Question Answered according to the Syllabus 2023 Punjab University. (If any errors found by visitor kindly let us know for correction).
LLB 5 Years Part 2 The University of the Punjab Syllabus Announced for 2023 and onwards. LLB Part IV ( CYBER CRIMES ) 100 Marks The University of Punjab Pakistan
Crimes against Computers
Computers are essential tools for many aspects of modern life, such as communication, education, entertainment, business, and security. However, computers are also vulnerable to various types of attacks that can compromise their functionality, integrity, confidentiality, or availability. These attacks are collectively known as crimes against computers, and they can have serious consequences for individuals, organizations, and society.
Crimes against Computers:
Crimes against computers are illegal activities that involve the use of a computer, a computer network, or a networked device to harm, exploit, or interfere with other computers, networks, devices, data, or users. Crimes against computers can be classified into three main categories: targeting the technology, using the technology, and being facilitated by the technology.
- Types of Crimes against Computers
Crimes against computers can be classified into different categories based on the motivation, method, target, or impact of the attack. Some common types of crimes against computers are:
The unauthorized access or use of a computer system or network, often with malicious intent. Hacking can involve stealing or modifying data, installing malware, disrupting services, or exploiting vulnerabilities.
The software that is designed to harm or perform unwanted actions on a computer system or network. Malware can include viruses, worms, trojans, ransomware, spyware, adware, rootkits, and bots.
The fraudulent attempt to obtain sensitive information or credentials from a user by impersonating a legitimate entity or person. Phishing can involve sending deceptive emails, messages, or websites that trick the user into clicking a link, opening an attachment, or entering their information.
– Denial-of-service (DoS) attack:
The intentional disruption of the availability of a computer system or network by overwhelming it with traffic or requests. DoS attacks can prevent legitimate users from accessing or using the system or network.
The use of computer systems or networks to cause fear, violence, or damage for political or ideological purposes. Cyberterrorism can target critical infrastructure, government agencies, public services, or civilians.
The use of computer systems or networks to harass, threaten, intimidate, or humiliate another person. Cyberbullying can involve sending abusive messages, posting hateful comments, spreading rumors, sharing private information, or creating fake profiles.
- Consequences of Crimes against Computers
Crimes against computers can have various negative effects on the victims and perpetrators of the attacks. Some possible consequences are:
– Loss of data:
The deletion or corruption of valuable information that can affect personal or professional activities. Loss of data can result from hacking, malware infection, accidental deletion, hardware failure, or natural disasters.
– Identity theft:
The fraudulent use of someone else’s personal information for financial gain or other benefits. Identity theft can result from phishing, hacking, malware infection, data breach, or social engineering.
– Financial damage:
The loss of money or assets due to unauthorized transactions, frauds, scams, blackmails, or extortions. Financial damage can result from phishing, hacking, malware infection, identity theft, or ransomware attack.
– Legal liability:
The responsibility for violating laws or regulations that can lead to fines, penalties, or lawsuits. Legal liability can result from hacking, malware distribution, cyberterrorism, cyberbullying, or intellectual property infringement.
– Reputation damage:
The loss of trust, credibility, or respect from others due to negative publicity, rumors, or scandals. Reputation damage can result from hacking, phishing, cyberbullying, or data breach.
– Psychological harm:
The emotional distress, anxiety, depression, or trauma caused by the exposure to threats, violence, or abuse. Psychological harm can result from cyberterrorism, cyberbullying, identity theft, or ransomware attack.
Targeting the Technology:
Targeting the technology means attacking the computer hardware, software, or network itself, either to damage it, disrupt its functioning, or gain unauthorized access to it. Some examples of crimes that target the technology are:
– Malware attacks: Malware is any malicious software that is designed to harm or compromise a computer system or network. Malware can include viruses, worms, trojans, ransomware, spyware, adware, rootkits, and more. Malware can be used to delete or steal data, encrypt, or lock files, monitor or control user activity, hijack system resources, or spread to other devices.
– Denial-of-service (DoS) attacks: A DoS attack is an attempt to overwhelm a computer system or network with excessive requests or traffic, causing it to slow down or crash. A DoS attack can prevent legitimate users from accessing a website or service, disrupt business operations, or damage reputation.
– Hacking: Hacking is the unauthorized access or manipulation of a computer system or network, often by exploiting vulnerabilities or weaknesses in the security. Hacking can be done for various motives, such as stealing information, sabotaging systems, defacing websites, spying on users, or conducting cyberespionage.
– Phishing: Phishing is a fraudulent technique of sending emails or messages that appear to be from a legitimate source but are actually designed to trick recipients into revealing personal or financial information, such as passwords, account numbers, or credit card details. Phishing can also be used to deliver malware or direct users to malicious websites.
Offences relating to Data:
One of the main categories of crimes against computers is offences relating to data. Data is any information that is stored, processed, or transmitted by a computer system or network. Data can include personal details, financial records, intellectual property, trade secrets, confidential information or any other valuable or sensitive data. Data offences can involve unauthorized access, modification, interception, deletion, copying, disclosure, or use of data.
Unauthorized access to data:
Unauthorized access to data is when someone gains access to data without permission or authorization from the owner or controller of the data. This can be done by hacking, phishing, malware, social engineering, or other means. Unauthorized access can result in data theft, fraud, identity theft, blackmail, or espionage.
Unauthorized modification of data is when someone alters or changes data without permission or authorization from the owner or controller of the data. This can be done by inserting, deleting, editing, or encrypting data. Unauthorized modification can result in data corruption, sabotage, vandalism, or misinformation.
Unauthorized interception of data is when someone captures or monitors data without permission or authorization from the owner or controller of the data. This can be done by wiretapping, sniffing, eavesdropping or other means. Unauthorized interception can result in data breach, spying, surveillance or invasion of privacy.
Unauthorized deletion of data is when someone removes or erases data without permission or authorization from the owner or controller of the data. This can be done by formatting, wiping, overwriting, or destroying data. Unauthorized deletion can result in data loss, damage, or destruction.
Unauthorized copying of data is when someone duplicates or reproduces data without permission or authorization from the owner or controller of the data. This can be done by downloading, uploading, copying, saving, or printing data. Unauthorized copying can result in data infringement, plagiarism, piracy or counterfeiting.
Unauthorized disclosure of data is when someone reveals or shares data without permission or authorization from the owner or controller of the data. This can be done by leaking, exposing, publishing, or distributing data. Unauthorized disclosure can result in data violation, defamation, libel, or slander.
Unauthorized use of data is when someone exploits or utilizes data without permission or authorization from the owner or controller of the data. This can be done by selling, trading, renting, or lending data. Unauthorized use can result in data abuse, misuse, misappropriation, or exploitation.
Cyber Terrorism and Cyberwarfare:
Cyber terrorism and cyberwarfare are two forms of crimes against computers that involve the use of malicious software or hacking techniques to disrupt, damage or destroy critical infrastructure, information systems or networks. These crimes can have serious consequences for national security, public safety, economic stability, and social order.
Cyber terrorism is defined as the use of cyber attacks by non-state actors to intimidate or coerce a government or a population for political or ideological purposes. Cyber terrorists may target civilian or military facilities, such as power grids, transportation systems, communication networks or financial institutions. Some examples of cyber terrorism include the 2007 cyber attacks on Estonia, the 2010 Stuxnet worm that sabotaged Iran’s nuclear program and the 2014 Sony Pictures hack that was attributed to North Korea.
Cyberwarfare is defined as the use of cyber attacks by state actors or their proxies to gain a strategic advantage over an adversary in a conflict. Cyberwarfare may involve espionage, sabotage, propaganda or disruption of command and control systems. Some examples of cyberwarfare include the 2008 cyber-attacks on Georgia during the Russo-Georgian War, the 2015 cyber-attacks on Ukraine’s power grid and the 2016 Russian interference in the US presidential election.
Both cyber terrorism and cyberwarfare pose significant challenges for law enforcement and national defense. They require a high level of technical expertise, international cooperation and legal frameworks to prevent, detect and respond to these crimes. Moreover, they raise ethical and moral questions about the legitimacy, proportionality and accountability of cyber operations.