Monday, January 14, 2002		Article

Patrolling cyberspace is a legal maze
Ali Hasnain

WELCOME to Cyberland, which along with a ruined Russian economy was a fall out of the cold war! A unique instance of a war creating rather than destroying. The idea was born out of the fear of a nuclear strike. Bruce Sterling spoke of the Internet as "a post apocalypse command grid."

It was the endeavour of the American military to create a system where a host of alternate routes were available at any given time to direct communication traffic and thus the Internet came into existence. Before we could bat an eyelid, it had mushroomed into a self-sustained community with online access to doctors, government agencies and banks. It did not take long for criminal minds to foray into cyber land. After all, they are an integral part of traditional society. So be it! Today the Net boasts of innumerable Charles Sobrajs, each one a master in his own right.

Network break-ins have become rather a common affair; the hacker simply uses a Trojan to remotely control a computer from a geographically different location (Trojan as the name suggests is a type of virus which an unsuspecting client downloads onto his computer system believing it to be "friendly" information. In most cases such viruses are camouflaged into files which are important for the client.). Such control over a computer or computer network can have devastating consequences. Imagine the plight of multi-national corporation whose decision to downsize is thrown out of gear. How? An employee finds out that he is about to be fired and manages to leave a RAT (remote administration Trojans) in the company’s system. The result? Either all its confidential files are deleted or made public.

RATS can allow a hacker access to the victim’s hard disk and perform just about any function using the victim’s computer without being in physical proximity of the system. There is software for detecting Trojans, but like in the real world it is difficult to create software for Trojans which still do not exist or their existence is not known. Just as a disease precedes the cure a Trojan attack has the advantage of the element of surprise.

In India there have been a few cases of network break-ins, where government and defence Websites have been hacked and altered, but luckily not much damage has been caused. Some incidents from other countries may help us realise the enormity of the threat. The White House Website had to change its IP address in one of the many attacks it has faced.

In another case, a group of hackers managed to wrest control of a Website for children that offered a range of activities to the young. One of these activities was titled "Have fun with gold fish." The hackers replaced the word gold fish with the word piranha! They sought a ransom of $5 million to return control of the Website. The unhappy news is that the forces of evil won this round. In yet another case a computer savvy bank employee planted a "logic bomb" programmed to deduct 10 cents every week from all accounts and transfer it to a fictitious account he had created. He was discovered when another person opened an account with a similar name!

The use of the Internet is still in its infancy in India. Even today a large majority of Indians are oblivious to the boons and banes that cyberia offers. It could also be the reason for the lower rate of cyber crimes in the country but we need to remember that the traditional boundaries have no meaning in the cyber world. A criminal sitting in Timbuktu can as easily deface an Indian Website. In the coming days the misuse of the Internet will only increase. Whereas the Information Technology (IT) Act has a broad ambit, the problem is of implementation. When we find it difficult to implement and enforce laws where the territorial jurisdiction is limited to India, how are we possibly going to enforce a law that has international ramifications? Bringing cyber criminals to justice may prove to be more difficult than seeking the extradition of the likes of Dawood Ibrahim and Masood Azhar.