INDIAN WEBSITES ARE NEW TARGET OF HACKERS
 

Some computer experts managed to break into the high security computer network of Bhabha Atomic Research Center but were luckily detected.

''GForce,'' a group of anonymous hackers whose members write slogans critical of India and its claim over Kashmir, have owned up to several instances of hacking of Indian sites run by the Indian government,
private companies or scientific organizations. The NAASCOM chief said Indian companies on an average spent only 0.8 percent of their technology budgets on security, against a global average of 5.5 percent.
A number of cases of hacking of Indian internet sites have been traced to Pakistan but it would be difficult to nail them, CBI Director, R K Ragavan said. As the hackers who broke into computer systems in India were not conniving with the Pakistani law enforcers, ''One wonders what kind of cooperation we will get'' Mr. Ragavan said at a seminar on Internet security. Hackers using knowledge of software to break in and steal information from computer systems broke into at least 635 Indian internet sites last year. Mr. Raghavan said the rise of literacy in India could bring down conventional crimes but the vulnerability of computers and the Internet could make crimes over the medium more rampant.

''We at the CBI are convinced that cyber crime is the crime of the future,'' he said. ''It is now much more easily committed and less easily identified.''President of India's National Association of Software and Service Companies (NASSCOM), Dewang Mehta said the lack of uniform laws against cyber crimes involving abuse of computer systems made prosecution of cross-border hackers difficult. ''Hacking is not a universal offence, and there is a problem,'' Mr. Mehta said.

Last year, India passed a landmark digital law that makes hacking, spreading of viruses and illegal financial transactions over the Internet punishable. It became the 12th member in a small club of nations with digital laws.

It was reported that Pakistan was making use of the computer system to promote terrorism in India.These are just some of the instances which were cited by Bhure Lal, secretary in the Central Vigilance Commission, to make a strong case for implementation of cyber laws. He was addressing the national seminar on Computer-related Crimes organized by the Central Bureau of Investigation (CBI) in the Capital today. Underlining the need for a comprehensive cyber law, he added that computer abuse can also be resorted to for cyber-terrorism.

In order to evolve effective safeguards against the menace of computer crimes, other experts various investigative agencies, including the Federal Bureau of Investigation (FBI) and Interpol, today sought specific and comprehensive cyber laws to cover all acts of computer criminals and proactive mechanisms for tackling such offences.

``It is not only difficult to detect computer crimes but also to book criminals since the laws have not kept pace with technology,'' Reserve Bank of India Deputy Governor S.P. Talwar said.

Stressing the need for effective security features while undertaking computerization, he said ``It is often difficult to attribute guilt using the existing statutes since the act of trespassing into a system and tampering with virtual data may not necessarily be specifically provided for in law.''
In his address, CBI Director R.K. Raghavan said the government is aware of the need for legislation in this new area of information technology and accordingly, the Department of Electronics (DoE) in consultation with other expert agencies has already drafted laws relating to this area. Realizing the threat from computer crimes, the CBI has taken a ``proactive'' lead in preparing itself to face the challenge by setting up a special Cyber Crime Unit, he said.

The RBI was also associated with the efforts of the ministries of Finance, Commerce and Law in the enactment of laws such as the Information Technology Act and the Cyber Law, Talwar said.

At the same time, he added that unless development of security features were also atteneded to at the same level of efficiency and equal speed, banks would be left with ``beautiful software systems for public glare and access, but totally unguarded and gullible against waiting information poachers''.

Offensive SMS can lead to 2 years in jail

With mobile phones and prepaid cell phones virtually taking over the role of a personal computer, the proposed amendments to the Information Technology Act, 2006, have made it clear that transmission of any text, audio or video that is offensive or has a menacing character can land a cellphone user in jail for two years. The punishment will also be attracted if the content is false and has been transmitted for the purpose of causing annoyance, inconvenience, danger or insult.

And if the cellphone is used to cheat someone through personation, the miscreant can be punished with an imprisonment for five years.

The need to define communication device under the proposed amendments became imperative as the current law is quiet on what kind of devices can be included under this category. The amended IT Act has clarified that a cellphone or a personal digital assistance can be termed as a communication device and action can be initiated accordingly. Accentuated by various scandals that hit the country during the past two years, including the arrest of the CEO of a well-known portal, the government has also introduced new cyber crimes under the proposed law. The amended Act, which was placed before the Lok Sabha during the recently concluded winter session, has excluded the liability of a network service provider with regard to a third party’s action. However, it has made cyber stalking, cyber defamation and cyber nuisance an offence. Anybody found indulging in all these offences can be imprisoned for two years.

The proposed changes have also sought amendments in the form of insertions in the Indian Penal Code, thereby declaring identity theft an offence. If a person cheats by using electronic signature, password or any other unique identification feature of any other person, he shall be punished with imprisonment for two years and also liable to fine.

Asking for an insertion in the Indian Penal Code as Section 502A of the law, the proposed amendments have said that whoever intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent, shall be punished with two years of imprisonment and fine of Rs 2 lakh. The private parts can be either naked or undergarment clad public areas.

Making the law more technologically neutral, the amended provisions have included authentication of electronic record by any electronic technique. At the moment, electronic records can be authenticated by just digital signatures, the public key infrastructure technology (PKI).

With the new provisions, however, biometric factors like thumb impression or retina of an eye shall be included as techniques for authentication.

Even as the law makers have tried to cover up for the lapses of the current IT Act, they seem to have made it liberal by way of reducing the punishment from three years to two years. With these changes, a cyber criminal will now be entitled to bail as a matter of right, as and when he gets arrested.

Source: http://www.indianexpress.com/
More