Untitled - Central Bureau of Investigation

The views expressed in the 'CBI
Bulletin' are exclusively of the authors
and do not correspond necessarily
to the official views of the Central
Bureau of Investigation.
CBI BULLETIN
Vol. XIX Nos. 4-6
EDITORIAL BOARD
Patron
AMAR PRATAP SINGH
Director
Editor
SUJEET PANDEY
DIG (Trg.)
Concept, Design & Print by:
GENESIS 98100 33682
genesisadvt@hotmail.com
CONTENTS
Page No.
Editorial 2
Counter-Terrorism and Police Legitimacy 3
The Future of Policing Challenges:
Technology (In) Crimes by Pratap Reddy 5
Forensic Auditing by J.L. Negi 8
The Wave of Future...by Akansha Gupta 14
The Architecture of Cyber Security by
Col. Debtoru Chatterjee 17
Advancement of Techniques for Forensic Examination of
CDs/DVDs by Mukesh Sharma & Shailendra Jha 38
New Building of CBI Head Office 43
lhchvkbZ cuke Hkz"Vkpkj & vfuy ijk'kj 45
In Home News 46
Cover :
Hon'ble Prime Minister Dr.
Manmohan Singh, along with Shri V.
Narayanasamy, MoS (PP), Smt. Alka
Sirohi, Secretary (P&T), Shri T.K.A.
Nair, Principal Secretary to PM, Shri
Amar Pratap Singh, Director, CBI &
others on the occasion of inauguration
of the new CBI Headquarters
RESTRICTED FOR POLICE USE
CBI Bulletin April - June 20111

Editorial
On 30th April, 2011, CBI witnessed the fulfilment of it’s long cherished
dream of having it’s own headquarters building - a state of the art,
green building. While inaugurating the same, Dr. Manmohan Singh,
the Hon’ble Prime Minister of India, lauded the professional work
done by the CBI, and the benchmark it has set for other Investigating
Agencies to emulate. He also emphasized on the commitment of the
Government towards technological needs of the organization.
In the past few decades, use of technology has indeed become an
inseparable part of crime detection. One area that has emerged
fast is the use of information technology by the criminals, which is
posing new challenges everyday for law enforcement agencies in
prevention and detection of crime. About 80% crimes, according to
me, have atleast some elements involving use of digital equipments
and of Cyber space. Therefore, the upgradation of technological and
scientific knowledge is the need of all law enforcement agencies of
the country.
Since the CBI Bulletin has become an effective medium of disseminating
the latest in the field of investigation and other police related subjects
to Investigating Officers of India and abroad, we decided to cover
issues related to Cyber Crime and Cyber Forensics in this edition of
the bulletin. We have included some important articles on Cyber
Security and Scientific Investigation which will definitely enrich the
readers involving latest technology. Articles like “The Future of Policing
Challenges : Technology in Crimes”, “Forensic Auditing” and the
article “Advancement of techniques for Forensic Examination of CDs/
DVDs” throws light on the importance of technology and forensic
development in investigation. Articles titled “Cloud Computing” and
“The Architecture of Cyber Security” explores the cyber world and
gives us updated information.
We fervently hope that this issue of the Bulletin shall make significant
contribution to the information inputs of our readers. As always, we
look forward to your comments and suggestions, which help us in
shaping the Bulletin.
Editor
2 CBI Bulletin April - June 2011

in the face of the London bombings
of 2005, he said that provision
of information to the public is a
fundamental clue to help police and
to retain contact with the public
about what measures are necessary in
the face of unprecedented threat of
terrorism. He said it is the dilemma of
our times to understand the delicacy
of the legitimacy of police work and
to provide detailed rationale for the
way the police functions in tackling
terrorism. Quoting Sir Robert Peel,
Lord Blair said, "The police are the
public and the public are the police."
12th D.P. Kohli Memorial Lecture on
“Counter-Terrorism and Police
Legitimacy”
delivered by Lord Ian Blair at Vigyan Bhawan
on 3rd June, 2011
Community Policing and
Communication with Public
is Key to Police Legitimacy
-V.Narayanasamy,
MoS (PP)
Police Legitimacy is based
on the Delicate Balance
between Police Behaviour
and Public Acceptance.
- Lord Ian Blair
Terrorists must be countered
within the Rule of Law; Fight
against Corruption should
start at School.
- Amar Pratap Singh,
Director, CBI
DELIVERING the D.P. Kohli Memorial
Lecture on "Counter-Terrorism and
Police Legitimacy" Lord Ian Blair,
Former Commissioner of Metropolitan
Police, London (Scotland Yard), said
the world is struggling to contain a
monster called terrorism, in a new
and terrible guise. He opined that the
challenge is that the effort to overcome
terrorism should not threaten the very
legitimacy of agencies involved in the
struggle.
Lord Blair said, the legitimacy of the
police in dealing with terrorism is not
based solely on adherence to laws, but
on a delicate balance between police
behaviour and public expectations.
He said police legitimacy is nourished
by conformity to rules, procedures
and justifiability of the rules in terms
of shared beliefs between police and
the public. Recounting his experience
Union Minister of State for Personnel
& Public Grievances Shri V.
Narayanasamy said that the excellence
and credibility, associated with the
CBI, are the outcome of the systems
and procedures established over the
decades. He said it is appropriate
that the values and ideals of late Shri
D.P. Kohli are recollected every year.
Shri Narayanasamy said one of the
most important reasons behind the
glorious success stories of the CBI is
the tradition of its team-work, backed
by painstaking work of each member
of this team. He said that the terrorism
must be condemned and countered,
and this will have to be done keeping
in mind all provisions of law and by
observing human rights. He said it is
only by way of strictly observing the
Rule of Law that will give legitimacy
to police and other counter-terrorism
agencies. Quoting Mahatma Gandhi,
the Minister said, "In fighting this just
war, we must use means that are
righteous and which are in conformity
with our Constitution". He advocated
the concept of community policing
in fighting crime and terrorism.
Shri Narayanasamy said that police
should expend significant resources
in communicating with public and
their communication must always
be sincere, honest, clear, consistent
and reliable. Any information gap,
he said is usually filled by unverified
reports, false leakage to the Media and
CBI Bulletin April - June 20113

umours from unscrupulous elements
of the society.
Addressing the gathering, Director,
CBI Shri Amar Pratap Singh advocated
a campaign by society against
corruption. Mr Singh said, the fight
against corruption should start at
school. Referring to the demand for
a comprehensive Lokpal Bill, he said
it would be an autonomous body to
tackle corruption at the highest level.
Shri Amar Pratap Singh said that the
CBI has investigated a number of cases
that challenge the legitimacy of police
action against alleged terrorists. He
referred to the recent Supreme Court
judgement that fake counter killings
are in the category of 'rarest of rare'
and policemen found involved in such
killings must be given death sentence.
Director, CBI said police legitimacy
is upheld only when terrorists are
countered within the Rule of Law and
in accordance with the oath which
each policeman takes and upholds
under all circumstances.
Union Minister of State for Personnel & Public Grievances Shri V. Narayanasamy
gave away Police Medals on this occasion. The awardees were :
Shri Zaki Ahmed, IPS, the then DIG, CBI, SC-III, Delhi;
Dr. (Ms.) Neeraja Gotru, IPS, DIG, CBI, SC-III, Delhi;
Shri Rakesh Aggarwal, IPS, DIG, CBI, AC-I, Delhi;
Shri Anurag, IPS, DIG, CBI, SU, Delhi;
Shri Mahesh Kumar Aggarwal, IPS, DIG, CBI, ACB, Chandigarh;
Shri Sujeet Pandey, IPS, DIG, CBI Academy, Ghaziabad;
Shri S.J.M. Gillani, IPS, DD (A), CBI HQ, Delhi;
Shri Heimonlang Nongpluh, IPS, DIG, CBI, ACB, Guwahati;
Shri N.M. Singh, Sr. SP, CBI, SCB, Kolkata;
Shri Hari Singh Gurawaria, ASP, CBI, SC-III, Delhi;
Shri Ghanshyam Rai, ASP, CBI, ACB, Lucknow;
Shri S.S. Kishore, ASP, CBI, SC-III, Delhi;
Shri Harish Chander Sharma, ASP, CBI, AC-III, Delhi;
Shri Prashant Kumar Pande, ASP, CBI, ACB, Bhubaneswar;
Shri Sushil Prasad Singh, DSP, CBI, ACB, Pune;
Shri S.K. Sareen, DSP, CBI, BS&FC, Mumbai;
Shri Kalaimani Gopalan, DSP, CBI, SCB, Mumbai;
Shri Sandip Ghosh, DSP, CBI, IPCC, Delhi;
Shri N.R. Nair, the then Inspector, CBI, ACB, Chennai;
Smt. Suresh Balyan Kumar, the then Inspector, CBI, ACB, Mumbai;
Smt. Shama Maruf, Inspector, CBI, ACB, Dehradun;
Shri Roshan Lal Yadav, Inspector, CBI, ACB, Chandigarh;
Shri Ravinder Kumar, Inspector, CBI, AC-III, Delhi;
Shri Manak Chand, Inspector, CBI, ACU-IV, Delhi;
Shri Kumaresan Krishnaswamy, Inspector, CBI, EOW, Chennai;
Shri Raj Rattan, Sub-Inspector, CBI, SU, Delhi;
Shri Ashok Kumar Sharma, the then Sub-Inspector, CBI, AC-III, Delhi;
Shri Sambhu Nath Das, Sub-Inspector, CBI, SCB, Kolkata;
Shri S. Padmanathan, Sub-Inspector, CBI, ACB, Chennai;
Shri Bansi Dhar Tiwari, ASI, CBI, Interpol, Delhi;
Shri Dilbagh Khatri, Head Constable, CBI, EOU-I, Delhi;
Shri Rewel Singh, Head Constable, CBI, SU, Delhi;
Shri Harpal Singh, Head Constable, CBI HQ, Delhi;
Shri Pan Singh Bisht, Head Constable, CBI, EO-II, Delhi;
Shri S.K. Karmakar, Constable, CBI, BS&FC, Kolkata;
Shri K. Abdul Rasheed, Constable, CBI, SCB, Chennai;
Shri S. Ravi, Constable, CBI, SCB, Chennai; and
Shri Om Prakash Bishnoi, Constable, CBI HQ, Delhi.
4 CBI Bulletin April - June 2011

The Future of Policing Challenges:
Technology (In) Crimes
PRATAP REDDY, IPS*
INTRODUCTION
USE of technology is increasingly
becoming inseparable part of Crimes
and the Criminals as such, Policing
as a profession cannot remain aloof
to the technology evolution because
of its impact on the day-to-day lives
of victims of crime. From innocuous
looking text messages on the mobiles
enticing gullible and greedy persons
with promises of millions to the
sophisticated bots and network
compromises that were seen in the
incidents of the play station network
of Sony and the Citibank Card Frauds
recently – the spectrum of crimes
involving use of technology is only
growing. The ever-increasing role of the
Information Technology touching the
lives of every citizen in India through
the various e-Governance initiatives
is bringing even ordinary citizens onto
the information highway and thereby
exposing them to the potential risks
associated with the cyberspace. Indian
economy has been served exceptionally
well by the growing Information
Technology Industry and the risks
on the information superhighway if
not addressed, have the potential to
seriously dent the Indian growth story.
The onerous burden of not only dealing
with ordinary crimes to sophisticated
crimes, but also ensuring the safety
on the information super highway
by providing the needed response
and, remedy lies at the doorsteps
of professional Law Enforcement
Agencies. 1
LEGISLATION AND
APPARATUS TO DEAL
WITH CYBER CRIME IN
INDIA
Enactment of the Indian Information
Technology Act, 2000 and the
establishment of the first Cyber
Crime Police Station at Bangalore
in 2001 signaled the will of the
Indian Government and Indian Law
Enforcement Agencies resolve to
tackle the technology crimes in a more
focused way. Since then, almost every
State has created a dedicated Cyber
Crime Police Station and/or Cyber
Crime Cells. The CBI took the initiative
to establish the country's most wellequipped
Cyber and High-tech Crime
Investigation and Training Centre
(CHCIT) with the assistance of the
Department of Information Technology
(DIT), Government of India. The
rapid growth and sophistication of
technologies during the last decade
alone, has led to increasingly newer
types of crimes, so far unknown being
reported. The realization that some
important elements were missing in the
I.T. Act, 2000 and the emerging nature
of Cyber Crime demanded a substantial
overhaul of the I.T. Act, 2000. This
has culminated in the Information
Technology (Amendment) Act, 2008
covering various issues that emerged
with the increased proliferation of
technology and tools and India's
willingness and preparedness to legally
deal with these emerging challenges of
technology was amply demonstrated
with the amendment of the I.T. Act,
2000 within less than a decade. The
senior police leadership has been
focusing its attention on the capacity
building within Law Enforcement
Departments to deal with technology
crimes with the introduction of
Cyber Crime modules as part of law
enforcement trainings across India.
Public Private Partnerships (PPPs)
like the NASSCOM-DSCI2 Cyber
Security Initiative has been working
with various State Police Departments
through its network of Cyber Labs
and is providing training to the Law
Enforcement Officers and other
Government officials in the areas of
Cyber Crime Investigations and Cyber
Forensics. Over 8,000 Police personnel
and Prosecution personnel have been
trained at these Cyber Labs.
Despite the efforts from Governments
and Law Enforcement Agencies in
India, there is a huge and unmet need
to build broad-based and specialized
skills among the Law Enforcement
Agencies to tackle the threats posed
by technology crimes.
ISSUES AND CHALLENGES
IN DEALING WITH CYBER
CRIMES
Under-reporting of Crimes:
There is a general lack of appreciation
at the cutting-edge level Investigators
on the issues arising out of Cyber
1
The words 'Technology Crimes' and 'Cyber Crimes' have been used interchangeably in this acrticle.
CBI Bulletin April - June 20115

Crime and the provisions of the Indian
Information Technology Amendment
Act, 2008. In the absence of the
wherewithal to investigate technology
crimes, a certain tendency is being
seen, wherein the officers either find it
easier to file the cases simply under the
conventional IPC categories without
invoking the Information Technology
Amendment Act, 2008 or dodge the
registration of the crime. Either way,
this is leading to under-reporting of
technology crimes.
In crimes involving individual victims,
a large number of online victims
(generally women) of obscenity,
threat, etc., are approaching the Law
Enforcement Authorities for resolution
of their grievances and do not wish to
pursue their cases in a Court of Law for
fear of loss of reputation and honour.
Similarly, number of individuals,
largely well educated and, people in
high positions, who have fallen victims
to the online frauds (popularly known
as Nigerian Frauds), in majority of the
cases do not want to pursue criminal
investigations due to the fear of
ridicule and they too want amicable
resolution.
The I.T. Industry, of late, has started
seeing increasing number of crimes
committed by insiders and also by
external organized criminals. While the
industry with its vast internal technical
resources deals with the incidents in a
very serious way, are wary of making
public many incidents by reporting
them to law enforcement due to the
concerns of enterprise reputational
risks.
Finally, the concerns of the enterprises
in the ability of the Law Enforcement
Agencies to investigate technically
complex cases and subsequently, the
long time taken for completion of
trail in Criminal Courts are important
factors discouraging the companies
from reporting the Cyber Crime seen
in their enterprises.
TECHOLOGY-RELATED
CHALLENGES
Internet and the related communication
technologies that evolved over a
period of time, were primarily aimed at
enhancing the operational efficiencies
of the business enterprises and
subsequently, extended to make the
lives of the common citizens seamless
and connected. Vulnerabilities of the
networks, systems and various devices
started attracting the attention of the
organized criminals and, the ordinary
criminals alike due to easy access and
near anonymity of the criminal in
the cyberspace and finally, the ease
of launching criminal attack from
anywhere in the world, without any
national geographical restrictions. The
ubiquitous nature of the hand-held
devices and their interoperability over
vast networks has added an additional
dimension to the threats from
cyberspace. The retrofitting of security
technologies and the forensic tools
to dissect and unravel the criminal
acts are complex, not easily available
and, above all, are expensive. The
technology-related issues have made
the job of the law enforcement more
complex in investigating technology
crimes. Law Enforcement Agencies
are further handicapped by the lack of
technical skills among the Investigators
in understanding emerging technologies
and the tools needed for forensically
extracting the needed evidences.
LEGAL AND
JURISDICTIONAL
CHALLENGES
In the conventional offences scenario,
the victim and the perpetrator have
some physical and proximate contact
and this allows the Law Enforcement
Agencies to conclusively connect
the criminal to the crime. However,
in Cyber Crimes, the victim and the
perpetrator need not be physically in
contact and, in fact, they can be located
in two or more geographically distant
locations (often different countries).
This leads to issues of jurisdiction and
compatibility of legislations to proceed
against the criminals and finally,
becomes a huge task for the Law
Enforcement Agencies to connect the
perpetrator to the crime. The present
level of international cooperation is
not able to effectively deal with transborder
crimes like Cyber Crimes.
NEED FOR A NATIONAL
ACTION PLAN
Keeping in mind the challenges
identified, there is an urgent need to
come up with a National Action Plan
for addressing the challenges posed
by technology crimes. The following
measures will help us address the
issues:
Build Cyber and High-tech Crime
investigations infrastructure with latest
technology and tools, across various
Law Enforcement Agencies in India.
Efforts like the CHCIT of CBI and
the CCPS of Bangalore needs to be
replicated across India to focus on the
investigations of Cyber and High-tech
Crimes.
Make sustained efforts to build
technical skills among the identified
Investigators by imparting them
advanced trainings in Cyber Crime
investigations and Cyber Forensics.
Work on a general plan to create
widespread awareness among the Law
Enforcement Personnel to appreciate
the importance of digital evidences,
which have become common feature
even in most of the conventional
crimes. This will promote reliance on
scientific evidences rather than bruteforce
investigation methods. The
increasing awareness will also lead to
greater number of technology crimes
getting registered at the Police Station
level and thereby solving the problems
of under reporting / non-registration of
technology crimes.
6 CBI Bulletin April - June 2011

Build advanced Cyber Forensics
expertise among the personnel of
Forensics Sciences Laboratories to
help Investigators to deal with complex
technology crimes.
Work with the Prosecution and
Judiciary to build awareness on the
digital evidences and Cyber Forensics
to enable them to appreciate the
tools and technologies used by the
criminals and the forensics used by the
Investigators.
Overcome the lack of internal capacities
among Government agencies and the
Law Enforcement Agencies to deal
with the emerging and fast-paced
changes in technologies by working
with the industry and academia. Such
collaborations will allow the agencies
to avail of the services of the experts
and advanced tools for technology
crimes resolution.
Enhance collaborations with various
international bodies (Government
bodies, industry and for profit/not for
profit bodies) working in the areas of
enhancing Cyber Security and Cyber
Crimes prevention, so as to bring in
increased cooperation in investigations
of Cyber Crimes.
CONCLUSION
The challenges to deal with Cyber Crime are enormous. However, we in India are
uniquely positioned to address the challenges by leveraging –
(a) The vast number of technically qualified personnel within the Police Departments,
who can be made future ready to tackle Cyber Crime with appropriate capacitybuilding;
(b) A contemporary legislation dealing comprehensively with various technology-related
crimes; and
(c) A huge and world renowned I.T. Industry with advanced technical expertise in all
emerging areas of Information Technology and Communications. It is up to the
Indian Law Enforcement Agencies and its leaders, to leverage these opportunities to
fight the menace of Cyber Crimes competently and effectively.
2
NASSCOM (National Association of Software and Service Companies) and DSCI (Data Security Council of India).
*
The author is Senior Director, Cyber Security, NASSCOM
CBI Bulletin April - June 20117

Forensic Auditing
J.L. NEGI, GM, RBI, CBI HO, New Delhi.
INTRODUCTION
‘FRAUD’ refers to an intentional act
by one or more individuals among
management, those charged with
governance, employees or third parties
involving the use of deception to
obtain an unjust or illegal advantage.
Fraudulent financial reporting
involves intentional misstatements,
in any one or more ways as stated
as deception such as manipulation,
falsification or alteration of accounting
records or supporting documents,
misrepresentation in or intentional
omission from the financial statements,
significant events, transactions or
other information, intentional,
misapplication of accounting principles
relating to measurement, recognition,
classification, presentation, or
disclosure of material transactions.
Accounts may be falsified to conceal
absolute theft of money or money’s
value and true results of operations
or financial position of the entity with
a view to prevent timely detection of
frauds. Detection of fraud is necessary
to book the fraudster. There are many
methods by which fraud can be
detected and investigated and one of
such method is forensic auditing.
For any entity, the biggest challenge
is to prevent leakages and fraudulent
activities present in the system. Placing
the internal controls in place, having
proper internal and forensic auditing
strategies should form a significant part
of the Implementation Guidelines.
Major accounting scandals involving
Enron, Worldtel, Parmalat and Satyam
have been widely reported. In all these
cases, the methods and purpose of
manipulations in financial statements
were peculiar to the motives of such
manipulations. Such frauds were
successfully investigated with the aid
of forensic auditing.
The objective of forensic audit is to
find whether or not a fraud has taken
place. Forensic auditor shall have to
examine voluminous records and
witnesses, if permitted by law. Proper
documentation is vital in substantiating
the findings. The auditors need to have
a fair knowledge of entity’s business and
legal environment. They should also
have awareness of computer-assisted
audit procedure for carrying out proper
forensic audit. The forensic audit also
requires an innovative approach from
the auditors, so that they are able to
outsmart the fraudster.
DEFINITION
Forensic auditing is examination
of an organization’s or individual’s
economic affairs, resulting in a report
designed especially for use in a Court
of Law. Forensic audit is similar to the
tax audit. Both strive to establish a
comprehensive picture of an entity’s
finance (assets, liabilities, total income,
and cash flow). However, while a tax
audit is intended to determine the
true size of one’s tax liability, forensic
audit can have several goals, including
mapping cash flow/cash transactions,
indentifying accounting errors and
enumerating total assets. Forensic
auditing involves examination of
legalities and financial audits. The
objective is to find out whether or not
true business value has been reflected
in the financial statement and in the
course of examination to find whether
any fraud has taken place.
The term ‘forensic audit’ has not
been clearly defined anywhere.
However, the object is to relate the
findings of audit by gathering legally
tenable evidence and in doing so, the
corporate veil can be lifted (in case
of corporate entities) to indentify the
fraud and the persons responsible for
it (a criminal offence).
A forensic auditor is supposed to
have expertise in one or more of
relevant disciplines like auditing, fraud
examination, accounting, law, and
computer technologies apart from the
investigative skills to collect, analyze
and evaluate evidential matter and
to interpret and communicate the
observations and findings. Forensic
audits are used whenever Law
Enforcement Agencies need reliable
data on parties’ financial status or
activities.
ELEMENTS OF FORENSIC
AUDITING AND AREAS OF
APPLICATION
Forensic auditors begin by taking
all the accounts, inventories, assets,
capital and other economic elements
and determining how they should
work together. To use an example, if
an auditor sees that a business grosses
Rs. 10 crore a year, he assumes that the
profits, cash, new capital, inventories,
payroll, rent and other costs add
up to Rs. 10 crore. He looks at the
profits, cash, etc., and checks how
they ought to interact (e.g. in some
cases, an systemic overlap between
certain values, which the accountant
would make note of so as not to
overcount. Once he has collected all
of the elements (as well as caveats) he
8 CBI Bulletin April - June 2011

would establish an ideal model as to
how each side of the balance sheet
should read. Auditing for fraud is as
much of an intuitive process as it is a
formal, analytic methodology. It is as
much of an art as it is a science. Skill
depends on the right mind-set (like
thinking like a fraudster, keen eye to
look at weaknesses in controls) and
practice. The requirement is not just
to master the techniques of forensic
audit but also to have the required
mental disposition of doggedness and
persistence. There is a rising trend of
frauds involving small amounts, so that
these do not get highlighted easily.
The truth is that today is an age of
complexity where new technological
developments have spurred
developments in so many walks of life
and subject areas. Concentrating on the
financial system, the financial system
infrastructure is mainly dependent
on the technology backbone. New
types of products including derivatives
and various delivery channels are
simply impossible to design, build
and implement without availability of
computing technologies.
Product innovation and their
complexities in globalized and
competitive world have created a
plethora of accounting rules and
other regulations impacting the way
transactions are stored, recorded and
valued. This milieu has led to increased
susceptibility to mask fraudulent
activities.
The penetration of technology has led
to a situation that clear trail of a financial
transaction can be made possible only
after drilling through several layers of
technologies in addition to the human
component. Forensic accounting
methodologies is imperative to fully
decrypt and decipher the mechanics
of the complex financial transaction
and conclude about the presence
of a fraud and to present the case in
manner amenable and acceptable in a
Court of Law.
Facing a rising volume of frauds and
involvement of the employees in a
large number of cases, the country’s
financial system has geared up to use
IT-enabled forensic audit system to
counter it. More and more corporates
are making attempts to use IT-enabled
solutions for proactive data analysis.
But use of IT in fraud detection is
still in the nascent stage. Despite
advancement in IT, most frauds are
still being detected through internal
audits, regulatory inspections, surprise
visits by vigilance team and complaints
received from public.
INTEGRATION OF
FORENSIC AUDITING
WITH REGULAR
INVESTIGATION
In India, there are agencies which are
responsible for investigating fraud and
corruption. To make their effectiveness
better, there is a need to integrate
forensic auditing with the traditional
tools used by the investigating
agencies. The forensic auditing can
provide preliminary data upon which
these investigating agencies can
base their investigations. The formal
wedding between forensic auditing
and investigating agencies can go a
long way in preventing frauds. Fraud
investigation requires competence in
forensic audit and also technical and
transactional expertise.
Normal Audit Vs. Forensic
Audit
It is essential that differences between
the normal audit and forensic auditing
are clearly understood and appreciated.
The questions the forensic auditor
has uppermost in mind are not how
an accounting system and internal
controls stack up against applicable
standards, but rather to understand
and analyze;
Where are the weakest links in
the system’s chain of controls?
What deviations from
conventional good accounting
practices and/or rules or
guidelines are possible in the
system?
How are off-line transaction
handled?
Who can authorize such
transactions?
What would be the simplest way
to compromise this system?
What control features in the
system can be by passed by
higher authorities?
What is the nature of the work
environment and
What are the provisions on
manual intervention?
Comparison between normal
audit evidence and forensic audit
evidence includes many aspects
like documentation verses public
document searches, inquiry verses
interviewing, confirmation verses
varied alternative sources, physical
examination verses electronic
laboratory analysis of evidence, reperformance
verses detailed analysis of
electronic data and observation verses
surveillance. Most of the corporate
by statute are required to engage
Statutory Auditors to audit the balance
sheet. The auditors do the auditing
of the financial statements on the
basis of information provided by the
management. They cannot do detailed
auditing as mandate does not give the
scope of such auditing. Moreover
they do not do the investigative work.
There are distinct differences between
Statutory Audit and Forensic Audit
which are as under:
CBI Bulletin April - June 20119

Sl. No. Function Statutory Audit Forensic Audit
1. Objective Express opinion as to ‘true & fair’
presentation.
2. Techniques ‘Substantive’ and ‘compliance’
procedures.
3. Period Normally, all transactions of the
particular accounting period.
4. Verification of stock, Relies on the management
estimation of realizable value certificate/representation of
of current assets, provisions/ management.
Liability estimation, etc.
5. Off balance-sheet items (like
contracts, etc.)
Used to vouch the arithmetic
accuracy & compliance with
procedures.
6. Adverse findings, if any Negative opinion or qualified
opinion expressed, with/without
quantification.
Determine correctness of the accounts
or whether any fraud has actually taken
place.
Analysis of past trend and substantive
or ‘in depth’ checking of selected
transactions.
No such limitations. Accounts may be
examined in detail from the beginning.
Independent verification of suspected/
selected items carried out.
Regularity and propriety of these
transactions/contracts are examined.
Legal determination of fraud and naming
persons behind such frauds.
Professional auditing standards have
enjoined upon auditors to consider
the risks of material misstatements
due to a fraud. During the course of
an audit, evidence or information
may come to the auditor’s attention
that fraud may have occurred and
the auditor maintains an obligation
to perform sufficient audit work to
obtain reasonable assurance that the
financial statements are not materially
misstated. In such a circumstance it
may become necessary to involve a
forensic specialist in order to obtain
the appropriate level of assurance with
respect to the financial statements.
Propriety Audit v. Forensic Audit
There is also difference between
Propriety Audit and Forensic Auditing.
The propriety audit is not complete
in itself and it can be supplemented
by forensic auditing. Propriety audit
is conducted by Supreme Audit
Institutions (SAI) to report on whether
Government accounts, i.e., all
expenditure sanctioned and incurred
are need-based and all revenues due
to Government have been realized in
time and credited to the Government
account. In conducting the propriety
audit, “Value for Money audit”
technique aims at lending assurance
that economy, efficiency and
efficacy have been achieved in the
transactions for which expenditure has
been incurred or revenue collected is
usually applied. The same analogy,
with modifications to the principles of
propriety of public finance, applies in
forensic audit to establish fraudulent
intentions if any, on the part of the
management. Financial frauds results
of wasteful, unwarranted and unfruitful
expenditure or diversion of funds
by the investigated entity to another
entity.
TECHNIQUES OF
FORENSIC AUDITING
One of the techniques is a case of
unintentional errors (mistakes) or
fraud. The Benford’s law states that
fabricated figures as indicators of
fraud possess a different pattern from
random or valid figures. On detecting
any such phenomenon, the variable
is subjected to a detailed scrutiny.
Relative Size Factor detects outliers
or unusual data, which may be due
to either simple errors or frauds based
on the basic concept that each field
in any transaction has a normal range
and any data falling outside the range
is unusual or an outlier and need to be
further, investigated. There are many
other techniques of forensic auditing.
Two of the important techniques are
discussed in this article.
(a)
Data Mining and Data Analysis
Technique – Data mining can
be used as a forensic auditing
technique which involves use
of computer-assisted technique
to mine large volumes of data
for new, hidden or unexpected
information or patterns. Data
mining techniques are categorized
into Discovery, Predictive
Modeling and Deviation and Link
analysis. One of the best ways
of addressing the challenge of
fraud, waste and abuse is through
computer matching. Regarded
as effective management tool,
matching techniques can be
used to examine extremely large
amounts of computerized data
10 CBI Bulletin April - June 2011

(b)
quickly and cheaply. The ability
to match computer data or in
modern terms data mine has
come a long way as evidenced
in burgeoning forensic auditing
field. Data analysis is, in fact, one
of the most important techniques
for any auditing leave alone the
forensic auditing and it can help
in giving audit a meaningful
direction. Database can be
used for generating meaningful
information which can provide
useful feed for auditors going
to audit on the ground. The
database generated by various
filed units can be operated upon
by some data mining software,
such as ACL (Audit Command
Language) which will throw all
the exceptions in a financial
year. Similarly, various types of
exceptions can be generated both
on the revenue and expenditure
side. The analysis of data can give
useful trends which can be used
for analyzing control weaknesses
and also for putting a proper
control system in place.
Critical Point Auditing Technique
- Critical point auditing technique
aims at filtering out the symptoms
of fraud from regular and normal
transactions in which they are
mixed or concealed. For this
purpose, financial statement,
books, records, etc. are analyzed
mainly to find out:
(i) Trend-analysis by tabulating
significant financial transactions;
(ii)
Unusual debits/credits in accounts
normally closing to credit/debit
balances respectively;
(iii) Discrepancies in receivable
or payable balances inventory
as evidenced from the nonreconciliation
between financial
records and corresponding
subsidiary records (like physical
verification statement, priced
stores lodgers, personal ledgers,
etc.);
(iv) Accumulation of debit balances in
loosely controlled accounts (like
deferred revenue expenditure
accounts, mandatory spares
account capitalized as addition
to respective machinery item,
etc.);
(v) False credits to boost sales with
corresponding debits to nonexistent
(dummy) personal
accounts;
(vi) Cross debits and credits and
inter-accounts transfers; and
(vii) Weaknesses/inadequacies in
internal control/check systems,
liked delayed/non-preparation of
bank reconciliation statements,
etc. Forensic auditing should
focus on significant transactions.
The critical point auditing
technique emphasizes on
trend analysis by tabulating
significant financial transactions,
detecting unusual debit and
credit balances. The techniques
also focuses on weaknesses/
inadequacies in internal control/
check system like delayed or non
reconciliation of figures reported
through accounts. The analysis
of these can help in bringing out
significant deviations. Besides,
the techniques also emphasizes
on finding out false debit or credit
entries to detect frauds related
with omission or commission.
The Computer-Assisted Auditing
Tools (CAATs) are used to deal
with auditing in computerized
environment for querying
large datasets and to process
complex transactions, thereby
saving time and improving
effectiveness. The tools help an
auditor in implementing auditing
procedures such as testing details
of transactions and balances,
identifying inconsistencies or
significant fluctuations in the
datasets being tested, testing
general as well as application
control of computer systems,
re-performance of calculations
performed by application or
accounting systems among other
areas.
STEPS TO BE FOLLOWED
IN FORENSIC AUDITING
Certain steps would be required to
establish a viable forensic auditing in
unearthing the fraud;
(1) Identify the Risks: The risk
matrix needs to be established
to identify the risk by doing
analysis on distribution chain,
level of awareness, absence of
a proper grievance mechanism,
non integration of accounts, noncreation
of asset created out of the
fraud amount, lack of appropriate
documentation, the structure
of management information
systems, the frequency of the
irregularities, etc.
(2) Determine how these risks can
be exploited: Each of risks can
lead to siphoning off the money.
The risk may be examined to
establish integrity of the data
and end-use of the funds. Each
of the risks can be exploited and
has got a potential for fraud and
therefore, needs to be addressed
carefully.
(3) Availability of information: This
is a significant aspect of forensic
auditing. The form and content of
information has a direct bearing
on any investigation. The auditors
should be thoroughly familiar
with the rules & regulations to
identify the source of information
and also to determine how it can
be used for drawing inferences.
The actual expenditure should
be linked to asset created and
CBI Bulletin April - June 201111

to compare it with some preestablished
benchmarks. Getting
hold of relevant information
is very critical for any fraud
investigation.
(4) Develop Forensic Testing
Protocols: This step would
require a proper design of
forensic auditing protocols,
such as sample size for data
testing, fraud risk questionnaire,
developing operations flow chart
and analyzing various aspects of
those operations, developing a
cause and effect relationship for
various problems anticipated in
the project etc. There are three
phases to develop effective antifraud
devices; assess, improve and
monitor. A fraud risk assessment
is a proactive step that can be
taken to identify areas that pose a
high risk of fraud. Once the risks
are identified, a gap analysis can
be completed and improvements
can be recommended to mitigate
the fraud risks, which can be
subsequently monitored. The gap
analysis and recommendations
would typically be completed by
a team separate from the team
that will ultimately audit the
improvements. A response plan
should be put in place to ensure
that there is a process to address
any frauds that arise.
(5) Perform data mining: Data
analysis and data mining is the
most important aspect of any
forensic audit protocol. Thus,
digitization of the ground data
is quite significant for generating
essential forensic auditing
protocol. The use of data
mining software would imply
that the entire database has
been examined and the residual
errors which are characteristic
of any sampling plan would
automatically be eliminated from
the system.
(6) Analyze the results of data
mining: Analysis of results of data
mining would be significant for
drawing conclusions. Analytical
procedures can use for analyzing
results of data mining. These
procedures include comparing
the trends in the current year
with last year’s trend, projection
of trend in various quarters of the
current financial year, analysis of
any abnormal variations in the
trend, analysis of performance
indicators. These analytical
procedures can be applied on
the data mined from the database
to firm up conclusions regarding
the operations. The analytical
procedures help in proper
interpretation of data.
(7) Use the results of data mining:
The results of data mining can
be used where the likelihood
of fraud is high and significant
deviations are noted in data
mining. This would help in saving
a lot on the total audit resources
required in conducting the actual
audit at the field level as the audit
teams will not be required to go
to all the field locations.
(8) Sharing experiences and best
practices: Experience sharing
and training would form a part of
Forensic Auditing protocol. The
forensic auditing discipline needs
to be cultivated further.
PRESENT STATUS IN CBI
Presently, CBI is investigating cases
involving financial, economic and bank
frauds and use of forensic auditing
is seen. During the investigation, the
evidences are gathered and presented
before the Court of Law to prove
the charged. The element of tracing
of the funds out of the proceeds of
crime and attachment of property out
of the proceeds of the crime is being
attempted by CBI in some big cases
investigated by it. In order to unearth
the benefit of fraud derived out of the
proceeds of the crime by the fraudsters,
tracing of the funds is essential and
with the help of experts, CBI is tracing
the funds out of the fraud amount. The
detailed investigation is undertaken
to collect the route followed by the
fraudsters in diversion of the funds,
so that the assets acquired out of the
proceeds of the crime can be traced.
After tracing of the proceeds of the
crime, attachment of such properties
is attended to. The attachment of
the property can be made either
under the provisions of Criminal law
(Amendment) Ordinance, 1944 or
under the provisions of Prevention
of Money Laundering Act, 2002. In
order to attach the property, credible
documentary evidence is required
which can be tested before the Court
of Law to prove that property sought
to be attached is acquired out of the
proceeds of the crime. This can be
made possible by wedding of time
tested method of investigation with
forensic auditing.
The forensic auditing with the help of
computers has been extensively used
in the case of Satyam Scam investigated
by CBI. Certain sections of employees
of the Satyam in connivance with
MD and CMD have hidden the fake
invoices in their systems by swapping
the strings S (show) by H (hide) and
H by S, thereby deceived the large
majority of employees of the company
who were the stakeowners. The
modus operandi was unearthed by
CBI by running a programme on the
system by reversing the role of S and
H, thereby the existence of 7651 fake
invoices worth of Rs. 5118 crore was
unearthed. This was doubly confirmed
through the employees who were
shown as executors of the projects
and information obtained from the
banks who did not receive cash from
fake customers. The employees who
did the manipulation and customers
against whom fake sales were shown
also confirmed the manipulation in
12 CBI Bulletin April - June 2011

the records. The generation of invoices
was retrieved from data mining,
which runs into millions of records.
The author of the fake invoices were
detected through swipe card details
especially where Machine No., ID No.
were completely destroyed/eliminated
and passwords were extensively
compromised. Certain fake invoices
to the extent of Rs. 430 crore was
unearthed with the help of detailed
audit trail tracing the e-mails which
were created in India but masked
as the mail originated overseas. On
the basis of deceptive mails certain
products were developed without the
specifications of the customers and
after booking of the revenue, products
were not delivered to customers
but were achieved. The author of
the mail was detected with the help
of computer and service provider.
The promoters of the company have
diverted the money by floating 237
front companies. The amount was
layered in such a way to deceive the
stakeholders. The layering of the funds
was traced through detailed auditing
which helped the investigating agency
to present the credible evidence
before the Court. 6,000 acres of land
were purchased by the promoters out
of the proceeds of the crime which
were traced. Enforcement Directorate
has already initiated action to attach
the properties acquired after 1st
July, 2005. The balance-sheet of the
company was manipulated where
loans taken from front companies and
banks were not shown as liability in
the balance sheet. The asset side was
manipulated by showing equivalent
amount of loans transferred from Bank
of Baroda, New York against amount
collected against fictitious sales.
These fraudulent transactions were
detected by preparing monthly cash
flow statements as well as scrutiny of
vouchers.
CBI is building capacity amongst its
officers by way of training to equip
them with tools and techniques of
forensic auditing for its extensive
application in successful detection and
prosecution of financial frauds.
CONCLUSION
Forensic auditing is a comprehensive auditing tool. Once it is completed, the
organization’s key stakeholders should capitalize on the work by implementing
controls to reduce the risk associated with the event identified as having material
and significant ratings and being most likely to occur. The strength of current controls
in place and whether they are preventive controls or detective controls are taken into
consideration. Can the current controls be overridden or circumvented? Future audit
programmes should include test on the design and implementation of these controls.
If an event has been identified as inconsequential, forensic auditors may decide to
take no action; even so, at least it would be documented and management would
be aware of its existence. The forensic risk assessment is not the end of the process.
Circumstances change constantly and some changes may trigger the need to revise
the assessment. A fraud risk assessment process should be ongoing, dynamic and
reflect the organization’s current business conditions. Forensic auditing combines
legalities alongside the techniques of propriety (VFM audit), regularly, investigate and
financial audits. The main aim is to find out whether or not true business value has
been reflected in the financial statements and whether any fraud has taken place.
In future, more and more organizations will be adopting forensic auditing tools to
strengthen their systems and controls, given its inherent strength and advantages.
CBI Bulletin April - June 201113

The Wave of Future...
IN today’s computing world, it can
often feel like we are drowning in
wave after wave of new trends. Cloud
Computing is one such big wave.
EXPANDING CYBERSPACE
In recent decades, “cyberspace”
has grown phenomenally. An
interconnected global digital
infrastructure, cyberspace includes the
Internet, computer systems, hardware,
software & services and digital
information. Collectively, cyberspace
has brought unprecedented economic
growth, opportunity, and prosperity.
It is the nervous system of today’s
economy - most of our major economic
institutions would not operate
without it. It enables e-commerce,
e-government, information-sharing
and trade.
Cyberspace also evolves quickly.
Technologically, the connectivity,
devices and uses of today - computing
tablets, home networks, smart meters,
cloud computing, social networks -
have made the cyberspace of today
radically different from that of five
years ago. Demographically, young
generations view social networking and
online collaboration as parts of their
daily lives. Geopolitically, cyberspace
is expanding across borders, making
the world smaller. Cyberspace will
continue to evolve and change and
its future is exciting and in many ways
unpredictable.
WHAT IS CLOUD
COMPUTING?
The term cloud computing “comes
from the early days of the Internet
where we drew the network as a
cloud… we didn’t care where the
messages went… the cloud hid it from
us.” – Kevin Marks, Google
While there has been much debate
over what cloud computing means,
in reality, the term is generic. Cloud
computing is a future where companies
won’t host their own infrastructure.
It is a result of commoditization of
IT services. In other words, it’s a
transition of a once-exciting and new
activity (an innovation) i.e. internet
into a more commonplace and
standardized commodity. All business
activities keep on moving on this path
of innovation to commoditization. The
perfect example for this is electricity or
water services.
Akansha Gupta*
There was a time when every
household, town, farm or village had
its own water well. Today, shared
public utilities give us access to clean
water by simply turning on the tap;
cloud computing works in a similar
fashion. Just like water from the tap
in our kitchen, cloud computing
services can be turned on or off
quickly as needed. Like at the water
company, there is a team of dedicated
professionals making sure the service
provided is safe, secure and available
on a 24/7 basis. When the tap isn't on,
not only are we saving water, but we
aren't paying for resources we don't
currently need.
In the term ‘Cloud Computing’, the
word "cloud" is used as a metaphor
for "the Internet," so the phrase "cloud
computing" is used to mean a type
of Internet-based computing, where
services (such as servers, storage,
applications and so on) are delivered
14 CBI Bulletin April - June 2011

to an organization's computers and
devices through the Internet as an ondemand
service.
CHARACTERSTICS OF
CLOUD COMPUTING
As per definition of ‘The National
Institute of Standards and Technology
(NIST)’, the cloud model promotes
availability and is composed of five
essential characteristics:
On-demand self-service,
Broad network access,
Resource pooling,
Rapid elasticity,
Measured Service.
Three service models:
Cloud Software as a Service
(SaaS),
Cloud Platform as a Service
(PaaS),
Cloud Infrastructure as a Service
(IaaS));
and four deployment mode ls:
Private cloud,
Community cloud,
Public cloud,
Hybrid cloud.
PROS AND CONS
Over the past several years, cloud
computing has begun to expand
in the business community. One
of its major advantages is that a
business does not need to have any
knowledge, expertise, or control of
the infrastructure. Obviously, this can
become a huge cost savings for those
businesses who utilize the services
inherent with cloud computing.
For instance, some services include
online business applications that are
accessible through any browser from
any computer. The actual software and
data resides on servers external to the
business itself. It is easy to understand
how this becomes very attractive to
businesses; they would not have to
invest huge sums of money in software
and hardware. Since they do not own
the host infrastructure, they only pay
the provider for services and resources
they consume.
Although, cloud computing might
appear attractive to a business, it is not
without its own unique problems and
concerns. Accessing a remote server to
initiate an application via the Internet
presents several obvious security risks.
Storage of sensitive corporate data
on a remote server raises concerns
regarding the privacy and accessibility
of that data by an unauthorized second
party. The business or customer is not
generally aware of the physical location
of the data. Likewise, they may not
be able to discern what policies/
procedures are in place to recover
data should a server crash or become
compromised. Legal and regulatory
requirements and compliances may
be lacking in the location(s) where
the data is actually stored. The longterm
viability of the data itself and
its availability could become a major
issue should the provider no longer
offer the services due to bankruptcy,
going out of business, or merging with
another company.
LAW ENFORCEMENT
CONCERNS
As one would expect, cloud
computing raises some unique law
enforcement concerns regarding the
location of potential digital evidence,
its preservation, and its subsequent
forensic analysis. For instance, if a
customer or business becomes the
target of a criminal investigation,
they could migrate their working
environment to a cloud environment.
This would provide a means for
the business to continue its routine
operations while the migrated
environment is forensically analyzed.
However, this is not without risk.
The migrated data only represents a
“snapshot” of when it was sent to the
cloud. Since the data can be stored
anywhere in the world, its dispersal
could be to a location or country
where privacy laws are not readily
enforced or non-existent. Establishing
a chain of custody for the data would
CBI Bulletin April - June 201115

ecome difficult or impossible if its
integrity and authenticity cannot
be fully determined (where was it
stored, who had access to view it,
was there data leakage, commingling
of data, etc.). There are also potential
forensic issues when the customer or
user exits a cloud application. Items
subject to forensic analysis, such as
registry entries, temporary files, and
other artefacts (which are stored in
the virtual environment) are lost,
making malicious activity difficult to
substantiate:
“….with the huge amount of potential
data flowing in and out of a cloud,
how do you identify individual users
of individual services provided by a
transient host image, particularly when
they make expert efforts to cover their
tracks? And what if the owner of the
image decides to engage in malicious
behaviour, through the host server
image, from a third IP address, and
then claim someone must have stolen
their password or key pair to the
image”?
Further forensic issues concern the
potential effect the cloud services could
have on the digital data itself and how
the forensic examiner can explain, in
a creditable manner, all these real and
potential indiscretions to the court.
Many forensic examiners recognize
that “there is no foolproof, universal
method for extracting evidence in an
admissible fashion from cloud-based
applications”, and in some cases, very
little evidence is available to extract.
As such, cloud computing represents
just one of the fast-paced technological
developments that is presenting an
ongoing challenge to legislators, law
enforcement officials, and computer
forensic analysts. Or stated another
way, the challenge for forensic
examiners and law enforcement is
to determine the “who, what, when,
where, how, and why” of cloud-based
criminal activity.
A new generation of e-discovery
tools may help ease some of the pain
associated with cloud forensics. And,
we are likely to see the rise of a new
class of professionals specializing in
Cloud Forensics in the years to come.
REFERENCES
(1) http:/www.csrc.nist.gov/
(2) Cloud Security Alliance (2009). Security guidance for critical areas of focus in cloud computing V2.1.
* Inspector, CBI Academy, Ghaziabad.
16 CBI Bulletin April - June 2011

The Architecture of Cyber Security
Col. DEBTORU CHATTERJEE*
CYBER Security was born out of the
need to protect message in transit
between two computers (hosts) by
converting the plain text message
into cipher text through encryption
via a device called crypto key which
encrypts the message at the sender’s
end, and decrypts the same message
at the receiver’s end. It ensures the
confidentiality of the message from
peeping Toms, the authenticity of the
message (message could have been
written by no one other than the
sender) and the integrity of the message
by resistance to attempts to modify its
contents. Commercial Crypto products
generally are packed within or between
three layers of commercial networking
software. The three broad networking
softwares are ; (a) Application
software like the World Wide Web,
e-mail packages and File Transfer
Protocol (FTP); the Network Protocol
Stack layer comprising products and
protocols like TCP/IP; and finally the
bottom layer comprising peripheral
devices like Ethernet or token ring.
The Application software which is
the top most layer of the commercial
networking software interoperates with
the Networks Protocol Stack through
a cryptographic interface called the
Security Socket Layer. The network
software which is installed into the
host computer’s operating system in
turn interacts with data link devices
via a device driver. Typical data link
devices are Broadband or Modems
connected to tele lines, Asynchronous
Transfer Mode (ATM) and Integrated
Services Digital Network (ISDN).
INTERNET TECHNOLOGY
Internet Technology works on the
principle of each routing host computer
forwarding a data packet to the next
closer network if the destination
computer is not on an already directly
attached network. When a host
computer receives a data packet, the
packet is directed at one of the host’s
application (mentioned above) or else
the data packet uses the host as a
router and “hops” through the router
on the way to its real destination. In
the latter case, the Network Protocol
Stack, i.e. TCP/IP software redirects
the data packet to the device driver
(the data link mentioned as the third
layer) and if the packet is destined
for a local destination on the host it
is passed upward to the application
software layer through the host’s
transport software.
CYBER CRIMINALS
The explosive growth of the internet
has given rise however to four types
of cyber criminals. The first is Shyam
the Forger. His work is very easy if
he can intercept unprotected plain
text messages between two host
computers. The second type of
criminal is Peeping Kasturi. If he has
installed password sniffing software
into a major internet routing host or a
server hosting a commercial website,
that offending software can collect
passwords of internet users that can
give the offender access to protected
information. The third category of the
cyber criminal is the Play-It-Again Tom,
a criminal who intercepts messages
of value and simply replays them to
the recipients. For instance, he might
intercept a “Pay Rs. 100/-“message
from ‘X’ to ‘Y’ and replay it a few
times yielding multiple unintended
payments. The fourth type of criminal
is Hari the Switcher who intercepts a
message from ‘X’ to ‘Y’ and changes
the amount from Rs. 100/- to Rs. 900/-
before forwarding it to ‘Y’.
To take care of these four basic
types of Cyber Crimes, the following
internet crypto techniques have
been adopted and even codified by
Law Enforcement Agencies of some
Governments. The US Government,
for instance, has codified their cyber
communication security guidelines in
a book called the Orange book. All
cyber security solutions basically fall
into the following broad categories:
(i) Point-to-point-link encryption:
This creates a fully isolated connection
between two communicating
computers by applying encryption to
the data link. This yields the highest
level of security as the host computer
has no connections outside the site’s
physical boundary except through
an encryptor. The encryptor has two
separate interfaces, one for plain text
and one for cipher text. Each host
computer data link is connected to
the plain text port of the encryptor.
Data entering through this plaintext
interface is always encrypted and
then sent out to the cipher text port
of the encryptor which in turn is
connected to the modem or bridge.
CBI Bulletin April - June 201117

The safest arrangement provides that
the encryptor cannot be bypassed
in any manner thus ensuring that
only encrypted data leaves the site.
However, the encryption takes place
outside the host’s computer while
retaining compatibility with the existing
applications.
(ii) IP link encryption: This is similar to
the point to point encryption except that
while in link to link encryption, crypto
is applied only to a pair of computers,
in this case crypto techniques can be
applied to a whole network of host
computers who can have no access
to another network except through an
inline encryptor. However, the benefit
of additional hosts is somewhat offset
by the ambiguity in the origination of
the messages due to more than one
computer being linked to the same
encryptor. Nonetheless, we can at least
pinpoint that messages originated from
people with authorized physical access
to the network. At the destination site,
an internet protocol router is placed
between the host computer and the
encryptor to guide the decrypted
messages to the destination host and
hence the IP routing data is decrypted
by the encryptor at the destination
site. The encryptor at the sender’s
end encrypts all portions of the packet
except the data link header of the
destination site which remains in plain
text. In the IP link encryption system
described above it thus becomes very
important to ensure that there is no
back door connection to the protected
network that might allow plain text
unencrypted messages to leave or
arrive at the network.
(iii) Virtual Private Network (VPN):
The Virtual Private Network uses
the internet to carry traffic between
trusted sites with the crypto keys being
applied to the TCP/IP layer mentioned
above. The stronger security version
of this form of security deployment
uses encrypting routers that does not
provide the client site with access
to unauthorized internet sites. A
weaker version of VPN deployment
uses encrypting firewalls instead of
encrypting routers. The firewalls
encrypt all traffic between authorized
sites but provide controlled access
to unauthorized networks as well.
In this technology, the IP Security
Protocol (IPSEC) encrypts the data
contained in each packet along with
the information in the Transport and
Application Headers of each packet
but the address information under the
Internet Header besides that under the
Data Link Header has to be in plain
text since IP routers deliver encrypted
IPSEC messages to the destination
host. IPSEC protection is applied
above the internet protocol routing
software and below the application
software. IP Routers ignore the extra
IPSEC headers and applications
never see the IPSEC crypto services.
Thus encryption takes place between
the application and transport layers
above it and the internet and data link
layers below it. The IPSEC protocol
defines two optional packet headers
to ensure privacy and provide for
forgery detection for each packet. A
packet may contain one or both IPSEC
headers, namely, the Authentication
Header (AH) and the Encapsulating
Security Payload (ESP). The AH
contains a cryptographic checksum
to authenticate the fact that the
packet contents were not changed.
A checksum is a computational
procedure with an answer which
depends upon the contents of the block
of data contained in the data packet.
The sender computes the checksum
of the data being sent and encrypts
it by using a secret key. The recipient
can verify the message’s integrity by
re-computing the checksum using the
same secret key transmitted by the
sender to the recipient by some secure
means. The encrypted checksum
must match the value sent with the
message. Forgers cannot compute valid
checksums without the secret key. The
cryptographic checksum can defeat a
forgery attempt by using the secret key
when computing the checksum value.
For instance we would use an Advance
Encryption Standard Algorithm with a
secret key to encrypt a message’s 64
bits checksum. The receiving host
would then take the result of the
checksum of the received plain text
data, encrypt it using the same secret
key and compare the result with the
encrypted checksum in the message. It
should be noted that unlike encryption,
this crypto technique does not hide a
message content which is transmitted
in plain text but will also not allow
a forger to modify the text since he
will not be able to reproduce exactly
the same checksum with a different
text message as he would not have
the secret key to reproduce exactly
the same value as the encrypted
checksum.
Under the above crypto technique,
secret keying provides no protection
if we get the same checksum value
for two different messages. To protect
against this possibility we use what
are called one way hash functions.
Under this scheme, the data being
sent is combined with the secret key
value and a check value called the
hash value is computed over both.
The sender then sends the message
data plus the hashed value which the
recipient re-computes using the same
secret key to validate the hash value.
There are sophisticated methods
of implementation of the above
procedure involving computation of a
hash value for the IPSEC authentication
header into which we need not enter
here. The VPN can also employ a
technology called proxy cryptography
in which IPSEC is employed in a proxy
mode so that the message traffic of
several hosts is all funneled through
a single encrypting host (the proxy)
before it traverses a potentially hostile
network like the public internet.
The destination site may likewise
be guarded by a proxy where IPSEC
18 CBI Bulletin April - June 2011

headers are validated and removed.
The message is then forwarded
unprotected to the destination
computer. Since IPSEC crypto does
not affect the routing information in
an IP header, the internet can route its
traffic as effectively as any unprotected
traffic.
How do classic internet attacks get
blocked when we apply the Virtual
Private Network with IPSEC security
protocols? The four typical internet
attacks are:
(1) Password sniffing: In the case of
password sniffing, a typical password
sniffer programme tries to collect
the first 100 or so bits of information
transmitted on any connection
passing through the host. Thus, such
programmes often manage to intercept
the login names and password
used to connect various hosts. The
Encapsulating Security Payload (ESP),
which encrypts the data contents of
the rest of the data packet apart from
the authentication header, can protect
against this disclosure of passwords
while it is travelling across untrusted
networks.
(2) IP Spoofing: Another form of attack
against which the IPSEC protocol
guarantees security is IP spoofing
in which the attacker’s messages or
websites come from a masquerading
host aping a genuine one. The pretence
does not work because the attacking
host would not have the necessary
shared secret key to generate the
correct keyed value that the receiving
host computer would first seek to
validate before going into session with
the sender host.
(3) Internet Hijacking: Similarly
internet protocol hijacking is not
possible when using IPSEC encrypting
router to guard the Virtual Private
Network. In IP hijacking an active and
authenticated connection between two
computer hosts is disrupted and the
attacker jumps into seat of the one of
the hosts and continues to masquerade
as the host who was cut off from the
connection. An IPSEC encrypting
router guarding our host computer,
which is thus being attempted to be
fooled, would, however, immediately
unmask the imposter host computer
since it would receive data packets
without the valid hash value contained
in the authentication header of each
data packet as valid packets can
only come from a host that has the
necessary secret key to generate the
correct hash value.
(4) SYN Flooding: A final internet
threat to an internet host computer
is from SYN flooding, which was first
demonstrated against a large Internet
Service Providers (ISP) way back in
1996. The web server of the Internet
Service Provider had to be shut
down as attackers sent a TCP “SYN
message”, requesting for a internet
connection, but never responded
with the final message necessary to
establish the connection fully. TCP
software normally leaves such semi
open connections around for a few
minutes, hoping that the connection
would be completed soon; meanwhile
the attackers send additional SYN
messages with varying, forged host
computer addresses, each appearing
to request its own connection. This
uses up the available connections
faster than the host can recover
them. With all incoming connections
thus exhausted, the internet service
provider host is forced to refuse
connection requests from legitimate
users. IPSEC however, blocks this kind
of attack since each TCP SYN message
must have a legitimate AH with a
valid cryptographic checksum which
attackers cannot create from random
hosts as they cannot produce legitimate
AH from different random hosts with
different secret keys acceptable to the
targeted web server or client.
Even if an SYN attack was mounted
by replaying authentic SYN messages
intercepted during a normal operation,
this could be invalidated by a site
that periodically rekeyed (adopted a
new secret key value) for its security
parameter index associations.
(iv) World Wide Web service with
Secure Socket Layer (SSL protocol):
This applies crypto services using the
SSL protocol. The protocol is integrated
into the application software packages
for web clients and servers and protects
data transfer between the two. When
two hosts first start communicating
with SSL, the initial message consists of
a special handshake protocol, which
establishes the crypto algorithm and
the keys to be used. The SSL is designed
to work between one host behaving as
a client and the other behaving as a
server. The SSL protocol consists of a
record protocol, which indicates the
encryption and integrity protection
being applied to the data and a
handshake protocol that negotiates the
use of new crypto algorithm and keys
between the communicating client
and server. In the basic handshake
protocol one of the two hosts, say the
server sends his other communicating
host, the client, the former’s “Public
key” embedded in a signed certificate
issued by a certifying authority. The
client now generates a secret key
using some technology like a Pseudo
Random Generator Number, uses the
server’s “Public key” to encrypt this
secret key and sends this encrypted
secret key back to the server in what
is called a “Client key exchange
message”. The server now replies by
sending a finished message, which
amounts to acknowledging that the
secret key duly encrypted has been
received by the server. The server
extracts the secret key by decrypting the
encrypted secret using what is called
the server’s “Private key”. In Public
Key Encryption (PKE) terminology, an
entity shares his public key, which is
an enciphering or deciphering value
with his correspondents, while he
retains a corresponding private key
CBI Bulletin April - June 201119

as his own well-guarded secret. A
message encrypted with the public
key can only be decrypted at the other
end by its corresponding private key
and similarly, a message encrypted at
one end with a private key can only
be decrypted at the other end using
the corresponding public key. The
Diffie-Hellman and the Rivest-Shamir-
Adelman (RSA), particularly the latter
are the two leading algorithms used to
generate such public-private key pairs
for implementing this technology. This
asymmetric key generation technology
has gained wide currency over the
secret key technology (which is also
called the symmetric key technology).
The reason is that for the secret key
technology the number of shared
secret keys required to be generated
between each pair of communicating
computers rise exponentially as more
and more computers are added to
an ever-expanding internet. In the
PKE system, however, every holder
of private key needs to only share
his single public key with all other
communicating hosts as the public key
is not required to be kept as a secret.
This drastically reduces the number
of the keys required for encryption
and decryption and is the bedrock on
which sensitive as well as commercially
valuable information like account
numbers would be transmitted over
the internet.
The public key-private key pair having
thus been used to transmit the secret
key between the client and the server,
the data transmitted between the two
would now be encrypted and hashed
with the secret key value and the
recipient would treat it as a fatal error
if a message arrived with an invalid
hash. The secret key can also be used
to encrypt the plaintext of an email
message generated by an email client
since most web browsers like the
Microsoft Explorer incorporate SSL as
a feature.
The public key infrastructure cannot
function without every public key
holding entity being certified to be
the authentic holder of the public key,
which he claims to be his own. Such a
public key certificate thus contains a
name along with his entitled public key
duly certified by a certifying authority,
through the latter’s digital signature.
This is a hash value encrypted with the
certifying authority’s private key. The
hash value is computed over the name
of the public key holder and his public
key value.
The digital signature of the certifying
authority is decrypted using the
certifying authority’s public key
yielding the hash value, which must
match with the hash value computed
over the name and public key value of
the certificate. This, in turn, requires
that the certifying authority’s public
keys be shared with all those users,
who would like to authenticate the
public key values of those who seek to
correspond with them.
The value of public key certificates
stems from the fact that an imposter
cannot pose as the genuine holder
of public key that actually belongs to
someone else and thus stage manin-the-middle
attacks between two
communicating computers. For, if
the one of the two hosts claims to be
legitimate holder of a certain public
key, this could be checked against the
name entered in the digital certificate.
NATIONAL SECURITY
While message security and indeed
the whole story of Cyber Security thus
turns on the encryption algorithm
and crypto devices available, it must
be remembered that most of these
crypto devices vended by foreign firms
are required to observe limitations
in the encryption devices, such as
the key length for example, without
compliance with which export licence
would not be available to them from
their respective Governments. The US
Government, for instance, requires an
upper limit of 40 bits of secret key value
to be adhered to although the length
of its own secret keys for encrypting
its own official cyber text messages
is 128 bits. These limitations have
been adopted to enable such foreign
Governments to eves drop on the
encrypted traffic of the buyers of cyber
crypto products of these countries.
India thus needs to focus its energies on
developing its own in-house hardware
and software crypto devices to protect
its official and unofficial cyber traffic
from unauthorized interception. It is a
question of National Security.
*The author is a 1994 batch Indian Postal Service Officer, currently a Director, Army Postal Service. He has also served
earlier as Assistant Director, Intelligence Bureau.
20 CBI Bulletin April - June 2011

Hon’ble Prime Minister Dr. Manmohan Singh, inaugurating the new CBI Headquarters on 30th April, 2011
Dr Mammohan Singh, Hon’ble Prime Minister, inaugurating the new CBI Headquarter. Shri V. Narayansamy, MoS (PP) and
Shri Amar Pratap Singh, Director, CBI are also present
CBI Bulletin April - June 201121

Shri Amar Pratap Singh, Director, CBI, welcoming Shri P. Chidambaram,
Union Home Minister on the occasion of inauguration of the new CBI Headquarters
Shri Amar Pratap Singh, Director, CBI, welcoming Shri M. Veerappa Moily, Union Minister (Law & Justice)
22 CBI Bulletin April - June 2011

Hon’ble Prime Minsiter Dr Manmohan Singh, visits the CBI Gallery at CBI Headquarters on 30th April 2011. Accompanying him are
Shri V. Narayanasamy, MoS (PP), Shri Amar Pratap Singh, Director, CBI & others
Hon’ble Prime Minister Dr. Manmohan Singh looks at Milestones in the growth of CBI over the decades
CBI Bulletin April - June 201123

Dr. Manmohan Singh, Hon'ble Prime Minister of India at the CBI Gallery along with Shri Amar Pratap Singh, Director,
CBI and Shri V.K. Gupta, Additional Director, CBI
Raja Vijay Karan, former Director CBI with Shri Amar Pratap Singh, Director, CBI
24 CBI Bulletin April - June 2011

A view of the CBI Gallery at the new CBI Headquarters, New Delhi
CBI Bulletin April - June 201125

26 CBI Bulletin April - June 2011
A view of CBI Gallery at the new CBI Headquarters, New Delhi

Hon’ble Prime Minister Dr. Manmohan Singh, addressing the gathering at the new CBI Headquarters on 30th April, 2011
Shri Amar Pratap Singh, Director, CBI addressing at the Inaugural Ceremony
CBI Bulletin April - June 201127

Shri Amar Pratap Singh, Director CBI, presenting the memento to the Hon’ble Prime Minister Dr. Manmohan Singh. Shri P.
Chidambaram, Union Home Minister and Dr. Veerappa Moily, Union Minister of Law and Justice are also present.
Ladies at the Inaugural Ceremony
28 CBI Bulletin April - June 2011

Hon’ble Prime Minister Dr. Manmohan Singh, recording his views in the Visitor’s Book at CBI Lounge on 30th April, 2011
Hon’ble Prime Minister Dr. Manmohan Singh, Shri V. Narayanasamy, MoS (PP), Smt. Alka Sirohi, Secretary (P&Tl), Shri T.K.A. Nair,
Principal Secretary to PM, Shri Amar Pratap Singh, Director, CBI and Shri V.K. Gupta, Additional Director, CBI, along with the recipients
of the President’s Police Medal for Distinguished Service
CBI Bulletin April - June 201129

Shri. T.K.A. Nair, Principal Secretary to PM at the CBI Gallery along with Shri Amar Pratap Singh, Director, CBI and Shri V.K. Gupta,
Additional Director, CBI
The Hon’ble Prime Minister meeting Joint Directors of CBI
30 CBI Bulletin April - June 2011

Hon’ble Prime Minister Dr. Manmohan Singh, giving the President's Police Medal for Distinguished Services to Shri A.K. Pateria, Joint
Director (Policy), CBI on 30th April, 2011
Hon’ble Prime Minister Dr. Manmohan Singh, giving the President's Police Medal for Distinguished Services to Shri O.P. Galhotra,
Joint Director (EO), CBI on 30th April, 2011
CBI Bulletin April - June 201131

Mr. Louis Freeh, former Director, FBI, USA at CBI HQ New Delhi on 18th May, 2011 along with Dr. R.K. Raghavan, former Director,
CBI, Shri Amar Pratap Singh, Director, CBI, Shri Balwinder Singh, Special Director CBI and Shri V.K. Gupta, Additional Director, CBI
Sub-Inspector (Cadets) of 14th batch of CBI taking Oath during the Investiture Ceremony at the CBI Academy,
Ghaziabad on 7th May, 2011
32 CBI Bulletin April - June 2011

Shri Amar Pratap Singh, Director, CBI and other senior officers during the Investiture Ceremony
Shri Amar Pratap Singh, Director, CBI, giving away the Certificate for ‘All Round Best’ to Shri Homi Garg, SI (Cadet) during the
Investiture Ceremony
CBI Bulletin April - June 201133

Director, CBI, interacting with the passing out Sub-Inspectors after their Investiture Ceremony
Shri Amar Pratap Singh, Director, CBI at the foundation stone laying ceremony of the 2nd Phase Construction of CBI Academy at
Ghaziabad on 7th May 2011
34 CBI Bulletin April - June 2011

Shri R. K. Tandon, Joint Director, CBI, welcoming Shri Amar Pratap Singh, Director, CBI, on the occasion of the foundation stone laying
ceremony of the 2nd phase construction of the Academy
Shri Amar Pratap Singh, Director, CBI, interacting with the CBI officials and their family members during his visit to CBI Colony at Vasant
Vihar, New Delhi on 21st May, 2011
CBI Bulletin April - June 201135

Shri Amar Pratap Singh, Director, CBI, Shri Balwinder Singh, Special Director, CBI, Shri V.K. Gupta, Additional Director, CBI
and other senior officers of CBI, with the Sub-Inspector (Cadets) of 14th batch at CBI Academy.
Shri Amar Pratap Singh, Director, CBI, inaugurating the new CBI Canteen at CBI Headquarters, New Delhi on 6th June, 2011
36 CBI Bulletin April - June 2011

Shri Amar Pratap Singh, Director, CBI, giving memento to the retiring officials of CBI on 30th April, 2011
CBI Bulletin April - June 201137

Shri Amar Pratap Singh, Director, CBI, welcoming Lord Ian Blair, Former Commissioner of Metropolitan Police, London at the 12th D.P.
Kohli Memorial Lecture on 3rd June, 2011 at Vigyan Bhawan, New Delhi
Shri Amar Pratap Singh, Director, CBI, presenting memento to Shri V. Narayanasamy, MoS (PP), on the occasion of 12th D.P. Kohli
Memorial Lecture on 3rd June, 2011 at Vigyan Bhawan, New Delhi
38 CBI Bulletin April - June 2011

Lord Ian Blair, Former Commissioner of Metropolitan Police (Scotland Yard), London delivering the 12th D.P. Kohli Memorial Lecture on
3rd June, 2011 at Vigyan Bhawan, New Delhi
Invitees and delegates on the occasion of 12th D.P. Kohli Memorial Lecture on 3rd June, 2011 at Vigyan Bhawan, New Delhi
CBI Bulletin April - June 201139

Union Minister of State for Personnel & Public Grievances Shri V. Narayanasamy giving the Award of 'Best Detective Constable' of CBI
for the year 2010 to Shri Sarbjit Singh, Constable, CBI, SPE, Port Blair, A&N Island
Recipients of the President's Police Medal for Distinguished Services and Indian Police Medal for Meritorious Services with Shri V.
Narayanasamy, MoS (PP), Smt. Alka Sirohi, Secretary (P&T), Shri Amar Pratap Singh, Director, CBI, Shri Balwinder Singh, Special
Director, CBI and Shri V.K. Gupta, Additional Director, CBI
40 CBI Bulletin April - June 2011

Advancement of Techniques for Forensic
Examination of CDs/DVDs
MUKESH SHARMA* & SHAILENDRA JHA**
Forensic Science is multi-disciplinary subject applied for examining crime scenes and gathering evidence to be used
in prosecution of offenders in the Court of Law. Through this paper, the authors have explained the importance of the
forensic experts in the examination of piracy of multimedia devices like CD/DVD and duplication of the data in the
licensed software available in CD/DVD. In this paper, the process of examination, which is available in literature, expert
analysis and presentation of forensic data to relevant security agencies or authorities or Courts of Law, on computer
and digital assets (CD/DVD/CD-ROM/hard drive) has been reported. First time a standard procedure for examination of
compact disc devices for the forensic experts has also been reported.
Keywords: Forensic Technology, Cyber Forensic, CD-DVD Examination.
INTRODUCTION
BY definition, technology is dynamic,
and in many ways, technology
dictates advances in forensic science.
For forensic professionals, with
expertise and technological knowhow
in the application of analytical
and investigative techniques for
conducting liturgical and non-liturgical
investigations, examinations, analysis,
interpretation, evidence preservation
of electronic data, presentation of
comprehensive reports on specific
activities. 1
Our forensics services includes systems,
to extract relevant files of computing
and digital activities that require
investigations, examinations, analysis,
risk preventions and mitigation,
as well as fraud control measures.
Computer crime, fraud, disaster and
risk programming to compromise
business processes, have become
very pervasive on the internet, web,
computer system, network servers,
single-user PC (laptops, desktops, etc)
and digital devices (mobile phones,
PDA, printer, fax machines, I-pods,
etc.), and as forensic specialists.
encoded media or physical storage
(files, notepads, documentations,
peripherals, visual outputs, electronic
storage media like CD and DVD,
etc.) and to help in the detection and
mitigation of risk protection, defence
of corporate assets and reputation,
recovering of files/data/information
from intentionally damaged media.
2-3
Through this paper, the authors
have tried to develop a standard
methodology, in examination of
CD and DVD, which is the biggest
problems from Indian point of view,
as the pirated/duplicity of the Original
software/Video Film in CD or DVD
format/Audio CD/MP3/Audio and
Video DVD. In Figure1, the historical
development of the Compact Disc and
DVD is shown, which provide the idea
about the development of the audio/
video/Photo in terms of their format
in computer based technology. 4 The
difference at a glance in the DVD and
The investigation, identification,
extraction, examination, analyses,
documentation and preservation
of computing and digital evidence,
in a admissible, electronically
Figure 1: The history of development of the Optical CD/DVD [Ref. (3)].
CBI Bulletin April - June 201141

CD has not been observed but when
one examined these devices under
specific microscope, one can easily
differentiate on the basis of track pitch
and pit length, as shown in Figure 2.
disc, the following areas are illustrated
in Figure 3
The CD standard has specific
measurements for all of these areas;
approximately 99 percent of CDs
(manufactured or recordable) meet
these standards. DVD measurements
are similar to those for CDs and are
considered identical.
FIGURE. 2: The microscopically view of the
CD and DVD [Ref. (4).
The basic physical and specification
based differences have also been
summarized in Table 1, as ready
reference for reader.
TABLE 1: Physical difference in CD
and DVD
Properties
CD-ROM/
CD-RAM
D V D -
ROM
Thickness 1.2 mm 1.2 mm
Diameter 12 cm 12 cm
Pit length
(Min)
(Max)
Track
Pitch
Data
Capacity
0.83
micrometer
(cm)
0.4
micrometer
(cm)
3.04 cm 1.87 cm
1.6 cm 0.74 cm
0.68 GB 4.7 GB
METHODOLOGY
(i) Physical examination:
There are a number of distinct areas on
the surface of a CD or DVD. Moving
from the inside to the outside of the
Figure 3: CD/DVD physical construction is
shown:
1. Spindle hole;
2. Clamping ring;
3. Stacking ring;
4. Mirror band;
5. Beginning of data area;
6. End of data area, slightly inside the
outer edge of the disc.
TABLE 2: Some dyes with their visible characteristics
Name of the Dye Colour Colour under
gold reflector
The stacking ring is used to keep the
surfaces of discs separate when stacked
on a spindle. Without the stacking ring,
the lacquer surface of one disc would
adhere to the polycarbonate surface of
the one above it. This is especially true
in high-humidity environments. The
stacking ring and proper alignment
of stacked discs is important for
transporting discs.
The original development of CD-R
discs required a bi-stable dye that
could be changed from transparent to
opaque by a laser. The term “organic”
in this case refers to the use of chains
of carbon and hydrogen atoms in
the dye.5 In Table 2, the summary
of the types of dyes and their visible
characteristics observed as CD-R.
Colour under silver
reflector
Cyanine Blue Green Green/Blue
Phthalocyanine Transparent Gold Silver
Formazan Light Green Green/Gold Not available
Azo (Ay-Zo) Dark Blue Dark Green Deep Blue
CDs and DVDs consist of the same
basic materials and layers, but are
manufactured differently. A DVD
is actually like two thin CDs glued
together. A CD is read from and
written to (by laser) on one side only;
a DVD can be read from or written
to on one or both sides, depending
on how the disc was manufactured.
Recordable DVDs (DVD-R, DVD-
RW, DVD-RAM) can be manufactured
with one re-cording layer on each
side. Prerecorded DVDs (DVD-ROM)
can be manufactured with one or two
recorded layers on each side.
The polycarbonate substrate makes
up most of the disc, including the area
that is read by the laser (opposite the
label side on CDs). It is present on
both sides of a DVD, even a “singlesided”
disc with a label on one side.
This substrate provides the disc depth
necessary to maintain laser focus on
the metal and data layers. Accordingly,
42 CBI Bulletin April - June 2011

fin¬gerprints, smudges, or scratches,
as well as such substances as dirt,
dust, solvents, and excessive moisture
(which polycarbonate will absorb), can
interfere with the ability of the laser to
read the data.6 Contact of any foreign
material with the polycarbonate
substrate layer should be avoided.
As its name implies, the data layer
of CDs and DVDs is the layer that
contains the data. The data appear as
marks or pits that either absorb light
from the laser beam, or transmit the
light back to the laser pho¬to-sensor
by way of the metal reflective layer.
In CDs, the data and metal layers are
very close to the top of the disc (label
side); in DVDs, they are in the middle
of the disc. The types of data and
metal layers used depend on the type
of disc-read-only (ROM), write-once
(R), or rewritable (RW, RAM).7 Table
3, shows the relation¬ship between
the data and metal layers and the disc
type and basic layers.
(ii) Digital Data examination
with specification and
characteristic:
When the comparison in the terms of
the digital data and format is discuss for
a forensic point of view, DVD-Video
can be summarized as high-quality
pictures, high quality sound, and
multiple playback functions, which
are made possible by its large storage
capacity and digital signal processing.
TABLE 3: Relation between layers of CD-ROM, CD-RW, DVD-ROM and
DVD-RW
Layer CD-ROM CD-RW DVD-ROM (with
two recorded
layer)
1. Label,
Optional
Label,
Optional
Label, Optional
(hub area only)
DVD-RW
Label,
Optional (hub
area only)
2. Lacquer Lacquer Polycarbonate Polycarbonate
3. Metal Al (also
Si, Au, or Ag)
Metal (Al) Metal (fully
reflective) Al (also
Centre
Adhesives
Si, Au, or Ag)
4. Polycarbonate Recording/
Writing layer
Centre Adhesives Metal (Al)
5. - Polycarbonate Metal (Semireflective)
Recording/
Writing layer
6. - - Polycarbonate Polycarbonate
Date Molded
Moulded
Layer
Phase
changing
metal alloys
films
In terms of picture quality, high-quality
images have been realized with
500TV-line resolution, better than
either laserdisc or CD-Video. The most
remarkable feature of DVD-Video is
that it offers both the highest picture
quality of home video media and the
capability to record an entire movie,
which requires a long recording time,
all available on a single disc the same
size as a CD. A simple comparison
between the audio and video format
of CD and DVD are summarized in
Table 4 (a) and (b).
Phase
changing
metal alloys
films
For forensic purposes, from Table 1
to Table 4 (a-b), one can easily trace
out the format and specification of the
CD/DVD, which is to be used or being
used for piracy violation purposes. It
is generally assumed in forensic that
if Apple extensions are not present, a
Macintosh user programmes did not
create the disc. An exception to this is
some OS X programmes that operate
at the “native” BSD level. In any
event, these would not be considered
ordinary Macintosh user programmes.
TABLE 4 (a): Audio Format specifications of CD and DVD
SL. No. Specification CD DVD
1. Audio Stereo MPEG Dolby Digital Linear PCM
8 Streams max.
2. Audio System MPEG1 layer 2 MPEG Dolby Digital Dolby Digital
3. Audio bit rate 224 kbps (fixed) max. 912 kbps max. 448 kbps (per stream) max. 6.144 Mbps
(per stream)
4. Number of 2 ch only max 7.1 ch. /stream max 5.1 ch. /stream max 8 ch. /stream
channels
CBI Bulletin April - June 201143

TABLE 4 (b): Video Format specifications of CD and DVD
SL. No. Specification CD DVD
1. Video compression system MPEG 1 MPEG 2
2. Resolution (in pixels) in the case of PAL, DVD-Video is
not compatible with the high definition system.
352 x 286 pixels 720 x 576 pixels
3. Video Bit rate 1.15 Mbps (fixed) 9.8 Mbps, max.(variable)
4. Compression Ratio 1/140 1/40
5. Horizontal resolution Aapprox. 250 TV
lines (same as VHS)
Approx. 500 TV lines
For forensic examiners, it must be
clarified that while files can be deleted
on write-once media, the actual
file is not deleted; it just drops from
the directory structure. Given the
potentially fragmented nature of files,
it is not a simple matter to use a datacarving
tool for these purposes.
(iii) Software based
examination:
There are several alternatives for
collecting evidence from CDs and
DVDs. Unfortunately, most forensic
software does a poor job, either
because it is based strictly on Microsoft
Windows capabilities and Microsoft
Windows file system implementations,
or because it has limited support for
CD and DVD file systems.
The Access Data Forensic Tool Kit (FTK)
product has an imaging component
(derived from the shareware
ISOBuster product) that does a good
job of collecting data from CDs and
DVDs with any of the commonly
supported file systems.8, but useful
for the examination of pirated files
examination.
some capabilities beyond EnCase in
its native form, but does not support
all CD and DVD file systems correctly,
nor can it deal with UDF discs that
have logical errors.
In general, they only support ISO
9660 and various extensions, such as
Joliet. InfinaDyne’s CD/DVD Inspector
can be used with both EnCase and
FTK to collect evidence from CDs and
DVDs. Statistics of last five years case,
which are registered under Piracy
and Duplication Act in the Physics
Division, SFSL (Rajasthan), is plotted
in Figure 4.
From Figure 4, it is clearly seen that
the piracy and duplication of the
softwares, Audio/Video CD/DVD
is increasing year by year, so the
forensic experts have to be aware of
the developing technology in the CD/
DVD and computer technology.
DISCUSSIONS
Digital forensic evidence like CD/DVD
are usually latent, in that it can only be
seen by the Trier of fact at the desired
level of detail through the use of tools
on these exhibits. In order for tools to
be properly applied to a legal standard,
it is normally required that the forensic
expert, who use these tools properly,
apply their scientific knowledge, skill,
experience, training, and/or education
to use a methodology that is reliable
to within defined standards, to show
FIGURE 4: Curve plotted year from 2003 - 2008 versus number of cases registered
in Physics Division, SFSL, Jaipur related to computer-based crime
The Guidance Software EnCase
product9 has minimal support for
CDs and DVDs, but can utilize the
InfinaDyne CD/DVD Inspector
product to process discs that it does
not directly support for Indian point
of view.
The ‘I Look Investigator product’ has
44 CBI Bulletin April - June 2011

the history, pedigree, and reliability of
the tools. Three goals can be extracted
from this are that –
(i)one can prepare himself to examine
CD/DVD, also ensure the integrity of
the field of computer forensics;
(ii)by pursuing an understanding of
traditional techniques, one can more
effectively apply this techniques
proposed in this paper; and
(iii) overall, one must provide a
thoughtful analysis based on the
Scientific Method and Scientific
Instruments. Non-experts can
introduce and make statement about
evidence to the extent that they can
clarify non-scientific issues by stating
what they observed. This paper is a call
for standardization and certification
for the computer forensics field of CD/
DVD examinations.
However, Figure 4 statistics, at a
national level is important in order
to assess the impact that this type of
crime has on society. Governments
and the police community rely on
this information to help them enforce
policies and procedures as well as
allocating resources to investigate and
prevent the incidence of piracy and
duplication activities in India.
Acknowledgement
The authors are very much thankful
to the Director, State Forensic Science
Laboratory for providing the research
environment in the Lab. Dr. Sharma
is also very grateful to Prof. Terrence
O’Connor (Prof. Perdue University,
USA) and D.W. Clemens (Editor-in-
Chief for Crime & Clue Magazine)
for their fruitful discussions. Partial
work of this article has been accepted
for presentation at International
Symposium on Recent Trends in
Forensic Sciences, During 22nd – 24th
February, 2010 Panjabi University,
Patiala, Punjab.
References
(1) Kerr, Orin, Computer Crime and the Coming Revolution in Criminal Procedure, Yale Law School, 2004.
(2) Mack, Mary, Electronic Discovery v. Computer Forensics, New Jersey Law Journal, 20th October, 2003.
(3) http://www.cybercrime.gov.
This site contains a list of current and past select cases by the US DOJ on computer crimes. It is important to note the
amount of cases where the indicted person pled guilty.
(4) A Hardware Based Memory Acquisition Procedure for Digital Investigations — Carrier and Grand, Digital Investigation
Journal, Feb 2004, Elsevier Science, UK.
(5) The Computer Forensics Tool Testing (CFT). Nist, collection of papers, http://www.cftt.nist.gov/.
(6) http://www.cd-info.com/CDIC/Technology/CD-R/Labeling/
(7) Cochrane, Katherine (1998). Recordable CD and DVD for Archiving.
Microscopy Today No. 98 - 10 ; also Imation, 2002. Handle with Care: Making Your CD-R & CD-RW Media Last.
http://www.imation.com/assets/en_US_Assets/PDF/IMN_CDcare.pdf.
(8) Access Data Forensic Tool Kit (FTK) www.accessdata.com
(9) Guidance Software (EnCase) http://www.encase.com
* The author is SSO, In-charge, Mobile Forensic Science Unit, Pratapgarh.
** The author is Assistant Director, Physics Division, State Forensic Science Laboratory, Jaipur.
CBI Bulletin April - June 201145

New Building of CBI Head Office
THE journey from Special Staff (SS) to
Special Police Section (SPS) to Special
Police Establishment (SPE) to Delhi
Special Police Establishment (DSPE)
to the Central Bureau of Investigation
(CBI) is very long. The Special Staff
had, to begin with, 12 officers and
24 other ranks on its rolls in 1941,
posted at Delhi, Lahore, Ferozpur,
Rawalpindi, Karachi and Quetta, with
Headquarters at 69, The Mall, Lahore
(now in Pakistan).
In view of the fast-changing political
scenario around, the headquarters
of the DSPE were also shifted from
Lahore to New Delhi, where the
building of CBI Head Office also kept
changing from one place to another.
R.K. Puram, Sardar Patel Bhawan,
CGO Complex are a few names of
such places.
With the increase in the strength of
officers and other ranks of CBI rose to
over 6500, in New Delhi alone, CBI
had to accommodate them at various
places. Apart from two blocks in
CGO Complex, Lok Nayak Bhawan,
Dalhousie Hutments, North Block,
Yashwant Place are such names. So,
there was a need of a building of its
own for smooth functioning and close
supervision under one roof.
Therefore, a proposal was moved by
CBI to the Government and pursued
very seriously and ultimately a piece of
land measuring 7025.8 sq.m., situated
at 5-B, CGO Complex, Lodhi Road,
New Delhi was purchased from the
Ministry of Urban Development at a
total cost of Rs. 3.12 crore in March
2002 and possession of the said land
was taken on 16th September, 2002.
A proposal for construction of office
complex at a total cost of Rs. 137.72
crore through CPWD was approved by
the Government on 15th December,
2005 in order to keep all the CBI
Delhi based branches under one roof
for better coordination.
The Foundation Stone was laid by the
Hon’ble Prime Minister Dr. Manmohan
Singh on 18th January, 2006.
Government sanction for construction
of CBI Office Complex through NBCC
instead of CPWD was received on 6th
November, 2006 at the estimated cost
of Rs. 137.72 crore, which was revised
to Rs. 181.79 crore due to revision
of DPAR 2007 and approved by the
Government in addition to the cost
of Rs. 4,30,92,832/- towards Green
Building Norms. Total cost comes to
Rs. 186.10 crore.
Memorandum of Understanding
(MoU) was signed on 13th April, 2007
between CBI & NBCC to complete the
building within 30 months, i.e. October
2010, which was extended up to 31st
March, 2011 by the Government
based on the recommendations of the
Project Monitoring Team (PMT) headed
by Joint Director (Administration)/CBI
and reasons given by the NBCC.
Ground breaking Ceremony was
done by the then Hon’ble MoS (PP)
Shri Suresh Pachouri on 10th March,
2008.
Hon’ble Prime Minister Dr.
Manmohan Singh inaugurated the
new CBI Headquarters building at
5-B, CGO Complex, Lodhi Road, New
Delhi. Union Home Minister Shri P.
Chidambaram, Union Law Minister
Shri M. Veerappa Moily, Union
Minister for HRD & Telecom Shri Kapil
Sibal & Union Minister of State for
Personnel Shri V. Narayanasamy also
graced the occasion.
Hon’ble Prime Minister unveiled a
Stone at the entrance to the building
and inaugurated the premises by
cutting a ribbon at the reception
lobby.
Hon’ble Prime Minister addressed
the CBI family, former Directors CBI
& Senior Government officials on
the 11th floor of the new building.
Hon’ble Dr. Manmohan Singh hoped
that the new building will provide CBI
officers a congenial and comfortable
habitat to work in.
Addressing the gathering Minister of
State for Personnel Shri V. Narayansamy
said that it is the endeavour of the
Government to provide all necessary
infrastructure to CBI to meet its
professional challenges. The new
CBI building is one step taken by the
Department of Personnel to provide
better working conditions for CBI
personnel.
Shri V. Narayanasamy further said
that proposals for construction of
residential-cum-office complexes for
CBI at Guwahati, Imphal, Pune &
Lucknow have either been approved or
are at advanced stage of finalization.
Director, CBI Shri Amar Pratap
Singh in his address called that this a
momentous occasion as CBI finally
got a home of its own after 70 years.
The Director said that the building
combines aesthetics with conducive
work environment. He hoped that with
46 CBI Bulletin April - June 2011

all CBI offices now in a single location,
daily functioning will be smoothened
and output increased.
The new CBI Headquarters is housed
in an imposing eleven storey building
made of energy-efficient toughened
glass and steel, and brings together all
CBI's Delhi-based Branches under one
roof. This building, constructed by the
NBCC has a distinctive architectural
style and is designed to suit the
functional requirements and workflow
pattern of CBI.
It aims at promoting functional
efficiency and teamwork, with every
branch being allocated a separate
floor and having 'open offices' fitted
with smart modular workstations
in a manner, which maximizes
natural light in the building. Modern
communication systems, advanced
systems for maintaining records, fitted
storage space and computerized
access control are available, along with
provision of add-on facility for new
technology. Interrogation rooms, lockups,
dormitories and Conference Halls
are also provided at various floors.
Hon’ble Prime Minister Dr. Manmohan Singh, inaugurating the new CBI Headquarters
Building at 5-B, CGO Complex, Lodhi Road, New Delhi on 30th April, 2011
The new CBI Headquarters offers to
its staff a large cafeteria, which can
accommodate 500 persons, separate
gyms for men and women, a terrace
garden and a double level basement
parking for about 470 vehicles. An
advanced fire-fighting system, as well
as power back-up is provided. There
is a well-designed Press Briefing
Room and Media Lounge. A Gallery
showcasing the history and landmark
achievements of the CBI is also part
of the building. In short, the new
building stands proud in the heart of
the National Capital.
The front look of the new CBI Headquarters Building
CBI Bulletin April - June 201147

lhchvkbZ cuke Hkz"Vkpkj
vfuy ijk'kj *
,d fnu eSa x;k dgha is]
cqf)eku ,d feyk ogha is
lqu dj vkfQl lhchvkbZ] igys galk fQj cksyk] HkkbZ]
vR;kpkj] Hkz"Vkpkj D;k dj ldrh gS [+kre] lhchvkbZ
igys lkspk fQj eSa cksyk] tSls ?kj ds dkdjksp dk]
isfLVlkbZM ugha bZykt dksbZ
gj grs ;k eghus djrs gksaxs vki lQkbZ
dkdjksp rks fQj ogha gSa] ?kj eSa gksrh cgl clkbZ
lhchvkbZ gks ;k isfLVlkbZM gks] ugha dj ldrs bldks [+kre
Hkz"Vkpkj ;k vR;kpkj dks] dj ok ldrs gSa ysfdu de
eu Hkz"V gSa] fopkj Hkz"V gSa] igys cnyks bldks HkkbZ]
dkyk /ku rqe D;k djksxs] lkFk tk,xh usd dekbZ
fu"dke Hkko ls djks dke dks] le>ks gSa lc HkkbZ HkkbZ
;gh ns'k dh lsok gksxh] lhchvkbZ dh ;gh iqdkj
er djks ;kjks vR;kpkj] er djks ;kjks Hkz"Vkpkj]
rqe Hkh djks ;gh izpkj] fQj gksxh Hkkjr dh 'kku]
fQj gksxk Hkkjr egku
vR;kpkj vkSj Hkz"Vkpkj dks vki vkSj ge gh dj ldrs gSa] [+kre
lhchbZ rks cl djok ldrh bldks de] bldks de
*
fuEu Js.kh fyfid] lhchvkbZ] Hkz"Vkpkj fujks/kd] 'kk[kk] paMhx

In Home News
CBI filed charge-sheet against
nine accused persons and
three private companies
relating to issuance of UAS
Licences & 2G Spectrum
CBI filed a charge-sheet against nine
accused persons and three private
companies in the Court of Special Judge
for CBI Cases, Patiala House Courts, New
Delhi relating to the issuance of new
Unified Access Services Licences and
subsequent allocation of 2G Spectrum.
The investigation relating to the issuance
of new Unified Access Services Licences
and subsequent allocation of 2G Spectrum
during 2008-2009, established commission
of offences punishable u/s 120-B, 420, 468,
471 of IPC & Section 13(2) r/w 13(1)(d) of
the Prevention of Corruption Act, 1988
and substantive offences thereof against the
then Telecom Minister; the then Secretary
(Telecom); the then Private Secretary to
the then Telecom Minister; two Directors
of Mumbai-based private company, who
were also Promoters of a Mumbai-based
private company; Managing Director of
a Gurgaon-based Real Estate Company,
and Group Managing Director & two
Senior Vice Presidents of a Mumbai-based
Telecom Company. Two Mumbai-based
private telecom companies and one
Gurgaon (Haryana)-based private telecom
company also named in the charge-sheet.
CBI registered a case against
seven officials of DDA &
CPWD and a private firm
relating to laying of Synthetic
Outdoor Flat Lawn Bowl
Greens for CWG - 2010
CBI registered a case against seven officials
of DDA & CPWD and one Delhi-based
private firm on the allegations of conspiracy,
cheating and misuse of official position by
the accused to cause undue benefit to the
private firm. The firm provided and laid
Synthetic Outdoor Flat Lawn Bowl Greens
for Commonwealth Games - 2010 at
New Delhi in which the accused officials
of CPWD and DDA allegedly inflated the
cost of the contract from the estimate of
Rs. 6 crore (approx.) to Rs. 9.88 crore
(approx.) by including allegedly false
amounts against its cost, transportation, etc.
Searches conducted at 20 places in Delhi
& Noida, at the offices and residential
premises of the accused officials of
CPWD & DDA as well as the firm and
its Directors, resulted in the recovery
of many incriminating documents.
CBI arrests an Inspector
of CISF for accepting a
bribe of Rs. one lakh
CBI arrested an Inspector of Central
Industrial Security Force (CISF) posted
at 4th Battalion, Naradpura, Jaipur for
demanding and accepting a bribe of
Rs. one lakh from the complainants.
The accused, an Inspector of CISF allegedly
demanded a bribe of Rs. 50,000/- each
from four Constables of CISF, Naradpura,
Jaipur to relieve them from their duties
from CISF after resignation. On negotiation,
the demand was reduced to Rs. 25,000/-
from each of the Constables. A complaint
was lodged with CBI, Jaipur. The CBI
registered a case against the Inspector and
laid a trap. The accused was caught redhanded
while demanding and accepting a
bribe of Rs. one lakh from the Constables.
Searches were also conducted at his present
residence at Jaipur; permanent residence
in District Mau (U.P.) and also at his office
premises at CISF, Naradpura, Jaipur.
CBI arrested an Income
Tax Officer for demanding
& accepting a bribe
of Rs. one lakh
CBI arrested an Income Tax Officer posted
in Ward-1, Warangal (Andhra Pradesh)
for demanding and accepting a bribe
of Rs. one lakh from the complainant.
A case was registered u/s 7 of P.C. Act,
1988 against the Income Tax Officer,
Ward-1, Warangal on the basis of written
complaint lodged by the complainant, a
Civil Surgeon, on the allegation that the
accused demanded an illegal gratification
of Rs.1,00,000/- from the complainant for
doing favour in the matter of assessment
of income tax. A trap was laid and the
accused was caught red-handed while
demanding and accepting a bribe of
Rs. 1,00,000/- from the complainant.
Searches were conducted at five different
places, which led to recovery of expenditure
receipts for establishment of a hotel at
Araku Valley in Visakhapatnam in the name
of his wife and an amount of Rs. 80,000/-.
The accused was produced before the
Special Judge for CBI Cases, Hyderabad
and remanded to Judicial custody.
CBI arrested an Inspector of
Central Bureau of Narcotics
and a private person in a
bribery case of Rs. three lakh
CBI registered a case u/s 120-B of IPC r/w
Section 7, 8 and 10 of the Prevention of
Corruption Act, 1988 on the basis of written
complaint against an Inspector of Central
Bureau of Narcotics, Garoth, District
Mandsore and a private person R/o Village
Shyam Garh, Mandsore. It was alleged that
they had demanded a bribe of Rs. 10 lakh
from the complainant as a motive for not
implicating the complainant in NDPS case
of Central Bureau of Narcotics and removing
his name from the case. After negotiations,
the amount was first reduced to Rs. 8 lakh
and it then further reduced to Rs. 7 lakh.
CBI laid a trap and the private person was
caught red-handed while demanding and
accepting a bribe of Rs. 3 lakh from the
complainant on behalf of Inspector, Central
Bureau of Narcotics, Garoth, District
Mandsore. The Inspector was also arrested.
Searches were conducted at the official
as well as residential premises of the
accused persons. From the residential
premises of accused, an official of
Central Bureau of Narcotics, NDPS
substances have been recovered.
CBI Bulletin April - June 201149

Both the arrested accused were
produced before the Special Judge for
CBI Cases, Indore and were remanded
to Police custody for five days.
CBI registered three cases
against a local Recruiting
Agent; Officers of Protector
of Emigrants and others
relating to illegal human
trafficking of Indian workers
CBI registered three cases against a local
Recruiting Agent (Delhi-based); three
private firms; the then certain officers
of Protector of Emigrants and other
private persons with regard to illegal
human trafficking of Indian workers.
The allegations against local Recruiting Agent
(Delhi-based) are that he and other Agents
in connivance with officials of Protector
of Emigrants based at Delhi, Mumbai and
Chandigarh were obtaining emigration
clearance in respect of unskilled workers
on the basis of false and forged documents.
Searches were conducted at 38 residential/
official premises of local Recruiting
Agent (Delhi-based), public servants
and other private persons at Delhi,
Mumbai, Chandigarh and Hyderabad
in the three different cases registered in
respect of this human trafficking racket.
Several incriminating documents/material
were recovered during the searches.
CBI arrested the then
Chairman of Organizing
Committee of CWG - 2010
in ongoing investigation
of a CWG case
CBI arrested the then Chairman of
Organizing Committee of Commonwealth
Games - 2010 for conspiracy to cause favour
to a private firm based in Switzerland in
awarding the contract for Timing, Scoring
& Result System at an inflated cost of Rs.
141 crore. In this connection, the then
Secretary-General and the then Director-
General of the Organizing Committee
were also arrested on 23-2-2011.
It was alleged that officials of the
Organizing Committee had conspired
with representatives of the private firm in
Switzerland and the contract for Timing,
Scoring, Result was awarded by wrongfully
restricting and eliminating competition
from other suppliers in pre-meditated and
planned manner. Investigation revealed
that the Committee for shortlisting
prospective bidders for TSR was constituted
by selecting handpicked officials.
Investigation also revealed that members
of the tenders evaluation committee were
coerced and threatened to disqualify other
bidders. Investigation further revealed
that Indian representatives of the favour
supplier were in regular contact with 3
arrested Organizing Committee officials
much before the award of tender.
Wrongful loss of approximately Rs. 95
crore was caused to the Public Exchequer.
CBI filed supplementary
Charge-sheet against
eight accused persons
relating to Issuance of UAS
Licences & 2G Spectrum
CBI filed a supplementary charge-sheet
against eight accused persons u/s 120-B
IPC read with Section 7/11 & 12 of P.C. Act,
1988 in the Court of Special Judge for CBI
Cases, Patiala House Courts, New Delhi.
The investigation relating to the issuance
of new Unified Access Services Licences
and subsequent allocation of 2G Spectrum
during 2008-2009 established commission
of offences punishable u/s 120-B IPC
read with Section 7/11 & 12 of P.C. Act,
1988 against the then Union Telecom
Minister; two Directors of Mumbaibased
private company who were also
promoters of a Mumbai-based private
Telecom company, two Directors of
another Mumbai-based private company;
one Director of Mumbai-based private
film company and one Director and one
partner of Chennai-based private TV
company are liable to be prosecuted.
CBI registered a case in
connection with alleged
murder of Tulsi Prajapati
In pursuance to the Orders of the Hon’ble
Supreme Court of India dated 8-4-
2011 on the Writ Petition filed by Smt.
Narmada Bai, mother of the deceased
Tulsi Prajapati, CBI registered a case
against certain Police officials of Gujarat
& Rajasthan and others for their alleged
involvement in the criminal conspiracy of
wrongful restraint, wrongful confinement,
abduction and murder of Tulsi Prajapati
and causing disappearance of evidence
in the matter thereof. The investigation of
the case was entrusted to the S.I.T., which
had earlier performed the investigation
of Sohrabuddin Fake Encounter Case.
Purulia Arms Dropping Case:
Evidence against Kim Davy
During the investigation by CBI in
the Purulia Arms Dropping Case, no
evidence whatsoever came to light that
any Government agency helped Neils
Holck @Kim Davy in his crime by way
of commission or omission. On the
contrary, intelligence agencies helped
the CBI in a big way to collect evidence
against him and his co-accused persons.
No evidence of any Indian politician
helping him in his escape came to light.
During the investigation, a Laptop belonging
to the accused was seized by CBI, containing
more than 50,000 pages, wherein Kim
Davy has given elaborate details about his
plan and preparation of the crime. This is
clinching evidence against him. Nowhere
has he mentioned anything about any
likely help from any Indian official agency.
CBI is making all effort to bring him to
India and face trial in the Competent
Court in India. Kim Davy will have all
the opportunity to put forth his version in
open court. CBI has been able to establish
in the court in India that crime committed
by Kim Davy and other accused amount
to an act of terrorism. CBI has also been
able to establish the same to the Danish
Government. Kim Davy is attempting
to portray this heinous crime as an act
of self-defence to avoid his extradition.
Red Corner Notice against Kim Davy was
issued in 1996. With the help of Interpol,
India traced him in Copenhagen. Sincere
efforts have been made by CBI to extradite
him, but as there is no Extradition Treaty
between India and Denmark, the process
has taken time. Due to persistent efforts
by CBI and MEA, the Government of
Denmark has been convinced about
his role in offences committed in India
and had agreed to extradite him. The
matter is now in the Danish High Court.
50 CBI Bulletin April - June 2011

The Purulia Arms Dropping Case was
registered by CBI on 28th December, 1995.
CBI arrested the Chief
Parliamentary Secretary,
Punjab and an official of
Registrar, Firms & Societies,
Punjab in a bribery
case of Rs.1.5 crore
CBI arrested Chief Parliamentary Secretary,
Punjab and an official of Registrar, Firms
& Societies, Punjab in a bribery case.
CBI registered a case u/s 8 of Prevention
of Corruption Act against an official of
Registrar, Firms & Societies, Punjab on
the basis of a complaint received from
Secretary of an Association alleging demand
of bribe of Rs. 1.5 crore by the official, of
Registrar, Firms & Societies, Punjab, Sector
17, Chandigarh for closing the complaint
against the Association without any action.
The accused also threatened that in case of
non-payment of the bribe amount, control
of the Association shall be taken over by
the Government and a criminal case will
be registered against the office-bearers of
the Association. The accused official also
allegedly told the complainant that he has
approached a Minister in Punjab Cabinet
through Chief Parliamentary Secretary for
closing the complaint. He said that initially
an amount of Rs. 2 crore was demanded
for settling this matter but, however, he has
been able to reduce it to Rs. 1.5 crore. The
accused official also allegedly told that the
bribe amount was to be delivered at the
residence of Chief Parliamentary Secretary.
A trap was laid at the residence of the
Chief Parliamentary Secretary, Punjab.
The accused official of Registrar, Firms
& Societies and the Chief Parliamentary
Secretary, Punjab have been arrested
and produced before the Special
Judge for CBI Cases, Chandigarh.
CBI registered a case
in connection with
Merchandising and Online
Retails Concessionaire
for CWG Games-2010
CBI registered a case against six Senior
Officers of Organizing Committee, CWG
- 2010 and two private companies for
extending undue favour to a private
company appointed as official Master
Licensee for Merchandising and On
- line & Retail Concessionaire for
Commonwealth Games - 2010 against a
minimum royalty amount of Rs. 7.05 crore.
It is alleged that the then Director-General,
the then JDG (Finance), the then DDG
(Legal), the then DDG (Procurement), the
then ADG (F&A) & the then ADG (Image
& Look), all of Organizing Committee
(OC) CWG - 2010 entered into a
criminal conspiracy with the Director of
a private company and Chairman of a
private company and others. The said
OC Officers, by abusing their official
positions, extended undue favour to
the private company in appointing it as
official Master Licensee for Merchandising
and On-line & Retail Concessionaire
for CWG - 2010 for sportswear, casual
wear, kids wears etc. against a minimum
royalty amount of Rs. 7.05 crore.
It is further alleged that after scrapping
of the earlier bid on flimsy grounds, the
Evaluation Committee of the OC CWG -
2010, dishonestly considered the private
company on the basis of the goodwill of its
parent company, and on negotiations, the
said private company submitted an offer of
Rs. 5.20 crore for acquiring all the rights
of Master Licensee for Merchandising.
Thereafter, the private company submitted
two cheques amounting to Rs. 3.525 crore,
but the same were dishonoured by the
bank and as such, the OC did not receive
any amount from the private company.
Thus, it is alleged that the accused private
company actually used the CWG brand
properties and earned a huge profit, but
did not pay anything to the OC, and the
accused public servants caused huge
pecuniary advantage to Director of the
private company and corresponding
wrongful loss to the Government Exchequer.
Searches in this case were conducted
at 10 places in Delhi, Gurgaon,
Panchkula, Chandigarh & Mumbai.
CBI arrested a PS of a Minister
in Punjab Government
CBI arrested a Private Secretary to the Minister
of Technical Education, Social Security,
Women & Child, Government of Punjab in
the ongoing investigation of a bribery case.
The arrested accused was produced before
the Special Judge for CBI Cases, Chandigarh
and remanded to one-day Police custody.
The CBI had earlier registered a case under
Section 8 of P.C. Act against the official
of Registrar (Firms & Societies), Punjab,
Sector 17, Chandigarh for demanding a
bribe of Rs. 1.5 crore from the complainant
for showing a favour. A trap was laid.
The accused official of Registrar (Firms &
Societies), Punjab, Sector-17, Chandigarh
and the Chief Parliamentary Secretary,
Punjab were earlier arrested in this case.
CBI registered a case against
DIG, ITBP and others for
allegedly obtaining bribes
CBI registered a case against the then
DIG, ITBP, Dehradun presently posted
as DIG (Administration) at NICFS, Delhi;
Deputy Commandant, ITBP, 3rd Battalion,
Bareily; Assistant Commandant, ITBP,
SHQ, Bareily and Head Constable (PSO
to the then DIG), ITBP Dehradun u/s
120-B, 468, 471 IPC and 13(2) r/w
13(1)(d) of P.C. Act, 1988 for allegedly
obtaining bribes from candidates for their
selection as Constables/Head Constables.
It was alleged that they being the members
of a Selection Committee to select 84
numbers of Constables/Head Constables
through Departmental Selection process
had obtained illegal gratification from
the candidates for favouring them in
the Selection process. In the process,
the then DIG, ITBP, Dehradun was the
Chairman of the Selection Committee.
Searches were conducted at the officials
& residential premises of the accused
persons at Delhi, Dehradun, Bareilly
and Chandigarh, which yielded a
recovery of incriminating documents.
Clarification regarding
investigation relating to
Adarsh Cooperative Housing
Society Case, Mumbai
In connection with the investigation
relating to the Adarsh Cooperative
Housing Society, Mumbai, the Union
Ministry of Environment & Forests (MoEF)
and other Central and State Government
Departments are cooperating on all issues,
and, restructuring documents/files, which
may not be readily available with them.
CBI Bulletin April - June 201151

CBI had registered a case on 29-1-2011
against 13 accused belonging to Army,
DEO (Defence Estate Office), Government
of Maharashtra, public servants and
unknown persons in connection with the
Adarsh Housing Society investigation.
Another case relating to a missing file
was also registered, wherein the notesheet
of the file belonging to the Urban
Development Department of Government
of Maharashtra was found missing. In this
case, arrests were also made to trace the
documents and identify the culprit, who
had removed the note-sheet from the file.
The case was registered on the direction
of Hon’ble High Court of Bombay.
CBI arrested 8 dummy
candidates for appearing
in All India Pre-
Medical Test - 2011
CBI registered a case against some of the
medical courses aspiring candidates for
securing admission in Medical Colleges in
India through All India Pre-Medical Test -
2011 with the help of dummy candidates.
In this regard, raids were conducted
at CBSE, AIPMT Kolkata Examination
Centres to apprehend those candidates,
who had appeared as dummy candidates
on behalf of such aspiring candidates.
As outcome of the said raid, 8 dummy
candidates, including facilitators were
arrested. It has also been found that
the arrested dummy candidates are the
students of different medical colleges
and had appeared for the candidates in
lieu of huge money already paid to them.
Most Wanted Persons’
List handed over to
Pakistan during HSlevel
INDO-PAK talk
With reference to Most Wanted Persons’
List which was handed to Pakistan during
HS level INDO-PAK talk, after the first
error was found out on 17-5-2011, a
review of the Interpol List was undertaken.
This review and Preliminary Enquiry
revealed lapse regarding inclusion of Firoz
Abdul Rashid Khan in the list of Most
Wanted Persons handed over to Pakistan
during the HS-level INDO-PAK talk. The
information regarding the arrest of Abdul
Rashid Khan was intimated to the Interpol
Wing of CBI in February 2010. The lapse
occurred on the part of an official, who
failed to request Interpol Lyon for the
cancellation of Red Corner Notice and to
update the records of Interpol Wing, CBI.
Taking swift action against the concerned
official and immediate Supervisory Officer
responsible for the lapse, an Inspector
has been suspended and two other
Supervisory Officers of the rank of SP
and DSP have been transferred pending a
detailed enquiry. The Interpol Wing of CBI
is carrying out a thorough review of the
remaining persons on the Most Wanted
List. Director, CBI ordered a complete
review of the working of the Interpol Wing
by an officer of the rank of Joint Director.
Media reports regarding
Arrest Warrant for Kim
Davy: Clarification
The Non-Bailable Warrant issued by the
Metropolitan Magistrate, Kolkata was duly
sent to the Danish authorities along with
request for extradition of Niels Holck @
Kim Davy to India. On the basis of relevant
case records and the warrant issued by
Kolkata Court, the Ministry of Justice,
Government of Denmark passed an order
of extradition of Niels Holck @Kim Davy.
On the basis of the warrant issued by the
Kolkata Court and subsequent extradition
order issued by the Ministry of Justice,
Denmark Niels Holck @Kim Davy was
duly arrested on 9-4-2010 and kept in
custody for one day. As per Danish Law, he
was produced before a court, which passed
an order that though in Judicial custody, he
can stay with his family on condition of his
reporting to police twice a week. Thus, in
Indian terms, he was released by the court
on conditional bail. Accordingly, Niels
Holck @Kim Davy has been reporting to
local police twice a week and attending
court during hearings. His further arrest
can only take place by an order of Danish
Court hearing his extradition matter.
After the Trial Court did not confirm its order
of extradition of Niels Holck @Kim Davy to
India the Ministry of Justice, Denmark filed
an appeal before the Danish High Court.
The High Court also maintained the bail
condition and accordingly Niels Holck @
Kim Davy is reporting to police twice a week.
Thus, for all practical purpose, the warrant
issued by Kolkata Court has been executed
by the Danish Police on request of CBI. At
present, status of Kim Davy is that of an
accused person arrested and released on
conditional bail by the court in Denmark.
Moreover, as per Section 70(2) of Cr.P.C.,
a warrant issued by a competent court
remains in force till it is executed or it is
cancelled by the same court. There is
no question of a warrant getting expired
as reported in a section of media.
However, during the hearing of the appeal
in Danish High Court, the Advocate for the
accused Niels Holck @Kim Davy made
a submission that the warrant against
his client was old one. The Prosecutor,
supported by the CBI team in Denmark
opposed this plea with Indian and Danish
Laws and facts, which was accepted by the
Hon’ble Danish High Court and objection
raised by the defence was not accepted.
However, keeping the sensitivity and
importance of the case it was decided
to request the court in Kolkata to extend
the execution date of the same warrant,
which was duly done on 18-5-2011.
However, this fact has no way affected
the appeal proceedings in Danish High
Court, which continued its hearings till
19-5-2011 as decided earlier. The Danish
High Court has concluded its hearing of
the appeal on 19.05.2011 and decided
to pronounce the verdict before summer
vacations beginning in month of July 2011.
CBI filed charge-sheet
against 9 accused persons,
including the then Chairman
of Organizing Committee
and two private firms in a
case relating to CWG - 2010
CBI filed a charge-sheet against six the
then officials of the Organizing Committee,
including the then Chairman; three private
persons and two companies in the TSR case
pertaining to the Commonwealth Games -
2010 in the Court of Special Judge CBI at
Patiala House, New Delhi under Sections
120-B read with Sections 420, 467, 468
& 471 IPC and 13(2) read with 13(1)
(d) of the Prevention of Corruption Act,
1988 and substantive offences thereof.
The persons/companies, who have been
chargesheeted, are the then Chairman of
OC; the then Secretary-General of OC;
52 CBI Bulletin April - June 2011

the then DG of OC; the then ADG (Sports),
OC; the then DDG (Procurement), OC
and the then Jt. DG (Finance), OC; two
partners of Faridabad-based private
firm; CMD of Hyderabad-based private
construction company; Hyderabadbased
private constructions company;
and Switzerland-based private company.
Earlier, CBI had registered a case on 29-
11-2010 on the allegations that officials of
OC and private persons had entered into a
conspiracy, in pursuance of which the public
servants had abused their official positions
in order to manipulate the award of tender
for Timing, Scoring & Result System for the
Commonwealth Games to Switzerlandbased
company at an exorbitant cost, in
order to cause undue pecuniary advantage
to the company and its representatives
and wrongful loss to the Government.
During the investigation, the allegations
were substantiated and it was revealed
that the chargesheeted the then officials
of the OC had conspired with private
chargesheeted persons and indulged
in a series of forgeries, manipulations
and machinations with an objective to
award the TSR contract to Switzerlandbased
company at an exorbitant net cost
of approx. Rs. 157.62 crore (inclusive
of taxes) as compared to a net bid of
Spain-based company for approx. Rs.
62.01 crore (inclusive of taxes and
sponsorships). Thus, a wrongful loss of
approx. Rs. 95.60 crore was caused to the
OC and a corresponding gain to Swissbased
company and its representatives
by wilfully eliminating all competitors of
Swiss-based company. Investigation has
further revealed that the representatives
of Swiss-based company and the two
partners of Faridabad-based firm actively
conspired with the accused officials for
getting the contract awarded to Swissbased
company and received a payment of
approx Rs. 23.21 crore from Swiss-based
company for certain perfunctory services.
In this endeavour, they also conspired with
the CMD of Hyderabad-based private
constructions company, who raised highlyinflated
and bogus invoices for approx.
Rs. 11.28 crore for temporary cabling
work, in order to justify the huge payment
received from Swiss-based company.
During the course of investigation,
five arrested accused were sent to
Judicial custody while the three private
persons are absconding and arrest
warrants are pending against them.
Third Conference of
CBI Officers & Chief
Vigilance Officers of
Public Sector Banks and
Financial Institutions
The Third Conference of CVOs of Public
Sector Banks/Financial Institutions with
CBI Officers was held in the new CBI
Headquarters Building. The Director,
CBI, Senior CBI officials and Chief
Vigilance Officers of 31 Public Sector
Banks/Financial Institutions were present.
Delivering the Keynote Address, Director,
CBI Shri Amar Pratap Singh said that
CBI’s role is to investigate the criminality
in bank frauds and it does not interfere in
cases of prudent commercial judgement,
even if such decisions involve risks
or have resulted in losses to banks.
The Director, CBI called upon banks
to adapt to changing technology and
to sensitize its officers to new methods
of fraud, which are of late, noticed in
electronic payments, technology-related
payments like RTGS, Credit Cards, ATM,
Cell Banking, Internet Banking, etc.
Director, CBI said the Banking Sector has
lost as much as Rs.1883 crore and Rs.
2,017 crore during 2008-2009 and 2009-
2010 respectively. These include over
200 frauds of above Rs. one crore during
each year. CBI Director Shri Amar Pratap
Singh stated that banking officials are
guiding Investigating Officers in scrutiny of
financial statement, credit appraisal, etc.,
which has enhanced the professionalism
of CBI, in detecting bank frauds.
The Conference discussed important issues,
such as Preventive Vigilance, E-Tendering/
E-Procurement and Forensic Auditing.
The services of Bank Officers are being
utilized in various branches of CBI, such
as Bank Security and Fraud Cell, Economic
Offences Unit and Anti Corruption Units
in the CBI Headquarters as well as regions.
CBI arrested a Joint Director
(Office of D.G, Resettlement),
Ministry of Defence and a
Deputy Director-General,
Ministry of Tribal Affairs
in a bribery case
CBI arrested a Joint Director working
in the Office of Director-General of
Resettlement, Ministry of Defence, R.K.
Puram, New Delhi and a Deputy Director-
General, Ministry of Tribal Affairs, New
Delhi in a bribery case of Rs. 60,000/-.
CBI registered a case against Joint Director
working in the Office of Director-General
of Resettlement Ministry of Defence, R.K.
Puram, New Delhi u/s 7, 8 & 9 of P.C.
Act, 1988 on the basis of a complaint
received. It was alleged in the complaint
that the accused demanded a bribe of Rs.
60,000/- from the complainant for getting
his Annual Confidential Report upgraded.
CBI laid a trap and the accused Joint
Director (Office of DG of Resettlement,
Ministry of Defence) was caught redhanded
while demanding and accepting a
bribe of Rs. 60,000/- from the complainant.
The Deputy Director-General, Ministry of
Tribal Affairs was also arrested in this case.
Searches were also conducted at the
official and residential premises of
both the arrested accused persons.
CBI filed charge-sheet against
16 accused in Dara Singh
alleged fake encounter case
CBI filed charge-sheet in the alleged fake
encounter of Dara Singh in the Court of
Chief Judicial Magistrate, Jaipur u/s 120-B
IPC r/w 302, 364, 346, 201, 218 IPC
and substantive offences thereof against
16 accused persons, the then Additional
DG (Crime); the then SP (SOG); the then
Additional SP (SOG); the then seven
Sub-Inspectors; the then three Head
Constables; the then two Constables, all of
Rajasthan Police and one private person.
During the investigation, six accused were
arrested and sent to Judicial custody.
Remaining ten accused are absconding.
CBI Bulletin April - June 201153

Proceedings u/s 82 & 83 Cr.P.C. have
been initiated against all of them after
obtaining Non-Bailable Warrants from
the Competent Court. During the course
of investigation, all accused persons
were examined and given sufficient
opportunity to present their plausible
explanation/defence. Two accused (one
Sub-Inspector and one Constable) had
filed anticipatory bail and the same was
rejected by the Sessions Court, Jaipur.
Dara Singh, a resident of Village Mundital,
District Churu, Rajasthan was allegedly killed
by Special Operation Group, Rajasthan in
the outskirts of Jaipur on 23-10-2006. On
a petition filed by Smt. Sushila Devi wife
of deceased Dara Singh, Hon’ble Supreme
Court of India had directed CBI to take up
the investigation. The investigation of this
case is being monitored by the Division
Bench of the Hon’ble Supreme Court. The
CBI investigation revealed that Dara Singh
was allegedly killed in a fake encounter
in pursuance of a criminal conspiracy.
CBI is further investigating u/s 173 (8) of
Cr.P.C., the role of some other persons for
their alleged involvement in the conspiracy
behind alleged killing of Dara Singh.
CBI arrested seven accused
and busts two rackets
relating to manipulations
in AIIMS PG Exam. held on
8-5-2011 and in All India
Pre-Veterinary Test
held on 14-5-2011
CBI arrested seven accused, including
the main accused and busted two rackets
relating to manipulations in AIIMS PG
Exam. case held on 8-5-2011 and in All
India Pre-Veterinary Test held on 14-5-
2011. The arrested accused persons were
produced before the Designated Court
and were remanded to CBI custody.
The alleged main accused is a doctor.
In the All India Pre-Vet. Test held on 14-
5-2011, the CBI registered a case against
main accused; Proprietor & an employee
of a private firm and others regarding
manipulations in OMR Sheets for
admission of a large number of candidates
in B.V.Sc. & A.H. Course, 2011. It was
alleged that the private firm was awarded
contract by Veterinary Council of India for
result processing, including manufacturing
and scanning of OMR Sheets of the said
examination. The accused in connivance
with the candidates printed duplicate OMR
Sheets of the said candidates bearing the
same bar codes and replaced the original
OMR Sheets by duplicate OMR Sheets in
VCI office in order to get favourable result
in the said examination. Incriminating
documents were recovered during searches.
Prior to this, the CBI had also registered
a case regarding manipulation in the
examination process of Post-Graduate
Courses in AIIMS, New Delhi. It was
alleged that the accused had entered into
a criminal conspiracy with two employees
of a private firm at New Delhi and others
to manipulate the examination process
of Post-Graduate Entrance Test of AIIMS.
The accused persons used to contact
candidates and assure them selection in
the Entrance Test by manipulating their
Answer (OMR) Sheets. The accused used
to get the OMR Sheets of concerned
candidates taken out through the two
employees of the private firm and marking
of unanswered questions (left blank by
the candidates during the examination)
was done by him and his associates. The
two employees would then deposit the
manipulated OMR Mark Sheets back
before compilation of result. Hefty amounts
were allegedly charged for such services.
Searches conducted in Delhi and NCR at
the residence of the main accused and
his associates yielded recovery of original
mark sheets; image of OMR Sheets of
suspected candidates; computer files
relating to processing of result of AIIMS
Post-Graduate Entrance Examination held
on 8-5-2011 and blank cheques given
by few candidates, who had appeared in
the entrance examination. Incriminating
material, including documents relating
to the said examination as well as huge
amount of cash recovered during the
searches at the premises of employees of
a private firm. The prima facie scrutiny
of seized documents indicates that at
the time of scanning of OMR Sheets,
the ovals were darkened of unanswered
questions by the accused employees of
the private firm. It has been revealed that
some candidates, who had answered only
few questions and had left most of the
answer sheet (OMR Sheet) blank, have
secured high positions in the merit list
published by AIIMS on 27th May, 2011.
CBI arrested Joint Director of
CIB & RC under Ministry of
Agriculture in a bribery case
CBI arrested a Joint Director of Central
Insecticide Board & Registration
Committee, Ministry of Agriculture
for demanding & accepting a bribe of
Rs. 40,000/- from the complainant.
The complainant, authorized representative
of a Hyderabad-based company
had approached the Joint Director
(Chemistry) of CIB&RC at Faridabad,
who demanded Rs. 40,000/- as bribe for
clearance of pending three files for the
issuance of Registration Certificate for the
purpose of manufacturing of pesticides.
CBI laid a trap and the Joint Director,
who called the complainant to his
office at Faridabad along with the bribe
amount, was caught red-handed while
demanding & accepting a bribe of Rs.
40,000/- from the complainant. Searches
were also conducted at the office &
residence premises of accused persons.
Two accused sentenced to
undergo 12 years’ Rigorous
Imprisonment with fine of Rs.
one lakh each for possession
of contraband substances
The Additional Session Judge, Fast Track
Court-III, Gorakhpur, U.P., convicted
two accused Amit Kumar Jaiswal @Amit
and Mohd. Iqbal @Inderjeet Singh, both
residence of Krishna Nagar, Kapilvastu
(Nepal) for offences punishable under
sections 8 & 20 of NDPS Act. Both the
accused were sentenced to undergo
12 years’ Rigorous Imprisonment
with a fine of Rs. one lakh each.
Both the accused were arrested by CBI on
18-10-2008, after recovery of 3.1 kgs. and
3.0 kgs. of Charas (Hashish) respectively,
from their conscious possession at
54 CBI Bulletin April - June 2011

Railway Station, Gorakhpur, which was
concealed by them in polythene pouches
stitched in shape of a belt under their
garments. After thorough investigation,
a charge-sheet against the accused
persons was filed in the Designated
Court at Gorakhpur (UP) on 18-12-2008.
The court found both the accused guilty
for the offence and convicted them.
CBI registered a case against
certain officers of MTNL;
unknown officials of a
private company and others
for alleged irregularities in
awarding work of broadcast
network for CWG - 2010
CBI registered a case against the then
certain officers of MTNL and other
unknown private persons of a Noida-based
Private Company dealing in Optical Fibre
Transmission u/s 120-B IPC and 13(2) r/w
13(1)(d) of the Prevention of Corruption
Act, 1988 on the allegations that MTNL
awarded the work of broadcast network
based on IP/MPLS Technology at an
exorbitant price of approx. Rs. 570.12 crore
by manipulating the specification in such a
manner as to make them tailor made for
the said bidder to the said private company.
Though the broadcasting data transmission
requirements for CWG - 2010 were very
limited, based on optical fibre transmission,
for which an initial estimate of approx. Rs.
31.43 crore was prepared, the MTNL in
their proposal included Broadcast Video
Network based on IP/MPLS technology
that grossly enhanced the network costing
by Rs. 380.04 crore (approx.), allegedly
with an intention to cause huge pecuniary
advantage to the contracting firms. This
resulted into huge loss to the Government
Exchequer and wrongful gain to the Noidabased
private company. The enhancements
in the scope of work and engineering of
conditions of contract were made by the
officials concerned of MTNL in such a
manner that sub-contract could be awarded
only to the said private limited company .
After the registration of the case,
searches were carried out in various
parts of the country, including Delhi,
Noida, Jaipur and Patna. During
searches conducted, documents relating
to immovable and movable property
belonging to accused persons and other
incriminating documents also recovered.
CBI registered a case against
an Additional Commissioner
of Income Tax for possession
of disproportionate assets
Rs. 4.56 crore (approx.)
CBI registered a case against an
Addl. Commissioner (IRS-90) of
Income Tax, working in the Office of
Commissioner of Income Tax, Guntur
for allegedly amassing disproportionate
assets approx. Rs. 4.56 crore.
It was alleged that the Addl. Commissioner
of Income Tax, while working as
public servant during the period 2000-
2007, acquired assets in his name and
in the name of his family members,
which were disproportionate to his
known sources of income to the
tune of Rs. 4,56,63,105/- (approx.).
Searches were conducted at the residential
premises of Addl. Commissioner of
Income Tax (Guntur) at Vijayawada and
recovered several incriminating documents
pertaining to movable and immovable
properties. During the searches, cash,
Fixed Deposits & Travellers Cheques to
the tune of Rs. 75.59 lakh; gold jewellery
weighing about 6.6 kg. and silver items
weighing about 49 kg. were recovered.
CBI arrested a private person
for accepting bribe of Rs. 7 lakh
CBI arrested a private person in Jaipur
(Rajasthan) for demanding and accepting
illegal gratification of Rs. 7 lakhs from the
complainant, who was facing a CBI trial case.
It was alleged that the accused private
person had demanded illegal gratification
from the complainant on behalf of an officer,
who was involved in the investigation of the
CBI trap case, the complainant was facing.
The accused was caught red-handed
while demanding and accepting a bribe
of Rs. 7 lakh from the complainant. The
accused was produced before the court.
CBI arrested a Divisional
Engineer of Railways for
accepting bribe of Rs. 50,000/-
CBI arrested a Divisional Engineer
of Indian Railway Service - 1995
batch posted at Bhusawal Division
(Maharashtra) for demanding and
accepting a bribe of Rs. 50,000/- (Rs. Fifty
thousand only) from the complainant.
A case was registered against the accused
for allegedly demanding a bribe of Rs.
one lakh from the complainant for getting
sanction of bills of Rs six lakh regarding
painting work done by the complainant
at Bhusawal Division, even though the
work was executed. CBI laid a trap and the
accused was arrested while demanding and
accepting the bribe of Rs. 50,000/- as partpayment
in his office from the complainant.
Searches were conducted at the
official and residential premises of the
accused, which yielded recovery of
cash & documents relating to bank
accounts and 3 flats at Nagpur, besides
other incriminating documents.
The arrested accused was also
produced before the Designated Court.
CBI arrested an absconding
accused in a forgery
& cheating case
CBI arrested an absconding accused, who
was involved in the offence of forgery,
cheating & duping innocent public.
A case was registered by the CBI u/s 420,
467 and 468 of IPC against accused of
Visakhapatnam and others for cheating
different persons by presenting forged
documents purportedly issued by the
Director, CBI; British High Commission &
Union Finance Ministry (Government of
India) and using these forged documents
as genuine, thereby inducing the innocent
persons to part with huge amounts.
During the course of investigation, it was
found that the Visakhapatnam-based
accused forged documents purportedly
issued by the Director, CBI; Ministry of
Finance & British High Commission. The
accused used these forged documents
as genuine and cheated many persons
to the tune of crores of rupees with the
help of his vast network of associates
spread in various parts of the country.
CBI Bulletin April - June 201155

56 CBI Bulletin April - June 2011