Cyber Law : An Overview (ICT Act 2006)

Author Topic: Cyber Law : An Overview (ICT Act 2006)  (Read 222 times)

Offline rayhanul.bba

  • Full Member
  • ***
  • Posts: 219
  • Test
    • View Profile
Cyber Law : An Overview (ICT Act 2006)
« on: March 30, 2019, 01:23:08 AM »
   What is Cyber Law?
Cyber law is a term used to describe the legal issues related to use of communications technology, Particularly cyberspace.
   Why Cyber Law?
1.   To control the misuse of the technologies in order
2.   To protect nations/states and bring the criminals within the jurisdiction
3.    An effective cyber law can play a vital role in ensuring that national and global criminals are fairly and successfully tried and judged for their crimes.

   Cyber crimes:

 Hacking: Unauthorized access to computer systems or networks.

Email bombing: refers to sending large numbers of mail to the victim and there by ultimately
resulting into crashing.

Data diddling: an attack involves altering raw data just before a computer processes it and
then changing it back after the processing is completed.

Salami Attacks: demonstrated by the Ziegler case wherein a logic bomb was introduced in the
bank’s system, which deducted 10 cents from every account and deposited it in a particular account.

Denial of Service attack/Distributed Denial of Service (DDoS): When a user is illegitimately prevented from accessing a service such as Amazon or Yahoo.

Virus / worm attacks: an example of this being the love bug virus, which affected at least 5 %
of the computers of the globe

Logic bombs: some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date, like the Chernobyl virus),

Trojan attacks: its origin in the word ‘Trojan horse’ as the unauthorized program is inside what
 appears to be an authorized application.

Cyber Crimes use computers and networks for criminal activities.
Computers can be used for committing a crime in one of the following three ways
1.   As a tool
2.   As a target
3.   Both as a tool and a target

   A partial list of cyber crimes are as follows:
1.   Hacking of computer systems and networks
2.   Cyber pornography involving production and distribution of pornographic material, including child pornography
3.   Financial crimes such as siphoning of money from banks, credit card frauds, money laundering
4.   Online Gambling
5.   Intellectual property crimes such as theft of computer source code, software piracy, copyright in fringement, trademark violations
6.   Harassments such as cyber stalking, cyber defamation, indecent and abusing mails
7.   Cyber frauds such as forgery of documents including currency and any other document
8.   Launching of virus, worms and Trojan
9.   Denial-of-service attacks
10.   Cyber attacks and cyber terrorism
11.   Economic espionage
12.   Consumer harassment and consumer protection
13.   Privacy of citizens
14.   Sale of illegal articles such as narcotics, weapons, wildlife, etc Cyber crimes that can generally occur within organizations are as follows
15.   E-mail abuse
16.   Spam mails
17.   Cyber defamation
18.   Theft of source cod
19.   Exchange of business secrets and documents
20.   Insider attacks on personal database
21.   Use of office computer for running other business
22.   Transmission and viewing of pornographic materials
23.   External cyber attacks on an organization resulting in denial-of-service
24.   Information espionage

   Scenario:

In Bangladesh, 4 students of a private technology institute hacked the RAB web site. On 23 June 2009 RAB arrested JMB IT chief Rajib who used the internet as an engine of resources to make explosives to use in terrorism activities, which is a serious concern for our national security.

In 2008 a petty hacker of Bangladesh named Shahi Mirza hacked the RAB’s website. Moreover he confessed to police that not only RAB’s website but also other national govt. and non govt. and international site had been hacked by him for a long time. Totally he hacked 21 website together with Army’s website. So it is clear to us that the cyberspace of Bangladesh is
not secured.
Few months ago Bangladesh government imposed restriction on opening you- tube video site because it contains an audio recording of a March 1 encounter between angry army officers and the prime minister. The recording was made on March 1 during an emotional meeting at the Dhaka cantonment. Hundreds of officers were present, distraught after paramilitary soldiers brutally killed more than 50 members of the army, including many of the leaders of the Bangladesh Rifles border force. Bangladesh government says in front of media that you-tube has been blocked in the interest of national security.

In September 2007, most internet service providers (ISPs) in Bangladesh were affected by the Denial of Service (DOS) attack. A large volume of data packets was transmitted from an American data centre and caused server failure, slowing the performance of almost all ISPs. The attack was initially attempted on one ISP, Global Access Limited (GAL). Such attack causes serious damage. But our government remains silent after the attack and said in front of media that we have nothing to do.

   Cyber Act 2006:
To define and amend certain parts of law relating to legal security of information and communication technology and related matters the Information Communication Technology Act-2006 was enacted.

 According to the ICT Act the cybercrime shall be treated as non cognizable offence
that is why the police can’t arrest the criminals without warrant except some cases.
 Chapter eight section 54 to 67 of the ICT Act 2006 describe the cybercrimes both civil and criminalmatters.

   The followings shall be treated as crime :

1.   Unauthorized copying, extracting and downloading of any data, database-
2.    Introduction of virus- Damage and disruption to computer system and computer network
3.   Denial of access to authorized person to computer
4.   Providing assistance to make possible to commit to crime
5.   Hacking with computer system
6.   Tampering computer source documents-
7.   Electronic forger for the purpose of cheating and harming reputation-
8.   Using a forged Electronic record
9.   Publication of digital signature certificate for the fraudulent purpose
10.   Confiscation of computer, network etc
11.    Publication of information which is obscene in electronic form
12.   Misrepresentation and suppressing material facts for obtaining digital signature certificate
13.    Breach of confidentiality and privacy
14.    Publishing false digital signature certificate

   Penalty or Punishment:

1.   Maximum 10 years rigorous imprisonment or fined up to 10 lacs taka or for the both: unauthorized access to protected system.
2.   Maximum 10 years imprisonment or fined up to 1 crore taka or for the both: uploading an obscene content on web
3.   Maximum 5 years or fined up to 5 lacs or with both: violation of the order of the controller in emergency period maximum
4.    3 years imprisonment or fined up to 1 crore taka or with both: hacking
5.   Maximum 2 years imprisonment or fined upto 2 lacs or with both: discloser of confidentiality and privacy, publishing false digital signature certificate, publication of digital signature certificate for the fraudulent purpose.
6.   6 month imprisonment or fined up to 10 thousand taka or with both: failure to surrender license

   Issues on Cyber Act 2006:
The Information Technology Act 2006 was undoubtedly a welcome step at a time when there was no legislation on this specialized field. The Act has however during its application has proved to be inadequate to a certain extent.

   The various loopholes in the Act are:

1.   Published without sufficient public debate & didn’t serve  desired purpose
2.   ICT act 2006 has not dealt with cyber stalking , cyber harassment, cyber nuisance, cyber defamation
3.   Nether comprehensive nor exhaustive
4.   Ambiguity in definition
5.   Need to be worldwide uniform law
6.   Lack of awareness among the people
7.   Extra territorial application
8.   Raising a cyber army: By using the word ‘cyber army’ by no means I want to convey the idea of virtual army, rather I am laying emphasis on the need for a well equipped task force to deal with the new trends of hi tech crime. The government has taken a leap in this direction by constituting cybercrime cells in all metropolitan and other important cities.
9.   Time limitation
10.   Dynamic form of cyber crime

   Conclusion:

The policy maker may formulate a baseline security procedures policy outlining the minimum requirements which must be met by agencies regarding information security and may also develop a special analysis site which will be observed 24/7 and will provide real-time monitoring of cyber activities.

‘Cyber incident response unit’ and ‘a cyber crime investigation cell’ may be built within law enforcement authority to fight cyber crime successfully by adopting the enhancing ‘capacity’, good police work, Skilled investigators by sharing the ‘too few’ professionals skilled in cyber security and by training new officers to become experts in the field and providing adequate logistic support/equipment.

Moreover, to keep the national security uninterrupted and avoid hacking, web servers running public sites must be physically separate protected from internal corporate network and web site owners should watch traffic and check any inconsistency on the site by installing host-based intrusion detection devices on servers.

Finally, we can say that the collective effort of state and nations is only a possible way to see the peoples’ dream of a Digital Bangladesh in existence and could protect individuals and national security and aggregation of cyber criminals.

Md. Rayhanul Islam
Senior Lecturer
Department of Real Estate
Facuty of Business & Entrepreneurship
Daffodil International University