Gurgaon police arrest five cyber cafe owners

The
Gurgaon police Monday arrested five cyber cafe owners for failing to
install closed-circuit television cameras (CCTV) in their cafes and for
not maintaining the identity records of customers.The action follows
increased vigil after the recent serial bomb blasts in Bangalore and
Ahmedabad and increasing instances of terrorist outfits using cyber
cafes to send e-mails, a police spokesman said.The arrests were made
after raids on 35 cyber cafes Monday in this township that adjoins the
national capital.In another development, the Gurgaon police has decided
to install 500 closed-circuit television (CCTV) cameras all over the
township.A police spokesman Monday said the cameras will be installed
on national highways, roundabouts, parks, shopping malls, prominent
high-rise buildings and other public places across the township.About
30 CCTV cameras have already been installed and 500 more will be
installed shortly, he added.

-IANS

Cyber Squatting

The practice of purchasing a domain name that contains a well-known
trademark or commercial name (for example, indiatimes.com) is called
Cyber squatting. The cyber squatter then offers to sell the domain to
the person or company who owns a trademark contained within the name at
an inflated price. The term is derived from "squatting" which is the
act of occupying an abandoned or unoccupied space that the squatter
does not own, rent or otherwise have permission to use. Cyber squatting
however is a bit different in that the domain names that are being
"squatted" are (sometimes but not always) being paid for through the
registration process by the cyber squatters. Cyber squatters usually
ask for prices far greater than that at which they purchased it. Some
cyber squatters put up derogatory remarks about the person or company
the domain is meant to represent in an effort to encourage the subject
to buy the domain from them This practice is being contested in various
legal battles and for the most part, the company wins, not the cyber
squatter.

Cyber Forensic Tools made in India

Cyber forensics is an emerging investigation science that aims to
uncover evidence by extracting data from computers, personal data
assistants (PDAs) or even a smartphone. Efforts by a state-run agency
to develop a homegrown computer forensics software have come into the
limelight after the alleged involvement of two Indians in a failed
terrorist attack on the Glasgow Airport last month.
CyberCheck, a
software product developed by the cyber-forensics team of the Centre
for Development of Advanced Computing (C-DAC) is being used by police
officials at Bangalore, home to one of the Glasgow suspects, Khafeel
Ahmed, to analyse and mine the computer that he used while visiting his
parents in India’s tech capital. The investigation success, C-DAC
officials hope, will draw attention on the products built at its
five-year-old cyber forensics centre in Thiruvananthapuram.
Cyber
forensics is an emerging investigation science that aims to uncover
evidence by extracting data from computers, personal data assistants
(PDAs) or even a smartphone. It involves finding data, preserving it
and presenting it in a manner acceptable in a court.
Internationally,
encryption, forensics and related software often fall under tight
government regulations, which clamp down on its exports and mandate
embedding loopholes that agencies of the originating country can use to
access data where ever it is sold and used.
C-DAC has investigated
around 110 cases, including a case where threatening emails were sent
to Prime Minister Manmohan Singh and senior government officials,
involving cyber crimes such as forgery, fraud, hacking, “phishing” and
cheating. It has assisted state police departments, the Central Bureau
of Investigation (CBI) and the Indian Army.
With the increasing use
of computers, cellphones, satellite phones and the Internet by
terrorists and other criminal elements, C-DAC scientists see an
increasing demand for cyber forensic products.
“Currently, most of
the crimes reported, whether cyber or otherwise have digital evidence
in the form of computer hard discs, mobile phones, PDA devices and
digital cameras. As more and more people buy these devices, misuse is
on the rise, which means there is going to be large potential for cyber
forensics tools in India,” said Bhadran V.K., joint director at C-DAC’s
Resource Centre for Cyber Forensics in Thiruvananthapuram.
The local
seller of “Encase”, a forensics software of Pasadena, Guidance Software
Inc., agrees. “The Indian cyber forensics market is a hugely potential
market. It is like a 100-storey building and where we are at now, we
haven’t even begun building the ground floor. Just one or two players
cannot make that 100-storey building and we want more people in this
field,” said S. Venkatesan, director of Labs System India Pvt. Ltd, a
reseller in India for Encase.
C-DAC’s products face competition from
established US companies such as Guidance Software, Pleasant Grove,
Utah-based Paraben Corp., Chatsworth, Intelligent Computer Solutions,
Inc. and Digital Intelligence Inc. The Indian agency is using the plank
of affordability to hawk its wares.
Encase, used by both government
agencies and private customers such as audit firms Ernst & Young,
as also the likes of Wipro Ltd, is priced between Rs1.5 lakh and Rs3
lakh for a single licence and, Rs1 crore and above for enterprises of
more than about 6,000 users. In contrast, C-DAC’s CyberCheck sells for
Rs30,000 a licence and has sold about 100 copies in India. “Our
advantage is that we have designed and developed these products in
India,” Bhadran said.

PASSWORD? Unprotected

Ethical hacking. Could there be a bigger oxymoron? But as Abhijeet
Parandekar ushered me into his lab in the Asian School of Cyber Laws,
Pune, he showed no signs of guilt. “This is my playground. I work for
eight hours here and play after that,” he said with a grin. It was
after much coaxing that the computer expert had agreed to share his
secrets and teach me to hack “with ethics”.

For Abhijeet, to be
an ethical hacker is to be the good guy. You attack a security system
on behalf of its owners, looking for weak links that a malicious hacker
could exploit. In short, you know all the low tricks but use them for a
better cause. And, from my experience of interviewing an ethical hacker
a year ago, I also know that they are, well, quite cool. “I will first
teach you how to hack passwords, then how to hack documents and then
how to hack a computer,” he said with surprising matter-of-factness.

So,
we made an MS Word document, which he asked me to lock with a password.
“It could be anything,” he said. “Fly,” I said. To hack, you need the
right software. (Abhijeet refused to disclose the name of the software
we were using. So if you thought I ran out of the lab and into the
exciting life of a hacker, you are mistaken.)

On the desktop in
front of me, were numerous tools—with names like the Horse Riding, the
Action and the Bleak Reader. I chose the first and clicked. In a few
hundred seconds, the device dived into the sea of words that had been
keyed into the system and fished out five. The third was “fly”. “Oh,
god. It’s actually happening,” I said. “Yes, and it can happen in many
more ways,” said Abhijeet primly. “This technique compares each word in
the dictionary with the password and matches it,” he says.

More
mock hacking. I created documents, locked them with passwords and then
prised them open. But before I got ideas about a life in crime,
Abhijeet intruded to point out how each password that I had managed to
crack was first given out by me. “People give out passwords on their
own through different ways and the software helps us trace them. It’s
near impossible to break into accounts,” he says.

Lesson 2: how
to gatecrash systems. The software at my disposal were Digit Byte and
Counterfoil. “ What you have to do here is make a fake document out of
original icons like MSWord, Internet or Photoshop and email it to the
user. The moment he clicks on it, you will have access to his computer
from your machine,” he says.
I was hooked. So I made a fake Word
document, exported it to the neighbouring computer, clicked on it and
came back to my seat to watch some fun. It worked. I could see all the
documents, the desktop icons and even the view through the web camera.
And, mind you, the web camera on the other computer was turned off.

By
now, I had turned into the child who wants all the toys in the shop.
So, I asked Abhijeet to go to the next step. And there I was, shutting
the monitor of the neighbouring computer, opening its disc drive and
shaking its screen—all while sitting on my seat. Believe me, I felt
like a small cyber megalomaniac.
But Abhijeet did not really care
for my self-assuring smirk. “I’ve taught you just three or four tools.
There are some 50 like this,” he said.

It was time soon for
Abhijeet to return to his playground. I walked back with a buzzing head
and told myself, “Change your password, girl!”