• Investment World
• eWorld
• Catalyst
• Mentor
• Life
• Canvas
• Praxis
• Urban Pulse
• Brand Quest

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources

Group Sites

• The Hindu
• Business Line
• The Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

R.K.Raghavan

Microsoft is helping Nigeria fight cyber crime. Hopefully, this will help tilt the scales against fraudsters.

EARLIER this year, a California-based non-profit organisation,Urban Age Institute, was flattered to receive by e-mail a $1000-donation offer. It responded by unwittingly surrendering vital information, namely, its bank account number, so that the money offered could be credited by the prospective donor. Within days, the donation turned out to be far from a gift. Much to its horror, the institute found out that several cheques, totally worth $10,000, had been drawn against its account and cashed by a woman in Georgia, who, in turn, wired the money to Nigeria. Citing this incident, MSNBC's Technology Correspondent Bob Sullivan says it is enough for an unscrupulous person to have a checking account number and the bank routing number in order to effect a dishonest electronic transfer.

To many of us who use cyberspace, Nigeria conjures up the image of a land that is full of confidence tricksters. This is an unfortunate and possibly undeserved reputation acquired in recent years by a nation that has otherwise a lot to commend for itself. (Nigeria is the 11th largest producer of oil in the world and has huge natural gas reserves as well.) But Nigeria's unsavoury reputation flows from the fact that some groups in that country use the Internet to send bogus mails across the globe to hoodwink gullible persons into parting with huge funds for a high-return investment.

Hardly any of us have not received such messages (popularly known as the `Nigerian Princes Letters') that are alluring when received for the first time. FBI assessments believe that this `Letter Con' is as serious as Internet auction fraud and electronic identity theft. Those who are behind this trickery (also called the 419 scam after the section of Nigerian Criminal Code that punishes this kind of fraud) pose themselves as officials of the country's Central Bank or a government Ministry and approach individuals for help to transfer large sums of money through the latter's bank accounts. They also invite investment on non-existent businesses. The rates of return assured are irresistible. In the process of negotiating a deal, some victims are deceived into parting with sensitive financial data. Sometimes they are also coaxed into paying an advance fee that is never returned.

The growing phenomenon has greatly affected e-commerce in the region, and governments are greatly exercised over how to check the misuse of cyberspace. Apart from Nigeria, Kenya is another country that has come to adverse notice for this kind of fraud. The menace has elicited varying responses from different countries in the region. Nigeria has actually set up a high-profile Economic and Financial Crimes Commission (EFCC) to tackle Internet crime. The Commission's efforts have yielded fair dividends. Scores of people have been convicted in court for an average seven-year term, and nearly 1,000 are in jail awaiting trial for a range of computer-related crime. There is a simultaneous exercise to make the cyber crime law more stringent. A draft law that has to be passed by Nigeria's National Assembly contemplates a jail term of three to five years for spammers. Fraud, child pornography, and identity theft are other crimes that will attract harsh penalties under the new law. Service providers will also be hauled up for abetting these offences. That Nigeria is thinking on the lines of coming down on cyber crime with a heavy hand sends out the signal that the country would like to live down the image of a nation that is considered a paradise for online scamsters.

What is more positive is the news that the Nigerian Government has invited Microsoft to study the menace and help authorities to tackle it using the best available technology. The problem will be tackled down at the cyber café level. The Microsoft-EFCC agreement contemplates, among other things, sharing of technical expertise and the training of law enforcement officials. This collaboration has already led to the closure of shop by three ISPs who had connived at scams.

It is interesting to speculate what Microsoft can and will do to correct the situation in Nigeria and the rest of Africa. My conjecture is that law enforcement agencies responsible for handling cyber crime in Nigeria can benefit greatly from a thorough instruction on what to look for in complaints about scams. The mechanics of collection and preservation of digital evidence before it is sent to courts will necessarily receive high priority during training programmes. This is good as far as it goes. My curiosity is one of how Microsoft will bring about discipline among those who use cyberspace.

There are frequent reports on how banking and related commercial transactions online are going to be made tighter. The measures proposed include a multi-factor authentication. For instance, in addition to a user name and password, consumers may be required to enter an access code that will be relayed to a device that they should carry. Alternatively, they may have to get their fingerprint scanned before logging on. An interesting innovation is the entry of a password through mouse clicks, as against traditional typing. There is, however, scepticism among some, whether a multi-factor authentication is really foolproof against frauds. But I am convinced that it is better than a single-factor authentication, which is easily vulnerable to compromise through clever social engineering. The one limiting factor is, however, the costs involved.

Before I sign off for the fortnight, I will have to necessarily refer to the most daring recent crime in cyberspace. Dutch authorities have arrested a gang of three (all under 30) found guilty of hacking 1.5 million computers all over the world by setting up a `zombie network' that harvested at will, massive credit card and other personal data. The intruders are reported to have used software that was a variation of a worm detected earlier this year. Can we ever, therefore, underestimate the daring of the cyber criminal or his capacity to harm every one of us wedded to cyber space?

The writer is a former CBI Director who is currently Adviser to TCS Ltd.

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
Your voice on the Web

Copyright © 2005, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line