Cyber Crime :: Precautions and Advises

      * What is a Cyber Crime ?
Sec.43 of the Information Technology Act, 2000 explains it as follows:

      *

If any person without permission of the owner or any other person who is incharge of a computer, computer system or computer network -  

(a) accesses or secures access to such computer, computer system or computer network or computer resource (ITAA2008)

(b) downloads, copies or extracts any data, computer data base or information  from such computer, computer system or computer network including information  or data held or stored in any removable storage medium;

(c) introduces or causes to be introduced any computer contaminant or computer  virus into any computer, computer system or computer network;

(d) damages or causes to be damaged any computer, computer system or computer  network, data, computer data base or any other programmes residing in such  computer, computer system or computer network;

(e) disrupts or causes disruption of any computer, computer system or computer  network;

(f) denies or causes the denial of access to any person authorised to access  any computer, computer system or computer network by any means;

(g) provides any assistance to any person to facilitate access to a computer,  computer system or computer network in contravention of the provisions of this  Act, rules or regulations made thereunder,

(h) charges the services availed of by a person to the account of another  person by tampering with or manipulating any computer, computer system, or   computer network,

(i) destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means (Inserted vide ITAA-2008)

(i) Steals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage, (Inserted vide ITAA 2008)

he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected. (change vide ITAA 2008)

Explanation - for the purposes of this section -

(i) "Computer Contaminant" means any set of computer instructions that are  designed -

(a) to modify, destroy, record, transmit data or programme residing within a  computer, computer system or computer network; or

(b) by any means to usurp the normal operation of the computer, computer  system, or computer network;

(ii) "Computer Database" means a representation of information, knowledge,   facts, concepts or instructions in text, image, audio, video that are being  prepared or have been prepared in a formalised manner or have been produced by   a computer, computer system or computer network and are intended for use in a   computer, computer system or computer network;

(iii) "Computer Virus" means any computer instruction, information, data or   programme that destroys, damages, degrades or adversely affects the performance  of a computer resource or attaches itself to another computer resource and   operates when a programme, data or instruction is executed or some other event   takes place in that computer resource;

(iv) "Damage" means to destroy, alter, delete, add, modify or re-arrange any  computer resource by any means.

(v) "Computer Source code" means the listing of programmes, computer commands, design and layout and programme analysis of computer resource in any form (Inserted vide ITAA 2008)
      * Precautions :
1.Do not allow any computer to open without password - so that responsibility can easily be fixed.
2.Ask network administrator to verify the logged users with attendance register. Report to concerned if any suspicion.
3.Ask network administrator to prepare daily audit trails of each user. Report to concerned if any suspicion.
4.Ask network administrator to update the anti-virus.
5.Don't allow any employee to open or access other networks and social networks including E-Mails and online storage locations.
6.Don't allow any employee to open or access organisation E-mail from outside without any authorisation.
7.Don't allow any employee to open or access organisation data to be carried to outside by pen drives, data cards, etc.
8.Hacking - means unauthorised access and it is punishable. Hence, its attempt also punishable. Network Administrators traceout such failed attempts and report to concerned. Be careful, some unscrupulous persons may approach under the guise of ethical hackers to steal the details of the organisation.
9.You will be held responsible if failed to prevent hacking of data which is being managed by your organisation.
10.Don't shut down the computer properly, if you suspect hacking. pluck the power cable rear side of the CPU. So that we can preserve the data and trace the unauthorised access details by inherest suddun power failure autosave features.
11.Forensic Science Analysis test are conducted on duplicate / image of the hard disk but not on original copy.
12.Don't allow the back up devises to directly access or save the data including delete, modify rights etc.
13.If you receive any suspicious emails etc. - first you try to open the website of that organisation using its domain name and know the details and go ahead only if you feel safe.
14.Don't make any online bank transactions with any service provider whose website address don't starts with 'https://'.
15.No bank or financial institution will ask for your username and password details. Be careful.
16.We can get civil remedies as well as initiate criminal proceedings, if you are the cyber crime victim. We you can also report cyber crime in nearest police station.
17.After transactions, close the window and delete all cookies. It is safe to delete all cookies before starting transactions if you are using others systems with their permission.
18.Check up and verify the last login details of our E-mails, Net Banking transactions etc.
19.Preserve System as well as user logs at least for one or two years.