CYBER POLICING

CYBER POLICING
Personal Vigilance Is The Answer
Crime on the internet, or cyber crime in trendy parlance, is no more confined to the pages of science fiction. It has truly arrived, leaving the law enforcement agencies baffled. This is a new type of cat and mouse game they have not played earlier nor been trained for. Hackers no longer need violent weapons or accomplices to commit felonies. What they need now is a computer, a screen name, and intent to mutilate one or many computer systems.
Anonymity of the internet and its decentralized global nature helps them to manoeuvre through web pages, access credit card numbers and passwords, or just keep on stalking. Often the only clue is their e-mail address. Fraud has always been around; computers give it a new dimension. What if the numbered Swiss accounts can be compromised? The rise in e-commerce, and soon m-commerce, is bound to present a bounty to the scam artist. What is really disturbing is the wide, and ever increasing, scope of crime through the internet. Be it pornography, blackmail, extortion, drug traffic, terrorism or sheer vandalism, a computer can be exploited.
CURIOSITY
Minors attack computer systems out of curiosity, a thirst for knowledge, and while exploring, exceed bounds of what is legal. Adults do it for reasons that can vary from greed to revenge to sheer mischief. Megalomania or delusion or grandeur is at times the driving force. While commercial, military, government and home computers are vulnerable, the easiest targets are often those at educational institutions. Any effort at building the network defences must start with fixing these weakest links. Favourite targets have been the computers in South Korea, China, the Philippines, Russia, Eastern Europe and US. Can India remain unscathed for long?
While the new medium is a haven for criminals, the anonymity of the web cuts both ways. The cloak of electronic facelessness is the perfect tool for police to run decoys and keep an eye on the bad guy. In a case reported from UK, a sleazy character found an underage girl in a chat room on the internet and tried to lure her into having six at some prearranged location. At the destination a 50-year old policewoman with a shiny pair of handcuffs greeted him. She was the “young girl” all along. India’s police in the metros can take note.
The much-hyped “Love Bug” virus that swept the world recently took the internet world by storm and unnerved the computer security experts. The Philippines police arrested a man suspected of helping to create the crippling virus but had to set him free for want of evidence. Close on the heels came a new and dangerous computer virus dubbed “killer resume”. It was so named because it arrived pretending to be a “resume” from a potential job applicant. The virus was carried in a file attached to an e-mail system using a Microsoft outlook programme. In a not-too-late response Microsoft has come out with an anti-bug patch which prevents the users from running any “executable” programme attachments to e-mail and flashes a warning if there is an attempt.
The authorities complain that their probe is hampered by a lack of laws covering the new global computer network delaying arrest and allowing the suspects time to dispose of key evidence. In the United States, the FBI is alarmed at cyber crimes doubling in a year. Their survey of Fortune 500 companies revealed that 62 per cent of all reported computer breaches till date occurred last year. It feels frustrated at not being able to keep up its excellent track record. In his recent testimony before a subcommittee of the US Senate, FBI director Louis Freeh listed lack of manpower, technology (computer architecture), hazy jurisdictional issues and weak laws as the main hindrances to effective cyber policing. He recommended tougher laws including doubling jail time and fine.
The question of jurisdiction is crucial since internet crimes will often cross state and national boundaries. The US proposes to have Law Net, which would be an online investigating agency that could cross local, state and even international borders. It is imperative that not one but all countries have adequate laws and they enter into treaties of mutual cooperation, like the extradition treaties. Interpol is in a unique position to play a pivotal role, both detective and instructive. Its advice should be taken and listened to.
UTILITIES
In India, our economy is going to be driven by e-commerce. Computer is crucial in the running of infrastructure public utilities such as telecom, power and gas distribution, banking, railways and aviation. E-mail is fast replacing fax and conventional mail (derisively called the “snail mail”). And yet, India is only at the threshold of an internet revolution. According to a guesstimate, only about 15 per cent of a million internet connections are at homes. More cyber cafes and information kiosks will come up once the problems of bandwidth shortage and slow dial-up connections are taken care of. This gives us time, but not much time, to put our cyber policing in place.
Fortunately, so far nothing more serious than software piracy and theft of internet time has been reported to the police. To make our large police force, a few lakh strong, computer literate will be neither easy nor cheap. To start with specialized cells should be created in the central and state police organizations. The ministry of Home Affairs should take the lead, though there is now a separate ministry of Information Technology. One hopes the IT law-in-making will have enough bite. Success will, however, depend not on the stiff penal provisions but on strict enforcement. Also on the anvil is a convergence law, to be called information, communicator and entertainment bill or some such thing. It has to be ensured that the two laws do not work at cross purposes.
IT minister Pramod Mahajan has returned from the United States quite taken in with what the Americans are doing in this regard. He is all praise for the FBI-led National Infrastructure Protection Centre he visited in Washington and has proposed a committee on similar lines. He has said nothing about India having something like the American NetLaw. The central intelligence agencies will have to hone their cyber skill and employ it increasingly for routine espionage and counter-espionage. Surveillance and monitoring will be vital inputs in any future plan for cyber policing.
PRIVACY
The telecommunications and the postal departments intercept transmissions when asked to do so. Why can’t there be a law to make the internet service providers install the data equivalent of wiretaps? The tap must, however, be used sparingly as it involves the infringement of citizen’s privacy. Sensitive issues such as these, one hopes, have been addressed in the proposed information technology bill. Till such time, and it can be a long time, that the police agencies are geared up, the business houses will have to use the protective and investigative cover made available by the private security agencies. Once having vetted these agencies, the police should cooperate with them rather than making their work difficult.
The Central Bureau of Investigation has assumed the entrepreneurial role of introducing the country’s police forces to e-policing. The bureau is in the process of collecting and collating the literature available on cyber crime and distributing the same to the country’s police forces in the form of CD-ROM. It has also planned training and orientation programmes for its own and state police officers. The SVP National Police Academy at Hyderabad has also planned special courses in combating Net-crimes for Indian and foreign police officers.
What is required is to generate security awareness among the computer users through a sustained campaign. Personal vigilance will preempt much of the trouble. Keep changing your password. Enjoy online shopping but be discreet in disclosing your credit card number. The computer must remain user-friendly but should have enough built-in safety to deter the prowler. To this end the designers and the security experts much work in tandem.
SUDHIR KUMAR JHA
14.07.2000
The author is a former Director General of Police, Bihar.