Sunday, October 4, 2009

Digital Footprint

There is lack of security culture amongst the user of computer, computer system, and computer networks. The same is evident from the recent report of Anoushka Shankar (daughter of the legendary music maestro Pandit Ravi Shankar) email hacked into by an offender who took control of some very private photographs stored in the inbox of the email.
Cyber Criminal Arrested Through Digital Footprint- An Excellent Job By Special Cell, Delhi Police
Author: Neeraj Aarora
Neeraj Aarora: AICWA, LLB, PGD (Cyber & DLTA), CFE (USA) There is lack of security culture amongst the user of computer, computer system, and computer networks. The same is evident from the recent report of Anoushka Shankar (daughter of the legendary music maestro Pandit Ravi Shankar) email hacked into by an offender who took control of some very private photographs stored in the inbox of the email. Pandit Ravi Shankar has made a complaint to Union Home Ministry that his daughter is blackmailed and threatened via email by some unknown person. Later the complaint was referred to the Delhi Police and the investigation of the case was taken up by Inspector Pawan Kumar under the supervision of ACP Sanjeev Yadav elite Special Cell of Delhi Police. The unknown accused person was allegedly blackmailed and threatened Anoushka via emails that he would make some of her photographs public found in her email inbox, if his demand of $ 100,000 is not paid by her. The unknown accused person apparently hacked the email account of Anoushka and took control of some of private photographs stored in the inbox. The aforesaid officers of Elite Wing of the Delhi Police, the Special Cell, did a commendable job. Apparently, the accused person took control of the password of the email account of Anoushka by hacked into it. He found some very private photographs of her and thought to make some easy bucks out of it, by blackmailing Anoushka as it would cause great embarrassments to the father daughter duo who are internationally recognized musicians. The special cell cops traced the internet protocol address (IP address) from which the Emails were sent. An IP address or "Internet Protocol" address is the unique number assigned to every device such as a computer on an internet network so that data can be routed to and from that device and no other. It is much similar to a postal mailing address that identifies the physical location of your post office and allows the mail carrier to know where to deliver the mail, a device's IP address is what allows the internet to know where to send the data destined for the particular computer. It’s not an easy task to trace the physical location of the computer to which an internet IP address has been assigned and thereby identify the computer's user as we are made to believe through some Hollywood movies. It’s not that just you located the IP address, you located a criminal. It’s nowhere that easy. The IP address are assigned to a netuser not based on his location but from the Internet service provider (ISP) from where he gets the net connectivity, which may be different from user to user, if they avail the services of different ISPs. Even, if the user avails the services of the same ISPs there are no hard & fast rules that the IP addresses necessarily appear "close" to one another in any sense, other than the convenience of the ISP. The IP address can be tracked from the header of the Email IDs. There are various IP address locator available like http://www.whois-search.com from where one can get information about the ISP address to which the particular IP address belongs. Some additional information may be available that indicates the general area that an IP address might reside, i.e. the location of the country or city, if ever, but nothing more specific than that. Here the help of the ISP is required to pinpoint the location and identity of the user. The ISP that allots the IP address to particular computer knows where the user lives. But the ISP’s would not provide the information to the general public due to the strict privacy policy which they adhere to. Here the role of law enforcement machinery comes into picture. The Police and the courts can, with appropriate cause, direct the ISP that the requisite information with respect to the IP addresses be provided. The Section 91 of Code of Criminal Procedure, 1973 and Section 69 of the Information Technology Act, 2000 makes provision to this effect. The extortive emails sent by the offender were found to be sent mostly from Gmail Account. However, the Gmail blocks the IP address of the sender and it is not visible to the recipient of the email. However, one email was found to be from other email service provider and it was found that it had been sent from India; rest of the emails were found to be from Dubai, elsewhere in the UAE, and the USA. The police tracked down one of the IP address to a residential address located at MUMBAI and nabbed the accused person, whose name came to be known as Junaid Jameel Ahmed Khan who confessed to his crime. The cops seized the hard disk of the computer from which the alleged emails were sent, prepared the mirror image of the same and the hard disk was sent to the Forensic Science Laboratory, Hyderabad for further analysis. The cops also seized the passport of the offender through which it was found that the offender was at Dubai on the same date when the extortive emails from Dubai were received by Anoushka, which clearly corroborates the offence committed by the offender. The Special Cops did a commendable job in nabbing the accused person who was blackmailing Anoushka and giving her sleepless nights. The police have seized and preserved the crucial digital evidences and other documentary evidences which would prove the guilt of the accused person. Cyber technology is an extremely complicated field and the internet is being increasingly used as a place to commit crimes using personal computers, as well as network-based computers. It clearly shows that the Special Cell Cops know their job; they not only understand the criminal mindset but also Computers and networks, how they work, and how to track down information on them and know the basics of gathering evidence and bringing offenders to justice. The Special Cell cops registered the case under Section 386 Indian Penal Code which deals with offence of extortion. The maximum punishment for such a crime, if proven guilty, is 10 years’ imprisonment. The offence is cognizable and non bailable. The accused hacked into the email of the Anoushka, however the police at the preliminary investigation stage did not invoked Section 66 IT Act, because the modus operandi of the offender was not known as how he took control of the private photographs of Anoushka, which during investigation and seizure of the computer become apparent that the same has been copied into his computer by hacking the email id of Anoushka. Now Section 66 IT Act has been added as the same is attracted to the offence. The material evidence seized by the cops proves the involvement of the offender as the IP address has been traced to his residence. Further, the examination and analysis of the seized hard disk of the computer of offender at the forensic laboratory would prove that the emails have been hacked into and photographed copied by the offender from the inbox of the email. If it is further revealed by the analysis of the hard disk that the photographs (read obscene or nude) found in the possession of the offender, have been transmitted by him electronically, say some of his friends, the same would amount to publication in electronic form which would be squarely covered and punishable under Section 67 of the IT Act, 2000 as well. Thus, the excellent investigation done by Inspector Pawan Kumar under the supervision of ACP Sanjeev Yadav of the Special Cell, Delhi Police should be applauded which gives a warning to the prospective criminals that they are not anonymous in the virtual world. Their activity on the internet leaves a footprint through which they can be traced and brought to justice. However, at the same time the netizens need to be educated about the best security practices they should adopt and keep in mind while they use computers, computer systems, computer networks and should not fell into the trap of cyber criminals, like Anoushka. After all, prevention is better than cure. Any Quarry Please Send the mail neeraj@hazenlegal.com

Article Source: http://www.articlesbase.com/cyber-law-articles/cyber-criminal-arrested-through-digital-footprint-an-excellent-job-by-special-cell-delhi-police-1297118.html

About the Author:
Neeraj Aarora, Advocate
AICWA, LLB, PGD(Cyber Law), CFE
Mb - +91-987143505. 011-27318700
Email – nirajdp@gmail.com , aarora

Professional Summary
I am a Law graduate, Cost Accountant & Certified Fraud Examiner, presently practicing as an advocate in Delhi Court,providing consultancy on the matter relating to the detection, prevention of cyber crime, collection of digital evidence remedial measures and filing & followup of cases in the court and other legal forum.

Empanelment/Consultant:-

Consultant to 1) World Bank 2) Indusind Bank, Delhi

Arbitrator to “Multi Commodity Exchange of India”, New Delhi

Enrolled as an Advocate with “Bar Council of Delhi” , “Delhi High Court Bar Association” & Supreme Court Bar Association

Qualifications –
AICWA, LLB, PGD(Cyber Law), CFE
Certificate course of “Cyber Crime Investigator
Certificate course of “Cyber Crime Investigation & Cyber Forensic

WORK EXPERIENCE :-
July, 2008 to till date :- Joined BAR COUNCIL OF INDIA as on 15/07/2008 and practicing as an Advocate in Delhi Courts.
May, 1995 to July 2008 :-

I served in the “Economic Offence Wing”, Crime Branch, Delhi Police as an Investigative Officer. I also worked as an Investigator on deputation with Central Beureu of India.

Academic Lectures & Paper Presentations :

Contributing articles on “Forensics & Cyber Fraud” in NIRC News “of ICWAI.
Contributing articles on “Cyber crime & Cyber Law” in “Cyber Times” newspaper.
Delivered lectures on “Fraud in Stock Markets & Corporate sector” at Police Training College, Jaroda kalan, New Delhi
Delivered lectures on “Establishing a chaing of evidence in Cyber Cases” to the officer of Indian Air Force
Delivered Lecture on “Cyber Law & Cyber Crime” in various Engg./Mgt Colleges.