Tag: #theft

CHALLENGES OF CORRUPTION

Corruption is a global phenomenon and it’s everywhere. Corruption has increased progressively and is now spreading more and more in our society. Corruption around the world is believed to be endemic and is universal and is a important contributor to slow economic growth, to restrain investment, to inhibit the provision of public services and to increase inequality to such an extent that international organisations like the World Bank have identified corruption as ‘The single greatest obstacle to economic and social development’. Theorists believe that ”corruption is most prevalent during the most intense phase of modernization of a country and tends to decline with institutionalisation of advanced democracy”. Basically, Corruption is offence on the part of an authority or powerful party through means that are not legitimate, immoral, or not compatible with ethical standards.

In a broader sense, Corruption is not just the bad behaviour of government officials stealing off money for their own benefit. It also includes cases where the systems do not work efficiently , and ordinary people are left in a dilemma, needing to give a bribe to get a work done. The economy of the state also plays an important role in increasing corruption. Inequality of wealth distribution, exploitation by employers, and low wages and salaries provide ideal breeding ground for corruption. Corruption also violates human rights, challenges the rule of law, distorts the development process, and dis-empowers the Indian state. Corruption is a hindrance in the process of fulfilling civil, political, economic, social and cultural rights.

FORMS OF CORRUPTION

  • Embezzlement: The theft of resources by people itself who are put to administer it. It happens When unfaithful employees steal from their employers. This is a serious offence where a public officials is misappropriating public resources, when a state official steals from the public institution in which he or she is employed and from resources he is supposed to administer on behalf of the public.
  • Nepotism: Nepotism is typical favouritism, in which an officer prefers his proper kinfolk and family members. Many unrestricted presidents have tried to secure their power position by nominating family members to key political, economic and military/security positions in the state apparatus.
  • Favouritism: Favouritism is a tool of power abuse implying “privatisation” and a highly improper distribution of state resources, no matter how these resources have been accumulated in the first place. Favouritism is the natural human tendency to favour friends, family. Favouritism is closely related to corruption so far as it implies a corrupted distribution of resources. It can be said that this is the other side of the coin where corruption is the accumulation of resources.
  • Fraud: Fraud is a financial crime that involves some kind of deception or deceit. Fraud involves a manipulation or distortion of information, facts and expertise, by public officials positioned between politicians and inhabitants, who seek to draw a private profit. Fraud is when a public official, who is responsible for carrying out the orders or tasks assigned by his superiors , manipulates the flow of information to his private profit.
  • Bribery: This form of corruption is the payment that is given or taken in a corrupt relationship. A bribe is a fixed sum, a certain percentage of a contract, or any other favour in money of kind, usually paid to a state official who can make contracts on behalf of the state or otherwise distribute benefits to companies or individuals, businessmen and clients.

Characteristics of Corruption

  1. It is a gap between group and their individual interest.
  2. It is between two or more parties since one can hardly be corrupt with one’s own self.
  3. Consenting adults that have a common understanding.
  4. It is Beneficial in future.
  5. The Existence of power that could be grabbed, entrusted or otherwise available.
  6. The misuse of the power that often drives a wedge between intended and stated positions, for benefits that is unintended.

Corruption in India is a consequence of the nexus between bureaucracy, politics and criminals. It has been observed that in cities and villages throughout India, there is “mafia raj” consisting of municipal and government officials, elected politicians, judicial officers, real estate developers and law enforcement officials, who acquire, develop and sell land in illegal ways. Many state-funded construction activities in India, such as constructing roads, flyovers, are dominated by the construction mafia, which are groupings of corrupt public works officials, materials suppliers, politicians and construction contractors.

It is now well recognized that the State is mainly responsible for both formulating and enforcing policies relating to good governance and human rights. Good governance is a key factor. The good governance agenda includes protection and promotion of human rights and rule of law. Both these functions will not be fully accomplished if corruption is widespread in government. Major challenge is that Corruption is a strong violator of human rights, particularly the economic and social rights of individuals as well as those of the State. It not only weakens development and growth, it also hinders efforts aimed at poverty eradication, socio-economic transformation and creation of an egalitarian society in accordance with the Directive Principles of the State Policy.

Methods of Stealing Information

Shoulder Surfing

Shoulder surfing is a word that refers to someone looking at another person’s computer or mobile device screen and keyboard in order to collect sensitive information. Direct observation can be accomplished by simply glancing over someone’s shoulder – a practice known as shoulder surfing – or by employing binoculars, hidden or apparent video cameras, and other optical equipment.

Example 

Shoulder surfing at ATMs is an example of a crime in which a suspect looks over your shoulder while you enter in your PIN number.

Several recent incidents have resulted in police issuing warnings, announcing arrests, and even conducting sting operations:

Milpitas (California) – On Jan. 2, 2015, a bank employee spotted a lady monitoring ATM clients. Police investigated and discovered that money had been illegally stolen from numerous consumers’ accounts.

Concept

Shoulder surfing is the act of directly observing someone to gain personal or private information. Shoulder surfing is the practice of peeking over someone’s shoulder to acquire information while the victim is unaware. This is particularly useful in congested areas if someone is using a computer, smartphone, or ATM. Shoulder surfing gets suspect fast if it occurs while there are few people around. Depending on the area and scenario, binoculars, video cameras, and vision-enhancing equipment are also employed.

Personal security keys, such as username and password combinations, are important personal and private data protections in our data and identity-driven world. Unfortunately, hackers do not necessarily require technical knowledge to obtain information. Credit card numbers, personal identification numbers (PINs), crucial personal information (such as middle names and birth dates required in password recovery) and usernames/passwords are the most often stolen data by shoulder surfing. In the case of bank accounts, this sort of information might be used to log into accounts and steal additional information, such as money.

Dumpster diving

A dumpster diving attack is a type of cyber attack made possible by searching through the victim’s trash.

While you may imagine a dirty and disgusting scene in which someone jumps into a trash, the reality is far less filthy. Threat actors might be in and out of the dumpster in minutes during a dumpster diving attack. They may, however, already have a box full of sensitive papers, storage devices, and workstations.

Example

Jerry Schneider, who established a wholesale telephone equipment firm while still in high school in 1968, is one of the most well-known trash divers. The inspiration originated from a dumpster, especially Pacific Telephone’s garbage, which contained paperwork, instructions, and bills related to the order and delivery system.

Needless to say, Schneider got in trouble and served 40 days in a security facility. He then founded a security consulting company.

Concept 

Dumpster diving is the act of searching through an organization’s trash for information that may be used to gain access to its network. Companies frequently discard sensitive data, such as system manuals, which attackers exploit to gain access to information systems. Un-erased and complete hard drives with extremely sensitive information are dumped in certain circumstances, allowing a dumpster diver to easily boot up and get information.

In many cases, dumpster diving involves getting data about a user in order to impersonate that user and gain access to his or her user profiles or other restricted areas of the Internet or a local network. Dumpster diving can mean looking through physical trash for such information, or searching discarded digital data. In either case, security experts warn users to leave a clean trail to prevent identity theft and avoid other consequences that can stem from a successful dumpster diving operation.

Businesses and other large entities have developed practical ways to discourage dumpster diving, such as shredding paperwork and locking waste bins. Other security measures include the use of firewalls and other precautions to stop dumpster divers from getting access to discarded or loose data, such as ensuring that data is wiped off of old hard drives and destroying old storage media.

Social engineering

Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.

Example

 $100 Million Google and Facebook Spear Phishing Scam

The biggest social engineering attack of all time (as far as we know) was perpetrated by Lithuanian national Evaldas Rimasauskas against two of the world’s biggest companies: Google and Facebook.

Rimasauskas and his team set up a fake company, pretending to be a computer manufacturer that worked with Google and Facebook. Rimsauskas also set up bank accounts in the company’s name.

The scammers then sent phishing emails to specific Google and Facebook employees, invoicing them for goods and services that the manufacturer had genuinely provided — but directing them to deposit money into their fraudulent accounts.

Between 2013 and 2015, Rimasauskas and his associates cheated the two tech giants out of over $100 million.

Concept

Spear phishing is a common social engineering technique. For example, a phisher may send an email to addresses at a target company asking a user to verify security information. The email is made to appear legitimate and from the IT staff or senior management, along with a warning for major consequences if the required information is not provided. As with a regular phishing attack, the victim clicks a link that goes to a site the hacker sets up to gather the sensitive information, generally with the look and feel of the real website. After obtaining the info, the hacker has the ability to access the company’s network by using a legitimate login.

Social engineering is as dangerous and harmful as any other technical attack. In fact, you could argue that social engineering is more serious than other threats, as humans are always in a vulnerable state. It is not that tough to properly configure a firewall. It is very difficult to train new staff about the dangers of social engineering exploits.