CYBER CRIME IN INDIA WITH SPECIAL REFERENCE TO CYBER TERRORISM

 

This article comprises of detailed study of Cyber-crimes along with concept of Cyber terrorism. You will get the depth information about the cyber-crimes in this article, that all you need to know.

 

1. INTRODUCTION

 

Cyber-crimes are those that are committed through the use of a computer, including phishing, counterfeiting, cyberbullying, pornography, spamming, sending a barrage of emails, selling illegal goods, etc. Although cyber-crime has its general meaning as any illegal act by using computer or technology or by using internet. Cyber Security is defined as a crime in which a computer is subject to crime or used as a tool to commit a crime. Cybersecurity laws protect access to information, privacy, communications, intellectual property, and the freedom of expression in relation to the use of the Internet, websites, email, computers, mobile phones, software, and hardware, such as data storage devices. They also assist in preventing or reducing large-scale damage from cyber-crime activities. Global legal issues now account for a higher percentage of Internet traffic. The application is difficult because cyber laws vary by jurisdiction and country, and the restitution ranges from fines to imprisonment.

 

Cyber terrorism is the use of the internet to carry out violent acts that cause substantial bodily harm or death, or threaten to do so, in order to advance political or ideological goals through intimidation. Acts of deliberate, large-scale disruption of computer network, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts can all be forms of internet terrorism. 

 

Cyber-crime is one of the most crucial problems for countries around the world these days. Includes unauthorized access to information and violate security such as privacy, passwords, etc. Cyber theft is part of the cybercrime, which means robbery performed via computer or the Internet. With the increase in the number of cyber security fraud and crimes, the government is developing refined rules to protect people's interests and protect them from any negative events on the Internet.

 

2. EVOLUTION OF INFORMATION AND COMMUNICATION TECHNOLOGY:

 

Man is inquisitorial by his nature and human civilization on this earth has been striving to innovate and invent all possible technologies for the conveniences of his life. Evolution of information technology also has the same teleological explanation. The information society of modern era is the culmination of the electronic development and the invention of communication systems way back towards the end of the 19th century. The contemporary incarnation of various sorts of information and communication technologies have been evolved through different phases.

 

William Sturgeon invented the electromagnet in 1825 which led to an evolution in electronic communication. Later on, three telegraph systems based on electromagnet were developed by Joseph Henry in the year 1830, by William Cooke and Charles Wheatstone in the year 1837 and by Samuel F. B. Morse who improved Henry’s invention. Since the year 1876 when telephone was patented by Graham Bell the sapling has been sown for the fast-moving telephonic global communication system of today about more than a century thereafter. Graham Bell’s attempt to improve the telegraph resulted in telephone. Until 1877, telegraph remained the only means of long-distance communication, but the position was changed, and the telephone emerged as the rival technology in the field of communication. Wireless technology is the basis cause for the development of ICTs. The technology that has been developed to enable wireless connections has been evolved around different standards and radio band services, the forebear of which were those electromagnetic waves discovered and patented for the first time by the Italian inventor, Guglielmo Marconi at the British Post Office in the year 1895 and used it to send coded messages across the Atlantic in the year 1905.

 

Invention of transistors in 1947 led to the production of faster and more reliable electronic computers. In 1958, Control Data Corporation introduced the first fully transistorized computer designed by Seymour Cray. Miniaturization continued through the 1960s and in 1965, the first successful commercial minicomputer was launched called PDP-8. Computers at this stage meant mainframe computers. By late 1960s, big businesses started relying on computers and the first PC was introduced in 1975.

 

This article revealed that between I991 and I997, the Internet users changed qualitatively and quantitatively as text users were joined by the new curious users. While the internet has become basis with human life, it has thus given birth to a number of informational harms, and established legal norms are the worst casualty. The criminal behavior of the netizens is piercing the legal fabric and the harms have over clouded the boons of the Internet. Flagrant violation of netiquette, ignorance of group policies, aggressive advertising, etc. are sometimes met with tolerance, sometimes with vitriol. Today, the Internet is omnipresent and is gaining popularity equally among academicians, military personnel, businesses, State departments and billions of common users. Computers, the lifeline of the Internet, have now become a domestic appliance.

 

3. DEFINITION OF CYBERCRIME:

 

Cybercrime can be defined as any criminal activity carried out by means of computer as a tool run through internet. The definition of cybercrime and the differentiation of various types of cybercrime are extremely important for all to evaluate its impact.

 

4. ESSENTIAL ELEMENTS OF CRIME:

 

The essential elements of cyber-crime are as follows;

 

Actus reus: Merely guilty intention is not enough to fix criminal liability but some act or omission on the part of the doer is necessary to complete the offence. The actus reus requires proof of an act or omission. The actus reus is described as “such result of human conduct as the law seeks to prevent. However, such acts do not incur criminal liability if they are done in a state of automatism ‘like when in sleep, the accused kills someone, sets fire to a house, and causes harm to someone in a state of mental debility, state of intoxication, under anesthetics or alcohol and hypnotic influences. To absolve him from criminal liability, the accused must prove that the automatism was not self-induced. This mainly applies to crimes of basic intent. It was held in Director of Public Prosecutions v. Majewski, that automatism, which is self-induced by other means, may be a defense even to crime of basic intent.

 

Mens rea: ―The jurisprudence of today knows that no crime can be committed unless there is a mens rea, i.e., a guilty state of mind. The mental element forms the other important ingredient of crime. The act remains the same while the state of mind makes the act reus and hence an offence. Almost all crimes require proof of a mental element of some sort. Every offence requires a particular state of mind expressed in the particular provision of the law by the words: with intent, recklessly, unlawfully, maliciously, unlawfully and maliciously, wilfully, knowingly, knowing or believing, fraudulently, dishonestly, corruptly, allowing and permitting, expressing various states of mind which are different from each other.

 

5. DOCTRINE OF ACTUS REUS AND MENS REA IN CYBER CRIME:

 

a) Actus reus in cybercrimes:

 

Actus reus in cybercrimes has become a challenge as the entire act is committed in intangible surroundings. The perpetrator may leave some footmarks in the machine itself though it becomes a herculean task for the law-enforcers to prove it in the law courts as, it is required to be in physical form or at least in such a form where it becomes admissible in evidence. Every time a computer is moved by a human hand, any of the following actions may follow which are commonly regarded as actus reus:

 

· Trying to do some act using the computer.

 

· Either attempting to access data stored on a computer or from outside through the said computer.

 

· Every time the computer is used by its user while gaining access, signals pass through various computers which are made to perform some function when the command given by the user pass through it. Each such function falls under the term actus reus.

 

b) Doctrine of mens rea in cybercrimes:

 

Mens rea is recognized as an essential element of crime. With the advent of e-crimes, the legal world faces the difficulty, besides many others to pinpoint mens rea in cybercrimes. In cybercrimes, one should see what the state of mind of a hacker was and that the hacker knew that the access was unauthorized. Thus, a particular computer need not be intended by a hacker, it is enough if the unauthorized access was to any computer. Thus, following two ingredients form the mens rea applied to a hacker:

 

 · The access intended to be secured must have been unauthorized

 

 · There should be awareness on the part of the hacker regarding the access.

 

6. CLASSIFICATION OF CYBERCRIME:

 

Cybercrimes can generally be divided into the following categories:

 

• A.  Cybercrimes affecting individuals.
• B.  Cybercrimes affecting economy.
• C.  Cybercrimes affecting national security.

 

A. Cybercrimes affecting Individuals:

 

Stalking: Stalking is not a new type of crime; it has existed from time immemorial. In the 1980s, stalking was first recognized as a criminal offense. Traditional stalking techniques include keeping an eye on the victim, following them, sending letters and unexpected gifts, and getting in touch with the victim's friends, family, and colleagues. In the modern era of information technology, cyber stalking simply refers to the use of electronic communications to pursue, harass, or contact another person without their consent.

 

Human Trafficking: This crime involves a variety of illegal activities, such as the trafficking of people for the sex trade, illegal immigration, the trafficking of people to work in sweatshops, as quasi-indentured servants, or as domestics, as well as the borderline illegal practice of buying brides online from various matchmaking websites. This crime, in the era of information technology, taking place by showing different kinds of opportunities through websites and this way grave the victims.

 

Cyber-defamation: It is the wrongful and intentional publication of words or behaviour concerning another person, which has the effect of hamper that person's status, good name, or reputation in society. A defamatory remark against someone in the cyberspace is known as cyber-defamation.

 

Privacy infringement: Privacy infringement in cybercrime means the criminal activity where the offender access someone’s data or information from one electronic devices or computer with the consent of that person. In the contemporary age of information technology, increasing use of computers and computer network for the storage and transmission of personal data, under various circumstances make it possible for collating all information’s about a person, which he himself mayn’t even be aware of.

 

Phishing: Phishing may also be called as identity theft in common language. It undermines the confidence in the integrity of commercial transactions and invades individual privacy as well. The term identity theft refers to a host of frauds, thefts, forgeries, false statements and an impersonation involving the use of another person’s identifying information’s. Phishing or identity theft facilitated by the internet is growing fast along with the growth of e-commerce because internet provides to perpetrators low-cost but efficient methods for capturing the identities of unsuspecting victims.

 

B. Cybercrimes affecting Economy:

 

Hacking: Hacking into web sites, also called owning the site, is currently of epidemic proportions. The term hacking traditionally describes the penetration of computer systems, which isn‘t carried out with the aims of manipulation, sabotage or espionage, but for the pleasure of overcoming the technical security measures. However, with the increasing use of computer networks by civil, academic, commercial and military organisations, the potential of hacking was realized by the criminals and it became the basis for almost all types of cybercrimes. Many of these hackers have quasi-political agendas.

 

Cracking: Cracking is a name given to malicious or criminal hacking. It is act of breaking into your computer systems without your knowledge and consent and has tampered with precious confidential data and information related to trade secrets. The most infamous of these was Kevin Mitnick, who was arrested and held without bail based on a $300 million estimate of the damage he caused. He copied proprietary software from computers owned by cellular telephone manufacturers.

 

Cyber Vandalism: Vandalism means deliberately damaging property of another. Thus, cyber vandalism means destroying or damaging the data or information stored in computer when a network service is stopped or disrupted. It may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral or a device attached to the computer.

 

Intellectual Property Crimes: Intellectual property consists of a bunch of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is a crime. The most common type of intellectual property rights violation in the information technology era are- software piracy, infringement of copyright, trademark, patents, designs and service mark violation, theft of computer source code, etc.

 

Internet Time Thefts: Basically, Internet time theft comes under hacking. It is the use of the internet hours by an unauthorised person on the cost of payment made by any genuine person. The person who gets access to someone else‘s internet service provider (ISP), user identity (ID) and password, either by hacking or by gaining access to it by illegal means, uses it to access the internet without the other person‘s knowledge. One can identify time theft if your internet time has to be recharged often, despite infrequent usage.

 

C. Cybercrimes affecting National Security:

 

Cyber-Terrorism: it is the convergence of terrorism and cyberspace. For denoting any cybercrime as cyber-terrorism, an attack should result in violence against person or property, or at least cause enough harm to generate panic among peoples. Attacks causing death or bodily injury, explosions, plane crashes, water contamination, or severe economic loss would be some examples. In some aspects terrorism is similar to organised crime; in fact, it may be called as organised crime with a political motive. In any event, as far as cybercrime is concerned, terrorism takes on two distinct forms: (1) The facilitation of regular terrorism which is the traditional range of terrorist activities, such as planning attacks, recruiting new members, and disseminating propaganda and (2) Attacks against the internet and other closed networks with a view to undermining the infrastructure of a country, such as disrupting power grids, air traffic control, and many other essential services upon which modern communities rely.

 

Web Site Defacements: Web site defacement is the act of gaining access to the web server (which is often accomplished by identity theft) and corrupting content on the site’s pages. Many times, the defacers are motivated by political or social reasons. Again, there is a thin line between protected expression and crime. There was a marked increase in site defacements after the 9/11 terrorist action.

 

Cyber warfare: Now cyberspace is being used as a battlefield by professional hackers of non-friendly countries against each other. Cyber warfare is internet-based conflict involving politically motivated attacks on information and information systems. Cyber warfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and cripple financial systems among many other possibilities. The cyber warfare has gained so much favour among the military strategists that most of the armies have dedicated cyber warfare teams for the defensive as well as offensive operations. In the consequence of such development’s questions are being raised in public international law as to the responsibilities of the nations and their rights to retaliate etc.

 

7. CONCEPTION AND DEFINITION OF TERRORISM:

 

The term cyber terrorism being a new species of crime of digital world connotes a convergence of terrorism and cyberspace. It is claimed that the increasing much dependence on the Internet affords the terrorist organisations a new platform to pursue their social, economic and political objectives, staging attacks or threat against computer networks and information system. The definitions of what counts terrorism is a slippery understanding between conventional terrorism and cyber terrorism; and it would be difficult to understand the nature of cyber terrorism unless we have an understanding about terrestrial terrorism.

 

In the case of cyber terrorism electronic networks, and computer technology, are used as weapon. Attacks through the Internet need to have a terrorist component in order to be labelled cyber terrorism. Although cyber terrorism is a universal phenomenon, threatening the civilians as well as across the world, even then there has been no exhaustive definition of the term; and in absence of such definition the law enforcement authorities, criminal administration and academicians would be with empty hand to curb the growing menace of cyber terrorism.

 

8. CHARACTERISTICS OF CYBER TERRORISM:

 

In the 1980s, the term cyber terrorism was defined by Barry Collin to represent the convergence of cyberspace and terrorism. Since that time, the term has continued to change in definition, and has had its scope expanded to the point where it has become a wholly subjective term that has lost its true focus i.e., where true terror and cyberspace converge. In addition, disruption, not destruction must be included as a tool to be utilised by cyber terrorists. Every advance in computing power continues to increase the usefulness of computers and their associated networks to law-abiding citizens. Simultaneously, these computers increase the power of the weapons available to cyber terrorist and criminals.

 

The implications of computer technology’s dual nature, as both a tool and weapon, must be understood in the information age. The notion that terrorists are ignorant and unskilled needs to change. With the proliferation of the Internet, global reach by terrorists to potential target intelligence and its dissemination amongst their members and affiliated groups is now possible in near real time. In the age of information technology terrorists are swiftly becoming more progressive and adaptive in their organisational structures and communications; timely information plays a big role in just how effective an organisation operates. Exploiting the global information infrastructure and its underlying technologies, terrorists can operate in a virtual digital world that provides them with numerous advantages for communication and coordination efforts, as well as serve their endeavour of ongoing development and expansion.

 

9. ELEMENTS OF CYBER TERRORISM:

 

Criminal jurisprudence is the corner stone for the criminal administration to investigate and bring the cyber terrorists to the court of law. To understand the criminal jurisprudence of cyber terrorism, it is necessary to have a better understanding about the elements of the crime of cyber terrorism, which are being cited below:

 

a. Actus reus:

 

The actus reus may be described as such result of human conduct which have been prevented by the law. However, such acts do not incur criminal liability if they are done in a state of automatism. To absolve him from criminal liability, the accused must prove that the automatism was not self-induced. This mainly applies to crimes of basic intent. It was held in Director of Public Prosecutions v. Majewski, that automatism which is self-induced by other means, may be a defence even to crime of basic intent. Merely guilty intention is not enough to fix criminal liability but some act or omission on the part of the doer is necessary to complete the offence. The actus reus requires proof of an act or omission.

 

Any of the following actions may follow which are commonly regarded as actus reus.

 

a)   Trying to do some act using the computer.

b) Either attempting to access data stored on a computer or from outside through the said computer.

c)   Every time the computer is used by its user while gaining access, signals pass through various computers which are made to perform some function when the command given by the user pass through it. Each such function falls under the term actus reus.

 

b. Mens rea:

 

The mental element forms the other important ingredient of crime. The act remains the same while the state of mind makes the act reus and hence an offence. The jurisprudence of today knows that no crime can be committed unless there is a mens rea, i.e., a guilty state of mind. Almost all criminal acts require proof of a mental element of some sort so as the cyber terrorism. Every offence requires a particular state of mind expressed in the particular provision of the law by the words: with intent, recklessly, unlawfully, maliciously, unlawfully and maliciously, wilfully, knowingly, knowing or believing, fraudulently, dishonestly, corruptly, allowing and permitting, expressing various states of mind which are different from each other. The doctrine of mens rea originated in the idea that a man should not be held criminally responsible and liable to punishment unless he is morally blameworthy. Thus, the doctrine of mens rea may be summed up loosely in these words: a man will not as a general rule, be held to be criminally responsible unless:

 

• a)   he was acting voluntarily;
• b)   knew what he was doing; and
• c)  in those crimes where particular consequences form part of the actus reus, foresaw the likelihood of those consequences.

 

c. Strict liability:

 

Strict liability negates mens rea. Even though a person’s conduct is not attributable to any wrongful act or negligence, he is still held criminally liable. This is called strict liability; such a liability is imposed by a statute. Since the CIIs are sensitive enough and any kind of sabotage to them may cause loss of human lives and properties, hence, cyber terrorists should be dealt with high hands and strict liability principle should be applied in such cases. Thus, criminal law has evolved from times immemorial up to cyber age and is still being developing constantly.

 

9. CYBER TERRORISM AND LEGAL FRAMEWORK:

 

Cyber terrorism can be international, domestic, state or political, but the core act involving a combination of the terrorist act and computer always remains the same. However, lack of universally unanimous definition makes the situation strenuous. India has always been tough towards the terrorism; hence in the case of cyber terrorism also our nation has equipped its Information Technology Act, 2000 with stringent law as provided under Section 66F. However, when the original IT Act was drafted by T. Viswanathan, the idea of cyber terrorism wasn’t in the parental legislation. However, in the year 2008 after considering the incidents of international and national events of cyber terrorism, it has been realized that there must be a stringent provision as well as punishment of cyber terrorism. Thus, Section 66F has been inserted in the Act by virtue of Information Technology (Amendment) Act, 2008.

 

“66F. Punishment for cyber terrorism—

 

(1) Whoever,-

 

(A) with intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by –

 

(i) denying or cause the denial of access to any person authorised to access computer resource; or (ii) attempting to penetrate or access a computer resource without authorisation or exceeding authorised access; or

 

(iii) introducing or causing to introduce any Computer contaminant; and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or adversely affect the critical information infrastructure specified under section 70, or

 

(B) knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorised access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism.

 

 (2) Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.”

 

The role of law a regulator of human conduct has made an entry into cyberspace and is trying to cope with manifolds challenges. It is salutary step by the Indian government that to introduce Section 66F to combat the menace of cyber terrorism. Section 66-F has introduced a new species of cybercrime in the statute, saying that anyone who intentionally in order to threaten the unity of the country strikes terror using the electronic means, commits cyber terrorism. The section says that by using the electronic medium, the terrorist alters the commands in the computer, computer resource and thereby, disturbs the entire electronic setup in the country as a result of which havoc is caused on a large scale. By incorporating sections 66F, 70, 70A and 70B, the lawmakers have filled-in the most crucial missing links in the legal apparatus. The definition of cyber terrorism and its punishment is a statutory step to control the menace of unprecedented growth of cyber terrorism in India.

 

Although it has been abruptly incorporated taking the spirit of foreign nation, in Indian settings it requires more attention on the following heads. There are certain vague terms used in Section 66F as defamation, contempt of court etc. which needs to be either clarified or omitted from the provision, because there should be no ambiguity in any legislation. Cyber terrorism is a reality, and so is cyber security. Therefore, provisions for cyber security must be incorporated in IT Act so that the law relating to critical information infrastructure, cyber terrorism and cybercrimes could be supplemented. Besides these the recommendations made by the Malimath Committee Report must be appreciated so as to prevent the cyber offences.

 

11. CONCLUSION:

 

The conclusion and suggestions of a research work arrived at after completion of all chapters covering different heads of the thesis is not a monolithic one. They are, more often than not, layered one, i.e., resulting of the sedimentation of all chapters. It is here remarkable to state that in a research work it is not possible to proceed with unencumbered arguments in most of the circumstances. Thus, these conclusions and submissions must also be read in conjunction with conclusions at the end of each chapter.

 

Cyber terrorism is a new manifestation of cybercrime of the digital world and more vicious one. The democratic States which have been evolved for the welfare and security of their citizens, they are now being targeted in the virtual world by cyber terrorists. Modus operandi of committing cyber terrorism mainly involves illegal interference in computer, computer system and computer network operation. The stimulus behind such interference is to cause or attempt or facilitates the savagery on the grounds of political, ethnic, social or religious. Cyber terrorists might not be menacing to kill people directly, as traditional terrorist attack normally does, but one cyber-attack could make life very difficult, may be even destroying or severely damaging the complete economic and social system of one country. Cyber terrorists are those people who use cyber terror to achieve political or social change. They can take advantage of a technique already perfected by hackers called a distributed denial of service attack. By eliminating certain data networks, cyber-terrorists could cripple everything from telecommunications and power grids to hospitals and banking.

 

 A very perilous attack that cyber-terrorists could launch would be one against the Internet. Cyber terrorism is a serious issue that pertains to us all, which must be carefully studied in order to understand how its networks can be effectively countered by networks of computer security experts and law enforcement officials. The ability to identify cyber attackers is now enabled from highly sophisticated specialists.2 In response to cyber terrorism, and faced with the apprehension that networks of terror may become endless because of the universality and flexibility of the Internet, government agencies, industries, and other organisations have applied a variety of security measures. Cyber terrorism doesn’t know any political boundary, neither for its commission nor for its impact. In such crimes, the terrorist in one country often targets victims in a different country due to which task of law enforcement agencies becomes more complicated as these institutions are territorially based. As we know that our world has been composed of a series of sovereign countries and each country has its own territorial jurisdiction for the investigation. When an investigating officer succeeds in establishing the geographic identity of the perpetuator of cyber terrorism, he is not without hurdles in pursuing his investigation. This is because the identified geographic location may fall beyond the jurisdictional powers of the law enforcement agencies that he belongs to.

Cyber terrorism is a transnational crime and what we need to control is an international legislation which needs unanimity. The menace of cyber terrorism is a „technological scorn‟ which is not confined to one or two countries but the whole world is at stack and India is no exception to this new age menace. In addition to it stringent and effective national laws are also required. Although India is not being armed with specific statute to fight with the menace of cyber terrorism, except the Information Technology Act, 2000 and National Cyber Security Policy, 2013, even then the IT Act, 2000 by the virtue of Amendment of 2008, deals with cybercrimes and in particular Section 66F provides definition and punishment for cyber terrorism. Section 66F has introduced a new species of cybercrime in the statute, saying that anyone who intentionally in order to threaten the unity of the country strikes terror using the electronic means, commits cyber terrorism. The cyber terrorist while altering the commands in the computer, computer resource and computer network, disturbs the critical information infrastructure in the country as a result of which threatening the unity, integrity, security or sovereignty of India, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals; or to strike terror in the people or any section of the People of India. By incorporating Sections 66F, 70, 70A and 70B the lawmakers have filled-in the most crucial missing links in the legal apparatus.

 

The final conclusion reached by the researcher is that the hypotheses on the study are found to a substantial level and the laws in the Information Technology Act 2000 and its (Amendment) Act, 2008 must be made more progressive in accordance with the recommendations cited here to deal with the issues raised by the advancement of computer technology.