PRACTICAL FILE

Cyber laws and IPR lab

(BTIT513-18)
SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR
THE AWARD OF DEGREE OF

BACHELOR OF TECHNOLOGY
IN
INFORMATION TECHNOLOGY

Submitted By:

Name: Anmol Sharma

Class Roll No: 462/19
University Roll No: 2003927

DEPARTMENT OF INFORMATION TECHNOLOGY

DAV INSTITUTE OF ENGINEERING & TECHNOLOGY

Jalandhar - 144008
Dec 2021
 INDEX

S. No. Title of the program Page No. Remarks

1.1 Introduction to cyber-crime and various cyber criminals.
1.2 Case Study of Cyber Crime in Cyber Stalking
1.3 Handouts/Screenshots of case study of cyber-crime
2.1 Introduction to intellectual property rights and its infringement
2.2 Case Study about copyright infringement
2.3 Handouts/Screenshots of case study of copyright infringement
 Anmol Sharma
2003927

PRACTICAL – 1

Introduction to Cyber-Crime and various Cyber Criminals

1.1 What is Cybercrime ?

Cybercrime is criminal activity that either targets or uses a computer, a computer network or
a networked device.

Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make
money. Cybercrime is carried out by individuals or organizations.

Some cybercriminals are organized, use advanced techniques and are highly technically
skilled. Others are novice hackers.

Rarely, cybercrime aims to damage computers for reasons other than profit. These could be
political or personal.

1.2 Who are Cyber Criminals ?

Cybercriminals are individuals or teams of people who use technology to commit malicious

activities on digital systems or networks with the intention of stealing sensitive company
information or personal data, and generating profit.

Cybercriminals are known to access the cybercriminal underground markets found in the
deep web to trade malicious goods and services, such as hacking tools and stolen data.
Cybercriminal underground markets are known to specialize in certain products or services.

Laws related to cybercrime continue to evolve across various countries worldwide. Law
enforcement agencies are also continually challenged when it comes to finding, arresting,
charging, and proving cybercrimes.

1.3 CATEGORIES OF CYBER CRIME

There are three major categories of cybercrime:

• Individual- This category of cybercrime involves one individual distributing

malicious or illegal information online. This can include cyberstalking and trafficking.

• Property- This is similar to real life instance of a criminal illegally possessing an

individual’s bank or credit card details. The hacker steals a person’s bank details to
gain access to funds, make purchases online or run phishing scams to get people to
give away their information.

1
 Anmol Sharma
2003927

• Government- This is the least common cybercrime but is the most serious offence. A
crime against the government is also known as cyber terrorism. It includes hacking
government websites, military websites, or disturbing propaganda.

1.4 What is Malware?

• Malware (short for “malicious software”) is a file or code, typically delivered over a
network, that infects, explores, steals or conducts virtually any behavior an attacker
wants. And because malware comes in so many variants, there are numerous methods
to infect computer systems. Though varied in type and capabilities, malware usually
has one of the following objectives:

• Provide remote control for an attacker to use an infected machine.

• Send spam from the infected machine to unsuspecting targets.

• Investigate the infected user’s local network.

• Steal sensitive data.

1.4.1 Types of malware

• Botnets – These are networks of infected computers under the control of single
attacking parties using command-and-control servers. Botnets are highly versatile and
adaptable, able to maintain resilience through redundant servers and by using infected
computers to relay traffic. Botnets are often the armies behind today's distributed
denial-of-service (DDoS) attacks.

• Ransomware – Is a criminal business model that uses malicious software to hold

valuable files, data or information for ransom. Victims of a ransomware attack may
have their operations severely degraded or shut down entirely.

• Trojans Malware – Malware disguised in what appears to be legitimate software.

Once activated, malware Trojans will conduct whatever action they have been
programmed to carry out. Unlike viruses and worms, Trojans do not replicate or
reproduce through infection. “Trojan” alludes to the mythological story of Greek
soldiers hidden inside a wooden horse that was given to the enemy city of Troy.

• Spyware – Malware that collects information about the usage of the infected
computer and communicates it back to the attacker. The term includes botnets,
adware, backdoor behavior, keyloggers, data theft and net-worms.

1.5.1 CASE STUDY Cosmos Bank Malware Attack ,Pune

2
 Anmol Sharma
2003927

• According to Cosmos Bank, an unidentified Hacker stole customer information

through the malware attack on ATM and stole thousands of card information, mainly
Rupay and Visa. And with the same information, they clone the card.

• Now what happened, when someone insert the card in an ATM machine. The moment
card is been inserted; two things happens:-

• First card is been checked, is it genuine or not

• If any transaction request is done, it get approved by checking in to the bank account
balance.

• Hacker created a proxy switch which automatically start approving both the above
requirements and by this money got stolen.

• And by this way, they made a request of 14849 transaction on 11th and 13th august
across 28 countries. And through this around 78 crore got stolen.

• Rest amount got directly transfer through SWIFT.

1.5.2 Investigation
• Police have arrested 18 people in connection with this case so far. In December 2018,
a special investigation team (SIT) probing the case filed a 1,700-page chargesheet
against nine accused. Later, two supplementary chargesheets were filed against nine
other accused.

• Police said most of those arrested were mainly involved in withdrawing money from
different ATMs using cloned cards of Cosmos Bank, as per instructions from
handlers. Police suspect that racketeers gave them some part of the money they
withdrew as commission.

• Four persons are wanted in the case, of whom three, identified as Kunal Shukla,
Abdul Bhai and Sumer Shaikh, are suspected to be in Dubai, police said.

1.5.3 How to prevent malware attacks on banks?

• A bank’s IT department must make sure that every workstation and Internet-enabled
device used in the company has a firewall that is enabled. A firewall blocks all
communication from unauthorized sources.

• The Department must ensure that the operating system on all PC’s receives security
updates on a regular basis.

• All PC’s must be installed with anti-virus and anti-spyware software to detect any
malware or malicious programs in the network.

• All wireless networks must be secured, and their passwords must be well-protected.

3
 Anmol Sharma
2003927

1.5.4 How to prevent malware?

• A variety of security solutions are used to detect and prevent malware. These include
firewalls, next-generation firewalls, network intrusion prevention systems (IPS), deep
packet inspection (DPI) capabilities, unified threat management systems, antivirus
and anti-spam gateways, virtual private networks, content filtering and data leak
prevention systems. In order to prevent malware, all security solutions should be
tested using a wide range of malware-based attacks to ensure they are working
properly. A robust, up-to-date library of malware signatures must be used to ensure
testing is completed against the latest attacks.

• The Cortex XDR agent combines multiple methods of prevention at critical phases
within the attack lifecycle to halt the execution of malicious programs and stop the
exploitation of legitimate applications, regardless of operating system, the endpoint’s
online or offline status, and whether it is connected to an organization’s network or
roaming. Because the Cortex XDR agent does not depend on signatures, it can
prevent zero-day malware and unknown exploits through a combination of prevention
methods.

Malware Detection:
• Advanced malware analysis and detection tools exist such as firewalls, Intrusion
Prevention Systems (IPS), and sandboxing solutions. Some malware types are easier
to detect, such as ransomware, which makes itself known immediately upon
encrypting your files. Other malware like spyware, may remain on a target system
silently to allow an adversary to maintain access to the system. Regardless of the
malware type or malware meaning, its detectability or the person deploying it, the
intent of malware use is always malicious.

Malware Removal:
• Antivirus software can remove most standard infection types and many options exist
for off-the-shelf solutions. Cortex XDR enables remediation on the endpoint
following an alert or investigation giving administrators the option to begin a variety
of mitigation steps starting with isolating endpoints by disabling all network access on
compromised endpoints except for traffic to the Cortex XDR console, terminating
processes to stop any running malware from continuing to perform malicious activity
on the endpoint, and blocking additional executions, before quarantining malicious
files and removing them from their working directories if the Cortex XDR agent has
not already done so.

Malware Protection:
• To protect your organization against malware, you need a holistic, enterprise-wide
malware protection strategy. Commodity threats are exploits that are less
sophisticated and more easily detected and prevented using a combination of

4
 Anmol Sharma
2003927

antivirus, anti-spyware, and vulnerability protection features along with URL filtering
and Application identification capabilities on the firewall.

1.3 Handouts / Screenshots of Case Study

5
 Anmol Sharma
2003927

6
 Anmol Sharma
2003927

PRACTICAL – 2

2.1 Introduction to Intellectual Property Rights and its Infringement

Intellectual Property Rights:

IP is protected in law by which enable people to earn recognition or financial benefit from
what they invent or create. By striking the right balance between the interests of innovators
and the wider public interest, the IP system aims to foster an environment in which creativity
and innovation can flourish.

Copyright:
Copyright is a free and automatic legal right given to the authors or creators of original
works. You can copyright works but not ideas.

7
 Anmol Sharma
2003927

Patent:
A patent is an exclusive right granted for an invention. A patent provides the patent owner
with the right to decide how - or whether - the invention can be used by others. In exchange
for this right, the patent owner makes technical information about the invention publicly
available in the published patent document.

Trademark:
A trademark is a sign capable of distinguishing the goods or services of one enterprise from
those of other enterprises. Trademarks date back to ancient times when artisans used to put
their signature or "mark" on their products.

Industrial Design:
An industrial design constitutes the ornamental or aesthetic aspect of an article. A design may
consist of three-dimensional features, such as the shape or surface of an article, or of two-
dimensional features, such as patterns, lines, or color.

Geographical Indications:
Geographical indications and appellations of origin are signs used on goods that have a
specific geographical origin and possess qualities, a reputation or characteristics that are
essentially attributable to that place of origin. Most commonly, a geographical indication
includes the name of the place of origin of the goods.

Trade Secrets:
Trade secrets are IP rights on confidential information which may be sold or licensed.  The
unauthorized acquisition, use or disclosure of such secret information in a manner contrary to
honest commercial practices by others is regarded as an unfair practice and a violation of the
trade secret protection

Subject Matter of Copyright:

Copyright essentially refers to a type of Intellectual Property Rights protection which helps to
protect the intellect of human creation. Copyright law in India provides exclusive and
monopoly rights to the creator or author or owner of original literary, dramatic, artistic,
musical works and cinematograph films.

Copyright Infringement:

8
 Anmol Sharma
2003927

Copyright infringement is the use of works protected by copyright law without permission for
a usage where such permission is required, thereby infringing certain exclusive rights granted
to the copyright. Creating merchandise for sale which features copyrighted words or
images. Downloading music or films without paying for their use. Copying any literary or artistic
work without a license or written agreement.

Infringement of the Reproduction Rights:

It is not necessary that the entire original work be copied for an infringement of the
reproduction right to occur. All that is necessary is that the copying be substantial and
material. It is not an infringement of copyright for an authorized entity to reproduce copies or
phonorecords of a previously published, nondramatic literary work if such copies or
phonorecords are reproduced in specialized formats exclusively for use by blind or other
persons with disabilities.

Copyright Protection:
The law in the UK defines the things which copyright automatically applies to. Original
works, for example writing, music, drama, art and photography, are protected by copyright.
Films, sound recordings, typographical arrangements and broadcasts are also covered as long
as they are not copied from a previous work of the same kind. To receive copyright
protection in the UK a literary, music or dramatic work must be recorded in writing or
otherwise.

2.2 Case Study of Copyright Infringement

Gucci vs Guess

Introduction:
In 2009 Gucci sued Guess for infringing on five Gucci trademarks, including the use of
similar logos. This is perhaps unsurprising given that Guess has been subject to 12 copyright
complaints over the last ten years. But they have successfully managed to resolve all previous
situations almost immediately… until they messed with Gucci.

Background/Detail of the Case:

Guess used many of Gucci’s distinctive marks, including a green and red stripe used on
handbags, the repeating, inverted GG pattern, and the company’s use of brown and beige
colours, mostly used in conjunction with diamond shape patterns.

9
 Anmol Sharma
2003927

Of course, Gucci came out on top, but not in the way they had hoped for. Initially asking for
$221m in damages, the judge told Gucci they were only entitled to an accounting of profits
and limited the damages. In the end, Gucci only received $4.7m.

Guess was also barred from using most of their designs ever again, primarily the Quattro G
patterns in brown and beige colours and the CRG stripe.

Conclusion: What went wrong Gucci’s defence

The judge concluded that Over the years, Gucci has sent out hundreds of cease and desists
letters to entities ranging from national companies such as Bebe, Juicy Couture, and
Williams-Sonoma, all the way to small-time infringers, such as a counterfeiter working out of
her Los Angeles apartment and a rabbi in New York, who they suspected might sell
counterfeit Gucci products to benefit his synagogue. When it came to Guess, they waited
because the company was facing budgetary concerns due to counterfeiters.

Furthermore, the company had failed to bring non-speculative evidence to court.

10