You are on page 1of 13

An International Multidisciplinary e-Journal

Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

Cyber Crime & Cyber Security: Be Vigilant, Not Victim

Vipul Adhana,
Masters of Technology (CSE)
Delhi Institute of Management & Technology, Faridabad
Affiliated to Maharishi Dayanand University, Rohtak
Email: vipuladhana@gmail.com

Deepak Kumar Adhana


Research Scholar,
Institute of Management Studies and Research (IMSAR),
Maharishi Dayanand University, Rohtak
Email: deepak.adhana1437@gmail.com

In this age where the use of computers and networks related to them has become
commonplace, there has been developed problems concerning cyber security. Cyber Security is an
important factor to be considered if one is willing to protect himself from malicious people and
software from the internet. Most of threats to computer networks come from internet and these are
often intentional, having been developed by people with malicious intent. Cyber Security is therefore
an attempt by individuals to protect their personal information, data and other digital assets from
attacks through internet.

The present paper exhibits the trends of Cyber Crime in India during 2011 to 2016. The paper also
highlights the detailed concept of Cyber Security and talks about initiative taken by Government of
India to counter Cyber Crime. The paper, in the end offers recommendations dealing with the
challenges of Cyber Security.

Keywords: Cyber Crime, Cyber Security, Vulnerability.

I. INTRODUCTION:
Cybercrime is a global issue causing continual or distress to the world. The dictionary
meaning of cybercrime is “crime conducted via the Internet or some other computer network”. The
definition remains very broad in the sense that the term “cyber” is defined as “relating to the culture
of computers, information technology, and virtual reality.” Cyber Crime, or computer related crime,
is crime that involves a computer and a network. The computer may have been used in the
[585]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

commission of crime, or it may be the target. One of the highly impressive definition of cybercrimes
as: “Offences that are committed against individual or groups of individuals with criminal motive to
intentionally harm the reputation of victim or cause physical or mental harm, or loss, to the victim
directly or indirectly, using modern telecommunication networks such as internet (networks including
but not limited to Chat rooms, emails, notice boards & groups) and mobile phones (Wi-Fi/ Bluetooth/
SMS/ MMS)”.

Due to growing number of people gaining access to the internet, rapid development in the
field of technology, and globalisation of the world, more of the world population is becoming
susceptible to involvement in cybercrime; whether it is as a victim or a criminal. The advantages of
technology and the internet have led more criminals to make use of cyberspace for committing online
crimes. As globalisation continues to spread across the planet, the threat of cybercrime is also
increasing. While the impact of globalisation has led to amazing discoveries throughout the world,
internet connectivity has also made cybercrime easier. Cybercrime may threaten a person or a
nation’s security and financial health. Issues surrounding these types of crimes have become high-
profile, particularly those surrounding hacking, copyright infringement, unwarranted mass-
surveillance, child pornography and child grooming.

TYPES OF CYBER CRIMES:

Forgery Electronic terrorism Interception/


tampering
Counterfeiting Espionage
Spam and DOS
Identity theft RTP/UTP
Spoofing, shilling,
Tax evasion Sales, Investment
bidding agents
frauds
Electronic vandalism
Pumping and
Advertising frauds
dumping

[586]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

II. OBJECTIVES OF STUDY:

The study has been geared to achieve the following objectives;


1. To analyse the detailed concept of Cyber Crime and Cyber Security
2. To highlights the Cyber Security initiative by Government of India
3. To construct the suggestions dealing with the challenges of cyber security

III. CYBERCRIMES IN INDIA:

The National Crime Records Bureau (NCRB) recorded 12317 cyber-crimes in 2016. Cyber-
crime cases registered under various heads have increased by 6.3% in 2016 over the year before.
Including the pending investigation from 2015, the police ended up with a total number of 14973
cyber-crimes cases to investigate at the end of 2016.

The number of cyber-crime cases solved by police in 2016 stands at 9213; charge sheets were
submitted in 3712 cases, while 4424 cases were found to have insufficient evidence.

C Y B E R R E P O RT
Cyber Report
14000
12317
11592
12000
9622
10000

8000

6000

4000

2000

0
2014 2015 2016

Figure 1: Cyber Crime Reported in India

Source: “Crime in India 2016- Statistics”, National Crime Records Bureau Report, 20171

[587]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

A. STATE & CITY WISE CYBER-CRIME RECORD IN YEAR 2016:

Cyber Crime
3000 2639
2500 2380

2000
1500
1101
1000
500
0
Uttar Pradesh Maharastra Karnatka

Cyber Crime

Figure 2: Cyber Crime Reported in Indian States


Source: “Crime in India 2016- Statistics”, National Crime Records Bureau Report, 20171

According to National Crime Records Bureau (NCRB), 12,317 cyber-crimes were recorded in
the year 2016. Incidence of cyber-crime has shown an increase of 6.3% in 2016 (12,317) over 2015
(11,592). During that year Uttar Pradesh reported the maximum number of cyber-crimes with 2639,
accounting for 21.4%. Maharashtra stands second with 2380 cases accounting for 19.3% followed by
Karnataka with 1101 cases accounting for 8.9%.

CYBER REPORT
Cyber Report
980

762
532

361

269
136

90
62

MUMBAI JAIPUR BENGLURU LUCKNOW KANPUR GHAZIABAD DELHI PUNE

Figure 3: Cyber Crime Reported in India Cities


Source: “Crime in India 2016- Statistics”, National Crime Records Bureau Report, 20171
[588]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

In India, Mumbai has reported highest number of cases under cybercrime (980) accounting to
23.5% during 2016 followed by Bengaluru, Jaipur and Lucknow.

B. MOTIVES OF CYBER-CRIMES:
 Illegal Gain emerged as the top motive behind cyber-crimes with 5987 cases
 Revenge was 2nd most motive behind cyber-crimes with 1056 cases
 686 cases were registered for insult to modesty of women
 There were 569 cases registered under the head sexual exploitation
 571 cases were registered under the head extortion and blackmailing
 There were 40 cases that were done with political motive
 149 cases inciting crimes against a community
 3 cases inciting crimes against the country
 14 cases pertaining to sales and purchase of illegal drugs
 448 cases were accounted for causing disrepute

C. A Statistics of Cyber Crimes in India:

IT Act IPC

Cases Cases
Year Registered Persons Arrested Registered Persons Arrested

2011 1791 1184 422 446

2012 2876 1522 601 549

2013 4356 2098 1337 1203

2014 7201 4246 2272 1224

2015 8045 5102 3422 2867

[589]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

Year IT Act IPC

Total 24269 14152 8054 6289

Table 1: Statistics of Cyber Crimes in India


Source: Factly.in5

D. CYBER CRIME CASES REGISTERD UNDER INFORMATION TECHNOLOGY ACT,


2000:

Nearly 8500 cases were filled under the Information Technology Act. The act deals with dishonestly
receiving stolen computer resources identify thefts, cheating by impersonation using computer and
violation of privacy.

Breakup of cases registered cases under IT Act are as follows:

TYPE TOTAL NO. OF % OF


CASES UNDER IT OVERALL
ACT

Tempering computer source documents 78 0.91

Computer related crimes 6818 79.16

Cyber terrorism 12 0.14

Publication of obscene/sexually explicit content 957 11.11

Breach of confidentiality/privacy 35 0.41

Other cyber-crimes under IT Act 713 8.28

Total number of cyber-crimes under IT Act 8613 100

[590]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

The numbers of cases registered under the Information Technology Act, 2000 and Indian
Penal Code (IPC) have been growing continuously. The cases registered under the IT act grew by
more than 350% during 2011 to 2015. There has been almost a 70% increase in the number of cyber
crimes registered under IT act from 2013 to 2014. On the other side the cases registered under IPC
has increased by more than 7 times between 2011-2015. Similar trend is observed in the number of
persons arrested for committing cybercrime.

The government also acknowledges the increase in the number of such crimes and that the
introduction of technologies, devices including smart phones and complex applications, and rise in
usage of cyber space for businesses has resulted in such an increase.

With increasing internet access, cyber-crimes have also been raised in the last few years. As a
result to counter cybercrime, Cyber Security has become the need of hour. Cyber security involves
protecting the information by preventing, detecting, and responding to cyber-attacks.

Cyber Attackers:

Terrorists
Hackers
Hackers
Hostile Nations
Hostile Nations
DisgruntledEmployees
Disgruntled Employees
Criminals Group
Criminals Group
Hacktivist
Hacktivist

Figure 4: Cyber Attackers

Source: Author’s Own Presentation

[591]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

IV. CYBER SECURITY:


Cyber Security, also known as computer security or information technology security is the
protection of computer systems from theft or damage to the hardware, software or the information on
them, as well as from disruption or misdirection of the services they provide. In short it can be said
that cyber security is protection of systems, networks and data in cyberspace.

It include controlling physical access to the hardware, as well as protecting against harm that
may come via network access, data and code injection, and due to malpractice by operators, whether
intentional, accidental or due to them being tricked into deviating from secure procedures.

Definition: Cyber security or information technology security are the techniques of protecting
computers, networks, programs and data from unauthorized access or attacks that are aimed for
exploitation and misuse of information theft.

The main four concerned areas of cyber security are :

Confidentiality: Only authorized users can access the data resource and information

Integrity: Only authorized users should be able to modify the data as and when needed

Availability: Data should be available to users when needed

Authentication: Are you really communicating with whom you think you are communicating with

Description: Major areas covered in cyber security are:

1) Software Security 2) Data Security 3) Disaster Recovery 4) Network Security

Software Security
Software security is the area where confidential information is stored hence it requires the
highest security. There are applications such as online banking software and train reservation systems
which require highest level of security. So it’s a major area of cyber security that needs special
attention. Basic techniques used for application security are
a) Input parameter validation

[592]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

b) User/Role authentication and authorization


c) Session management
d) Auditing and logging
Data Security
Data security deals in securing the data from illegal or unauthorized access. Information or data is
the foremost part of cyber world. So according to data security here we deal with the systems that are
much more secure. Major techniques used to cover data security are:

a) Identification of user:
Under this technique a user is identified as human being, robot or any other so that unfair act can
be stopped easily.
b) Authentication & authorization of user:
This techniques aims to authenticate and authorize the user under this user required to enter the
password or other secure sign in techniques.
c) Cryptography:
This technique claims the highest same and secure data access as data is being locked with a key
and key given to the end user using some encryption and decryption methods, so without the
specific user nobody else can see the data. There are so many sub categories of cryptography
which helps data safety in every manner.

Sender End Receiver End

Plain Cipher Cipher Plain


Text Text Text Text

Encryption Decryption

Figure 5: Sub Categories in Cryptography

Source: Author’s Own Presentation

[593]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

Disaster Recovery the concept came in existence in mid-1970 when most of the computers were
batch oriented mainframes; which in many cases may be down for couple of days before damage.
Here disaster recovery can be well understood as recovering the system to its previous working state.
Disaster recovery can be classified as below methods:

a) Backup
Backup is simple reserving a copy of running state of the system so that in case of any mishap the
data can easily be retained without any risk. For the perfect backup, data should be copied to external
devices such as disks or hard disk drives.
b) Restore
Restoring is an act of re-storing the data taken while backup, restore mechanism is needed when a
system failed to response and there becomes a complicated situation to access the system. So restore
is the only option to get rid from the disaster.
Control measures of disaster recovery are:
a) Preventive
b) Detective
c) Corrective

Network Security includes the network through which the information is being flowing. A
network security is needed because today most of the data flows from one place to another through
the network only either it a bank transaction or any other confidential transaction. One can easily
secure the network by following components available to secure the network

a) Antivirus and anti-spyware


b) Firewalls to block unpermitted access
c) Virtual Private Network(VPN) to ensure safe network tunnel

The field is of growing importance due to increasing reliance on computer systems and the
internet is most societies, wireless networks such as Bluetooth & Wi-Fi and the growth of smart
devices, including smart phones, televisions and the tiny devices as part of Internet of Things.

[594]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

PHASES OF CYBER SECURITY:

Detect: Anomaly Detection, Continuous detection


Identify: Asset Management, Vulnerability Assessment
Respond: Malware Analysis, Forensic Remediation, Incident Response
Recover: Disaster Recovery, Threat Mitigation, Continuity of Operation
Protect: Access Control, Data Security, Threat Protection

CYBER SECURITY EXPERTS AROUND THE WORLD:

INDIA USA

556 CYBER 91080 CYBER


SECURITY SECURITY
EXPERTS EXPERTS

CHINA

1.25 LAKHS
CYBER
SECURITY
EXPERTS
Figure 6: Cyber Security Experts

Source: Article in “The Hindu” dated on 19 June, 201310

The above statistics is very disappointing as India needs much more experts to cope in digital
era with other developed countries around.

STEPS TO FOLLOW IF ONE BECOMES VICTIM OF CYBER CRIME:


 Disconnect your system from internet as early as possible, as this would automatically
minimize the risk of entering to danger zone
 Close all accounts whether it’s for Mailing, Messengers or other online logged accounts

[595]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

 Scan your device with antivirus, this will search for threat to your system if anyone left to
gain the access from your system
 Create the backup or image of the system
 Reinstall your operating system after backup

V. RECOMMENDATIONS:

Some recommendations for individual users are given below:


 Must have latest patches and updates installed on your computer
 Computer should be configured securely
 Setup the fraud alerts
 Choose strong password to login the system and keep on updating the password frequently
 Enable remote access connection or VPN only if you have powerful firewall installed
 Personal information on system must be two step secure
 Review your bank and credit cards statement regularly
 Avoid using public Wi-Fi networks
 Do not over share on social media platform
 Do not respond to mails asking for your bank and credit card details

Some recommendations for government and its authorities are given below:
 Need to sensitize the common citizen about a danger of cyber terrorism.
 Join efforts by all government agencies including defense forces to attract qualified, skilled
personal for implementation of counter measures
 More investment in Cyber Security
 Government law and IT act need to be amended
 Need to have more international collaboration in the field of cyber security and favours handling
issue of cyber terrorism in cooperation with other advanced countries
 Fund and encourage research and PhDs in the area of cyber security

[596]
An International Multidisciplinary e-Journal
Vol. 3, Issue-II
(Peer Reviewed, Open Accessed & Indexed)
Web: www.jmsjournals.in Email: jmsjournals.in@gmail.com Oct. 2017

VI. CONCLUSION:
Cyber security is a complex subject, whose understanding requires knowledge and expertise
from multiple disciplines, including but not limited to computer science and information technology,
psychology, economics, organizational behavior, political science, engineering, sociology, decision
sciences, international relations, and law.

A common vision is required to ensure cyber security and prevent cyber crimes. The time has
come to prioritize cyber security in India's counter terrorism strategy. Given the rapid transformation
of the cyber landscape since 2013, as well as the need for a more comprehensive framework for the
operationalization of the vision of cyber security policy as laid out by the government, India needs to
update its cyber security policy.

REFERENCES:

Websites:
1. http://ncrb.nic.in/
2. http://www.insightsonindia.com/2017/11/23/insights-mindmaps-cyber-security-india-bots todays-world/
3. https://en.wikipedia.org/wiki/National_Cyber_Security_Policy_2013
4. http://www.cyberswachhtakendra.gov.in/about.html
5. https://factly.in/cyber-crimes-in-india-which-state-tops-the-chart/
6. Cisco India unveils three cyber security initiatives, The Week, 22 December 2016, http://www.theweek.in/news/sci-
tech/cisco-india-unveils-three-cyber-security-initiatives.html
7. FACT SHEET: Framework for the U.S.-India Cyber Relationship, The White House, Office of the Press Secretary,
https://obamawhitehouse.archives.gov/the-press-office/2016/06/07/fact-sheet-framework-us-india-cyber-relationship
8.https://economictimes.indiatimes.com/tech/internet/how-india-inc-is-losing-its-
cybersecuritywar/articleshow/61074845.cms
9. http://www.livemint.com/Opinion/ORfRrY3ecTFGlKOsJlrqAJ/Digital-India-needs-a-cybersecurity-reboot.html
10. http://www.thehindu.com/news/national/an-it-superpower-india-has-just-556-cyber-security-
experts/article4827644.ece

[597]