Monday, June 9, 2008

Mumbai Cyber Police turn Hacker Victim

ANOTHER VICTIM : Mumbai Cyber Police turn Hacker Victim


6 Jun, 2008


MUMBAI: In case you thought that working in the Commissioner of Police’s headquarters would ensure that your system would not be hacked, think again.

On (last) Monday, when Sanjay Mohite, DCP — Prevention, resumed work, he could not send any mails from his office computer. The reason. The man in-charge of cyber crime prevention in the city had a system that was hacked. “I have had to send out a mail to all my contacts informing them that my system has been hacked and that they may receive mail from my ID that I have not sent,” says Mr Mohite.

He adds though, that he has allowed the hacker to have access to his system so that he is able to trace him.

With more and more people taking to the internet for a variety of reasons and more banks offering internet-related services, the threat of such occurrences has only increased. Apart from the plethora of online shopping options available with the use of a credit card, almost every bank offers its customers services like e-banking. And this, in a way, makes things easier, for those wanting to play dirty.

Online shopping sites require absolutely no information about you, except your credit card number and expiry date. So, if someone has a good memory and has caught a glimpse of the number, you could very well receive a bill for things you never bought. “If the culprit is in India then we can trace them through the IP address and they will be caught. But if the culprit is someone abroad, it is a complicated process,” says Mr Mohite.

A case in point is the case registered in September 2007. Sub-inspector Kulkarni says, “The Maharashtra government’s website was hacked and the front page changed. We traced the IP address to the US, but nothing could be done as it needs to go through official channels. The case is still pending.” Mr Mohite adds, “First we need to see under what sections of our law is it a crime and then if it is considered a crime in other countries and under what law. It then becomes a judicial process and a letter is sent through the external affairs ministry. In most cases though, the police do not cooperate.”

Cyber theft is not something new as far as India is concerned, with numerous cases being registered. In January this year, Ms Kulkarni informs, a case was filed by a woman whose ICICI e-banking account was hacked and Rs 60,000 was transferred by the culprit. The culprit managed to get access to her username and password by sending her a phishing mail which then installed a keylogger software on her system.

The software then recorded her username and password when typed out and the money was later withdrawn. The DCP is quite sure that apart from phishing sites and mails, like the infamous case in 2006 which duped numerous customers of ICICI Bank of their e-banking details and later money as well, there are bound to be instances of bank websites being hacked.

This probably never see the light of day since banks are determined not to have their name tarnished. “Even when it comes to individuals, a lot of cases do not get reported since banks are willing to pay up to Rs. 25,000 per person as compensation as long as a case is not filed,” he adds.

Even once cases are solved, compensation is not immediate; victims usually get relief once the judiciary has gone through the findings and delivered a judgment. So the next time you decide to shop online or flash your card, remember that someone may just be making note of your details to have fun at your expense later.

No comments:

This Day in History

Thanks for your Visit