    
frequented by the victim, entering the chat-rooms frequented by the
victim, constantly bombarding the victim with emails etc.
             
         
E - SECURITY TIPS for -

 CHILDREN :

Do not give out identifying

information such as Name, Home
address, School Name or Telephone
Number in a chat room. Do not send
your photograph to anyone on the
Net without first checking with your
parents or guardians. Do not respond
to messages or bulletin board items
that are suggestive, obscene,
belligerent or threatening. Never
arrange a face-to-face meeting
without telling parents or guardians.
Remember that people online may
not be who they seem to be.
     
 PARENTS :
   
Use content filtering softwares on
your PC to protect children from
  pornography, gambling, hate speech,
 
drugs and alcohol.
     
There is also software to establish
time controls for individual users (for
example blocking usage after a
particular time at night) and log
  surfing activities allowing parents to
 
see which site the child has visited.
Use this software to keep track of the
activities of your children.
     
  GENERAL INFORMATION :  
     
 Don't delete harmful
communications (emails, chat
logs, posts etc). These may
  help provide vital information 
about the identity of the
person behind these.

 Try not to panic.

   
 If you feel any immediate
physical danger of bodily harm,
  call your local police.  

 Avoid getting into huge

arguments online during chat
  or discussions with other 
users.

   Remember that all other 

internet users are strangers.
You do not know who you are
chatting with. So be careful
 and polite.

 Be extremely careful about

how you share personal
  information about yourself 
online.

 Choose your chatting nickname

carefully so as not to offend
  others.  

 Do not share personal

information in public spaces
anywhere online, do not give it
to strangers, including in e-
mail or chat rooms. Do not use
your real name or nickname as
  your screen name or user ID. 
Pick a name that is gender and
age neutral. And do not post
personal information as part of
any user profile.

 Be extremely cautious about

meeting online acquaintances
in person. If you choose to
  meet, do so in a public place  
and take along a friend.

 Make sure that your ISP and

Internet Relay Chart (IRC)
network have an acceptable
use policy that prohibits cyber-
stalking. And if your network
  fails to respond to your 
complaints, consider switching
to a provider that is more
responsive to user complaints.

 If a situation online becomes

hostile, log off or surf
elsewhere. If a situation places
  you in fear, contact a local law 
enforcement agency.

 Save all communications for

evidence. Do not edit or alter
them in any way. Also, keep a
record of your contacts with
Internet System
Administrators or Law
 Enforcement Officials.

Suggestions for better security

 
 Use strong passwords. Choose
passwords that are difficult or
impossible to guess. Give
different passwords to all other
accounts.

 Make regular back-up of

critical data. Back-up must be
made atleast once in each day.
Larger organizations should
perform a full back-up weekly
and incremental back-up every
day. Atleast once in a month
the back-up media should be
verified.

 Use virus protection software.

That means three things:
having it on your computer in
the first place, checking daily
for new virus signature
updates, and then actually
scanning all the files on your
computer periodically.

 Use a firewall as a gatekeeper

between your computer and
the Internet. Firewalls are
usually software products.
They are essential for those
who keep their computers
online through the popular DSL
and cable modem connections
but they are also valuable for
those who still dial in.

 Do not keep computers online

when not in use. Either shut
them off or physically
disconnect them from Internet
connection.

 Do not open e-mail

attachments from strangers,
 regardless of how enticing the
subject line or attachment may
be. Be suspicious of any
unexpected e-mail attachment
from someone you do know
because it may have been sent
without that person’s
knowledge from an infected
machine.

 Regularly download security

patches from your software
vendors.

Fraud
Computer fraud refers to the fallacious misrepresentation of fact conveyed with an intention of inducing another to do or refrain from
doing something that will ultimately lead to some major kind of loss.

Obscene or Offensive Content

The contents of some of the websites and other electronic communications over the net can be really distasteful, obscene or
offensive for a variety of reasons. In many countries such communications are considered illegal. It can be very troubling if your
children are exposed to adult content.

Harassment
This cyber crime encompasses all the obscenities and derogatory comments directed towards a specific individual or individuals
focusing for example on gender, race, religion, nationality, and sexual orientation. Harassment is the cybercrime most commonly
encountered in chat rooms or through newsgroups.

Drug Trafficking
Drug traffickers use the Internet as a medium for trading their illegal substances by sending out enciphered e-mail and other Internet
Technology. Most of the drug traffickers can be found arranging their illegal deals at internet cafes, using courier websites for the
delivery of illegal packages containing drugs, and sharing formulas for amphetamines in restricted-access chat rooms.

Cyber Terrorism
Due to the increase in cyber terrorism, the hacking into official websites or the crashing of official websites, government officials and
Information Technology security specialists have recently begun a significant increase their mapping of potential security holes in
critical systems in order to better protect information sensitive sites.

Common Sources of Cybercrime

Researchers at Sophos Labs claim to have created a language software that can figure out the host country of malicious software
by tracing the default language of the computer on which it was programmed. According to their analysis of the default language
linked up with about 19,000 samples at the end of last year, Americans and other non-British English speakers, surprisingly,
produced a large proportion of malware. China produced 30%, Brazil with 14.2% and Russia produced 4.1% of the world's
malware.