When seventeen-year-old Rajesh went over to his friend Joshua’s house to finish work on a college presentation, he had no idea that his actions that night would set off a huge police investigation. As soon as he arrived and turned on his laptop to create a PowerPoint slideshow, it started detecting wireless networks in the vicinity. He ignored the popup messages for a while, but during a short break a few hours later curiosity got the better of him, and he decided to see if he could get online.
The first two networks he tried to connect to required passwords, and a third connected but didn’t allow Rajesh to load any websites. However the fourth network he tried, simply named “default”, was lying wide open. He was able to check his mail and chat with friends within seconds. The two boys took full advantage of the open connection, surfing the Web and downloading music.
At one point, Joshua got into an online argument with a girl he had tried to ask out the previous week. In a fit of anger, he decided to play a cruel prank on her and created a fake Orkut account in order to leave hurtful scraps for her to read. He figured that even if she realized it was him, his own computer’s IP address wouldn’t be linked to the account. Rajesh, for his part, thought it was a brilliant idea.
It was only the next evening that Anandita, the object of Joshua’s attention, got a call from a friend about the vulgar scraps on her profile page. Shaken, she immediately checked her account and saw them. She knew without a doubt who had left the comments there, especially considering the timing of her fight with Joshua the previous night. She wondered whether to just delete them and forget the whole episode, but eventually told her father about the whole thing.
Anandita, together with her enraged father, approached the Mumbai police, who directed them to the Cyber Crime Investigation Cell. The complaint was acted on immediately, and not only was Joshua apprehended, but his neighbor, whose IP address was unfortunately linked to the crime because of weak router security, was given a stern warning.
The moment anyone accesses cyberspace, anonymity is impossible. it is much easier to catch somebody when he’s online than otherwise, simply because once a person logs on to the internet, he leaves footprints behind.
The names in the story above have been changed, but similar real-life incidents have been making headlines in the newspapers for a while now. Take for instance the various reports of students posting obscene or defamatory statements about their schools online, or the bomb threats sent to the police through unsecured Wi-Fi networks. People even deface websites or install illegal keyloggers on others’ computers just to see whether or not anyone will be smart enough to trace them. So how do the police cope with these new-age nuisances and keep criminals and pranksters under control?
Mumbai has had a Cyber Crime Investigation Cell for nearly a decade, but now the effort to rein in online crime has been boosted by a dedicated police station. Such stations already exist in Bangalore and Hyderabad, making Mumbai the third city to create a dedicated force of police officers to chase online criminals. The CCIC is now equipped with the latest equipment, expertise, and more importantly, trained officers. CHIP met with Addl. Commissioner of Police Mr Deven Bharti, who directly supervises and controls the working of the Mumbai CCIC.
PAGE_BREAK
To catch a cyber criminal As Mr Bharti commented, “The moment anyone accesses cyberspace, anonymity is impossible. It is much easier to catch somebody when he’s online than otherwise, simply because once a person logs on to the Internet, he leaves footprints behind.” Every computer using the Internet has a unique Internet Protocol (IP) address, whether or not the user is aware of it.
Thus when a person sends an email, registers on any website, downloads a file or does anything at all on the Internet, the respective servers log his or her IP address with date and time stamps. These details can be obtained from internet service providers (ISPs) and used to trace the computer or device used, after which traditional methods of investigation lead the police to the person responsible.
But even IP addresses don’t always point to the exact computer used. There aren’t currently enough addresses in the world for each and every PC in each and every office or cybercafé to have a separate Internet connection. These computers use IP addresses that define them on an internal network and collectively seen as only one different address to the outside world.
So a criminal could be traced to an office or cybercafé, but then the IT administrator there would have to be questioned to find out who is linked to the particular crime committed. These details are culled from IT department server logs, and then used to pinpoint the exact computer which was used at a particular date and time. When CCIC officers zero in on the particular computer that was used for the crime, it is immediately seized and its hard drive is sent to a forensic lab for analysis.
Only after the hard drive is cloned for backup does the investigation proceed. That’s also why cybercafé owners are now required to maintain logs of all visitors. Cybercafé owners are required to check and record valid ID cards, but this is rarely practiced and it is easy enough to pass off a fake ID. Mr Bharti confirmed to us that the CCIC is attempting to enforce fingerprint scanners and cameras for stricter monitoring.
Crimes committed over the Internet can cause havoc with minimal effort on the part of the criminal, the most common example being bomb threats which often sent via email, whether from real terrorists or just pranksters. Because of this, the CCIC and a few IT companies from the industry recently conducted an awareness drive to educate people about the potential risks an insecure Wi-Fi network creates, and how simple security measures can be implemented. An unsecure Wi-Fi is an open invitation for criminals to conduct their future crimes.
So if you use a wireless router at home or in your office, be sure it is locked down with a strong password. And if you have any ideas about playing a prank on someone by sending obscene messages or breaking into another person’s Wi-Fi network for free Internet access, you could very easily land behind bars.
PAGE_BREAK
Interview: Addl. Commissioner of Police Mr Deven Bharti
Is an IP address is the only fool-proof way to trace a cyber criminal?
Not really! There are number of other ways to trace cyber criminals. But disclosing any of this information would be highly risky for future cyber crime investigations.
IPv6, which will allow a nearly unlimited number of IP addresses, could make it even more complicated to trace a criminal. Is the CCIC ready?
Yes. We are ready for any new technology that will be implemented in the future. If we don’t have people with the expertise, we hire them immediately! And we hire the best in the industry! We also use reverse engineering, where we report the way in which a crime was committed and then come up with a solution for that for future reference.
Can you tell us about the qualifications of the police officers employed at the CCIC station and the training given to them?
We look at their resumes to confirm their computer literacy and any similar expertise in the IT field. A few officers are chosen from every department in every zone of the city for this post. Our officers are trained on a regular basis. As the technology advances in the industry, we need to update ourselves too.
Experts are called from around the world to train us. Also, there are a number of IT companies that help us, for instance Nasscom has a dedicated team to help train our officers. We have a cyber lab in an undisclosed location where our officers are regularly trained. In certain cases where a new type of Internet criminal activity involving unknown technology is tracked, the information is sent to the respective departments for updates on the technology. In this way we keep sharing information with the IT companies who train us.
What if a crime is committed from foreign soil? How should one go about getting justice and how much time would it involve?
The time taken depends on the location of the source of the crime. Sometimes one might feel that the IP address originated from a foreign land, but the accused might be using a proxy and is stationed in the same location or close by in our country itself. So the first step is taken where the victim registers a complaint and then the investigation begins. Some traces are completed within 24 hours and some take longer. If the crime is actually committed from outside the country against someone here, then we take help of Interpol to bring the culprit to book.
Approaching a CCIC
The types of crimes that can be reported to the CCIC include child pornography, cyber stalking, denial of service attacks, virus dissemination, software piracy, crime involving the use of electronic communications, credit card fraud, online extortion, phishing, or any crime in which technological means have been used.
If you are a victim, a First Information Report (FIR) should be registered with the local police if a CCIC is not available in your city. All possible details of the crime must be provided. If there is a CCIC in your city, you can approach them first. If not, the information will be later passed on to the CCIC by the officers who record your FIR.
Carry along any evidence of the crime you might have. The case should be registered immediately and action will be initiated. The police will first check with the hosting provider of the respective website/service, which could even be shut down or blocked to prevent any further misuse.
CCIC CONTACTS:
MUMBAI
Email: [email protected]
Phone: 022 24691497
Web: www.cybercellmumbai.com
HYDERABAD
Email: [email protected]
Phone: 040 – 27852040
Web: www.hyderabadpolice.gov.in
BANGALORE
Email: [email protected]
Phone: 91- 080-2201026 and +91- 080-2943050
Web: www.cyberpolicebangalore.nic.in
Comments
0 comment