Cybercrime is all around us, and on the rise. And not only are top enterprises at risk, you—in your personal, individual capacity—may also be under watch...
Hugh Jackman plays a hacker named Stanley Jose in Swordfish, and has the
expertise to break in to government computers and alter records. Skeet Ulrich
plays the most wanted computer hacker on the FBI list, Kevin Mitnick, in
Takedown. And recently, Abhishek Bachchan played Jagdish, a computer whiz-kid
who puts his knowledge to good use and saves a site in Om Jai Jagdish. The
common factor—hacking.
How the lure of money can transform an intellectual into a fraudster came to
fore when a software engineering graduate from IIT Kharagpur was caught
red-handed trying to sell the source code of a sophisticated software package
recently. The arrest followed a complaint from the Federal Bureau of
Investigation, which informed its Indian counterpart-the Central Bureau of
Investigation—of the attempt to sell the source code of Solid Works 2001 Plus,
developed by American firm Solid Works. This company had outsourced debugging of
the package to a Mumbai-based company, where this engineer worked—after
finishing work on the project, the engineer resigned.
After
the Gavel
l Ruling
in India’s first case of software piracy In a landmark decision on 17th October 2002, the designated High Court
of Delhi passed an order prohibiting one Mr Debasish Seal from selling
pirated software over the Net. Seal was accused of selling pirated
Microsoft software on an auction site. The day also happened to be the
second anniversary of the enforcement of the IT Act, 2000.
l Honey,
you’ve landed in the Honeypot In June 2000, Pakistani hackers broke into a US-based computer system
to use it as a tool to attack India Websites. But little did they know
that they had fallen into the Honeypot—a trap laid down to trace hacker
activities. Every keystroke, chat sessions and tools they used were
recorded
The administrators used
this trap to learn what kind of targets hackers look for and what their
level of expertise was.
Before leaving, however, he took the entire source code of the software with
him. He then approached other software companies in the US through e-mail,
announcing that he had the source code and expressing his keenness to sell it. A
company named Solid Concepts in the US responded to his mail, and informed Solid
Works and the FBI about the offer. After negotiation, the exchange was finalized
for a sum of $200,000 and an initial payment of $20,000 wired to the engineer’s
bank account in Mumbai. An FBI agent posing as a representative of the company
met the engineer at Delhi’s Ashok Hotel, where the latter was apprehended
while handing over the source code on two CDs. He’s since been booked under
Sections 379 and 406 of the Indian Penal Code and Section 66 of the IT Act.
From the CBI files... The Central Bureau of Investigation registered its first case on hacking
when the Department of Customs and Central Excise complained that its site had
been hacked into. Identified as the ‘Anti-India Crew’, the culprits had
hacked into more than 120 Indian sites. Fortunately, they managed only to deface
the homepage before the hack was detected. The case gained importance, as it was
for the first time that a government department had lodged a complaint about
hacking of its Website.
In another case of cyber harassment, the cyber crime cell of CBI cracked a
case where personal details and telephone number of a young lady executive were
posted on a dating site, with the statement that she was "available".
When her family started getting calls from around the world, they lodged a
complaint with CBI’s cyber crime cell. It was found that the website contained
obscene material and had links to other pornographic sites. The IP addresses of
the sites were traced to one Dewang Badyani of Mumbai. The CBI and local police
conducted searches at the locations of Direct Information, a Web hosting
company, the premises of Badyani, VSNL location and Indosoft—a private company
that developed the program for the accused. From the VSNL premises, the team
seized a server containing material for the Websites and other pornographic
sites belonging to Badyani from the rack of Direct Information. Further
investigation is on.
Most Offenders are Family or Friends, Who You’d Never Suspect
The
‘Cybercrime Cell’ in Bangalore celebrated its first birthday on 22
October 2002. Mr Alok Mohan, DIG of police (economic offences), under the
Corps of Detectives, Bangalore, spoke to DQ about the cell’s
activities in its first year. Excerpts:
l What
has been the nature of work at and efficacy of the Cybercrime Police
Station?
The Bangalore CCPS is the first of its kind in the country and has
jurisdiction over the entire state of Karnataka. So far we have solved
more than 90% of the 61 cases that have been lodged.
l Why
is it that enterprises are wary of reporting a cyber attack?
Enterprises across the country hesitate to lodge complaints due to
fear of negative publicity. However, I urge them to approach the
legal authority because by not doing so, they’re encouraging the
person to continue.
l What
is your team made up of?
I oversee the Bangalore Cyber Crime Police Station as cyber crimes
fall under economic offences. My team consists of four DSPs (Deputy
Superintendent of Police), four Inspectors, and a supporting team. They’re
being constantly trained and we try to keep up with the changing
technology and trends. We also take help of experts from Wipro, Infosys
and from the Department of Supercomputers at IISc.
l Ruling
in India’s first case of software piracy In a landmark decision on 17th October 2002, the designated High Court
of Delhi passed an order prohibiting one Mr Debasish Seal from selling
pirated software over the Net. Seal was accused of selling pirated
Microsoft software on an auction site. The day also happened to be the
second anniversary of the enforcement of the IT Act, 2000.
l Honey,
you’ve landed in the Honeypot In June 2000, Pakistani hackers broke into a US-based computer system
to use it as a tool to attack India Websites. But little did they know
that they had fallen into the Honeypot—a trap laid down to trace hacker
activities. Every keystroke, chat sessions and tools they used were
recorded
The administrators used
this trap to learn what kind of targets hackers look for and what their
level of expertise was.
Spamming for revenge And in yet another eye-opening case, a 16-year-old school dropout was found
guilty of spamming and sending threatening e-mails in obscene language. His
parents thought him a computer-wizard and spent more than a lakh rupees
providing for two computers with an Internet connection, printer, scanner,
air-conditioner, multimedia kit and so on. But their dreams were shattered when
a Web hosting company in the United Kingdom complained of receiving thousands of
Spam mails from India, asking them to shut down one of the Websites hosted on
its server. The mails were traced back to the youngster’s PCs at his
Pondicherry residence.
CBI investigations revealed that the youngster was an Internet addict, in the
habit of surfing the Net for 12-16 daily. His telephone amounted to over Rs
13,000 a month and he was working on two or three websites and discussion forums
that he hosted. Although he had no contacts whatsoever with school friends, he
had made many virtual friends—and one of these virtual friends was a client of
this UK-based firm. When these two fell out, the teenager chose to spam the
company whose client the ex-friend was. The CBI registered a case under Sections
507 and 509 of IPC and Section 66 of the IT Act, 2000. During search operations,
one of the computers loaded with the e-mail bombing program used to send Spam
was seized.
Germany calling! A new and innovative way of cheating people is gaining ground—the lure of
getting them handsome jobs overseas. CBI cracked this interesting case on the
basis of two separate e-mail complaints. The complainants received e-mails from
one Mohd Firoz, informing them that they had been selected for the posts of ‘network
administrator’ and ‘programmer’, respectively, without any formal
interview. A German firm called DIS-AG Personalvermittlung, manufacturing and
exporting cosmetics; drugs and toiletries, had hired them. They were asked to
cough up Rs 10,000 and Rs 40,000, respectively, to a specified ICICI bank
account number for visa and other paper work. Further, they were asked to come
to Delhi for their visa inter views at the German embassy and to collect other
contract papers. On contacting the German embassy, the two were told that no
person or company by the given name was known to the embassy.
CBI’s investigation traced the ICICI account to a residence in Hari Nagar
in New Delhi. The statement of account collected from the bank revealed deposit
of cash in the account from different parts of the country and even abroad. The
investigations also revealed that Mohd Firoz had changed residence a year back
and had cheated on people by payment of heavy amounts on the pretext of getting
them lucrative jobs. Firoz used to withdraw money through ICICI ATMs in Delhi,
but he was ultimately traced to Asansol in West Bengal—a 23-year-old
unemployed graduate from Aligarh Muslim University.
All said and done Worldwide, cybercrime has increased—as it has in the Indian geography.
With the number of Internet users shooting up, the threat is becoming even
worse. We can choose to be proactive and report the incidents to help bring the
guilty to book; or downplay the threat at our own risk—which is what most of
Indian enterprises and home computer-users do. The choice is ours—to live or
be outlived.
Special Issues 
