India and US have entered into a Memorandum of Understanding (MOU) to fight cyber crime jointly by timely exchange of information between the Computer Emergencies Team of both Countries, namely Indian Computer Emergency Response Team (CERT-In) and the US Computer Emergency Readiness Team (US-CERT). The agreement was signed by Jane Holl Lute, Deputy Secretary for the US Department of Homeland Security ( DHS) and India Department of Information Technology Secretary R Chandrashekhar in July 2011.

The MoU will establish the best practices for exchange of critical cyber security information and expertise between the two governments through the respective agencies. The MoU helps fulfill the commitment of both nations to advancing the global security and countering terrorism, one of the pillars of the US-India Strategic Dialogue, launched in July 2009.

more @

http://articles.economictimes.indiatimes.com/2011-07-19/news/29790778_1_cyber-security-cert-fight-cyber

WikiLeaks, which was founded in December 2006 with a prupose of publishing otherwise unavailable documents from anonymous news sources has been commended by various countries for its contribution as Whistle Blower until the United States diplomatic cables leak on 28 November 2010.

As a result, some group of hackers has declared cyber war (called “Operation Payback”) upon enemies of Wikilinks and hacked Mastercard, VISA, PayPal, the Swiss bank PostFinance, and Assange’s Swedish prosecutor’s website yesterday. And plan tpo target Amazon, Twitter, Facebook, etc. i.e. mostly US Websites. It all seems to be the first Cyber World War as reported by Times of India.

Saying that LimeWire’s parent Lime Wire LLC intentionally caused a “massive scale of infringement” involving thousands of works, Wood issued a permanent injunction that requires the company to disable its “searching, downloading, uploading, file trading and/or file distribution functionality.”

Record companies “have suffered — and will continue to suffer — irreparable harm from Lime Wire’s inducement of widespread infringement of their works,” Wood wrote.

She called the potential damages “staggering,” and probably “well beyond” the New York-based company’s ability to pay.

The signed ruling was made available by The Recording Industry Association of America, which represents music companies. It has said Lime Wire has cost its members hundreds of millions of dollars in revenue. A copy of the ruling was not immediately available on the public court docket.

In a statement, Lime Wire expressed disappointment at the ruling. “While this is not our ideal path, we’re working with the music industry to move forward,” it said.

Lime Wire said the injunction lets it continue testing a service that allows users to buy music from independent labels. The company said it hopes to negotiate agreements with the entire music industry ahead of a full launch.

Read More: http://in.reuters.com/article/idINIndia-52466820101026

A music download is not a performance of a work and therefore does not demand an additional licence and fee, a US court has ruled. A stream of a file is a performance, though, the court said.

Read More
Argentine court overturns ruling on search engines’ liability for links

An appeals court in Argentina has ruled that search engines are not responsible for the content of sites that they index. The court overturned a lower court’s ruling against Google and Yahoo! Argentina.

Read More
Swiss court rules IP address-tracing software breached data protection law

The Swiss Federal Court has ruled that software which identified the internet protocol (IP) address of unauthorised music uploaders broke data protection law.

Read More
Spanish court clears YouTube of copyright liability for uploaded videos

YouTube is not liable for copyright infringement because users have uploaded video material from Spanish television station Telecino, a Madrid court has ruled. YouTube is not obliged to monitor all content and weed out infringement, the court said.

Read More

 
French court orders ISPs to block gambling site

A French court has told internet service providers (ISPs) to block access to a gambling site that is operated out of Gibraltar and does not have a licence to operate in France, according to news agency Agence France Presse (AFP).

Read More
Headlines are not copyright-protected, rules Australian court

Headlines cannot be copyrighted because they are too insubstantial, short and trivial to qualify for copyright protection, an Australian court has ruled.

Read More

Jaisankar Marimuthu, 36, a native of Chennai, India, was also ordered to pay $2.4 million in restitution. Marimuthu pleaded guilty on Feb. 5, 2010, to one count of conspiracy to commit wire fraud, securities fraud, computer fraud and aggravated identity theft, and to one count of aggravated identity theft before U.S. District Magistrate Judge F.A. Gossett III in Omaha, Neb. Marimuthu, who was extradited to the United States following his arrest in Hong Kong, was sentenced today before U.S. District Judge Laurie Smith Camp.

According to court documents, Marimuthu was part of a conspiracy that operated out of Thailand and India from February 2006 through December 2006 in which the prices of thinly-traded securities were fraudulently inflated by hacking into brokerage accounts in the United States and then illegally using the accounts to make large, unauthorized purchases of securities in the name of the unsuspecting customers. Marimuthu admitted that after the price of the securities had been artificially increased or “pumped up” through the bogus trading, the conspirators’ own holdings of the securities would be sold at a profit. More than 90 customers and seven brokerage firms in the United States have been identified as victims. Financial losses of close to $2.5 million were sustained by the victims in this case.

more @ http://cyberlaws.us/indian-national-sentenced-to-81-months-in-prison-for-role-in-international-online-brokerage-“hack-pump-and-dump”-scheme/

In December 2000, Office Depot obtained a judgment against Zuccarini under the Anticybersquatting Consumer Protection Act of 1999 (“ACPA”), 15 U.S.C. § 1125(d), rising out of Zuccarini’s registration of the domain name “officdepot.com.” Office Depot was unable to collect on the judgment and eventually assigned the judgment to DSH.

DSH sought to levy upon some of the other domain names owned by Zuccarini. DSH registered the judgment in the district court for the Northern District of California. DSH then obtained a preservation order from the district court and engaged in discovery. It learned that Zuccarini owned more than 248 domain names registered with VeriSign, of which more than 190 were “.com” domain names. DSH targeted the “.com” domain names in its levy.

Some background information on the structure of the domain name system will be helpful to the reader:

Every computer connected to the Internet has a unique Internet Protocol (“IP”) address. IP addresses are long strings of numbers, such as 64.233.161.147. The Internet [domain name system] provides an alphanumeric shorthand for IP addresses. The hierarchy of each domain name is divided by periods.

Thus, reading a domain name from right to left, the portion of the domain name to the right of the first period is the top-level domain (“TLD”). TLDs include .com, .gov, .net., and .biz. Each TLD is divided into second-level domains identified by the designation to the left of the first period, such as “example” in “example.com” or “example.net.” . . . Each domain name is unique and thus can only be registered to one entity . . . . A domain name is created when it is registered with the appropriate registry operator. A registry OFFICE DEPOT v. ZUCCARINI 3123 operator maintains the definitive database, or registry, that associates the registered domain names with the proper IP numbers for the respective domain name servers. The domain name servers direct Internet queries to the related web resources. A registrant can register a domain name only through companies that serve as registrars for second level domain names. Registrars accept registrations for new or expiring domain names, connect to the appropriate registry operator’s TLD servers to determine whether the name is available, and register available domain names on behalf of registrants . . . .

The majority of domain name registrations for commercial purposes utilize the .com TLD. Coalition for ICANN Transparency, Inc. v. VeriSign, Inc., 464 F. Supp. 2d 948, 951-53 (N.D. Cal. 2006), reversed by 567 F.3d 1084 (9th Cir. 2009).

As explained in Coalition for ICANN Transparency, there are three primary actors in the domain name system.

First, companies called “registries” operate a database (or “registry”) for all domain names within the scope of their authority.

Second, companies called “registrars” register domain names with registries on behalf of those who own the names. Registrars maintain an ownership record for each domain name they have registered with a registry. Action by a registrar is needed to transfer ownership of a domain name from one registrant to another.

Third, individuals and companies called “registrants” own the domain names. Registrants interact with the registrars, who in turn interact with the registries.

VeriSign is the registry for the domain names “.com” and “.net”. Id. at 953. Its headquarters are located in Mountain View, California, in the Northern District of California. During discovery, DSH learned that the registrars for Zuccarini’s “.com” and “.net” domain names were located in the United States, Germany, and Israel. DSH filed a request in the district court for a turnover order to compel the registrars of certain “.com” domain names owned by Zuccarini to transfer ownership to DSH. The district court denied the request, holding that, under California Civil Procedure Code § 699.040, it could not order third parties to turn over property. DSH then moved for the appointment of a receiver who would obtain and sell the “.com” domain names in question and would use the proceeds to satisfy the judgment. The district court granted the motion to appoint a receiver.

Zuccarini appealed. We have jurisdiction under 28 U.S.C. § 1292(a)(2) to entertain an appeal from an interlocutory order appointing a receiver.

Because VeriSign has its headquarters in the Northern District of California, the district court had quasi in rem jurisdiction over the domain names registered with VeriSign for purposes of appointing a receiver to assist in executing a judgment against the owner of the names.

Read More at: http://www.ca9.uscourts.gov/datastore/opinions/2010/02/26/07-16788.pdf

In Indian context, .IN domain Registry is located at New Delh :-

.IN Registry
c/o NIXI (National Internet eXchange of India)
Regd. Office: Incube Business Centre,5th Floor,
18,Nehru Place
New Delhi 110019
India
Tel: +91 11 3061 4624 / 4625
Fax: +91 11 3061 4629
E-Mail: registry@nixi.in

1. Google Partners With The NSA To Fight Cyberattacks

2. Google Asks NSA to Help Secure Its Network

3. Google Enlists NSA To Defend Its Data

Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33, each of Tallinn, Estonia, have also been indicted by a federal grand jury in Atlanta, Ga., for
access device fraud.

The 16-count indictment charges Tsurikov, Pleshchuk, Covelin and “Hacker 3″ with conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud,
computer fraud, access device fraud and aggravated identity theft. The indictment alleges that the group used sophisticated hacking techniques to compromise the data
encryption that was used by RBS WorldPay to protect customer data on payroll debit cards. Payroll debit cards are used by various companies to pay their employees. By
using a payroll debit card, employees are able to withdraw their regular salaries from an ATM.

Once the encryption on the card processing system was compromised, the hacking ring allegedly raised the account limits on compromised accounts, and then provided
a network of “cashers” with 44 counterfeit payroll debit cards, which were used to withdraw more than $9 million from more than 2,100 ATMs in at least 280 cities
worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada. The $9 million loss occurred within a span of less than
12 hours.

The hackers then allegedly sought to destroy data stored on the card processing network in order to conceal their hacking activity. The indictment alleges that the
“cashers” were allowed to keep 30 to 50 percent of the stolen funds, but transmitted the bulk of those funds back to Tsurikov, Pleshchuk and other co-defendants .Upon
discovering the unauthorized activity, RBS WorldPay immediately reported the breach.

International cooperation was a significant factor in the resolution of this case. In a joint investigation with U.S. law enforcement authorities, Estonian Central Criminal
Police apprehended Tsurikov, Ronald Tsoi, Evelin Tsoi and Jevgenov in Estonia earlier this year. Each is facing related charges in Estonia. Tsurikov is also in custody in
Estonia and is pending extradition to the United States. Federal prosecution of the Estonian defendants has been closely coordinated with the Estonian Office of the
Prosecutor General. Furthermore, cooperation between the Hong Kong Police Force and the FBI also led to a parallel investigation in Hong Kong, resulting in the
identification and arrest of two individuals who were responsible for withdrawing RBS WorldPay funds from ATMs there. The Netherlands Police Agency National
Crime Squad High Tech Crime Unit and the Netherlands National Public Prosecutor’s Office also provided significant assistance.

Tsurikov, Pleshchuk, Covelin and “Hacker 3″ each face a maximum sentence of up to 20 years in prison for conspiracy to commit wire fraud and each wire fraud count;
up to five years in prison for conspiracy to commit computer fraud; up to five or 10 years in prison for each count of computer fraud; a two-year mandatory minimum
sentence for aggravated identity theft; and fines up to $3.5 million dollars. The charges against Grudijev, the Tsois and Jevgenov carry a maximum of up to 15 years in prison for each count and a fine of up to $250,000. The indictment also seeks criminal forfeiture of $9.4 million from the defendants.

“The charges brought against this highly sophisticated international hacking ring were possible only because of unprecedented international cooperation with our law
enforcement partners, particularly between the United States and Estonia. Through our close cooperation, both nations have demonstrated our commitment to
identifying sophisticated attacks on U.S. financial networks that are directed and operated from overseas and our commitment to bringing the perpetrators to justice,”
said Assistant Attorney General of the Criminal Division Lanny A. Breuer.

“Last November, in just one day, an American credit card processor was hacked in perhaps the most sophisticated and organized computer fraud attack ever conducted.
Today, almost exactly one year later, the leaders of this attack have been charged. This investigation has broken the back of one of the most sophisticated computer
hacking rings in the world. This success would not have been possible without the efforts of the victim, and unprecedented cooperation from various law enforcement
agencies worldwide,” said Acting U.S. Attorney Sally Quillian Yates of the Northern District of Georgia.

“Through the diligent efforts of the victim company and multiple law enforcement agencies within the United States and around the world, the leaders of a technically
advanced computer hacking group were identified and indicted in Atlanta, sending a clear message to cyber-criminals across the globe, said FBI Atlanta Field Office
Special Agent-in-Charge Greg Jones. “Justice will not stop at international borders, but continue with the on-going cooperation between the FBI and other agencies such
as the Estonian Central Criminal Police and the Netherlands Police Agency.”

This case is being prosecuted by Assistant U.S. Attorneys Lawrence R. Sommerfeld and Gerald Sachs of the U.S. Attorneys Office for the Northern District of Georgia
and by Senior Counsel Kimberly Kiefer Peretti of the Criminal Division’s Computer Crime and Intellectual Property Section. Treaty assistance was provided by the
Criminal Division’s Office of International Affairs counsels Betsy Burke, Blair Berman, Roman Chaban, Judith Friedman, Deborah Gaynus, Linda McKinney and Mary
McLaren.

This case is being investigated by the FBI. Assistance was provided by international law enforcement partners. The U.S. Secret Service also participated in the
investigation. RBS World Pay immediately reported the crime and has assisted in the investigation.

source: http://www.cybercrime.gov

www.youtube.com/watch?v=J9hApKU1ZoQ

… some malicious hackers have started selling their expertise online. Want a virus, you can get one in your very own cyber crime tool kit along with 12 months technical support !!!

According to Assistant United States Attorney Matthew D. Segal, a prosecutor in the office’s Computer Hacking and Intellectual Property (CHIP) unit, who prosecuted the case, from November 2007 through May 2008, LARGENT wrote a computer program that allowed him to defraud E-Trade, Charles Schwab & Co., and Google by opening or attempting to open more than 58,000 brokerage accounts. He did this to steal the “micro-deposits.” A financial institution will make a micro-deposit when an account is opened to test the functionality of an account. The amounts deposited in this case ranged from $0.01 to $2.00.

LARGENT used false names, addresses, driver’s license numbers, and social security numbers, including the names of known cartoon and comic book characters to open the accounts. When the deposits occurred, he would transfer the funds into his own bank accounts or onto prepaid debit cards, without the authorization or knowledge of his victims. As a result, LARGENT fraudulently obtained or attempted to obtain tens of thousands of dollars, which he used for personal expenses.

CBP OFFICER CHARGED WITH UNLAWFUL ACCESS TO GOVERNMENT DATABASES

The three-count information alleges that while employed as a U.S. Customs and Border Protection Officer, Ben-Shabat abused his official access to the Consular Consolidated Database (CCD) and Treasury Enforcement Communications System (TECS) database to obtain personal information
about a person he was suing in small claims court, and used the information to further his personal lawsuit. The information further alleges that Ben-Shabat induced other law enforcement officials, under the guise of official business, to access official records in the Arizona Criminal Justice Information System (ACJIS) database concerning the defendant in his personal lawsuit.

Computer Hacker Fugitive Extradited for Cybercrimes Relating to VOIP Telephone Services

Pena was indicted on fraud and computer hacking charges for his role in a scheme to defraud Voice Over Internet Protocol (VoIP) telephone service providers. Pena, who purported to be a legitimate wholesaler of these Internet-based phone services, allegedly sold discounted service plans to his unsuspecting customers. The Indictment alleges that Pena was able to offer such low prices because he would secretly hack into the computer networks of unsuspecting VoIP providers, including one Newark-based company, to route his customers’ calls.

Through this scheme, Pena is alleged to have sold more than 10 million minutes of Internet phone service to telecom businesses at deeply discounted rates, causing a loss of more than $1.4 million in less than a year. The victimized Newark-based company, which transmits VoIP services for other telecom businesses, was billed for more than 500,000 unauthorized telephone calls routed through its calling network that were “sold” to the defendant’s unwitting customers at those deeply discounted rates, according to the Indictment.

Computer Hacking Ring Charged by United States and Egypt in Operation Phish Phry

Operation Phish Phry commenced in 2007 when FBI agents, working with United States financial institutions, took proactive steps to identify and disrupt sophisticated criminal enterprises targeting the financial infrastructure in the United States. Intelligence developed during the initiative prompted the FBI and Egyptian authorities to agree to pursue a joint investigation into multiple subjects based in Egypt after investigators in both countries earlier this year uncovered an international conspiracy allegedly operating an elaborate scheme to steal identities through a method commonly called “phishing.” The group is accused of conspiring to target American-based financial institutions and victimize an unknown number of account holders by fraudulently using their personal
financial information.

According to the indictment that was unsealed this morning, Egyptian-based hackers obtained bank account numbers and related personal identification information from an unknown number of bank customers through phishing—a technique that involves sending e-mail messages that appear to be official correspondence from banks or credit card vendors. In illegal phishing schemes, bank customers are directed to fake websites purporting to be linked to financial institutions, where the customers are asked to enter their account numbers, passwords and other personal identification information. Because the websites appear to be legitimate—complete with bank logos and legal disclaimers—the customers do not realize that the websites do not belong to legitimate financial institutions.

source: www.cyberlaws.us