Swati Lathia

Learning ways

Unit – 2 | Cyber Crime & Cyber Law

Classification of Cyber Crimes

  • Here are two common ways of classification for Cyber Crimes:
  • By Target
  • Crimes against Individuals: These target the people and their private data. Examples are:
    1. Identity Theft: Stealing personal information from someone in order to fraud them or impersonate them
    2. Cyberstalking: Using technology to cause fear or annoy someone.
    3. Cyberbullying: Abuse someone online through electronic means.
    4. Online Scams: tricking them into exposing their personal information or money.
  • Crimes against Organizations: These target businesses and organizations. Examples are:
    1. Data Breaches: Sensitive data theft and unauthorized access.
    2. Denial-of-Service (DoS) Attacks: overloading a network or website with so much traffic that it becomes unavailable.
    3. Hacking: Unauthorized interruption into a computer system or network.
    4. Corporate Espionage: Obtaining confidential business data to secure a competitive advantage
  • Crimes against Society at Large: They can cause significant disruption and target towards society as a whole. Examples are:
    1. Cyberterrorism: Launching attacks through computer networks that harm people physically or damage critical systems.
    2. Disinformation Campaigns: Spreading incorrect or misleading information in an attempt to create conflict or manipulate public opinion.
    3. Social Engineering Attacks: misleading someone into clicking on harmful websites or exposing private information.
    4. Crimes against Critical Infrastructure: Targeting networks of transportation or electricity systems, or other systems necessary for a society to function.
  • By Nature of the Crime:
    1. Financial Crimes: The aim of these crimes is to steal money or bank data. Online banking frauds, credit card fraud, and identity theft are a few examples.
    2. Content-Related Crimes: These offences include producing or spreading prohibited content, such as copyrighted or child pornographic materials.
    3. Disruption and Destruction: The goal of these crimes is to interfere with or harm networks or computer systems. Malware and DoS attacks are two examples.
    4. Privacy Violations: These offences include the unapproved entry, gathering, or application of private data. Cyberstalking and data breaches are two examples.

Common Cyber Crimes

Cyber Crime Targeting Computers and Mobiles

  • Cybercriminals are continuously on searching for methods for finding gaps in computers and mobile devices. The following is an overview of some of the most frequent cybercrimes that target these devices:
  • Infection by Malicious Software (Malware):
    1. Viruses: This self-replicate and spread from one device to another, erasing or damaging data.
    2. Worms: Though they resemble viruses, they spread quickly by taking advantage of network vulnerabilities.
    3. Trojan Horses: They trick users into installing them by pretending to be legitimate software, after which they steal data or damage the device.
    4. Spyware: Quietly monitors your activities in the background, gathering passwords and browsing history.
    5. Ransomware: This malicious software encrypts your files, making them unreadable, and requests a ransom to unlock.
  • Tricking You into Giving Up Information:
    1. Phishing Attacks: Deceptive email or messages that pretend to be from a reliable source (bank, social networking site) aim to obtain your personal information or login credentials.
    2. Smishing: Like phishing, except using SMS texts in place of emails.
  • Exploiting Weaknesses in Devices and Software:
    1. Zero-Day Attacks: These are extremely dangerous because they take use of weaknesses in software that not even the developers are aware of yet.
    2. Unpatched Software: Vulnerabilities in outdated software make it an ideal target for hackers.
  • Social Engineering Tactics:
    1. Vishing: Similar to phishing, but phones you and tricks you into giving private information.
    2. Pretexting: creating a situation in order to obtain your trust and obtain personal data. For instance, a con artist may phone and pose as a tech support representative.
  • Mobile-Specific Threats:
    1. Malicious Apps: These apps—which you may download from unknown sources—can track your location, steal data, or show annoying commercials.
    2. Unsecured Wi-Fi: If you use public Wi-Fi without a VPN, you run the risk of having your data stolen.

Cyber Crime against Women and Children

  • Some common Cyber Crimes against women and children are as follows:
  1. Cyberstalking: Repeatedly harassing or following a woman or child online through texts, social media, or other electronic means. For the victim, this can be highly upsetting and terrifying.
  2. Cyberbullying: Bullying a woman or child online with technology by sending them messages, making posts on social media, or excluding them from online communities.
  3. Online Harassment: Sending a woman or child abusive or threatening messages via the internet.
  4. Cyber Threats: Threatening a woman or child online with violence or other damage.
  5. Online Grooming: Adults making online friends with children in order to get their trust for sexual purpose.
  6. Sextortion: Threatening to disclose already-existing content with others in order to blackmail someone – typically a child or young adult – into giving sexually explicit content or money.
  7. Sharing of Child Sexual Abuse Material: Distributing or obtaining photos or videos depicting the sexual abuse of children. There are harsh punishments for this criminal offence.

Financial Frauds

  • Financial fraud happens when someone steals your money or other financial assets through dishonest or illegal means.  There are many different types of financial fraud, but some of the most common ones include:
    1. Identity theft: This is when someone steals your personal information, such as your Social Security number or credit card number, and uses it to open new accounts or make purchases in your name.
    2. Investment fraud: This is when someone tries to trick you into investing in a fake or risky investment. This can include things like Ponzi schemes and pyramid schemes.
    3. Credit card fraud: This is when someone uses your credit card number to make unauthorized purchases. This can happen if your card is lost or stolen, or if someone steals your credit card information online.
    4. Bank fraud: This is when someone steals money from your bank account. This can be done through things like check forgery, ATM skimming, or wire transfer fraud.

Social Engineering Attacks

  • Social engineering attacks are the digital equivalent of a sophisticated con artist. Rather than depending on complex hacking methods, they take use of human psychology to trick you into giving private information or doing activities that compromise your security. Here’s how it works:
  • Psychological Manipulation: Attackers trick you using a variety of strategies. They could play on your interest or helpfulness, create a sense of urgency or panic, or even pose as a reliable source like your bank or employer.
    1. Information Gathering: Attackers frequently conduct preliminary research to learn more about you. This may include information from public records, social media profiles, or even phishing emails you have previously clicked on. Here are some common types of social engineering attacks:
    2. Phishing: Probably the most well-known is this one. You get a message or email (by SMS or social media) that seems to be from a reliable source, such as a tech business or your bank. It may alert you to an issue with your account or present an offer that seems too good to be true. If you click on a link or attachment in the message, malware may download or you may be redirected to a fraudulent website where your login information is being stolen.
    3. Pretexting: The hacker creates a fictitious situation, or “pretext,” in an effort to win your confidence and obtain data. For instance, they might phone you claiming to be from your IT department and asking for assistance with a computer problem.
    4. Baiting: It’s similar like holding out a carrot in front of you. In exchange for your personal information, the attacker may offer you free software or special access to a website.

Malware and Ransomware Attacks

  • Although both ransomware and malware are harmful software that can cause havoc on your computer or network, they operate slightly differently:
  • Any software that is intended to cause harm to a system is referred to as malware. Here are some ways malware can cause problems:
    1. Stealing Data: Malware can be created with the intention of monitoring your online activities and stealing private data, such as credit card numbers, passwords, and personal documents.
    2. Corrupting Files: Your vital files may be damaged or erased by malware, rendering them unusable or inaccessible.
    3. Disrupting Operations: Malware may affect the functionality of your computer, resulting in slowdowns, crashes, or the inability to use specific applications or features.
    4. Downloading More Malware: Certain malware can serve as a portal for additional harmful programs to be downloaded, which can lead to a more serious infection.
  • There are many different types of malware, including:
    1. Viruses: These self-replicates and spread from one device to another, erasing or damaging data.
    2. Worms: Though they resemble viruses, they spread quickly by taking advantage of network vulnerabilities.
    3. Trojan Horses: They trick users into installing them by pretending to be legitimate software, after which they steal data or damage the device.
    4. Spyware: Quietly monitors your activities in the background, gathering passwords and browsing history.
  • One particular kind of malware that aims to extract money from you is called ransomware. This is how it operates:
    1. Infection: Malicious websites, phishing emails, corrupted software downloads, and other methods are common ways for ransomware to attack your system.
    2. Encryption: Ransomware encrypts your files after it’s installed, rendering them unreadable and inaccessible.
    3. Ransom Demand: Then, a notice demanding payment for a ransom is displayed by the attacker in exchange for a decryption key that unlocks your files. Usually demanded in cryptocurrencies such as Bitcoin, this ransom makes it hard to track down.
  • Attacks using ransomware have the potential to be disastrous, particularly for companies whose everyday operations depend on data. Here are a few more things to think about:
  • No Guarantee of Recovery: There is no assurance that you will have your files returned, even if you manage to pay the ransom.
  • Increased Risk of Data Leaks: Before encrypting data, some ransomware gangs take it and threaten to make it public if the ransom isn’t paid.

Zero Day and Zero Click Attacks

  • Hackers can use both zero-day and zero-click attacks to secretly take advantage of computer systems, although they target weaknesses differently:
  • Zero-Day Attack:
  • Fresh Flaw: A zero-day attack takes advantage of a flaw (vulnerability) in firmware, hardware, or software that was just recently found. The software developer or manufacturer has “zero days” to build a repair (patch) because this vulnerability is so new that they aren’t even aware of it.
  • Hacker’s Advantage: Attackers can use this vulnerability to initiate their attack before anyone is aware of it because there isn’t a fix available. They are particularly deadly because of this.
  • Targets: Zero-day attacks are frequently employed against well-known systems or businesses that hold significant data, such as vital infrastructure, financial institutions, or governments.
  • Zero-Click Attack:
  • No User Needed: In contrast to conventional attacks, which include clicking on a malicious link or opening an infected file, a zero-click attack eliminates all user input.
  • Exploiting Weaknesses: These attacks depend on pre-existing vulnerabilities in software that you may be familiar with, such as your web browser, operating system, or even a particular application.
  • Silent Strike: Zero-click attacks are challenging to identify and stop as they don’t need your involvement.
  • Here’s a table summarizing the key differences:
FeatureZero – Day AttackZero – Click Attack
User InteractionNot Required (after initial infection)Not Required
VulnerabilityNew, undiscoveredExisting, known
Patch StatusNo patch availablePatch may be available
Difficulty to DetectModerateHigh
Difference Between Zero-Day Attack & Zero-Click Attack
  • Zero-day attacks are more dangerous but less frequent. Their uniqueness makes them more difficult to counter.
  • Attacks with zero clicks are increasing in frequency. These kinds of attacks represent a serious concern as additional vulnerabilities are found and exploited by attackers.

Cybercriminals Modus-Operandi

  • Although cybercriminals have a script, it is always changing in parallel with technological advancements and security protocols. Below is an explanation of their standard operating procedure:
  • 1. Preparation:
    • Target Selection: Because of the possibility for money, criminals frequently target certain people or organizations. This might be done for disruptive purposes (like attacking vital infrastructure) or for financial gain (like stealing financial data)..
    • Reconnaissance: They may use a variety of techniques, including as social media profiling, data breaches, or malware infections on target computers, to learn more about their target.
  • 2. Attack:
    • Delivery: They use a variety of techniques to get their malicious code or tools onto the target system, such as phishing emails with malicious attachments, zero-day attacks, or social engineering.
    • Exploitation: Once they have a grip, they take advantage of user errors or vulnerabilities they have found to install malware, steal data, or interfere with normal operations.
  • 3. Control and Profit:
    • Maintaining Access: Criminals may try to establish persistent access to the system to get control, carry out more attacks and steal data over time.
    • Reaching the Objective: The final objective will change based on the kind of attack. Theft of intellectual property, interruption caused by denial-of-service attacks, and financial gain through ransomware or data theft are all possibilities.
  • 4. Escape and Evasion:
    • Covering Tracks: To prevent discovery, cybercriminals frequently attempt to remove their digital traces. This might include utilizing anonymizing software, erasing logs, or encrypting stolen data.
    • Cashing Out: After they’ve accomplished their objectives, they’ll attempt to turn stolen data into money. This can entail utilizing it for illegal transactions, putting it up for sale on the dark web, or requesting ransom payments.
  • Cybercrime is a business: These thieves are frequently well-organized organizations with specialized knowledge who are always searching for new ways to take advantage of vulnerabilities.
  • There are a variety of motivations: Monetary gain is a typical one, but there may also be other factors, such as state-sponsored attacks intended to cause disruption or espionage.
  • Maintaining security is a constant effort: There is no foolproof way to halt cybercrime. Both individuals and businesses must maintain a constant state of alertness and update their defenses.

Reporting of Cyber Crimes

  • Reporting cybercrime can take many forms based on the sort of crime and where you live, but here are some broad guidelines to get you started:
    • Local Law Enforcement:
      • In cases of crimes like identity theft, internet harassment, or financial frauds, this is frequently the initial point of contact.
      • Head to your local police Go to the police station in your local area and ask about reporting cybercrime. They might collaborate with federal agencies on investigations or establish a separate team dedicated to cybercrime.
    • Federal Agencies (US Specific):
      • Internet Crime Complaint Center (IC3): This is a central FBI resource for reporting cybercrime. File a complaint online at https://www.ic3.gov/.
      • Other Agencies: You may also want to report the specific crime to regulatory bodies such as the Securities and Exchange Commission (SEC) for investment fraud or the Federal Trade Commission (FTC) for identity theft. You can find instructions on how to file a report on their websites.
    • Specialized Reporting Sites:
      • There may be national cybercrime reporting portals in some nations.
      • A National Cyber Crime Reporting Portal is available in India, for instance (https://cybercrime.gov.in/).
      • To find such resources in your area, check the websites of your local government or cyber security organizations.
    • Gather Evidence:
      • Your case will be stronger the more proof you can offer. For example:
        • Screenshots of malicious emails, texts, or websites
        • Logs or digital footprints connected to the attack
        • Copies of any financial transactions or stolen papers
        • Any other material that may help investigators in understanding the crime
    • Be Specific in Your Report:
      • When filing a report, be as detailed as possible about the incident. Include:
      • Dates and times of the crime
      • Websites or online platforms involved
      • Usernames, email addresses, or IP addresses (if known)
      • A clear description of what happened and how you were impacted
    • Report Immediately:
      • The sooner you report a crime, the easier it will be for law enforcement to investigate.
      • Don’t delay in reporting, as evidence can become harder to recover over time.
    • Seek Additional Help:
      • If you’ve been a victim of cybercrime, there are resources available to help you recover. You can contact:
        • Your local consumer protection agency
        • Non-profit organizations specializing in cybercrime assistance
        • National Cyber Security Alliance: https://staysafeonline.org/

Remedial and Mitigation Measures

  • While both remedial and mitigation actions attempt to address security threats, they do so in different ways:
  • Remedial Measures:
  • The reactive actions done to counter and recover from a cyberattack are known as remedial measures.
  • When it comes to cybercrime, remedial measures are the steps done following an incident that minimize damage, learn from the attack, and stop it from happening again. Restoring regular operations and strengthening cybersecurity defenses require these actions. These are the main corrective actions:
  • Immediate Response and Containment:
  • Isolation: Isolate impacted systems or networks as soon as possible to stop the attack from spreading.
  • Shut Down: Shut down hacked systems if required to stop further harm or data loss.
  • Forensic Analysis and Investigation:
  • Forensic Examination: To figure out the nature, scope and point of entry of the cyberattack, conduct a comprehensive investigation.
  • Root Cause Analysis: Determine the gaps or vulnerabilities that gave rise to the attack.
  • Data and System Restoration:
  • Data Recovery: To reduce data loss, restore data from backups that were made before to the occurrence.
  • System Rebuild: Before resuming operations, rebuild or reimage the impacted systems to make sure they are safe and secure.
  • Patch Management and System Hardening:
  • Apply Patches: Apply security updates and patches to address vulnerabilities that the attack took advantage of.
  • System Hardening: For future attacks of this kind, make security sets and settings stronger.
  • Communication and Notification: 
  • Internal Communication: Inform stakeholders about the incident, remediation efforts, and how it will affect operations.
  • External Communication: As mandated by legal and regulatory requirements, notify all relevant parties, including partners, customers, and regulatory authorities.
  • Enhanced Monitoring and Surveillance:
  • Continuous Monitoring: Increased system and network monitoring should be put in place to find any remaining risks or indications of a possible infection.
  • Behavioral Analysis: Utilize behavioral monitoring and advanced analytics to spot unusual activity that might point to serious risks.
  • Employee Training & Awareness:
  • Education: To stop such incidents, give employee more training on incident response procedures and cybersecurity best practices.
  • Incident Response Plan Review and Update:
  • Evaluation: Based on the incident’s lessons learned, evaluate the incident response plan’s efficacy and pinpoint areas that need improvement.
  • Revision: To better prepare for upcoming incidents, update the incident response plan with any necessary modifications or enhancements.
  • Legal and Regulatory Compliance:
  • Compliance: Ensure accordance to relevant industry standards, laws and regulations for reporting cybersecurity incidents and notifying data breaches.
  • Continuous Improvement and Risk Management:
  • Risk assessment: To detect and minimize any risks and vulnerabilities, carry out frequent risk assessments.
  • Adaptation: Modify cybersecurity plans and defenses in response to new risks and changing attack methods.
  • Documentation and Reporting:
  • Documentation: For the sake of future analysis, auditing, and reference, keep thorough records of the incident, the activities done in response, and the results.
  • Reporting: If mandated by law or policy, notify the relevant authorities or regulatory organizations about the occurrence.
  • Mitigation Measures:
  • Proactive actions taken to reduce the possibility and effect of cyberattacks are known as mitigation measures. Their goals are to reduce vulnerabilities and improve security posture. The following are some crucial tactics:
  • Firewall and Intrusion Prevention Systems (IPS):
    • Install and set up firewalls correctly to prevent unwanted access.
    • Use Intrusion Prevention Systems (IPS) to identify and stop harmful activity on the network.
  • Anti-Virus and Anti-Malware Software:
    • To identify and eliminate threats, install and update anti-virus and anti-malware software on every system.
  • Encryption:
    • Protect sensitive data against breaches and unwanted access by encrypting it while it’s in transit and at rest.
  • Multi-Factor Authentication (MFA):
    • Use multi-factor authentication (MFA) to strengthen security beyond passwords and increase the difficulty of illegal access.
  • Network Segmentation:
    • Segment networks to stop malware from spreading and to provide only authorized staff access to sensitive data.
  • Security Policies and Procedures:
    • Develop and enforce comprehensive security policies and procedures to guide the organization’s security practices.
    • Regularly review and update these policies.
  • Incident Response Plan:
    • Develop and maintain an incident response plan to ensure a swift and effective response to any cyber incident.
    • Conduct regular drills to ensure preparedness.
  • Access Control:
    • Implement the principle of least privilege, granting users only the access necessary for their roles.
    • Use role-based access control (RBAC) to manage permissions effectively.
  • Regular Backups:
    • Perform regular backups of critical data and systems to ensure data can be restored in case of a cyber incident.
    • Ensure backups are stored securely and tested periodically for integrity.
  • Vendor and Third-Party Management:
    • Assess and manage the cybersecurity risks posed by third-party vendors and service providers.
    • Ensure that third parties adhere to your security policies and standards.
  • Physical Security:
    • Implement physical security measures to protect data centers and other critical infrastructure from physical threats.
    • Use locks, access cards, and surveillance systems to control physical access.

Legal Perspective of Cyber Crime

  • Cybercrime, sometimes called computer crime, is the term used to describe illegal activities carried out online or through computers. In legal terms, fighting cybercrime requires understanding what makes up a cybercrime, what rules and regulations apply, and how difficult it is to enforce the laws that apply.
  • Due to its ever-changing nature, cybercrime presents a special challenge to judicial systems worldwide. An overview of the legal viewpoint on cybercrime is provided below:
  • Types of Cyber Crimes:
  • Hacking: Unapproved use of networks or computer systems.
  • Identity Theft: Stealing personal data in order to commit fraud.
  • Phishing: Using phony emails or websites to trick people into giving personal data.
  • Malware: Spreading malicious software to harm or interfere with computer systems, such as trojans, viruses, or ransomware.
  • Cyber Stalking: Using the internet to follow or harass people.
  • Online Fraud: Fraud and scams that happen online, including e-commerce fraud.
  • Intellectual Property Theft: Stealing commercial secrets or content protected by copyright.
  • Legal Framework
    • International Agreements and Laws:
    • Budapest Convention on Cybercrime: The first international contract to address internet and computer crime seeks to improve investigative methods, increase international cooperation, and consolidate state legislation. It gives on precise guidelines for making particular actions illegal, protocols for dealing with law enforcement, and structures for global collaboration.
    • National Laws:
      • To address cybercrime, several nations have created their own legal frameworks. Among the noteworthy instances are:
      • United States:
        • Computer Fraud and Abuse Act (CFAA): Establishes sanctions for a number of cybercrimes and makes unauthorized computer access illegal.
        • Electronic Communications Privacy Act (ECPA): Protects electronic communications from wiretapping and electronic eavesdropping.
      • European Union:
        • General Data Protection Regulation (GDPR): The GDPR has measures that affect data breach handling and cyber security, despite its primary focus on data protection and privacy.
        • Directive on Security of Network and Information Systems (NIS Directive): The goal of this directive is to improve cybersecurity within the EU.
      • India:
        • Information Technology Act, 2000: This act covers various cyber crimes and electronic commerce regulations, including penalties for hacking, data theft, and spreading viruses.
        • Australia:
        • Cybercrime Act 2001: This law criminalizes unauthorized access, modification, or impairment of data and systems.
  • Jurisdictional Challenges
    • Cyber crimes often transcend national borders, creating significant challenges in determining which country’s laws apply and how to effectively enforce them. Key issues include:
    • Jurisdiction: Determining which country has the legal authority to prosecute a cyber crime can be complex, especially when the perpetrator, victim, and servers involved are in different countries.
    • Extradition: Securing the extradition of suspects from one country to another can be difficult due to differing legal standards and lack of treaties.
    • International Cooperation: Effective enforcement often requires cooperation among multiple jurisdictions and agencies, which can be challenging due to differences in legal systems and priorities.
  • Enforcement Mechanisms
    • Effective enforcement of cyber crime laws involves several key elements:
    • Law Enforcement Agencies:
      • National Agencies: Many countries have specialized units within their national law enforcement agencies to tackle cyber crime. For example, the FBI in the United States has a dedicated Cyber Division.
      • International Agencies: Organizations like Interpol and Europol facilitate international cooperation and coordination in combating cyber crime.
    • Legal Procedures:
      • Investigation: Cyber crime investigations often involve complex technical processes, including digital forensics, tracking digital footprints, and decrypting data.
      • Prosecution: Prosecuting cyber crimes requires specialized legal expertise to present technical evidence and navigate the complexities of cyber law.
    • Prevention and Awareness:
      • Education and Training: Ongoing education and training for individuals and organizations about the latest cyber threats and safe online practices.
      • Security Measures: Implementation of robust security measures, such as firewalls, encryption, and regular software updates, to protect against cyber threats.
      • Incident Response Plans: Developing and regularly updating plans to respond to cyber incidents, including steps for containment, investigation, and recovery.
    • Challenges and Future Directions
    • The legal landscape of cyber crime is continuously evolving to keep pace with the rapid advancements in technology and the ever-changing nature of cyber threats. Some ongoing challenges include:
      • Anonymity and Attribution: The anonymity provided by the internet makes it challenging to identify and apprehend perpetrators.
      • Technological Advancements: Rapid technological changes can outpace the development of legal frameworks, leaving gaps in the law.
      • Resource Limitations: Many law enforcement agencies lack the necessary resources and expertise to effectively combat cyber crime.

IT Act 2000 and Its Amendments

  • The Indian Parliament passed the Information Technology Act, 2000 (IT Act 2000) to establish a legal foundation for electronic government by recognizing digital signatures and electronic records. Facilitating electronic transactions and addressing legal difficulties resulting from cyber activity were the main goals. This is a comprehensive overview of the amendments made to the IT Act 2000:
  • IT Act 2000
  • Objectives:
    • Legal Recognition of Electronic Transactions: Digital signatures and electronic records, which are essential for the verification and authenticity of electronic transactions, are given legal standing under the Act.
    • Regulation of Certifying Authorities: The Act establishes the protocols and guidelines that certifying authorities must follow in order to certify digital signatures.
    • Cybercrimes and Offenses: The Act lists a number of cybercrimes, including hacking, data theft, virus attacks, and identity theft, along with the related punishments.
    • Electronic Governance: The Act promotes the government to communicate and document officially through electronic methods.
  • Key Provisions:
    • Digital Signatures: Digital signatures are recognized by the Act as a legitimate technique for electronic record authentication. It outlines the responsibilities of the Controller of Certifying authority (CCA) and certifying authority.
    • Electronic Records: The legal foundation for using electronic records instead of paper documents is provided by the Act.
    • Cybercrimes: A number of offenses are listed, along with their associated penalties, including hacking, gaining unauthorized access to computer systems, and spreading viruses.
    • Intermediary Liability: The Act specifies how intermediaries, like ISPs and web hosting companies, are held liable for the content that is hosted on their platforms.
    • Adjudicating Officers and Cyber Appellate Tribunal: The Act establishes a Cyber Appellate Tribunal for appeals and deciding officers to resolve issues.
  • Amendments to the IT Act 2000
  • IT (Amendment) Act 2008:
  • The original Act’s deficiencies were addressed, and the IT (Amendment) Act 2008 was passed to keep up with technological changes. Important alterations consist of:
    • Data Protection and Privacy: The amendment clarified the obligations of companies managing sensitive personal data and included measures for the protection of such information.
    • Cyber Terrorism: The amendment made cyber terrorism a crime by including clauses that addressed it.
    • Guidelines for Intermediaries: The modification made it clearer what intermediaries were responsible for and provided rules that they had to abide by, like taking down offensive content after being alerted of it.
    • New Offenses: Identity theft, impersonation, and child pornography are among the new offenses that the amendment added, along with the associated penalties.
    • Electronic Contracts: The amendment established a framework for the execution of electronic contracts and acknowledged their validity.
    • Certifying authority: More clarification was provided regarding the functions and duties of certifying authority.
    • Section 66A: Originally intended to handle offensive comments conveyed via communication services, the Supreme Court of India ruled in 2015 that the law was unconstitutional due to its ambiguity and restriction on free speech.
  • Other Significant Amendments:
  • Section 69: Empowered the government to intercept, monitor, and decrypt information in the interest of national security, public order, or to prevent incitement to the commission of an offense.
  • Section 79: Provided a safe harbor to intermediaries, protecting them from liability for third-party information, data, or communication link hosted by them, under certain conditions.
  • Key Impacts:
  1. Enhanced Cybersecurity: The amendments strengthened the legal framework to combat various forms of cybercrimes, thereby enhancing cybersecurity.
  2. Privacy and Data Protection: Provisions for data protection and privacy helped in safeguarding personal information in the digital space.
  3. Clarity for Intermediaries: The guidelines for intermediaries clarified their roles and responsibilities, ensuring a more regulated online environment.
  4. Legal Recognition of New Technologies: The amendments ensured that the law kept pace with technological advancements and recognized new forms of electronic transactions and records.

Cyber Crime and Offences

  • Criminal activity involving computers and networks is known as cybercrime. In these acts, the computer can be either a tool used for the crime or the very target of the crime itself.
  • The Information Technology Act, 2000 (IT Act) and the Indian Penal Code (IPC) have the following comprehensive lists of cybercrimes, together with the relevant provisions and penalties for each:
    1. Unauthorized Access, or hacking
      • Section: 66 (IT Act)
      • Offense: Unauthorized access to networks, data, or computer systems
      • Penalty: Fine of up to ₹5 lakh or Imprisonment up to 3 years
    2. Identity Theft
      • Section: 66C (IT Act)
      • Offence: Illegal use of another person’s identification, such as a password or electronic signature.
      • Penalty: Fine of up to ₹1 lakh or Imprisonment up to 3 years
    3. Phishing
      • Section: 66D (IT Act)
      • Offence: Illegally using internet communication to seem to be a reliable source in order to get sensitive information.
      • Penalty: Fine of up to ₹1 lakh or Imprisonment up to 3 years
    4. Cyber Stalking
      • Section: 354D (IPC)
      • Offence: Following, getting in touch with, or making repeated attempts to get in touch with someone in order to promote personal involvement in spite of clear signs of disinterest.
      • Penalty: Imprisonment up to 3 years on first conviction, and up to 5 years on subsequent convictions.
    5. Cyber Terrorism
      • Section: 66F (IT Act)
      • Offence: Terror attacks using computer resources, like interfering with vital services or getting access to confidential information.
      • Penalty: Imprisonment for life.
    6. Publishing or Transmitting Obscene Material
      • Section: 67 (IT Act)
      • Offence: Transmitting or publishing pornographic content online.
      • Penalty: Imprisonment up to 3 years and/or a fine up to ₹5 lakh on first conviction; up to 5 years and/or a fine up to ₹10 lakh on subsequent convictions.
    7. Child Pornography
      • Section: 67B (IT Act)
      • Offence: Publishing or transmitting material depicting children in sexually explicit acts.
      • Penalty: Imprisonment up to 5 years and/or a fine up to ₹10 lakh on first conviction; up to 7 years and/or a fine up to ₹10 lakh on subsequent convictions.
    8. Online Financial Fraud
      • Section: 420 (IPC)
      • Offence: Using technology to trick people in order to get money.
      • Penalty: Imprisonment up to 7 years and/or a fine
    9. Denial-of-Service (DoS) Attacks
      • Section: 66 (IT Act)
      • Offence: Purposefully interfering with or blocking access to a network or computer system.
      • Penalty: Imprisonment up to 3 years and/or a fine.
    10. Cyber Defamation
      • Section: 499 and 500 (IPC)
      • Offence: Disseminating false information about an individual online.
      • Penalty: Imprisonment up to 2 years and/or a fine.
    11. Misrepresentation
      • Section: 71(IT Act)
      • Offence: To receive a license or Digital Signature Certificate, one must not hide any material information from the Controller or the Certifying Authority, nor make any false statements to them.
      • Penalty: Imprisonment up to 2 years and/or a fine up to ₹1 lakh.
    12. Breach of Confidentiality and Privacy
      • Section: 72(IT Act)
      • Offence: Any person who, under the powers given by the IT Act, has accessed any electronic record, book, register, correspondence, information, document, or other material without the concerned person’s consent and then shares that material with someone else.
      • Penalty: Imprisonment up to 2 years and/or a fine up to ₹1 lakh.
    13. Punishment for Disclosure of Information in Breach of Lawful Contract
      • Section: 72A (IT Act)
      • Offence: Any person providing services under a legal contract who gets access to someone else’s personal information and, with the intent to cause or knowing they might cause harm or gain, shares that information without the person’s consent or breaks the contract
      • Penalty: Imprisonment up to 3 years and/or a fine up to ₹5 lakh.
    14. Publishing Digital Signature Certificate False in Certain Particulars
      • Section: 73 (IT Act)
      • Offence: If a person knowingly shares a Digital Signature Certificate with others, knowing that the certificate wasn’t issued by the listed authority, wasn’t accepted by the subscriber, or has been revoked or suspended
      • Penalty: Imprisonment up to 2 years and/or a fine up to ₹1 lakh.
    15. Publication for Fraudulent Purpose
      • Section: 74 (IT Act)
      • Offence: If a person knowingly creates or shares a Digital Signature Certificate for any fraudulent or illegal purpose.
      • Penalty: Imprisonment up to 2 years and/or a fine up to ₹1 lakh
    16. Additional Provisions
      • Section 43 (IT Act): Compensation for damage to computer, computer system, etc.
      • Section 69 (IT Act): Power to issue directions for interception or monitoring or decryption of any information through any computer resource.
      • Section 79 (IT Act): Liability of intermediary
  • The IT Act can be applied to offences committed outside India if they impact a computer system located in India.
  • The Act also allows for confiscation of computer equipment used in cybercrimes.

Organizations Dealing with Cyber Crime and Cyber Security in India

  • Here are some of the important organizations dealing with Cyber Crime and Cyber Security in India:
  • Government Agencies:
    • Indian Computer Emergency Response Team (CERT-In): The national nodal agency for cyber security incidents and threats. It is responsible for handling cyber security emergencies, issuing advisories and vulnerabilities, and coordinating cyber security efforts.
    • National Critical Information Infrastructure Protection Centre (NCIIPC): A designated authority to protect Critical Information Infrastructure (CII) in India. It works towards securing CII assets and promoting a culture of cyber security.
    • Indian Cyber Crime Coordination Centre (I4C): A national initiative to combat cybercrime in India. It facilitates reporting of cybercrimes, coordinates investigation efforts of various law enforcement agencies, and provides training and resources to improve cybercrime investigation capabilities.
  • Industry Bodies:
    • Data Security Council of India (DSCI): A non-profit industry body focused on promoting data protection in India. It provides best practices, standards, and initiatives to help organizations implement effective data security measures.
    • Cyber Security Association of India (CSAI): A not-for-profit organization working towards creating a secure cyber space in India. It brings together stakeholders from government, industry, and academia to collaborate on cyber security issues.

Checklist for reporting cyber-crime at Cyber-crime Police station

  1. Gather Evidence
    • Screenshots of the incident (messages, emails, etc.)
    • URLs of websites involved
    • Any relevant files or documents
    • Dates and times of incidents
    • Any communication with the offender
  2. Document Personal Information
    • Your full name and contact details
    • Your address
    • Any relevant social media or online account information
  3. Identify the Type of Cybercrime
    • Hacking (unauthorized access)
    • Online harassment or stalking
    • Identity theft
    • Fraud (scams, phishing)
    • Malware or ransomware incidents
    • Child exploitation or grooming
  4. Create a Detailed Account
    • Write a clear and concise description of the incident.
    • Include how and when you discovered the crime.
    • Mention any actions you took (e.g., reporting to platforms, changing passwords).
  5. Review Local Laws and Regulations
    • Familiarize yourself with relevant laws regarding cybercrime in your area.
  6. Prepare Personal Identification
    • Government-issued ID (e.g., passport, driver’s license)
    • Any relevant documents that might support your case
  7. Understand the Reporting Process
    • Research the specific process for your local cybercrime police station (in-person, online, etc.).
  8. Consider Your Safety
    • Ensure your online security measures are updated (change passwords, enable two-factor authentication).
  9. Plan for Follow-Up
    • Keep track of your report’s reference number.
    • Note down contact information of the officer handling your case.
    • Schedule reminders for follow-up if you don’t hear back.
  10. Stay Informed
    • Be aware of any support services available (victim support, counseling).
  • Other Tips
    • Be calm and concise when presenting your case.
    • Follow any specific instructions given by the police regarding your report.
    • If necessary, seek legal advice or support from cybersecurity experts.

Checklist for reporting cybercrime online

  • 1. Gather Evidence
    • Screenshots: Capture images of emails, messages, or websites involved.
    • Links: Copy and paste any suspicious URLs.
    • Documentation: Note down dates, times, and details of the incidents.
    • Attachments: Save any malicious files or documents received.
  • 2. Identify the Type of Cyber Crime
    • Phishing: Emails or messages attempting to steal personal information.
    • Hacking: Unauthorized access to accounts or systems.
    • Fraud: Scams involving money or sensitive data.
    • Harassment: Online stalking or bullying.
    • Malware: Infections or malicious software.
  • 3. Report to Relevant Authorities
    • Local Law Enforcement: Contact your nearest police station.
    • National Cybercrime Agencies: Report to organizations like the FBI (USA) or your country’s cybercrime unit.
    • Internet Service Provider (ISP): Notify them of the issue if it involves your internet connection.
  • 4. Inform Affected Organizations
    • Companies Involved: Report phishing attempts to the organization being impersonated (e.g., banks, social media).
    • Fraud Alerts: Inform your bank or credit card company if financial information is compromised.
  • 5. Use Online Reporting Platforms
  • Cybercrime Reporting Portals: Use platforms such as:
    • IC3 (Internet Crime Complaint Center)
    • FTC (Federal Trade Commission) for consumer fraud
    • Your country’s specific cybercrime reporting site
  • 6. Follow Up
    • Case Number: Keep a record of any reference number or case ID provided.
    • Contact Information: Note down the details of the officer or agency you reported to.
    • Check for Updates: Follow up with authorities if you don’t receive feedback in a reasonable time frame.
  • 7. Protect Yourself
    • Change Passwords: Update passwords for affected accounts immediately.
    • Enable Two-Factor Authentication: Add an extra layer of security.
    • Monitor Accounts: Regularly check your financial statements and online accounts for unusual activity.

Reporting phishing Emails

  • In India, reporting phishing emails is crucial for maintaining cybersecurity. Here’s a step-by-step guide on how to effectively report phishing emails:
  • 1. Do Not Engage
    • Avoid clicking on any links or downloading attachments in the suspected phishing email.
  • 2. Gather Evidence
    • Take Screenshots: Capture the email, including sender details, subject line, and any suspicious content.
    • Note Details: Write down the sender’s email address, date and time of receipt, and any specific threats or requests made in the email.
  • 3. Report to Your Email Service Provider
    • Use the built-in reporting tools of your email service:
      • Gmail: Open the email, click on the three dots (More) in the top right corner, and select “Report phishing.”
      • Outlook: Open the email, click on “Junk,” and choose “Report phishing.”
      • Yahoo: Open the email, click on the three dots (More), and select “Report phishing.”
  • 4. Report to the Cyber Crime Cell
    • You can report phishing to the Cyber Crime Cell of your local police or the nearest police station. Many states have dedicated cybercrime units.
  • 5. Use the National Cyber Crime Reporting Portal
    • Visit the Cyber Crime Reporting Portal at cybercrime.gov.in. This is a government initiative where you can report various types of cybercrime, including phishing.
      • Click on the “Report Here” option.
      • Fill in the required details, including evidence you have collected.
  • 6. Report to CERT-In
    • The Indian Computer Emergency Response Team (CERT-In) also accepts reports of phishing. You can contact them via:
  • 7. Inform the Organization Being Impersonated
    • If the phishing email appears to be from a legitimate organization (like a bank or e-commerce site), report it directly to them through their official website.
  • 8. Monitor Your Accounts
    • Keep an eye on your bank and online accounts for any suspicious activity. Change passwords if you suspect any compromise.

Case studies

  1. The Yahoo Data Breaches (2013-2014)
    • Overview: Yahoo experienced two major data breaches affecting over 3 billion accounts.
    • Cyber Crime Aspect: Hackers stole personal information, including email addresses, birth dates, and security questions.
    • Legal Implications: Yahoo faced lawsuits and scrutiny over their handling of user data and the breach’s disclosure. This case highlighted the importance of timely notification and user data protection.
  2. Facebook-Cambridge Analytica Scandal (2018)
    • Overview: Personal data of millions of Facebook users was harvested without consent for political advertising.
    • Cyber Crime Aspect: This incident raised concerns about privacy violations and data misuse.
    • Legal Implications: Facebook faced fines and scrutiny from regulators worldwide, emphasizing the need for stricter data protection laws and ethical standards in data handling.
  3. The Sony PlayStation Network Hack (2011)
    • Overview: A major breach of Sony’s PlayStation Network resulted in the theft of personal information from approximately 77 million accounts.
    • Cyber Crime Aspect: Hackers gained access to users’ names, email addresses, passwords, and credit card information.
    • Legal Implications: Sony faced numerous lawsuits and regulatory investigations, leading to increased scrutiny on how companies protect user data. The case highlighted the potential consequences of inadequate cybersecurity measures.
  4. The Zoom Privacy Issues (2020)
    • Overview: With the surge in remote work due to the COVID-19 pandemic, Zoom faced numerous security and privacy concerns, including “Zoombombing.”
    • Cyber Crime Aspect: Unauthorized individuals accessed meetings, leading to privacy violations.
    • Legal Implications: Zoom faced lawsuits and criticism for its security practices, prompting changes to enhance user privacy and data protection.

Assignment

  1. What are the main categories of cybercrimes targeting computers and mobile devices?
  2. How do cybercrimes specifically target women and children?
  3. What are the typical methods used in financial frauds perpetrated through cybercrime?
  4. Describe some common social engineering attacks and the tactics used to deceive victims
  5. Explain Zero Day and Zero Click Attacks and what makes them particularly dangerous?
  6. What are the recommended steps for an individual or organization to report a cyber-crime in India?
  7. What are some of the notable types of cyber-crimes and offenses covered under Indian cyber law, and how are they penalized?
  8. List Government Agencies and Industry Bodies dealing with cyber security and cyber-crime in India.
  9. Make checklist for reporting cyber-crime at Cyber-crime Police station.
  10. Make checklist for reporting cybercrime online.
  11. Write steps for Reporting phishing Emails.
Scroll to top