Frequently Asked Questions
Ans. Trap Doors are secret entry points of a computer program, which are mainly accessed by the developers in case of any minor modifications, without having to go through all the manual security protocols. However, attackers use this path to gain unauthorized access.
Ans. Logic Bombs are the programs, once they are injected in a computer system they stay dormant, and become active only at a pre-specified time period, like may be after a particular program is executed in that computer.
Ans. DDoS stands for Distributed Denial of Service attack. It happens when the attack is launched against a computer or website simultaneously from multiple locations.
Denial of Service (DoS) involves bringing a computer network down by flooding it with useless traffic, and thereby denying a legitimate user to access such network or website.
This attack is of 2 types: One is where the Operating System of a computer is attacked, causing it to crash; another is where Network is exploited causing a computer to disconnect from internet system.
Ans. This involves monitoring the traffic of a user on a network, and recording the essential names and passwords while he is entering such data into the computer with the help of certain programs. Later on by using such data, a secured user’s account is penetrated.
Ans. This involves tapping the telephone and eavesdrops into the conversation between two individuals. This raises a concern for the privacy. If the central government taps the phone call for maintaining public order, such interception is lawful under the IT Act.
Ans. This involves spying through the internet about product finances, research and development, and marketing strategies of different industries. Stealing the corporate data, Trade Secret etc. are the primary motives of these attackers. It can be done by way of Traffic Analysis.
Sometimes between the military and intelligence agencies, eavesdroppers use the electromagnetic impulses emanated by a computer to catch and make out a processed data.
Ans. Internet Protocol (IP) Spoofing involves forging with the IP addresses as it would seem that the source came from an inside network which the system trusts, but the address actually remain under the control of the attacker.
Forgery is an essential element for this offence.
Ans. E-mail Spoofing involves forging the mail address of an individual, and sending mails to the contacts / recipients of the victim from that mail address, as it would seem that the mails were originated from one source (the individual victim), but in fact they were sent from another source (attacker).
Forgery is an essential element for this offence.
Ans. This involves searching through the discarded computer documents and materials to get to know about any access code or password. In computer systems, sometimes the data which are presumed to be deleted, in fact still remains there, and the attacker may get access to them.
Ans. This involves using the internet hours which is paid by one person in an unethical manner by some other person without consent. This is basically carried out by hacking the ISP User ID and Password of the victim.
Ans. Session Hijacking involves exploitation of a valid web-session control mechanism where an attacker gains control over the session between two computers. Man In the Middle Attack is a classic example of this, where the attacker can stay in between two systems’ communications, and can alter the communications.
Ans. Web-jacking involves forcefully taking control of a website by means of mainly hacking, and unduly using the web-site as a real owner.
Ans. This involves sending unsolicited bulk messages indiscriminately by means of electronic messaging system. These messages are mainly commercial/ promotional/ advertising in nature. E-mail spamming is most prevalent.
Ans. This involves stealing of confidential data which resides in a computer system or server without permission of the legitimate owner.
Ans. This involves modification or alternation of data before or after it is entered and processed into a computer. Adding fraudulent input data, removing an existing data, or destroying an output data etc falls under this type of crime.
Ans. Many experts have categorized cyber crime under different aspects. Cyber crime can be against Operational security of a digital media; or can be against Physical security; or against Personal security; or against Communications and Data security. Under this light a lots of classifications are made with respect to different nature of cyber crimes.
Ans. Cyber crime is basically criminal in nature. However, it can impose civil liability upon the offender by way of compensation or fine. As per general notion, certain offences such as Domain Name Disputes, Online Trademark Infringement etc are also considered as cyber crimes by most people, where these offences are only civil in nature.
Ans. Internet crime is a part of cyber crime. When a crime is committed with the help of internet, like hacking or phishing, it can be called an internet crime. However, all types of cyber crimes are not internet crime. For example, offences such as, destroying stored data from a computer hard disk or theft of data residing inside a computer system etc. Here internet is not used but they are part of cyber crime and not internet crime.
Ans. Yes, cyber crime is an extensive sphere, which is not only restricted to computer or computer network. It encompasses any type of crime where a digital or electronic media is involved, subject to certain exceptions. Besides, mobiles are nothing but hand-held computers only.
Ans. Yes, Sec. 75 of Information Technology (Amendment) Act, 2008, gives this statute extra-territorial jurisdiction. Any person regardless to his nationality, even if residing outside India, if commits an offence or anything contravening any provision of this Act, shall be subjected to the jurisdiction under this Act if his act or conduct involves a computer system or network located in India.