CYBER SAFETY AND

SECURITY

Name: Sneha Das Mandal

Class: XII Section: B
Roll No.:31
 CONTENTS:
● What is Cyber Crime?
● Types of Cyber Crime
● Cyber Crime laws in India
● Cyber attacks in India
● Basic Steps to Cyber Safety and Security
 What is Cyber Crime?
Cybercrime is any criminal activity that involves a computer,
networked device or a network. While most cybercrimes are
carried out in order to generate profit for the cybercriminals, some
cybercrimes are carried out against computers or devices directly
to damage or disable them. Others use computers or networks to
spread malware, illegal information, images or other materials.
Cybercrime is divided into three categories:
● crimes in which the computing device is the target -- for
example, to gain network access;
● crimes in which the computer is used as a weapon -- for
example, to launch a denial-of-service (DoS) attack; and
● crimes in which the computer is used as an accessory to a
crime -- for example, using a computer to store illegally
obtained data.
 Types of Cyber Crime
Property: This is similar to a real-life instance of a criminal illegally
possessing an individual’s bank or credit card details. The hacker steals a
person’s bank details to gain access to funds, make purchases online or
run phishing scams to get people to give away their information. They
could also use a malicious software to gain access to a web page with
confidential information.
Individual: This category of cybercrime involves one individual
distributing malicious or illegal information online. This can include
cyberstalking, distributing pornography and trafficking.
Government: This is the least common cybercrime, but is the most
serious offense. A crime against the government is also known as cyber
terrorism. Government cybercrime includes hacking government websites,
military websites or distributing propaganda. These criminals are usually
terrorists or enemy governments of other nations.
 Laws against Cyber Crime
●
SECTION 66: Using password of another person- If a person fraudulently
uses the password, digital signature or other unique identification of another
person, he/she can face imprisonment up to 3 years or/and a fine of 1 Lakh
INR.
●
SECTION 66D: Cheating using computer resource- If a person cheats
someone using a computer resource or a communication device, he/she could
face imprisonment up to 3 years or/and fine up to 1 Lakh INR
● Section 66E: Publishing peivate images of others- If a person captures,
transmits or publishes images of a person’s private parts without his/her
consent or knowledge, the person is entitled to imprisonment up to 3 years of
fine up to 2 Lakhs INR or both
● Section 66F: Acts of Cyber Terrorsim- A person can face life imprisonment
if he/she denies an authorized person the access to the computer resource or
attempts to penetrate/access a computer resource without authorization, with
an aim to threaten the unity, integrity, security or sovereignty of the nation.
This is a non-bailable offence.
Section 67: Publishing Child Porn or predating children
online- If a person captures, publishes or transmits images of
a child in a sexually explicit act or induces anyone under the
age of 18 into a sexual act, then the person can face
imprisonment up to 7 years or fine up to 10 lakhs INR or both
Section 69 : Govt.'s Power to block websites- If the
government feel it necessary in the interest of sovereignty
and integrity of India, it can intercept, monitor or decrypt any
information generated, transmitted, received or stored in any
computer resource. The power is subject to compliance of
procedure. Under section 69A, the central government can
also block any information from public access.
Section 43A : Data protection at Corporate level- If a body
corporate is negligent in implementing reasonable security
practices which causes wrongful loss or gain to any person,
such body corporate shall be liable to pay damages to the
affection person.
 Cyber attacks in India
● Recently, the servers of Delhi AIIMS were compromised due to a
ransomware cyber-attack. The personal data of millions of patients in the
top premier medical institute is at risk after a ransomware attack on its
servers.
● In February 2022, Air India experienced a major cyberattack that
compromised approximately 4.5 million customer records. Passport,
ticket, and some credit card information were compromised.
● In 2020, approximately 82% of Indian companies suffered ransomware
attacks.
● In 2021, A high-profile India-based payment company, Juspay, suffered a
data breach impacting 35 million customers. This breach is very
noteworthy because Juspay handles payments for online marketplaces,
including Amazon and other big players.
●
In May 2017, the top five cities in India (Kolkata, Delhi, Bhubaneswar,
Pune, and Mumbai) got impacted due to the WannaCry ransomware
attack.
4. Managing user privileges: If users are provided with unnecessary system
privileges or data access rights, then the risk of misuse or compromise is
increased. All users should be provided with a reasonable (but minimal)
level of system privileges and rights needed for their role. The granting of
highly elevated system privileges should be carefully controlled and
managed. This principle is sometimes referred to as ‘least privilege’.
5. User education and awareness: Users have a critical role to play in their
organisation’s security. It is important to educate staff on the potential
cyber risks, to ensure users can do their job as well as help keep the
organisation secure.
6. Incident management: All organisations will experience security
incidents at some point. Investment in creating effective incident
management policies and processes will help to improve resilience, support
business continuity, improve customer and stakeholder confidence and
potentially reduce any impact.
7. Malware prevention: Malicious software, is a term to cover any code or
content that could have a malicious, undesirable impact on systems. Any
exchange of information carries with it a degree of risk that malware might
be exchanged, this could seriously impact your systems and services. The
risk may be reduced by developing and implementing appropriate anti-
malware policies.
8. Monitoring: System monitoring aims to detect actual or attempted attacks
on systems and business services. In addition, monitoring to ensure that
systems are being used appropriately in accordance with organisational
policies. Monitoring is often a key capability needed to comply with legal
or regulatory requirements.
9. Removable media controls: Produce a policy to control all access to
removable media. Limit media types and use. Scan all media for malware
before importing onto the corporate system.
10. Home and mobile working: Mobile working and remote system access
offers great benefits, but exposes new risks that need to be managed. Risk
based policies and procedures that support mobile working or remote
access to systems that are relevant to users, as well as service providers
should be created.
GRAPH DEMONTRSATING
RATE OF CYBER CRIME
THANK YOU