Cyber security

PRAGUN
College roll number: 1922014
Course : Bsc. [H] statistics
 What is cybersecurity?

CYBER SECURITY IS THE PRACTICE OF

DEFENDING COMPUTERS, SERVERS, MOBILE
DEVICES, ELECTRONIC SYSTEMS, NETWORKS,
AND DATA FROM MALICIOUS ATTACKS. IT'S
ALSO KNOWN AS INFORMATION TECHNOLOGY
SECURITY OR ELECTRONIC INFORMATION
SECURITY. THE TERM APPLIES IN A VARIETY
OF CONTEXTS, FROM BUSINESS TO MOBILE
COMPUTING.
 Types of cyberthreats
So, how do malicious actors gain control of computer
systems? Here are some common methods used to
threaten cyber-security:
▪ Malware: It means malicious software. One of the most
common cyber threats, malware is software that a
cybercriminal or hacker has created to disrupt or
damage a legitimate user’s computer.
▪ SQL Injection: An SQL (structured language query)
injection is a type of cyber-attack used to take control
of and steal data from a database.
▪ Phishing: Phishing is when cybercriminals target
victims with emails that appear to be from a legitimate
company asking for sensitive information. Phishing
attacks are often used to dupe people into handing
over credit card data and other personal information.
 Elements of cyber security
IT INVOLVES A RANFE OF ELEMENTS, LIKE:
• NETWORK SECURITY: This involves protecting networks from
unauthorized access and attacks, such as denial of service attacks
and malware.
• Endpoint security: This involves protecting individual devices, such as
computers and mobile phones, from threats such as viruses and
spyware.
• Application security: This involves protecting applications, such as
software and websites, from vulnerabilities that could be exploited by
hackers.
• Data security: This involves protecting sensitive data, such as personal
information and financial data, from unauthorized access or loss.
• Identity and access management: This involves ensuring that only
authorized users have access to specific resources and systems, and
that their actions are monitored and logged.
 Cyber Security Laws in India
The initiatives are taken by the Indian Government to enhance cyber security in India:

• National Cyber Security Policy, 2013: The policy provides the vision and strategic direction to protect the national cyberspace.
• The CERT-In (Cyber Emergency Response Team – India): CERT-In has been operational since 2004. It is the national nodal agency for responding
to computer security incidents as and when they occur.
• Indian Cyber Crime Coordination Centre (I4C):The Union Government has decided to set up 14C. It will be an apex coordination center to deal with
cybercrimes.
• Cyber Swachhta Kendra: Launched in early 2017, the Cyber Swachhta Kendra provides a platform for users to analyze and clean their systems of
various viruses, bots/ malware, Trojans, etc.
• Cyber Surakshith Bharat: Ministry of Electronics and Information Technology, launched the Cyber Surakshith Bharat initiative to spread
awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff
across all government departments.
• The Cyber Warrior Police Force: In 2018, the government announced its plans to introduce CWPF. It is proposed to be raised on lines of the
Central Armed Police Force (CAPF).
• Cyber-Crime Prevention against Women & Children’ Scheme: Implemented by the Ministry of Home Affairs, the scheme aims to prevent and
reduce cybercrimes against women and children.
While India has made progress in developing a comprehensive National Cyber Security Strategy, there are still challenges to overcome. Continued
investment, collaboration, and capacity strengthen India’s cybersecurity posture and effectively address the evolving threat landscape.
 Information technology Act,2000
The Information Technology Act, 2000 provides legal recognition for transactions carried out by means of
electronic data interchange and other means of electronic communication, commonly referred to as
"electronic commerce”, which involve the use of alternatives to paper based methods of communication and
storage of information, to facilitate electronic filing of documents with the Government agencies and further to
amend The Indian Penal Code, The Indian Evidence Act, 1872, The Banker’s Books Evidence Act, 1891 and
The Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto. The
Information Technology Act, 2000 extend to the whole of India and it applies also to any offence or
contravention there under committed outside India by any person.

Salient Features of The Information Technology Act, 2000 The salient features of The IT Act, 2000 are as
follows −
• Digital signature has been replaced with electronic signature to make it a more technology neutral act. ▪
It elaborates on offenses, penalties, and breaches.
• It outlines the Justice Dispensation Systems for cyber-crimes.
• The Information Technology Act defines in a new section that cyber cafe is any facility from where the
access to the internet is offered by any person in the ordinary course of business to the members of the
public.
• It provides for the constitution of the Cyber Regulations Advisory Committee.
• The Information Technology Act is based on The Indian Penal Code, 1860, The Indian Evidence Act,
1872, The Bankers’ Books Evidence Act, 1891, The Reserve Bank of India Act, 1934, etc.
• It adds a provision to Section 81, which states that the provisions of the Act shall have overriding effect.
SOME CASE
STUDIES BASED
ON CYBER
CRIME
1. Pune Citibank MphasiS Call Center Fraud
Some ex-employees of BPO arm of MPhasiS Ltd MsourcE defrauded US Customers of Citibank to the tune
of Rs 1.5 crores. It was one of those cyber crime cases that raised concerns of many kinds including the
role of "Data Protection".
The crime was obviously committed using "Unauthorized Access" to the "Electronic Account Space" of the
customers. It is therefore firmly within the domain of "Cyber Crimes".
ITA-2000 is versatile enough to accommodate the aspects of crime not covered by ITA-2000 but covered by
other statutes since any IPC offence committed with the use of "Electronic Documents" can be considered
as a crime with the use of a "Written Documents". "Cheating", "Conspiracy", "Breach of Trust", etc. are
therefore applicable in the above case in addition to the section in ITA-2000.
Under ITA-2000 the offence is recognized both under Section 66 and Section 43. Accordingly, the persons
involved are liable for imprisonment and fine as well as a liability to pay damages to the victims to the
maximum extent of Rs 1 crore per victim for which the "Adjudication Process" can be invoked.

4/30/2024
 2. SONY.SAMBANDH.COM CASE
India saw its first cybercrime conviction in 2013. It all began after a complaint was filed by Sony India
Private Ltd, which runs a website called www.sony-sambandh.com, targeting Non-Resident Indians. The
website enables NRIs to send Sony products to their friends and relatives in India after they pay for it
online.
The company undertakes to deliver the products to the concerned recipients. In May 2002, according to the
cybercrime case study, someone logged onto the website under the identity of Barbara Campa and ordered
a Sony Television set and a cordless headphone. She gave her credit card number for payment and
requested the products to be delivered to Arif Azim in Noida. The payment was duly cleared by the credit
card agency, and the transaction was processed. The company delivered the items to Arif Azim. At the time
of delivery, the company took digital photographs showing the delivery being accepted by Arif Azim. The
transaction closed at that, but after one and a half months the credit card agency informed the company that
this was an unauthorized transaction as the real owner had denied having made the purchase. The
company lodged a complaint about online cheating at the Central Bureau of Investigation which registered
a case under Section 418, 419 and 420 of the Indian Penal Code. The matter was investigated, and Arif Azim
was arrested. Investigations revealed that Arif Azim while working at a call center in Noida gained access
to the credit card number of an American national which he misused on the company's site.
The CBI recovered the color television and the cordless headphone, in this one of a kind cyber fraud
case. The court convicted Arif Azim under Section 418, 419 and 420 of the Indian Penal Code - this being
the first time that cybercrime has been convicted.
4/30/2024
 3. ANDHRA PRADESH TAX CASE
Dubious tactics of a prominent businessman, from Andhra Pradesh, were exposed after
officials of the department got hold of computers, used by the accused in one of the many
cyber fraud cases in India. The owner of a plastics firm was arrested and Rs 22 crore cash,
was recovered from his house by sleuths of the Vigilance Department. They sought an
explanation from him regarding the unaccounted cash within 10 days.
The accused submitted 6,000 vouchers, to prove the legitimacy of trade and thought his
offence would go undetected but after careful scrutiny of vouchers and contents of his
computers, it was revealed that all of them were made after the raids were conducted. It was
later revealed that the accused was running five businesses under the guise of one company
and used fake and computerized vouchers to show sales records and save tax.

4/30/2024
THANK YOU