New age Cyber Crimes : 2016

New Age Cyber Crimes : 2016

New trends in cybercrime are emerging all the time, with estimated costs to the global economy running to billions of dollars.

In the past, cybercrime was committed mainly by individuals or small groups. Today, we are seeing highly complex cybercriminal networks bring together individuals from across the globe in real time to commit crimes on an unprecedented scale.

Criminal organizations turning increasingly to the Internet to facilitate their activities and maximize their profit in the shortest time. The crimes themselves are not necessarily new – such as theft, fraud, illegal gambling, sale of fake medicines – but they are evolving in line with the opportunities presented online and therefore becoming more widespread and damaging.

Identity theft

Identity theft and fraud is one of the most common types of cybercrime. The term Identity Theft is used, when a person purports to be some other person, with a view to creating a fraud for financial gains. When this is done online on the Internet, its is called Online Identity Theft. The most common source to steal identity information of others, are data breaches affecting government or federal websites. It can be data breaches of private websites too, that contain important information such as – credit card information, address, email ID’s, etc.

Ransomware

Ransomware enters your computer network and encrypts your files using public-key encryption, and unlike other malware this encryption key remains on the cyber criminals server. Attacked users are then asked to pay huge ransoms to receive this private key via Bit Coins.

DDoS attacks

DDoS attacks are used to make an online service unavailable and bring it down, by bombarding or overwhelming it with traffic from multiple locations and sources. Large networks of infected computers, called Botnets are developed by planting malware on the victim computers. The idea is normally to draw attention to the DDOS attack, and allow the hacker to hack into a system. Extortion and blackmail could be the other motivations.

Botnets

Botnets are networks of compromised computers, controlled by remote attackers in order to perform such illicit tasks as sending spam or attacking other computers.  Computer Bots can also be used act like malware and carry out malicious tasks. Then can be used to assemble a network of computers and then compromise them.

Up to now, most botnets have been assembled by constantly roaming the internet probing for PCs that are unprotected. When a vulnerable machine is discovered, it is infected with malware that lies there undetected, awaiting the command to start pinging the site that has been chosen for an attack. For the more sophisticated cybercriminal, though, this way of doing things is beginning to look obsolete. The PC market has peaked, so zombie machines will become rarer and existing PCs tend to be better managed and protected from intrusion than they used to be. We are getting to the point, in other words, where PC-based botnets are soyesterday.

So where is the smart online criminal going to go next? Obligingly, the tech industry has provided him with the capability to assemble even bigger botnets with much less effort. The new magic ingredient is the IOT internet of things – small, networked devices that are wide open to penetration. The attacks will come from large numbers of enslaved devices – routers, cameras, networked TVs and the like. 

Spam and Phishing

Spamming and phishing are two very common forms of cybercrimes. There is not much you can do to control them. Spam is basically unwanted emails and messages. They use Spambots.  Phishing is a method where cyber criminals offer a bait so that you take it and give out the information they want. The bait can be in form of a business proposal, announcement of a lottery to which you never subscribed, and anything that promises you money for nothing or a small favor. There are online loans companies too, making claims that you can get insecure loans irrespective of your location. Doing business with such claims, you are sure to suffer both financially and mentally. 

Phishing has its variants too – notably among them are Tabnapping, Tabjacking, Vishing & Smishing.   Such spamming and phishing attempts are mostly emails sent by random people whom you did not ever hear of. You should stay away from any such offers especially when you feel that the offer is too good. Do not get into any kind of agreements that promise something too good to be true. In most cases, they are fake offers aiming to get your information and to get your money directly or indirectly.

Social Engineering

Social engineering is a method where the cyber criminals make a direct contact with you using emails or phones – mostly the latter. They try to gain your confidence and once they succeed at it, they get the information they need. This information can be about you, your money, your company where you work or anything that can be of interest to the cyber criminals.

It is easy to find out basic information about people from the Internet. Using this information as the base, the cyber criminals try to befriend you and once they succeed, they will disappear, leaving you prone to different financial injuries directly and indirectly. They can sell the information obtained by you or use it to secure things like loans in your name. The latter case is of Identity theft. You should be very careful when dealing with strangers – both on phone and on the Internet.

Malvertising

Malvertising is a method whereby users download malicious code by simply clicking at some advertisement on any website that is infected. In most cases, the websites are innocent. It is the cyber criminals who insert malicious advertisements on the websites without the knowledge of the latter. It is the work of advert companies to check out if an advertisement is malicious but given the number of advertisements they have to deal with, the malverts easily pass off as genuine ads.

In other cases, the cyber criminals show clean ads for a period of time and then replace it with malverts so that the websites and advertisements do not suspect. They display the malverts for a while and remove it from the site after meeting their targets. All this is so fast that the website does not even know they were used as a tool for cybercrime. Malvertising is one of the fastest, increasing types of cybercrime.

PUPs

PUPs, commonly known as  Potentially Unwanted Programs are less harmful but more annoying malware. It installs unwanted software in your system including search agents and toolbars. They include spyware, adware, as well as dialers. Bitcoin miner was one of the most commonly noticed PUPs in 2013.

Drive-By-Downloads

Drive By Downloads too, come close to malvertising. You visit a website and it triggers a download of malicious code to your computer. These computers are then used to aggregate data and to manipulate other computers as well.

The websites may or may not know that they have been compromised. Mostly, the cyber criminals use vulnerable software such as Java and Adobe Flash and Microsoft Silverlight to inject malicious codes as soon as a browser visits the infected website. The user does not even know that there is a download in progress.

Remote Administration Tools

Remote Administration Tools are used to carry out illegal activities. It can be used to control the computer using shell commands, steal files/data, send location of the computer to a remote controlling device and more.

Exploit Kits

A vulnerability means some problem in the coding of a software that enables cyber criminals to gain control of your computer. There are ready to use tools (exploit kits) in the Internet market which people can buy and use it against you. These exploit kits are upgraded just like normal software. Only difference is these are illegal. They are available mostly in hacking forums as well as on the Darknet.

Scams

Notable among Internet scams are (IRS Scams, Insurance Scams, Matrimonial website scams, Techsupport Scams), scams which misuse the Microsoft name and other general tech support scams. Scamsters phone computer users randomly and offer to fix their computer for a fee. Every single day, scores of innocent people are trapped by scam artists into Online Tech Support Scams and forced to shell out hundreds of dollars for non-existent computer problems. 

People should note that employees involved in call centre scams are prosecutable under Section 66(C) & (D) of The IT Act,2000 as well sections of IPC involving Extortion and Cheating are also applied which are non-bailable offences, currently employees working in Mira Road IRS call centre Scam fraud are in jail without bail from last 15 days.

What is SIPRnet?

What is SIPRnet?

SIPRNet, or Secret Internet Protocol Router Network, is a global United States military network system used for transmitting classified information, intelligence, targets, and messages at the secret level.

SIPRnet support the various system such as the Global command systems and defense messaging system and also some other important planning documents over the secure path. it is based on the some method that are use for ordinary internet access but the main difference is that it has some dedicated path lines that are not seen in other communication systems. These lines are responsible for managing the secure communication with highly authenticated user access. 
In other words, SIPRNet is completely parallel Internet, uses the same communications procedures and has been kept separate from the ordinary civilian Internet.

Approximately 3 Million people with secret clearances have access to SIPRNet, which includes Pentagon and military officials, Intelligence agencies, FBI, as well as diplomats in US embassies all around the World.

Registration procedure applied is quite lengthy. all the linked users need to be properly registered with full fledged records in internal data sheets and all the passwords must be changed and must be updated after every 150 days otherwise access will be not granted to the users. password less than 10 characters are to acceptable d they must be the combination of alphanumeric sequences and Capital sequences but now more strict rules  are applied which include passwords of 10 characters with at least two numbers, two letters in lower case., tow letters in upper case and two specials characters. Although special characters are not allowed to be a password in of the systems other than SIPRnet. During the consistent access users are not allowed to leave the system at once or unattended.Some other strict habits involved the use of fixed secondary stage media in which a hard rives can’t be removed to make sure the Secrecy level of data by assuring the single location storage. this require proper marking of the hardware storage during the registration procedure. Use of the improper storage media such as floppy, compact disks and memory stacks results in violation of the strict rules that may cause 5 month prison. Improved technologies have made it easier for the SIPRnet to locate the safest form of data storage devices fro instance device like PDA personal digital assistants, Memory watches sand key chain drives, these device can’t be the classified type by h SIPRnet. This is the main reason that these device are not allowed din the section with infra red detection o classified items. For the computer systems that are installed for processing the classified information it is recommended that they should not use port beaming capability.

What is Solvency Certificate ? How to obtain it?

Solvency Certificate

Introduction : The solvency certificate is required for seeking admission in Govt. Medical and st1:place>Engineering Colleges. It is also required for Court matters, like obtaining bails. The certificate is required as a document of surety by various Govt. and semi-Govt. offices. The solvency certificate is issued on the basis of the documents showing ownership of flats/lands in Mumbai City.

    Under What Act/Rules/Govt. orders the Certificate is issued : Govt. of Maharashtra, Revenue and Forests Deptt. Letter No.MMC/1072/196859/G-2/ dt. 2.11.72

    Whom to apply : Collector of Mumbai City (Survey Branch),Old Custom House, Shahid Bhagatsingh Marg, Fort, Mumbai 400 001.

    How to apply :Application to be made in the prescribed form Affix Court Fee Stamp of Rs.5/- on the application

    What documents to attach : Xerox copy of Agreement of ownership Flats/shops situated in Mumbai City District duly attested

        In case of flat :

            a) Xerox copy of share certificate issued by the society

            b)Societies letter stating that:

                The flat is free from all incumbrances

                The flat is on ownership basis

                Area of the flat in sq.ft./sq.mtr

                Duration of stay of member

                The flat is free from litigations & incumbrances

            Xerox copy of Ration Card/Telephone Bill/Electricity Bill

            Affidavit on Rs.20/- stamp paper stating that :

                The flat is free from all incumbrances attachment, acquisition, mortgage etc.

                Area of the flat in sq.ft./sq.mtr

                The flat is free from litigations

        In case of land:

            a) Xerox copy of conveyance deed duly attested

            b) Xerox copy of assessment bill

            c) Affidavit on stamp paper of Rs.20, stating that:

                i)The land is free from all incumbrances, attachment, acquisition, mortgage etc.

                ii) No litigation is pending in Court of law

                iii) C.S. No., Revenue Division and area of the land

    Where to submit the Application - Single window, Ground floor, Old Custom House

    Time limit within which the certificate will be delivered - 7 days

    Complaint Redressal authority - Collector office Mumbai City

What are pre-conditions for leading secondary evidence?

What are pre-conditions for leading secondary evidence?

 In so far as the question of law formulated by this Court i.e. 'whether under Section 65 of the Indian Evidence Act, 1872, secondary evidence in the form of oral evidence can be led or considered to prove the contents of the document allegedly lost' is concerned, in my view, before allowing production of secondary evidence, it must be established that the original document is lost or destroyed or is being deliberately withheld by the party. Supreme Court in the case of Rakesh Mohindra Vs.Anita Beri and Ors., reported in 2016 ALL SCR 1 has held that the party who seeks to lead secondary evidence has to lay down the factual foundation to establish the right to give secondary evidence where the original document cannot be produced. It is held that neither mere admission of a document in evidence amounts to its proof nor mere making of an exhibit of a document dispenses with its proof, which is otherwise required to be done in accordance with law.

79. It is held by the Supreme Court that the pre-conditions for leading secondary evidence are that such original documents could not be produced by the party relying upon such documents in spite of best efforts, unable to produce the same which is beyond their control. The party who seeks to produce secondary evidence must establish for  the non-production of primary evidence. Unless, it is established that the original document is lost or destroyed or is being deliberately withheld by the party in respect of that document sought to be used, secondary evidence in respect of that document cannot be accepted. In the facts of this case, the plaintiffs could not prove before the learned trial Judge that any of the alleged divorce deed was executed and lost and could not have produced and thus they were entitled to lead secondary evidence under Section 65 of the Indian Evidence Act, 1872.

In my view, the party who seeks to lead secondary evidence has to establish that such party is not able to produce the primary document which beyond his control or that the same is lost or destroyed or is being deliberately withheld by the party in respect of that document sought to be used. Unless these mandatory conditions of Section 65 of the Indian Evidence Act, 1872 are complied with, such party cannot be allowed to lead secondary evidence. The substantial question of law no.(i) is accordingly answered in negative in the facts of this case.

Bombay High Court

Smt. Kashibai Namdeo Jadhav And ... vs Smt. Yamunabai Namdeo Jadhav And ... on 25 February, 2016

Bench: R.D. Dhanuka

 SECOND APPEAL NO.108 OF 1993

Citation:AIR 2016 (NOC)387 Bom           

 By this second appeal filed under Section 100 of the Code

Rights of accused in Cyber Crime Cases in India

RIGHTS OF THE ACCUSED WHO IS ARRESTED In CYBER CRIME MATTER 

1. Protection against arbitrary or unlawful arrest (Article 22 of the Constitution and Section 41, 55 and 151 of Cr.P.C.)

2. Protection against arbitrary or unlawful searches (Sees. 93, 94, 97, 100(4) to (8). and 165 of Cr.P.C.)

3. Protection against “Double Jeopardy” (Article 20(2) of the Constitution and Section 300 of Cr.P.C.)

4. Protection against conviction or enhanced punishment under ex-past facto law (Article 20(1) of the Constitution)

5. Protection against arbitrary or illegal detention in custody (Article 22 of the Constitution and Sees. 56, 57 and 76 of Cr.P.C.)

6. Right to be informed of the grounds, immediately after the arrest (Article 71(1) of the Constitution and Section 50 of Cr.P.C. as also Sees. 55 and 75 of Cr.P.C.)

7. Right of the arrested person not to be subjected to unnecessary restraint (Section 49 of Cr.P.C.)

8. Right to consult a lawyer of his own choice (Article 22(1) of the Constitution and Section 303 of Cr.P.C.)

9. Right to be produced before a Magistrate within 24 hours of his arrest (Article 22(1) of the Constitution and Sees. 57 and 76 of Cr.P.C.)

10. Right to be released on bail, if arrested (Sees. 436, 437 and 439 of Cr.P.C., also Sees. 50, 20 and 167 of Cr.P.C.)

11. Right not to be a witness against himself (Article 20(3) of the Constitution)

12. Right to get copies of the documents and statements of witnesses on which the prosecution relies (Sees. 173(7), 207, 208 and 238 of Cr.P.C.)

13. Right to have the benefit of the presumption of innocence till guilt is proved beyond reasonable doubt (Sees. 101-104 of Evidence Act)

14. Right to insist that evidence be recorded in his presence except in some special circumstances (Section 273 of Cr.P.C., also Section 317 Cr.P.C.)

15. Right to have due notice of the charges (Sees. 218, 228(2), 240(2), etc. of Cr.P.C.)

16. Right to test the evidence by cross-examination (Section 138 of Evidence Act)

17. Right to have an opportunity for explaining the circumstances appearing in evidence against him at the trial (Section 313 of Cr.P.C.)

18. Right to have himself medically examined for evidence to disprove the commission of offence by him or for establishing commission of offence against his body by any other person (Section 54 of Cr.P.C.)

19. Right to produce defence witnesses (Section 243 of Cr.P.C.)

20. Right to be tried by an independent and impartial Judge (The Scheme of Separate of Judiciary as envisaged in Cr.P.C., also Sees. 479, 327, 191, etc. of Cr.P.C.)

21. Right to submit written arguments at conclusion of the trial in addition to oral submission (Section 314 of Cr.P.C.)

22. Right to be heard about the sentence upon conviction (Sees. 235(2) and 248(2) of Cr.P.C.)

23. Right to fair and speedy investigation and trial (Section 309 of Cr.P.C.)

24. Right to appeal in case of conviction (Sees. 351, 374, 379, 380 of Cr.P.C. and Arts. 132(1), 134(1) and 136(1) of the Constitution)

25. Right not to be imprisoned upon conviction in certain circumstances (Section 360 of Cr.P.C., and Section 6 of the Probation of Offenders Act)

26. Right to restrain police from intrusion on his privacy (Article 31 of the Constitution)

27. Right to release of a convicted person on bail pending appeal (Section 380 of Cr.P.C.)

28. Right to get copy of the judgment when sentenced to imprisonment (Sec.363 of Cr.P.C.)

21 Months Jail & $77000 fine for Sabotaging CITI Bank Network(Cyber Crime) in 2013

21 Months Jail & $77,000 Fine for Sabotaging CITI Bank Network in 2013

Ex staff of Citibank named Lennon Ray Brown was sentenced to Jail for 21 months along with a $77,000 fine by a Texas court (U.S. District C. Godbey ) for sabotaging the bank’s internal network, The Register reports. Lennon Ray Brown, who worked at the bank’s Irving office, said he wanted to get back at management for "firing" him after he was called out for poor job performance.

Brown had been working at Citibank's Irving, Texas, corporate office since 2012, first as a contractor and later as a staff employee, when he was called in by a manager and reprimanded for poor performance.Brown, 38, admitted that on December 23, 2013, he issued commands to wipe the configuration files on 10 core routers within Citibank's internal network.Brown deliberately uploaded commands to the bank's Global Control Center routers that deleted the configuration files, ultimately congesting network traffic and resulting in an outage in network and phone access to around 90% of Citibank branches across the US.

Specifically, at approximately 6:03 p.m. that evening, Brown knowingly transmitted a code and command to 10 core Citibank Global Control Center routers, and by transmitting that code, erased the running configuration files in nine of the routers, resulting in a loss of connectivity to approximately 90% of all Citibank networks across North America.  At 6:05 p.m. that evening, Brown scanned his employee identification badge to exit the Citibank Regents Campus.

At the sentencing hearing, where the Court referred to Brown’s conduct as “criminal vandalism,” the government read a text that Brown sent to a coworker shortly after he shut down Citibank’s system that read, “They was firing me. I just beat them to it. Nothing personal, the upper management need to see what they guys on the floor is capable of doing when they keep getting mistreated. I took one for the team. Sorry if I made my peers look bad, but sometimes it take something like what I did to wake the upper management up.”

Source: United States Department of Justice

Anton Piller Order or Order related to Raids in Software Piracy matter : Microsoft loses

Microsoft looses its Anti piracy raid case due to wrong facts in the Petition

The Bombay High Court has criticised Microsoft for making misleading claims when it secured a preliminary order that allowed the company to search the premises of a local company it accused of copyright infringement. Court vacated a stay it had granted this June in favour of the US tech major in its plea against Girnar Software over unlicensed use of its products.

In a ruling handed down on July 15, 2016  Hon. Justice Gautam Patel vacated a previous order handed down last month and has given Microsoft an opportunity to withdraw its complaint. In the dispute, US-based Microsoft sued Girnar Software earlier this year for allegedly using unauthorised copies of its software including Microsoft Windows, Office and Visual Studios. On June 24, Hon. Justice had granted Microsoft’s request for an Anton Piller order.

Under those orders, a defendant in a proceeding is required to allow a plaintiff or its representatives to enter the defendant’s premises to obtain evidence.In this case, experts from the High Court’s IT department were sent to oversee raids on Girnar’s offices in Gurgaon, Jaipur and Andheri.In its initial complaint, and which helped secure the order, Microsoft accused Girnar of having 3,315 computer systems on which there were 1,340 instances of Microsoft Windows being used.This, according to Microsoft, was despite the company having procured licences for only 545 uses.

Furthermore there were allegedly 1,308 instances of Microsoft Office being used on systems despite Girnar having only 550 licences and 60 uses of Microsoft Visual Studios despite Girnar having procured only five licences.Microsoft added that Girnar was being uncooperative in attempts to resolve the matter through negotiations.

But in his July 15 order, Hon. Justice said that when the raids were actually conducted, it was discovered that Girnar had far fewer computer systems than previously alleged. According to the court, the company had only 1,053 machines, of which only 283 ran Windows. Girnar’s counsel also revealed that Microsoft had allegedly suppressed crucial email exchanges which showed that Girnar was in fact co-operating with Microsoft. Microsoft’s counsel was asked for an explanation but claimed there was an “oversight” on its part.

Microsoft admitted that it used vague language in its pleadings including “estimated” and “approximately”, and that because the raid at one of the locations was delayed, it was possible that Girnar deleted the software from its systems. Hon. Justice criticised the claims: “My disapproval today is of Microsoft presenting speculation as fact. This is not answered by presenting me with still more speculation based on even less fact. “I find it particularly galling that attempts are now made to explain its pleading by this fuzzy reading approach; by asking me to read into words like ‘approximate’, ‘approximately’, ‘estimated’ and ‘some of which’.” "The lesson to be learned from all this, one that I believe will govern all future applications for Anton Piller orders — every one of those orders will require clearest statement of facts. Any grey areas — 'estimates', 'approximates' — will be clearly set out in the plaint. There is to be no holding back of relevant documentary material."  Hon . Justice even said that in future, "every order will be conditional on the applicant depositing in court as security a sum to be decided when the order is made." This is particularly bad for organisations who were eying Anton Piller orders for enforcing Anti piracy measures.