Combating Cybercrime – A Bangladeshi perspective : Computer literacy in Bangladesh is steadily on the rise. There is also a growing number of Internet users; cellular phone is widespread and so is accessibility of technology like SMS. While even a few years ago computers were vastly used as digital ‘typewriters’, they are now being employed to maintain accounts worth tens of millions of takas and more importantly, in storing useful information.
It is anticipated that the revolutionary move by the present government to digitalise Bangladesh will significantly accelerate improvements in this sector. This change of outlook towards information technology is bringing ease, independence, growth and improvement in our Bangladeshi lives. But amidst this hope for a new future, a growing threat lurks in the dark – the world of cybercrime.
Cybercrime is an obscure word for most remote users of information technology (IT). This is as true in Bangladesh as it is in the rest of the developed nations. This is however a major concern for people involved in IT.
Aware of the threat or not, everyday millions of users are being helpless victims of cybercrime. But this is not anything new as far as crimes are concerned; only the form has changed. When technology is utilised to steal or corrupt information, employed for deception or blackmail, or for any conventional felony for that matter, it is termed as cybercrime.
Rather than stealing money directly in real life, cybercriminals hack into servers of banks, using computers or mobile phones, and transfer large amount of money to other accounts. Instead of stealing files from offices, they break into computers and take away invaluable information. Introducing virus to an external computer to wipe out memory is an offence, just like arson. Essentially the crimes as similar, only the forms are different.
This crime is often committed by amateurs, rather playfully; some are known to have been executed out of rivalry, jealousy and also for monetary benefits. The cases which have been made public in Bangladesh were mostly done by a breed of non-professionals for whom hacking/cracking is a mere pastime.
In the last two years, there have been major cases of cybercrimes in reputed organisations involved in the field of IT but remained hidden from the public eye to maintain the positive image of the organisations; customers of the concerned institutions were also left in the dark.
The threat is evident. The patterns observed in Bangladesh have also been seen elsewhere in their initial stage, where cybercrime is now a major threat to commerce and living.
Everyday remote users are falling prey to virus attacks, fraud, transfer and corruption of information and other malices. Considering the social and associated damage, the loss is immense. Needless to say, only cases with considerable effect to the economy, financial transactions and politics have come under the limelight.
In Bangladesh quite a number of cybercrime have come under public attention in the last few years. Anonymous death threats to Sheikh Hasina, the then Leader of the Opposition, threats in general through emails, hacking of websites run by law enforcing agencies and defamation of private information of respected and popular individuals of the country are some of the examples of cybercrime in Bangladesh.
Apart from these headline news, uninformed users of information technology are falling prey to cybercrime quite regularly. Without any prior knowledge they are being enlisted in online surveys, sometimes becoming a pawn to crimes of a more serious nature. Without the necessary provisions for prevention or even detection, they remain undocumented in most cases.
Every year cybercrime amounts to several billion dollars of economic damage. Renowned institutions often measure the global impact of cybercrime and according to Computer Economics the monetary damage, internationally, in 2006 alone, has been over 13.3 billion dollars. As the outside world is more dependent on IT, the effect of cybercrime is more pronounced in the Western World.
As far as economic loss is concerned there has, so far, not been any serious crime involving IT in Bangladesh. One must keep in mind that financial matters here are not as dependent on technology as is the case in the outside world. We also lack the required expertise to take into account the economic set back caused by cybercrime. So there is no scope for us to relax.
Analysing cases encountered in the West we can assess the probable economic loss we may experience. The time has come when one should take precautions for fight this growing danger at the public, private or even on a personal level. Information technology is a tool that we all must embrace; there is no scope of denying its presence or effect around us.
To make our experience in this new form of technology a pleasant one, we must be adequately equipped to ensure protection against the vicious crimes. This will provide social security, ensure smooth transaction of businesses dependent on IT; it will also play a major role in ensuring foreign investment.
Recently I T Management Association of Bangladesh in collaboration with Bangladesh Police, arranged a two-day workshop of cybercrime. High officials of the police, along with the major stakeholders of the IT Sectors were present in the meet. It was realised through dialogue that ignorance remains the biggest problem of the affair at the private, institutional and even the national level. To add to this, there is a lack of modern Cyber Law, the lack of expertise of the law enforcing agencies, the absence of hi-tech tools, the nonexistence of the required infrastructure at the institutional and national level, and a dearth of motivation, not to mention the careless attitude of the different organisations involved directly in this sector, namely ISPs and Telecoms.
In the workshop, there were extensive discussion on cybercrime and its remedy and prevention and lack of technology to identify the user was acknowledged as the biggest problem. Starting from the time of availing the service till its usage, not enough care is taken to identify the user. Criminals have easy access to technology – mobile phones and the Internet — without revealing their true identity.
For the remote users, using an anti-virus software, setting up a firewall and some other security tips will suffice as a guard against cybercrime. The challenge lies at the organisational and state level. To combat this challenge, the law, the infrastructure and the manpower must be well quipped to address the problem at hand. Just as we must regulate the passage of information, the matter of freedom of information must be borne in mind. While developing a policy or designing a system one must make sure that every information deemed necessary for the user must be easily accessible while the information, to which the user has no legal right, must be carefully hidden.
At this moment, what is required is a well formulated Cyber Law. With the changing infrastructure and the changing circumstances, this law must be ratified and kept up-to-date. It is evident from studying the drafting of cyber laws of developed and some developing nations that making due consideration to the prevailing infrastructure of the country is pivotal. In these countries, there has been interference from the state to force certain infrastructural adjustments in private enterprises involved in IT.
Keeping these two considerations our neighbouring country India has formed a Cyber Law that is considered modern. In 2000, the cyber law was first drafted as an extension of the Information Technology Law. Initially covering only basic crimes mentioned in the Penal Code, the law was gradually changed to include laws peculiar to cybercrime. Another matter that was considered important in the workshop was the collection of data and evidence of a crime that has been committed and its evidential value in legal proceedings.
The matter of infrastructural development and implementation of law comes hand in hand with drafting of the law. This requires a thorough consideration of our present situation at the private and public level and incorporating changes as need be. Every aspect of service providing – server, storage, network etc.) — must be developed in accordance to the guidelines and the cyber law. It is thus important that both public and private sectors are well aware of the prevailing standards in this field.
The law enforcing agencies must be equipped with the latest technology necessary for fighting crimes related to information technology; the government must also impart academic knowledge during training of officers of law enforcement. There must be cooperation with international volunteer organisations and other experts of this field to gain expertise in the battle against cybercrime. Unless necessary steps are not taken now, it will prove impossible to try cybercrime in the court of law.
The concept of a Digital Bangladesh is welcomed by the IT professionals and the general mass. To fuel this notion the government must give due importance to the matter of cybercrime. Otherwise, like many other positive initiatives this will fall on its face. It is a matter of hope that the “National Information and Information Technology Guidelines 2009” has included Cybercrime as an agenda. To make this a success the Ministry of Information Technology, along with the IT professionals and the media must come forward.