Introduction
As nowadays the people need not only to get worry about the security physically but also they need to be secure virtually as the Cybercrime is the biggest illegal industry. Cybercrime involves largest coordinated attacks against the information infrastructure of a country. As the world is getting aware about the cyber attacks days by day as whether it is about the great Bangladesh bank heist or about the petty hackers who take money from the accounts through salami attacks Trojan attacks. So, usually people are not more aware about the cyber-security that how they can protect themselves from such kind of cyber attacks as to get aware about the cyber crime there is no need of getting fully knowledged about the cyber security. As another thing that is generally coming and another way to breach the cyber security is the use of Dark net as there are certain information which are not on the normal browser basically a small percentage of information is on the normal browser which everyone can access as there are certain illegal activities related to drug,arms or certain information which is not relevant for the general people basically these are certain sensitive information about zero day exploits,stolen datasets with login information , or botnets available for hire can be used to anticipate,discover or ideally prevent attacks on a wide range of targets. As it is difficult to truly measure the size and activity of the dark web, as many websites are under the law enforcement pressure. As nowadays a terrorist didn’t need to go anywhere for any sought of illegal activity as with the help of a click they can perform there activity and most of the time the law enforcers can’t able to catch them whether it is related to drugs basically most of the websites are there on the dark-net which sell the drugs according the weight which are required by the smugglers and many other illegal activities are there related to child pornography as these browsers from which the onion websites can be accessed. Basically the concept of cyber security with dark-net can be easily known with the research paper and how an individual can get cyber secured as there is no need of an individual to be a cyber expert there are certain things that a person usually forgets to be taken care.
TOOLS AND METHODS USED IN CYBER CRIME
Basically there are certain tools which are required to hamper the cyber security as under this section there are various tools and techniques and complex methodologies used to launch attacks against the target.although discussing all of them is slightly difficult because most of the tools are not discovered or come under sight and they just easily perform there task. These tools are not easily insight of the normal public who are not related to any of the cyber information most of the times the attacker take such thing as an advantage as there are certain steps which are usually taken into consideration as the attackers are very formal in launching there attack. As these are basic stages of an attack as how an attacker can compromise a network here :
- Initial uncovering: Basically in the first they try to gather information about there target on the internet by Google or through social networking websites and people searching websites. As at this step they try to get each and every information mostly at this stage they are not able to get caught because most of the time people don’t see that whether they have logged out from the computer they are using at different places which basically results in the breach of the cyber security as with this cyber criminals take this step as an initial covering because most of the time there are certain information on the social networking sites which they use as a source to collect the information.
- Network probe: At the network probe stage, the attacker basically uses more invasive techniques to scan the information. Usually a ping sweep of the network IP addresses is performed to seek our potential targets and then port scanning tool is used to discover exactly which service are running on the target system. At this point the attacker basically not do any kind of abnormal activity which shows that the person been attacked or there has been breach of cyber security. But, there are certain things that detects the activity at these stages basically these software detects the ping sweep or when the IP address is visible through certain websites [1]
- Crossing the line towards crime: As at this stage the attacker is towards crossing the line and reaching towards crime because they have collected such information which is quite sufficient to collect the data as they usually breach the cyber-security of banks or certain organization as there were certain cases where they have breach the security and cause the damages as one of the famous case I.e. The Famous Bangladesh bank heist[2] and there were many other cases as such but this was case as there were no as such reports of hacking or breach but came to known when according to reports there were accordingly 35 transaction that had been made with different accounts with same amount from different places so this is the stage when the criminals try to cross the line by breaching the cyber-security I.e. they basically breach the Common gateway interface(CGI) is through default account login with easily guessable passwords. Once the attackers are able to access a user account without many privileges, they will attempt further exploits to get an administrator or root access.
- Capturing the network: So, the fourth step is basically about capturing the network as there is certain type of abnormality in the network because most of the time at this stage the attacker tries to capture the network in the low priority target system . The next step is to remove the evidence of the attack. The attacker will usually install a set of tools that replace the existing files and services with Trojan files[3] and services that have a backdoor password. As once the attacker had captured the network through certain tools as once they have entered they’ll try get the data.
- Grab the data: As the security is at the verge of getting breached the attackers will try to steal the data from the respective place basically at this stage individual who are having any kind of knowledge related to computer regarding software or anything related to cyber they can still able to know about that there has been breach of data and try to save the data but sometimes attack is so strong that they can easily grab the data which will effect there system.
Covering tracks: So, with this the last step any attack which needs to be successful there need to cover the tracks. As these activities undertaken by the attacker to extend the misuse of the system without being detected. The attacker can remain undetected for for longer period or use this phase either to start5 a fresh reconnaisance to a related target system or continued use of resources,removing chance of hacking,avoiding legal action etc. Basically these step are considered to most important step because if a an individual thinks that they got save from data breach but still there is covering tracks.
LEGAL PERSPECTIVE UNDER CYBER SECURITY:
As there is need for cyber security because there are many cases when there is breach of cyber security whether it is related to any kind of activity done by north Koreans most of the data breach has been done by the north Koreans as they are not fully developed in the matter of the ammunition but still they can harm the country quiet easily without harming a country as a time has been there where the Famous Sony pictures has been hacked there movie was released before the date on the internet due to the breach of the cyber security basically this is about some other countries. But when it comes about India people here are also not safe enough from the cyber attackers as some of times there data has been exposed on social networking websites and they are not known about these incidents as they came to know when there has been breach of data by the attackers these may be a group of hackers who breach the security they mostly use certain VPN as these tools are self created by them through certain programming as there are also some of the self made software just to breach the security. As India has been fighting with the cyber security from last two decades, being during this time numerous forms of terrorism emerged, latest being the cyber terrorism as this high tech form of terrorism can cause immense damage and is the most critical form because an individual while keeping low profile can do certain high performing task. Our intelligence agencies have been warning about it. As we all know about the 26/11 Mumbai bomb blast as there were also use of cyber terrorism as the person named David Coleman Headily was there who was providing each and every information to the terrorist by sitting at home.[4] As after this the enforcement agency has been trying to get get more changes under the IT Act 2000 there were certain section that has been there just to deal with the aspect of cyber security so the act was made only to deal the security purpose as in matter with this following sections have been there :
- Section 66: Tampering with computer source documents
- Section 70: Protected system– As under this section the government basically deals with the protected system as the government by notification in the official gazette,declare any computer resource which directly or indirectly affects the facility of critical information infrastructure, to be a protected system.
- Section 70A: National nodal agency– As the central agency with respect to save the critical data and to protect it from such attacks to protect the Critical Information Infrastructure protection (CIIP) by the central government.
International efforts: As the international efforts have been made as the Interpol with its 178 member countries is doing a great job in fighting against the cyber terrorism. The are helping all the member countries and training their personnel.
– The council of Europe convention on cyber crime which is the first international treaty for fighting against computer crime, is the result of 4 years work by experts from the 45 member and non member countries including Japan, USA and Canada. The treaty has already been enforced after its ratification by Lithuania on 21st of March 2004.
– The Association of South East Asia Nations(ASEAN) has set plans for sharing information on computer security. They are going to create a regional cyber crime unit by the year 2005[5].
BREACH OF CYBER SECURITY IN INDIA:
So there has been breach of cyber security over the years in different countries and keeping in mind there has been inclusion of the IT Act by the central government in the year 2000 but still the rate of cyber crime has been growing to great extent because being growth in the technology every-time new things are coming up in the market. There are some cases where there breach of data whether it has been related
to Zomato, Union bank heist, Wannacry Ransomeware, Petya Ransomeware.[6]
So these are certain cases which basically shows that how the attackers in India has trying to breach attack the data whether it is related to banks or any other websites as as there is nothing such as privacy as everything is visible no one is as much safe basically there the cyber crime has been increasing more with coming the aspect of Darknet as this concept has been introduced in the recent years as most of the illegal activities has been there which results in the breach of the data of certain organization.
HOW TO GET SAVED:
So, to get saved from the breach of data or any kind cyber happening the first thing that a normal individual should do is to get known about there bank accounts within 2 or months so that you might know that what is the status of your banks and another thing is that there should be antivirus in your system still the hackers are not that easy to be caught but still if you use a antivirus still there are chances that you might get save because most of the time there are chances that if there is anything wrong you might get saved. Most of the time people usually to get access to a website they try to click certain adds as those are basically certain spams which can hurt your computer as most of the hacker are active all of the time on the system so they try to send certain click-baits which might hurt your computer data virtually as the virus attacks are not from only certain kind hardware it can also be through certain online files which you don’t want to get download but these files get downloaded and cause harm certain data threats to your system so not to use those websites which are not secured as that an individual can see through above URL bar.
Conclusion:
So, cyber privacy is considered to be important matter because people can get safe from physical attacks easily but to get safe from cyber attacks are quite tough most of the times people don’t even know the person and the work has been done without getting any sought of information but by that time it will be too late, government should start certain campaigns regarding cyber safety as that also is considered to be integral part in today’s life. There has been cases related to cyber bullying, phishing etc.and breach of privacy is considered to be a big problem for the people but the government still not bearing with these problems at bigger level still lot of things need to be done and one thing need to be kept in mind i.e. “privacy and democracy both are myth”
[1] http://us.Norton.com>internetsecurity_malware.
2 https://mycourses.aalto.fi › pluginfile.php › mod_folder › content › INF SCI
3 A Trojan horse or files are the most common and dangerous type of files as they are usually disguised and they are not seen until they perform there tasks and they carry a malicious code to provide harm.
[4] Dr. Amita Verma(Cyber crimes in India) pg-229(Central law Publications)
[5] Dr. Mudawi Mukhtar Elmusharaf (Computer Crime Research Center) Apr,2008
[6] https://Niti.gov.in
by- Deepankar Chugh
