In the 1960s, the development of the internet was a watershed moment. Although
the internet was originally designed for military objectives, we had no idea
that it would grow swiftly and become a cornerstone in our lives over time. We
are now more linked to the internet than we have ever been. Companies have been
able to relocate their enterprises online because to the quick expansion of the
We may get anything from clothes, food, bags, equipment, electrical
devices, and furnishings from the convenience of our own homes and have it
delivered to our doorstep. Our lives have been made simpler by the internet.
However, there is always something negative in everything excellent. The growth
in occurrences of cyber-crime has been attributed to the advent and development
of the internet, as well as the accompanying increase in the number of people
online. Criminals have evolved and grown more innovative in their cyber-crimes
as a result of the internet's growth.
What is Cybercrime?
Cybercrime is defined as the intentional targeting or attack of a computer or
computer network with the intent of conducting an unlawful act such as fraud,
child pornography trafficking, software vulnerability exploitation, or social
Evolution of cyber-crime:
- The first incidence of cyber-crime appeared in the late 1980s,
coinciding with the fast growth of email usage. When an email circulated
across the world and into people's homes, a slew of frauds erupted. The
email was posed as a legitimate request from a Nigerian Prince seeking
financial assistance so that he might assist in the emigration of millions
of Nigerians, with the promise of returning millions of dollars to the email
- In the late 1980s, a cyber form known as "Morris Worm" infected roughly
6000 of the 60000 computers connected to the internet at the time (within 24
hours). The computer slowness was caused by the cyber worm. The computer
systems of several schools and institutions, including Harvard, Princeton,
Stanford, Johns Hopkins, NASA, and the Lawrence Livermore National
Laboratory, were compromised by the cyber worm.
- When internet web browsers were introduced in the 1990s, thieves
discovered new techniques to gain access to a computer system through
deception. Viruses would be released on the internet by cyber thieves. The
virus would infect a website that a user would subsequently visit. The virus
would infect the user's PC after they visited the website. Another method of
infecting a user's computer was to show pop-up adverts on a website that the
user visited. The user's PC would be infected by the virus if they clicked
the popup. Other infections might cause the user's computer to slow down or
send them to a pornographic website.
- In the early 2000s, the internet ushered in a new era of social media
and online entertainment. Cybercrime progressed to the next level during this
time period. People began uploading and sharing personal information online
after the arrival of social media. Identity theft was perpetrated as a result of
the flurry of personal information collected from users. Furthermore, the data
might be utilised to get access to individual bank accounts, as well as
perpetrate credit card and financial fraud.
- There were many various sorts of cyber-crimes in the first decade of the
2000s, including Denial of Service (DDoS) assaults on major websites, the SQL
Slammer worm attacking SQL servers, and many malware attacks, among others.
Evolution Of Laws Governing And Regulating Cyber-Crime In IndiaInformation Technology Act, 2000
Although cyber-crime is not defined in the Information Technology Act of 2000
("IT Act") or the IT Amendment Act of 2008, the IT Act has the authority to deal
with it since it contains provisions relating to cyber-offenses or crimes.
Because cyber-crime involves the targeting or assault of a computer or computer
network, the IT Act's definitions of terminology such as computer, computer
network, computer resource, data, and information, among others, are critical.
In the year 2000, the Information Technology Act became law, and it primarily:
- Recognises electronic records, electronic signatures as valid,
- Recognises electronic signatures, digital signatures,
- Deals with computer related offences and other offences through
electronic means, contraventions.
Constant critiques, evaluations, and the interpretation of some portions as
harsh led to the IT Amendment Act, 2008 ("IT Amendment Act"), which took effect
The IT Amendment Act brought in some notable changes such as:
- Focus on data privacy,
- Introduction of information security practices,
- Definition of cybercafe,
- Responsibility on companies to implement reasonable security practices
to protect information from unauthorised access, damage, use, modification,
disclosure, or impairment.
Section 66B, 66C & 66D of the IT Act punishes a person who:
- Section 43 of the IT Act provides recourse in the form of compensation to
an owner of a computer or computer system when a person or entity damages or
destroys the computer or computer system belonging to such owner (civil
liability for data theft).
- Section 43A of the IT Act provides compensation to a person, if the
company dealing with or handling the person's sensitive personal information
in its computer resource, fails to protect the said person's information.
- Section 66 of the IT Act punishes the person who dishonestly or
fraudulently commits the act referred to in Section 43, with imprisonment
for a term extending to 3 years or with fine extending to Rs. 5 lakh or with both
(criminal liability for data theft).
- Section 66B: by dishonest means, receives or retains stolen computer
resource knowingly, with imprisonment for a term extending to 3 years or
with fine extending to Rs. 1 lakh or with both.
- Section 66C: by fraudulent or dishonest means uses electronic signature
or password of another person, with imprisonment extending to 3 years and
with fine extending to Rs. 1 lakh.
- Section 66D: by means of any communication device or computer cheats by
impersonation, with imprisonment extending to 3 years and with fine
extending to Rs. 1 lakh.
- Section 66F: (a) intends to threaten the unity, integrity, security, or
sovereignty of India or (b) deny access to any person authorised to access a
computer or (c) attempt to penetrate or access a computer without authorisation
or (d) introduce a computer contaminant like virus, Trojan, malware etc. and
cause death or injuries to person or damage to or destruction of property etc.
with imprisonment for life.
POCSO Act, 2012
The Protection of Children from Sexual Offenses Act of 2012 (the "POCSO Act")
makes it illegal to exploit a kid or children for pornographic purposes,
including utilising a child for sexual enjoyment on the internet. Persons guilty
for the aforementioned offences will be imprisoned for up to 5 years, and if
convicted a second time, they will be imprisoned for up to 7 years and fined.
The POCSO Act can also penalise anybody who keeps pornographic information
involving a child for the aim of profiting from it with up to three years in
prison, a fine, or both.
Indian Penal Code, 1860 (IPC)
Those who commit crimes of identity theft or cyber fraud are likewise punished
under the IPC. Sections 464 (Making a false document or false electronic
record), 465 (Forgery Punishment), 468 (Forgery for the Purpose of Cheating i.e.
forged electronic record), 469 (Forgery for the Purpose of Harming Reputation
i.e. forged electronic record), and 471 (Forgery for the Purpose of Harming
Reputation i.e. forged electronic record) of the IPC are (Using as genuine a
forged document or electronic record).
Cyber-crime Case Laws
- The Bank NSP Case:
This case concerned a bank management trainee who was
preparing to marry. The trainee and his fiance primarily communicated through
the company's computers. Both of them eventually went their own ways. The girl,
on the other hand, created a fake email address named "Indian bar associations"
and used the bank's computer to send emails to the trainee's bank's overseas
clients. The bank lost numerous clients as a result of this behaviour, and as a
result, the clients filed a lawsuit against the bank in court. The bank was
found to have committed the offence and was held accountable for sending the
abovementioned emails to the clients because the bank was the source of the
- Cosmos Bank Cyber Attack:
This case was a cyber-attack on the Pune-based
Cosmos Bank. Since the hackers stole Rs. 94.42 crores from Cosmos Cooperative
Bank Ltd. in Pune, the banking industry in India has been shaken. The hackers
who broke into the bank's ATM computer gathered data from a variety of visa and
rupay debit cards. As soon as they acquired access, hacker groups from 28
countries emptied the accounts by withdrawing money.
- Hack of Aadhar Software:
Hackers gained access to the personal
information of over 1.1 billion Aadhar cardholders after breaking into the
Aadhar database in early 2018. Individual Aadhar card holders' information was
leaked, according to UIDAI, and includes Aadhar, PAN, cell phone numbers, and
IFSC codes, among other things.