It's not just about bombs and missiles, countries are now using computers and the power of the internet to attack their enemies.

Cyberspace is the new battleground and cyberattacks are the new-age weapons. India is tier three in cyber power- it has strengths or potential strengths in some of the categories in the IISS cyber-power methodology but significant weaknesses in others.

The challenge of national security and new forms of warfare, Prime Minister Narendra Modi said as India is establishing itself on the global stage, there are constant attacks through misinformation, disinformation and false propaganda- now the threats to national security have become widespread, the methods of warfare are also changing. Earlier, we used to imagine our defence only to land, sea and sky. Now, the circle moving towards space, moving towards cyberspace, moving towards economic, social space."

India is a software development powerhouse.
Cyberwarfare/ cyber warfare/ cyber war/ cyberwar is described as a conflict between two or more two countries. It is a series of attacks targeting a country. It has the potential to create desolation on government and civilian infrastructure and disrupt critical systems, resulting in damage to the state and even loss of life. It is in the virtual world or over the internet and is conducted in and from computers and the networks connecting them, waged by states or their proxies against other states.

Security is always a trade-off. Often, it's security versus convenience, but sometimes it's security versus features or security versus performance. That we prefer all of that things over security is most of the reason why computers are insecure, but it's also true that securing computers is actually hard.

India has made only adequate progress in developing its policy and security for the doctrine of cyberspace. This article would give further insight into cyber warfare and has is the government developing laws to prevent cyber crimes.

Introduction
William Gibson coined the term 'cyber space' in his literary work 'Neuromancer' (1984) for the first time describing electronic activities that take place in the virtual world.

To explain the crimes in cyberspace, Jaishankar (2008) propounded the 'Space Transition Theory'. The theory with 7 postulates explains how an individual's behaviour differs in physical and cyberspace which could lead to the commission of crimes in cyberspace.[1]

Cybercrime is nowhere defined in any statute or Act enacted by the Indian Parliament. In a sense, it is not fundamentally different from the concept of conventional crime insofar as both include conduct, whether act or omission, which causes a breach of law and is punishable by the State.[2]

The distinction between a cyber crime and conventional crimes lies in the medium's involvement in cybercrime cases. That is, at any stage, there should be involvement of the virtual cyberspace medium in case of cybercrime.

Cybercrime may be defined as any unlawful activity that manipulates a computer either as an instrumentality, target or means of perpetrating further crime[3]. In other words, cybercrime is a felony wherein the computer is either a tool, a target, or both.

A Cyberattack is a set of actions carried out by threat actors, who try to gain prohibited access, steal data or cause damage to computers, computer networks, or other computing systems. A cyber attack can be set in motion from any location. The blitz can be performed by an individual or a group using several tactics, techniques and procedures (TTPs).

Individuals who launch cyber attacks are usually referred to as cybercriminals, threat actors, bad actors, or hackers. They can work alone, in collaboration with other attackers, or as part of organized criminal group systems and exploit them to further their goals.

In present times, crime is a legal concept and is sanctioned by law. An offence or crime is a legal wrong that can be followed by criminal proceedings that may result in punishment. Cyber attacks are criminal act dealing with laptops, computers, networks and servers. Cyber attacks primarily are conducted online by accessing the internet. The Internet is increasingly being used for advertising, banking, communication, commerce, education, research and entertainment.

It has become a front for performing and navigating all sorts of activities that are prohibited by law. Cyber Criminals often commit crimes by targeting computer networks and devices. Cyber attacks we often come across are identity theft, cheating by personation, cyberbullying, sextortion, espionage, hacking, phishing, revenge pornography, trolling, defamation, grooming, online child trafficking, extortion, cyberstalking, identity theft, cyberterrorism, financial fraud, medical fraud, malware, trafficking in human organs pornography, gambling, prohibited drugs, infringing copyright, money laundering, software piracy, cyberwar etc.

The motivation to carry out cyber attacks is well established and enables the preparators to act from a geographical distance, with many more opportunities for concealment, often the motif is the desire for entertainment, profit, revenge, social motivation, political motivation, sexual motivation, and psychiatric illness. The online world magnifies the impact of crime, cyber attacks continue to evolve with new threats surfacing all over the world.

Cybercriminals can have various motives when launching cyber attacks. Some carry out blitz for personal or financial gain. Others are "hacktivists"[4] acting in the name of social or political causes. Some attacks are part of cyberwarfare operations conducted by nation-states against their opponents or operating as part of known terrorist groups.

Cyber war is usually waged against the government and military networks to disrupt, destroy, or deny their use. Cyber war is different from the terrorist use of cyberspace and cyberespionage or cybercrime. Although similar tactics are used in all four types of activities, it is a misinterpretation to define them all as cyberwar. Some states that have engaged in cyberwar may also have engaged in troublesome activities such as cyber espionage, but such activities do not themselves constitute cyberwar.

History and Evolution of Computers and Cyberspace

History:
Abacus is considered to be the earliest form of a computer and has been around since 3500 BC in India, Japan and China. Nevertheless, the first programmable loom was first produced in France by Joseph-Marie Jacquard, a textile manufacturer, this loom played an important part in the development of programmable machines.

Identical to the abacus, this device also allowed the repetition of a series of steps in weaving special fabrics, whereafter the first so-called cyber-crime was recorded in the year 1820 as a result of fear among the employees that their traditional employment and livelihood were being threatened.

The second cyberattack happened in 1834, a pair of thieves hacked the French Telegraph System and stole financial market information.[5]

The first cyber attack in India occurred in 1992 when the first polymorphic virus was released. When the defendant, Akash Arora, was accused of utilizing the trademark/domain name 'yahooindia.com,' a permanent injunction was sought in this case.[6]

Recalling an old-style telephone, the kind our parents or grandparents would have had in their homes. That object was designed and manufactured as a telephone, and that's all it did and all it could do. The telephone in your pocket right now, it's not really a telephone; it's a computer running a telephone app. And, as you know, it can do much, much more. It can be a telephone, a camera, a messaging system, a book reader, a navigation aid and million other things.

'Cyber war is coming!'[7], is a landmark article published in 1993 in the journal Comparative Strategy by John Arquilla and David Ronfedlt, two researchers for the RAND (Research and Development) Corporation, the corporation is a research organization that develops investigates to public policy challenges to help make communities throughout the world be safer and more secure, healthier and more prosperous. RAND is a non-profit, nonpartisan, and committed to the public interest.

Evolution:

In 1989, Internet security expert Gene Spafford famously said: "The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards- and even then I have my doubts." Almost 30 years later that still true.

More recently, a former National Cybersecurity Center director Rod Beckstorm summarized it this way: (1) anything connected to the Internet can be hacked; (2) everything is being connected to the Internet; (3) as a result, everything is becoming vulnerable.

Now, computers have developed immensely with Artificial Intelligence, the latest AI - 'Chat GPT' that received a multibillion-dollar investment from Microsoft is a generative language model based on the 'transformer' architecture that is capable of processing large amounts of text and learning to perform natural language processing tasks very effectively, and quantum computing proving that every iota will be competent of executing a billion operations every second.

Although the transition took its time and it took long to make evolution in cyber-crimes quite visible. Cybercriminals evolved with time; they change their strategies in consonance with advancements in technology to commit cyber attacks.

Technically skilled criminals prefer to work in cyberspace because there's not much physical exertion involved seemingly cyber-crimes yield maximum financial rewards with minimal risk of being caught, given the anonymity factor involved in cyber-crimes.

Over the decades, the evolution of cyber-crime can be categorized into four major segments that have variations in terms of type of threat posed to the target.

Segment I- Decade- 80's
Threat posted to the Target:
E-mails came as revolutionary forms of communication with minimal cost and high-speed facility. This was the time when personal computers were majorly targeted by Spam. This was done to trick the victim by the offender who acquires a false identity to fraudulently gain personal information from the victim or stead his/her identity.

Segment II- Decade- 90's
Threat posted to the Target:
Viruses were sporadically surfacing across the world and making news for causing huge damaged to governments, corporate houses and individuals. The vector used is a web browser to transfer viruses to victims' systems whenever one gets online. The virus is a code that replicates itself to fill up the space and infects the functionality of other programs adversely. It either damages, deletes or hampers the productivity and efficiency of the system.

Whether accidental or not, the first Internet blitz was a wake-up call for the country and the cyber age to come. The Morris Worm inspired a new generation of hackers and a wave of Internet-driven assaults that continue to plague our digital systems to this day. [8]

Segment III- Decade- 2000's
Threat posted to the Target:
Social networking gained its maximum pace during this time and users became highly vulnerable to identity theft by cybercriminals.

Segment IV- Decade- Present
Threat posted to the Target:
With the advancement and easy availability of smartphones, now everyone is connected to the internet, almost at all times. Mobile devices have become the means of digital interaction and a major mode of payment. This situation also posed a serious problem of M-Commerce theft with highly personal and financial details stored in the mobile. Legal measures do not adequately protect mobile transactions, which further motivates cyber offenders to target naïve smartphone users.

[9]The extensibility of computers means everything can be used against us:
Computers are extensible. As everything becomes a computer, there are three ramifications when it comes to security.

1. extensible systems are hard to secure because designers can't anticipate every configuration, condition, application, use, and so on. This is an argument about complexity.
2. extensible systems can't be externally limited. DRM- digital rights management, means copy protection is impossible.
3. extensibility means that every computer can be upgraded with additional features in software. These can accidentally add insecurities, both because the new features will contain new vulnerabilities and because the new features can be added by attackers as well.

There are an additional feature "backdoors" which is an old term cryptography, and generally refers to any purposely designed access mechanism that bypasses a computer system's normal security measure. Backdoors are often secret and added without an individual's knowledge and consent. When the FBI demands that Apple provide a way to bypass the encryption in an iPhone, what the agency is demanding is a backdoor.

All computers can be infected with malware. All computers can be commandeered with ransomware. All computers can be dragooned into a botnet- a network of malware-infected devices that are controlled remotely. All computers can be remotely wiped clean. The calculated function of the embedded computer, or the IoT[10] device into which the computer is built, makes no difference. Attackers can exploit IoT devices in all the ways they currently exploit desktop and laptop computers.

Attacks On Cyberspace
The complexity of computerized systems means an attack is easier than defence. The history of warfare illustrates this well, as different technologies like machines guns and tanks shifted the advantage one way or another. The attacks always get better, easier, and faster. The Data Encryption Standard, or DFS, is an encryption algorithm from the 1970s, its security was deliberately designed to be strong enough to resist then-feasible attacks, but just barely.

There is a range of techniques to attack a device or computer network. The approach depends on the purpose of the attack. Attacking techniques are based on intent.

 Various Methods are as follows:

1. Espionage and National Security Breaches:
   Espionage is the act of obtaining secrets, sensitive or classified information from rival groups, competitors, government or enemies for military, political or economic advantages by illegal methods of exploitation on the internet, software and network of computers. In simple terms, it is a method of spying on other nations and their organizations to gather data and information about the enemy.
   
   Cyber espionage attacks can be motivated by monetary gain; they may also be deployed in conjunction with military operations or as an act of cyber terrorism or cyber warfare. The impact of cyber espionage, particularly when it is part of a broader military or political campaign, can lead to the disruption of public services and infrastructure, as well as loss of life.
   
   Example of Cyber Spies at work:
   
   COVID-19 Research:
   More recently, cyber espionage has focused on research efforts related to the COVID-19 pandemic. Since April 2020, intrusion activity targeting coronavirus research has been reported against U.K., U.S., Spanish, South Korean, Japanese and Australian laboratories; this activity was conducted on the part of Russian, Iranian, Chinese and North Korean actors i.e. espionage groups.
   
   [11]For example, one cyber espionage breach was discovered by CrowdStrike in the second half of 2020. Their Falcon OverWatch team uncovered a targeted intrusion against an academic institution known to be involved in the development of COVID-19 testing capabilities.
   
   The malicious activity in question was attributed to Chinese hackers, which gained initial access by the way of a successful SQL injection attack against a vulnerable web server. Once inside the victim environment, the actor compiled and launches a web shell that was used to perform various malicious activities largely focused on information gathering and collection.
    
2. Phishing:
   25% of all data breaches involve phishing. Phishing is a cyber crime that leverages deceptive emails, websites and text messages to steal confidential personal and corporate information. Victims are tricked into giving up personal information such as their credit card data, phone number, mailing address, company information, etc.
   
   Nasscom vs. Ajay Sood and Others:
   In a landmark judgment in the case of National Association of Software and Service Companies vs. Ajay Sood and Others, delivered in March, '05, the Delhi High Court declared 'phishing' on the internet to be an illegal act, entailing an injunction and recovery of damages.[12]
   
   This case achieves a landmark: It brings the act of "phishing" into the horizon of Indian laws, even in the absence of specific legislation. This case reaffirms IP owners' faith in the Indian judicial system's ability and willingness to protect intangible property rights and send a strong message to IP owners that they can do business in India without sacrificing their IP rights.
   
   [13]One of the biggest Phishing scams of all times; Sony Pictures (€80 Million):
   In November 2014, the criminal hacking group 'Guardians of Peace' leaked a report of 100 terabytes of data from the film studio of Sony Pictures.
   
   McCLure, the CEO of computer security firm Cylance, who analysed the leaked data, found out that many top Sony executives, including CEO Michael Lynton, received phising emails that appeared to be from Apple asking them to provide their email IDs for verification, and promptly that page redirected to a bogus site that captured their login credentials.
   
   With this information, the attackers accessed a trove of data, including details about Sony Picture employees and their families, private correspondences and information regarding then-unreleased films.
   
   To compound the damage, the attackers employed a variant od Shamoon wiper malware to erase Sony's computer infrastructure. But that appeared to be the opening salvo that proceeded the fraudsters' true motive.
   
   But all that appeared to be the opening salvo that preceded the fraudsters' true motive.
   
   The attackers, who were later tied to a state-sponsored North Korean group, demanded that Sony withdraw its film The Interview, a comedy about a plot to assassinate the North Korean leader, Kim Jong-un.
   
   They also threatened terrorist attacks at cinemas that screened the film, which resulted in many cinema chains opting not to show it.
   
   Given the unusual nature of the incident, it's hard to calculate the exact damages, but Jim Lewis, the senior fellow at the Center for Strategic and International Studies, estimated that it cost Sony Pictures more than $ 100 million (about €80 Million at that time).
    
3. Ransomware:
   Ransomware is a malware designed to deny a user or organization access to files on the persnoal computer. By encrypting the files and demanding a ransom payment for the decryption key, cyberattackers place organizations in a position where paying the ransom is the easiest way to regain access to their files. Some variants have added additional functionality- such as data theft – to provide further incentive for ransomware victims to pay the ransom.
   
   Ransomware has become the most prominent and visible type of malware. Recent ransomware attacks have impacted hospitals' ability to provide crucial services, cripples public services in cities, and caused significant damage to various organization.
   
   Example: The attack on AIIMS in India
   AIIMS, the largest public health institutions in India, highlighted the dangers cyberattacks can pose to humans. Attackers targeted AIIMS servers with malware that made the several servers dysfunctional. Various services were affected, from patient registration to emergency services, affecting patients and curtailing hospital operations for several days. And that was in addition to the leak of personal data in large numbers, including information o key individual.[14]
    
4. Propaganda:
   By sowing disinformation and damaging morale, an attacker can damage another nation-state's ability to effectively defend itself. Cyberattacks can be used to gain access or to steal sensitive or embarrassing information that can then be leaked.
   
   [15]Example: Anti- India, Anti- Kashmir 'Cyber Propaganda' Busted on Twitter:
   
   Resettlement of Kashmir Pandits was one of the major election vows of Indian PM Narendra Modi. Separatists and even top militant commanders had accused the displaced community of so-called 'protection' and talked about brotherhood and "kashmiriyat' and things started to look positive.
    
5. Data Breach:
   Data breached are a common form of cyber attack, they happen due to lack of security on a company website. The attacker can steal a vast amount of customer information in a very short amount of time. The information stolen ranges from names to credit card information.
   
   Example: eBay Data Breach[16]:
   The eBay data breach took place in 201. The attack went unnoticed for a month. The attack happened because of what is known as social engineering. An attacker would pose as an employee of eBay or an employee of a third- party company that works with eBay.
   
   The hacker would send an email to a few real employees of eBay requesting specific credential information. Once the email was opened, malware would be installed into the computer system of eBay and the attacker would now have access to that part of the eBay network. It is estimated that around 100 employees of eBay fell into the trap.
   
    

India And Cyberwarfare
In the past, India has lead several initiatives domestically and internationally to enhance the reason of data security and lower the risks of cyber warfare. While defensive cyber operations are a compulsion to protect a network, we cannot neglect Offensive Cyber Operations (OCOs) in military planning.

India today has the largest number of internet users. This makes cyber security awareness obligatory to prevent national and personal security threats. The widespread rise of digital technology and its subsequent penetration across the financial spectrum has made India vulnerable to global espionage and spying attempts. International forces have spread their web of technological espionage across the country, and unintendingly, we, as users, are aiding their cause.

The bulk penetration of Chinese mobiles across the Indian market further harms our security powers. These devices are often laced with undetectable malware that can instantly sabotage systems and applications. This is a blind spot where an internal code facilitates information transfer and promotes a cyber-attack.

It isn't easy to measure cyber security on the scale of national security because we need to have our hardware, technology, and products. It, therefore, becomes crucial to have a testing team to examine global products arriving on our shores and ensure that the product is not used to spy on us.

Preventive Legal Measures Against Cyber Crime
Laws are generally meant for meeting the needs of the society and it is, therefore, a vital concept which undergoes changes with the changing need of the society.

India ranks fifth in the wolrd in incidence if cyber crime there has been hacking of 9,000 websites from 2010-2013 with five percent increase in cyber crimes each year.

Information Technology Act, 2000

The Indian Penal code, 1860 was found insufficient to carter to the needs of the new crimes emerging from Internet expansion. The IT Act, 2000[17] was enacted in India for prevention and control of Cyber crimes. With the coming into force of the IT Act, 2000, it became necessary to introduce certain consequential changes in certain provisions of the Penal code as also in the Indian Evidence Act, 1872, in order to meet the new requirements of the cyber space[18]crimes.

With a view to widening the scope of applicability of the provisions of the IPC so as to include within its ambit, offences involving electronic records, a new Section- 29- A has been inserted after Section 29 of the IPC with read as follows:

29-A. Electronic Record:
The words electronic record shall have the meaning assigned to them in clause (1) of sub-section (1) of Section 2 of the IT Act, 2000."

Section 2(1) (t) of the IT Act, 2000 defines: electronic record" which means "data record or data generated image or sound stored, received or sent in an electronic form or micro-film or computer generated micro- fiche."

As a result of this amendment in the IPC, all the offences related to "documents" shall also include offences related to "electronic records" which are committed through cyberspace of the Internet.

The IT act is based on UNCITRAL[19] Model Law on e-commerce, 1996 in furtherance of the U.N. General Assembly resolution urging the member States to enact or revise their cyber laws to create a uniform environment for regulating e-commerce at the international level.

Salient features of IT Act:

1. Cyber Law appellate tribunal has been set up to hear appeal against adjudicating authorities.
2. The act applies to cyber offence or contravention committed outside Indian by a person irrespective of his/ her nationality.
3. As provided under section 90 of the act, the state government may, by notification in ' official gazette' make rules to carry out the provisions of the act.
4. Consequent to the passing of this Act, the SEBI had announced that trading of securities on the internet will be valid in India, but intitally there was no specific provison for protection of confidentiality and net trading. This lacuna has been removed by the IT (Amendment) Act, 2008.[20]

Section 43 of the IT Act, 2000 makes its an offence for a person, without the permission of the owner of a computer, computer system, or computer network, to introduce or cause to be introduced any computer contaminant or computer virus into the said computer, computer system or computer network,

The explanation to Section 43 defines "computer contaminant" as "any set of computer instructions that are designed:

1. To modify, destroy, record, transmit, data or programme residing within a computer, computer system or computer network; or
2. By any means to usurp the normal operation of the computer, computer system or computer network.

In addition, section 84B of the IT Amendment Act also prescribes the abetment of any offence under the IT Act or the IT Amendment Act. The statute state that if no express provision is made for the punishment of such abetment, the penalty thereon will be the punishment provided by the Act for the offence itself.

Section 66F of the IT Amendment Act defines and penalises cyber terrorism.

The provision states as follows:

1. Whoever:
   
   1. With intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by:
      
      1. denying or cause the denial of access to any person authorised to access computer resource; or
      2. attempting to penetrate or access a computer resource without authorisation: or exceeding authorised access; or
      3. introducing or causing to introduce any computer contaminant, and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or adversely affect the critical information infrastructure specified under section 70; or
          
   2. knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorised access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism.
       
2. Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.

Government Is Who Enables Security
The computer industry has largely been regulation-free. That's partly the result of the nascence of the industry. It's partly the result of the industry's relative initial harmlessness, and an unwillingness on the part of its leaders to recognise how much things have changed.

These risks were never considered in the course of the Internet's evolution, and they're largely an accidental outcome of its unexpected growth and success. More programming is done in countries like India.

India has established a biometric national ID system that will be used both by government agencies and companies.

In 2017, Inida's Supreme Court recognized a right to privacy for the first time in the nation's history and called it a fundamental right in a unanimous verdict[21]. Eventually, this might result in some stronger laws in the country. [22]

India's Development for Reducing Cyber Crimes
India has had its worst year of cyberattacks in 2022, but 2023 will see government and firms ramp up defences.[23]"Ransomware attacks in India have increased significantly and one of the most distinguishing aspects in 2022 was involvement of stat-actors"[24]

Government data, collected by the Ministry of Electronic and Information Technology's Indian Computer Emergency Response Team (CERT-In), shows an increase in cyberattacks in India.

India's IT ministry came up with the Digital Personal Data Protection Bill, 2022, defining some roles of data fiduciaries and introducing appellate committees that will deal with redressals and grievances.

The draft law, alongside CERT-In rules, has been part of core policy discussions in India.

Landmark Cyber Law Case of India
Syed Asifuddin and Ors. v. State of Andhra Pradesh and Anr.
The judgement stated that Section 2(1)(i) of the IT Act provided that a "computer" means any electronic, magnetic, optical, or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic, or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or related to the computer in a computer system or computer network. Hence, a telephone handset is covered under the ambit of "computer" as defined under Section 2(1)(i) of the IT Act.

Conclusion
The Military and National Security cyber Capabilities of Indo- Pacific Countries state the capabilities of India as Defence Cyber Agency (est. 2018) and mandate India to formulate a cyber warfare doctrine to develop and maintain relevant capabilities to deter, defend and disrupt an opponent's cyber operations.[25]

With the advent of the world's utilization of technology, there is an immediate requirement to create stringent provisions to defend a nation from cyber warfare. From what is available in India, the statutes and provisions are old, and the emergence of new cybercrime techniques is unmonitored.

This might increase the probability of cyber warfare in the country and act as a potential threat in cyberspace. The major problem with cyber-attacks is that, though the threat can be detected, it has become a challenge to identify the individual behind such an attack and hence wouldn't be able to circumvent further damage to the computer technology. No one can avoid a cyber-attack altogether, but the loss can be minimized with appropriate and efficient technology. Most of the population in a country use the internet for crucial services and amenities.

In certain situations, cyber-attacks may ultimately bring down a structure or a government, leading to substantial financial and physical damages. So, it needs robust regulations and qualified professionals to deal with crimes in cyberspace. Further, there is an immediate need for the up-gradation of cyber-attack defence networks and improved counterintelligence.

End-Notes:

1. Cyber Crime- History and Evolution, An MHRD Project under NME-ICT
2. Book: Prof. N. V. Paranjpe, Criminology and Penology (including Victimology)
3. Parthasarthi Pati: Cyber Crime, p. 5
4. https://www.imperva.com/learn/application-security/hacktivism/
5. History of Cyber Crime, https://www.bezaspeaks.com/cyber attack/history.htm
6. Yahoo!, Inc. vs Akash Arora and Anr. On 19 February, 1999
7. Cyberwar is coming by John Aquilla and David Ronfeldt- https://www.rand.org/content/dam/rand/pubs/reprints/2007/RAND_RP223.pdf
8. Morris Worm- FBI History- https://www.fbi.gov/history/famous-cases/morris-worm
9. Book: Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World by Bruce Schneier
10. Internet Of Things
11. https://www.crowdstrike.com/cybersecurity-101/cyberattacks/cyber-espionage/
12. Indian Cyber Security- Nasscom vs. Ajay Sood and Others;- https://www.indiancybersecurity.com/case_study_nasscom_ajay_sood.php
13. It governance- https://www.itgovernance.eu/blog/en/the-5-biggest-phishing-scams-of-all-time
14. The Diplomat- https://thediplomat.com/2023/01/ransomware-a-wake-up-call-for-cybersecurity-in-the-indo-pacific/
15. EurAsian Times Desk- https://eurasiantimes.com/kashmiri-pandits-are-bandits-they-play-the-victim-card-better-than-jews-cyber-propaganda/
16. Univeristy of Nebraska Omaha - When does a Cyber Crime become and act of cyber warfare? - https://core.ac.uk/reader/428364803
17. The Information Technology Act, 2000 came into force, w.e.f. October 17, 2000
18. The other amended Acts are the Bankers Book evidence Act, 1891 and the Reserve Bank of India Act, 1934
19. United Nation's Commission on International Trade Law
20. Dr.Vishwanath Paranjpe: Legal Dimesnions of Cyber Crimes and Preventive Laws (2010) pp.. 211-12
21. Wire, https://thewire.in/170303/supreme-court-aadhaar-right-to-privacy.
22. Book: Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World by Bruce Schneier; page 128
23. The Print- https://theprint.in/india/indias-had-its-worst-year-of-cyberattacks-but-2023-will-see-govt-firms-ramp-up-defences/1286441/
24. Sameer Patil, senior fellow at Observer Research Foundation (ORF), a multi-disciplinary think-tank said the above.
25. Observer Research Foundation- https://www.orfonline.org/research/the-future-of-cyber-warfare-in-the-indo-pacific/s