Slideshow Image 1
Slideshow Image 11
Slideshow Image 12
Slideshow Image 2
Slideshow Image 3
Slideshow Image 4
Slideshow Image 6

Directors Conference at FIA Headquarters, Islamabad. 

Slideshow Image 7

Directors Conference at FIA Headquarters, Islamabad. 

National Response Centre for Cyber Crimes

INTRODUCTION

National Response Centre for Cyber Crime (NR3C) - FIA is a law enforcement agency dedicated to fight cyber crime. Inception of this Hi-Tech crime fighting unit transpired in 2007 to identify and curb the phenomenon of technological abuse in society

National Reponse Centre for Cyber Crime (NR3C), is the latest introduction to mandate of the FIA, primarily to deal with technology based crimes in Pakistan. It is the only unit of its kind in the country and in addition to the directly received complaints also assists other law enforcement agencies in their own cases.

NR3C has expertise in Digital Forensics, Technical Investigation, Information System Security Audits, Penetration Testing and Trainings. The unit since its inception has been involved in capacity building of the officers of Police, Intelligence, Judiciary, Prosecutors and other Govt. organizations. NR3C has also conducted a large number of seminars, workshops and training/awareness programs for the academia, print/electronic media and lawyers. Cyber Scouts is the latest initiative of NR3C, in which, selected students of different private/public schools are trained to deal with computer emergencies and spreading awareness amongst their fellow students, teachers and parents.

 

VISION

A law enforcement agency that combats Cyber Crime, provides state of the art digital forensic services, enjoys the respect in the society for its integrity, professional competence, impartial attitude and serves as a role model for provincial police forces.

MISSION

To achieve excellence by promoting culture of merit, enforcing technology based law, extending continuous professional training, ensuring effective internal accountability, encouraging use of technology and possessing an efficient feedback mechanism.

SERVICES

COMPUTER FORENSICS

In today’s ever changing criminal world the use of computers for fraud and the pursuit of other crimes has increased to dramatic proportions. NR3C-FIA is a specialized department to deal with the computer crime. Computer crime is not only about fraud – online or otherwise – it also encompasses areas such as pornography, child sex abuse and the sale of black market goods online. The wide range of data content present in hard drives is potential evidence if seized from a crime scene. The process of forensic acquisition, analysis and reporting of computer storage devices is Computer Forensic. NR3C has state of the art computer forensic facility, and posses leading forensic experts to deal with all computer related crimes.

MOBILE FORENSICS

The increased utility of mobile devices such as smart phones has leveraged the criminals to communicate and use digital application, resultantly storing tremendous amount of data on the device. Criminals use smart phones for a number of activities such as committing fraud over e-mail, harassment through text messages, trafficking of child pornography, communications related to narcotics, etc. The data stored on smart phones is extremely useful to forensic analysts through the course of an investigation. The forensic acquisition, analysis and presentation of data content stored on mobile devices is known as Mobile Forensics. NR3C since inception has dealt with numerous mobile forensic cases, and also facilitates other government installations on such technical assistance.

VIDEO FORENSICS

Video recordings can provide a real time, eyewitness account of a crime so investigators can watch or hear what transpired. For instance, a surveillance video captures a bank robbery in progress, or a hidden camera records. For most crimes, however, high quality video recordings are often not available. This is where forensic video expertise can help. Forensic experts have many techniques to enhance recordings that can bring out details and provide a clearer picture of what occurred. NR3C experts have engaged in numerous video forensic investigations and have successfully identified criminals and terrorist through this forensic method.

NETWORK FORENSICS

Network forensics is the capture, storage, and analysis of network events. Regardless of the name, the idea is the same: record every packet of network traffic (all emails, all database queries, all Web browsing–absolutely all traffic of all kinds traversing an organization’s network) to a single searchable repository so the traffic can be examined in detail. It also includes the forensic examination of network devices such as router, VOIP gateways, IDS/IDP etc. The network device configuration and related data present in these devices is important in cyber crime cases. NR3C has a specialized team to investigate and process network forensic cases. They have successfully analyzed numerous network forensic investigations in past.

TECHNICAL TRAINING

Development of human resource leverages the organizations to perform efficiently. Trainings, seminars and workshops are instant source of information that gives an edge to professionals to understand and excel in their respective fields. NR3C over years has trained around thousands of individuals of academia, law enforcement agencies, judiciary, police academy, intelligence agencies etc. Trainings disseminated in relation to digital forensic comprehension of interpreting forensic reports, evidence extraction methods, laws application to judicial community. 12, 458 individuals from all walks of life ranging from a 6 grade kid to a decorated officers have been trained by NR3C to serve the purpose cyber crime mitigation

CYBER CRIME

Any activity commissioned via computer, digital devices and networks used in the cyber realm, and is facilitated through the internet medium. It can include the distant theft of information belonging to an individual, government or corporate sector through criminal tress-passing into unauthorized remote systems around the world. It includes from stealing millions of rupees from online bank to harassing and stalking cyber users.

Cyber Crime also includes sending viruses on different systems, or posting defamation messages. Commission of cyber crime can be:

  • Cyber crime has now surpassed illegal drug trafficking as a criminal moneymaker
  • Somebody’s identity is stolen every 3 seconds as a result of cyber crime
  • Without a sophisticated security package, your unprotected PC can become infected within four minutes of connecting to the Internet.

MAJOR ONLINE ACTIVITIES

In Pakistan, internet users range from 10% to 16% of the overall population

  • Social networking
  • Online banking
  • Internet surfing
  • Audio & video communication
  • Entertainment
  • Online shopping
  • Map directions / GPS
  • Online auction
  • Information sharing
  • Medical assistance
  • Online games

CYBER CRIME CATEGORIE

  • Hacking
  • Identity theft
  • Cyber Bullying
  • Cyber Stalking
  • Financial fraud
  • Digital Piracy
  • Computer viruses and worms
  • Malicious Software
  • Intellectual property rights
  • Money Laundering
  • Denial of Service attack
  • Electronic Terrorism, Vandalism and Extortion

CYBER CRIME CATEGORIES

HACKING

Trying to get into computer systems in order to steal, corrupt, or illegitimately view data. Hacking comes from the term “hacker”, who is an expert in computer programming languages and systems. Hacking, in this sense, means using unusually complex and clever methods to make computers do things. For some time, however, the popular press has used the word “hacker” and “hacking” in a negative way to refer to individuals who try to get into computer systems in order to steal, corrupt, or illegitimately view data. Hackers themselves maintain that the proper term for such individuals is “cracker”, and that their activities should be called cracking. However, in order to be consistent with the most common usage of the word, we use “hacking” here to refer to unauthorized access

WEBSITE DEFACEMENT

Website defacement is an attack on a website that changes the visual appearance of the site or a webpage. This is typically the work of system crackers, who break into a web server and replace the hosted website with one of its own. The most common method of defacement is using SQL Injections to log on to administrator accounts. Defacements usually consist of an entire page. This page usually includes the defacer’s pseudonym or “Hacking Codename.” Sometimes, the Website Defacer makes fun of the system administrator for failing to maintain server security. Most times, the defacement is harmless, however, sometimes it can be used as a distraction to cover up more sinister actions such as uploading malware or deleting essential files from the server. NR3C has successfully investigated cases relating to website defacement.

CYBER BULLYING

Cyber stalking (also called cyber harassment) is when someone uses the Internet to threaten or make unwanted advances towards someone else. This sort of harassment can cause physical, emotional, and psychological damage to the victim. Children are particularly vulnerable because of their trusting nature and give away their personal information. This information later is used against them for stalking purpose, therefore the NR3C officials advice that until the person is not a trusted individual, no information should shared over the internet.

CYBER STALKING

Using the Internet to threaten or make unwanted advances towards someone else Cyber stalking (also called cyber harassment) is when someone uses the Internet to threaten or make unwanted advances towards someone else. This sort of harassment can cause physical, emotional, and psychological damage to the victim. Children are particularly vulnerable because of their trusting nature

CHILD PORNOGRAPHY

The internet evolution has made children a viable victim to the cyber crime. As more homes have access to internet, children use the internet and chances have increased where they can fall victim to the aggression of pedophiles. The easy access to pornographic contents available over the internet lowers the inhibition of the children. Pedophiles lure the children by distributing pornographic material, and try to meet them for sexual activities which also include collection of their explicit photographs and videos. Mostly pedophiles try to contact children in chat rooms posing as teenagers, and start to befriend them to win their confidence.

Each year, countless children around the world fall prey to sexual predators. These young victims are left with permanent psychological, physical, and emotional scars. When a recording of that sexual abuse is made or released onto the Internet, it lives on forever. It haunts the children depicted in it, who live daily with the knowledge that countless strangers use an image of their worst experiences for their own gratification. NR3C, cyber crime unit has zero tolerance for pedophiles, and is driven to make cyber space a safe place for our children.

SOCIAL ENGINEERING

Social engineering is a technique used by cyber criminals to get access to confidential information. With social engineering, attackers use manipulation and deceit to trick victims into giving out confidential information. Some of the social engineering methods used by attackers:

  • Sending messages that contain dangerous attachments (e.g. malware) with text that encourage people to open the attachments.
  • Pretending to be the main administrator of a local network and asking for the victim’s password in order to perform a maintenance check.
  • Telling a victim over the phone that he/she has won a prize, in return they ask for a credit card number to deliver it.
  • Asking for a user’s password for a certain Internet service, such as a blog, and later use the same password to access user’s computer. This technique works because users often use the same passwords for many different portals.

DATA THEFT

Data theft is the act of stealing computer-based information from an unknowing victim with the intent of compromising privacy or obtaining confidential information. Data theft is increasingly a problem for individual computer users, as well as big corporate firms. The following categories are most common in data theft cases.

  • E-commerce: You should make sure that your data is safe from prying eyes when you sell or buy things on the Web. Carelessness can lead to leaking your private account information.
  • Password cracking: Intruders can access your machine and get valuable data if it is not password-protected or its password can be easily decoded (weak password).
  • Eavesdropping: Data sent on insecure lines can be wiretapped and recorded. If no encryption mechanism is used, there is a good chance of losing your password and other private information to the eavesdropper.
  • Laptop theft: Increasingly incidents of laptop theft from corporate firms occur with the valuable information stored in the laptop being sold to competitors. Carelessness and lack of laptop data encryption can lead to major losses for the firm.

IDENTITY THEFT

Identity theft refers to a crime where an individual maliciously obtains and uses another individual’s personal/sensitive information to commit frauds/scams by using the stolen identity. Mostly this crime is committed for economic gain. The cyber criminal gains access to an individual’s information by stealing e-mail details, stored information on computer databases, they eavesdrop over the networks to get hold of transactions. Identity thefts include but not limited to shoulder surfing, dumpster diving, spamming, spoofing, phishing, and skimming. NR3C has successfully investigated numerous cases of identity theft.

FINANCIAL FRAUD

Financial fraud is a criminal behavior in which a person uses wrong methods to trick a victim out of his money. The Internet fraud scheme is a common example of financial fraud, which includes emulated online sales, retail schemes, business opportunity schemes, identity theft, market manipulation schemes, and credit card schemes.

COMPUTER VIRUSES AND WORMS

A virus is a malicious program that passes from one computer to another in the same way as a biological virus passes from one person to another. Most viruses are written with a malicious intent, so that they may cause damage to programs and data in addition to spreading themselves. Viruses infect existing programs to alter the behavior of programs, actively destroy data, and perform actions to storage devices that render their stored data inaccessible.

A worm is a software program that uses computer networks and security holes to replicate itself from one computer to another. It usually performs malicious actions, such as using the resources of computers as well as shutting down the computers

INTELLECTUAL PROPERTY RIGHTS

Intellectual property rights is concerned with any act that allows access to patent, trade secrets, customer data, sales trends, and any confidential information.

DENIAL OF SERVICE ATTACK

A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as a network saturation attack or bandwidth consumption attack. Attackers perform DoS attacks by sending a large number of protocol packets to the network

  • November 24,2018

    Anchor person Shahid Masood arrested on court premises    READ MORE

  • November 23,2018

    PHC takes notice of illegal business of kidney transplants    READ MORE

  • November 19,2018

    Imposter arrested    READ MORE

  • November 18,2018

    FIA arrests bank fraud suspect from Jhang    READ MORE

  • November 16,2018

    FIA chief orders crackdown on Hundi operators    READ MORE

  • November 13,2018

    Man loses Rs 0.7m after sharing bank details    READ MORE

  • November 08,2018

    Indian DTH equipment worth Rs 78.3m seized    READ MORE