V Sem BCA

SEC III - Cyber Crimes, Cyber Laws, Intellectual Property Rights

Part - A
I – Answer any 4 questions. Each question carries 2 marks. 4x2=8

1. Define Cyber crime and Cyber criminal.

Cybercrime may be defined as “Any unlawful act where computer or communication device or
computer network is used to commit or facilitate the commission of a crime”.

2. What are the categories of Cyber crimes.

Criminal activity that targets computers.
Criminal activity that uses computers.
3. What is data theft?
4. Write the three security settings in the computer.
5. What are the different checklists for secure net banking.
6. Define IPR and GI.
Intellectual property rights (IPR) in cyberspace pertain to legal protections for creations of the mind
in the digital realm. These rights are essential in safeguarding intangible assets such as inventions,
artistic works, designs, symbols, names, and images used in commerce

Part - B
II – Answer any 4 questions. Each question carries 5 marks. 4 x 5 = 20

7. What are the characteristics of Cybercrime activities?

8. Write the steps of filing an offline/online cyber complaint.
online
1. Visit the Official Portal: Go to the official website or portal designated for reporting cybercrimes in your
region.
2. Create an Account: If required, create an account on the portal using your contact information.
3. File a Complaint: Follow the instructions to file a cybercrime complaint. Provide a detailed description of
the incident, including all relevant information.
4. Upload Evidence: Use the portal's interface to upload any evidence you have collected, such as
screenshots, emails, or chat logs.
5. Specify the Type of Cybercrime: Choose the appropriate category or type of cybercrime from the options
provided on the portal.
6. Provide Contact Information: Ensure that your contact information is accurate, as this will be used for
communication regarding the case.
7. Acknowledge Terms and Conditions: Read and acknowledge any terms and conditions related to the
complaint submission process.
8. Review and Submit: Review your complaint for accuracy and completeness, then submit it through the
online portal.
 9. Receive Confirmation: After submission, you should receive a confirmation or reference number for your
complaint. Keep this for future reference.
10. Follow Up: Follow up with the relevant authorities if you do not receive a response within a reasonable
time frame.

Explain the important sections of IT Act.

Sections of IT Act Section 43- Applicable to people who damage the computer systems without permission
from the owner. The owner can fully claim compensation for the entire damage in such cases.
Section 43 A-If a body corporate is negligent in implementing reasonable security practices which causes
wrongful loss or gain to any person, such body corporate shall be liable to pay damages to the affection
person.
Section 65-Tampering with computer source documents A person who intentionally conceals, destroys or
alters any computer source code (such as programmes, computer commands, design and layout), when it is
required to be maintained by law commits an offence and can be punished with 3 years’ imprisonment or a
fine of 2 Lakhs INR or both
Section 66-If a person fraudulently uses the password, digital signature or Other unique identification of
another person, he/she can face imprisonment up to 3 years or/and a fine of 1 Lakh INR.
Section 66B - Incorporates the punishments for fraudulently receiving stolen communication devices or
computers, which confirms a probable three years imprisonment. This term can also be topped by Rs. 1 lakh
fine, depending upon the severity.
Section 66C - This section scrutinizes the identity thefts related to imposter digital signatures, hacking
passwords, or other distinctive identification features. If proven guilty, imprisonment of three years might
also be backed by Rs.1 lakh fine.
Section 66 D - This section was inserted on-demand, focusing on punishing cheaters doing impersonation
using computer resources
Section 66D-If a person cheats someone using a computer resource or a communication device, he/she
could face imprisonment up to 3 years or/and fine up to 1 Lakh INR
Section 66E-If a person captures, transmits or publishes images of a person’s private parts without his/her
consent or knowledge, the person is entitled to imprisonment up to 3 years of fine up to 2 Lakhs INR or both
Section 66F-A person can face life imprisonment if he/she denies an authorized person the access to the
computer resource or attempts to penetrate/access a computer resource without authorization, with an aim
to threaten the unity, integrity, security or sovereignty of the nation. This is a non-bailable offence.
Section 67-If a person captures, publishes or transmits images of a child in a sexually explicit act or induces
anyone under the age of 18 into a sexual act, then the person can face imprisonment up to 7 years or fine up
to 10 lakhs INR or both
Section 69 A-If the government feel it necessary in the interest of sovereignty and integrity of India, it can
intercept, monitor or decrypt any information generated, transmitted, received or stored in any computer
resource. The power is subject to compliance of procedure. Under section 69A, the central government can
also block any information from public

9. Write a note on phishing.

Phishing It is a form of social engineering and scam where attackers deceive people into revealing sensitive
information or installing malware such as ransomware. Phishing attacks have become increasingly
sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe
everything while the victim is navigating the site, and transverse any additional security boundaries
with the victim
types of phishing:
 Email Phishing: This is the most prevalent form of phishing, where attackers send fraudulent emails posing
as legitimate organizations or individuals, such as banks, government agencies, or trusted brands. These
emails typically contain links to fake websites or attachments

Spear Phishing: Spear phishing involves highly targeted attacks directed at specific individuals or
organizations. Attackers gather information about their targets from sources like social media or public
databases to craft personalized and convincing messages.

Vishing (Voice Phishing): Vishing involves using phone calls or voice messages to deceive individuals into
revealing sensitive information, such as credit card numbers or login credentials.

SMiShing (SMS Phishing): SMiShing refers to phishing attacks conducted via text messages (SMS). Similar to
email phishing, attackers send fraudulent messages containing links to malicious websites or instructions to
reply with sensitive information

Search Engine Phishing: Search engine phishing exploits search engine optimization (SEO) techniques to
manipulate search results and promote malicious websites

10. Explain the process of Wi-Fi security management in Computer and Mobile.
Wi-Fi security management in computer and mobile.
Media Access Control (MAC) addresses Which restrict access to a Wi-Fi network. (A MAC
address is a unique code or number used to identify individual devices on a network.) While this
tactic provides a higher measure of security than an open network, it is still susceptible to attack
by adversaries using "spoofed" or modified addresses.
Encryption A more common method of protecting Wi-Fi networks and devices is the use of
security protocols that utilize encryption. Encryption in digital communications encodes data and
then decodes it only for authorized recipients. There are several types of encryption standards in
use today, including Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2). Most
newer network devices, such as access points and Wi-Fi routers, feature built- in wireless-security
encryption protocols that provide Wi-Fi protection.
Virtual private networks (VPNs) VPNs are another source of Wi-Fi network security. They allow
users to create secure, identity-protected tunnels between unprotected Wi-Fi networks and the
internet. A VPN can encrypt a user's internet connection. It also can conceal a user's IP address
by using a virtual IP address it assigns to the user's traffic as it passes through the VPN server.
Security software There are many types of consumers and enterprise software that also can
provide Wi- Fi security. Some Wi-Fi protection software is bundled with related products, such as
antivirus software
11. Write a note on IPR issues in cyber space.
IPR issues in Cyber Space Intellectual property rights (IPR) in cyberspace pertain to legal
protections for creations of the mind in the digital realm. These rights are essential in
safeguarding intangible assets such as inventions, artistic works, designs, symbols, names, and
images used in commerce. In the context of cybercrime, protecting intellectual property
becomes crucial due to the ease with which digital content can be replicated, distributed, or
manipulated without authorization.
• Patent
Patent: Grants exclusive rights to inventors for new, useful, and non- obvious inventions or
processes, preventing others from making, using, or selling the patented invention.
• Trademark
Trademark: Safeguards brands, logos, symbols, and phrases used in commerce to distinguish
goods and services.
 • Geographical indications(GI)
• Layout Designs of Integrated Circuits
• Trade secrets
• Copyrights
Copyright: A copyright is a type of intellectual property that gives the creator of an original work,
or another owner of the right, the exclusive, legally secured right to copy, distribute, adapt,
display, and perform a creative work, usually for a limited time.

• Industrial Design

Part - C
III – Answer any 4 questions. Each question carries 8 marks. 4 x 8 = 32

12. Write and explain the different types of cyber crimes. (any 4)
1. Phishing 2. Ransomware 3. Malware 4. Identity theft 5. Security hacking 6. Cyberstalking 7.
Social Engineering 8. PUPs 9. Online scams 10. Cyberbullying 11.Botnet 12.Cyberterrorism
13.Social media frauds 14.Man in the middle attacks 15.Distributed denial of service attack
16.Insider threats 17.Cyberjacking 18.Spyware 19.Trojans 20.Internetfraud

1.Phishing It is a form of social engineering and scam where attackers deceive people into
revealing sensitive information or installing malware such as ransomware. Phishing attacks have
become increasingly sophisticated and often transparently mirror the site being targeted,
allowing the attacker to observe everything while the victim is navigating the site, and transverse
any additional security boundaries with the victim
2.Ransomware It is a type of cryptovirological malware that threatens to publish the victim's
personal data or permanently block access to it unless a ransom is paid. While some simple
ransomware may lock the system without damaging any files, more advanced malware uses a
technique called cryptoviral extortion.
3.Malware It is any software intentionally designed to cause disruption to a computer, server,
client, or computer network, leak private information, gain unauthorized access to information or
systems, deprive access to information, or which unknowingly interferes with the user's
computer security and privacy
.Security hacking A security hacker explores methods for breaching defenses and exploiting
weaknesses in a computer system or network.
Online scams These are usually in the form of ads or spam emails that include promises of
rewards or offers of unrealistic amounts of money. Online scams include enticing offers that are
“too good to be true” and when clicked on can cause malware to interfere and compromise
information.
Cyberbullying Cyberbullying or cyberharassment is a form of bullying or harassment using
electronic means. Cyberbullying and cyberharassment are also known as online bullying.
Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content
about someone else.
Internet fraud Internet fraud is a type of cybercrime fraud or deception which makes use of the
Internet and could involve hiding of information or providing incorrect information for the
purpose of tricking victims out of money, property, and inheritance
13. Write the different tools available for cyber security.
14. Write and explain about data protection laws in India.
 DATA PROTECTION LAWS IN INDIA
The Parliament has approved the Digital Personal Data Protection Bill in 2023. How does it differ
from the earlier version? Where has it improved, and where may it still need enhancements?
Digital personal data protection involves safeguarding people's personal information in the digital
world.
As technology and internet use continue to grow, individuals share a lot of personal data online,
including financial details and private messages.
Keeping this data safe from unauthorized access, breaches, and misuse is a significant concern in
today's digital age.
Understanding Digital Personal Data Protection: In today's era, as people increasingly share
personal information online, safeguarding this data from unauthorized access, breaches, and
misuse has become paramount.
15. With examples write the different cyber crime cases in India.
Case 1: Navasri SDRC The Navsari Consumer Disputes Redressal Commission (CDRC) has ordered
the State Bank of India (SBI) to compensate a victim of UPI cyber fraud. The victim lost Rs 59,078
from her account in the SBI's Fuvara branch. Despite reporting the incident and lodging a
complaint, the bank failed to take prompt action to recover the remaining Rs 39,578.
Case 2:Operation Chakra2 The Central Bureau of Investigation (CBI) has taken over the
investigation of an alleged scam involving a Chinese national targeting Indian citizens. The scam
involved investments, loans, and job opportunities, with deposits being siphoned off through
shell companies. The CBI has identified 137 shell companies used to launder the money, and a
Bengaluru-based payout merchant is under scrutiny for their role in the scam. The CBI conducted
searches in Bengaluru, Cochin, and Gurugram, which yielded substantial evidence. The agency
has also registered another case based on information from the Singapore police, involving cyber
fraud targeting Singapore citizens.
Case 3:Operation Chakra 3 The Central Bureau of Investigation (CBI) has conducted searches at
76 locations across India as part of Operation Chakra-2. Five separate cases of cyber-enabled
financial frauds were registered, including one involving a crypto currency fraud worth Rs 100
crore.The CBI acted on inputs from the Financial Intelligence Unit (FIU), FBI, Interpol, and other
international agencies.
Case 4:Cyber fraud scam The Bengaluru Police have arrested six individuals in connection with a
Rs 854 crore cyber fraud scam. The accused allegedly cheated thousands of victims across India
through an investment scheme. The police have identified three other individuals believed to be
the masterminds behind the fraud. The victims were lured through messaging platforms and
were promised high returns on their investments.
Case 5:Shreya Singhal v. UOI: Challenge to the constitutionality of Section 66A of the IT Act,
which criminalized offensive online comments.The Supreme Court emphasized freedom of
speech, distinguishing between discussion and incitement. Section 66A was found capable of
restricting all communication, violating free speech.
Case 6:Syed Asifuddin and Ors. v. State of Andhra Pradesh and Anr.: • Hacking ESNs of mobile
handsets. • Court found that mobile handsets fall under the definition of "computer" in the IT
Act, and altering ESN is an offense under Section 65. Note: In the case "Syed Asifuddin and Ors. v.
State of Andhra Pradesh and Anr.," the term "ESN" stands for "Electronic Serial Number."
Electronic Serial Number is a unique identifier associated with a mobile device, particularly in the
context of older analog and early digital cellular networks. It is used to track and identify
individual mobile devices on a network. The ESN is distinct from the International Mobile
 Equipment Identity (IMEI) number, which is used in modern mobile devices to serve a similar
purpose.
Case 7:How Jamtara scamsters pocketed Rs 1.5 lakh everyday through credit card frauds In
Jamtara, India's cybercrime hotspot, a gang member was found to be making between Rs 1 lakh
and Rs 1.5 lakh daily through credit card fraud. The earnings were revealed during the
interrogation of three individuals who were apprehended by the police. The gang's modus
operandi involved sending deceptive links to credit card holders, impersonating as bank
representatives, and siphoning funds from victims' accounts.
Case 8:LinkedIn Scams LinkedIn has become a target for AI-based scams, with scammers creating
fake profiles and promising high-paying jobs. These scams gained traction during the pandemic
when many professionals were looking for employment and funding. The scammers impersonate
influential individuals and use fake email addresses to deceive victims. While LinkedIn takes
action to delete fake accounts, the scale of these scams makes it challenging to prevent them
completely.

16. Write the steps for installation and configuration of Anti-virus in computers.

1.If you bought antivirus software on a CD or DVD from a store, you must first put the CD or DVD
into your computer's disc drive. However, in any case, you can also get the program set up in
your USB drive, like Pen drive. 2.If you did not buy a CD or DVD and instead downloaded an
antivirus application from the Internet, you must now locate the downloaded file on your
computer. If you downloaded the zip file for the program setup, you are required to unzip the file
to access the installation files. Then, find the file that has a name like install.exe, setup.exe, or a
similar name, and double-click on that file to start the installation process of the antivirus
program. 3.Follow the steps for installing the antivirus program in the installation process
window. The recommended options are provided by the install process, which helps the antivirus
program to work properly. There is one exception that the install process recommends installing
any helpful program for your computer or any toolbar for the Internet browser. 4.Close out the
install window when you have completed the installation process of an antivirus. 5.If you
installed the software with a CD or DVD, remove it from the computer's disc drive. After
Installation, Scan for Viruses
1. Quick Scan: A quick scan only checks the common areas where are most chances to be
infected, and it takes around 10 to 20 minutes.
2. Full Scan: The full scan option examines all areas of your computer system to identify if there
is no virus; however, it can take more time, even many hours, to complete. a full scan option is a
slow process, it provides surety your system has not any kind of threats.
3. A Scheduled Scan: The schedule scan option provides real-time security for your computer by
scanning files for viruses as you use them
17. What are the procedures for patent registration and copyrights registration?
Step 1- Patent search: The invention should be unique and non-obvious to get registered. For this
purpose you need to carry out patent search. It can help you to avoid lengthy patent registration
process
Step 2- Filling patent registration application:
Step 3- Preparation of patentability report and attach all the required documents:
Step 4- Review of application:
Step 5- Issuance of patent registration certificate:

Procedure for registering copyrights

Step 1: File an Application
The author of the work, copyright claimant, owner of an exclusive right for the work or an
authorized agent file an application either physically in the copyrights office or through
speed/registered post or through e-filing facility available on the official website
Step 2: Examination
In the next step, the examination of the copyright application takes place.
Once the dairy number(5 digit unique number) is issued, there is a minimum 30 days waiting
period. In this time period, the copyright examiner reviews the application.This waiting period
exists so that objections can arise and be reviewed.
Step 3: Registration
The final step in this process can be termed as registration. In this step, the registrar might ask
for more documents. Once completely satisfied with the copyright claim made by the applicant,
the Registrar of Copyrights would enter the details of the copyright into the register of copyrights
and issue a certificate of registration