In a remote corner of a dimly lit lower Manhattan government building, analysts at high-tech workstations spend their days scouring smartphones, iPads and laptops for evidence of criminal activity.

The lab is part of an effort to combat cybercrime by Manhattan District Attorney Cyrus R. Vance, one of a growing number of local officials across the country trying to keep pace with criminals who are increasingly turning to lucrative computer fraud schemes that carry less risk of violence and arrest."Cybercrime is just, put simply, among the most prevalent crimes that are confronting the office," Mr. Vance said. "Our interface as state prosecutors with a broader array of criminal actors gives us an opportunity to make headway in this area, and gives us a broader scope of the problem than federal prosecutors."

Mr. Vance created the unit in 2010 in an expansion of an existing identity-theft division. It gives the prosecutor's office direct control over such probes instead of depending on the New York Police Department or federal investigators.

The cyber team has worked on large conspiracies to loot bank accounts and defraud credit-card companies. Its analysts have helped the district attorney's office bring charges against a total of more than 170 people accused in three different high-tech crime rings. Defendants have been accused of using insiders to steal identities at Audi dealerships, the United Jewish Appeal and a real-estate firm, employing waiters to skim credit-card information at steakhouses, and exploiting a loophole in bank policies to cash bad checks.

The unit has also lent a high-tech hand to more bread-and-butter criminal investigations. There was Justin Waller, the man who killed his roommate last year and left behind a telling query in his Google cache: "How long does it take for a dead body to smell?" Mr. Waller pleaded guilty to murder this year and was sentenced to 23 years in prison. And there was the child-porn user who downloaded images on a neighbor's wireless network, throwing investigators off his trail until he made a mistake and found detectives at his door.

Cyber probes have long been conducted by the Federal Bureau of Investigation, the Secret Service, or large metropolitan police departments. But experts say it is increasingly crucial for prosecutors to be involved, given the explosion of data in people's everyday lives.

"There are devices you can search which often contain a treasure trove of information," said Ed Stroz, a former FBI agent and now co-president of Stroz Friedberg LLC, a private consulting and investigations firm. "Ten years ago, nobody walked around with a desktop computer. Now many, many people walk around carrying an iPad or a Zoom or a Nook or an Android."

Federal agents have begun coordinating with local agencies, teaching them how to handle cellphones and other technological evidence so that it is not contaminated for court. The Secret Service presides over a network of electronic crimes task forces across the country. The FBI this month opened its 16th Regional Computer Forensics Laboratory, at the University of New Mexico, with a "cell phone investigative kiosk," and a "loose media kiosk" to review evidence on USB drives and discs.

Marcus Asner, a former federal prosecutor in Manhattan, said cyber enforcement needs both an agency with greater international reach and a more local "highway patrol" that can give out "speeding tickets" for lesser offenders.

"Right now there's still a real Wild West side of this," said Mr. Asner, now a defense lawyer at Arnold & Porter LLP. "You'll see more and more D.A.'s getting into the picture. You can't really just rely on the feds going out and cherry-picking 10 or 15 high-profile cases. You need the low-lying fruit, and that's where the D.A.'s offices are going to have to pick up the slack."

The Manhattan unit is run by David Szuchman, a lawyer who has worked in high-level posts for former governors Jon Corzine of New Jersey and Eliot Spitzer of New York. The bureau, which focuses mainly on cyber fraud, computer hacking and child exploitation, has 10 full-time prosecutors and four prosecutors who spend 80% of their time on cyber crime, six cyber-crime case analysts, and another six forensic analysts in the lab.

The forensic analysts work in a series of former storage rooms in a state building on Hogan Place that is also home to New York City's marriage bureau. They log new evidence, process it at workstations with powerful computers and map cellphone tower data for suspects' phones. Investigators troll the Internet documenting evidence of child pornography and searching for its sources.

The unit also includes a "cyber academy" with courses certified by the National White Collar Crime Center, overseen by Richard Brittson, a former housing cop and homicide detective turned technology crime guru. The courses are federally funded and offered to officers from area law enforcement agencies. Mr. Brittson is also the office's chief cybercrime investigator.

Steven Bellovin, a Columbia University computer-science professor and an expert in Internet security, said prosecutors have to be cautious to ensure that they've found not just the guilty computer, but the guilty person, a nuance that has sometimes resulted in false arrests because criminals hack into others' systems.

In one case, Mr. Vance's was investigating child porn and focused on a man whose wireless network had been used to download images. But his computer, to detectives' surprise, was clean. His network had been commandeered by a neighbor, who was arrested later when he downloaded images over his own network.

"One of the biggest things that we teach and that we look for in these cases," Mr. Szuchman said, "is putting the individual behind the computer."

Read the rest of this entry »

Another education-altering bill could go before the house in the next few weeks. Senate Bill 619, which lifts the cap on cyber schools in the state and changes requirements of the schools, is expected to head out of the House education committee in the next few weeks, Sen. Phil Pavlov, R-St. Clair Township said. The bill sponsored by Sen. Patrick Colbeck, R-Canton, passed the Senate on Oct. 27.

Those who back the bill believe it offers more options to students, as well as ties in strong use of technology. Those against it say the schools lack accountability and oversight and question the funding method.

There are two cyber schools in the state with an enrollment of 400 students each. Should the bill pass, the cap on the number of schools would be lifted, and the 400 student enrollment cap would be increased to 1,000.

Read the rest of this entry »

Violence has ramped up in several parts of Syria claiming the lives of many people, as the Arab League (AL) observers started their work on Tuesday as part of AL' s efforts to end the bloodshed in Syria.

About six Syrian workers were killed when their bus was blown up by two explosive devices that went off on the highway that connects coastal Latakia province with northern Aleppo city, state- run SANA news agency reported.

SANA said the explosives were planted by "terrorists," adding that the victims had been working at a textile factory and were riding in a bus back to their homes when the explosion occurred.

The explosions created two craters, each one meter in diameter, and caused considerable damage to the bus, said SANA, adding the bodies of the dead workers along with the injured ones were transported to the National Hospital in northern Idlib province.

In a separate incident Tuesday morning, Syrian authorities clashed with an "armed group" along the Turkish border and killed a number of its members. The group was trying to facilitate the infiltration of some gunmen from the Turkish territory into Syria, it said.

A military source was quoted as saying that Syrian forces killed and wounded an unidentified number of gunmen, and seized a large quantity of weapons and ammunition. Other members of the group fled towards Turkish territories, the report said.

In restive Homs province in central Syria, a gas pipeline was targeted in early hours Tuesday by an explosive device planted by "terrorist groups", SANA reported. The pipeline was hit at 01:45 a.m. local time in the north of al-Ashrafiya village, said the report, adding that the pipeline carries gas from al-Rayan field in eastern Homs to power stations in the central province of Hama.

It noted that the pipeline remained ablaze for three hours and that firefighters were unable to reach the area. This is the third attack on oil and gas pipelines in the country. On Dec. 13, Syria said gunmen blew up a gas pipeline in Homs, causing minor damage. A week earlier, another oil pipeline in Homs was targeted. No injuries were reported in both attacks.

At least four pipelines have been targeted since the eruption of unrest in Syria in mid-March. Syria held what it called " saboteurs" responsible for the attacks. In July, fire damaged a natural gas pipeline in Deir el-Zour. Another oil pipeline was blasted in Talkhalakh area in Homs on July 29.

In yet a murky awkward incident, a medical engineering student opened fire at his colleague during mid-term exam Tuesday, killing a student and wounding three others, one is in critical condition, said SANA, adding that the perpetrator fled the scene and Syrian authorities are still hunting him. The student's motives are still unknown.

Meanwhile, according to the Cairo-based AL operation room, the first batch of AL observers, led by Sudanese General Mohammed Ahmed Mostafa al- Dabi, arrived in the restive Syrian city of Homs earlier in the day and already started their job.

Given the sensitivity of the issue, AL chief Nabil al-Arabi Tuesday urged media outlets to be very accurate while reporting the observers' mission, adding that media outlets should broadcast true stories, according to official news agency MENA. Besides, Syria's SANA said the observers had met with Ghassan Abdul-Al, the governor of Homs, along with some residents of the restive province.

It said the group went to Bab Amro, a hotbed of armed clashes with the government forces, in addition to other areas there. According to SANA, some of the group's members headed back to Damascus while the others remained in Homs. It spelled no further details.

The monitoring mission is to ensure the Syrian government abides by its commitment to end its crackdown on protesters under the peace plan. The AL peace plan requires the government to remove its security forces and heavy weapons from urban streets, start talks with opposition leaders and allow human rights workers and journalists into the country.

Qadri Jamil, the leader of the newly-formed "the Popular Will Party," a gathering of communist and leftist activists, told Xinhua in a recent interview that the presence of Arab observers would help to rein in violent acts in Syria, adding that his party strongly supports the Arab League initiative to end the 10-month- old crisis in the country.

"If the observers are neutral, they would help the Syrian people ... Otherwise, they could further complicate the situation, " he said. Syria signed the AL observer protocol on Dec. 19 in the Egyptian capital of Cairo after the AL threatened to submit the issue to the United Nations Security Council.

The Syrian government said last week that a total of 2,000 army and security personnel were killed during the nine-month-old unrest. However, the United Nations said more than 5,000 Syrians have been killed.

In the meantime, the Local Coordination committees, an activist network, said as many as 26 people were killed across Syria mostly in Homs. Their report, however, couldn't be independently verified.

Opposition activists have repeatedly accused the Syrian government of violently repressing anti-government protests, but the government denied the accusation, blaming the unrest on armed groups and a "foreign conspiracy".

Read the rest of this entry »

AUSTIN, Texas (AP) — A Texas man who spent more than a decade dealing with cybercrime at banks is now among the apparent victims of a hacking attack against a security contractor based in Texas. Hackers with the loosely-affiliated group known as "Anonymous" say they stole emails and credit card data from the company, Stratfor, and that it's the start of a week-long assault on a long list of targets -- inspired by Christmas.

One hacker says the plan is to use the credit card data to steal a million dollars, and give the money away as Christmas donations. Images posted online claimed to show the receipts for the donations. Allen Barr of Austin -- who recently retired from the Texas Department of Banking -- says he discovered Friday that a total of $700 had been spent from his account. He says five transactions were made, with the money going to charities including the Red Cross, CARE and Save the Children. The hackers also posted a link on Twitter to a site containing the email, phone number and credit number of a U.S. Homeland Security employee.

Read the rest of this entry »

The main risk identified arises due to the speed of the NBN. In a May 31, 2011 article in The Australian Financial Review, NSW Police Computer Crime’s Detective Inspector Bruce van der Graaf is quoted saying that “the speed will make it easier to get botnet infections...make infecting quicker and will create more victims”.

That is to say, with a faster network, existing cyber threats become more efficient.  In particular, distributed denial of service (DDoS) attacks (which rely on multiple infected computers to hit a targeted website to cause it to crash) become more effective when transmitted over a faster network.  A faster network also increases the efficiency of data theft.

Speed is not the only factor, however.  Having higher bandwidth leads to qualitative changes in the behaviour of internet users.  As greater functionality becomes available, greater reliance is placed on online applications for everyday tasks.  Increasingly, individual households use multiple computing devices, and ‘smart’ devices (fridges, televisions, even vending machines) embedded with internet connectivity are becoming increasingly common.
 
Greater reliance on the internet then leads to increasing numbers of devices being left connected to the network.  US hardware manufacturer Cisco has predicted that by 2015 there will be 25 billion devices connected to the internet, and 50 billion by 2020.

This explosion of connected devices (and connection time) creates increased opportunities to exploit security weaknesses and probe for data. The cyber attacks earlier in 2011 on Sony’s PlayStation network are a prime example of how ‘always on’ networks that incorporate large databases can increase security risks. It was reported that hackers managed to obtain access to Sony’s customer database, which holds customer names, birth dates, passwords and credit card details.  The database contained details of approximately 77 million subscribers, including 700,000 in Australia.
 
The increasing reliance of people around the world on that network, and demands for it to be available 24 hours a day, made it a particularly appealing target for hackers.  In the future, networks related to data-intensive services including e-health, rewards schemes, banking, shopping and social networks will be similarly attractive.  The emergence of cloud computing and similar “as-a-service” models also presents security risks as volumes of data are held in shared databases that must be available (often via public internet) 24 hours a day.

The risks of cyber crime are different for consumer customers, business customers and service providers. For consumers, the security of personal information becomes an increasingly important issue.

Legislation is part of the response: for instance, the proposed Australian Privacy Principles include an obligation on service providers to take reasonable steps to protect information from misuse, interference and loss, and unauthorised access, modification or disclosure. Australian ISPs are also taking steps to assist consumers with the risks of cyber crime.

For business customers, the risk is to their customers’ personal information, as well as their own sensitive and confidential information.  For these customers, the most important protection comes from choosing a service provider who employs proper technical protections, and negotiating a complementary contract that implements appropriate allocations of technical responsibility, legal responsibility and price signals.
 
For service providers, as well as compliance with relevant legislation and obligations of confidence, it will be a matter of corporate reputation to provide demonstrable security protection. Those already using cloud computing services will no doubt be familiar with negotiating these risks.  As the NBN is built, these issues will become more common.
 
In the NBN supply chain, NBN Co’s special access undertaking and Wholesale Broadband Agreement will establish its standard position, and the non-discrimination obligations and obligation to publicise variations from its standard positions mean NBN Co is unlikely to negotiate bespoke risk positions with each customer.
 
Therefore, providers in the higher layers of the supply chain will feel the need most acutely to identify, address and price these risks. By seeking the appropriate legal advice, the proper protections can be put in place against the threat of cyber crime.

Read the rest of this entry »

Violent unrest by young Egyptians seeking a quick end to army rule could lead to a presidential election being held before mid-2012, as now planned, but even then the military is still expected to wield powerful influence over the nation.

Feeling angry and disenfranchised, secularist and largely unorganized protesters have skirmished for a week in Cairo’s central Tahrir Square with soldiers who have beaten men and women to the ground and fired shots to disperse crowds.

The flare-up, an escalation of clashes going on since mid-November, has brought to the fore a dissident hard core keen to fight security forces even though the wider public has tired of destabilizing, economically damaging unrest and prefer a focus on the process of democratic institution-building.

Largely limited to Tahrir, the disturbances are unlikely to prevent the scheduled completion of a staggered parliamentary election early next month, the first since a popular revolt overthrew longtime autocrat Hosni Mubarak in February.

But the army’s use of deadly force against recent protesters has appalled many Egyptians for whom the military hitherto was the country’s sole institution above reproach, especially after it declined to stamp out the unrest that drove out Mubarak.

Many Egyptians including politicians are now calling for the ruling military council to hold presidential elections - now set for June 2012 - soon after parliament convenes later in January. “When we swept Tahrir clean in February we erased the blood of the martyrs and buried the revolution when it was born. Our demands have not been met ... Violence is the only way to put the revolution back on track,” said protester Mustafa Ayman.

Yet an earlier presidential election would not necessarily eliminate the military’s predominance in a new civilian-governed state, the goal of protesters, because all the viable candidates will have to have good relations with the generals.

“Political forces and Egyptians angered by the mayhem have called for early presidential elections but that will not neutralize the army,” said political analyst Mohamed Soufar. “At this stage, and in a country run by an unannounced military dictatorship, any president will need the backing of the army to manage the affairs of the state,” Soufar said.

Army grip
A source close to the army told Reuters a popular mandate would not be enough to support Egypt’s next president because it would also need the backing of the military elite. “This is a transitional period where one party hands power to another. A deal must be struck. This is politics,” the source said. This would also mean the army maintaining its economic privileges with enough autonomy to run its business empire.

The military’s importance to the economy and more broadly Egyptian stability is underscored by activities such as its road-building and recent loan to the central bank of $1 billion to ease a shortage of foreign reserves.

In 2008, the army alleviated a national bread crisis by having conscripts step up production in army bakeries. “We want to reclaim the republic from army rule. But first the army will need certain guarantees to cede power, such as safeguarding its economic holdings and immunity from being held accountable,” said Soufar.

Egypt has been run by strongmen from the military since 1952, when army officers staged a coup, ousting the king. It is also revered for its surprise war with Israel in 1973. Should presidential elections be held earlier than expected only a few candidates may be able to mount a serious bid. One of them is former Arab League chief Amr Moussa, who opinion polls and analysts suggest has emerged as the front-runner for Mubarak's old position. He has been a popular Egyptian foreign minister and is a well-known public face.

Moussa, 74, may be seen as a bridge between the old order and voters seeking stability in the new civilian state. Analysts say his ties to the military make him a favorite of the generals looking for security before formally quitting power.

Moussa backs calls to move up the presidential vote, saying Egypt is undergoing a crisis requiring a swift transfer of power to an elected head of state. But Hassan Nafaa, a professor and anti-Mubarak activist, said holding a presidential election before parliament has passed a new constitution would risk endowing the new president with the same unlimited powers that Mubarak wielded.

“This would open the door to a tug of war between the new president, government and parliament who would fight over limiting powers he already has,” Nafaa said.

Former United Nations diplomat Mohamed ElBaradei is another putative candidate respected among democracy campaigners and internationally but seen by ordinary Egyptians to be out of touch, having spent much of his career abroad. Polls have suggested he may not have a very broad base of support.

But his diplomatic pedigree, especially in dealings with the United States, makes ElBaradei a more independent candidate than Moussa or others who were prominent in the old regime.

“ElBaradei as president would be a real challenge to the army because he has good relations with the U.S. and can actually marginalize the army’s diplomatic role,” Soufar said.

Violent fringe
In contrast with the peaceful protests that united Egyptians across the spectrum to eject Mubarak, the youth in Tahrir now use catapults and sharp projectiles to confront security forces, saying conflict with the authorities is necessary.

“There is no such thing as peaceful revolution with a transitional period led by the army, the institution in control of the country since 1952. Who are we kidding?” said Ayman, who preferred not to use his real name.

He is among many leftist-leaning young people who see more value in being a pressure group than entering politics. “Two parties have ruined this revolution: the army and the Brotherhood,” he said, adding it was clear the army and Islamists, who look set to dominate parliament, collaborate to reach a balance of power in the new civilian state.

In a statement entitled “Either us or you” which circulated during clashes last Tuesday, the youth called for a second revolution against the military council. “You are our target, quite frankly,” read the statement, demanding that army generals submit power to a transitional council. Known as the “Ultras of Tahrir,” the youth warned against political groups colluding with the army.

“We oppose the former regime which remains in power. We oppose those who insult the revolution and its martyrs, and those who use religion to ride onto the revolution.”

‘Invisible hands’
A general from the military council said the clashes were proof of “systematic violence” perpetrated by “invisible hands,” a term for those who derail reform to maintain their interests.

But some have questioned whether the military council itself was an active agent in stirring violence or allowing it to persist as a means of splintering the pro-democracy movement to prevent mass protests of the scale that toppled Mubarak.

“The military council has a difficult balance of power to maintain. It utilizes bouts of controlled violence to divide the opposition. Yet it must not go too far or it risks uniting the opposition against it,” said Soufar.

“It’s like a game of chess.”The army vehemently dismisses accusations that it wants to hang on to power or that it is acting insincerely. It insists it will stick to its plan to see through a democratic transition.

Read the rest of this entry »

KATHMANDU: With the number of people having access to the internet and mobile phones increasing by the day, police have recorded a rise in the number of cases where individuals have used technology to harass and blackmail others.

Police have not been able to stem the prevalence of such crimes although it has take action against those found guilty in those cases, officials said. According to police, compared to last year, twice the number of cyber crime cases have been reported in the Valley this year. While, a total of 25 such cases were registered with police in 2010, 50 cases have been recorded in 2011.

“We are getting complaints of e-mail threats, Facebook deceptions, e-mail password hacking, phishing and SMS threats. However, we believe that many cases go unreported due to fear of reprisals and social stigma,” an investigating official said, adding that cyber crime cases it received have been settled and the guilty punished.

Two persons accused of committing cyber crimes were sent to judicial custody to proceed with further investigation, said police. Tapta Kumar Shrestha of Kathmandu and Shyam Prasad Timilsina of Kavre were arrested on charge of posting lewd pictures and messages on Facebook by creating fake accounts of their ‘estranged girl friends’.

Two others — Pradeep KC of Gulmi and Tej Prakriti Joshi of Mahendranagar — have been released on bail as per the Electronic Transaction Act. Two Britons, Naigel John Pogmar and Jegi Garon, also are facing charges under the laws.

DIG Binod Singh, spokesperson for Nepal Police, called on internet users to be more cautious about privacy and safety before accepting friendship offers and reacting to messages from unknown persons. “The Computer Directorate at NP Headquarters is working with ICT Cell at Metropolitan Police Commissioner’s Office and Metropolitan Police Crime Division to fight cyber crime,” he informed.

Read the rest of this entry »

Bucharest - On computer screens and on the ground, Romanian and American FBI agents stalk cyber criminals, trying to beat them at their own game as fraud originating in Romania has risen dramatically.

"Cyber crime has highly specialised and extremely dynamic networks," an expert at the Romanian Intelligence Service (SRI) told AFP on condition of anonymity.

"Cutting one of its arms does not help, it will grow back in no time.""The challenge is to understand what the criminals have done in order to be able to predict their next move," he added. "We must put ourselves in their shoes."The number of cases, scammers and victims has increased steadily over the last few years, forcing law enforcement authorities to match the criminals' ever more sophisticated methods, he stressed.

Cyber crime evolving

Experts say cyber crime has found fertile ground in Romania, where schools provide high-level IT training. But harsh economic conditions make it difficult for graduates to find jobs, making them easy prey for crime rings seeking recruits.

"Cyber crime is evolving fast and we must keep abreast of the latest developments," Virgil Spiridon, head of the Romanian police department specialising in computer fraud, told AFP.

While the most widespread Internet crime, auction fraud, does not need computer whizzes, "other scams such as phishing and skimming show that criminals are becoming ever more skilled", he added.

More than 80% of online fraud originating from this country targets US nationals and companies, according to the Romanian police. Americans lose around $1bn in cyber crime with links to Romania, said US Ambassador Mark Gitenstein.

This has prompted collaboration, with Romanian cyber cops and FBI agents working closely together since the early 2000 to stave off fraud. Their action was praised by FBI director Robert Mueller during a visit to Bucharest last week.

Joint operation

"Romania has organised crime syndicates that specialise in exfiltrating, laundering and co-ordinating the anonymous movement of money around the globe," the FBI office at the US embassy in Bucharest told AFP. A joint operation which led to the arrest of 90 people in Romania and 22 in the US last July was one of the biggest international cyber crime enforcement actions in history, the FBI office here said.

Last weekend, three fraudsters who had hacked into the bank accounts of American and Italian nationals were arrested in north-eastern Romania when they tried to withdraw nearly $1m, illegally transferred to their own accounts. In 2010, a total of 828 cyber crime cases were sent to court. In the first 10 months of 2011, 768 cases were registered, police figures show.

Obstacles

But many obstacles linger. Among them, the transnational nature of online crime, which makes it harder to monitor suspects and gather evidence. Another difficulty: incomplete or outdated legislation, which does not address the tremendous risks posed by cyber crime.

Quite often, criminals get minimum or suspended sentences. Last month, a Romanian hacker accused of causing eBay millions of dollars in losses by illegally accessing its email accounts was given a three-year suspended sentence by a Bucharest court.

Investigators who had worked hard for months in order to nail the suspect did not conceal their disappointment. "Such lenient sentences are definitely not going to dissuade hackers," one of them said, on condition of anonymity. "We sometimes arrest the same scammer two or three times. If the sentence had been harsher he would have probably thought twice before relapsing into crime," Spiridon said.

The FBI office also stressed that "trials are drawn out and take at least several years to conclude or obtain a conviction". "Sentences tend to be low or dismissed altogether while criminals often find ways to keep the proceeds of their illegal activities," it said.

'Scammers find fresh ways'

The SRI expert said that there was more than just imperfect legislation to blame for this and pointed to "the interference of organised crime with the judiciary".

He also warned against the risk of seeing criminals outdistance law enforcement if efforts were not stepped up. "While authorities move to regulate cyberspace in order to prevent crime, scammers find fresh ways to circumvent the barriers," he said.

Read the rest of this entry »

Cybercrime is a big threat to India’s online population, which loses billions to Internet fraud every year, but when it comes to reporting such cases, very few seem to come forward, if government records are anything to go by. The police have recorded only 3,038 cases and made fewer arrests (2,700) between 2007 and 2010, under both the Information Technology (IT) Act as well as the Indian Penal Code (IPC).

And only three convictions have taken place, according to lawyers.
Going by the latest available figures from the National Crime Records Bureau (NCRB), 966 cybercrime cases were filed under the IT Act, 2000, in 2010 and 420 in 2009. Of these, 153 cases were reported from Karnataka, followed by Kerala (148), Maharashtra (142), Andhra Pradesh (105), Rajasthan and Punjab (52 each). About one-third of the cases registered were related to hacking and 233 persons were arrested in 2010.

Under the IPC, 356 cybercrime cases were registered in 2010 and 276 cases in 2009. Maharashtra reported the maximum number of such cases (104), followed by Andhra Pradesh (66) and Chhattisgarh (46). A majority of these crimes were either forgery or fraud cases. Although such offences fall under traditional IPC crimes, they had “cyber-overtones”, according to NCRB.

“These numbers give us a false sense of security,” said cyber law expert and Supreme Court lawyer Pavan Duggal. “They fall way short of the reality. For every 500 cybercrimes that take place, only 50 are reported to the police and just one gets registered as an FIR (first information report),” Duggal said.

Another cyber law expert Na Vijayashankar, who runs cyber law information portal Naavi, also said the number of registered cases appears to be very low. “There’s no organized method of collecting information from states, because of which these numbers do not reflect reality,” he pointed out.

According to Duggal, the police continue to register some cybercrime cases under the IPC Act (and not the IT Act) since they’re more familiar with the IPC. “There have been only three reported cybercrime convictions till date—two under the IT Act in Chennai and one under IPC in Delhi,” he added.

“It is laughable that in 2010, India registered only 1,350 cases under the IT Act and IPC. It either shows that we are the most secure country in cyberspace, which is not true, or we do not take virtual crime seriously and thus do not file cases. We are sitting on a time bomb waiting to explode,” said Vijay Mukhi, a Mumbai-based freelance consultant who writes on Internet security.

The official cybercrime numbers also do not match the findings of security reports. For instance, the Norton Cybercrime Report 2011, released in September by research firm Symantec Corp., estimated that nearly 30 million people were victims of cybercrime in 2010, suffering $4 billion in direct financial losses and an additional $3.6 billion in time spent resolving the crime.

In India, four in five online adults have been a victim of cybercrime, according to the report. RSA, the security division of EMC Corp., which released its findings on phishing attacks this month, estimated that Indian corporations lost $27.8 million in the first half of 2011. Phishing refers to attempts made to acquire information such as user names, passwords and credit card details by pretending to be a trustworthy entity.

The RSA report also ranked India as the third-most targeted country for phishing attacks after the US and the UK. The NCRB statistics not only fly in the face of numbers from security vendors, but also from those retrieved from the Cert-In (Indian Computer Emergency Response Team) 2010 annual report. Under the IT (Amendment) Act, 2008, Cert-In is designated to serve as the national agency in the area of cyber security.

Statistics retrieved from Cert-In reveal that it tracked around 6.9 million bot-infected systems and 14,348 website defacements in India in 2010. It reported that around 6,850 .in and 4,150 .com domains were defaced during January-September 2011.

On 9 December, hackers broke into the official website of India’s ruling Congress party and defaced the profile page of party president Sonia Gandhi with a pornographic message, according to an AFP report.

Experts such as Mukhi, Duggal and Vijayashankar, however, admit they have no way of corroborating how groups such as Norton publish the statistics as India has no “reliable” published data on cybercrime.

Symantec researchers maintain that credit cards and bank account credentials continue to be the top two advertised items on the black market. In the underground economy, bidding for credit card information starts at Rs. 13 and that for bank account information at Rs. 450, according to Symantec.And the average cost to resolve a data breach in 2010 was $7.2 million, according to Symantec researchers.

Cybercrime cover

The threat is set to increase. Research firm KPMG’s e-Crime Report 2011 cautions that the “the future of targeted malware delivery is also inextricably linked to social networking”. Yet, just one company, Tata AIG General Insurance Co. Ltd, offers cybercrime insurance in India. It has been doing so for more than a year and has a portfolio of at least Rs. 10 crore.

HDFC ERGO General Insurance Co. Ltd is hopeful of getting its product approved in a few months. Tata AIG has around 50 policies in their portfolio and expects to add more customers. “With the pervasive and increasing use of networked computers to run business, cyber risks are growing exponentially. As businesses take to this insurance, either proactively or reactively, the market is expect to grow in line with the risk,” Gaurav D. Garg, chief executive officer (CEO) and managing director of Tata AIG, said in an email response. The claims have been “far and few”, but Garg would not put a number to it, pleading confidentiality.

Cyber liability insurance addresses first- and third-party risks associated with e-business, the Internet, networks and informational assets. “The market is at a very nascent stage and we believe a right product will find takers as awareness of cybercrime insurance grows,” said Ritesh Kumar, managing director and CEO of HDFC ERGO.

According to him, the product that the company has filed with the regulator will cover first-party losses and third-party legal liabilities. Experts say it will take a while for Indian firms to freely register cybercrime cases for fear of their image suffering.

Read the rest of this entry »

While saying the level of preparation of the Portuguese authorities is good, “the question is always political when attributing the appropriate level of means (…) to win in the future and win the battle,” said Mrs. Morgado. The criminal investigation department director was speaking at a week-long training session run by the United States Immigration Customs Enforcement - Homeland Security attended by representatives from across Portugal’s security forces.

Terming the initiative “unprecedented” and highlighting the essential need for international cooperation in order to combat cybercrime, Mrs. Morgado defined the online threat as “the new and major wave of criminality such as money laundering, child pornography and fraud (…) that had to be combated in real time.”“Cyberspace is not a lawless environment,” Mrs. Morgado concluded.

Read the rest of this entry »