What is cybercrime?

Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked
device. Most cybercrime is committed by cybercriminals or hackers who want to make money. However,
occasionally cybercrime aims to damage computers or networks for reasons other than profit. These could be
political or personal.

Cybercrime can be carried out by individuals or organizations. Some cybercriminals are organized, use
advanced techniques and are highly technically skilled. Others are novice hackers.

What are the types of cybercrime?

Types of cybercrime include:

1. Email and internet fraud.

2. Identity fraud (where personal information is stolen and used).

3. Theft of financial or card payment data.

4. Theft and sale of corporate data.

5. Cyberextortion (demanding money to prevent a threatened attack).

6. Ransomware attacks (a type of cyberextortion).

7. Cryptojacking (where hackers mine cryptocurrency using resources they do not own).
8. Cyberespionage (where hackers access government or company data).

9. Interfering with systems in a way that compromises a network.

10. Infringing copyright.

11. Illegal gambling.

12. Selling illegal items online.

13. Soliciting, producing, or possessing child pornography.

Cybercrime involves one or both of the following:

 Criminal activity targeting computers using viruses and other types of malware.
 Criminal activity using computers to commit other crimes.
Cybercriminals that target computers may infect them with malware to damage devices or stop them
working. They may also use malware to delete or steal data. Or cybercriminals may stop users from using a
website or network or prevent a business providing a software service to its customers, which is called a
Denial-of-Service (DoS) attack.
Cybercrime that uses computers to commit other crimes may involve using computers or networks to spread
malware, illegal information or illegal images.
Cybercriminals are often doing both at once. They may target computers with viruses first and then use them
to spread malware to other machines or throughout a network. Some jurisdictions recognize a third category
of cybercrime which is where a computer is used as an accessory to crime. An example of this is using a
computer to store stolen data.

Examples of cybercrime

Here are some famous examples of different types of cybercrime attack used by cybercriminals:

1. Malware attacks

A malware attack is where a computer system or network is infected with a computer virus or other type of
malware. A computer compromised by malware could be used by cybercriminals for several purposes.
These include stealing confidential data, using the computer to carry out other criminal acts, or causing
damage to data.

A famous example of a malware attack was the WannaCry ransomware attack, a global cybercrime
committed in May 2017. WannaCry is a type of ransomware, malware used to extort money by holding the
victim’s data or device to ransom. The ransomware targeted a vulnerability in computers running Microsoft
Windows.

When the WannaCry ransomware attack hit, 230,000 computers were affected across 150 countries. Users
were locked out of their files and sent a message demanding that they pay a Bitcoin ransom to regain access.
Worldwide, the WannaCry cybercrime is estimated to have caused $4 billion in financial losses. To this day,
the attack stands out for its sheer size and impact.

2. Phishing

A phishing campaign is when spam emails, or other forms of communication, are sent with the intention of
tricking recipients into doing something that undermines their security. Phishing campaign messages may
contain infected attachments or links to malicious sites, or they may ask the receiver to respond with
confidential information.
A famous example of a phishing scam took place during the World Cup in 2018. According to our
report, 2018 Fraud World Cup , the World Cup phishing scam involved emails that were sent to football
fans. These spam emails tried to entice fans with fake free trips to Moscow, where the World Cup was being
hosted. People who opened and clicked on the links contained in these emails had their personal data stolen.
Another type of phishing campaign is known as spear-phishing. These are targeted phishing campaigns
which try to trick specific individuals into jeopardizing the security of the organization they work for.
Unlike mass phishing campaigns, which are very general in style, spear-phishing messages are typically
crafted to look like messages from a trusted source. For example, they are made to look like they have come
from the CEO or the IT manager. They may not contain any visual clues that they are fake.

3. Distributed DoS attacks

Distributed DoS attacks (DDoS) are a type of cybercrime attack that cybercriminals use to bring down a
system or network. Sometimes connected IoT (Internet of Things) devices are used to launch DDoS attacks.
A DDoS attack overwhelms a system by using one of the standard communication protocols it uses to spam
the system with connection requests. Cybercriminals who are carrying out cyberextortion may use the threat
of a DDoS attack to demand money. Alternatively, a DDoS may be used as a distraction tactic while another
type of cybercrime takes place.

A famous example of this type of attack is the 2017 DDoS attack on the UK National Lottery website. This
brought the lottery’s website and mobile app offline, preventing UK citizens from playing. The reason
behind the attack remains unknown, however, it is suspected that the attack was an attempt to blackmail the
National Lottery.

Impact of cybercrime

Generally, cybercrime is on the rise. According to Accenture’s State of Cybersecurity Resilience 2021
report, security attacks increased 31% from 2020 to 2021. The number of attacks per company increased
from 206 to 270 year on year. Attacks on companies affect individuals too since many of them store
sensitive data and personal information from customers.
A single attack – whether it’s a data breach, malware, ransomware or DDoS attack - costs companies of all
sizes an average of $200,000, and many affected companies go out of business within six months of the
attack, according to insurance company Hiscox.
Javelin Strategy & Research published an Identity Fraud Study in 2021 which found that identity fraud
losses for the year totalled $56 billion.
For both individuals and companies, the impact of cybercrime can be profound – primarily financial damage,
but also loss of trust and reputational damage.
 How to report a cybercrime

HOW TO FILE A COMPLAINT

The complaint regarding commission of cyber crime can be made to the in-charge of the cyber crime cells
which are present almost in every city. To file a complaint alleging commission of a cyber crime the
following documents must be provided:

1.In case of hacking the following information should be provided:

1. Server Logs
2. Copy of defaced web page in soft copy as well as hard copy format, if your website is defaced
3. If data is compromised on your server or computer or any other network equipment, soft copy of original
data and soft copy of compromised data.
4. Access control mechanism details i.e.- who had what kind of the access to the compromised system
5. List of suspects – if the victim is having any suspicion on anyone.
6. All relevant information leading to the answers to following questions –
o what ? (what is compromised)
o who? (who might have compromised system)
o when?(when the system was compromised)
o why?(why the system might have been compromised)
o where?(where is the impact of attack-identifying the target system from the network)
o How many?(How many systems have been compromised by the attack)

2. In case of e-mail abuse, vulgar e-mail etc. the following information should be provided:
1. Extract the extended headers of offending e-mail and bring soft copy as well hard copy of offending e-mail.
2. Please do not delete the offending e-mail from your e-mail box.
3. Please save the copy of offending e-mail on your computers hard drive.

Where to Report a Cyber Fraud?

1. Visit the nearest police station immediately.

2. To report cybercrime complaints online, visit the National Cyber Crime Reporting Portal. This portal
can be accessed at https://cybercrime.gov.in/. In this portal, there are two sections. One section is to report
crimes related to Women and Children (where reports can be filed anonymously as well). Another section is
to report other types of cyber-crimes. You can also file a complaint offline by dialing the helpline number
155260.
3. In case you receive or come across a fraud sms, e-mail, link, phone call asking for your sensitive
personal information or bank details, please report it on Maharashtra Cyber’s web portal by
visiting www.reportphishing.in

4. Refer to the latest advisories which are issued by CERT-IN on https://www.cert-in.org.in/

5. Report any adverse activity or unwanted behavior to CERT-IN using following channels E-
mail : [email protected] Helpdesk : +91 1800 11 4949

Provide following information (as much as possible) while reporting an incident.

• Time of occurrence of the incident
• Information regarding affected system/network
• Symptoms observed 6. To report lost or stolen mobile phones, file a First Information Report (FIR) with
the police. Post filing the FIR, inform Department of Telecommunications (DoT) through the helpline
number 14422 or file an online compliant on Central Equipment Identity Register (CEIR) portal by
visiting https://ceir.gov.in.
After verification, DoT will blacklist the phone, blocking it from further use. In addition to this, if anyone
tries to use the device using a different SIM card, the service provider will identify the new user and
inform the police.

1. Keep software and operating system updated

Keeping your software and operating system up to date ensures that you benefit from the latest security
patches to protect your computer.

2. Use anti-virus software and keep it updated

Using anti-virus or a comprehensive internet security solution like Kaspersky Premiumis a smart way to
protect your system from attacks. Anti-virus software allows you to scan, detect and remove threats before
they become a problem. Having this protection in place helps to protect your computer and your data from
cybercrime, giving you piece of mind. Keep your antivirus updated to receive the best level of protection.
3. Use strong passwords

Be sure to use strong passwords that people will not guess and do not record them anywhere. Or use a
reputable password manager to generate strong passwords randomly to make this easier.
4. Never open attachments in spam emails

A classic way that computers get infected by malware attacks and other forms of cybercrime is via email
attachments in spam emails. Never open an attachment from a sender you do not know.

5. Do not click on links in spam emails or untrusted websites

Another way people become victims of cybercrime is by clicking on links in spam emails or other messages,
or unfamiliar websites. Avoid doing this to stay safe online.

6. Do not give out personal information unless secure

Never give out personal data over the phone or via email unless you are completely sure the line or email is
secure. Make certain that you are speaking to the person you think you are.

7. Contact companies directly about suspicious requests

If you are asked for personal information or data from a company who has called you, hang up. Call them
back using the number on their official website to ensure you are speaking to them and not a
cybercriminal. Ideally, use a different phone because cybercriminals can hold the line open. When you think
you’ve re-dialed, they can pretend to be from the bank or other organization that you think you are speaking
to.

8. Be mindful of which website URLs you visit

Keep an eye on the URLs you are clicking on. Do they look legitimate? Avoid clicking on links with
unfamiliar or URLs that look like spam. If your internet security product includes functionality to secure
online transactions, ensure it is enabled before carrying out financial transactions online.

9. Keep an eye on your bank statements

Spotting that you have become a victim of cybercrime quickly is important. Keep an eye on your bank
statements and query any unfamiliar transactions with the bank. The bank can investigate whether they are
fraudulent.
Ultrasound scans are vital diagnostic tools in healthcare, especially in pregnancy care. However, in India,
their use is governed by stringent regulations to ensure ethical practices and prevent misuse.
‍
These rules not only protect patients but also promote transparency and accountability within the healthcare
system.
‍
This blog provides an overview of ultrasound regulations, key decision-makers, processes, and patient
considerations while fostering cooperation between patients and healthcare providers.
‍
Key Regulations Governing Ultrasound Scans in India

1. PCPNDT Act

The Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994
(PCPNDT Act) serves as the cornerstone of ultrasound regulations in India. This act:

 Prohibits Sex Determination: Strictly bans the use of ultrasound scans to determine the sex of a
fetus.
 Ensures Ethical Practices: Mandates the registration of ultrasound centers and adherence to strict
protocols.
 Enforces Penalties: Introduces severe penalties for healthcare providers and institutions violating its
provisions.

‍
2. Medical Council of India (MCI) Guidelines

The MCI provides additional directives to ensure radiologists and healthcare providers adhere to ethical
standards while using ultrasound technology for diagnostic purposes.
‍
3. Equipment Regulation

The Bureau of Indian Standards (BIS) oversees quality and safety standards for ultrasound equipment,
ensuring patient safety and diagnostic accuracy.
‍
Important Decision-Makers in

1. Central Supervisory Board (CSB)

The CSB plays a pivotal role in implementing the PCPNDT Act nationwide. It formulates policies, conducts
inspections, and ensures compliance.
‍
2. State and District Authorities

State and district authorities are responsible for:

 Registering ultrasound centers.

 Conducting audits and inspections.
 Investigating complaints and taking necessary actions against violations.

‍
3. Healthcare Providers

Radiologists, sonographers, and clinicians are integral to adhering to ultrasound regulations. Their role
involves providing accurate reports, following ethical practices, and prioritizing patient safety.
‍
Processes in Place for Ultrasound Scans

‍
1. Registration of Ultrasound Centers

All ultrasound centers must:

 Be registered under the PCPNDT Act.

 Display a valid registration certificate prominently.
 Maintain detailed records for every scan conducted.

‍
2. Patient Documentation

Before an ultrasound, patients are required to provide:

  Valid identification.
 A referral form from a registered medical practitioner.
 Written consent, especially for pregnancy-related scans.

‍
3. Mandatory Record-Keeping

Ultrasound centers are obligated to maintain meticulous logs, including:

 Patient details.
 The purpose of the scan.
 Generated reports.

Regular audits ensure compliance and prevent misuse.

‍
What Patients Should Keep in Mind

1. Visit a Registered Ultrasound Center

Choose ultrasound centers that are registered under the PCPNDT Act and prominently display their
certification. This ensures ethical practices and legal compliance.
‍
2. Provide Accurate Information

Share truthful and accurate personal and medical details. This is crucial for proper diagnosis and adherence
to regulations.
‍
3. Understand the Purpose of the Scan

Ultrasound scans focus on monitoring fetal health, growth, and identifying potential issues—not determining
the sex of the baby. Understand the medical necessity behind your scan.
‍
4. Family Member Restrictions in the Examination Room

Family members may not be allowed in the examination room for certain ultrasound procedures. This
restriction is in accordance with the PCPNDT Act and other regulations to maintain the integrity and
confidentiality of the process.
‍
Patients are encouraged to cooperate with these rules, as they are designed to ensure accurate diagnostics and
uphold ethical standards.
‍
5. Cooperate with Healthcare Providers

The regulations in place aim to protect patients and ensure ethical care. By cooperating with healthcare
professionals and adhering to required documentation, you contribute to upholding these vital safeguards.
‍
6. Know Your Rights

As a patient, you are entitled to:

 Ethical and accurate diagnostic services.

 A clear explanation of the ultrasound procedure.
 Confidentiality and respect during your scan.

Also Read: A Deep Dive into Docscan's Advantage for Ultrasound Scans
‍
Why Are These Rules in Place?

The regulations serve several critical purposes:

 Prevent Female Feticide: The PCPNDT Act combats declining sex ratios by prohibiting fetal sex
determination, a practice linked to gender-based discrimination.
 Promote Ethical Practices: By regulating ultrasound use, the law ensures that this powerful
technology is used solely for medical purposes.
 Enhance Accountability: Mandatory documentation and audits create transparency, reducing
opportunities for misuse.‍
 Safeguard Patient Rights: Patients are assured safe and accurate diagnostic services, fostering trust
in healthcare systems.

Conclusion

India’s ultrasound regulations are designed to protect both patients and society by promoting ethical
practices and ensuring the safe use of medical technology.
‍
As patients, understanding these rules and cooperating with healthcare providers helps maintain the integrity
of the healthcare system.
‍
By choosing registered ultrasound centers and adhering to the required processes, you contribute to the
collective effort of safeguarding ethical care. For trusted ultrasound diagnostics, always consult certified
professionals and registered centers.