Vol. 2 No. 8

January 2004
Article
 

COMPUTER SECURITY & CYBER CRIME
By
Capt. S.B. Tyagi, Chief Manager, GAIL (I) Ltd.

To the believers of Hindu mythology it is the trinity (Brahma, Vishnu and Mahesh) that creates, sustains and destroys the cosmos (Universe). In our world it is the other trinity - Internet, telecommunication and information technology that calls the shots.

We are living in a revolution, which is more turbulent than the French revolution!! Its not the first time that mankind is going through a period of technological revolution. The sequence has been as given below -

  1. The potter's wheel.
  2. Printing Revolution
  3. Industrial Revolution
  4. Information Technological Revolution.

Information Technology Revolution; This started in 1980s with Internet, which routinized the processes and eliminated geography. It not only redefined the concept of property and space but also brought work place back to the worker's home. Internet is not to be blamed. It was there for 15 years before our problems arose. What is causing the problems?

  • E-Commerce: It means doing business online or selling and buying products and services through web storefronts. It offers fundamentally new ways of doing business, rather than mere extension of existing practices. Internet has made E-commerce feasible, because it offers a medium that is inexpensive enough to operate and easy enough for people to use.
  • E- Governance: It is more than just citizen service and is a combination of technology and a new style of leadership. It can provide secure, reliable and controlled interface between the government and citizens through computer communication network.

Internet was never designed for what it is being used today. It's metamorphosis is as follows -

  • Military project : 1962 ARPA and MIT
  • Born : 1971 Arpanet
  • Exhibited publicly : 1972
  • E-mail : 1972 Ray Tomlinson
  • Massive networks : 1980 IBM, Bell.

Internet is special because it made the technology of networking computer and operating system specific. Robert Kahn took up the challenge to convert this technology into a general, not specific one.

Parting of ways: In 1983 there was parting between 'Milnet' (for military use) and Internet (for academic use). Internet was designed for academic use for free exchange of academic information. This in itself raised issues of privacy, accuracy, property and accessibility. Internet was hijacked by technologies like E-commerce and E-governance. The consequences are that ….

* It has an impact on our every day life
* Computers are replacing mundane human tasks.
* Every thing is becoming dependant on them be it industrial, economic, communication, medical treatment, confidential data personal, political, social, economic…it is more of information super-highway.

Internet has helped us to achieve the impossible! High density, compact storage, imperceptible to the human senses - the VIRTUAL, unbelievable increase in speed w.r.t distance and w.r.t doing mathematical calculations and the most important the world wide connectivity and communication, This all at a price of ……

Internet has helped THE CRIMINAL to achieve the impossible!!!

* By offering new and highly sophisticated tools for law breaking.
* Potential to commit traditional crimes in non-traditional way.

Crime Par-se does not change. It has to be directed against-person, property and conscience. Only the tools for committing crime changed.

What does Internet connect?

* Is it Network to Network connection?
* Is it Computer to Network connection?
* Is it Computer to Computer connection?

No! It's program to program connection between two computers!!

As an unregulated medley of corporations, individuals, governments, educational institutions, and other organizations that have agreed in principle to use a standard set of communication protocols, the internet is wide open to exploitation. There are no sheriffs on the information super-highway waiting to zap potential offenders with a radar gun or search weapons if someone looks suspicious. By almost all accounts, this lack of " law enforcement" leaves net users to regulate each other according to the reigning norms of the moment. With E-commerce comes electronic merchants; plugged-in educators provide online education and doctors meet with patients in offices on-line. It should come as no surprise that there are also cyber criminals committing cyber crimes. Mimicking real life, crimes and criminals come in all varieties on the Internet.

What is computer crime?
In simple words, the crimes directed at a computer or a computer system or any illegal action in which computer is a tool or object of a crime.

Nature and impact of computer crime:

A remarkable feature of the crime committed through computer is that it is a silent crime and can be committed without anyone being aware of it. The impact of this crime can be noticed by the organization in ways like,

  1. Financial loss
  2. Information technology loss.
  3. Secrecy loss
  4. Loss of image and credibility.
  5. Gain for competitors.
  6. Aggravation of quality and service.

Cyber Crimes:

Any crime that involves computers and networks, including crimes that do not rely heavily on computers.

It can also be said, "Once any two computers can talk… crimes can be committed. So Cyber crime is nothing but conventional crime committed using a computer.

Transformation of computer crimes to Cyber crimes has been a very long but extremely fast journey. We can say Computers fascinate while the information technology terrorizes.

What has caused the spurt of criminal activities? Computers? Yes is the Answer!

Tools to commit a Cyber Crime: Essentially we establish program-to-program connection with another computer. The program may be as follows:

  1. Imagine you call a friend for dinner and he brings with him a bag full of termites. Termites play havoc in the house. Such a program is called Virus. Just like termite that can reproduce and can enter wood, virus also has two characters - they can replicate, should become part of another program, then only they can create havoc. A Virus can be defined as " A program, which reproduces its own code by attacking itself to other programs in such a way that the virus code is executed when the infected program is executed. We should also say that the virus must do this without the permission or knowledge of the user.
  2. Imagine the friend gave you a gift, has a hidden camera. This camera transmits him at regular intervals details of activities in your house. Such a program is called a Trojan horse. Just like a camera, which cannot replicate and can function alone, the Trojan horse cannot replicate i.e. cannot infect other files but can stand alone as an independent program.
  3. Imagine the friend gave you a pair of rabbits. They reproduce very fast. A pair can produce 1000 off springs in a year. Finally you will find there is no space in your house to move around --- do your daily work. Such a program is called a Worm. This worm can replicate itself; can stand alone as an independent file. It makes full running duplicates of itself. It consumes space on your hard disk thus making your computer to crash finally. It cannot infect new files.
  4. Imagine your friend gifted you with a doll with a hidden bomb. It explodes after two months. Such a program is called a Logic bomb. These logic bombs perform destructive acts based on trigger events.
  5. Imagine there is a festival of minority community. They visit a deity. The whole population of the town queues up, even before the genuine worshippers turn up. The genuine worshippers are denied access in such scene. Such a situation in e-box or attack on it by useless emails is called Denial of Service. It is flooding the receiver by sending millions of requests to a computer continuously thus denying access to genuine users.
  6. Salami technique implies trimming off small amounts of money from many sources and diverting these into one's own or an accomplice's account.
  7. Data Diddling: It is the act to alter the data with a mala fide intention to cause undue advantage to a specific party is termed as data diddling.
  8. Masquerading: It means using someone else's identity to gain access to a computer.
  9. Scavenging Memory: It is the method of obtaining information from residual data left in a computer or on computer tapes and disks after processing.
  10. IP Spoofing: It means changing IP addresses on packets you send to request for access and making the server believe that the request is coming from a friendly client.
  11. IP Sniffing: Imagine the enemy is cleverer. He plants a servant in your house. He overhears and observes everything and passes on to him. He comes for a brief period and does what he wants in that small period. The technique of capturing all conversations in networks and mailing them to the planter is called IP Sniffing. IP sniffer can collect all passwords and transmit.
  12. Defacing is the technique, which permits programs to attach themselves over other, programs esp. web pages. It does not change the original web page but places a page over that page.
  13. Electronic Eavesdropping: Tapping, without authorization, into communication lines over which digitized computer data and messages are being sent is electronic eavesdropping. Here someone picks up the sound or the electromagnetic radiations and then decrypts it.
  14. When someone makes you come out with your password in a social gathering, it is called social engineering.
     

How is Passwords Stolen?

  1. We write it and throw it.
  2. Someone picks it up. This technique is called Trashing.
  3. Scavenging for data in materials that have been thrown away.
  4. Print outs handwritten documents.
  5. Discarded disks, tapes.
  6. Deleted documents in reality do not get deleted - they can be recovered.

15. Trapdoors and Backdoors: Trapdoors are weaknesses in security programs intentionally created and are normally inserted during software development. These doors are supposed to be removed once the software is completed. Unintentional access to software code is referred to as a Backdoor.

What is a hacker and what does he do?

Hacker is a person with a mastery of computers who could push programs beyond what they were designed to do. These hackers exploit these trapdoors to gain entry. They exploit weaknesses of the security system i.e. dictates his term! ! ! ---- That is:

CYBER TERRORISM OR CYBER EXTORTION

It can be defined as the use of computing resources to intimidate others. An example of cyber terrorism could be hacking into a hospital computer system and changing someone's medicine prescription to a lethal dosage as an act of revenge.

Where does the threat lie?

i. Outsiders
ii. Disgruntled employees
iii. Natural calamities
iv. Dishonest employees
v. Employees' errors, acts, omissions.

Classification of Cyber Crimes:

i. Hardware as contraband of crime.
ii. Stolen computer system.
iii. Pirated software.
iv. Hacking programs.
v. CD writer to copy blue movies-Pornography
vi. Hardware as evidence.
vii. Hardware designed exclusively to commit crimes.
viii. Information as evidence.

Prevention of Computer Crime:

Computer crimes are an increasing problem in our society. It is to be looked into by not only computing professionals, but also anyone who uses a computer network of any kind. Prevention of computer crime can be classified into:

i. Technological Aspect: Hardware related prevention, software related prevention and operation related prevention. Deciding upon the proper hardware matching and suitability to the operations of the organization and also while designing, developing and implementing the application software.

ii. Managerial Aspect: The line managers of the computer should devise ways and means to prevent/deter computer crimes.

Encryption and firewall are also methods of protecting/preventing against computer crimes. In India, the IT law 2000 is the right step towards checking the menace of computer related crimes. The first police station to deal with tackling of computer crimes has become functional at Bangalore in Karnataka state.

The recent terrorist attacks on the US; Indian Parliament has stunned the world. It has been possible with advanced technology and information detection systems. The biggest threat today is the INFORMATION WARFARE. The weapons in this war are simple - a personal computer, a keyboard, a mouse and an Internet connection. With these weapons, an adversary can play havoc with a country's economy, business and state secrets, including defense. Strategically, info war is a conflict in which electronic information is a vital asset and a target for destruction.

Information warfare is defined as the offensive and defensive use of information and information systems to deny, exploit, corrupt or destroy an adversary's information, information based processes and computer based network while protecting one's own. It generally involves illegal copying, distortion, manipulation and scare-mongering using information.

There are three basic elements of an info war attack:

Low cost of attacker, thereafter of war being redefined and highly evolved propaganda. The info war can be targeted at three levels: a nation, a corporate and an individual.

Industrial Espionage: Corporations, like governments, love to spy on the enemy. Net worked systems provide new opportunities for this, as hackers-for-hire retrieve information about product development and marketing strategies, rarely leaving behind any evidence of the theft. Not only is tracing the criminal labor intensive, convictions are hard to obtain when laws are not written with electronic theft in mind.

Thus, for surviving under the present situation it is vital to constantly update IT Security Systems, and at the broadest level, countries like ours need to understand and recognize Cyber crime- Info war and lessons from countries that have already integrated info war capabilities need to be internalized. Scenario and war-games involving info war should also be played out.