Sunday, 26 January 2014

CYBER LAW EDUCATION

Cyber law education:

Cyber law education in India is an important part of techno legal education. Techno legal e-learning courses in India are fast gaining interest among various professionals. However, techno legal course are not easy to understand and they are really tough to teach.

There are very few institutions in the world that are providing techno legal courses and education .even lesser are those that are providing techno legal e-learning course. The importance of online cyber law education in India is evident from this gap between the demand and supply.

Cyber security and organizational implications

As organization’s increasingly link more and more of their operational process to their cyber infrastructure, effective cyber security is key to an organizations ability to protect its assets, including its reputation, intellectual property, staff and customer’s. Many companies believe that their investment in sophisticated technical solutions mean that are well protected from cyber-attacks. However this is only one part of an effective defense.


CYBER CRIME AND PUNISHMENTS

Cyber crime and punishments

Under information technology act, 2008, section 66-cand section 419 of Indian penal code, 1860 also applicable. Identity theft offence is cognizable, bail able, compoundable with permission of the court before which the prosecution of such offence is pending and tribal by any magistrate.

Law and punishment for hacking

For data theft:-

Under information technology act, 2008, section 43(b) read with section 66 is applicable and under section 379, 405, &420 of Indian penal code, 1860 also applicable. Data theft offence is cognizable, bail able, compoundable with permission of the court before which the prosecution of such offence is pending and tribal by any magistrate.

For virus spreading:-

Under information technology act, 2008, section 43(c) &43(e) read with section 66 is applicable and under section 268 of Indian penal code, 1860 also applicable. Spreading of virus offence is cognizable, bail able, compoundable.    


CYBER LAW

Cyber law

Cyber law is a term used to describe the legal issues related to use of communication technology ,particularly “cyberspace”.i.e. the internet.it is less of a distinct field of law in the way that property or contract are, as it is an intersection of many legal fields ,including intellectual property, privacy, freedom of expression ,and jurisdiction. In essence, cyber law is an attempt to apply laws designed for the physical world ,to human activity on the internet. In India ,the it act ,2000 ac amended by the it act,2008 is known as the cyber law. It has a separate chapter 11 entitled “offence” in which various cyber crimes have been declared as penal offences punishable with imprisonment and fine.

Importance of cyber law


Cyber law is important because it touches almost all aspects of transition and activities on and concerning the internet,the world wide web and cyber space. Initially it may seem that cyber laws is a very technical field and that it does not have any bearing to most activities in cyberspace. But the actual truth is that noting could be future than the truth .whether we realize it or not ,every action and every reaction in cyberspace has some legal and cyber legal perspectives

Cyber law awareness program:
  • The basic of internet security
  • Basic information on Indian cyber law
  • Impact of technology aided crime
  • Indian it act on covering the legal aspects of all online activities
  • Types of internet  polices required for an  organization .

Advantages of cyber law

The it act  2000 attempts to change out dated laws and  provides ways to deal wit cyber crimes .We need such laws so that people can perform purchases  transaction over the net through  credit card without fear  of miss use .The act offers the much –needed legal  framework so that information is not denied legal effect,validity or enforce ability ,solely on the ground that it is in the form of electronic records.

KEYLOGGERS

Key loggers


Key loggers capture keystrokes on a compromised system. A key logger is a hard ware device or a software program that records the real time activity of a computer user including the keyboard keys they press .it is used in IT organization to troubleshoot technical problems with computers and business networks. Key loggers can also be used by family to monitor the network usage of people without their direct knowledge. Finally, malicious individuals may use key loggers on public computers to steal passwords or credit card information.
A key logger is a type of surveillance software (considered to be either software or spyware) that has the capability to record every keystroke you make to a log file, usually encrypted. A key logger recorder can record instant messagese-mail, and any information you type at any time using your keyboard. The log file created by the keylogger can then be sent to a specified receiver. Some key logger programs will also record any e-mail addresses you use and Web site URLs you visit.

Saturday, 25 January 2014

PASSWORD CRACKING

Password cracking


In computer security, password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system .a common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password, to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crack able passwords on a file by file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular files access is restricted.

IDENTITY THEFT

Identity theft

Identity theft occurs when someone uses your personally identifying information, like your name, social security number, or credit card number, without your permission, to commit fraud or other crimes.

For identity, this information is as good as gold .skilled identity thieves may use a variety of methods such as old –fashion stealing ,skimming ,phishing, or dumpster diving to get hold of your information .once they have your personal information ,identity thieves use it in a variety of ways ,for instance credit card fraud ,bank/account fraud ,or government document fraud.

Identity fraud

Identity fraud can be described as the use of that stolen identity in criminal activity to obtain goods or services by deception.
Fraudsters can use your identity details to:
  • open bank accounts
  • obtain credit cards, loans and state benefits
  • order goods in your name
  • take over your existing accounts
  • take out mobile phone contracts
  • obtain genuine documents such as passports and driving licences in your name.
Stealing an individual’s identity details does not, on its own, constitute identity fraud. But using that identity for any of the above activities does.

The first you know of it may be when you receive bills or invoices for things you haven’t ordered, or when you receive letters from debt collectors for debts that aren’t yours.

Protect yourself against identity fraud
  • Don’t throw out anything with your name, address or financial details without shredding it first.
  • If you receive an unsolicited email or phone call from what appears to be your bank or building society asking for your security details, never reveal your full password, login details or account numbers. Be aware that a bank will never ask for your PIN or for a whole security number or password.
  • If you are concerned about the source of a call, ask the caller to give you a main switchboard number for you to call them back on. Alternatively, hang up and call your bank back on the legitimate phone number printed on your bank statements.
  • Check your statements carefully and report anything suspicious to the bank or financial service provider concerned.
  • Don’t leave things like bills lying around for others to look at.
  • If you’re expecting a bank or credit card statement and it doesn’t arrive, tell your bank or credit card company.
  • If you move house, ask Royal Mail to redirect your post for at least a year.
  • The three credit reference agencies offer a credit report checking service to alert you to any key changes on your credit file that could indicate potential fraudulent activity. • Callcredit • Equifax • Experian
  • It is particularly helpful to check your personal credit file 2-3 months after you have moved house.

Friday, 24 January 2014

PASSWORD SNIFFING

Password Sniffing


Password sniffing is a technique for harvesting passwords that involves monitoring traffic on a network to pull out information. Software to do this automatically is available from several companies and people also can do it manually or write their own software for a specific purpose. While not always malicious in intent, it can be a security threat and there are steps that can be taken to protect a network from sniffing.

If a hacker can't guess your password, there are other ways he/she can try to get it. One way which has become very popular is called ``password sniffing''.It turns out that most networks use what's known as ``broadcast'' technology. What that means is that every message that a computer on the network transmits can be read by any other computer on that network. In practice, all the computers except the recipient of the message will notice that the message is not meant for them, and ignore it.

However, many computers can be programmed to look at every message on the network. If one does this, one can look at message which are not intended for you.Hackers have programs which do this, and then scan all the messages which traverse a network looking for passwords. If you login to a computer across a network, and some computer on the network you use has been compromised this way, you may end up giving your password to the attacker.Using this technique, hackers who've broken into computers which are on heavily used networks have collected thousands of passwords.This is a serious threat to users who login to our computers from remote sites. If you login on the console of a computer, your password never crosses a network where it can be sniffed. But if you login from some other school, or from an internet service provider, you are dependent on the security of their network.