Chinks in cyber armour
The Indian Express
July 16, 2018
Mahender Singh Manral , Anand Mohan J
Four of the 14 district cyber cells set up to tackle complaints ranging from credit card frauds to social media hacking have not registered a single case in the last two years. With outdated gadgets and procedural delays adding to the problem, tackling such crimes remains an uphill task.
“With crimes nowadays inevitably linked to technology and the internet, there is a pressing need to have a technical expert available at the police station level, district level and in each cyber cell of the capital.” This observation was made by Justice Najmi Waziri of the Delhi High Court in May, while hearing a plea by a woman seeking protection from sexual harassment by her neighbour, who had uploaded nude photographs of her online.
The observation underlines the challenges before security forces today, with criminals increasingly exploiting the digital space in the last half a decade, using sophisticated gadgetry and ever-evolving modus operandi. The crimes, police said, range from simple email frauds to elaborate hacking of social media accounts, with the accused based as far as Nigeria and Romania, to as close as Jharkhand.
Sensing the trend, the Delhi Police had in 2005 formed a cyber cell with the Economic Offences Wing (EOW). The earlier cyber wing was attached to the crime branch. In 2012, the EOW was shifted to a separate building in Mandir Marg — equipped with a state-of-the-art server room — to keep up with the increasing incidents of white collar crimes over the past few years.
But as cyber crimes continued to escalate, former Delhi Police Commissioner B S Bassi in 2015 opened another cyber cell of the crime branch, and also called for setting up of district cyber cells (DCCs) in each of the 14 districts.
In theory, DCCs are meant take the pressure off the cyber wings of the EOW and crime branch, using state-of-the-art gadgets and trained personnel. But data accessed by The Indian Express under the RTI Act throws up some revelations.
For starters, cyber cells only come into play if a complaint is forwarded by a DCP-level officer, or if the local police transfers a particular case seeking their assistance. But RTI applications revealed that three DCCs in Delhi have not had a single case referred to them for the past two years.
Northeast, Outer and East DCCs have seen zero cases for two years, with Delhi Police, in its RTI reply, saying that local police stations did not send complaints their way. In such a scenario, most of the assistance, officers from cyber cells told The Indian Express, is in the form of helping local police — applications to service providers or analysing call dump data of an accused.
The Southwest DCC, formed after the Dwarka district was carved out of it, has seen 40 cases registered since its inception on March 8 this year — but zero solved so far.
In the South DCC, seven cases were registered in the past two years, including a social media account hacking and two bank frauds. It solved a total of four cases. The southeast DCC unit did relatively better, solving 19 of 36 cases.
Many cases that are beyond the scope of the DCCs are handed over to the EOW, which saw 409 cases registered in the past two years and a solving rate of 9%. Of these, 39 dealt with the IT Act, while a majority were registered under sections of cheating and forgery.
The DCC in Shahdara as well as the Central district saw only four cases each being registered. Data was three DCCs was not provided.
Alarmingly still, NCRB data shows that 47 people were arrested in 2015 for cyber crime offences, but there were zero convictions. A total of 383 cases were pending investigation from previous years.
WEB WOES
With its task cut out, the Delhi Police this year appointed a chief technology officer (CTO), A K Mohapatra, and created a technology cell. Mohapatra, appointed on January 1, used to head the department of Information Technology at the Indira Gandhi Delhi Technical University for Women. With his induction, Delhi Police claims to be the first force in the country to have such an officer.
A priority for him, perhaps, would be ensuring sufficient equipment.
Sub-inspector Anuj, a BTech graduate chosen by Delhi Police to helm the newly formed Southwest DCC, walks into his office — a 100 sq ft room in Old Manglapuri — at 8 am. He has been provided the latest HP Intel core i3 desktop, with Windows 10 OS, and a printer. Though the setup may appear modest, when he started off, there was nothing. “The first thing I got into my unit was my desktop. We had to wait for days for an internet connection and I used my phone’s mobile data,” he said, as two policemen nodded. Last year, a proposal was sent to the police headquarters to standardise equipment and software at all DCCs.
Anuj is busy tracking the digital footprint of a hacker who stole someone’s bank details and has been on a shopping spree ever since: “He has spent several lakhs. We have got transaction details from the service provider. Now we are waiting for him to make a mistake and reveal himself.”
The Indian Express visited 10 DCCs and spoke to officers, many of whom said they are “two years behind” when it comes to gadgets, and that even “hackers use advanced technology” in comparison. For instance, to deal with ‘Ransomware’ — which involves complicated encryptions locking out computer systems — many units do not have efficient data encryption software, said officers.
Most units have two desktop computers, but three-four officers. In the Dwarka DCC, investigators have decided to get their own laptops rather than rely on the solo desktop computer.
Usually, a workstation has 8 TB of storage and 8 GB RAM. Officers said the anti-spyware software on their computers is not the latest version — something the proposal sent around a year ago seeks to address. District cyber cells have also asked for DVD writer software and the latest versions of WinZIP, WinRar and Acrobat Professional.
Equipment for CDR (call detail record) analysis is another stumbling block at some offices. On Thursday last week, officers at the Dwarka cyber cell are busy doing a CDR analysis. “We have been at it since morning,” said one officer, while another expresses confidence that a breakthrough is close. In the next 30 minutes, the officer successfully ascertains that the accused have been around Mayapuri scrap market. “We are assisting local police with a case. Now we have to just send our final reports to the IO,” said the officer.
While the Dwarka DCC is one of the oldest units to been equipped with the latest CDR analysis kit, others are not as lucky, with the kits there often finding it difficult to extract information from Chinese phones. This is why they have asked for Cellebrite UFED software, which can extract and decode data even from social media websites.
Such a software would have come in handy when a former Delhi University student approached local police in 2015 with screenshots of Facebook posts where students from his college used casteist slurs against him. “He was my senior. They started abusing me in college over some petty issue. Later, the abuse started to show on my Facebook wall,” said Vikas.
His case was registered after 33 days and police asked him to provide the IP address of the accused, along with the screenshots of the posts. His phone was also seized as evidence, but to this day, Vikas has to make routine trips to police to provide the same evidence again. “They have no clarity on what they want. This time, they asked me to provide evidence in a CD. I am waiting for the day this case finally reaches court,” he said.
The UFED software will help police extract data even from locked phones. The South DCC has also asked for it, along with a CDR analysis toolkit. Even though only seven cases have been marked to them in the last two years, assisting local stations keeps them occupied. A key case they worked out involved busting a Romanian card cloning gang, with the arrest of four foreigners and seizing 92 cloned cards.
For forensic examination of seized electronic items, cyber cell units have asked for a hard disk imaging device, like the Solo 4 or Forensic dossier. “These devices take the image of an electronic device before we send it to EOW or a forensic lab. If we try to open the device on our own, the court may accuse us of tampering with it,” said an officer.
The south DCC has also sought a four-way modem to connect at least four devices. “The networking speed here is not the best. We are promised 4 Mbps but it dips and our files get stuck while uploading. A high-speed server system connecting all cyber units with the police headquarters, and even other state police forces, is required,” said an officer.
Another challenge is getting information from websites, since many of them are based in the US and involves a lengthy procedure to get information. An official elaborated that occasionally, they discover that something considered a crime in India is not counted as an offence in the US, and their request is rejected. Proxy servers make this even more complicated. “In a recent case, we found that the server was shown in five different foreign countries. Even if it is in one country, it will take us more than one year to investigate,” said an officer.
THE WAY AHEAD
A Delhi court recently pulled up Delhi Police over its probe into the arrest of two Kashmiri students from Punjab, accused of hacking and defacing over 500 Indian websites and making anti-India posts. Hearing the case earlier this month, CMM Deepak Sherawat said, “The matter involves national security and it appears that the police are not interested in investigating it properly.”
In the early 2000s, police had to reckon with their first lottery scam case. Since then, a deluge of cyber-related cases have tested the authorities constantly. Rattled by a steady rise in complaints of impersonation, fake profiles, online fraud and stalking on social networking sites, Delhi Police has decided to provide training to their entire force and have started several courses, with DCP (training) Suman Narula stressing that a “knowledge-based approach” is key.
Moreover, qualified personnel for monitoring, preventing and investigating cyber crimes have been deputed to mobile crime teams, which lacked experts so far. Police has also spent over Rs 1 crore to purchase upgraded equipment and set up a forensic e-academy at their police training school in Dwarka.
“We are conducting two types of courses. In one, we train direct recruit sub-inspector to inspector rank officers for 15 days on how to preserve evidence. In the other, we give training to lower subordinates for three days, informing them how to analyse CDRs and approach Facebook, WhatsApp, etc.,” Nalwa said, adding that they also employ cyber law experts to teach the legal aspects of cyber crime and investigating bank-related frauds.
The training should come in handy in dealing with cases like the one involving a 31-year-old woman who was stalked and harassed by her colleague in 2011. The man is accused of stealing her mobile phone getting hold of her pictures and directory.
“He had made a fake Facebook profile with my pictures and distributed my contacts online,” said the woman. The accused was arrested and eventually got bail. Recently, two policemen reached her house asking for “an address”. “They kept asking for an address and I could not understand what they wanted. It was only later that I figured out that they mistook an IP address for a residential address. I politely asked them to go to the cyber cell and figure it out on their own,” she said.
Training and awareness programmes have been regularly conducted by the EOW’s cyber cell. “We have trained around 1,800 policemen so far — 1300 by EOW and 600 by PTS. We try to make sure they learn the important aspects of cyber crime investigation,” said DCP (Cyber Cell) Anyesh Roy.
Policemen undergoing training have also complained that they work on sophisticated machines during training, but go back to outdated systems for investigation. “We have prepared a portal where any policemen can log in and share his experience, as well as knowledge about crucial cases, with colleagues. They can also put up queries on IPC sections, or seek guidance on handling a specific situation,” said Nalwa.
What measures have been taken to check cyber crime?
Apart from district cyber cells in all 14 districts, a team of trained officers from all police stations, under an inspector-rank officer, has been constituted. We have also strengthened the cyber unit by inducting more officers. We have also upgraded the cyber lab at Mandir Marg by installing state-of-the-art cyber forensic tools to examine latest smartphones and laptops.
How are you tackling the lack of equipment at some cyber cells?
A committee headed by Special CP, Special Cell and Technology Cell, studied the requirements of advanced cyber forensic tools. It also went through a demonstration of cyber forensic tools developed by CDAC. Based on this, the panel has recommended a set of cyber forensic tools which can be provided to the cells in the first phase. The P&L Unit of Delhi Police will procure the equipment.
How do you plan to deal with the delay in getting information from websites based abroad?
Delhi Police actively engages with Indian officials of major OTTs (Google, Facebook, Twitter, etc) and has ensured they are sensitive and responsive to requests and queries. Various exercises are also being undertaken by ministries concerned to ensure better coordination.
Are there plans to deploy more women personnel in the cyber wing?
With more and more women being recruited in the force, we definitely look forward to having more personnel in the cyber investigation units, especially to attend to complaints and cases of online harassment.
Comments
Post a Comment