The internet is being increasingly used to harass, intimidate and steal, leaving individuals and organisations bereft of money and self-respect. The government would do well to pay heed to these
~By Sunil Saxena
Cyber crime can be categorised under two heads: one, where a computer is used as a weapon to commit real world crimes; two, where it is used to attack another computer or a bank of computers.
In the first scenario, the sole objective of the crime is to steal sensitive information through trickery, and then use the same information to make financial gains. Cyber criminals also use the internet to harass and intimidate women as well as indulge in child abuse. The crimes that fall under this head are:
Identity theft: Identity theft is one of the biggest threats that an individual faces to-day. It can happen when cyber thieves steal your personal information or trick you into sharing personal details. This may include obtaining your name, father’s name, date of birth, address, credit card numbers, bank account numbers, etc. The details are pieced together to create a matching identity, which the thieves then use to get access to your bank account and withdraw money, secure government benefits such as loans in your name or take control of your credit card by changing your address without your knowledge. They even impersonate you on social media, causing embarrassment.
Phishing: Phishing is a homonym for fishing, and its objective is to trick a web user to unknowingly furnish valuable financial information. The phishing attacks are primarily carried out through smartly crafted e-mails. These appear to have been sent by the recipient’s bank, credit card company or even someone trustworthy.
The goal is to trick the recipient to click on the company’s “official” email link. The “official” link, however, takes the recipient to a fake website, where the user without realising enters his credit card number, password, etc.
Smart cyber thieves scour social media sites to get personal information about the potential victim. This may include children’s names, schools they go to, etc. The phishing e-mail can come from the “school” asking the victim to furnish bank account details for fee purposes. Such tricks always create extra trust and fool the victim completely.
Phishing attacks are nothing short of a malicious internet epidemic. Worried Indian banks constantly educate their customers through e-mails, SMS messages and newspaper and television ads that they do not collect personal financial information. Yet, there are scores of gullible Indians who, even today, fall for this cyber trickery.
Spam for gain: This is the classic case of cyber crime where scamsters take advantage of human greed and gullibility. They flood email boxes with enticing offers. These include mails informing recipients that they have won a lottery, have been selected for free airline travel or have inherited a huge fortune from an unknown benefactor. The offers are meant to tempt recipients to share their credit card number, bank account details or pay a fee to receive the unexpected bonanza. Those who do so inevitably end up as victims. They never hear from the scamsters again.
Union Minister of Electronics and Information Technology Ravi Shankar Prasad recently appealed to Google to work on strengthening cyber security systems in India and try and tailor products according to the needs of Indians. He made the request at a Google event in Delhi in the presence of its CEO Sundar Pichai. The event saw Google launching a training programme to help small and medium enterprises in India to understand how online systems work and use the internet for furthering their businesses. The training is through videos. Classroom training sessions will also be held. Google has also planned 5,000 workshops in four cities across India. An app called Primer is also being developed and will be available on both Android and iOS and rolled out in English and other Indian languages.
Cyber stalking: Cyber-stalking, very much like real world stalking, arises out of an individual’s desire to control another person’s life. Cyber-stalkers take advantage of the anonymity that the net provides to harass victims, mostly women, by sending intimidating mails or making malicious postings. These stalkers go to extreme lengths to harass their victims, often threatening to post or even posting their pictures or telephone numbers or messages on dating or sex-services sites. The victim is then flooded with unsolicited calls and extreme embarrassment. Some women make the job of cyber-stalkers easy by posting personal information or revealing photographs on social media sites.
The cyber-stalkers use this information to first befriend such women and then harass them. However, all cyber-stalkers are not strangers. There are some who use the anonymity of the internet to settle scores with women they have known and against whom they carry a grudge.
Worried Indian banks constantly educate their customers through e-mails, SMSmessages and newspaper and television ads that they do not collect personal financial information. Yet, there are scores of gullible Indians who, even today, fall for this cyber trickery.
Child soliciting and abuse: This is another area of concern. Young and adolescent children are especially vulnerable to soliciting and abuse on the net. They are often trapped into indiscretions by cyber criminals who strike up close relationships with them by making the child believe that they are talking to another child or a trusted friend who has his or her interests at heart. These sex offenders cleverly set up one-to-one conversations, first on the net and then, offline. Their goal is to win the child’s trust and arrange a real life meeting. And most of these sex offenders are adult males.
Let’s now come to the second scenario when a computer is used to attack another computer. These crimes are largely computer break-ins and can cause harm to both individuals and organisations, not to forget governments. They include:
Hacking: Hacking is akin to burglary. The hacker, who may be living in any part of the world, uses internet connectivity to break into your computer and steal sensitive information such as personal data, passwords, bank account numbers, etc.
However, hacking is not limited to spying or stealing information from computers owned by individuals. Hackers also target organisations that store sensitive or commercially valuable information. Web servers used by financial institutions, such as banks or credit card companies, are a prime target. Servers of social media sites and email providers that store millions of passwords are another important target. E-commerce sites where buyers store credit card numbers, addresses, phone numbers, etc, are equally high on hackers’ list. The goal is to steal information for financial gain.
Another major target of hackers is websites owned by governments, political parties and celebrities. Hackers break into these sites to cause embarrassment and get media attention. They deface these sites, pasting messages that are politically explosive.
There is also a new breed of hackers who are state-sponsored. The stealing, and subsequent leakage, of information related to US presidential candidate Hillary Clinton is one such example. The Pakistan government is said to be behind hacking of several Indian government websites. There is fear that state-sponsored hackers can be used in future to target military installations, power plants, air traffic control, banks, telecommunication networks, etc.
Malware: From the start, the internet has been plagued by different kinds of malware or malicious software that is used to gain control of individual computers, steal information, send out spam mails or even serve ads. Malware, which is an acronym for malicious software, includes viruses, worms, spyware or Trojans and are used to cause damage to computers. It is distributed through infected emails, compromised websites and sometimes, even advertisements.
Denial-of-service attacks: In such attacks, cyber criminals not only target your computer, but also your network. The result is that you are unable to access your email, online accounts, websites, etc, because the attackers flood the network with requests. The web servers are overloaded and can’t service your request. That is why this cyber attack is called denial of service attack.
Cyber attackers can even take control of your system and force it to spew a huge number of requests to a website. The hapless website is then literally submerged in a stream of messages that the attackers re-lease from hundreds of computers. Such targeting—which brings down websites or networks—is called distributed denial-of-service attack.
—The writer is Dean, School of Communication, GD Goenka University
Lead Illustration: Anthony Lawrence