Crime is both a social and economic phenomenon. It is as old as human society. This article talks about cyber laws and cyber crimes and also other offences related to cyber crimes have thus discussed here.
The Information Technology Act, 2000 is an Act of the Indian Parliament notified on 17th October 2000. It is the primary law in India dealing with cybercrime and electronic commerce. It is based on the United Nations Model Law on Electronic Commerce 1996 (UNCITRAL Model) recommended by the General Assembly of United Nations by a resolution dated 30 January 1997.
Cyber Crime thus not defined in Information Technology Act 2000 nor in the I.T. Amendment Act 2008 nor in any other legislation in India. In fact, it cannot be too. Offence or crime has been dealt with elaborately listing various acts and the punishments for each, under the Indian Penal Code, 1860 and quite a few other legislations too. Hence, it is just a combination of crime and computer. To put it in simple terms ‘any offence or crime in which a computer is used is a cyber crimes’.
Cyber Crimes always affects the companies of any size because almost all the companies gain an online presence and take advantage of the rapid gains in the technology but greater attention to be given to its security risks. In the modern cyber world cyber crimes is the major issue which is affecting individual as well as society at large too.
What is Cyber crime?
Cyber terrorists usually use the computer as a tool, target, or both for their unlawful act either to gain information which can result in heavy loss/damage to the owner of that intangible sensitive information. Internet is one of the means by which the offenders can gain such price sensitive information of companies, firms, individuals, banks, intellectual property crimes (such as stealing new product plans, its description, market programme plans, list of customers etc.), selling illegal articles, pornography etc. this is done through many methods such as phishing, spoofing, pharming, internet phishing, wire transfer etc. and use it to their own advantage without the consent of the individual.
Many banks, financial institutions, investment houses, brokering firms etc. are being victimised and threatened by the cyber terrorists to pay extortion money to keep their sensitive information intact to avoid huge damages. And it’s been reported that many institutions in US, Britain and Europe have secretly paid them to prevent huge meltdown or collapse of confidence among their consumers.
Classifications Of Cyber Crimes
Cyber Crimes which are growing day by day, it is very difficult to find out what is actually a cyber crime and what is the conventional crime so to come out of this confusion, cyber crimes can be classified under different categories which are as follows:
Cyber Crimes against Persons:
The certain offences which affects the personality of individuals can defined as:
Harassment via E-Mails
It is very common type of harassment through sending letters, attachments of files & folders i.e. via e-mails. At present harassment is common as usage of social sites i.e. Facebook, Twitter etc. increasing day by day.
It means expressed or implied a physical threat that creates fear through the use to computer technology such as internet, e-mail, phones, text messages, webcam, websites or videos.
Dissemination of Obscene Material
It includes Indecent exposure/ Pornography (basically child pornography), hosting of web site containing these prohibited materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.
It is an act of imputing any person with intent to lower down the dignity of the person by hacking his mail account and sending some mails with using vulgar language to unknown persons mail account.
It means unauthorized control/access over computer system and act of hacking completely destroys the whole data as well as computer programmes. Hackers usually hacks telecommunication and mobile network.
It is amongst the gravest cyber crimes known till date. It is a dreadful feeling to know that a stranger has broken into your computer systems without your knowledge and consent and has tampered with precious confidential data and information.
A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it’s origin to be different from which actually it originates.
Spoofing is a blocking through spam which means the unwanted uninvited messages. Here a offender steals identity of another in the form of mobile phone number and sending SMS via internet and receiver gets the SMS from the mobile phone number of the victim. It is very serious cyber crime against any individual.
It means false ATM cards i.e. Debit and Credit cards used by criminals for their monetary benefits through withdrawing money from the victim’s bank account mala-fidely. There’s always unauthorized use of ATM cards in this type of cyber crimes.
Cheating & Fraud
It means the person who is doing the act of cyber crime i.e. stealing password and data storage has done it with having guilty mind which leads to fraud and cheating.
It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children.
Assault by Threat
It refers to threatening a person with fear for their lives or lives of their families through the use of a computer network i.e. E-mail, videos or phones.
Crimes Against Persons Property
As there is rapid growth in the international trade where businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of traditional paper documents. There are certain offences which affects persons property which are as follows:
Intellectual Property Crimes
Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, infringement of copyright, trademark, patents, designs and service mark violation, theft of computer source code, etc.
It means where two persons claim for the same Domain Name either by claiming that they had registered the name first on by right of using it before the other or using something similar to that previously. For example two similar names i.e. www.yahoo.com and www.yaahoo.com.
Vandalism means deliberately destroying or damaging property of another. Thus cyber vandalism means destroying or damaging the data when a network service stopped or disrupted. It may include within its purview any kind of physical harm done to the computer of any person. These acts may take form of theft of computer, some part of a computer or a peripheral attached to computer.
Hacking Computer System
Hacktivism attacks those included Famous Twitter, blogging platform by unauthorized access/control over the computer. Due to the hacking activity there will be loss of data as well as computer. Also research especially indicates that those attacks were not mainly intended for financial gain too and to diminish the reputation of particular person or company.
Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worm attacks plays major role in affecting the computerize system of the individuals.
It means to access someone’s computer without the right authorization of the owner and does not disturb, alter, misuse, or damage data or system by using wireless internet connection.
Internet Time Thefts
Basically, Internet time theft comes under hacking. Thus used by an unauthorised person, of the Internet hours paid for by another person. The person who gets access to someone else’s ISP user ID and password, either by hacking or by gaining access to it by illegal means, uses it to access the Internet without the other person’s knowledge. You can identify time theft if your Internet time has to recharged often, despite infrequent usage.
Cyber crimes Against Government
The certain offences done by group of persons intending to threaten the international governments by using internet facilities. It includes:
Cyber terrorism is a major burning issue in the domestic as well as global concern. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate e-mails, attacks on sensitive computer networks etc. Cyber terrorism activities endanger the sovereignty and integrity of the nation.
It refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.
Distribution of pirated software
It means distributing pirated software from one computer to another intending to destroy the data and official records of government.
Possession of Unauthorized Information
It is very easy to access any information by the terrorists with the aid of internet and to possess that information for political, religious, social, ideological objectives.
Cyber crimes Against Society at large
An unlawful act done with the intention of causing harm to the cyberspace will affect large number of persons. These offences includes:
It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children. It also includes activities concerning indecent exposure and obscenity.
It may be trafficking in drugs, human beings, arms weapons etc. which affects large number of persons. Trafficking in the cyberspace is also a gravest crime.
Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. There are many cases that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc.
This type of offence is common as there is rapid growth in the users of networking sites and phone networking where culprit will try to attack by sending bogus mails or messages through internet. Ex: Using credit cards by obtaining password illegally.
It means to deceive large number of persons by sending threatening mails as online business transactions are becoming the habitual need of today’s life style.
Hacker is computer expert who uses his knowledge to gain unauthorized access to the computer network. He’s not any person who intends to break through the system but also includes one who has no intent to damage the system but intends to learn more by using one’s computer. Information Technology Act 2000 doesn’t make hacking per se an offence but looks into factor of mens rea. Crackers on other hand use the information cause disruption to the network for personal and political motives.
Banks and other financial institutions thus threatened by the terrorist groups to use their sensitive information resulting in heavy loss and in turn ask for ransom amount from them. There are various methods used by hackers to gain unauthorised access to the computers apart from use of viruses like Trojans and worms etc.
Hacking by an insider or an employee is quite prominent in present date. Section 66 (b) of the Information Technology Act 2000, provides punishment of imprisonment for the term of 3years and fine which may extent to two lakhs rupees, or with both.
Therefore if anyone secures access to any computer without the permission of the owner shall be liable to pay damages of one crore rupees under Information Technology Act, 2000. Computer system here means a device including input and output support devices and systems which are capable of performing logical, arithmetical, data storage and retrieval, communication control and other functions but excludes calculators. Unauthorised access under Section 43 of the Information Technology Act 2000 is punishable regardless of the intention or purpose for which unauthorised access to the computer system was made. Owner needn’t prove the facto of loss, but the fact of it thus used without his authorisation.
Methods used by hackers
Viruses used by Hackers to infect the user’s computer and damage data saved on the computer by use of “payload” in viruses which carries damaging code. Person would however liable under I.T Act when consent of owner thus not taken before inserting virus in his system. The contradiction here is that though certain viruses causes temporary interruption by showing messages on the screen of the user but still it’s not punishable under Information Technology Act 2000 as it doesn’t cause tangible damage. But, it must however made punishable as it would fall under the ambit of ‘unauthorised access’ though doesn’t cause any damage. Harmless viruses would also fall under the expression used in the provision “to unsurp the normal operation of the computer, system or network”. This ambiguity needs reconsideration.
By using e-mail messages which completely resembles the original mail messages of customers, hackers can ask for verification of certain information, like account numbers or passwords etc. here customer might not have knowledge that the e-mail messages are deceiving and would fail to identify the originality of the messages, this results in huge financial loss when the hackers use that information for fraudulent acts like withdrawing money from customers account without him having knowledge of it.
This thus carried on by use of deceiving Websites or e-mails. These sources mimic original websites so well by use of logos, names, graphics and even the code of real bank’s site.
Is done by use of in-voice messages by the hackers where the customers are asked to reveal their account identification, and passwords to file a complaint for any problems regarding their accounts with banks etc.
Hacker here aims at redirecting the website used by the customer to another bogus website by hijacking the victim’s DNS server (they are computers responsible for resolving internet names into real addresses – “signposts of internet), and changing his I.P address to fake website by manipulating DNS server. This redirects user’s original website to a false misleading website to gain unauthorised information.
Publishing Pornographic Material In Electronic Form
Section 67 of the Information Technology Act, 2000 in parallel to Section 292 of Indian Penal Code, 1860 makes publication and transmission of any material in electronic that’s lascivious or appeals to the prurient interest a crime, and punishable with imprisonment which may extend to 5 years and fine of 1 lakh rupees and subsequent offence with an imprisonment extending to 10 years and fine of 2 lakhs.
We usually get newsletter providing us free information recommending that investment in which field would be profitable. These may sometimes be a fraud and may cause us huge loss if relied upon. False information can however spread by this method about any company and can cause huge inconvenience or loss through junk mails online.
Credit Card Fraud
Huge loss may cause to the victim due to this kind of fraud. This however done by publishing false digital signatures. Most people lose credit cards on the way of delivery to the recipient or its damaged or defective, misrepresented etc.
Investigations And Search Procedures
Section 75 of Information Technology Act, 2000 takes care of jurisdictional aspect of cyber crimes, and one would punished irrespective of his nationality and place of commission of offence. Power of investigation thus given to police officer not below the rank of Deputy Superintendent of police or any officer of the Central Government or a State Government authorised by Central Government. He may enter any public place, conduct a search and arrest without warrant person who however reasonably expected to have committed an offence or about to commit computer related crime. Accused has to produced before magistrate within 24 hours of arrest. Provisions of Criminal Procedure Code, 1973 regulate the procedure of entry, search and arrest of the accused.
Problems Underlying Tracking Of Offence
Most of the times the offenders commit crime and their identity however hard to identified. Tracking cyber criminals requires a proper law enforcing agency through cyber border co-operation of governments, businesses and institutions of other countries. Most of the countries lack skilled law enforcement personnel to deal with computer and even broader Information technology related crimes. Usually law enforcement agencies also don’t take crimes serious, they have no importance of enforcement of cyber crimes, and even if they undertake to investigate they thus posed with limitation of extra-territorial nature of crimes.
Measures To Curb The Crime
Though by passage of time and improvement in technology to provide easier and user friendly methods to the consumer for make up their daily activities, it has lead to harsh world of security threats at the same time by agencies like hackers, crackers etc. various Information technology methods have introduced to curb such destructive activities to achieve the main objects of the technology to provide some sense of security to the users.
Few basic prominent measures used to curb cyber crimes are as follows:
This however considered as an important tool for protecting data in transit. Plain text (readable) can thus converted to cipher text (coded language) by this method and the recipient of the data can decrypt it by converting it into plain text again by using private key. Except for recipient whose possessor of private key to decrypt the data, no one can gain access to sensitive information.
Not only the information in transit but also the information stored on computer can protected by using Conventional cryptography method. Usual problem lies during the distribution of keys as anyone if overhears it or intercept it can make the whole object of encryption to standstill. Public key encryptograpy was one solution to this where the public key could known to the whole world but the private key was only known to receiver, its very difficult to derive private key from public key.
These passwords are schemes used to change the password at user’s and host token. The password on synchronised card changes every 30-60 seconds which only makes it valid for one time log-on session. Other useful methods introduced are signature, voice, fingerprint identification or retinal and biometric recognition etc. to impute passwords and pass phrases.
It creates wall between the system and possible intruders to protect the classified documents from leaked or accessed. It would only let the data to flow in computer which thus recognised and verified by one’s system. Thus it only permits access to the system to ones already registered with the computer.
Digital Signature created by using means of cryptography by applying algorithms. This has its prominent use in the business of banking where customer’s signature thus identified by using this method.
Other Preventive Measures For Cyber Crimes
Prevention is always better than cure. A netizen should take certain precautions while operating the internet and should follow certain preventive measures which can defined as:
Identification of exposures through education will assist responsible companies and firms to meet these challenges.
One should avoid disclosing any personal information to strangers via e-mail or while chatting.
One must avoid sending any photograph to strangers by online as misusing of photograph incidents increasing day by day.
An update Anti-virus software to guard against virus attacks should be used by all the netizens and should also keep back up volumes so that one may not suffer data loss in case of virus contamination.
A person should never send his credit card number to any site that however not secured, to guard against frauds.
Parents should keep a watch on sites that their children are accessing, to prevent any kind of harassment or deprivation in children.
Web site owners should watch traffic and check any irregularity on the site. It is the responsibility of the web site owners to adopt some policy for preventing cyber crimes as number of internet users are growing day by day.
Web servers running public sites must physically separately protected from internal corporate network.
It is better to use a security programmes by the body corporate to control information on sites.
Strict statutory laws need to passed by the Legislatures keeping in mind the interest of netizens.
IT department should pass certain guidelines and notifications for the protection of computer system and should also bring out with some more strict laws to breakdown the criminal activities relating to cyberspace.
As Cyber Crime thus the major threat to all the countries worldwide, certain steps should however taken at the international level for preventing the cyber crimes.
A complete justice must provided to the victims of cyber crimes by way of compensatory remedy and offenders to punish with highest type of punishment so that it will anticipate the criminals of cyber crime.
Find lawyers in mumbai for issues relating to cyber crime.