Introduction:

The glares of radiant brains have overshadowed the artificial bodily shines. An un-ending pursuit for excellence has stretched the dimensions of research to the limits in either direction. The modern world has witnessed successful amalgamation of bright minds and brighter machines making destinations unseen henceforth closer than ever before.

Research is not restricted to working on a fixed path. Science being a sympathetic mother do not deny those who attempted research in the reverse direction. The corollary was emergence of an era of crimes better known as "Cyber Crimes". The challenges before the inventors in the present century changed likewise to finding means to restrict such crimes.

It is worthwhile to note here that the first cyber crime took place as early as in the year 1820. The crimes have however gained momentum in India only in the recent past. As an upshot, the Indian Parliament gave effect to a resolution of the General Assembly of the United Nations for adoption of a Model Law on Electronic Commerce. The consequence was the passing of Information Technology Act 2000. The Act aims to regulate and legalize E-Commerce and take cognizance of offences arising there from.

Definition:

The Cambridge dictionary defines Cyber Crimes as Crimes committed with the use of computers or relating to computers, especially through the Internet. Universally, Cyber Crime is understood as "an unlawful act where in the computer is either a tool or a target or both".

Cyber Crimes are different from conventional crimes as in cyber crimes; the crime is committed in an electronic medium and here mens rea is not a requirement but is rather a general rule under the penal provisions of the Information Technology Act. The element of mens rea in Internet crimes is that the offender must have been aware at the time of causing the computer to perform the function that the access thus intended to be secured was unauthorized.

Classification of Cyber Crimes:

The Information Technology Act deals with the following cyber crimes along with others:

Tampering with computer source documents:

A person who knowingly or intentionally, conceals (hides or keeps secret), destroys (demolishes or reduces), alters (change in characteristics) or causes another to conceal, destroy, and alter any computer source code used for a computer, computer program, computer system or computer network, when the computer source code is required to be kept or maintained by law is punishable.

For instance, hiding the C.D.ROM in which the source code files are stored, making a C File into a CPP File or removing the read only attributes of a file.

Hacking:

Hacking is usually understood to be the unauthorized access of a computer system and networks. Originally, the term "hacker" describes any amateur computer programmer who discovered ways to make software run more efficiently. Hackers usually "hack" on a problem until they find a solution, and keep trying to make their equipment work in new and more efficient ways. A hacker can be a Code Hacker, Cracker or a Cyber Punk.

Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by means is said to commit hacking.

Publishing of information, which is obscene in electronic form:

A person who publishes or transmits or causes to be published in the electronic form, any material which is lascivious, or if its effect is such as to tend to deprave and corrupt persons who are likely to read, see or hear the matter contained or embodied in it, is liable to punishment. The important ingredients of such an offence are publishing (make generally known or issue copies for sale to public), or transmitting (transfer or be a medium for), or causing to be published (to produced the effect of publishing), pornographic material in the electronic form.

Child Pornography:

Child Pornography is a part of cyber pornography but it is such a grave offence that it is individually also recognized as a cyber crime. The Internet is being highly used by its abusers to reach and abuse children sexually, worldwide. The Internet is very fast becoming a household commodity in India. Its explosion has made the children a viable victim to the cyber crime. As more homes have access to Internet, more children would be using the Internet and more are the chances of falling victim to the aggression of pedophiles. The pedophiles use their false identity to trap children and even contact them in various chat rooms where they befriend them and gain personal information from the innocent preys. They even start contacting children on their e-mail addresses. These pedophiles drag children to the net for the purpose of sexual assault or so as to use them as a sex object.

Accessing protected system:

Any unauthorized person who secures access or attempts to secure access to a protected system is liable to be punished with imprisonment and may also be liable to fine.

Breach of confidentiality and privacy :

Any person who, secures access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned or discloses such electronic record, book, register, correspondence, information, document or other material to any other person shall be liable to be punished under the Information Technology Act.

The following is a table showing the various offences under the Information Technology Act, 2000 together with their respective punishments:

S.No

Offence

Punishment

1.

Tampering with computer source document

Imprisonment up to 3 years, Fine up to 2 lakh rupees.

2.

Hacking with computer system

- DO -

3.

Failure to comply with direction of the controller

- DO -

4.

Breach of confidentiality or privacy

Imprisonment up to 2 years, Fine up to one lakh rupees.

5.

Publishing false digital certificate

- DO -

6.

Publishing digital certificate for fraudulent purposes

- DO -

7.

Misrepresentation or suppression of material facts

- DO -

8.

Failure to assist to decrypt information

Imprisonment up to 7 years

9.

Securing access to protected system

Imprisonment up to 10 years and fine

10.

Publishing Information which is obscene

1st conviction – imprisonment up to 5 years and fine up to one lakh rupees.
2nd conviction – imprisonment up to 10 years and fine up to two lakh rupees.

Cyber crimes other than those mentioned under the IT Act

CyberStalking

Although there is no universally accepted definition of cyberStalking, it is generally defined as the repeated acts of harassment or threatening behavior of the cyber criminal towards the victim by using Internet services. Stalking in General terms can be referred to as the repeated acts of harassment targeting the victim such as following the victim, making harassing phone calls, killing the victims pet, vandalizing victims property, leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harms to the victim. It all depends on the course of conduct of the stalker.

Cybersquatting

Cybersquatting is the obtaining of a domain name in order to seek payment from the owner of the trademark, (including business name, trade name, or brand name), and may include typosquatting (where one letter is different).

A trademark owner can prevail in a cybersquatting action by showing that the defendant, in bad faith and with intent to profit, registered a domain name consisting of the plaintiff's distinctive trademark. Factors to determine whether bad faith exists are the extent to which the domain name contains the registrant's legal name, prior use of the domain name in connection with the sale of goods and services, intent to divert customers from one site to another and use of false registration information and the registrant's offer to sell the domain name back to the trademark owner for more than out-of -pocket expenses.

Data Diddling

This kind of an attack involves altering the raw data just before a computer processes it and then changing it back after the processing is completed.

The NDMC Electricity Billing Fraud Case that took place in 1996 is a typical example. The computer network was used for receipt and accounting of electricity bills by the NDMC, Delhi. Collection of money, computerized accounting, record maintenance and remittance in the bank were exclusively left to a private contractor who was a computer professional. He misappropriated huge amount of funds by manipulating data files to show less receipts and bank remittances.

Cyber Defamation

Any derogatory statement, which is designed to injure a person's business or reputation, constitutes cyber defamation. Defamation can be accomplished as libel or slander. Cyber defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person’s friends.

Trojan Attack

A Trojan, the program is aptly called an unauthorized program which functions from inside what seems to be an authorized program, thereby concealing what it is actually doing.

Forgery

Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using sophisticated computers, printers and scanners. It is very difficult to control such attacks. For e.g. across the country students buy forged mark sheets for heavy sums to deposit in college.

Financial crimes

This would include cheating, credit card frauds, money laundering etc. such crimes are punishable under both IPC and IT Act. A leading Bank in India was cheated to the extent of 1.39 crores due to misappropriation of funds by manipulation of computer records regarding debit and credit accounts.

Internet time theft

This con notes the usage by an unauthorized person of the Internet hours paid for by another person. This kind of cyber crime was unheard until the victim reported it. This offence is usually covered under IPC and the Indian Telegraph Act.

Virus/worm attack

Virus is a program that attaches itselves to a computer or a file and then circulates to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory.

E-mail spoofing

It is a kind of e-mail that appears to originate from one source although it has actually been sent from another source. Such kind of crime can be done for reasons like defaming a person or for monetary gain etc. E.g. if A sends email to B’s friend containing ill about him by spoofing B’s email address, this could result in ending of relations between B and his friends.

Email bombing

Email bombing means sending large amount of mails to the victims as a result of which their account or mail server crashes. The victims of email bombing can vary from individuals to companies and even the email service provider.

Salami attack

This is basically related to finance and therefore the main victims of this crime are the financial institutions. This attack has a unique quality that the alteration is so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a programme whereby a meager sum of Rs 3 is deducted from customers account. Such a small amount will not be noticeable at all.

Web Jacking

This term has been taken from the word hijacking. Once a website is web jacked the owner of the site looses all control over it. The person gaining such kind of an access is called a hacker who may even alter or destroy any information on the site.

The Concept of Cyber Terrorism

Cyber crime and cyber terrorism are both crimes of the cyber world. The difference between the two however is with regard to the motive and the intention of the perpetrator.

While a cyber crime can be described simply as an unlawful act wherein the computer is either a tool or a target or both, cyber terrorism deserves a more detailed definition. One can define cyber terrorism as a premeditated use of disruptive activities or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.

Tools of Cyber Terrorism:

Cyber terrorists use various tools and methods to unleash their terrorism. Some of the major tools are as follows:

  1. Hacking
  2. Cryptography
  3. Trojan Attacks
  4. Computer worms
  5. Computer viruses
  6. Denial of service attacks
  7. E-mail related crimes

Motives behind any Attacks are:

  1. Putting the public or any section of the public in fear; or
  2. Affecting adversely the harmony between different religious, racial, language or regional groups or castes or communities; or
  3. Coercing or overawing the government established by law; or
  4. Endangering the sovereignty and integrity of the nation.

Cyber Criminals

Any person who commits an illegal act with a guilty intention or commits a crime is called an offender or a criminal. In this context, any person who commits a Cyber Crime is known as a Cyber Criminal. The Cyber Criminals may be children and adolescents aged b/w 6-18 years, they may be organized hackers, may be professional hackers or crackers, discontented employees, cheaters or even psychic persons.

Target of Cyber Crime

Cyber Crime being a serious threat not only targets the person and property but the organization at large;

Individual

|

…………………………………………………………………………..

|                                                                                   |

               Person                                                                          Property

|                                                                                   |

   Defamation, email                                                    Intellectual Property Crimes

spoofing, unauthorized                                                   Netrespass, transmitting

      access/control.                                                                       Virus etc.

 

 

Organization

|

……..………………………………………………………………………………………

|                                                |                                                 |

           Government                                Firm/Company                                    Society

|                                                |                                                 |

Cyber Terrorism                     Distribution of pirated                     Pornography, Financial

Etc                                     software etc                                    Crimes etc

Adjudicating Authorities:

The Information Technology Act provides for appointment of a Controller of Certifying Authorities as also the Deputy and Assistant Controllers. The main functions of the Controller are to license, certify, monitor and oversee the activities of the certifying authorities. Also, failure to comply with the direction of the Controller would lead to serious consequences.

The Information Technology Act also provides for the establishment of appellate tribunals known as Cyber Regulations Appellate Tribunal (CRAT). It provides that any person who is aggrieved by an order made by the Controller or Adjudicating officer may file an appeal with the CRAT. The CRAT is required to follow the principles of natural justice in deciding matters and has the same powers as are vested in the civil court under the Code of Civil Procedure, 1908. Any person who is aggrieved by the decision or the order of the CRAT may file an appeal to the High Court on any question of fact or law. The CRAT and the Adjudicating officer have the exclusive jurisdiction to entertain any suit and no injunction can be granted by any court or other authority against the action taken by them under the Act.

Jurisdictional Procedure

Jurisdiction is the power of the court to hear and determine a case, in the absence of which the judgment is impotent and ineffective. The basic problem with the Internet Jurisdiction is the presence of multiple parties in different parts of the world. Therefore in Internet it is difficult to establish with certainty as to the place where the defendant resides or where the cause of action took place. The popular contention is for the establishment of the ‘Law of Cyber Space’ thereby making Earth as the Jurisdictional venue for all Internet Crimes and related matters.

The Information Technology Act, 2000 extends to whole of India and also envisages any offence or contravention there under committed outside India by any person. Thus it confers extra-territorial jurisdiction on Indian courts and empowers them to take cognizance of offences committed outside India even by foreign nationals provided that such offence involves a computer, computer system on computer network located in India.

Further, any person irrespective of his territorial location and nationality using a computer located in India to commit an offence or contravention outside India is also liable under the Information Technology Act.

Cyber Crime Investigation Cell

The Central Bureau of Investigation (C.B.I) in India set up a ‘Cyber Crime Investigation Cell’ and "Cyber Crime Research &Development Unit" (CCRDU) to collect and collate information on cyber crimes reported from different parts of the country.

The function of this is to liaise with State Police and other enforcement agencies and to collect information on cases of Cyber Crime reported to them for investigation and also find out about the follow-up action taken in each case. The Unit liaises with software experts to identify areas that require attention of State Police for prevention & detection of such crimes with a view to train them for the task. It collects information on the latest cases reported in other countries and the innovations employed by Police Forces in those countries to handle such cases.

Measures to Prevent Cyber Crime

The Information Technology Act 2000 was passed when the country was facing the problem of growing cyber crimes. Since the Internet is the medium for huge information and a large base of communications around the world, it is necessary to take certain precautions while operating it.

Any person who operates the net should always abide by and following principles:

  • He should not disclose any personal information to any one and especially to strangers.
  • Updated and latest anti-virus software should be used to protect the computer system against virus attacks.
  • While chatting on the net one should avoid sending photographs to strangers along with personal data as it can be misused.
  • Backup volumes of the data should always be kept to prevent loss from virus contamination.
  • Children should be prevented from accessing obscene sites by the parents to protect them from spoiling their mind and career.
  • A credit card number shall never be sent to an unsecured site to prevent fraud or cheating.
  • Effort shall be made to make a security code and program to guard the computer system from misuse.
  • Routers and firewalls can be used to protect the computer network.
  • A check should be kept on the functioning of cyber cafes and any mishappening shall be reported to the concerned authorities.
  • Efforts should be made to discourage misuse of computers and access to unauthorized data.

Conclusions:

Change is the essence of life. What seems impeccable and indestructible today might not remain the same tomorrow. Internet, being a global phenomenon is bound to attract many crimes. India has taken a key step in curbing Cyber Crimes by the enactment of the Information Technology Act and by giving exclusive powers to the police and other authorities to tackle such crimes.

Similar efforts have been made by various countries to fight this menace by enacting national legislations but in the long run, they may not prove to be as beneficial as desired. An effort is still wanted to formulate an international law on the use of Internet to curb this imminent danger of Cyber Crimes and to achieve a crime free Cyber Space. Prevention they say is the best cure. Cyber laws aim to prevent cyber crimes through the use of penal provisions. A great deal however needs to be done before Cyber laws can stand a fair chance to influence the modern world in the much anticipated manner.

Disclaimer

Actual resolution of legal issues depends upon many factors, including variations of fact and laws of the land. Though the firm has taken utmost care in the preparation of this article, the information contained herein is not intended to constitute any legal advice and the firm cannot accept any responsibility towards those who rely solely on the contents of this article without taking further specialist advice. The reader should always consult with legal counsel before taking action on matters covered by this article.