Legal aspects of Handling Cyber Frauds

Понравилась презентация – покажи это...

Слайд 0

Legal aspects of Handling Cyber Frauds It act legal law liability

Слайд 1

What is a Cyber Crime? An unlawful act wherein the “Cyberspace” is used either as:- a tool or a target or both

Слайд 2


Слайд 3

Cyber Laws

Слайд 4

Recent Rules under IT Act

Слайд 5

Aims behind enactment

Слайд 6


Слайд 7

Virtual World Population Explosion : 1 Billion Leading to Changing Face of Crime…… Affecting….

Слайд 8

1 Dirty SMS = 3 Years of Jail Case Study 1 WHY r u sending me DIRTY SMS ? ---------------------- Don’t lie UR cell no has flashed on my screen SORRY !!! But I don’t know you. You are lying!!!

Слайд 9

Threatening email was sent from this cyber cafe. POLICE Cyber Cafe has 100 machines & so many customers. HOW do I Investigate. ? 1 Threatening Email = 3 Years of Jail Case Study 2

Слайд 10

Accounting Software worth crores is stolen. Interested in buying Accounting Software at a cheap cost ? Call 100-999-9999-22 Location :India SALE!! SALE !! SALE!! Accounting Software Location: Finland Case Study 3

Слайд 11

Case Study 4 Stake Holders Fake complaint via E-mail Employee upset with management Demand an Immediate Explanation ????? Disgruntled Employee

Слайд 12

Case Study 5 LOSS LOSS LOSS ????? I am losing all my tenders. SERVER Data 01001 011011 11000….. CRIME SERVER Scenario at the office

Слайд 13

Where is the evidence ? Mobile Tower / Phones Finland OR Indian Server Cloud Internet How to Investigate ? Employees / People How to PROVE the CRIME? How to decipher 010101 ? Can I submit the media in Court ? VEXING Questions

Слайд 14

Forensics is the process of using scientific knowledge for collecting, analyzing, and presenting evidence to the courts. (The word forensics means “to bring to the court.” ) Computer Forensics as the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law. Source : http://www.us-cert.gov/reading_room/forensics.pdf Forensics & Computer Forensics

Слайд 15

Digital Evidence Digital evidence is information and data of value to an investigation that is stored on, received, or transmitted by an electronic device. This evidence is acquired when data or electronic devices are seized and secured for examination. Sample illustration

Слайд 16

May be found in:  Can be hidden in:  Can relate to : Digital Evidence

Слайд 17

Office Setup Cyber Cafe Home PC Scene of Acquisition

Слайд 18

Computer Forensics process would involve….. Forensic analysis of digital information Identifying network computer intrusion evidence Identifying & examining  malicious files. Employing techniques to  crack file & system passwords. Detecting  steganography Recovering deleted, fragmented & corrupted data Maintaining evidence custody procedures Courtroom Presentation

Слайд 19

Steps in Computer Forensics Identification of Digital Evidence Acquisition of Media Forensic Analysis of Media Documentation & Reporting

Слайд 20

THE A TEAM Domain Expert Computer Forensics expert Forensics Accounting expert Software expert Lawyer

Слайд 21

Acquisition of Media Authenticate the confiscated media Hash value of the suspect media Hash value of the cloned image file If acquisition hash equals verification hash, image is authentic. SHA 1/256

Слайд 22


Слайд 23

Documentation & Reporting Broad outline of Computer Forensic Report Introduction to the case Background of the issue Details of forensic analysis carried out Certification

Слайд 24

Evidence Forms A detailed sheet about each evidence item Item serial number Item detailed description Type Make Model Date and time collected Notes Any serial numbers, labels

Слайд 25

Chain of Custody The movement and location of physical evidence from the time it is obtained until the time it is presented in court Logs all evidence moves HANDED BY HANDED TO DATE & TIME Item serial number Reason

Слайд 26

Creating an Image of Media Image is a bit-for-bit copy of the original If a disk has 5000 sectors, then the image created will have an exact copy of all 5000 sectors in the same order Media (evidence) must be protected from accidental writes / alterations Hard disk (media) Write-blocker Device Imaging workstation

Слайд 27

Write blockers & alternatives Write-blocker is a device that sits in between the computer and the media Blocks all write commands Lets through all read commands Prevents accidental alteration / deletion / addition or data Alternatives include using a forensic live boot CD or a drive duplicator

Слайд 28

Indian Evidence Act Sec. 3 (a) – Scope of definition of evidence expanded to include electronic records

Слайд 29

Sec. 65B - Admissibility of electronic records The person owning or in-charge of the computer from which the evidence is taken has to give certificate as to the genuineness of electronic record. INDIAN EVIDENCE ACT

Слайд 30

Sec. 88A - Presumption as to electronic messages The Court may presume that an electronic message forwarded by the originator through an electronic mail server to the addressee to whom the message purports to be addressed corresponds with the message as fed into his computer for transmission; but the Court shall not make any presumption as to the person by whom such message was sent. INDIAN EVIDENCE ACT

Слайд 31

The Information Technology Act Sec. 79A - Central Government to notify Examiner of Electronic Evidence The Central Government may, for the purposes of providing expert opinion on electronic evidence before any court or other authority specify, by notification in the Official Gazette, any Department, body or agency of the Central Government or a State Government as an Examiner of Electronic Evidence

Слайд 32

Civil offences

Слайд 33

Section 43 Unauthorised Access Remedy – Damages by the way of compensation Amount – Unlimited What needs to be proved – Amount of damages suffered

Слайд 34


Слайд 35

Слайд 36

Shri. Thomas Raju Vs ICICI Bank Case decided by – the Adjudicating officer, Government of Tamilnadu Petitioner suffered a loss of Rs. 1,62,800/- as a result of the phishing attack Amount was supposed to have been transferred on the account of another customer of ICICI Bank Petitioner claimed that he had suffered a loss due to unauthorised access to his account Petitioner further claimed that he had suffered a loss as bank has failed to establish a due diligence and in providing adequate checks and safeguards to prevent unauthorised access into his account. Bank had also not adhered to the KYC norms given by the RBI.

Слайд 37

Section 66 Removal of definition of “hacking” Section renamed as Computer related offences All the acts referred under Section 43, are covered u/Sec. 66 if they are done “dishonestly” or “fraudulently”

Слайд 38

Section 43(A) – Compensation for failure to protect data If body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person Liability – Damages by the way of Compensation

Слайд 39

HSBC - Nadeem Kashmiri case Based on complaints from customers - HSBC carried internal investigation - registers case Involvement of Call centre employee (Nadeem Kashmiri) He was arrested U/Sec. 66 & 72 HSBC also sued Call centre for the loss

Слайд 40

Who is liable?

Слайд 41

Issues What is Sensitive Personal Information? What are Reasonable Security Practices and Procedures?

Слайд 42

sensitive Personal data Or information Rule 8 - Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.

Слайд 43

Reasonable Security Practices

Слайд 44


Слайд 45

Compliance policies

Слайд 46

Collection of Information Rule 5 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011

Слайд 47

Collection of Information

Слайд 48

Privacy and Disclosure of Information policy Rule 4 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011

Слайд 49

Contents of Privacy policy

Слайд 50

Disclosure Rule 6 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011

Слайд 51

Transfer of information Rule 7 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011

Слайд 52

Sec 72(A) (Criminal offence) Punishment for Disclosure of information in breach of lawful contract - Knowingly or intentionally disclosing “Personal Information" in breach of lawful contract Imprisonment up to 3 years or fine up to 5 lakh or with both (Cognizable but Bailable)

Слайд 53

Criminal offences

Слайд 54

Section 66 A Sending of offensive or false messages Covers following sent by sms / email:- grossly offensive messages menacing messages false information sent for causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will.. phishing, email spoofing, Spam mails, Threat mails Punishment – imprisonment upto 3 years and fine

Слайд 55

Section 66 B Dishonestly receiving stolen computer resource or communication device Covers use of stolen Computers, mobile phones, SIM Cards, etc Punishment – imprisonment upto 3 years and fine

Слайд 56

Section 66 C Identity theft Fraudulently or dishonestly using someone else’s electronic signature, password or any other unique identification feature Punishment - imprisonment upto 3 years and fine

Слайд 57

Section 66 D Cheating by Personation Cheating by pretending to be some other person  To create an e-mail account, Social networking a/c on someone else's name Punishment – imprisonment upto 3 years and fine

Слайд 58

Investigation Powers Section 78 Cyber crime cases can now be investigated by Inspector rank police officers (PI) Earlier such powers were with the “DYSP/ACP”

Слайд 59

Sec. 79 Liability of Intermediary Intermediary is not liable for any third party information, data, or communication link made available or hosted by him – if his function is limited to providing access to such link the intermediary does not— initiate the transmission, select the receiver of the transmission, and select or modify the information contained in the transmission;

Слайд 60

Sec. 79 Liability of Intermediary Observing due diligence – The Information Technology (Intermediaries guidelines) Rules, 2011

Слайд 61

Compounding of Offences Section 77 (A) Compounding – “Out of court settlement” Offences - for which less than three years imprisonment has been provided and Which are not committed against women or children can be compounded

Слайд 62


Слайд 63

Possible Solutions

Слайд 64

Слайд 65