What is hacking? The definition of Hacking is very clear; it says hacking is “any unauthorized access”! That means that even if someone leaves his device unattended and another person picks it up or logs in and looks at any data in it – he/she has done the crime of hacking.
It is not necessary that the person doing the misdemeanor actually copies any data therein or misuses the same. Just access which has not been properly authorized or authenticated is enough to attract the penalty for hacking.
It is also clear that the most important ingredient for the commission of a successful cyber crime is data.
When the cyber thug gets hold of sufficient data regarding any innocent victim – he is then ready to launch his patented cyber offence on the concerned individual.
Hacking is the technique used to provide the necessary data to the criminal to carry out a cyber offence.
Thus Hacking is one of the most widespread malaise in the cyber space.
In fact it is seen as the backbone of most of the offences that occur in it. Cyber Crime per se can be said to be based on the foundation provided by Hacking. Especially all financial crimes that occur in the virtual world are based on data accumulated by cyber criminals through the basic technique of hacking.
The criminal can obtain illicit data about a victim by hacking into two different data sources – one is the individual citizen device and the second is through large data storage bases and servers.
Through both these means the cyber criminals gets vital data regarding a victim and this data is then used very cleverly to elicit the desired illegal financial gain from him/her.
Individual citizen devices can be hacked through viruses which are sent to unsuspecting victims in the form of attachments in emails and infected links and downloads in sms and WhatsApp messages etc. In that sense the widespread use of WhatsApp as a social messenger can be a boon and bane for citizens. It is estimated that 98% Indians today use WhatsApp for social messaging. This is an incredible number – the highest in the world. On WhatsApp consider the situation when the user receives a video or a photo.
The video screen is black and nothing is visible till the user clicks the download button. The file downloads and is stored in the gallery and then the video plays. Similarly a photo also is blurred till the user clicks it – download occurs and storage in the gallery and then the picture becomes well defined. In such a situation a Trojan virus can be easily used to send a malware to a user device. A legitimate file is created and given an attractive title that will tempt the user to click the download button. Attached with this file is a malware or virus file – maybe a root kit, backdoor, adware, spyware etc. The victim only sees the title of a legitimate file and in his limited awareness and eagerness clicks the download button. The file downloads along with the malware and it gets installed in the device. Now the hacker has access to all data and information stored in the victim’s device and all data he will receive or send.
His device is thus hacked and all his vital personal information including passwords, account details, address book, chats, messages, photos etc –all have been compromised.
The other means of gaining vital data regarding an intended victim is to gain it not from the victim device but from large data servers and other storage spaces.
Unfortunately there are very few or no data storage servers or clouds that can be declared hack proof. Even the “most secure” Apple iCloud faced a hacking scare in 2014, when a number of private celebrity photos were hacked from their iCloud accounts and posted online.
An active Apple investigation claimed it was not a hack of the iCloud system of Apple but individual account hacking. However that was what Apple claimed – but nothing was conclusively proved. Thus if iCloud can be hacked then all such storage spaces are vulnerable and susceptible to the evil of hacking.
In April 2017 the Delhi Police busted a network of criminals who had the personal details of bank account and credit/debit cards of over 1 Crore private bank account holders. This was another rude shock to all those who claimed that citizen data stored in servers and clouds was totally secure and hack proof.
Once the cyber criminal gets access to vital personal user data from their individual device or from secure servers – they use it to commit all sorts of heinous financial and other crimes on them. The most important category is of online scams. These include – job frauds, lottery frauds, romance scams, relationship scams, matrimonial scams and the like. Other financial crimes include such offences as debit/credit card frauds, online banking crimes, online shopping frauds, mobile wallet frauds, ATM Skimming frauds, Call Center frauds etc.
The best way a citizen can protect himself/herself is through being smart and using his/her head. The citizens should not open any attachment from an email from an unknown source. They should also not click on unknown links and download files from unknown sources – however tempting it may be. Personal information and data, especially passwords, should not be shared online as well as anyone on a voice call. Not to get carried away by temptation and greed is another way to secure oneself from online defrauding. Follow these basic precautions and a number of hacking based cyber offences will be minimized though not totally eliminated, as far as individual citizens are concerned.
The writer is IPS – ADG Narcotics & PRTS Indore (MP)