When 580 senior executives and CEOs of leading global companies were asked in a survey conducted by Lloyd’s of London as to what the risks confronting global business were, they listed the top three in this order: high taxation, loss of customers and cyber crime.

Indeed, a June 2014 study by Georgetown University’s Center for Strategic and International Studies (CSIS) estimates the global annual cost of cyber crime as being between $375–575 billion. This represents a staggering 15-20 per cent of the global share of business conducted over the internet or using the internet. Similarly internet security firm MacAfee’s annual report Net Losses: Estimating the Global Cost of Cyber Crime published in June 2014 stats that the cost to the global economy from cybercrime is more than $400 billion.

One common definition describes cybercrime as any activity in which computers or networks are a tool, a target or a place of criminal activity. Computer-mediated activities which are either illegal or considered illicit by certain parties and which can be conducted through global electronic networks are also treated as cyber crime. In general there are multiple facets of cyber crimes ranging from violation of privacy, hacking, impersonation/exploitation on social networks, cyber attacks on information infrastructure, cyber terrorism, criminal access, obscene messages / emails, threatening messages / emails, unauthorised (criminal) data access, phishing, pharming and grey traffic, etc.

Our national legal framework regarding cyber crimes includes the Electronic Transaction Ordinance (ETO) 2002 and the Pakistan Telecommunication Re-Organisation Act 1996 as enacted laws.

The Prevention of Electronic Crimes Ordinance (PECO 2009) is not an enacted law as it lapsed in 2009.

The major offences covered under the enacted laws include hacking, unauthorised access (e.g. email account hacking), sniffing, interception, unauthorised vulnerability assessment, penetration testing, violation of privacy, Denial of Service attacks, operations impairment, damage to electronic / telecom infrastructure, spoofing(identity impersonation) and grey traffic (illegal VoIP) set-ups. Major types of cyber crimes not covered in enacted laws but were covered in lapsed law (PECO 2009) includes obscene messages / emails, threatening messages / emails, cyber stalking, spamming, malicious code, electronic fraud, cyber terrorism and misuse of encryption.

So what can you do if you are a victim of cyber crime? Cyber crimes can be reported to the National Response Center for Cyber Crimes (NR3C) at this email address: helpdesk@nr3c.gov.pk with all requisite documents sent as an attachment.

Frequently Asked Questions (FAQs) about the procedure for reporting and so on are accessible at http://www.nr3c.gov.pk/faq.html

The NR3C has received complaints in all categories of cyber crimes since it began operations in 2007.


Cyber crime is one of the three risks confronting global business


The top three complaints received by the NR3C, in descending order, are: criminal data access, threatening calls and electronic fraud. The process to lodge a complaint at NR3C starts with the submission of a complaint, either in written or electronic form. Incomplete and anonymous complaints are not entertained at NR3C, therefore submitted complaint must be complete in all respects so that it may not be rejected at the initial stage.

The next step in this process is legal scrutiny conducted by the NR3C to determine whether the submitted complaint is attracting any section(s) of the enacted laws or not. In case submitted application attracts any section(s) of enacted law, verification of received complaint will be initiated at field office. If the received application does not fall in the purview of enacted law then closure orders will be issued. In the verification phase, the complainant is contacted through multiple modes of communication, which include written summons, email or telephone. In this phase, the complainant is normally enquired regarding the information contained in his / her complaint to ascertain the validity and authenticity of that reported information. Failure in the verification phase will result in closure orders but if verification is successful it will qualify for enquiry phase.

At this point an Investigation Officer (IO) is normally deputed to process the enquiry. In this phase the Enquiry Officer (EO) evaluates the verified information on standard principles of investigation. Normally culprits are identified and located in this phase. Generally enquiries are closed due to multiple reasons including plea bargaining, unavailability of evidence or the complainant no longer being interested in pursuing his complaint due to any reason. The successful end of the enquiry phase results in registration of an FIR.

Technical and Digital Forensic Reports are normally required during the enquiry phase and also after registration of FIR. In a nutshell, the process starts with a complaint and then follows through verification, enquiry and FIR in sequential order.

The writer is the Deputy Director of the NR3C

Published in Dawn, Sunday Magazine, January 11th, 2015

On a mobile phone? Get the Dawn Mobile App: Apple Store | Google Play

Opinion

The rich boys
Updated 22 Sep 2021

The rich boys

Such is the toxic masculinity of these rich boys that no one is safe from it.
Going nuclear
22 Sep 2021

Going nuclear

Australia may regret its ‘forever partnership’ with the US.
Politics’ winged chariot
Updated 21 Sep 2021

Politics’ winged chariot

When others are shifting gears to election preparations, the PML-N is caught in its internal woes.

Editorial

22 Sep 2021

Interest rate hike

THE State Bank’s decision to raise its key interest rate by 25bps to 7.25pc underpins its acceptance of emerging...
PCB chief’s challenge
Updated 22 Sep 2021

PCB chief’s challenge

The Taliban takeover of Afghanistan has propelled fears of regional insecurity.
22 Sep 2021

No need for secrecy

THE government should not make a mountain out of the Toshakhana molehill. That would only encourage speculation of...
What’s the game?
21 Sep 2021

What’s the game?

Such brinkmanship is being fuelled by incendiary rhetoric as well as inflexible demands of a unilateral nature.
21 Sep 2021

Gas price hike

THE proposed hike of 24pc-37pc in the gas price of the top 23pc residential consumers, who account for 43pc of the...
21 Sep 2021

Green Line buses

AT long last, the first batch of vehicles for Karachi’s Green Line bus project arrived from China on Sunday,...