PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS

PROJECT ON

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
SUBMITTED TO:MS. Debmita Mondal
(FACULTY OF CYBER LAW)

SUBMITTED BY:Rajat Agrawal

(ROLL NO: - 106, SEM -IX, BATCH: XI)

UNDER-GRADUATE PROGRAMME
SUBMITTED ON:08th, October, 2015

HIDAYATULLAH

NATIONAL LAW

UNIVERSITY RAIPUR, (C.G.)

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS

ACKNOWLEDGEMENT

I am much indebted to my mentor Ms. Debmita Mondal who gave me a chance to work on the
topic called Practical Concerns in Cyber Crime Investigation. I take the opportunity to thank
him for his assistance & comments & remarks on the project before its final draft. Throughout I
have been helped & encouraged by him.

A great debt of gratitude must be acknowledged to the Library & IT department for providing
with the valuable resources required for the making of this project.

I acknowledge the support of other faculty members, seniors & my classmates for their help in
locating source materials & for reading through the various drafts & offering some very valuable
suggestions for the project. Last but not the least I would like to thank my parents without whom
I would not have been able to complete my project.

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS

CONTENTS

ACKNOWLEDGMENT
RESEARCH METHODOLOGY
INTRODUCTION
PROBLEMS IN CYBER CRIME INVESTIGATION
o Jurisdictional Problem
o Tracking the origin of crime
o Growth of the underground cyber crime economy
o Legal problem
o Technical problem
o Shortage of skilled cyber crime fighters
o Widespread use of pirated software
o Locating and securing relevant material
o Problems of encryption
GOVERNMENTS INITIATIVE IN CYBER BATTLE
CONCLUSION AND SUGGESTIONS
BIBLIOGRAPHY

I
III
01
02
02
03
03
03
05
05
05
06
06
07
10
11

RESEARCH METHODOLOGY

The aim of this project is to learn about the problems faced while investigation of a cyber crime.
The methodology used in the project is doctrinal in nature. The sources of data for this project
II

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
are secondary in nature, including books, Arts, law journals & online resources. The mode of
writing in this project is descriptive.

III

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS

INTRODUCTION
Advancements in modern technology have helped countries develop and expand their
communication networks, enabling faster and easier networking and information exchange. In
the 21st century, public law enforcement officials, private investigators and security
professionals will be faced with the growing incidence and impact of cyber crime1.
The growing popularity and convenience of digital networks, however, come at a cost. As
businesses and societies in general increasingly rely on computers and internet-based
networking, cyber crime and digital attack incidents have increased around the world2. These
attacks generally classified as any crime that involves the use of a computer network
include financial scams, computer hacking, downloading pornographic images from the internet,
virus attacks, e-mail stalking and creating websites that promote racial hatred. The first major
instance of cyber crime was reported in 2000, when a mass-mailed computer virus affected
nearly 45 million computer users worldwide3.
In this information technology age, the criminal investigation procedures require radical changes
to handle the errant computer users effectively. Today, the crime investigators are faced with the
problem of collection of appropriate evidence in computer storage media and data
communication system. It requires a cohesive well trained and well equipped force of
investigators operating and co-coordinating at national and international level. This change in
crime scenario would also necessitate major changes in the related forensic procedures as well as
in the outlook of judiciary. Present era of fast changing technologies well soon derail the criminal
justice system and make the whole exercise futile, if appropriate steps are not taken urgently.
This project throws light on the various problems faced at national and international level and
initiatives tackle the same.

Investigating
Computer
Related
Crime
http://www.isaca.org/Journal/Past-Issues/2000/Volume5/Pages/Investigating-Computer-Related-Crime.aspx as accessed on 15th March, 2014
2
It is time for countries to start talking about arms control on the internet, Economist, July 1, 2010 as cited in CYBER
CRIME A GROWING CHALLENGE FOR GOVERNMENTS (2011)
3
MessageLabs Intelligence: 2010 Annual Security Report, Symantec as cited in CYBER CRIME A GROWING
CHALLENGE FOR GOVERNMENTS (2011)

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS

PROBLEMS IN CYBER CRIME INVESTIGATION

Although governments are actively focused on fighting and preventing cyber criminals from
damaging infrastructure, the very nature of cyberspace poses a number of challenges to the
implementation of cyber regulations in any country. Within cyberspace it is often difficult to
determine political borders and culprits. Furthermore, the cyber criminal community and their
techniques are continuously evolving, making it more challenging for governments and
companies to keep up with ever-changing techniques.
The various challenges and problems faced are as follows:
1. Jurisdictional Problem4
Cyber crimes are crimes truly which have no boundary. Information technology has turned the
world into a global village. The advent of Internet has put everyone within the reach of other.
The cyber criminal have scant regard for national or local jurisdictions. S.75 of the I.T. Act is
Indian answer to jurisdictional blues. This Section extends the influence of I.T. Act, 2000 over
the entire world keeping in view the nature of cyber crimes.
The difficulty arises in implementing extra-territorial jurisdiction. The problem will arise as to
actual conducting of investigation and trail. Internal territorial problems can be solved such
problem invariably arises in international arena. A pertinent question arises whether a judgment
passed by an Indian court in matter relating to a person/company situated abroad but duly
covered under the provisions of the I.T. Act of 2000 would be acceptable to foreign courts. If the
judgments delivered by Indian Court cannot be enforced then whole exercise of trial and
punishments would turn out to be futile if we go by recently U.S. Court approach in Yahoo Inc.
France Naxi Memorabilia dot com case. The answer will be disturbing no. U.S. Court approach
in Yahoo Inc. France Naxi Memorabilia dot com case has highlighted the legal and practical
difficulties in nailing the criminal in a foreign country. Most of the Internet Service Providers are
stationed in U.S. A. Hence, this decision is bound to affect the interpretation and implementation
of S.75 of the I.T. Act of 2000. It shows that in the absence of internationally accepted

MINNY NARANG AND GUNJAN JAIN, CYBER CRIMES: PROBLEM

JOURNAL OF APPLIED RESEARCH 74 (2013)

OF

INVESTIGATION

AND

SOLUTION, INDIAN

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
jurisdiction treaty or convention, the desire to bring the cyber criminal book from any corner of
the world is just a dream which is far from reality.
2. Tracking the Origin of Crime
According to Rob Wainwright, Director of Europol, criminal investigations of cyber crimes are
complex, as the criminal activity itself is borderless by nature5. Tracing cyber criminals poses a
challenge. While many experts speculate that the cyber attacks on Estonia and Georgia, for
instance, were directed by the Russian cyber agencies, some of the attacks have been traced to
the computers originating in Western countries6.
3. Growth of the Underground Cyber Crime Economy
A major threat that may hamper the fight against cyber crime is the growth of an underground
economy, which for many cyber criminals can be a lucrative venture. The underground economy
attracts many digital experts and talented individuals with a specialty around cyber initiative. In
the cyber underworld, the hackers and organized crime rings operate by selling confidential
stolen intelligence. Research shows that criminals are trading bank account information for
US$10125, credit card data for up to US$30 per card, and email account data for up to US$12 7.
Often, the acquired data is used in illegal online purchases and in exchange for other monetary
transactions. The untraceability of the origin of these transactions poses a major challenge to
government agencies in their efforts to fight crimes of this nature8.
4. Legal Problem
There is no universally accepted definition of cyber crime. The cyber crime in a country may not
be termed as a cyber crime in another. There are only 13 countries that have cyber crime laws.
This puts enormous pressure on the law enforcement agencies in obtaining international cooperation. The absence of such laws is like shielding the criminals from the legal provisions and
5

Europol to Reveal Cybercrime Risk Level, Computerworld, January 6, 2011 as cited in CYBER CRIME A
GROWING CHALLENGE FOR GOVERNMENTS (2011)
6
War in the fifth domain, Economist, July 1, 2010 as cited in CYBER CRIME A GROWING CHALLENGE FOR
GOVERNMENTS (2011)
7
Cybercrime as a business: The digital underground economy, Europol, January 6, 2011 as cited in CYBER CRIME
A GROWING CHALLENGE FOR GOVERNMENTS (2011)
8
Cybercrime As A Business: The Digital Underground Economy, Voxy, January 7, 2011 as cited in CYBER CRIME
A GROWING CHALLENGE FOR GOVERNMENTS (2011)

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
providing them safe haven to continue with their evil deeds. Further, the rate at which cyber
crimes are increasing in the world, it is necessary for the criminal justice to demonstrate that
quick and severe punishment would be awarded to those involved in such criminal activities.
What we need is the rule of law at an international level and a universal legal framework which
is equal to the worldwide reach of internet. It is therefore, necessary to make appropriate dynamic laws pertaining to cyber crime.
To effectively combat the cyber crime, it is not sufficient to successfully investigate the crime
and nab the criminal, but more important is to prosecute and administer justice, according to the
law of land. This requires an effective legal frame work, which fully supports the detection and
prosecution of cyber criminals. The traditional techniques for investigation of cyber crime and
the prosecution procedures are inadequate. The judiciary must also appreciate the intricacies of
the digital evidence that is collected and presented in the courts of law, in spite of the technical
and operational hurdles the investigator faces9.
(a) Victims and Witnesses Unawareness
The first impediment that is faced by investigators is of securing the co-operation of
complainants and witnesses. It is now well-documented that the victims of crimes of this nature
are reluctant to report them to the police. Ernst and Young found in its 8th Global Survey of
business fraud, that only one quarter of frauds were reported to the police and only 28% of these
respondents were satisfied with the resultant investigation. The result is that investigators may
face considerable barriers in securing cooperation from victims and witnesses especially those
located in other countries. Unless and until the people are not made aware of this epidemic it is
impossible to tackle this problem.
(b) Identifying Suspects
Another problem faced by cyber crime investigators is the identification of suspects.
Occasionally, this can lead to considerable problems when the wrong person is arrested. Digital
technologies enable people to disguise their identity in a wide range of ways making it difficult
to know with certainty as to who was using a computer from which illegal communications
came. Anonymity can also be achieved in cyberspace using less technologically complex means
9

Supra Note 4 at 75

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
simply purchasing a pre-paid Internet Service Provider and renting a telephone line from a
carrier, each in a false name provides an easy means of achieving anonymity.
This problem may be also solved by the use of biometric means of identification. At present few
computers have biometric user authentication systems such as fingerprint scanner when logging
on. When they become more widespread, problems of identification may be reduced. DNA
samples which can be gathered from keyboards may be used to identity an individual with a
particular computer in some cases10.
5. Technical Problem
Technical challenges thwarting the efforts of law enforcement agencies ability to catch and
prosecute on line offenders. Investigating the Internet crimes, e.g., hacking of a website, staling
data stored in computers, exchanges of pornographic material, espionage, blackmailing e-mails
etc, involves identification of the person who initiated the communication11.
6. Shortage of Skilled Cyber Crime Fighters
Implementing cyber security measures requires skilled manpower. However, most countries face
a shortage of skilled people to counter such cyber attacks. Moreover, most trained or skilled
people are recruited by the private sector, as it offers higher financial rewards. In the UK, the
PCeU has experienced this shortage first hand, with only 40 core team members 12. Similarly, in
Australia, the majority of the cyber crime incidents, particularly minor incidents, remain
unsolved or are not investigated due to the lack of e-Forensic skills and expertise13.
7. Widespread Use of Pirated Software
One of the major challenges to preventing cyber crime is the prevalence of software piracy, as
pirated software is more prone to attacks by viruses, malware and trojans. Experts believe that
the rapid growth of consumer PC markets in emerging countries such as India, Brazil and
China has contributed largely to the rising piracy rates. The pirated software can include not
10

Supra Note 4 at 75
Ibid
12
Cyber skills a top challenge, says UK police cybercrime unit, Computerweekly, November 11, 2010 as cited in
CYBER CRIME A GROWING CHALLENGE FOR GOVERNMENTS (2011)
13
Australian cybercrime investigation skills lacking says Swinburne professor, TechWorld, November 5, 2010 as
cited in CYBER CRIME A GROWING CHALLENGE FOR GOVERNMENTS (2011)
11

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
only games, movies, office applications and operating systems, but also security software. Often,
users prefer to obtain pirated security software, rather than purchase and upgrade legal version,
therefore increasing the vulnerability of their systems to cyber attacks14.
8. Locating and Securing Relevant Material15
Considerable difficulties arise in locating and securing electronic evidence as the mere act of
switching on or off a computer may alter critical evidence and associated time and date records.
It is also necessary to search through vast quantities of data in order to locate the information
being sought.
Todays cyber investigators are faced with many problems because digital evidence is highly
fragile, bits are easier to temper than paper, can easily be altered, manipulated and destroyed. So
chain of custody of these needs is to be maintained and all digital evidence need to be
authenticated.
Difficult problems arise in obtaining digital evidence in cyber crime cases, although in some
ways computers have made the process easier through the ability to conduct searches of hard
drives remotely via the Internet. Some of the main difficulties, however, relate to obtaining
permission to conduct such a search, securing the relevant access device such as a password,
decrypting data that have been encrypted, and imaging a hard drive without interfering with the
evidence. There is also the practical problem of conducting searches quickly so that data cannot
be removed.
9. Problems of Encryption
A difficult problem faced by cyber crime investigators is concerning the data that have been
encrypted by accused who refuse to provide the decryption key or password. An illustration of
the use of strong encryption by a criminal organization was discovered during Operation
Cathedral by police in 1998, which led to the largest ever global seizure of pedophile material.
This involved police in 15 countries who uncovered the activities of the Wonderland (sic) Club,
an international network with members in Europe, North America, and Australia who used the
14

Cybercrime Challenges in the GCC, ITP.net, May 6, 2010 as cited in CYBER CRIME A GROWING CHALLENGE
GOVERNMENTS (2011)
15
Supra Note 4 at 75
FOR

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
Internet to download and exchange child pornography including real time video images. The
Club used a secure network with regularly changed passwords and encrypted content. In Europe
alone, over 750, 000 images were recovered from computers, along, with over 750 CDs and
1,300 videos and 3,400 floppy disks. The encryption used was able to be overcome because one
member of the club cooperated with police and provided access to the files. This led to
approximately 100 arrests around the world in September 199816.
In order to decrypt data, one method is to install a key logging program onto a computer that will
capture the password used for decryption. The installation of such a program of course must be
done without the knowledge of the accused. This may cause legal complication such as it
amounts to interference with right to privacy, and a special warrant needs to be obtained for this.
In one famous case in the United States, evidence obtained in this way was challenged on the
grounds that the key logger involved the illegal interception of wire communications that
requires a special warrant. It was held, however that the key logger only operated when the
computers modem was not connected thus excluding any interception of telecommunications.
If all else fails, investigators may seek to break encryption codes, although this is difficult, time
consuming and costly and would be inappropriate in all the cases. The Australian Federal Police,
for example, has seen an exponential increase in the size of data storage system that the required
to be analyzed during investigations. Where a law enforcement examination of a computer hard
drive in 1990 involved 50,000 pages of text, a contemporary examination of the same would
involve approximately 5 to 50 million pages of text. This increase in investigative capacity has
created considerable resources implications for police that will no doubt increase in the years to
come17.

GOVERNMENTS INITIATIVES IN CYBER BATTLE

The US government has been focusing on protecting its digital infrastructure, declaring it a
strategic national asset. Similarly, Iran, Israel, North Korea, Russia and many other countries
are now creating and training cyber armies. Such increased vigilance is gaining attention, as

16
17

Supra Note 4 at 75
Supra Note 4 at 76

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
both governments and corporate entities have become prime targets of cyber attacks 18. The
various initiatives are as follows:
1. US is Facilitating Global Cyber Security
In January 2011, US Senators Joseph Lieberman and Susan Collins re-introduced a bill the
Cyber security and Internet Freedom Act of 2011 granting President Barack Obama the
authority to shut down the internet in the country in the event of a cyber attack. However, the bill
is still under debate, and has been opposed by many organizations that believe it may give the
government more power and control over the internet. Privacy experts such as Marc Rotenberg,
Executive Director of the Electronic Privacy Information Center, believe that such a bill could
obstruct communication and economic activities19.
In January 2011, the US Department of Commerce announced that it is planning to launch an
office the National Strategy for Trusted Identities in Cyberspace (NSTIC) to promote
online trusted identity technologies. The NSTIC aims to promote a platform where internet users
will receive IDs, thereby increasing trust among users 20. The US Federal Bureau of Investigation
(FBI) has established a separate division to address cyber crime in a coordinated manner. In
October 2010, the FBI arrested more than 90 people, who were believed to be engaged in an
international crime syndicate that hacked into US computer networks to steal US$70 million.
Hackers used spam email to target the computers of small businesses and individual users. By
gaining access to users passwords and bank account details, the hackers were able to transfer
money from those accounts21.

18

War in the fifth domain, Economist, July 1, 2010 as cited in CYBER CRIME A GROWING CHALLENGE FOR
GOVERNMENTS (2011)
19
'Kill Switch' Internet bill alarms privacy experts, USAToday, February 15, 2011 as cited in CYBER CRIME A
GROWING CHALLENGE FOR GOVERNMENTS (2011)
20
White House Officials Push Online Trusted IDs, PCWorld, January 8, 2011 as cited in CYBER CRIME A
GROWING CHALLENGE FOR GOVERNMENTS (2011)
21
More than 100 arrests, as FBI uncovers cybercrime ring, BBC, October 2010 as cited in CYBER CRIME A
GROWING CHALLENGE FOR GOVERNMENTS (2011)

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS
2. UK is investing to improve its defense tactics against cyber crime
The UK considers cyber crime to be a tier 1 threat, equating it to international terrorism and
major incidents22. In 2008, the Police Central e-Crime Unit (PCeU) was set up to fight national
cyber crime. The PCeU collaborates with law enforcement agencies and private industries.
In October 2010, the UK government committed to providing GBP650 million (US$1 billion) to
cyber security initiatives. By February 2011, GBP63 million (US$100 million) had been
allocated for cyber security. According to a UK government spokesman, "The government is
determined to build an effective law enforcement response to the cyber crime threat, building
upon the existing expertise within SOCA (national police unit responsible for pro-active
operations against serious and organized crime) and the Met Police Central e-Crime Unit.23
Apart from increasing investments, the UK also plans to coordinate with Poland on information
security policy while planning for the Euro 2012 football championships and the London 2012
Olympics.
3. Indian government is setting up IT institute
In January 2011, the Indian government announced that it plans to set up an institute dedicated to
training professionals and developing technologies to tackle cyber crime. The institute will be a
public-private partnership initiative, with a total cost of INR1 billion (US$21 million) 24. In
November 2010, Indias Central Bureau of Investigation (CBI) signed an agreement with
industry body Nasscom to share expertise on ways to counter cyber attacks 25. In July 2010, the
Indian government proposed an initiative to develop a unit that will include a group of hackers
acting as a specialized team as counter offence to hacking activities from foreign countries. The
National Technical Research Organisation (NTRO), along with the Defence Intelligence Agency
(DIA), was delegated to create this capability26.
22

UK cyber security plans 'essential for strong defence', BBC, October 18, 2010 as cited in CYBER CRIME A
GROWING CHALLENGE FOR GOVERNMENTS (2011)
23
63m to tackle UK cybercrime, Public Services, February 15, 2011 as cited in CYBER CRIME A GROWING
CHALLENGE FOR GOVERNMENTS (2011)
24
Govt plans to set up IT Institute to tackle cybercrime, Silicon India, February 16, 2011 as cited in CYBER CRIME
A GROWING CHALLENGE FOR GOVERNMENTS (2011)
25
CBI Inks Pact With Nasscom To Fight Cyber Crime, Businessworld, November 22, 2010 as cited in CYBER
CRIME A GROWING CHALLENGE FOR GOVERNMENTS (2011)
26
Spy Game: India readies cyber army to hack into hostile nations' computer systems, Economic Times, August 6,
2010 as cited in CYBER CRIME A GROWING CHALLENGE FOR GOVERNMENTS (2011)

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS

CONCLUSION AND SUGGESTIONS

The increasing popularly and dependency upon internet, www and information technology and
the vulnerability of personal data to criminal access makes everyone the easiest target for a range
of culpable crimes. According to Justice Yatindra Singh regulating cyber space is daunting task
of corpus juries of any country. Computer, internet and cyberspace-together known as
Information Technology has posed new problems in jurisprudence. I have shown inadequacy of
law while dealing with the information technology, changes induced by the information
technology in the way we live, perceive and do business. The existing laws were designed,
having geographical location, tangible medium and physical environment in view. These laws
are not suited to faceless, borderless and paperless cyberspace. This required for a new legal
regime which would provide solutions to the issues generated by this new technology. So it is
submitted that after identifying the cyber crime universally accepted definitions of these shall be
made and cyber penal code shall be enacted which incorporate all these offences and an
international treaty on cyber crime shall be made and shall be signed by the entire nations of the
world in order to tackle the menace of cyber crime.
S.75 of the I.T. Act extends the influence of this Act over the entire world keeping in view the
nature of cyber crimes. As we have discussed earlier, difficulties arise in implementing extraterritorial jurisdiction. So, it is submitted that jurisdiction of I.T. Act shall not extend to those
cases where the accused and victims are foreigners and the offence is committed outside the
territory of India. Further, the jurisdictional problems shall be resolved through the international
cooperation taking in view the global impact of cyber crimes. It is an urgent need that the tardy
procedures of letter-regatory under S.166-A, 166B and 188 of the Code of Criminal Procedure
shall be removed by making suitable amendment in the Code of Criminal Procedure.
It is evident from number of studies conducted by various agencies that victims of cyber crime
are reluctant to report them to the police and the witnesses are non cooperative. So it is suggested
that people shall be made aware about the gravity of these crimes so that the people (victim)
shall inform the matter to the police as soon as the crime is committed. It is submitted that for the
identification of suspects the computers (at least computer owned by institutions and companies)
shall be lodged with biometric use authentication system.
10

PRACTICAL CONCERNS IN CYBER CRIME

INVESTIGATIONS

BIBLIOGRAPHY
Web and Other Sources:

CYBER CRIME A GROWING CHALLENGE FOR GOVERNMENTS (2011)

Investigating
Computer
Related
Crime
http://www.isaca.org/Journal/PastIssues/2000/Volume-5/Pages/Investigating-Computer-Related-Crime.aspx as accessed on

15th March, 2014

MINNY NARANG AND GUNJAN JAIN, CYBER CRIMES: PROBLEM
SOLUTION, INDIAN JOURNAL OF APPLIED RESEARCH 74 (2013)

11

OF INVESTIGATION AND