Posts Tagged With ‘online hacking’


Why are cybercrimes NOT always white-collar crimes?

– Dhananjay Rokde – Global Head – Information Security, Cox & Kings Group

A generic definition of a crime would be an act that is in violation of the applicable laws. A crime / criminal offense may essentially hurt an individual or the community (city or a nation) at large. This concept has now been taken to the next level with rising popularity of cybercrimes. In recent years, there are several analyst reports on the increasing trends of cybercrimes. Of late; several interchangeable terms for cyber crimes such as, computer crime, cyber fraud, internet crime, cyber exploitation, electronic rackets and many others, have emerged. Interestingly; there is no such term as a “cybercrime”, as per any Indian law.

In ‘The State of Information Security Survey -India, 2013′, a report by PWC it reported that the size of the information security market in India in 2012 was Rs 1,200 crore and their estimate for 2013 is Rs 1,415 crore, a growth of 18 per cent. According to the survey, medium businesses with revenues ranging from Rs 500 crore to Rs 5,000 crore, saw an estimated 17 per cent increase in security spending in 2011-12 followed by small businesses with revenues less than Rs 500 crore where the spending increased by 14 per cent. This proves that organizations are not only aware of the menace of cyber threats and attacks but are also focusing on addressing these issues.

There are local laws in almost all countries pertinent to cybercrimes and their admission in the legal system for trials. However, until an actual “terrorist intent” is detected; these perpetrators are never addressed as criminals – instead as white collar criminals or simply as ‘Hackers’. White collar crimes are generally victimless crimes and do not get the attention in society, as much as crimes of theft, hate, violence narcotics and terrorism. However in terms of actual state or national revenue lost, white collar crimes amount to just as much. A hack or a cyberattack can lead to organizations losing data worth millions and can have their revenues compromised. It is also because these criminals are often educated and have jobs in reputed organizations, that gives them leeway. They don’t get the same amount negative embellishment or social interest compared to other criminals. The damage that these crime do is often worse and has far-reaching effects.

To illustrate this let us look at an average cybercrime caused by a DoS (Denial of Service) or a DDoS (Distributed Denial of Service, which is often an organized cybercrime). Web applications belonging to financial institutions like banks, stock exchanges, government bodies & universities remain hot-targets for such attacks. A simple DDoS on a banking site affects all the banks customers and parties associated to the bank. Very simply put it is a two-way damage affecting the payee and the recipient of funds. In many cases this can mean the difference between life and death. Clearly this is NOT a victimless crime. Because the victims are not around to lodge a complaint, or do not even know in most cases that they have been exploited.
The sheer penetration of internet, dependence on it and consumer-convenience of internet banking, e-commerce, trading and online management systems is what often provokes cyber criminals to commit crime. Services like internet baking, airlines bookings / check-ins are no longer a luxury; but life essential amenities. The outage of such services often causes a lot of media hype and gets the attackers exactly the attention they are looking for. Hacktivist groups and cyber vandals are constantly on lookout for such easy consumer based targets.

Just imagine; you are stuck in a blizzard cannot check into a hotel because your credit card limit has abruptly maxed-out, or you are unable to transfer funds back home for an emergency, or not being able to charge your health insurance policy because the networks are down. These are scenarios that are often not taken into account while defining a punishment for the act of a cybercrime. It has also been my personal experience that during such attacks the target banks and application / internet / telecom service providers often do not disclose the occurrence of such attacks; to avoid public embarrassment. It is because there is substantial lack of transparency in the reporting of such incidents by the affected parties that makes it increasingly difficult to catch the culprits. It takes the average victims more than a week to determine if they have actually been exploited. The combination of the two factors mentioned above along with the time-delay assists the criminals to get away.

Law enforcement agencies and legal bodies need to realize a simple truth – “Cyber crimes are actually capable of taking lives”. While the statement may sound a little exaggerated, the actual ripple effects of cyber crimes are felt very late. The impact of a cyber crime is far more than what can be seen at the outset. It is not simply about a unavailability of services or some sites being defaced. This is somewhat like the “Butterfly Effect” theory.

Cyber crimes are becoming costlier by the day. They are costing the global industrial landscape billions of dollars. Such crimes also have severe fall out effects such as permanent loss of reputation, loss of jobs and an overall negative hit on the economy. Not too long ago, Microsoft had officially put up a bounty of USD 250,000 for apprehending the creators of the MSBlast malware.

The Indian IT Act has come a long way from where it began. However it needs to become stringent in two ways – by enforcing onus on the authorities like the police and empowering them with the right tools and knowledge to apprehend such criminals, and also by increasing the severity of the applicable punishments. While harsher sentences are not the complete solution, they are a very strong deterrent. Frost & Sullivan reveals that nearly 80 percent of Indian business enterprises have reported data theft through online hacking and that the cost of computer crimes has reached a whopping USD 10 billion – India is ranked fifth in terms of ecommerce security breaches. These criminals should be tried & prosecuted under the extent of the law. There also needs to be inter-agency synergy between the local cybercrime authorities and the bodies such as the Interpol, NSA, and the CERT.


EC-Council Launches Code Uncode – India’s first ‘Secure Coding’ Competition

The competition, aimed to recognize India’s top secure programmers, will reach youth across India and expects to attract over 1 Lakh registrations

INDIA- May 18th, 2013 – EC-Council, the world’s leading provider of certifications and training in the information security domain, has launched Code Uncode, India’s first ever nationwide hunt for the best secure programmer. Kick starting on May 19th, Code Uncode will be a 3 level online competition.

Code Uncode is a nationwide competition for students, professionals, colleges and corporate. The event will bring together existing and aspiring security enthusiasts from all fields of the infosec world from the Corporate and government bodies to academic institutions.

“EC-Council is dedicated to strengthening cyber security across the world and Code Uncode ’13 is an initiative to draw attention to a very key component of the information technology domain- Secure Coding. We wish to provide a platform for students, professionals, existing and aspiring programmers to come together and test their domain knowledge and showcase their talent while competing for the title of India’s Most Secure Coder,” said Jay Bavisi, President, EC-Council.

According to a report by Gartner in 2011, the IT security market of India is expected to have a CAGR of 16.4 percent from 2011-2016.

Frost & Sullivan reveals that nearly 80 percent of Indian business enterprises have reported data theft through online hacking and 90 percent of Indian companies have placed IT security as their priority investment domain. The report states that the cost of computer crimes has reached a whopping USD 10 billion – India is ranked fifth in terms of e- commerce security breaches.

Sighting this trend and treating Cyber Security awareness as an urgent, need of the hour requirement, EC-Council is launching Code Uncode to strengthen a very important part of every organization- Secure Coding. The aim is to discover talent, methods and ideas; and provide a platform for programmers to demonstrate their coding abilities; encouraging development in this part of information security and raise awareness towards increased education and ethics in information security.

“The number of security professionals in India is expanding at an amazing rate and we’re looking forward to giving that community the right talent in secure programming which is a vital part of security,” said Akash Agarwal, Country Manager, EC-Council India. “I’m pleased that India will host the first ever Code Uncode by EC Council and I’m confident that India’s programmers will be able to showcase their exceptional skills at the event”, he added.

EC-Council backed with their vast experience in global competitions and conferences like Hacker Halted, TakeDownCon and Global Cyberlympics, is bringing the global movement and trend to India through Code Uncode.

For more information about Code Uncode 2013, visit www.eccouncil.org/codeuncode.
For more information about EC-Council, visit http://www.eccouncil.org/about_us.aspx

About EC-Council

EC-Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for Information Security professionals. EC-Council is a member-based organization that certifies individuals in various information security and e-business skills. It has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs. These programs are offered in over 92 countries and over have trained over 120,000 & certified more than 60,000 security professionals through a training network of over 500 training partners globally.

Individuals who have achieved EC-Council certifications include those from some of the finest organizations around the world such as the US Army, the FBI, Microsoft, IBM and the United Nations.


EC Council Successfully Continues its Information Security Awareness Program

Launched a week back with an aim to educate budding security professionals, EC Council continues to partner with education institutions in Hyderabad and Chennai

India– 30th January, 2013 – EC Council, one of the leading certification and training organizations in the world continues its Information Security Awareness Program in India.

This initiative by EC Council was launched keeping in mind the need of the market and is well timed as Frost & Sullivan reported that nearly 80 percent of Indian business enterprises have reported data theft through online hacking. According to a recent Norton by Symantec report, of the total 137 million Internet users in India, 42 million have fallen prey to the cyber fraud in one way or the other. The financial loss per cyber-crime victim is around Rs 10,000 for 2012.

Keeping all of the above in mind, with an aim to educate young students and budding professionals about the hazards in cyber security and the menace of cyber threats, EC Council has launched this ongoing initiative, partnering with numerous colleges, universities and institutions across cities in the country.

Continuing to partner with educational institutions that started with Mahatma Gandhi Institute of Technology, this week, EC Council has partnered with Padmasri Dr. B.V.Raju Institute of Technology, Geethanjali College of Engineering and Technology and Rajalakshmi College, to talk about the perils of cyber threats with students of the CSE and IT Department and the faculty of the College.

Talking about this program, Mr. Jay Bavisi, Global President, EC Council says, “India is in urgent need of cyber security education. With the number of attacks and vulnerabilities on a rise, organizations and all security professionals need to know how to safe guard themselves from malpractices that can put their company at risk. With our globally adopted courses and trainings, we hope to educate these budding professionals so they are equipped to support organizations in their mission critical business needs that continue to grow. With this program we wish to make the Indian market more secure in the global cyber space. “

The EC Council Information Security Awareness Program is a platform for students preparing to be a part of the cyber world to meet, learn and plan together to secure the information security landscape of the future. The program is a combination of a series of seminars, talks, workshops, and events in which students and professionals are educated on topics such as cyber security, secure programming, hacking, cyber warfare, etc.


About EC Council
EC-Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for Information Security professionals. EC-Council is a member-based organization that certifies individuals in various information security and e-business skills. It has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs. These programs are offered in over 92 countries and over have trained over 120,000 & certified more than 60,000 security professionals through a training network of over 500 training partners globally.

Individuals who have achieved EC-Council certifications include those from some of the finest organizations around the world such as the US Army, the FBI, Microsoft, IBM and the United Nations.

For more information about EC Council, visit www.eccouncil.org.

Media Contact:
Mail To: marketing.india@eccouncil.org


EC-Council Launches Information Security Awareness Program

With an aim to educate budding security professionals, EC Council partners with education institutions across India, starting with Hyderabad

Hyderabad– 28th January, 2013 – EC-Council, one of the leading certification and training organizations in the world has launched its Information Security Awareness Program in India starting with Hyderabad.

This initiative by EC Council is well timed as Frost & Sullivan reported that nearly 80 percent of Indian business enterprises have reported data theft through online hacking. According to a recent Norton by Symantec report, of the total 137 million Internet users in India, 42 million have fallen prey to the cyber fraud in one way or the other. The financial loss per cyber-crime victim is around Rs 10,000 for 2012.

Keeping all of the above in mind, with an aim to educate young students and budding professionals about the hazards in cyber security and the menace of cyber threats, EC Council has launched this ongoing initiative, partnering with numerous colleges, universities and institutions across cities in the country.

Kick starting this program in Hyderabad, EC Council has partnered with Mahatma Gandhi Institute of Technology to talk about the perils of cyber threats with students of the CSE and IT Department and the faculty of the College.

Talking about this program, Mr. Jay Bavisi, Global President, EC Council says, “India is in urgent need of cyber security education. With the number of attacks and vulnerabilities on a rise, organizations and all security professionals need to know how to safe guard themselves from malpractices that can put their company at risk. With our globally adopted courses and trainings, we hope to educate these budding professionals so they are equipped to support organizations in their mission critical business needs that continue to grow. With this program we wish to make the Indian market more secure in the global cyber space.

Speaking at the event, Dr. G. Chandra Mohan Reddy, Principal, Mahatma Gandhi Institute of Technology said, “We see the benefit in this Awareness Program and the multiple ways in which our students will benefit from this. As an institution our goal is to provide world class education and empower the students with skills that will benefit them in the long run personally as well as professionally. We are glad EC Council has initiated this Program and would like to thank them for the knowledge imparted to our students and faculty.”

The EC Council Information Security Awareness Program is a platform for students preparing to be a part of the cyber world to meet, learn and plan together to secure the information security landscape of the future. The program is a combination of a series of seminars, talks, workshops, and events in which students and professionals are educated on topics such as cyber security, secure programming, hacking, cyber warfare, etc.

About EC Council

EC-Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for Information Security professionals. EC-Council is a member-based organization that certifies individuals in various information security and e-business skills. It has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs. These programs are offered in over 92 countries and over have trained over 120,000 & certified more than 60,000 security professionals through a training network of over 500 training partners globally.

Individuals who have achieved EC-Council certifications include those from some of the finest organizations around the world such as the US Army, the FBI, Microsoft, IBM and the United Nations.

For more information about EC Council, visit www.eccouncil.org.

Media Contact:
Mail To: marketing.india@eccouncil.org