After the recent terrorist attacks at Mumbai, Calcutta was on high alert for a possible terrorist attack. What happen for a week was wide spread rumor, fake phone calls/sms with bomb hoax. The icing on the cake was an email apparently sent from a cyber café in Saltlake to some of the media houses in Calcutta. What followed was panic. The owner as well as the person who was responsible to look after the day-to-day management of the café was taken under custody by investigation authority.
Police could trace the IP address used to send the email to the Saltlake cyber café but they failed to identify the person who has sent the email.
Status: Investigation is on
Fake / Fraud email:: inside
With the mushrooming of web based free email provider, it takes less than 3 minutes to create & own an email account. Surprisingly there is no system in place to check the authenticity of the data provided during the creation of the email account. End result we have a system by which you can walk into any of the cyber café in the country create an email account send few email to the media houses in the country with a subject line “BOMB Planted in ABC School/College/Office” & walk out, without having to worry that one can trace the email back to you.
Why can’t we trace these culprits?
Hurdle 1 - Unlike PCO booth where one will have unique phone no. for all the machines/handsets, in a cyber café all the computers shares a one (in some case two or three at max) IP address to connect to Internet. As there is no centralized record keeping or a log system in most of these café’s it becomes almost impossible to locate which computer in the café has accessed which site & at what time.
Hurdle 2 – If one had a log system to locate the access of a particular site from a particular computer at particular time. The Herculean task will be to identify the person who was using the computer at that point of time.
Hurdle 3 – With different time zone is in use in the globe, it becomes difficult to ascertain the time in which the email was actually sent. The café which uses the service of a local ISP will have a setup for a different time zone, whereas the web based portal from where the mail was sent can have different time zone. The receiving email server may be in a different time zone. For an investigation officer it becomes tedious job to identify the actual time of crime.
Hurdle 4 - Technical glitch, this is the mother of all problems; there are websites which allow users to hide their IP address. With the help of one of this web site one informed/learned user can send an email sitting in Kolkata which will be traced back to some cities in Nigeria or North Korea. Unless one gets active help from these countries it will be an impossible task to catch the sender.
The e-mail protocol (SMTP) has no authentication by default, so the con person can pretend to originate a message apparently from any e-mail address. To prevent this, some ISPs and domains require the use of SMTP-AUTH, allowing positive identification of the specific account from which an e-mail originates. But still there are plenty of SMTP servers in the world available which can allow unauthenticated email.
What investigation authority did was issued an order for all cyber café in the city to record usage of their computers by keeping a record for all customers, their name, address, in time, out time & computer used. All cyber café’s are asked to check a valid photo identity proof for the prospective customer before allowing them to use the café facility.
A welcome initiative, but what they have not notice is, there are few other not so public place from where one can send the similar email & still will go untraceable. These places can be any place where more than one person uses a single computer to access Internet without proper authentication or log system. Example: Computer labs in educational institutions. Computers in office or work places.
Prevention:
* Accountability: one has to be accountable; it may be a cyber café, office or an educational institution one has to be accountable for the usage of internet in their premises.
* CERT (Computer Emergency Response Team) in India has to come up with some solution how to tackle with anonymous proxy sites in India.
* One needs to go through the email header carefully for any kind of doubt on the mail content.
* People need to be informed about the possibility of fake/fraud email messages.
* Proper log keeping at various level, so one can cross check.
Time has come that we start taking email account creation a bit seriously & start proper verification proceedings or some referral system by which one can trace the physical person through an email id.
Its our duty, we need to act. Next time you visit a cyber cafe, make sure that you sign in your contact details in the cyber cafe log register. Its important for the national security, its important for us. Stop passing the responsibility to the others - to the Police, to the Govt. Let's make a pledge next time when we visit a cafe - we will record our details. If the cafe doesn't have a record book - request him to maintain one.
Let's act together to stop cyber crime, I know maintaining a log book at a cyber cafe will not be enough to stop the crime, but at the end of the day you can say - 'We have done our part of the job'.
All the best.
No comments:
Post a Comment