X - Cyber crimes – issues, problems and perspectives

Defining and Publicizing the Problem

• Articulate the seriousness of various forms of cyber crime, both in the public mind and in the criminal law, so that the harmful impact of computer and Internet abuse is clear.
• Partner in society-wide efforts to develop a body of ethics around computer and Internet use to be incorporated into education and workplace management.
• Share information with system owners on ways to prevent cyber crime, including protection against invaders.

Increasing Resources to Fight Cyber Crime 

• Assign top government priority to the prevention and prosecution of cyber crime and increase budgets devoted to the issue.
• Increase the number of graduates with expertise in computer and Internet security by developing security curriculums in universities and providing adequate budgets to fund teaching faculty.
• Upgrade skills of criminal-justice professionals by providing them with training in the detection, investigation and prosecution of cyber crime.
• Develop the knowledge base with regards to cyber crime through additional financial and human resources devoted to research in network security.
• Set up computer crime investigation squads staffed with professionals trained in investigating and tracking cyber criminals, and provide them with the advanced technology necessary to pursue their activities.
• Set up mechanisms to ensure efficient coordination, cooperation and information sharing among governments, law-enforcement agencies, and the private sector regarding attacks, threats, vulnerabilities and the development and application of solutions  

 Retooling the Criminal Law

• Update national and regional criminal-law regimes to include cyber crime.
• Ensure penalties available are appropriate to the crime.
• Recognize electronic information as an asset that is uniquely vulnerable.
• International Cooperation
• Develop international initiatives to trace the origins of viruses and other cyber crimes.
• Develop frameworks for allowing expeditious cross-border access to electronic data-storage banks in order to discover and secure evidence.
• Develop treaties and protocols for extradition and co-operative prosecution of perpetrators of cyber crime.
• Develop internationally accepted definitions of cyber crime and harmonize international laws.

As a conclusion it can be said that Information technology is an asset to the man kind and it is unfortunate that so many crimes are being committed with the help of this technology. It can be safely said that if all concerned that is the users, the companies and the government act in unison this sort of crime can be avoided. Cyber crime respects no borders and it is time that the world community and its leaders present a unified face and determination in solving this menace which if unchecked might endanger our planet.

IX - Cyber crimes – issues, problems and perspectives

At the same time, it is important to recognize that even with the development and adoption of inoculating tools, systems may still be vulnerable to attack.  As a result, law-enforcement agencies must be provided with the financial and human resources they need to effectively investigate, track and prosecute cyber offenders. Furthermore, governments must ensure that legal systems, including the courts, also appreciate the impact of cyber crime and are empowered to effectively deal with Internet-related offenses.  It is important that the sanctions imposed reflect the impact and importance of the offense, while at the same time are flexible and reflect the proper social context.  For minor offenses, jail terms and fines need not be the only form of retribution considered.  

A Shared Commitment:  A shared commitment is fundamental to controlling cyber crime.  All of society must work together to find solutions and identify ways of dealing with the threat of cyber crime. While the private sector can certainly maximize its efforts to improve network security and the justice and law enforcement systems can be empowered with effective means to investigate and prosecute attackers, neither can meet the challenge of cyber crime alone.

As indicated above, both the private and public sectors need to commit significant resources to develop the existing knowledge base on network security, through increased research funding and the training of new specialists in the field.  They also need to take part in open discussions on security failings and work together to devise responses to incidents and address the weak links in network defence.  A regular dialogue including government officials, law enforcement agencies along with creators and users of computer and Internet technologies would allow each to keep abreast of the latest information on threats, vulnerabilities and attacks and the measures developed to fight them. 

All ICT players should recognizes that there is a price to pay for security on the Internet.  Because secure networks also translate into more anonymity for criminals, less traceability of messages, difficulties in monitoring communications.  But, as we police and protect cyberspace, privacy is a value not to be lost.  We must work to ensure society can confront cyber crime without jeopardizing the very values that are fundamental to the continued development and growth of the Internet. 

IX. A possible strategy for action:

Concerted efforts are needed to meet the challenge of cyber crime.  Cooperation between the private and public sectors, both nationally and internationally, is essential to creating and protecting a secure international information community. All members should be prepared to take action in the following areas, in partnership with national governments and intergovernmental bodies

VIII - Cyber crimes – issues, problems and perspectives

Government action and international treaties aiming to harmonize laws and coordinate legal procedures are key in the fight against cyber crime, but warns that these should not be relied upon as the only instruments able to meet the challenge of combatting online offenders should be recognized. Cyber crime is a technology-created problem and it requires a healthy reliance on technology-based solutions.

VII. The Role of Industry

 The ICT (Information Computing and Technology) industry must be at the forefront of efforts to combat cyber crime.  It is at the leading edge of innovation, providing technology and solutions to fight cyber attacks, and has a unique role to play as a leader, advocate and partner^. 

All industry members should also be committed to participate in the development of codes of behaviour and ethics around computer and Internet use, and in campaigns for the need for ethical and responsible online behaviour.  Given the international reach of Internet crime, computer and Internet users around the world must be made aware of the need for high standards of conduct in cyberspace. 

Computer operators have an important role to play in protecting their systems against cyber attacks.  They have a duty to act responsibly, to assign top priority and adequate resources to systems defence, and to adopt available technologies and solutions to protect their systems against invasions.  As more and more attacks are perpetrated through the use of unwitting third-party systems, operators must make their own systems secure to ensure that they are not used as instruments in attacks on others.

The ICT industry can also play a key role in preventing cyber crime by making every effort to address weaknesses in network defences, to ensure that their products and services are secure, and by helping to raise awareness with regards to the importance of systems protection.  Just as automobile manufacturers provide maintenance instructions to ensure the safety of vehicles, ICT companies should provide their clients with the information they require to continually protect their systems and data. 

In addition, ICT companies should, when security vulnerabilities are reported with regards to particular technologies or online services, alert their customers and provide them with the patches required to remedy the problem.  It is believed that in the future, the ability to provide secure systems and transactions will represent a significant competitive advantage.  Success and growth in the new economy will accrue to those companies that are able to provide this assurance. 

VIII. The Role of Government

Various initiatives have been proposed by governments to protect data networks from intruders.  Among the options put forward has been the establishment of systems that monitor Internet traffic.  While these would certainly be effective at preventing some attacks and would undoubtedly increase the likelihood of identifying the source of intrusions, it is virtually impossible to police all of cyber space, and the risk to personal privacy is in any case too high. Maximum emphasis should instead be put on establishing effective protective measures.

VII - Cyber crimes – issues, problems and perspectives

Fighting cyber criminals is extremely costly and time consuming.  New technologies, new software and new hacking programs are continuously being developed, so keeping up with the ongoing innovations of the hacker underground requires significant resources.  Not only is research funding in the area of network security insufficient to allow for the knowledge-base to grow as much as it needs to, but there is also an insufficient number of individuals with the skills to develop new security tools and solutions.  Few colleges and universities provide in-depth training in computer security and those that provide the curriculum are forced to compete with the private sector for the services of qualified graduates.

Perhaps the most serious challenge faced by investigators is the difficulty of tracing the origin of attacks.  It is easy to maintain anonymity on the Internet and computer invaders are experts at camouflaging and falsifying their identity. And, as attacks are often perpetrated using several computers located in a number of different jurisdictions, tracking and pursuing offenders is a daunting task.  Because cyber crime often crosses geographic borders, governments are faced with the additional challenge of investigating attacks and pursuing perpetrators in jurisdictions where laws may not punish the attack with the same severity. 

Indeed, laws on cyber crime can vary widely from one jurisdiction to another.  Even in countries where the legal system recognizes cyber crime as an offence, penalties imposed can be uneven and may not serve as an effective deterrent.  As a result, some countries may well become “safe-havens” for offenses and export them around the world via the Internet. 

VI. Fighting cyber crime -  International Cooperation

Cyber crime respects no national boundaries. Infected programs originating in one country can target and paralyze systems all over the world.  Not surprisingly, initiatives for combating cyber crime rely largely on international treaties and conventions. 

All concerned should acknowledges the importance of international cooperation in the prevention, investigation and prosecution of cyber crime and it recognizes the need for harmonization of laws so that no country can become a safe haven for cyber criminals.  However, in a world where cyber viruses can be propagated worldwide in a matter of hours, the months and years required to draft, debate, adopt and implement international principles and action plans represent a significant impediment to effective action.  Cyberspace crime calls for a response mechanism which is just as swift and efficient at reaching its target as perpetrators are at reaching their own^. 

An additional concern is that countries, in their push to design solutions to the cyber crime issue, may well implement decisions and laws that could encroach on individuals’ rights to anonymity and privacy on the Internet.  More importantly, they may also criminalize the exchange of information, along with the research, testing and reverse engineering activities that are vital to the continued development of tools that detect security weaknesses and that inoculate against viruses and other cyber-attack programs.

VI - Cyber crimes – issues, problems and perspectives

Professional hackers (corporate espionage): The corporate world is heavily dependent upon computers for storing sensitive information. Rival organizations employ hackers to steal industrial secrets and other information that could be beneficial to them.

The temptation to use professional hackers for industrial espionage also stems from the fact that physical presence required to gain access to important documents is rendered needless if hacking can retrieve those.

IV. Continuing Problems

Even when the source(s) of the attack/s are traced there are many problems, which the victim may be faced with. He will need to inform all the involved organizations in control of the attacking computers and ask them to either clean the systems or shut them down. Across international boundaries this may prove to be a titanic task. The staff of the organization may not understand the language. They may not be present if the attack were to be launched during the night or during weekends. 

The computers that may have to be shut down may be vital for their processes and the staff may not have the authority to shut them down. The staff may not understand the attack, system administration, network topology, or any number of things that may delay or halt shutting down the attacking computer(s). Or, more simply, the organization may not have the desire to help.

If there are hundreds or even thousands of computers on the attack, with problems like the ones mentioned above, the victim may not be able to stop the attack for days by which time the damage would have been done. His servers would be completely incapacitated to administer to so many demands and consequently would crash.

These tools also provide another service by which the attacking computer can change its source address randomly thereby making it seem as if the attack is originating from many thousands of computers while in reality there may be only a few.

V. Need for a law to control cyber crime

• Cyber crime is transnational, and requires a transnational response.
• Cyber criminals exploit weaknesses in the laws and enforcement practices of States, exposing all other States to dangers that are beyond their capacity unilaterally or bilaterally to respond.
• The speed and technical complexity of cyber activities requires prearranged, agreed procedures for cooperation in investigating and responding to threats and attacks.

What needs to be done

• adopt laws making dangerous cyber activities criminal;
• enforce those laws or extradite criminals for prosecution by other States;
• cooperate in investigating criminal activities and in providing usable evidence for prosecutions; and
• participate in formulating and agree to adopt and implement standards and practices that enhance safety and security. 

V - Cyber crimes – issues, problems and perspectives

Computers store huge amounts of data in small spaces: Millions of pages of written matter can be stored in a single CD ROM. Stealing tonnes of printed information is exceedingly difficult, but walking out of a secure location with a CD ROM containing tonnes of information is much simpler.

Ease of access: A bank's vault, which usually contains lots of cash and is  well guarded from unauthorized persons. The vault itself is made of very strong materials, located in a reinforced room, guarded by gun toting security personnel. Trusted employees jealously guard the keys and / or access codes.

The bank's servers, on the other hand, which 'virtually' control hundreds of transactions  involving huge amounts of money are far easier to break into. The strongest of firewalls and biometric authentication systems have been cracked in the past and will probably continue to be cracked in the future.

A secretly implanted logic bomb, key loggers that can steal access codes, advanced voice recorders; retina imagers etc. that can fool biometric systems can be utilized to get past many a security system.

Complexity: Operating systems are composed of millions of lines of code and no single individual can claim to understand the security implications of every bit of these computer instructions.

Hackers easily exploit the numerous weaknesses in operating systems and security products. When one weakness is exposed and exploited openly by the 'black hat' community, the operating system manufacturer patches it up.

The hackers then find another weakness to exploit and the cycle goes on and on. It is far easier to find weaknesses in existing operating systems rather than designing and developing a secure operating system.

Human negligence: People who guard confidential papers with their lives would not think twice about using simple passwords. Most people don't realize the security implications and ramifications of not following the prescribed computer security policies.

III. Cyber Criminals – A Profile

Kids (age group 9-16): It seems really difficult to believe but it is true. Most amateur hackers and cyber criminals are young children. To them it is a matter of pride to have hacked into a computer system or a website. There is also that little issue of appearing really smart among friends. These young rebels may also commit cyber crimes without really knowing that they are doing anything illegal.

Organized hacktivists: Hacktivists are hackers with a particular (mostly political) motive. In other cases this reason can be social activism, religious activism, etc. The 2001 attacks on approximately 200 prominent Indian websites by a group of hackers known as Pakistani Cyber Warriors are an example of political hacktivists at work.

Disgruntled employees : One can hardly believe how spiteful displeased employees can become. Till now they had the option of going on strike against their bosses. Now, with the increase in dependence on computers and the automation of processes, it is easier for disgruntled employees to do more harm to their employers by committing computer related crimes, which can bring entire systems down.

IV - Cyber crimes – issues, problems and perspectives

9.2 Theft of information contained in electronic form:  This includes information stored in computer hard disks, removable storage media etc.

9.3 Data diddling:  This kind of an attack involves altering raw data just before it is processed by a computer and then changing it back after the processing is completed.

9.4 Salami attacks:  These attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a program, into the bank's servers, that deducts a small amount of money (say 50 cents  a month) from the account of every customer. No account holder will probably notice this unauthorized debit, but the bank employee will make a sizable amount of money every month.

9.5 Denial of Service attack:  This involves flooding a computer resource with more requests than it can handle. This causes the resource (e.g. a web server) to crash thereby denying authorized users the service offered by the resource. Another variation to a typical denial of service attack is known as a Distributed Denial of Service (DDoS) attack wherein the perpetrators are many and are geographically widespread. It is very difficult to control such attacks. The attack is initiated by sending excessive demands to the victim's computer(s), exceeding the limit that the victim's servers can support and making the servers crash. Denial-of-service attacks have had an impressive history having, in the past, brought down websites like Amazon, CNN, Yahoo and eBay!

9.6 Logic bombs:  These are event dependent programs. This implies that these programs are created to do something only when a certain event (known as a trigger event) occurs. E.g. even some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date (like the Chernobyl virus).

9.7 Internet time thefts:  This connotes the usage by an unauthorized person of the Internet hours paid for by another person.

9.9 Web jacking:  This occurs when someone forcefully takes control of a website (by cracking the password and later changing it). The actual owner of the website does not have any more control over what appears on that website.

9.10 Theft of computer system:  This type of offence involves the theft of a computer, some part(s) of a computer or a peripheral attached to the computer.

9.11 Physically damaging a computer system: This crime is committed by physically damaging a computer or its peripherals. 

II. Vulnerability of Computers 

Computers, despite being such high technology devices, are extremely vulnerable. In fact it may be easier to steal financial secrets from corporate computers than to steal "products from a shop”.  Let us examine the reasons for the vulnerability of computers.

III - Cyber crimes – issues, problems and perspectives

A simple way of achieving this would be to subscribe the victim’s email address to a large number of mailing lists. Mailing lists are special interest groups that share and exchange information on a common topic of interest with one another via email. Mailing lists are very popular and can generate a lot of daily email traffic - depending upon the mailing list. Some generate only a few messages per day others generate hundreds. If a person has been unknowingly subscribed to hundreds of mailing lists, his incoming email traffic will be too large and his service provider will probably delete his account.

The simplest email bomb is an ordinary email account. All that one has to do is compose a message, enter the email address of the victim multiple times in the “To” field, and press the “Send” button many times. Writing the email address 25 times and pressing the “Send” button just 50 times (it will take less than a minute) will send 1250 email messages to the victim! If a group of 10 people do this for an hour, the result would be 750,000 emails!

There are several hacking tools available to automate the process of email bombing. These tools send multiple emails from many different email servers, which makes it very difficult, for the victim to protect himself.

6.4 Threatening emails: Email is a useful tool for technology savvy criminals thanks to the relative anonymity offered by it. It becomes fairly easy for anyone with even a basic knowledge of computers to become a blackmailer by threatening someone via e-mail.

6.5 Defamatory emails: cyber-defamation or even cyber-slander could be attacking a person and trying to malign his/her name through the use of computers. In this type of attacks the perpetuators of the crime can remain anonymous. Cyber defamation can prove to be very harmful and even fatal to the people who have been made its victims^. 

7. Forgery:  Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using sophisticated computers, printers and scanners. These are made using computers, and high quality scanners and printers. In fact, this has becoming a booming business involving large amounts of money being given to student gangs in exchange for these bogus but authentic looking certificates.

8. Cyber stalking:  The Oxford dictionary defines stalking as "pursuing stealthily". Cyber stalking involves following a person's movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc.

9. Let us examine some of the acts wherein the computer is the target for an unlawful act. It may be noted that in these activities the computer may also be a tool. This kind of activity usually involves sophisticated crimes usually out of the purview of conventional criminal law. Some examples are:

9.1 Unauthorized access to computer systems or networks:  This activity is commonly referred to as hacking.

II - Cyber crimes – issues, problems and perspectives

6. Email related crime:  Email has fast emerged as the world’s most preferred form of communication. Billions of email messages traverse the globe daily. Like any other form of communication, email is also misused by criminal elements.

The ease, speed and relative anonymity of email has made it a powerful tool for criminals. Some of the major email related crimes are:

6.1 Email spoofing: Email spoofing is very often used to commit financial crimes. It becomes a simple thing not just to assume someone else’s identity but also to hide one’s own. The person committing the crime understands that there is very little chance of his actually being identified.

A spoofed email is one that appears to originate from one source but has actually emerged from another source. Email spoofing is usually done by falsifying the name and or email address of the originator of the email.  Email spoofing can be used to spread misinformation, and even to secure unauthorized access to computers.²

6.2 Spreading Trojans, viruses and worms: Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory.

The Love Bug virus, for instance, reached millions of computers within 36 hours of its release from the Philippines thanks to email. The VBS_LOVELETTER virus (better known as the Love Bug or the ILOVEYOU virus) was reportedly written by a Filipino undergraduate.  Losses incurred during this virus attack were pegged at US $ 10 billion. 

Hackers often bind Trojans, viruses, worms and other computer contaminants with e-greeting cards and then email them to unsuspecting persons. Such contaminants can also be bound with software that appears to be an anti-virus patch. E.g. a person receives an email from  information@mcaffee.com (this is a spoofed email but the victim does not know this). The email informs him that the attachment contained with the email is a security patch that must be downloaded to detect a certain new virus. Most unsuspecting users would succumb to such an email (if they are using a registered copy of the McAffee anti-virus software) and would download the attachment, which actually could be a Trojan or a virus itself!

6.3 Email bombing: Email bombing refers to sending a large amount of emails to the victim resulting in the victim’s email account (in case of an individual) or servers (in case of a company or an email service provider) crashing.

I - Cyber crimes – issues, problems and perspectives

Cyber crime is an evil having its origin in the growing dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to hospitals, oil refineries and nuclear power plants is being run on computers, cyber crime has assumed rather sinister implications.

The first recorded Cyber crime took place in the year 1820! That is not surprising considering the fact that the abacus, which is believed to have been the earliest form of a computer, has been around since 3500 B.C. in India, Japan and China.

In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber crime!

I. Definition and types of cyber crimes

At the onset, let us define "cyber crime" A simple yet sturdy definition of cyber crime would be "unlawful acts wherein the computer is either a tool or a target or both". 

Cyber crimes: Let us examine the acts wherein the computer is a tool for an unlawful act. This kind of activity usually involves a modification of a conventional crime by using computers. Some examples are:

1. Financial crimes:  This would include cheating, credit card frauds, money laundering etc. To cite a recent case, a website offered to sell mangoes at a throwaway price. Distrusting such a transaction, very few people responded to or supplied the website with their credit card numbers. These people were actually sent the mangoes. The word about this website now spread like wildfire. Thousands of people from all over the country responded and ordered mangoes by providing their credit card numbers. The owners of what was later proven to be a bogus website then fled taking the numerous credit card numbers and proceeded to spend huge amounts of money much to the chagrin of the card owners.

2. Cyber pornography:  This would include pornographic websites; pornographic magazines produced using computers (to publish and print the material) and the Internet (to download and transmit pornographic pictures, photos, writings etc).

3. Sale of illegal articles:  This would include sale of narcotics, weapons and wildlife etc., by posting information on websites, auction websites, and bulletin boards or simply by using email communication. E.g. many of the auction sites even in India are believed to be selling cocaine in the name of 'honey'.

4. Online gambling:  Many websites today offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering.

5. Intellectual Property crimes:  These include software piracy, copyright infringement, trademarks violations, theft of computer source code etc.

Cyber crimes (Part 2)

Many new types of duping with IT have come to the fore. One enterprising man hit upon a very simple idea and made a lot of money before the police come down upon him. His modus operandi was very simple. He would request his friend, a waiter in a famous five star hotel to note down the credit card numbers of the customers paying by credit cards. This man would later shop on-line (buying things on the net using the computers) and buy electronic items. The crime was very simple to commit because in on-line shopping only the credit card number has to be given and no signature is taken.

The Police officer who was speaking to the press later on cautioned the general public not to let the credit card number out of their sight when they are making payments. But what is the point of this exercise? Any how the establishment that has taken a credit card payment holds on to a copy of the bill and the bill has the number of the credit card.

The latest in the sordid tale of cyber crime has come to light recently. A credit card holder is usually allowed only a small percentage of value to be withdrawn in cash terms and a larger percentage of value is allowed in terms of credit. For e.g.: If the total limit is 3000 $ then 1,200 $ can be drawn as cash and goods worth 1,800 $ can be bought on credit terms. To avail the credit terms one has to buy he goods and later pay. The twist comes here. The credit card holder approaches a middleman who would do the following. He would approach a shop keeper who would bill the card holder 3000 $ but would not part with any goods.

In the above transaction the shop keeper gets 250 $ the middleman gets 250 $ and the credit card holder would get 2,500 $ when he is entitled to only 1,200 $. The whole problem with the credit cards is that people have found out indigenous ways of making the most of it. One interesting point is that whenever a credit card owner wants cash he would simply buy a train ticket let’s say of worth 500 $ and immediately cancel the same the next day. The railway department would deduct a nominal amount and the credit card owner would have hard cash of nearly 500 $ worth. It was only recently that the railway departments of many countries are issuing a credit slip and are not handing over cash in case of cancellation.

So the cyber thieves are alive and in many cases much smarter than the cops themselves. So what has to be done to limit (it can't totally be eradicated). Some of the possible solutions to this very worrying problem could be as follows;

- Educate the law enforcement officers with the latest in the IT and also with the latest types of cyber crimes and how these crimes are being tackled in the danced countries

- Introduce a separate subject called Cyber law or cyber crime and make it compulsory for all lawyers police officers, judges and the rest of the law enforcement agencies

- Educate the users if the IT and the relates services like credit card holders, Cell phone owners about the possible misuses and how to guard themselves against these types of crimes.

- Let all the service providers come together and agree on a common protocol, policing or a security system that would protect the common user from a third party misuse.

All the new technologies at one time or another have been seen as destructive or not progressive enough. Information technology can be more of a boon than a bane or a curse. Let us all work together and see that it remains that way.

Cyber crimes (Part 1)

Cyber the word or the ticket to everything good in this world has assumed proportions in this world (real/virtual) whose ramifications look very Orwellian. It has left a very harassed house-wife to say to her soft(ware) husband " why are you taking out your E-motions on me?". It has become fashionable to be E-talking now days. What with E-commerce, E-learning, E-business and others. One can't be left E-gnorant of the lingua franca of the modern world. But once you cut through the hype, the world that will soon encompass us looks very depressing and in many cases down right frightening.

Many governments have introduced cyber bills and the noble aim of these bills is to propel those countries into the forefront of IT (information Technology) transition. All over the world IT has become the buzzword and many other sectors have been ignored. What we are forgetting is that IT at best can be a support service that can flourish if the industry and the manufacturing sector props it up. Otherwise it will always remain a self feeding parasite. IT creates its own problems and spends enormous amounts of money in solving the same. Let's not forget the billions of dollars spent on Y2K problem or the billions that are being spent on viruses and hackers and the rest of the cyber crimes. This brings us to the topic of discussion, Cyber crime.

Crime is any outrage against the society. That is to say that by our actions which may or may not be beneficial to us we are harming the interest of many others directly or indirectly. E.g.: sending unwanted E-mails or spamming. Crime is profitable for the perpetuators of the crime except in the case of cyber crime. What is the profit motive of a virus spreader or a spammer? May be it is the thrill of being a nuisance value to the others?

One of the earlier cyber crimes is that of the hacking. It has been said that most of the hackers are very intelligent software professionals who are bored and break into protected websites of different government and non-government organizations and change the text and generally play havoc. One thing interesting about the hackers is that now days they are employed by IT giants. These IT giants routinely invite famous hackers to hack into their systems or networks.

If the hacker is able to hack the system the giant pays the agreed amount. Then the company goes back to the drawing board and tries to build better firewalls (protectors that protect against any hackers). But it is debatable whether one can encourage the hackers by providing them an incentive to hack into systems even with the noble idea of building better security.

Talking of cyber crimes leads to very good examples or incidents. One can remember a third world country citizen who duped a very famous organization like the "Euro lottery". This enterprising person claimed to have won nearly 110 Million Birr in the Euro lottery only by cleverly fiddling around with the IT networks. When asked about the Euro lottery winner the site immediately gives out the name of this enterprising person. Naturally the name and fame that the perpetuator got out of this action was very high till the bubble was burst. Same is the case with the creator of the Love-bug the virus that almost sent many companies into a downward spiral of loss and destruction. The creator of love bug was a Pilipino who was not even technically qualified.