A major hype word and internet trend today is data privacy. Add to this the vulnerability brought in by excess use of social media and the integration of technology into all aspects of our day to day life. You’ll realise it’s a tricky world online. So, what do you do? “Trust private browsing to protect your online activity and your data.” Well, yes and no.
Private browsing is a privacy feature available with all popular browsers. In Chrome, the most common browser, this feature is called incognito browsing. This feature ensures that while in use, your browser will not save any cookies, passwords, or search results. The main benefit is that if there are multiple users on a single computer, they won’t be able to see each other’s history and usage. However, this does not prevent your Internet Service Provider (ISP) from tracking your online activity.
When using incognito browsing, a wholly isolated browsing session is launched that does not interact with regular browsing. For example, if you’re logged into your Facebook account on your regular browser and you open Facebook on incognito browser, you can log in with a different account and won’t be automatically logged in. Incognito does not save any passwords or websites visited earlier.
Now here’s the crux.
Private browsing prevents your browser from saving online activity and passwords, but it cannot stop other applications on your computer from monitoring the same. Spyware, key loggers and third-party programs can continue to collect this data. The same applies to your ISP, routers or main servers at colleges and organisations. Also, when you visit any website, the data bytes leave your computer and travel through the network to the website’s server, where they will get tracked and saved. This cannot be prevented by private browsing.
To reiterate, private browsing only makes sure that no history is saved on your computer, preventing other users from gaining access to your browsing history.
So, what can you do?
If you really need to mask your online activity, you could try Tor browsing. Tor is an encrypted network that reroutes your traffic through relays, making it difficult to track your actual IP address. This prevents your ISP and any other monitors from viewing your browsing history. And the websites you visit will not be able to log your IP address. Keep in mind, Tor speeds are considerably slower than regular internet browsing due to the relays.
Because of the anonymity that Tor offers, it is often used to bypass internet censorship and intense monitoring. People living under repressive government with strict laws and censorship tend to use Tor networks for access to the internet. However, it’s not a great idea to use Tor for regular browsing. The anonymity is not worth the significantly slower browsing speed.
If you would like to know more about Tor browsing, it’s pros and cons, and how it fits into the legal framework, let us know in the comment. You can also write to us on any of our social media pages. Till then, keep reading, stay updated, be aware!
The most valuable resource today is not oil, water or fresh air – it’s
data! An article in The Economist recently outlined just how valuable this
resource is to organisations the world over. It’s alarming how data mining can
influence people and hence dictate real events. Now answer this, where
can one find unlimited, often unprotected, data?
Yes, Social Media.
What started off as platforms to engage with friends and peers has fast turned into a gateway for all sorts of transactions. Given that social media platforms are not strictly bound by age, almost everyone has an account on at least one such platform - Facebook, Twitter, Instagram, and LinkedIn being the Big Four.
Some still use it for mere entertainment, like a quick scroll through
while you wait for your food at a café. But with the sheer reach of these
platforms, many now use them as tools to increase or represent their businesses,
thereby adding a whole new dimension to the user data now available through
If you willingly share any valuable data about yourself or those in your life, then you have to be ready for those waiting to misuse it. Internet crime is seeing a marked shift from basic email-related crimes to social media crimes. These include identity theft, photo morphing, romance scams and of course, cyberbullying and cyber stalking!
Cyberbullying and cyberstalking are becoming serious safety issues. The anonymity of the internet allows people to easily get away with saying or doing things that they probably won’t dare to do in real life. People go out of their way to create fake profiles solely for such purposes. This is why it’s important to connect and interact only with individuals you already know in real life or through trusted connections. However, your vulnerability on social media is not just in your hands.
Let’s assume you take all the required precautions to ensure that you
don’t put any personal data on your Instagram account. You only upload photos
of your photography. But then a friend of yours puts a photo of you and in the
description mentions personal information about you – your birthday, your pet’s
name or your parents’ names. Maybe even tags the location to your house. Now, all
your effort to keep your personal data offline is slowly getting negated.
Some might ask, how bad can the damage from social media be? Do these crimes even require as much attention as say bank frauds?
Well, a recent report, called Social Media Platforms and the Cybercrime Economy, stated that cybercriminals are earning at least$3.25 billion per year from social media-enabled cybercrime, with the breakdown of earnings being close to:
of the issue is the ease with which cybercriminals can access data of millions
of users, globally. We’ve said it often and we continue to stress on it – just
as the internet has made our lives easier, faster and more convenient, so has
it helped the criminals too! In fact, research states that one out of five large organisations is now potentially
infected with malware distributed via social media. Nearly 40%
of malware infections are linked to malvertising, add to that 30% that comes
from malicious plug-ins and apps.
Yet, don’t worry. As always, you just need to do the basics and you will considerably reduce your vulnerability.
Keep your passwords long with mixed
characters; change them regularly
Approach the internet with distrust – what you
see online is rarely a representation of reality
If you can’t say it in front of your
grandmother, don’t say it on social media
Always log out from others’ devices. Ideally,
log out from your own phone/laptop too!
Regularly update your settings for privacy and
Just because you have connections, doesn’t
mean you must accept the friend request
Use two-factor authentication!
Avoid sharing personal information that can be
used against you
And please, if you do witness a cybercrime,
report it! If someone you know is posting content that is against the
platform’s policies, report! Internet safety is a community effort.
Do you have some safety practices that you
would like to share?
From immediate money transfers to quick online payments, there are many perks to online banking. It comes as no surprise that India, and the world, is becoming increasingly comfortable with online banking. However, with so many people going online to manage their money, threats have arisen at an even faster rate. Hackers and cybercriminals are better equipped to commit financial fraud with these increased vulnerabilities. So, you need to be better protected and prepared for the consequences.
Don’t resign yourself to a world of unsafe banking. And obviously, you can’t move away from it because honestly, it’s convenient and super-efficient. Also, it reduces our carbon footprint by removing all the paper that would otherwise be required in traditional transactions. Now, let’s learn how you can protect your money. Here are some simple online-banking security tips you can practice to increase your data protection and money security.
1) Don’t Use Public Wi-Fi Networks
Public Wi-Fi networks or shared
networks have reduced security and are not remotely as encrypted as your home
networks or mobile data. Hackers and cyber criminals work at exploiting exactly
these network vulnerabilities. And once they gain access, your data is as good
2) Verify the URL for “https”
This should become a practice in
general when browsing online. Always, always, ALWAYS look for ‘https’ when
doing online money transactions, along with the little lock icon in the
beginning of the URL bar / website address bar. This means the website is
encrypted and converts data into undecipherable content before sharing over the
internet. So, if a hacker/cyber-criminal intercepts the data, they won’t be
able to make sense of it.
3) Automatic Login is Like Begging to be Hacked!
Automatic login, though not
recommended, it still okay for your social media accounts, e-commerce accounts
like Amazon, streaming platforms like Netflix, but it is a DEFINITE NO for
anything to do with finances. For any online transactions, make sure the
browser isn’t automatically saving your data, even on your personal devices!
4) Email and Text Scams
Your bank will NEVER call you for
any private details like ATM PIN and net banking password. Even to verify your
account, your bank will only ask you for details like your phone number and
birth date, maybe address at best. Be wary of such phishing attacks. Any
notification for a free iPhone or a lottery in exchange for bank details should
be deleted and forgotten. And if you do make a mistake, immediately
notify your bank!
5) Strong Password. STRONG Password.
At this point, we’re starting to sound like parrots. Or stuck tape recorders. Anything you do online should have a strong password. Anything you do online with money should have a password stronger than Hercules + Zeus + The Avengers + Wonder Woman too! Remember, a strong password doesn’t have to be complicated. It just needs a little effort. Apart from alpha-numeric with symbols, mix it up with uncommon words or use languages other than English. It’s really time we smarten up.
6) Banking Apps and Websites
Though the market has apps and
websites that offer to control all your bank accounts using a single platform, don’t
take them up on their offer! Some of these apps may even be verified, but their
encryption and safety standards will never compare to the bank’s own
app/website. Banking should be done only and solely on the verified application
or website of the concerned bank.
7) Turn off Bluetooth and Hotspot
Using these features reduces your encryption ever so slightly to allow easier connectivity. Though marginally, your phone is more vulnerable than it would otherwise be when these are switched off. Especially if you’re in a café or any place where there are many open channels. You can always turn them back on after you have finished your online banking.
8) Check your Account Statement
Check your account statement as
regularly as you check your mail / Facebook / Instagram or whatever else. It
takes about 3 minutes to open the banking app and just glance at the last 4-5
transactions. If anything seems odd or suspicious, immediately verify with your
bank. It is better to be safe than sorry!
9) Be Vigilant
If you’re using your laptop, never
conduct banking transactions with multiple tabs running simultaneously. On your
mobile, close all apps before launching your banking app. And this goes without
saying but – do NOT leave your laptop or phone unattended with any banking apps
/ websites open. In fact, if you’re going to walk away from your laptop /
mobile, always lock the screen!
In the unfortunate circumstance that
you are a victim of any financial fraud despite all the steps discussed above,
here’s what you can do.
Reach out to your bank immediately.
In the case of online banking, they will immediately lock your account till
further notice. If it’s an issue with cards, they will disable the cards
immediately. Next, file a complaint (FIR) with the nearest police station. If
it’s a cybercrime issue, the police station is obligated to forward your case
to the cyber cell. If the police station refuses to take your complaint and
pushes you to go to the cyber cell yourself, stand your ground and insist on
the FIR. However, if you want, you can file a case with both.
But, don’t depend on these systems to ensure you will get your money back. It is always better to prevent crime altogether. Small precautions can go a long way in protecting your money. Do you have any cases you would like to share with us?
We all know that cybercrime is a reality and it only growing with every passing day. With the deep penetration of smartphones into major markets across the world, we’re becoming walking-talking targets with high vulnerabilities. Interestingly, we all buy anti-viruses for our laptops and computers immediately after purchasing the device, yet we go our whole lives without protecting our phones.
That too, in 2019, when most of our online interactions happen through our phones. All the sensitive information on our phones such as images, contacts, banking details, email, etc, are just waiting to be compromised. To top it off, this includes GPS data, phone cameras and mics that can be remotely turned on! You might think that all that can happen is photo leaks or financial fraud through banking apps. But, it’s no longer that simple. With the development in technology, cyber-criminals have also become more efficient, competent and destructive. Such as using your location for stalking!
Some examples of cybercrimes today are cyber-stalking, data leaks, bullying, identity theft and even revenge porn. On a macroscopic level, terrorist organisations regularly use the darknet to communicate. Over the last few years, we have seen some of the largest terrorist organisations using gaming chat rooms to communicate with each other!
Can you completely prevent cybercrime? Absolutely not. Can you reduce your vulnerability? Easily! Here are some possible measures:
1. Yes, you need a passcode!
You don’t need to get complicated with the pattern and turn it into a maze, but also avoid pins of repetitive numbers like 1111 or the standard diamond shape 2486. Now, a passcode can be bypassed. However, it takes a little bit of skill and time. You don’t need to make the criminal’s job any easier by not even using a passcode!
2. Credit Card and Phone Bill
Regularly check both. Check right now. And then again three days from today. Since these transaction updates come on SMS, we tend to miss notifications because most of us avoid SMSs and only look at them for OTPs. Now with telecom companies starting online wallets, it’s another added vulnerability. Criminals can charge services to your phone number which will reflect directly in your bill amount.
3. Did you read the reviews before downloading that app?
Yes, we understand you really needed that photo editing app. And that game to kill time in meetings. But did you do your due diligence before downloading the application to your phone? Before installing, scroll down and always check the reviews. Then do a quick Google search to make sure no news hits turn up with negative reviews. Apps from untrusted sources often have malware that gets downloaded along with the app. Such malware can steal information, install viruses or even give mirror access to criminals!
4. Wipe-out Old Phones
Short of dipping an old phone in bleach, you need to clean out every single bit of information before selling, recycling or donating an old phone. Factory reset the phone twice if required and make sure you do not forget the memory card inside the phone. Don’t let anyone convince you that they will do it. When the phone leaves your possession, it should feel like a brand-new phone, the scratches aside of course.
5. Security Apps and Anti-Viruses
Security apps scan every app you download for malware/spyware and protect your internet browsing. Some apps even allow anti-theft systems like erasing data if the phone is notified as stolen. Anti-viruses keep tweaking their algorithms to constantly battle threats. Remember, your job is to make it as tedious and difficult as possible for the cyber-criminal to get into your phone!
6. Always, ALWAYS report a stolen phone
File a FIR with your local police station and inform your network provider immediately. Why the police? If the phone is used in any illegal activities, it will not be traced back to you as you have declared the phone out of your possession. Why the network provider? On your request, they will disable your sim, making it impossible for the thief to use the phone for any communication. (Your security app will help prevent him from making any use of the phone itself!)
7. No Net Banking with Strangers!
Really? This should not have to be said to begin with. But please! Do not do any money transactions with unknown individuals. And now with UPI, cybercriminals need even fewer details to commit financial fraud. Remember, as technology and the internet make our lives easier, they also make a criminal’s life easier!
8. STAY UPDATED!!!
On everything. The latest cybercrime threats. The latest software to prevent hacking and viruses. The latest internet scams. The latest malicious apps. Everything. And if your phone prompts an update for the operating software, do it immediately!
Now, if all this seems like too much
effort, you can just stop using a phone! Go back to one of those Nokia
moonlight type phones. Impossible, right? Then accept reality and act on these 8
very simple steps. Recognise the threat and prepare yourself as best as you
To be able to answer that question we must first understand the meaning of Law. Simply put, law encompasses the rules of conduct, that have been approved by the government, enforced over a certain territory, and must be obeyed by all persons within that territory. Violation of these rules will lead to government sanctions such as imprisonment or fine.
The term cyber or cyberspace signifies everything related to computers, the internet, data, networks, software, data storage devices (such as hard disks, USB disks etc) and even airplanes, ATM machines, baby monitors, biometric devices, bitcoin wallets, CCTV cameras, drones, gaming consoles, health trackers, medical devices, smart-watches, and more.
Thus, a simplified definition of cyber law is that it is the “law governing cyberspace”.
WHAT ABOUT CYBER CRIME?
An interesting definition of cyber-crime was provided in the “Computer Crime: Criminal Justice Resource Manual” published in 1989. According to this manual, cyber-crime covers the following:
Computer Crime any violation of specific laws that relate to computer crime,
Computer Related Crime violations of criminal law that involve knowledge of computer technology
Computer Abuse intentional acts that may or may not be specifically prohibited by criminal statutes.
Any intentional act involving knowledge of computers or technology is computer abuse if any of the perpetrators gained and / or any of the victims suffered.
THE NEED FOR CYBER LAW
The first question that a student of cyber law will ask is whether there is a need for a separate field of law to cover cyberspace. Isn’t conventional law adequate to cover cyberspace?
Let us consider cases where so-called conventional crimes are carried out using computers or the Internet as a tool. Consider cases like spread of pornographic material, criminal threats delivered via email, websites that defame someone or spread racial hatred etc. In all these cases, the computer is merely incidental to the crime. Distributing pamphlets promoting racial enmity is in essence similar to putting up a website promoting such ill feelings.
Of course, it can be argued that when technology is used to commit such crimes, the effect and spread of the crime increases enormously. Printing and distributing pamphlets, even in one locality, are time consuming and expensive tasks while putting up a globally accessible website is very easy.
In such cases, it can be argued that conventional law can handle cyber cases. The Government can simply impose a stricter liability (by way of imprisonment and fines) if the crime is committed using certain specified technologies. A simplified example would be stating that spreading pornography by electronic means should be punished more severely than spreading pornography by conventional means.
Now here’s where it gets mind-numbing…
As long as we are dealing with such issues, conventional law would be adequate. The challenges emerge when we deal with more complex issues such as ‘theft’ of data. Under conventional law, theft relates to “movable property being taken out of the possession of someone”.
The General Clauses Act defines movable property as “property of every description, except immovable property”. The same law defines immovable property as “land, benefits to arise out of land, and things attached to the earth, or permanently fastened to anything attached to the earth”. Movement and possession are ideas in the real world, whereas data becomes fluid and intangible and is an element of the virtual world. However, with only these two definitions at hand, it can be concluded that the computer and by such extension data should be movable property.
Let us examine how such a law (Conventional Law) would apply to a scenario where ‘data is stolen’. Consider a personal computer on which some information is stored. Let us presume that some unauthorized person picks up the computer and takes it away without the permission of the owner. Has (s)he committed theft? Yes, in this case, it is theft.
Question is, theft of
what? Theft of the computer? Of the data? Or theft of both?
A) COPYING DATA
Now consider that some unauthorized
person simply copies the data from the computer onto his pen drive. Would this
be theft? Presuming that the intangible data could be movable property, the
concept of theft would still not apply as the possession of the data has not
been taken away from the owner. The owner still has the ‘original’ data on the
computer under their control. The ‘thief’ simply has a ‘copy’ of that data. In
the digital world, the copy and the original are indistinguishable in almost
B) TRUE POSSESSION OF DATA
Consider another illustration on the
issue of ‘possession’ of data. Aria uses the email account firstname.lastname@example.org
for personal communication. Naturally, a lot of emails, images, documents, etc.
are sent and received using this account. The first question is, who
‘possesses’ this email account? Is it Aria because she has the username and
password needed to ‘login’ and view the emails? Or it is Google Inc because the
emails are stored on their servers?
C) AUTHORISED ACCESS TO DATA
Another question would arise if some
unauthorized person obtains Aria’s password. Can it be said that now that
person is also in possession of the emails because he has the password to
‘login’ and view the emails?
D) MOBILITY AND JURISDICTION FOR DATA
Another legal challenge emerges
because of the ‘mobility’ of data. Let us consider an example of
international trade in the conventional world. Aryan purchases steel from a
factory in China, uses the steel to manufacture nails in a factory in India,
and then sells the nails to a trader in the USA. The various Governments can
easily regulate and impose taxes at various stages of this business process.
Now consider that Aryan has shifted
to an ‘online’ business. He sits in his house in Pune (India) and uses his
computer to create pirated versions of expensive software. He then sells this
pirated software through a website (hosted on a server located in Russia).
People from all over the world can visit Aryan’s website and purchase the
pirated software. Aryan collects the money using a PayPal account that is
linked to his bank account in a tax haven country like the Cayman Islands.
It would be extremely difficult for any Government or Authority to trace Aryan’s activities.
It is abundantly clear
that for such complexities, amongst many more, that conventional laws are inadequate
and insufficient to say the very least.
What do you think? Share your views with us in the comments or DM us on our Social Platforms.
In 2017, 2 billion data records were compromised, followed by more than 4.5 billion records in just the first half of 2018.
With every passing year, and at an
accelerated pace since 2010, cybercriminals are using more advanced and
scalable tools to breach privacy. And they are clearly getting results!
In the last 2 years, we see some cyber-crimes becoming more prevalent than others. Cyber safety organisations around the world fear that the growth of cyber-crimes in just these 6 months of 2019 will surpass the numbers of 2017 and 2018 put together. Give that a serious thought for a minute.
Cyber-crimes grow and evolve with consumer behaviour trends. So, the trending cyber-crimes complement our usage patterns of the internet and technology. In the last decade, emails and chat rooms used to be the most common methods of communication online. This decade, we see a shift to mobile apps like WhatsApp and Viber and social platforms like Facebook, Instagram and Snapchat. Naturally, we see a shift from the number of email related frauds to social media frauds. Not to say that email frauds don’t happen anymore, it’s just that today we are more vulnerable on social media. And the numbers support this claim.
In 2018 alone, social media fraud increased by 43% from the year prior. Similarly, fraud in mobile channels has grown significantly in the last few years. In the same year, almost 70% of cyber-crimes originated or took form through vulnerabilities in mobile channels. A white paper, ‘Current State of Cybercrime – 2019’ by RSA Security says that the ease of use of such channels, absence of usage fees and other such simplicities will only help this trend grow exponentially.
So, what do we need to look out for in 2019?
Phishing, as the name
suggests, is looking or seeking private information under a guise. This usually
happens through emails, instant messaging or text messages. The attacker
masquerades as a trusted entity in order to hook and procure information such
as passwords and PINs. One of the most efficient cyber-crimes, phishing is only
growing in its complexity, ensuring its success further. To add to the problem, phishing kits are
easily available on the dark net. Meaning anyone with basic technical knowledge
can purchase the kit and execute the attack. Once a phishing attack is
successful, there is very little recourse for the victim.
Remote Access Threats
Basically, remote access is to gain unauthorised administrator access to a device, such as a computer or smart TV, from a remote network. This means the device being attacked and the device that is executing the attack are on separate networks. In 2018, the biggest remote access attack was cryptojacking, which targeted cyptocurrency owners. Now with Internet of Things and connected homes, we have only made ourselves even more vulnerable. These attacks can happen on any device connected to a network with open ports. Most common devices to come under this attack are computers, cameras, smart TVs, Network-Attached Storage (NAS) devices, alarm systems and home appliances.
We’ve started using mobile phones for everything from communication to banking. We are comfortable accessing and/or storing sensitive information on our mobile phones without proper protection of any sort, unlike how almost all of us have a firewall or antivirus on our computers. Think about all the apps that have access to data on your phones. Have you done your due diligence before downloading a random photo editing app? Aside from apps, another way attackers exploit our phones is through the two-step authentication system. While being one of the most widely used cybersecurity tools, it has actually increased our security risk in case a phone is stolen or lost.
How? Many platforms, including Facebook and Gmail, allow you to login on a fresh device using a code that will be sent to your phone. Similar vulnerabilities arise with OTPs. So, while this system adds a layer of security, it also makes you vulnerable in case your phone is stolen.
Artificial Intelligence (AI): Future
Every development in technology can be used for good and bad, as the user may see fit. Industries are working on cybersecurity systems perfected with AI, while hackers are using the same technology for themselves to become more effective. It doesn’t help that the qualities of AI inherently serve malicious purposes. AI systems are easy to create and separate the human element. Meaning, the hacker gets the advantage of being disconnected from the crime while still bearing the fruit. As we continue to pour millions into the development of AI, we’re simultaneously making it easier for cybercriminals. Think about the robots that are being developed for the medical industry – how do we prevent that robot from being hacked and turning violent instead of helpful? Or even chatbots? Airline companies, banking websites, almost all e-commerce websites, and even educational organisations have chatbots on their websites. We’ve become comfortable chatting with a bot and often share privileged information when seeking help from the chatbot. How do you confirm that the chatbot hasn’t been compromised by a hacker? Are you mindful of what information you may be sharing with a hacker or do you share whatever information is asked for hoping to get help with whatever your grievance was?
Technology is both a
friend and a foe. The expansive penetration of internet accessibility has only
added to our conveniences and our problems. Be vigilant and do your due
diligence when interacting through technology, straight away from the moment
you go live on the internet.
What are some of the steps you take to protect yourself online?
VPN when using a public Wi-Fi? Anti-virus on your phone? Covering your webcam when not in use? Turning off appliances/electronics when not in use?
Take a minute and think over your
safety and security online – it is critical and completely in your hands!!!
Application security relates to the cyber security aspects of applications and the underlying systems.
Application attacks include:
Input Validation attacks such as buffer overflow, cross-site scripting, SQL injection, canonicalization
Authentication attacks such as network eavesdropping, brute force attacks, dictionary attacks, cookie replay, credential theft
Authorization attacks such as elevation of privilege, the disclosure of confidential data, data tampering, luring attacks
Configuration management attacks such as unauthorized access to administration interfaces / configuration stores, retrieval of clear text configuration data, lack of individual accountability, over-privileged process & service accounts
Sensitive information attacks such as access to sensitive data in storage, network eavesdropping,
Session management attacks such as session hijacking, session replay, man in the middle,
Cryptography attacks due to poor key generation or key management and weak or custom encryption,
Parameter manipulation attacks e.g. query string manipulation, form field / cookie / HTTP header manipulation,
Exception management attacks such as denial of service,
Auditing and logging attacks
4. Cyber Incident Response
Incident Response relates to the plans, policies, and procedures for handling cyber security incidents.
Analysing Data from Data Files, Operating Systems, Network Traffic, Applications, and Multiple Sources
Analyzing Active Data, Latent Data, and Archival Data
Wireless, Network, Database and Password forensics
Social media forensics
Malware, Memory and Browser forensics
Cell Phone Forensics
Web and Email investigation
Analysing Server Logs
5. Regulatory Compliance
Regulatory Compliance relates to measures undertaken to ensure compliance with applicable laws and mandatory cyber security standards.
Failure to meet regulatory compliance requirements can result in civil and criminal action and even imprisonment for organization heads.
Usage of consolidated and harmonized compliance controls ensures regulatory compliance without unnecessary duplication of effort and activity.
One such control system is the “Effective Compliance and Ethics Program” contained in Chapter 8B2.1 of the Federal Sentencing Guidelines Manual issued by the United States Sentencing Commission.
Another control is the “AS 3806- 2006” issued by Standards Australia. This provides guidance on:
The principles of effective management of an organization’s compliance with its legal obligations, as well as any other relevant obligations such as industry and organizational standards
The principles of good governance and accepted community and ethical norms.
6. Data Protection
Data Protection relates to the cyber security aspects of protecting the confidentiality, integrity, and availability of data.
From a Data Protection perspective, data can be classified into 3 types — data at rest, data in motion and data under use.
Critical and confidential data includes source code, product design documents, process documentation, internal price lists, financial documents, strategic planning documents, due diligence research for mergers and acquisitions, employee information, customer data such as credit card numbers, medical records, financial statements etc.
Data Loss Prevention solutions:
Identify confidential data
Track that data as it moves through and out of enterprise
Prevent unauthorized disclosure of data by creating and enforcing disclosure policies
Various encryption technologies such as symmetric encryption, public key encryption, and full disk encryption can be used for data protection.
A data protection policy involves:
Instituting good security and privacy policies for collecting, using and storing sensitive information
Using strong encryption for data storage.
Limiting access to sensitive data.
Safely purging old or outdated sensitive information.
7. Cyber Security Training
Cyber Security Training is a formal process for educating personnel about cyber security and building relevant skills and competencies.
Cyber Security Training ensures that relevant personnel understand their cyber security responsibilities. This enables them to properly use and protect the information and resources entrusted to them.
Effective cyber security training must include:
Real-world training on systems that emulate the live environment,
Continual training capability for routine training,
Timely exposure to new threat scenarios,
Exposure to updated scenarios reflecting the current threat environment,
Coverage of basic day-to-day practices required by the users
8. Cyber Security Testing
Cyber Security Testing is the process of ascertaining how effectively the entity meets specific cyber security objectives.
Cyber Security Testing encompasses:
Review Techniques, which include Documentation Review, Log Review, Ruleset Review, System Configuration Review, Network Sniffing, and File Integrity Checking
Target Identification and Analysis Techniques, which include Network Discovery, Network Port and Service Identification, Vulnerability Scanning, Active & Passive Wireless Scanning, Wireless Device Location Tracking, and Bluetooth Scanning
Target Vulnerability Validation Techniques which include Password Cracking, Penetration Testing, Penetration Testing and Social Engineering
Security Assessment Planning which includes Developing a Security Assessment Policy, Prioritizing and Scheduling Assessments, Selecting and Customizing Techniques, Assessment Logistics, Assessor Selection and Skills, Location Selection, Technical Tools and Resources Selection, Assessment Plan Development and Legal Considerations
Security Assessment Execution which includes Coordination, Assessing, Analysis, Data Handling, Data Collection, Data Storage, Data Transmission and Data Destruction
Post Testing Activities which includes Mitigation Recommendations, Reporting and Remediation/Mitigation
9. Contingency Planning
Contingency planning revolves around preparing for unexpected and potentially unfavorable events that are likely to have an adverse impact.
Types of Contingency Plans are:
Business Continuity Plan
Continuity of Operations Plan
Crisis Communications Plan
Critical Infrastructure Protection Plan
Cyber Incident Response Plan
Disaster Recovery Plan
Information System Contingency Plan
Occupant Emergency Plan
Stages in the Information System Contingency Planning Process are:
Developing the Contingency Planning Policy Statement
We live in a world where everything seems to be getting hacked — Airplanes, ATM machines, Baby monitors, Biometric devices, Bitcoin wallets, Cars, CCTV cameras, Drones, Gaming consoles, Health trackers, Medical devices, Power plants, Self-aiming rifles, Ships, Smart-watches, Smartphones & more.
The increasing global cost of cybercrime ($100 billion+ a year) has led to a massive surge in the demand for cybercrime investigators. This article explores the 22 skills every cybercrime investigator must have.
Skill 1: Web Technologies
Considering the magnitude and impact of web attacks, it is necessary for a cyber crime investigator to understand some of the technologies that run the Internet and the World Wide Web.
This includes practical activities including hosting a domain, creating SFTP users, setting up custom MX records, setting up, configuring & administering private email accounts, databases, and Virtual Private Servers, configuring SSL for secure websites and deploying cloud infrastructure. The investigator must also understand installing, configuring & deploying content management systems and e-commerce platforms.
Skill 2: Web Hacking
Since a majority of cyber crime cases involve web-hacking or web-attacks, it is essential for cyber crime investigators to have a strong knowledge of the techniques of web hacking such as Footprinting, Bypassing Authorization Schema, SQL injection, Cross Site Scripting (XSS), Broken Authentication, Session Hijacking, Unvalidated Redirects & Forwards, and Cross-Site Request Forgery (CSRF).
Skill 3: Suspect interviewing
Effective suspect interviewing is an essential skill for cybercrime investigators. The investigator must understand the difference between an interrogation and an interview and how to prepare for and conduct a suspect interview. The investigator must be able to detect deception, document an interview and get an admission from a suspect. An investigator must also know how to conduct an inquiry in an organization.
Skill 4: Documentation
Even the best investigation is worthless if it is not supported by accurate and relevant documentation and that’s why a thorough understanding of documentation is essential for a cybercrime investigator.
Skill 5: Law
Every step of an investigation must be in compliance with the law and that’s why a thorough understanding of the applicable law is essential for a cyber crime investigator.
Skill 6: Phishing tools, techniques, and counter-measures
Phishing is one of the most popular techniques among hackers and financial cyber criminals. This makes it important for a cyber crime investigator to understand phishing tools, techniques, and counter-measures.
Skill 7: Virtual Payment Systems
Virtual Payment Systems have taken the global money markets by storm. A cyber crime investigator must have a strong understanding of how these systems work.
Skill 8: Financial instruments and concepts
Financial crimes are some of the most interesting cases that cyber crime investigators are called upon to solve. These include including advance-fee scam, bank frauds & carding, charge back fraud, check washing, check fraud, credit card fraud, identity theft, insider trading, insurance fraud, mortgage fraud, ponzi schemes, securities fraud, skimming, wireless identity theft and more.
Skill 9: Forensic accounting
Forensic Accountants are called upon in cases involving economic damages calculations, bankruptcy, securities fraud, tax fraud, money laundering, business valuation, and e-discovery. It is important for a cyber crime investigator to have a basic understanding of forensic accounting.
Skill 10: Fraud Investigation
Many times a cyber crime investigator is called upon to handle fraud investigations. An investigator must understand Fraud (its extent, patterns and causes), Fraud Risk Assessment & Management, Fraud Prevention, Detection & Reporting.
Skill 11: Bitcoin & other crypto-currencies
Bitcoin is, without doubt, the most famous crypto-currency. It gained a lot of notoriety during the crackdown on Silk Road, an underground online marketplace trading in drugs, stolen financial information, weapons & more.
Considering the use of bitcoin (and other cryptocurrencies) by criminals, a strong understanding of bitcoin forensics is essential for cyber crime investigators.
Considering the impact of malware, it is essential for a cyber crime investigator to have a strong understanding of malware incident prevention and malware incident response.
Skill 13: Dark Web
The World Wide Web that the vast majority of netizens use is also referred to as the clearnet — since it primarily is unencrypted in nature. Then there is the deep web — the part of the clearnet, which is not indexed by search engines. Deep web includes data stored in password-protected pages and databases. The darkweb is a small part of the deepweb. The deepweb consists of darknets including peer-to-peer networks, Freenet, I2P, and Tor. The Tor darkweb is also called onionland, since its top level domain suffix is .onion and it uses the traffic anonymization technique of onion routing.
Considering the popularity of the darkweb amongst the organized criminals groups, a cyber crime investigator must have a thorough working knowledge of the dark web.
Skill 14: Email investigation
Despite the popularity of instant messengers (such as Whatsapp) and social media, email remains one of the most popular methods of online communication in the world. This makes it essential for a cyber crime investigator to have a strong knowledge of email tracking & tracing.
Skill 15: Log analysis
In a large number of cyber crime cases, the investigation begins with an analysis of server logs. It is essential for a cyber crime investigator to have a sound working knowledge of server log analysis.
Skill 16: Browser forensics
In many cases of cyber crime, valuable evidence can be obtained from web browsers. This makes it important for a cyber crime investigator to have a strong practical knowledge of browser forensics.
These evidence points include history, bookmarks, credit card information & contact information stored in autofill, saved passwords, files in the download location. Browser forensics also involves analysis of cloud printers and other connected devices, extensions, cookies and site data, location settings and exceptions, media settings (like camera and microphone permissions) & exceptions, unsandboxed plug-in access & exceptions, automatic downloads and exceptions and more.
Skill 17: Social Media Forensics
It’s probably not incorrect to say that almost every Internet user is part of at least one social media platform. This makes social media forensics an essential skill for a cyber crime investigator.
Skill 18: Google Ecosystem & its Forensics
Google isn’t just a search engine anymore. The Google ecosystem is all around us — Gmail, YouTube, Google groups, Google sites, Google plus, Google keep and so much more. This makes Google forensics a must-have skill for cyber crime investigators.
Skill 19: Forensic technologies
It is essential for a cyber crime investigator to have a strong working knowledge of forensic technologies, cyber forensic concepts and ISO/IEC 27037 — the most important global standard for identification, collection, acquisition and preservation of potential digital evidence.
Skill 20: Cyber security
A basic working knowledge of cyber security is essential for everyone and more so for cyber crime investigators. Aspects of information security include Application Security, Cloud Computing Security, Computer Security, Cyber Security Standards, Data Security, Database Security, Information Security, Internet Security, Mobile Security, and Network Security.
Skill 21: Cryptography & Steganography
Many people use cryptography and steganography. And these include criminals and terrorists. Hence a working knowledge of these is useful for cyber crime investigators.
Skill 22: Password recovery & forensics
In many cases it is found that potential evidence is locked up in password protected files. This makes it essential for cyber crime investigators to have a strong practical knowledge of password recovery & forensics.
I’m not a techie, nor a lawyer and yet here I am in a field that takes on both these mammoths. I’ve been here a long time; India’s had her cyber law in place since the year 2000. So, it’s deeply disappointing to see the confusion in students and professionals alike about the various aspects of a cyber education.
Yes, I said cyber education and not just an IT education. So, I’m not only talking about the technology in cyberspace. I’m referring to the other side of the spectrum.
9 out of 10 people today have faced some type of cybercrime. And yet, almost 7 out of those 9 will not know what to do about it.
I thought about cybercrime, you know, as a non-techie and a non-lawyer, and decided to break it down to its foundation stones.
Here, let’s create our first bifurcation. Cybercrime may be divided into 2 parts — Pre-crime and Post-crime
This is where your crime hasn’t happened yet. So, you are basically hoping for the best and preparing for the worst. This can also be divided further into:
1. Cyber security
In layman’s terms, every step that you take to ensure that your computer hardware, computer software, networks, accounts etc. remain safe from any breach, aka cybercrime, is cyber security. Simple, isn’t it? Well, simple is where this article stays. You want a connoisseur’s break up of the cyber security menu, see: The 9 sides of cyber security
2. Cyber Insurance
The obvious next step in pre-crime schedule. What you may not be able to secure ought to be insured.
This is where your cybercrime worst has happened. Now, hopefully, you aren’t affected too badly. But even if you are, there are divisions to this part that can help you.
1. Cyber Law
This is the law that governs cyberspace and as often as not has jurisdiction beyond your country. So, where do you report a cybercrime. Cyber law tells you the where, how and whom to approach. It also tells you the punishments for various cybercrimes. You know, in case you may be committing one?
2. Cyber Investigation
Here’s where the sleuths step in. Professionals here need to have that investigative streak and need to be armed with the latest tools and techniques of cyber investigation. This is where you get answers to how the cybercrime was committed and with any luck, may just get the criminal. And again, if you want the real dirt on what all an investigator needs to know, see — 25 Skills Essential for a Cyber Crime Investigator
So, you’re a student or professional who has a thought that they want a piece of the humongous cybercrime pie. This article may just have helped you understand where you want to be.
Just be prepared to keep learning to stay abreast in this ever-evolving super-exciting space.