In a recent study by cert.org,
it has been observed that the number of computer security breach incidents
reported during the year 2001 at 52,678 was more than double the 21,756
reported in the previous year. In counting these incidents, all incidents of
one particular virus was recorded as one single incident and hence the real
impact of the growth in the number of incidents is very alarming.
The unprecedented increase in
attacks last year was matched by a nearly identical upswing in the number of
software and computer equipment security vulnerabilities reported in 2001.
CERT cataloged approximately 2,437 vulnerabilities last year, compared to just
1,090 in 2000 - more than half of the 5,033 total vulnerabilities reported to
CERT since 1995.
While similar information in
India is not immediately available, it would be a fair guess that the growth
of computer security breaches would have been in similar proportion in India
as well. These security breaches mirror a corresponding raise in Cyber Crimes
since most of the breaches are connected to deliberate hacking or virus
activity by criminals.
Doubling of crime graph year
after year is a matter of great concern to the law enforcement authorities in
India who are making all efforts to acquire the necessary skills to tackle
Cyber crimes. Several of the State Governments have set up Cyber Crime cells
to tackle the growing menace.
Unfortunately, it is only when a high profile crime comes
into open that preventive action seems to spring forth. Recently, Tamil Nadu
has been rocked by the Dr L Prakash controversy on Cyber Pornography. In fact,
the incident has received so much of press publicity that there must have been
more visitors to tamilsex.com in the last week than perhaps in the whole of
last year. naavi.org had categorically opined that this is a fit case for the
Government to use its "Site Blocking " powers to reduce the impact of the
crime. Unfortunately the clarity in the legal position is lacking on how to
initiate a request for such blocking and who should issue the order. Sooner
action is taken in this regard better it is for the community.
In the mean time, one good fall out of the crime is that
there is an all-round awareness that Cyber Crimes are here to stay and the
Police have to develop the necessary skills to tackle the growing menace.
Tamil Nadu Police has taken immediate steps in this direction and chalked out
a series of Cyber Crime training programmes for their officers. naavi.org is
happy that Cyber Law College is associated in this effort and the
first of this path breaking training programme is scheduled to commence this
month.
Even though the NCRB in Delhi and the National Police
Academy in Hyderabad did conduct a few such programmes last year, if the
large Police force needs to be quickly trained in this new type of crime
investigation, it is necessary that every state Police training systems have
to adopt similar plans within their own training curriculum. The TN Police
Training College's plans are therefore likely to be a model Cyber Crime
training module that can be shared by other states as well.
Naavi
January 15, 2002.