Cyber crime and IT Acts A Seminar Report Submitted in partial fulfillment for the Bachelor of Technology Technology in Computer Science
Submitted to
Rajasthan Technical University, Kota Raj!"
Submitted By
#u$esh #ahesh%ari &'(ARCS&)*
Under the supervision of
Seminar Coordinator (r! -ishal Srivastava
Session: 2011-2012
+epartment of Computer Science and (ngineering
Arya Coe!e of "n!ineerin! # Information Technoo!y S$-%2& 'IIC( Industria Area& )u*as& +aipur-,0202
.
C"'TI.ICAT" The Seminar Report entitled /cyber crime and it act/ submitted by #u$esh #ahesh%ari has been e0amined by us and is hereby approved for carrying out the Seminar leading to the a%ard of degree /Bacheor of Technoo!y in Information Technoo!y/ ! By this approval the undersigned does not necessarily endorse or approve any statement made, opinion e0pressed or conclusion dra%n therein, but approve the pursuance of Seminar only for the above mentioned purpose!
Seminar Coordinator (r! -ishal Shrivastava
1
AC)("34"5"T 2 %ould li$e to e0press my deep gratitude to #r! Anurag Agar%al,-ice Chairman, Arya College 3f (ngg! 4 2!T!, 5aipur and #r! +hananjay 6upta, 7rincipal, Arya College 3f (ngg! 4 2!T!, 5aipur for giving me an opportunity for delivering seminar and providing all necessary resources for this purpose! 2 e0press deep than$s to (r! A$hil 7andey 8!3!+, Computer Science ,2!T" for providing me %ith such an interesting topic for seminar to %or$ on and also li$e to than$ (r -ishal Srivastava for helping me throughout the seminar! Their encouragement and cooperation have been a source of great inspiration! 2 %ould also li$e to than$ all the faculties and friends for their constant support and guidance!
#u$esh #ahesh%ari
*
TAB" (. C(T"TS
S6(
C(T"TS
$A4" (6
C8A7T(R 2
9
9!
2:TR3+UCT23:
9
9!9
Types of Cyber Crime
)
9!.
6lobal Trends of attac$s
9&
C8A7T(R 22 ;2T(RATUR( SUR-(<
91
.!
2T Act and cyber la%
91
.!9
Cyber la%
91
.!.
2t Act
9*
C8A7T(R 222
.@
1!9
(=2ST2:6 >3RK 2: T8( ?2(;+ 2nternet 2nfrastructure in 2ndia and cyber crime conseuences
.@
1!.
Cyber security strategy in 2ndia
.
C8A7T(R 2-
1&
*
C3:C;US23: 4 ?UTUR( >3RK
*!9
Conclusion
1&
R(?(R(:C(S
19
C7A$T"'-I )
IT'(3UCTI( >hen 2nternet %as developed, the founding fathers of 2nternet hardly had any inclination that 2nternet could also be misused
for criminal activities! As there is
rapid gro%th in the international trade %here businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of traditional paper documents!2nformation technology has spread throughout the %orld! The computer is used in each and every sector %herein cyberspace provides eual opportunities to all for economic gro%th and human development! As the user of cyberspace gro%s increasingly diverse and the range of online interaction e0pands, there is e0pansion in the cyber crimes there are many disturbing things happening in cyberspace! Because of the anonymous nature of the 2nternet, it is possible to engage into a variety of criminal activities %ith impunity and people %ith intelligence, have been grossly misusing this aspect of the 2nternet to perpetuate criminal activities in cyberspace! The field of Cybercrime is just emerging and ne% forms of criminal activities in cyberspace are coming to the forefront %ith the passing of each ne% day! 2n 2ndian la%, Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of %hich are subject to the 2ndian 7enal Code! The abuse of computers has also given birth to a gamut of ne% age crimes that are addressed by the 2nformation Technology Act, .&&&! Cyber Crimes al%ays affects the companies of any sie because almost all the companies gain an online presence and ta$e advantage of the rapid gains in the technology but greater attention to be given to its security ris$s! So in the modern cyber technology %orld it is very much necessary to regulate cyber crimes and most importantly cyber la% should be made stricter in the case of cyber terrorism and hac$ers!
161T8$"S (. C8B"' C'I5":
@
Cyber Crimes %hich are gro%ing day by day, it is very difficult to find out %hat is actually a cyber crime and %hat is the conventional crime so to come out of this confusion, cyber crimes can be classified under different categories %hich are as follo%s
16 Cybercrimes a!ainst !overnment:
There are certain offences done by group of persons intending to threaten the international governments by using internet facilities! 2t includes •
Cyber Terrorism: Cyber terrorism is a major burning issue in the domestic as %ell
as global concern! The common form of these terrorist attac$s on the 2nternet is by distributed denial of service attac$s, hate %ebsites and hate eDmails, attac$s on sensitive computer net%or$s etc! Cyber terrorism activities endanger the sovereignty and integrity of the nation! •
Cyber arfare: 2t refers to politically motivated hac$ing to conduct sabotage and
espionage! 2t is a form of information %arfare sometimes seen as analogous to conventional %arfare although this analogy is controversial for both its accuracy and its political motivation!
•
3istribution of pirated soft9are: 2t means distributing pirated soft%are from one
computer to another intending to destroy the data and official records of the government! •
$ossession of Unauthoried Information 2t is very easy to access any information
by the terrorists %ith the aid of internet and to possess that information for political, religious, social, ideological objectives •
3ata 3iddin!: This $ind of an attac$ involves altering ra% data just before it is
processed by a computer and then changing it bac$ after the processing is completed! (lectricity boards in 2ndia have been victims to data diddling programs inserted %hen private parties %ere computeriing their systems! 26 Crimes a!ainst persons property:
As there is rapid gro%th in the international trade %here businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of traditional paper documents! There are certain offences %hich affects persons property %hich are as follo%s •
Inteectua $roperty Crimes: 2ntellectual property consists of a bundle of rights!
Any unla%ful act by %hich the o%ner is deprived completely or partially of his rights is an offence! The common form of 27R violation may be said to be soft%are piracy, infringement of copyright, trademar$, patents, designs and service mar$ violation, theft of computer source code, etc! •
Cyber S;uattin!: 2t means %here t%o persons claim for the same +omain :ame
either by claiming that they had registered the name first on by right of using it before the other or using something similar to that previously! ?or e0ample t%o similar names i!e! %%%!yahoo!com and %%%!yaahoo!com! •
Cyber
of another! Thus cyber vandalism means destroying or damaging the data %hen a net%or$ service is stopped or disrupted! 2t may include %ithin its purvie% any $ind of physical harm done to the computer of any person! These acts may ta$e the form of the theft of a computer, some part of a computer or a peripheral attached to the computer! '
•
7ac*in! Computer System: Activism attac$s those included ?amous T%itter,
blogging platform by unauthoried accessEcontrol over the computer! +ue to the hac$ing activity there %ill be loss of data as %ell as computer! Also research especially indicates that those attac$s %ere not mainly intended for financial gain too and to diminish the reputation of particular person or company! •
Transmittin!
file and then circulate themselves to other files and to other computers on a net%or$! They usually affect the data on a computer, either by altering or deleting it! >orm attac$s plays major role in affecting the computerie system of the individuals! •
Cyber Trespass: 2t means to access someoneFs computer %ithout the right
authoriation of the o%ner and does not disturb, alter, misuse, or damage data or system by using %ireless internet connection! •
Internet Time Thefts: Basically, 2nternet time theft comes under hac$ing! 2t is the
use by an unauthorised person, of the 2nternet hours paid for by another person! The person %ho gets access to someone elseFs 2S7 user 2+ and pass%ord, either by hac$ing or by gaining access to it by illegal means, uses it to access the 2nternet %ithout the other personFs $no%ledge!
7arassment via "-5ais 2t is very common type of harassment through sending
letters, attachments of files 4 folders i!e! via eDmails! At present harassment is common as usage of social sites i!e! ?ace boo$, T%itter etc! increasing day by day! •
Cyber-Sta*in!: 2t means e0pressed or implied a physical threat that creates fear
through the use to computer technology such as internet, eDmail, phones, te0t messages, %ebcam, %ebsites or videos! •
3issemination of (bscene 5ateria: 2t includes 2ndecent e0posureE 7ornography
basically child pornography", hosting of %eb site containing these prohibited materials! These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind!
G
•
3efamation: 2t is an act of imputing any person %ith intent to lo%er do%n the dignity
of the person by hac$ing his mail account and sending some mails %ith using vulgar language to un$no%n persons mail account! •
$hishin!: $hishin! is a %ay of attempting to acuire information such as
usernames, pass%ords, and credit card details by masuerading as a trust%orthy entity in an electronic communication! Communications purporting to be from popular social %eb sites, auction sites, online payment processors or 2T administrators are commonly used to lure the unsuspecting public! 7hishing is typically carried out by eD mail spoofing or instant messaging,H9I and it often directs users to enter details at a fa$e %ebsite %hose loo$ and feel are almost identical to the legitimate one! 7hishing is an e0ample of social engineering techniues used to deceive users,H.I and e0ploits the poor usability of current %eb security technologies!H1I Attempts to deal %ith the gro%ing number of reported phishing incidents includelegislation, user training, public a%areness, and technical security measures! •
7ac*in!: 2t means unauthoried controlEaccess over computer system and act of
hac$ing completely destroys the %hole data as %ell as computer programmes! 8ac$ers usually hac$s telecommunication and mobile net%or$! •
"-5ai Spoofin!: A spoofed eDmail may be said to be one, %hich misrepresents its
origin! 2t sho%s its origin to be different from %hich actually it originates! •
S5S Spoofin!: Spoofing is a bloc$ing through spam %hich means the un%anted
uninvited messages! 8ere a offender steals identity of another in the form of mobile phone number and sending S#S via internet and receiver gets the S#S from the mobile phone number of the victim! 2t is very serious cyber crime against any individual! •
Cardin!: 2t means false AT# cards i!e! +ebit and Credit cards used by criminals for
their monetary benefits through %ithdra%ing money from the victimFs ban$ account malaDfidely! There is al%ays unauthoried use of AT# cards in this type of cyber crimes! •
Cheatin! # .raud: 2t means the person %ho is doing the act of cyber crime i!e!
stealing pass%ord and data storage has done it %ith having guilty mind %hich leads to fraud and cheating!
9&
•
Chid $orno!raphy: 2t involves the use of computer net%or$s to create, distribute, or
access materials that se0ually e0ploit underage children!
Child orno ra h
•
Assaut by Threat: refers to threatening a person %ith fear for their lives or lives of
their families through the use of a computer net%or$ i!e! (Dmail, videos or phones! •
"mai Bombin! (mail bombing refers to sending a large number of emails to the
victim resulting in the victimFs email account in case of an individual" or mail servers in case of a company or an email service provider" crashing :o% evolution of these threats can be divided into si0 periods as sho%n into follo%ing figure
1624(BA T'"3S (. ATTAC):
Some conseuences of cyber attac$s throughout %orld are as follo%s •
>orm Attac$ The Robert Tappan #orris %ell Kno%n as ?irst 8ac$er, Son of former :ational Security Agency Scientist Robert #orris, %as the first person to be prosecuted under the JComputer and ?raud Act, 9G'@F! 8e has created %orm %hile at Cornell as student claiming that he intended to use the %orm to chec$ ho% large the internet %as that time! The %orm %as uncontrollable due to %hich around @&&& 99
computer machines %ere destroyed and many computers %ere shut do%n until they had completely malfunctioned! 8e %as ultimately sentenced to three years probation, *&& hours of community service and assessed a fine of 9&)&&! So there must be strict la%s to punish the criminals %ho are involved in cyber crime activities!
•
8ac$er Attac$ ?red Cohen, a 7h!+! student at the University of Southern California %rote a short program in the year 9G'1, as an e0periment, that could /infectL computers, ma$e copies of itself, and spread from one machine to another! 2t %as beginning 4 it %as hidden inside a larger, legitimate program, %hich %as loaded into a computer on a floppy dis$ and many computers %ere sold %hich can be accommodate at present too! 3ther computer scientists had %arned that computer viruses %ere possible, but CohenFs %as the first to be documented! A professor of his suggested the name /virusL! Cohen no% runs a computer security firm!
•
2nternet 8ac$er >ang Mun, %ho %as $no%n by the nic$name of /playgirlL, %as arrested by chinese police in the 8ubei province first ever arrest of an internet hac$er in China! 8e %as a 9G year old computing student, arrested in connection %ith the alleged posting of pornographic material on the homepages of several governmentDrun %eb sites! >ang had openly boasted in internet chat rooms that he had also hac$ed over 1& other %eb sites too!
A report from the >orld (conomic ?orum >(?" sho%s cyber attac$s on governments and businesses are considered to be one of the top five ris$s in the %orld!!
9.
C7A$T"' II IT"'ATU'" SU'<"8 261 C8B"' A:
Cyberspace is being governed by a system of la% and regulation called Cyber la%! There is no one e0haustive definition of the term /Cyber la%L! Simply spea$ing, Cyber la% is a generic term %hich refers to all the legal and regulatory aspects of 2nternet and the >orld >ide >eb! Anything concerned %ith or related to or emanating from any legal aspects or issues concerning any activity of netiens and others, in Cyberspace comes %ithin the ambit of Cyber la%! The gro%th of (lectronic Commerce has propelled the need for vibrant and effective regulatory mechanisms %hich %ould further strengthen the legal infrastructure, so crucial to the success of (lectronic Commerce! All these regulatory mechanisms and legal infrastructures come %ithin the domain of Cyber la%! Thus cyber la% is
a term that
encapsulates the legal issues related to use of the 2nternet! 2t is less a distinct field of la% than intellectual property or contract la%, as it is a domain covering many areas of la% and regulation! Some leading topics include internet access and usage, privacy, freedom of e0pression, and jurisdiction!
262IT ACT: 2nformation Technology Amendment" Act .&&' has been notified and enforced on .th 3ct, .&&G!This Act punishes various cyber crimes including Cyber Terrorism !2mportant Sections Related to Cyber Crimes are
16 Sec =>6 Tamperin! 9ith Computer Source 3ocuments •
>hoever $no%ingly or intentionally conceals, destroys or alters or intentionally or $no%ingly causes another to conceal, destroy or alter any computer source code used
91
for a computer, computer program, computer system or computer net%or$, %hen the computer source code is reuired to be $ept or maintained by la% for the time being in force, shall be punishable %ith imprisonment up to three years, or %ith fine %hich may e0tend up to t%o la$h rupees, or %ith both! (0planation D?or the purposes of this section, NComputer Source CodeN means the listing of programs, Computer Commands, +esign and layout and program analysis of computer resource in any form! 26 Sec ==6 Computer 'eated(ffences •
2f any person, dishonestly, or fraudulently, does any act referred to in section *1, he shall be punishable %ith imprisonment for a term %hich may e0tend to three years or %ith fine %hich may e0tend to five la$h rupees or %ith both!
•
(0planation ?or the purpose of this section,D
•
The %ord NdishonestlyN shall have the meaning assigned to it in section .* of the 2ndian 7enal CodeO
•
The %ord NfraudulentlyN shall have the meaning assigned to it in section .) of the 2ndian 7enal Code!
3ifferent sections defined under this section are: •
@@ A 7unishment for sending offensive messages through communication service, etc
•
@@ B! 7unishment for dishonestly receiving stolen computer resource or communication device
•
@@C 7unishment for identity theft
•
@@+ 7unishment for cheating by personation by using computer resource
•
@@( 7unishment for violation of privacy
•
@@?! 7unishment for cyber terrorism
,6 =?6 $unishment for pubishin! or transmittin! obscene materia in eectronic form
9*
>hoever publishes or transmits or causes to be published in the electronic form, any material %hich is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons %ho are li$ely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction %ith imprisonment of either description for a term %hich may e0tend to three years and %ith fine %hich may e0tend to five la$h rupees and in the event of a second or subseuent conviction %ith imprisonment of either description for a term %hich may e0tend to five years and also %ith fine %hich may e0tend to ten la$h rupees6 3ifferent sections defined under this section are: •
@ A 7unishment for publishing or transmitting of material containing se0ually e0plicit act, etc! in electronic form
•
@ B 7unishment for publishing or transmitting of material depicting children in se0ually e0plicit act, etc! in electronic form
•
@ C! 7reservation and Retention of information by intermediaries
%6 =6 $o9er of Controer to !ive directions •
The Controller may, by order, direct a Certifying Authority or any employee of such Authority to ta$e such measures or cease carrying on such activities as specified in the order if those are necessary to ensure compliance %ith the provisions of this Act, rules or any regulations made there under!
•
Any person %ho intentionally or $no%ingly fails to comply %ith any order under subD section 9" shall be guilty of an offence and shall be liable on conviction to imprisonment for a term not e0ceeding t%o years or to a fine not e0ceeding one la$h rupees or to both!
>6 Sec =@6 $o9ers to issue directions for interception or monitorin! or decryption of any information throu!h any computer resource •
>here the central 6overnment or a State 6overnment or any of its officer specially authoried by the Central 6overnment or the State 6overnment, as the case may be, in this behalf may, if is satisfied that it is necessary or e0pedient to do in the interest 9)
of the sovereignty or integrity of 2ndia, defense of 2ndia, security of the State, friendly relations %ith foreign States or public order or for preventing incitement to the commission of any cogniable offence relating to above or for investigation of any offence, it may, subject to the provisions of subDsection .", for reasons to be recorded in %riting, by order, direct any agency of the appropriate 6overnment to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information transmitted received or stored through any computer resource! •
The 7rocedure and safeguards subject to %hich such interception or monitoring or decryption may be carried out, shall be such as may be prescribed 1" The subscriber or intermediary or any person in charge of the computer resource shall, %hen called upon by any agency %hich has been directed under sub section 9"!
3ifferent sections defined under this section are: •
Sec @GA 7o%er to authorie to monitor and collect traffic data or information through any computer resource for Cyber Security!
•
Sec @G B 7o%er to issue directions for bloc$ing for public access of any information through any computer resource!
=6 Sec ?0 $rotected system •
The appropriate 6overnment may, by notification in the 3fficial 6aette, declare any computer resource %hich directly or indirectly affects the facility of Critical 2nformation 2nfrastructure, to be a protected system!
•
(0planation ?or the purposes of this section, NCritical 2nformation 2nfrastructureN means the computer resource, the incapacitation or destruction of %hich, shall have debilitating impact on national security, economy, public health or safety!
?6 Sec ?1 $enaty for misrepresentation •
>hoever ma$es any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any license or (lectronic Signature Certificate, as the case may be, shall be punished %ith imprisonment for a
9@
term %hich may e0tend to t%o years, or %ith fine %hich may e0tend to one la$h rupees, or %ith both! 6 Sec ?2 Breach of confidentiaity and privacy •
Save as other%ise provided in this Act or any other la% for the time being in force, any person %ho, in pursuant of any of the po%ers conferred under this Act, rules or regulations made there under, has secured access to any electronic record, boo$, register, correspondence, information, document or other material %ithout the consent of the person concerned discloses such electronic record, boo$, register, correspondence, information, document or other material to any other person shall be punished %ith imprisonment for a term %hich may e0tend to t%o years, or %ith fine %hich may e0tend to one la$h rupees, or %ith both!
3ifferent sections defined under this section are: •
Sec . A! 7unishment for +isclosure of information in breach of la%ful contract
•
Sec 1! 7enalty for publishing electronic Signature Certificate false in certain particulars
@6 Sec ?% $ubication for frauduent purpose •
>hoever $no%ingly creates, publishes or other%ise ma$es available a (lectronic Signature Certificate for any fraudulent or unla%ful purpose shall be punished %ith imprisonment for a term %hich may e0tend to t%o years, or %ith fine %hich may e0tend to one la$h rupees, or %ith both
106 Sec ?> Act to appy for offence or contraventions committed outside India •
Subject to the provisions of subDsection .", the provisions of this Act shall apply also to any offence or contravention committed outside 2ndia by any person irrespective of his nationality!
•
?or the purposes of subDsection 9", this Act shall apply to an offence or contravention committed outside 2ndia by any person if the act or conduct constituting 9
the offence or contravention involves a computer, computer system or computer net%or$ located in 2ndia! 116 Sec ?? Compensation& penaties or confiscation not to interfere 9ith other punishment •
:o compensation a%arded, penalty imposed or confiscation made under this Act shall prevent the a%ard of compensation or imposition of any other penalty or punishment under any other la% for the time being in force!
3ifferent sections defined under this section are: •
Sec A Compounding of 3ffences
•
Sec B 3ffences %ith three years imprisonment to be cogniable
126 Sec ?@ "emption from iabiity of intermediary in certain cases •
:ot%ithstanding anything contained in any la% for the time being in force but subject to the provisions of subDsections ." and 1", an intermediary shall not be liable for any third party information, data, or communication lin$ hosted by him!
•
the function of the intermediary is limited to providing access to a communication system over %hich information made available by third parties is transmitted or temporarily storedO or
•
Act and also observes such other guidelines as the Central 6overnment may prescribe in this behalf
1,6 Sec % B $unishment for abetment of offences •
>hoever abets any offence shall, if the act abetted is committed in conseuence of the abetment, and no e0press provision is made by this Act for the punishment of such abetment, be punished %ith the punishment provided for the offence under this Act!
•
(0planation An Act or offence is said to be committed in conseuence of abetment, %hen it is committed in conseuence of the instigation, or in pursuance of the conspiracy, or %ith the aid %hich constitutes the abetment! 9'
1%6 Sec % C $unishment for attempt to commit offences •
>hoever attempts to commit an offence punishable by this Act or causes such an offence to be committed, and in such an attempt does any act to%ards the commission of the offence, shall, %here no e0press provision is made for the punishment of such attempt, be punished %ith imprisonment of any description provided for the offence, for a term %hich may e0tend to oneDhalf of the longest term of imprisonment provided for that offence, or %ith such fine as is provided for the offence or %ith both!
1>6 Sec > (ffences by Companies6 •
>here a person committing a contravention of any of the provisions of this Act or of any rule, direction or order made there under is a Company, every person %ho, at the time the contravention %as committed, %as in charge of, and %as responsible to, the company for the conduct of business of the company as %ell as the company, shall be guilty of the contravention and shall be liable to be proceeded against and punished accordingly
•
7rovided that nothing contained in this subDsection shall render any such person liable to punishment if he proves that the contravention too$ place %ithout his $no%ledge or that he e0ercised all due diligence to prevent such contravention!
•
:ot%ithstanding anything contained in subDsection 9", %here a contravention of any of the provisions of this Act or of any rule, direction or order made there under has been committed by a company and it is proved that the contravention has ta$en place %ith the consent or connivance of, or is attributable to any neglect on the part of, any director, manager, secretary or other officer of the company, such director, manager, secretary or other officer shall also be deemed to be guilty of the contravention and shall be liable to be proceeded against and punished accordingly!
(ffenses covered under I$C and Specia a9s 16 Section >0,6 Crimina intimidation •
>hoever threatens another %ith any injury to his person, reputation or property, or to the person or reputation of any one in %hom that person is interested, %ith intent to 9G
cause alarm to that person, or to cause that person to do any act %hich he is not legally bound to do, or to omit to do any act %hich that person is legally entitled to do, as the means of avoiding the e0ecution of such threat, commits criminal intimidation! •
(0planationDA threat to inure the reputation of any deceased person in %hom the person threatened is interested, is %ithin this section!
26 Section %@@6 3efamation •
>hoever, by %ords either spo$en or intended to be read, or by signs or by visible representations, ma$es or publishes any imputation concerning any person intending to harm, or $no%ing or having reason to believe that such imputation %ill harm, the reputation of such person, is said, e0cept in the cases hereinafter e0pected, of defame that person!
•
(0planation 9D2t may amount to defamation to impute anything to a deceased person, if the imputation %ould harm the reputation of that person if living, and is intended to be hurtful to the feelings of his family or other near relatives!
•
(0planation .D2t may amount to defamation to ma$e an imputation concerning a company or an association or collection of persons as such!
•
(0planation 1DAn imputation in the form of an alternative or e0pressed ironically, may amount to defamation!
•
(0planation *D:o imputation is said to harm a personPs reputation, unless that imputation directly or indirectly, in the estimation of others, lo%ers the moral or intellectual character of that person, or lo%ers the character of that person in respect of his caste or of his calling, or lo%ers the credit of that person, or causes it to be believed that the body of that person is in a loathsome state, or in a state generally considered as disgraceful!
,6 Section %=,6 .or!ery6 •
>hoever ma$es any false documents or electronic record part of a document or electronic record %ith, intent to cause damage or injuryI, to the public or to any person, or to support any claim or title, or to cause any person to part %ith property, or
.&
to enter into any e0press or implied contract, or %ith intent to commit fraud or that fraud may be committed, commits forgery! %6 Section %=%6 5a*in! a fase document •
>ith the intention of causing it to be believed that such document or part of document, electronic record or digital signature %as made, signed, sealed, e0ecuted, transmitted or affi0ed by or by the authority of a person by %hom or by %hose authority he $no%s that it %as not made, signed, sealed, e0ecuted or affi0edO or
•
SecondlyD >ho, %ithout la%ful authority, dishonestly or fraudulently, by cancellation or other%ise, alters a document or an electronic record in any material part thereof, after it has been made, e0ecuted or affi0ed %ith digital signature either by himself or by any other person, %hether such person be living or dead at the time of such alterationO or
•
ThirdlyD >ho dishonestly or fraudulently causes any person to sign, seal, e0ecute or alter a document or an electronic record or to affi0 his digital signature on any electronic record $no%ing that such person by reason of unsoundness of mind or into0ication cannot, or that by reason of deception practised upon him, he does not $no% the contents of the document or electronic record or the nature of the alterations!
>6 Section %=6 .or!ery for purpose of cheatin! •
>hoever commits forgery, intending that the 9Hdocument or (lectronic Record forgedI shall be used for the purpose of cheating, shall be punished %ith imprisonment of either description for a term %hich may e0tend to seven years, and shall also be liable to fine!
=6 Section %=@6 .or!ery for purpose of harmin! reputation •
>hoever commits forgery, 9Hintending that the document or (lectronic Record forgedI shall harm the reputation of any party, or $no%ing that it is li$ely to used for that purpose, shall be punished %ith imprisonment of either description for a term %hich may e0tend to three years, and shall also be liable to fine! .9
?6 Section %206 Cheatin! and dishonesty inducin! deivery of property •
>hoever cheats and thereby dishonestly induces the person deceived any property to any person, or to ma$e, alter or destroy the %hole or any part of a valuable security, or anything %hich is signed or sealed, and %hich is capable of being converted into a valuable security, shall be punished %ith imprisonment of either description for a term %hich may e0tend to seven years, and shall also be liable to fine!
6 Section ,,6 "tortion •
>hoever intentionally puts any person in fear of any injury to that person, or to any other, and thereby dishonestly induces the person so put in fear to deliver to any property or valuable security, or anything signed or sealed %hich may be converted into a valuable security, commits Ne0tortionN!
@6 Section >006 $unishment for defamation •
>hoever defames another shall be punished %ith simple imprisonment for a term %hich may e0tend to t%o years, or %ith fine, or %ith both!
106 Section >0@6 ord& !esture or act intended to insut the modesty of a 9oman •
>hoever, intending to insult the modesty of any %oman, utters any %ord, ma$es any sound or gesture, or e0hibits any object, intending that such %ord or sound shall be heard, of that such gesture or object shall be seen, by such %oman, or intrudes upon the privacy of such %oman, shall be punished %ith simple imprisonment for a term %hich may e0tend to one year, or %ith fine, or %ith both!
..
C7A$T"' III "ISTI4 (') I T7" .I"3 ,61 Internet Infrastructure in India and cyber crime conse;uences :
2nternet infrastructure in 2ndia might still be rudimentary, but it still is emerging as a significant contributor to the countryPs gross domestic product 6+7"! The study included 91 countriesD6roup of (ight the US, the UK, ?rance, 6ermany,2taly, 5apan, Russia and Canada", 2ndia, Brail, China, South Korea and S%eden! 3n average, the 2nternet contributed 1!*Q to 6+7 in the 91 countries! S%eden, %hich has a strong 2nternet infrastructure, had @!1Q of its total 6+7 from the 2nternet! Russia had the lo%est share &!'Q" of 2nternet in its 6+7! 2nternet infrastructure combines the net%or$ %ithin 2ndia, band%idth and connectivity to the %orld, and data centres! The annual cyber crime survey carried out in cities across the country reveals that the cost of cyber crime suffered by 2ndians is around Rs1*,99&crore, annually! :orton Cyber Crime Report .&99 reveals that in 2ndia, around .G!G million people fell victim to cyber crime last year, %hereas global statistics touched *19 million!
.1
The annual losses globally estimated %ere around 1'' billion Rs 9',1@&,9)G,''9,)G9" on financial losses and time lost due to cyber crime %hich %as significantly higher than time spent in blac$Dmar$eting drugs! This year, if proper security measures are not adopted, internet users %ill lose more money due to cyber crime than ever before! 3ver t%o thirds of online adults @GQ" have been a victim of cyber crime in their lifetime! (very second, 9* adults become victims, resulting in over a million cyber crime victims every day!2n 2ndia, four in five online adults, %hich is around '&Q, have been victims!Some conseuences of cyber attac$sin 2ndia are as follo%s
CB2 %ebsite hac$ed by 7a$istani hac$ers 7a$istan 8ac$ers called /7a$istani Cyber ArmyL" hac$ed CB2 %ebsite on ?riday night %arning 2ndian counterparts /2ndian Cyber ArmyL, not to attac$ their %ebsites! The case under various provisions of 2nformation Technology Act has been registered but the %ebsite that is available at httpEEcbi!nic!in %as a 787 %ebsite, %hich hasnFt been restored yet South +elhi police nabs hac$ers Three persons, including t%o foreign nationals, %ere arrested for allegedly hac$ing into eD ban$ing accounts and buying e0pensive electronic items through these accounts! The accused %ere nabbed in south +elhi and eight laptops, 9& digital cameras and 9 Blac$Berry cellphones %orth around Rs 9& la$h %as recovered from them! ,62C8B"' S"CU'IT8 ST'AT"48 I I3IA
2ndia %o$e up to the 2nternet reality, albeit late in the day, and brought into force the 2T 2nformation Technology" Act, .&&&, %hich derives its flavor from U:C2TRA;Fs United :ations Commission on 2nternational Trade ;a%s" #odel ;a% on eDcommerce! A U: 6eneral Assembly resolution in 9GG advocated the adoption of U:C2TRA; #odel ;a% in the local la%s of member countries to maintain uniformity in practice! The 2T Act primarily .*
see$s to recognie transactions carried out by electronic means and to provide a frame%or$ for the development of eDcommerce and eDgovernance! Some :ote%orthy 7rovisions Under The 2nformation Technology Act, .&&&! Sec!*1 Sec!@@ Sec!@
+amage to Computer system etc! 8ac$ing %ith intent or $no%ledge"
Compensation for Rupees 9crore! ?ine of . la$h rupees, and
7ublication of obscene material in eDform
imprisonment for 1 years! ?ine of 9 la$h rupees,
and
imprisonment
and
double
of
conviction
)years, on
second
offence ?ine up to . la$h and imprisonment
Sec!@'
:ot complying %ith directions of controller
Sec!& Sec!.
of 1 years! attempting or securing access to computer 2mprisonment up to 9& years! ?or brea$ing confidentiality of the ?ine up to 9 la$h and imprisonment information of computer
up to . years
Sec!1
7ublishing false digital signatures, false in ?ine of 9 la$h, or imprisonment of
Sec!*
certain particulars 7ublication of +igital
Signatures
fraudulent purpose!
. years or both! for 2mprisonment for the term of . years and fine for 9 la$h rupees!
Amongst other things, the 2T Act provides for •
;egal recognition of electronic records
•
?acilitation of electronic filing of documents %ith government agencies
•
Authentication and certification of electronic records by means of digital signatures
•
Transaction of business through electronic data interchange and electronic communication
•
7revention of computer crimes, etc
•
Amendment of 2ndian 7enal Code, 9'@&, 2ndian (vidence Act, 9'., Ban$ers Boo$ (vidence Act, 9'G9 and the Reserve Ban$ of 2ndia Act, 9G1* to bring them in tune %ith the informationDtechnology regime
.)
•
3n 3ctober .&&&, rules prescribe the appointment and %or$ing of the Cyber Regulations Appellate Tribunal CRAT" %hose primary role is to hear appeals against orders of the Adjudicating 3fficers!
The 2T Act %as amended by the :egotiable 2nstruments •
Amendments and #iscellaneous 7rovisions" Act, .&&.! This introduced the concept of electronic cheues and truncated cheues!
•
2nformation Technology Use of (lectronic Records and +igital Signatures" Rules, .&&* has provided the necessary legal frame%or$ for filing of documents %ith the
•
6overnment as %ell as issue of licenses by the 6overnment! 2t also provides for payment and receipt of fees in relation to the 6overnment bodies!
•
3n the same day, the 2nformation Technology Certifying Authorities" Rules, .&&& also came into force! These rules prescribe the eligibility, appointment and %or$ing of Certifying Authorities CA"! These rules also lay do%n the technical standards, procedures and security methods to be used by a CA!
•
These rules %ere amended in .&&1, .&&* and .&&@!
!
C7A$T"' I< C(CUSI( # .UTU'" ('): .@
3ver the course of the past ten years, cyberDcrimes have progressed from being malicious pran$s by disenchanted teenagers to a serious threat that %ill ta0 the resources of crime enforcement and potentially destabilie society! Successful criminal prosecution and civil litigation %ill reuire that members of the legal community familiarie themselves %ith the various hac$ing techniues to ensure that the perpetrators are tried and convicted under the relevant statutes! A misapplication of the la% to a specific hac$ing techniue could allo% a hac$er to %al$ free! ;i$e%ise, members of the business community must understand the serious ris$s associated %ith conducting business onDline and their responsibility to the other companies for negligent maintenance of their systems!
.
