• Investment World
• eWorld
• Catalyst
• Mentor
• Life
• Canvas
• Praxis
• Urban Pulse
• Brand Quest

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources

Group Sites

• The Hindu
• Business Line
• The Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

R.K. Raghavan

Shadowing and nabbing a suspect in cyber space is a challenge calling for assiduous fieldwork and finesse.

CYBER space offers tremendous fun and excitement to pranksters who are out to make our lives miserable. The anonymity that is so much a part of it actually encourages daring and limitless ingenuity.

This was in ample evidence from the recent e-mail threat to Parliament. The predicted attack by means of explosives — conveyed through a mail addressed to the US Consulate in Chennai — did not take place. The threat proved to be a hoax, after the whole complex was searched and nothing incendiary was found. But then, what a waste of time and disruption of work!

The point is: how do we prevent such miscreants from getting away with their poor sense of humour? (It is possible that in fact it was sinister, if we ultimately trace the threat to some terrorist organisation.) How do we get them punished, so that not only are they neutralised but whoever nurses mischievous thoughts for the future is also deterred?

The entire criminal justice system should be exercised over nabbing the culprits and punishing them. Cyber crime investigators should, however, be more worried about how to upgrade their own skills with a view to quickly identifying the perpetrators of this form of crime through the Internet.

In the Parliament case, the Delhi Police and the Chennai City Police cyber crime wing have synergised effectively. The point of origin of the contemptible mail has been traced to a cyber café in Palayamkottai in Tamil Nadu's southern district of Tirunelveli. This is smart work, but nothing that can be called sensational.

To those of my readers who are uninitiated, such identification is possible with the help of the Internet Protocol (IP) address assigned to each computer by the Internet Service Provider (ISP) with whom it is registered. A typical IP address (such as 172.20.22.138) is 32 bits or 4 bytes long. It is a decimal number expressed as four octets in dotted decimal notation.

When an e-mail is sent from a particular IP address, it first goes to the server of the ISP with whom the computer is registered. From here, it goes through several servers before it is delivered to the addressee. At each server, the mail acquires a Received : header. The entire journey up to the final destination is thus traceable through the successive headers recorded by all the servers through which the mail had passed.

In terms of concept, it is simple. It is ultimately assiduous fieldwork with the help of ISPs that contributes to the success of a cyber crime investigator. Courts will not be content with mere statements from ISPs or computer printouts to corroborate them.

The carefully preserved and untampered hard disk of the computer used to send the mail in question will also have to be produced to substantiate the charge that a particular computer was, in fact, used to send the offending mail. Any shoddy work here may wreck the whole case by throwing in doubts in the mind of the judge. Basic cyber forensic skills are the need of the hour.

Until this point, it is essentially a case of looking into cyber processes. The real policeman in the investigator takes charge thereafter. This is where the Chennai Police is possibly stuck.

The Palayamkottai cyber café has no doubt been successfully identified as the place of origin. But then, there are so many who have used the machine concerned at this café. How to track them down?

The police have questioned several individuals who had reportedly used the machines at this particular cyber café and their associates. This has not led them anywhere.

Cyber cafes are notorious for poor record keeping. The man who runs the café, therefore, plays a crucial role during investigations such as these. It is his ability to remember faces that can help the police.

As far as I know, there is hardly any statute that prescribes responsibilities for those who own cyber cafés, although ISPs are governed by a set of regulations. The Chennai Police have now moved in the direction of mandatory licensing of cyber cafes and guidelines for their day-to-day activities. How far this will facilitate future cyber crime investigations is anybody's guess.

The suggestion that there should be a CCTV at each café, which can record the images of visitors, is welcome. The psychological deterrent of such cameras cannot be exaggerated. In addition, the London Metropolitan Police experience during investigation of the last July explosions, when they picked up valuable images of commuters from cameras at Underground stations, is too positive for us to ignore.

I am not very sure whether cyber café owners will be willing to make the required investment, because their existing margins should be only modest. Insisting on a valid photo-ID, such as a driving licence, passport issued by the External Affairs Ministry or a card attested by an employer, for accessing a computer at the café, can also be thought of. The ease with which documents can be faked in our times, however, dilutes the utility of such a stipulation.

While on the subject of cyber crime, the recent attack on academics at the Indian Institute of Science enhances fears over the safety of IT establishments all over the country, especially in Bangalore. Access to major IT centres may have to be further tightened.

Here again, the accent will have to be more on technology and gadgetry, such as metal detectors, CCTVs, biometric devices, rather than expanding the corps of private security guards whose state of training and alertness in our country does not yet inspire confidence.

There is here a case for security agencies to come together and train new recruits to the special needs of the IT industry, as against the routine requirements of others in the private sector. The initiative for such an exercise may have to come from a body such as the Nasscom.

(The writer is a former CBI Director who is currently Adviser (Security) to TCS Ltd.)

Picture by Ch. Vijaya Bhaskar

More Stories on : Security | Insight | Security Musings

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
What the buzz was all about

Copyright © 2006, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line