The Institute of Chartered

Accountants of India

Topic: Cybercrime and Cyber Security

Name: SMIT SHAH
Brach: Navsari
WRO: WRO0720367
CYBERCRIME AND
SECURITY
 Contents

 Meaning
 History
 Types of Cybercrime
 Increasing trends in Cybercrime
 Need for Security
 Security Measures
 Government’s protocol for Cyber security
 Meaning
 Cybercrime means any
unlawful act where computer
or communication device or
computer network is used
to commit or facilitate the
commission of a crime.
 Cybercrime is criminal activity that either targets or uses a
computer, a computer network or a networked device.
 History and Evolution of Cybercrime
 While cyber crime existed before this, the
major wave of cyber crime came with the
proliferation of email during the late 80’s.
 It allowed for a host of scams and/or
malware to be delivered to your inbox.
 The next wave in the cyber crime history
timeline came in the 90’s with the
advancement of web browsers.
 Viruses were emerging during this time
and they were delivered through Internet
connections whenever questionable
websites were visited.

 Some viruses caused your computer to

run slow, others may have caused
annoying pop-up advertising to crowd
your screen.
 Cybercrime really began to take off in the
early 2000’s when social media came to life.
A flood of personal information and the rise
of ID theft was generated by influx of
people putting all the information they could
into a profile database

 Thieves used the information to reach bank

accounts, set up credit cards or other
financial fraud in a variety of ways.
 The latest wave is the establishment of a
global criminal industry totalling nearly a
Half-trillion dollars annually.
Types of Cybercrime
 Hacking & Cracking:
Every act committed towards breaking into a computer
and/or network is hacking. By hacking web server
taking control on another person’s website called as
web hijacking.

 Spoofing:
Spoofing means illegal intrusion, posing as a genuine
user. It refers to thing that appears to have been
originated from one source when it was actually sent
from another source.
 Credit Card Fraud:
If electronic transaction are not secured the credit
card number can be stolen by the hackers who can
misuse this card by impersonating the credit card
owner.

 Cyber Terrorism:
Targeted attacks on military installations, power
plants, air traffic control, telecommunication network
are the most likely targets. Others like police,
medical, fire and rescue systems etc can also be the
target.
 Defamation:
Defamation can be understood as the intentional
infringement of another person’s right to his good name.
Defamation can be understood as the tarnishing the image,
respect or dignity of any person in front of right thinking
members of the society.

 Cyber Stalking:
Cyberstalking can be defined as the repeated acts of
harrassment or threatening behaviour of the cybercrimimal
towards the victim by using Internet Services. Cyber-
stalking refers to the the use of the internet, e-mail, or other
electronic communications device to stalk another person.
 Spamming:
Spam is flooding the Internet with many copies of the
same message, in an attempt to force the message on
people who would not otherwise choose to receive it.
Most spam is commercial advertising.

 Denial of Service attacks:

Flooding a computer resource with more requests it
can handle. This causes the resource to crash thereby
denying access of service to authorized users.
 Forgery:
Counterfeit currency notes, postage and revenue
stamps, mark sheets etc can be forged using
sophisticated computer, printers and scanners. Also
impersonate another person is considered forgery.

 Data Diddling:
Data diddling involves changing data prior or during
input into a computer. Information is c hanged from
the way it should be entered by a person typing. It
also includes automatic changing the financial
information for some time before processing.
The above stated crimes are not the only types of
cybercrime instead there are a lot different kinds of
Cybercrime. But they are some one the most
common types of Cybercrime that occur on our
daily basis.
Increasing Trends in Cybercrime
Analysis of Chart:
The above figure clearly shows that upto 2008 the rate of crime was low and
steady for all and number of cases registered in Mumbai and Maharashtra were
low , but after 2008 the rate of cybercrime has increased.

In 2009, there is 50% rise in case as compared to previous year.

In general from 2008 to 2015 there is more than 50% rise each year as
compared to previous year. In Maharashtra and Mumbai the rise is 313% and
225% respectively.

With respect to Mumbai, there is no continuous rise, but abruptly there are falls
in 2011 and 2013.This can be attributed to the amendment in the IT act in 2008 to
make it more flexible.
It is also noticeable that after 2014 there is a drop in the rate of increase of
cybercrime in India.
 Need for Security
 The need of Cyber security comes down to the desire to keep
information, data, and devices private and safe.
 Companies need Cyber security to keep their data, finances
and intellectual property safe.
 With Cyber security, companies do not have to worry about
the unauthorized users accessing their network or data.
 By implementing security, businesses and individuals can
protect themselves against the full range of cyber security
threats.
Cyber security is very important because of some security threats and
cyber-attacks. It is important because not only it helps to secure
information but also our system from virus attack.
 Security Measures
Cyber Security is the
application of
technologies,
processes and controls
to protect systems,
networks, programs, devices, and data from Cyber
attacks.
The following processes and tools can be used as
security measures:
1) Use strong Passwords:
Strong passwords are vital to good online security. Make your
password difficult to guess by using
 a combination of capital and lower-case letters, numbers and
symbol,
 making it between eight and 12 characters long,
 avoiding the use of personal data,
 changing it regularly,
 Never using it for multiple accounts
 Using two factor authentication
Create a password policy for your business to help staff follow
security best practice.
2) Control Access:
Make sure that individuals can only access data and
services foe which they are authorised.
For example you can:
 Control physical access to premise and computer
network
 Restrict access to unauthorised users
 Limit access to data or services through
application controls
 Restrict what can be copied from the system and
saved to storage devices
 Limit sending and receiving of certain types of
email attachments.
3) Put up a Firewall:
Firewall are effectively gatekeepers between your
comnputer and the internet, and one of the major
barriers to prevent the spread of cyber threats such
as viruses and malware.

Make sure that you set up your firewall devices

properly, and check them regularly to ensure they
have the latest software/firmware updates installed,
or they may not be fully effective.
4) Update programs and systems regularly:
Updates contain vital security upgrades that help
protect against known bugs and vulnerabilities.
Make sure that you keep your software and devices
up-to-date to avoid falling prey to criminals.
Update software is not only good for the user but
also for the businesses and timely update of software
not only protects breaches or attempt towards it but
it may reduce the cost of the breach.
5) Raise Awareness:
Your employees have a responsibility to help keep
your business secure. Make sure that they
understand their role and any relevant policies and
procedures , and provide them with regular cyber
security awareness and training.
Effective security awareness training is essential in
training your staff on how to identify and respond
appropriately to the growing range of cyber security
threats.
Cyber Security awareness training should be
engaging and informative to ensure the staff
understand what is required of them and the
importance of their role in safeguarding the
 Government’s protocol for Cyber Security
Cyber security
protocols are plans,
protocols, actions and
measures that aim to
keep your
oraganisation safe from malicious attacks, data
breaches and other security incidents
With the increasing number of cases of Cyber Crime
Government has undertaken various initiatives to prevent
Cyber Crime.
Following are some of the initiatives
undertaken by government:
 National Cyber Security Policy,2013
 Cyber Swachhta Kendra
 Cyber Surakshit Bharat
 National Critical Information Infrastructure
Protection Centre
 Personal Data Protection Bill
 Indian Cyber Crime Coordination Centre
 Information Technology Act, 2000
 Cyber Surakshit Bharat:
Aiming at strengthening the cybersecurity ecosystem in
India– in line with the government’s vision for the
“Digital India”, the Ministry of Electronics and
Information Technology has launched Cyber Surakshit
Bharat initiative.

With such initiative, there would be a rise of awareness

about cybercrime and building capacity for securing the
CISOs and the frontline IT staff across all government
departments.
 National Critical Information Infrastructure
Protection Centre:
NCIIPC is a central government establishment,
formed to protect critical information of our country,
which has an enormous impact on national security,
economic growth, or public healthcare.

This organisation readily conducts cybersecurity

exercise to keep a check of the cybersecurity posture
and preparedness of the government and the critical
sectors.
 Personal Data Protection Bill:
The most important one for Indian citizen, is the approval of
Personal Data Protection (PDP) bill by the union government in
order to protect Indian users from global breaches, which
focuses on data localisation.

The bill implies the storage and processing of critical

information related to individuals only in India.

The bill also aims at making social media companies more

accountable and push them to solve issues related to the spread
of offensive content.
 Cyber Swachhta Kendra:
The “Cyber Swachhta Kendra” is a part of the Government of
India’s Digital India initiative which :
Intends to create a secure cyberspace by detecting Cyber
infections in India and to notify, enable cleaning and securing
systems of end users so as to prevent further infections.

It has been in accordance with the objectives of the National

Cyber Security Policy, which envisages creating a secure cyber
ecosystem in the country.

This centre is being operated by the Indian Computer Emergency

Respo0nse Team (CRET-In).
 Indian Cyber Crime Coordination Centre:
This scheme was approved in October 2018, to deal with all the
types of cybercrime in a comprehensive and coordinated manner.

15 States and Union Territories have given their consent to set up

Regional Cyber Crime Coordination Centres.

It has various components:

 National Cyber Crime Threat Analytics Unit
 National Cyber Crime Reporting Portal
 National Cyber Crime Research and Innovation Centre
THANK
YOU