Are you safe from cyber-attacks while working from home?

Introduction  

Corona Virus (COVID-19) is a pandemic which has been spread all over the world affecting the big shot nations such as America and major Europe where the tally of death is not less than 200,000 deaths. The pandemic COVID-19 has hit the business and commercial operation globally. Due to Lockdown various activities have been terminated. 

Honourable Prime Minister of India has issued an advisory on 24th March 2020 evening stating that the entire Nation will experience a lockdown for 21 days wherein the first notice of lockdown started on Sunday i,e. 22nd March 2020. The lockdown was further increased on 14.04.2020 for period of another 19 days and the situations does not seems to be in a normal state anytime soon. Nationwide lockdown was the only way to limit movement to reduce the spread of pandemic COVID 19. And we, as citizens of India, have no choice but to stand up to this situation by staying indoors, which in turn will affect all of businesses and commercial activities in the coming months both on a national as well as a global level. Not only this there has been an imposition of Section 144 Cr.P.C in various parts of the nation. 

There has been a restrictions on not only in the inter-state business and commercial activities but there is a restriction on the cross border business and commercial activities as well. The transport services have come to a stall. There are no flights and trains operating at the present stage except ones for providing the essential commodities subjected under the Essential Commodities Act. It is not wrong to state that there is a situation of stall of business and commercial activities across the borders as well and as a result of which there is a regular downfall in the revenue of various companies. 

But it is important to note that the use of information technology has been increased by threefold. Due to the situation of lockdown in Indian and in different parts of the word, there is tremendous growth in the use of IT (Information Technology) and with such an immense increase in the usage of Information Technology there is a high risk of cyber-crimes being committed that could not only cause you monetary harm but also the mental harm. 

With the present unprecedented crisis due to COVID-19, most of the operations are being done with the help of technology and this modern technology helps stay connecting people within a fraction of seconds. People are working from home and there is a situation of restrain in all over the nation. We as lawyers are also working from home, and the urgent matters are being heard by the High Court of Delhi and Supreme Court through Video Conferencing, there is a facility of E-filing as well. Various Senior Lawyers are interacting and sharing their thought with young lawyers, law students and others through webinars which are being conducted from time to time. But with all these advantages, some disadvantaged are also bundled with the use of technology or we call it Information technology to be more precise. And it is the need of the hour to know about few things about Information Technology and the measures that can be taken so at to prevent yourself from being a prey to the Cyber-Crime. 

Even the Indian Government has issued an advisory and has warned the users of Zoom Application, which is a video conferencing application due to lack of security. The CyCord (Cyber Coordination Center, MHA) has stated in its 16 page advisory that Zoom is not a safe platform. 

Not only this even the banking facilities are being availed though Net Banking by most of us or we make payments through our debit cards/ credit cards/ net banking for availing goods and services over the internet. Apart from this we usually upload our information being personal or professional over the social media platforms and such information can easily be accessed. And it is the need of the hour to know about few things about Information Technology and the measures that can be taken so at to prevent yourself from being a prey to the Cyber-Crime.

What is Information Technology? 

Information Technology is one of the fastest growing technologies all over the world. It got evolved out of the marriage between two versatile technologies, namely, computer and communication  technologies.  Information  technology refers  to  the  creation, gathering, processing, storage, retrieval, presentation and dissemination of information and includes the processes and devices that enable all this to be done. The Modern thief can steal more with a computer than with a gun. Tomorrow’s terrorists may be able to do more damage with a keyboard than a bomb.

Information control and protection have become a key factor to establish supremacy in the world. The military installation, power plants, air traffic control centers, banks and tele- communication networks have become the most sensitive targets, not through physical attacks but through cyber-attacks. In cyber warfare or information warfare, the enemy’s military computers could be blocked by introducing a computer virus or by firing electromagnetic bursts to disrupt their tactical operations or display wrong Information technology has pervaded into the lives of every human beings has greatly influenced his actions.

Traditionally, the information was being stored in the form of paper-based documents. The highly vulnerable documents were kept at safe places, which occupied a lot of space, keeping and analysis of the voluminous set of documents has been a time-consuming job. With the advancement of technology, more and more information is now being stored in the electronic format on computer media. The quantum of data that can be stored in a computer has grown tremendously in the past few years. In spite of this the cost of storage media has also been drastically reduced. Such changes in the manner of storing data have created paperless offices, which are more efficient in discharging their basic function rather than concentrating on mundane. This made human lifestyle and attitude totally dependent tasks on technology. The Master who created the slave has now become the master as well as the slave of the slaves.

As the millennium dawned, the computer has gained popularity in every aspect of our lives. This includes the use of computers by persons involved in the commission of crimes.  Today, computers play a major role in almost every crime that is committed. Every crime that is committed is not necessarily a computer crime, but it does not mean that law enforcement must not become much more computer literate, just to be able to keep up with the criminal element. According to Down Parker, “For the first time in human history, computers and automatic process make it possible to possess, not just commit, crime. Today, criminals can transfer a complete crime in software from one computer to another, each improving or adapting it to his or her own needs”.

In the era of Cyber world, as the usage of computers became more popular, there was expansion in the growth of technology as well, and the term ‘Cyber’ became more familiar to the people. The evolution of Information Technology (IT) gave birth to space wherein internet provides equal opportunities to all the people to access any information, data storage, analyse etc. with the use of high technology. Due to increase in the number of citizens, misuse of technology in the cyberspace was clutching up which gave birth to cyber-crimes at the domestic the cyber and international level as well.

In the cyber world, the world has become a global village.  Physical distance and geographical boundaries are no longer a barrier for communication connectivity and hence the information technology also eliminated the barriers of time, distance and resources which hinder business transactions.  The number of people using the computer has gone up and almost traditional terms are being per fined with the vowel ‘e’ to indicate electronic. Electronic markets ordinarily refer to on line trading and auction of goods, trading of stocks etc.

The electronic  marketplace  refers to the emerging  market economy  where producers, intermediaries and consumers interact electronically or digitally. It is a virtual representative of the traditional  physical  market, but with a wider reach.  The economic  activities undertaken  by this electronic  market-place  collectively  represent the digital economy. Electronic commerce is broadly concerned with the electronic marketplace, wherein all the products are available on-line and all the transaction are made digitally, except the physical delivery of goods. There is no single individual or organisation, which controls the entire market only the technology places restriction, on what can be done in the cyberspace and what cannot be. Like the physical world, good as well as bad people are also using this totally free ‘space’.  The good people enjoy the freedom to enrich themselves and the society, whereas the evil ones transgress all the law with impunity.  Some unscrupulous elements have used the e-market as an easy target for anti-social activities.  E-commerce attacks have risen and affecting credit card,  smart  card,  bank  account,  denial  of service attacks, extortion, organised crime, identity theft etc.

What are Cyber-crimes?

From the law enforcement  perspective,  the Internet is simply a new medium used by anyone to commit offences. Cyber-crimes  are” crimes directed at a computer or a computer system. For  Example,  The  fraudsters  perform  various  activities  such  as impersonation,  theft  and credit  information  from  digital  communication  network, fraudulent  electronic  banking, electronic  gambling,  lottery  frauds  and  frauds  in commerce  using  e-mail  etc.  On the net similar to these in the physical world, and may also include telecommunication and telemarketing  frauds deceptive  advertising,  and securities  frauds. A fraudster  may set up a site  on  the  World Wide  Web  (www),  and  clam  that  the  site  belongs  to  a  reputed organisation.  Victims are induced to reveal valuable information  or part with money by way of credit card payments.

USA, during 1997, identified ten reported types of frauds, which were related to the rapidly developing  e-commerce.  In web auctions,  the sellers never delivered  the items bid for, or their values were highly inflated. Payments were charged for on-line and the Internet service that were never provided.  Sale of general merchandise,  from T-shirts to toys, Calendars  to collectibles,  computer  products  and books etc. wherein  the goods were never delivered  or not as advertised.  Material and equipment  were sold with the false promise of payment for the work performed  at home.  False promises  of issuing  credit cards were made to people with bad credit histories on payment of up-front fees. Requests were made for up-front fees to claim prizes that were never awarded.

The  opportunities for computer abuse  are directly related  to the growth of the computer technology,  and its widespread  use for increasing number of applications.  The organisations are becoming  more dependent  on information Technology and therefore, a large number of people have access to computers. In each succeeding generation,  the children are becoming more  and  more  computer literate  at younger  ages.  More  personal  data  and  proprietary information  are being stored on the computers.  Wide area networks, especially the Internet, continue  rapidly.  Consequently  with the connection  of each  new segment  to the Internet, opportunities  to the criminals grow, and the job of hacker hunting becomes more complex.

Meaning of Cyber Space

A science fiction writer, William Gibson is known to have used the word ‘Cyber’7 but he had actually invented it years ago in a short story, which appeared in the Omni magazine. Cyber, as a prefix, first appeared in the word cybernetics in 1948, which was coined by Norbert Weiner in his book of the same name Weiner derived it from the Greek word for steersmen and the idea of control is central to it. The meaning of cyber has evolved over the past decade. Its original sense in Necromancer was of electronic space, as perceived by what we now known as visual reality. “Cyberspace” was originally used for electronic space. The brain and senses were directly linked with the world of computers and communications and so could experience it as an  actual landscape. Later on it was used for intangible electronic domain. Now it is being used, as a loose synonym  for  electronic cyberspace,  therefore,  is  the  place  where  two  people  meet,  not physically but virtually and communicate with each other  electronically. Organisations and individuals have sued each other in long drawn court, battles over the rights to control this overwhelming space.

Cyberspace is now international in scope and is growing swiftly and steadily in size, wealth and political importance. People from all walks of life via, scientists, technicians, journalists, doctors, lawyers, artists, clerks and civil servants, are now visiting this space. However right from the very beginning there also been some scrupulous elements in the society, who used this space for committing crime. There are spies, both industrial and political amateurs and professionals, criminals and law enforcement officials, who are silently working in this space.

Types of Cyber-Crime

Cyber-crimes are broadly categorised into three categories, namely crime against

1. Individual

2. Property

3. Government and other organisations

Each category can use a variety of methods and the methods used vary from one criminal to another.

Individual: This type of cyber-crime can be in the form of cyber stalking, distributing pornography, trafficking and “grooming”. Today, law enforcement agencies are taking this category of cyber-crime very seriously and are joining forces internationally to reach and arrest the perpetrators.

Property: Just like in the real world where a criminal can steal and rob, even in the cyber world, the criminal resort to stealing and robbing. In this case, they can steal a person’s bank details and siphon off money; misuse the credit card to make numerous purchases online; run a scam to get naïve people to part with their hard-earned money; use malicious software to gain access to an organisation’s website or disrupt the systems of the organisation. The malicious software can also damage software and hardware, just like vandals damage property in the offline world.

Government and other organisations: Although not as common as the other two categories, crimes against a government and other organisations are cyber-crimes committed by cyber- attacks. If successful, this category can wreak havoc and cause panic amongst the civilian population. In this category, criminals hack or can send virus in government websites, banking or cooperate websites, military websites or circulate propaganda. The perpetrators can be terrorist outfits or unfriendly governments of other nations and also this can leak sensitive protected information.

There are four forms of computer abuse distinguished in each case depending upon the role played by the computer.  Thus the computer might: - (a) Serve as the Victim of Crime; (b) Constitute the environment within which a crime is committed, (c) Provide the means by which a crime is committed, or (d) Symbolically by used to intimidate, deceive or defraud victims.

Suggestions

A suggestion for the future of internet Policing could include the creation of different Cyber societies that are policed using different law and different agencies. Different needs need to have different norms and definitions of what is deemed acceptable and unacceptable. But not all areas of the internet should be punished. For example, a gamer cannot be in the same category as a Cyber sexual offender. For this to be successful appropriate punishment must be in place. However, should an offender be punished online of offline? An online punishment seems irrelevant which is displayed in the Mr Bungle case. It is easy for an individual to obtain new information to be able to get onto the Internet which means an online punishment would not be effective.  In creating different Cyber societies would condone the big brother approach to society. Although surveillance is seen as a positive crime prevention technique, an individual’s Human rights in regards to article 8, right to a private life would not be withstanding.

The Policing of the internet requires the Police, non-Police, Private sector and the community to work together to enforce the law and maintain order in different ways. It is clear that cybercrime will not disappear. Balancing freedom and security is a difficult concept.

A step in the right direction is the development of dedicated Computer Crimes Units, “Cyber Cops.” Officers cannot be expected to become experts at investigating computer type crimes in their spare time, especially when technology and criminal methods on the Internet change so quickly. Experts, who investigate only Cyber-crime, are necessary, if we in law enforcement are to make progress in the investigation and prosecution of computer crime.

We must become proactive in our efforts to combat the crime presented by this new challenge. Law Enforcement officers must learn to use the available technology to pursue criminals, to spread the word about computer crime, to arm potential victims with information and resources.   

Law Enforcement must learn to use the Internet to their advantage. It can be an invaluable resource for us just like it has become a target rich environment for the criminal. We can post pictures of persons we are attempting to locate and the Internet will give us a million eyes looking for the person. It can be used in our efforts to locate missing children. We can eventually use the Internet and computers into a live worldwide network where it will be more difficult for people to hide.

Our officers are becoming more computer literate and we must continue to develop that trend.  Law enforcement officers must understand that the computer is just another component of our investigations. We have already discussed to some degree the training that is needed for special units, but it is just as important train officers as they come through the various police academies in the use of the computer and the technology that is being used by the criminal mind to further their ability to commit crime. Recruiting must target individuals who have a background in the use of computers and the changes in technology. In this way, law enforcement agencies can stay abreast of the changes in technology.

Law enforcement agencies should use the computer and the Internet to spread the word about what is working for them in the various type of investigations they are involved in, be they computer related or of the generic version. We must learn to work together in a cooperative effort to pool our resources to combat this very invasive new threat.

Task force type units should be formed to investigate crimes such as child pornography where jurisdictional lines may be crossed. There are so many facets of these type investigations that it only makes sense.  Each agency involved could develop areas of expertise such as undercover, identifying suspects on line, encryption, and graphics. This would lead to a dozen or more cops that would contribute to solve these crimes.

Prevention of Cyber-crimes

‘Prevention is better than cure’ is not only meant for human health but for computers as well. It is always better to take necessary steps to prevent cyber-crimes. The following are some of the useful tips to prevent cyber-crimes to some extent.

• · Awareness is the first step in protecting yourself and your family.
• · Invest in Anti-virus, Firewall, and SPAM blocking software for your home PC.
• · Detect secure websites when conducting transactions online.
• · Do NOT respond or act on emails sent from unknown sources.
• · Stay on top of current Cybercrime trends
• · Emails: SPAM emails are becoming easier to detect by the average user.  Look for these clues to identify SPAM:

1.  The receiver’s name is the same as the sender’s

2. The subject is offering money making deals

3. The user is unknown and there are links to what appear to be legitimate websites.

• Email Filters: STCC is currently using a SPAM email filtering software to block most unwanted emails. (This is will not block all emails, since it filters by keywords, but will eliminate the more obvious ones).
• Email filters for home use can be purchased to protect your family from SPAM.
• Bundle packages are available that include pop-up blockers, anti-virus, spy-ware removers, and Internet filters.
• The key to protecting yourself is being aware.
• Not all cybercriminals are “hackers.” There  is  a  whole  other  world  that  exists  in  cyberspace, make  sure  that  your information travels safely.

 Recommendations

• Crimes that have been transformed by technology or merely involve the use of a computer (computer related crime) should remain the responsibility of investigators who traditionally investigate those crimes.
• Educating the common man and informing them about their rights and obligations in Cyberspace. The practical reality is that most people are ignorant of the laws of the cyberspace, different kinds of cybercrime, and forums for redressal of their grievances.
• There is an imperative need to impart the required legal and technical training to our law enforcement officials, including the Judiciary and the Police officials to combat the Cybercrime and to effectively enforce cyber laws.
• More sophisticated crimes (Computer Crimes) should be centralised within an agency and those investigators should have immediate access to a computer lab environment in order to conduct forensic computer investigations.
• Sufficient investigators must assigned to investigate crimes referred to local agencies from national clearing houses and those agencies with insufficient workload to justify full time staff should consider forming a regional task force.
• The reporting and access points in police department require immediate attention. In domestic territory, every local police station should have a cybercrime cell that can effectively investigate cybercrime cases. Accessibility is one of the greatest impediments in delivery of speedy justice.
• Computer crime working groups, which have developed on an adhoc basis, need to be supported and developed at the state and federal levels so they can become national and regional vehicles for sharing information.
• As Cyber-crime matures, it is imperative that law enforcement develops and maintains strong working relationships with its private sector counterparts to cooperatively investigate crimes of mutual interest.
• Law enforcement officers, investigators, and prosecutors must be trained to use the internet and to handle computer-based evidence.
• Further under Section 79 of the IT Act, 2000 no guidelines exist for ISPs to mandatorily store and preserve logs for a reasonable period to assist in tracing IP addresses in Cybercrime cases. This needs urgent attention and prompt action.
• An agency contacted by the victim of an internet related crime should complete the preliminary investigation report rather than referring the victim to another agency.
• National crime reporting standards must be updated in order to capture Cyber-crime information.
• Protocols must be developed to identify responsibility for the investigation of crimes that stretch internationally.
• A national repository should be established for computer crimes as well as a national clearing house for proactive Internet investigations into crimes such as child sexual exploitation, book making and prostitution.
• The investigation of cybercrime and prosecution of cybercriminals and execution of court orders requires efficient international cooperation regime and procedures. Although Section 1(2) read with Section 75 of the IT Act, 2000, India assumes prescriptive jurisdiction to try accused for offences committed by any person of any nationality outside India that involves a computer, computer system or network located in India, on the enforcement front, without a duly signed extradition treaty or a multilateral cooperation arrangement, trial of such offences and conviction is a difficult proposition as jurisdiction issue is one of the major problems in that.
• Legislation must be enacted that ensures ISPs maintain transactional records, improves law enforcement to serve ISPs with legal processes.
• Law enforcement must take the lead in developing computer.  Crime prevention materials for public education.
• Periodic study of information security best practices, awareness levels of various stake holders  and  outreaching  of  information  security  awareness)
• The bottom line is that departments across the state have to commit resources to the computer side of law enforcement. As stated above, we must consider task force type operations to pool our resources and make the most of the expertise found in each of the departments involved.

Computer crime is not going to go away. Computers and the Internet are not some fad like the CB radio or bell-bottom pants. It is here to stay and the computer will continue to have a dramatic impact in the foreseeable future. As the use of computers and the Internet grows, so will computer related crime.

[Disclaimer: The views expressed are solely of the author and they do not purport to reflect the opinion or views of LawStreet Journal]