File Copyright Online - File mutual Divorce in Delhi - Online Legal Advice - Lawyers in India

Cyber Terrorism And Laws In India

Computers and the internet are becoming an essential part of this modern era. They are being used by individuals and societies to make their life easier. Like storing information, sending and receiving messages, processing data, communications, controlling machines, typing, editing drawing designing, drawing, working in offices almost all aspects of life. The tremendous role of computers stimulated criminals and terrorists to make it their preferred tool for attacking their targets. In this era of internet "Cyber Crimes" increases day by day.

'Cyber crime' is not radically different from the 'Conventional Crime'. Both include conduct whether act or omission, which causes breach of rules of law and counter balanced by the sanction the state. Cyber crime is a "crime against individual or organization by means of computer". And this crime is committed in a network environment or on internet. Computer is either a tool or target or both for committing this type of crime.

There are various types of Cyber crimes like some are, Identity Theft, Carding, Hacking, Web jacking Cracking, Cyber or Child pornography, Cyber stalking, Cyber squatting, Computer fraud or forgery, Cyber Terrorism, Cyber warfare. A person who commits a cyber crime is called as "Cyber Criminal". They can be children and adolesce''nts both.

Cyber Terrorism is one the harmful crime in all cyber crime. The cyber crimes which affect the national security are cyber welfare and cyber terrorism. The unlawful attacks and threats of attack against the computer, network and the information stored therein. Cyber terrorist attacks on the internet of many academics, government and intelligence officials sites etc.

Cyber terrorism is the convergence of terrorism and cyber space. Section 66F of Information Technology act related with Cyber terrorism and its punishment. The 1998 email bombing by the Internet Black Tigers against the Sri lankan embassies was perhaps the closest thing to cyber terrorism that has occurred so far.

The cyber crimes which affect the national security are Cyber Warfare and Cyber Terrorism. Unlawful attacks and threats of attack against the computer, network and the information stored therein. Cyber terrorism defined to be "the premeditated use of disruptive activities, or the threat thereof, in cyber space, with the intention to further social, ideological, religious political or similar objectives or to intimidate any person in furtherance of such objectives.

cyber terrorism, a term first coined by Barry Collin in the 1980s, is the convergence of terrorism and cyberspace. It involves an attack over a computer network(s) for the political objectives of terrorists to cause massive destruction or fear among the masses and target the government(s). cyber terrorism aims to invade cyber networks responsible for the maintenance of national security and destroy information of strategic importance.

It is one of the biggest threats to the security of any country, capable of causing loss of life and humanity, creating international economic chaos and effecting ruinous environmental casualties by hacking into various critical infrastructure (CI) systems. The notable characteristic of cyber terrorism is to use its economic competence to clinch inordinate effects of terror over cyber and real world through cyber-crafted means, like destruction of cybernetwork, denial of service attacks and data exfiltration.

Dangers created by cyber terrorism warrant immediate global consideration. However, states have been ineffective in advancing a consensual approach by which varied acts of terrorism in cyberspace can be brought under the nomenclature of cyber terrorism. Currently, no universally agreed definition for cyber terrorism exists, even though it has been acknowledged internationally as a major risk to global peace.

It is probably because of the saying, 'one man's terrorist is another man's freedom fighter'. Subsequently, different perspectives over the elemental constituents and definitions of cyber terrorism will be contemplated.

Cyber terrorism is a global concern, which has domestic as well as international consequences. It becoming very serious issue and it covers wide range of attacks. This cyber terrorism is starkly different from common internet crimes like money fraud or identity theft in that it can involve use of technology to destroy or divert the system and infrastructure cause injury and death and undermine economies and institutions.

To accomplish their goals, cyber terrorists target the computer systems that control the electric power grids, air traffic control, telecommunications networks, military command systems theft of intellectual property violation of patent, trade secret, or copy rights laws, to make unauthorized copies of classified data and financial transaction.

Definition of cyber terrorism:
cyber terrorism is unlawful attacks and threat of attacks against computers, networks, and information stored therein, that is carried out to intimidate or coerce a government or its people in furtherance of some political or social objectives. It is the 'premeditated, politically motivated attacks by sub-national groups or clandestine agents against information, computer systems, computer programs and data that results in violence against non-combatant targets.'

It aims at seriously affecting information systems of private companies and government ministries and agencies by gaining illegal access to their computer networks and destroying data. cyber terrorism, as a small landmass of the vast territory of terrorism, uses cyberspace as a target or means, or even a weapon, to achieve the predetermined terrorist goal. In other words, it is the unlawful disruption or destruction of digital property to coerce or intimidate governments or societies in the pursuit of religious, political or ideological goals. It is an act of politically influenced violence involving physical damage or even personal injury, occasioned by remote digital interference with technology systems.

cyber terrorism not only damages systems but also includes intelligence gathering and disinformation. It even exists beyond the boundaries of cyberspace and incorporates physical devastation of infrastructure. The NATO defines cyber terrorism as 'cyber attack using or exploiting computer or communication networks to cause sufficient destruction or disruption to generate fear or intimidate a society into an ideological goal'. The most acknowledged definition of cyber terrorism is of Professor Dorothy E. Denning, as an unlawful attack against computer networks to cause violence against any property or person(s), intending to intimidate a government.

  1. To study the Conecpt of Cyber crimes or Cyber Terrorism.
  2. Cyber terrorism in India and its punishment in Indian Law.
  3. Initiatives taken by World and our country for the Cyber terrorisms.

Need to Study:
There is a need to study to know how dangerous is cyber crimes & its effects and its punishments & policies in our country. To find some measures to prevent minimum cyber terror attack.

Statement Of Problem:
By doing some research it came to light that negligence people will create source for the cyber terrorist. There is a need of strict restriction for outsiders for using internet and stock of information and resources which is openly available on internet because it will become the sources for cyber attacks. There is also lack of Cyber Security in our country.

Cyber Terrorism is increasing day by day after all policies and laws of the government so its necessary to strict our Security system, policies initiatives and punishments too against cyber terrorism.

The methodology adopted for preparing this paper is based on a qualitative explanation. There is the use of Secondary resources like books, research papers, digital resources, various sites, etc. for data and information collection.

Scope of Cyber terrorism:
While studying cyber terrorism, it is imperative to discern the two aspects of usage of cyber technology by terrorists: (i) to facilitate their terror activities; and (ii) to use cyberspace as a weapon to target the virtual population or execute terror activities.

It is clear from the discussion here that cyber crime and cyber terrorism are not coterminous. Most definitions of cyber terrorism establish a restricted functional framework for the scope of cyber terrorism. For a cyber attack to qualify as an act of cyber terrorism, it must be politically motivated; cause physical or other forms of destructions or disruptions, like attacks affecting the unity, integrity and sovereignty of a country; cause loss of life (such as use of cyber networks in 26/11 Mumbai terror attack); and result in grave infrastructural destruction or severe economic losses. The use of cyberspace and information and communication technologies (ICTs) by terror outfits to facilitate their functional activities (like organisational communications) should be considered as cyber crime. Reckoning the 'facilitating part' under the definition of cyber terrorism would intensify the scope of cyber terrorism and augment the problem to be rectified.

Threats posed by cyber terrorism:
cyber terrorism poses critical security threats to the world. The CIs, like nuclear installations, power grids, air surveillance systems, stock markets and banking networks, are dependent upon cyberspace. This functional dependence has made CIs vulnerable to Cyber terror attacks and increased the scope for Cyber terror footprints exponentially. Most CIs globally are poorly protected. Therefore, Cyber terror attacks on CIs can cause egregious damages to the society. Further, today there is a persistent threat of sensitive information of national interests being stolen by terrorists, destruction of computer networks or systems superintending the functioning of CIs.

Objectives of Cyber Terror Attack:
Cyber terrorism is based on specific objectives, such as:
  1. Like, air traffic, military networks, financial and energy systems, telecommunications and others, to cause physical devastation.
  2. Cause disruptions sufficient to compromise the industrial and economic operations of a country. A Cyber terror attack thwacks a large part of the world population and causes monetary disorder and loss of data.
  3. Cause physical injuries, loss of lives, explosions, crashing of aircraft and other aerial vehicles, theft of technology and privileged information.
  4. Move beyond the realms of destruction and send a signal of ferocious disruption and fear to governments.
Possible Targets of Cyber terrorists:
Cyber attacks by terrorists majorly focus on two domains: control systems and data in cyberspace. Consequently, the security challenges against Cyber terror attacks generally vary across these two scopes. The first possibility is that terror outfits, such as Al-Qaeda and the Islamic State (IS), would exploit the information space to launch a cyber attack to ruin the CI facility of a particular state (Kudankulam Nuclear Power Plant cyber attack).

In the second instance, the Internet is abused to attack webspace or other trivial frameworks for their political intents, coalesced with the likeliness that such virtual attacks could turn adamantly grave to the point of being catalogued as a Cyber terror attack.

Exploitation of Cyberspace by Terrorists:
Terrorist organisations use cyberspace for recruitment, command and control and spreading their ideology. Internet being the largest reservoir of knowledge has fuelled terror outfits to use this quality to set up virtual training camps in cyberspace. In 2003, Al-Qaeda established its first online digital repository, providing information on matters ranging from bomb-making to survival skills. Today, the Internet is used by multiple self-radicalised patrons as a resource bank.

Cyberspace has emerged as a new operational domain for terror and extremist establishments, appending new dimensions to cybersecurity of precluding online jihadist recruitment, radicalisation and raising of funds. The terror outfit of IS has manoeuvred this stratagem and used it proficiently for itself.

The militant group was able to recruit 30,000 fighters through social media. Social media subsequently helped the group to establish its franchises and expand its base in different countries. Additionally, terrorists use Internet proficiency to reach out to masses to inspire acts of terror as well as disseminate their messages.

There are various incidents of Cyber Terrorism in our Country and some are mention below:
In 1998, etlinic Tamil guemllas swamped Sri Lankan embassies with 800 e-mails a day over a two-week period. The messages read "We are the Internet Black Tigers and we're doing this to disrupt your communications." Intelligence authorities characterized it as the first known attack by terrorists against a country's computer systems.

During the Kosovo conflict in 1999, NATO computers were blaste witli e-mail bombs and hit with denial-of-service attacks by hacktivists protesting the NATO bombings. In addition, businesses, public organizations, and academic institutes received highly politicized virus-laden e-raaiis from a range of Eastern European countries according to reports. Web defacements were also common.

Since December 1997, the Electronic Disturbance Theater (EDT) has been conducting Web sit-ins against various sites in support, of the Mexican Zapatistas. At a designated time, thousands of protestors point their browsers to a target site using software that floods the target rapid and repeated download requests. EDT's software has also been used by animal rights groups against organizations said to abuse animals. Electro hippies, another group of hacktivists, conducted Web sit-ins against the WTO when they met in Seattle in late 1999.

One of the worst incidents of cyber teirorists at work was when crackers in Romania illegally gained access to the computers controlling the life support systems at an Antarctic research station, endangering the 58 scientists involved. More recently, in May 2007 Estonia was subjected to a mass cyber attack by hackers inside the Russian Federation wliich some evidence suggests was coordinated by the Russian government, though Russian officials deny any knowledge of this. This attack was apparently in response to the removal of a Russian World War II war memorial from downtown Estonia.

Cyber Terrorism versus Conventional Terror Attacks:
Cyberspace offers anonymity, easy access and convenience to terrorists to reach the masses without much monetary expenditure. The ubiquitous cyberworld enables terrorists to launch cyber attacks having far-reaching impacts and causing staggering damages, more critical than physical attacks. Traditional terror attacks are restricted to the physical limits of the place of attack.

Also, while people outside the territorial limits of the attack do read and observe such incidents, they do not get affected directly. A Cyber terror attack, however, encompasses the potential of affecting millions without any territorial limitations; at times, it is more enigmatic to find the perpetrator and trace the point of origin of Cyber terror attacks.

Hence, cyberspace facilitates Cyber terrorists by enabling them to have a far greater reach than ever before. Further, global interconnectivity of cyberspace results in proliferation of potential targets for terrorists to attack, making it more dangerous than other terror attacks. Such unmatched capabilities of cyber terrorism give terrorists extraordinary leverage to engender more harm to society.

Thus, different factors make cyber attacks a capitative choice of terrorists:
  1. cyber terrorism constitutes a low-cost asymmetric warfare element for terrorists as it requires fewer resources in comparison to physical terror attacks. The terror groups can inflict more damage to people and society with the same amount of funds. Thus, the benefit�cost ratio for a Cyber terror attack is very high.
  2. Cyberspace provides anonymity, thereby enabling Cyber terrorists to hide their identity. The Indian government had admitted in Rajya Sabha that attackers compromise the computer systems situated in different locations of the globe and use masquerading techniques and hidden servers to hide the identity of the computer system from which the cyber attacks are propelled. It is the anonymous nature of cyberspace that makes it arduous to attribute cyber attacks to any state.
  3. The CIs and other valuable state resources are not fully protected and thus become an obvious target of Cyber terrorists. After designation of the target, the cyber attack can be launched without any unwarranted delay and need for further preparation.
  4. The Internet enables Cyber terrorists to initiate a cyber attack on any distinct part of the world. Unlike physical terror attacks, there are no physical barriers or checkpoints that block Cyber terrorists in the execution of predetermined cyber attacks on designated targets. Likewise, cyber terrorism involves less risk than physical terrorism.
  5. Cyberspace provides broad avenues for disseminating terror organisation propaganda. It provides a larger audience for Cyber terror attacks, whose impact goes beyond cyberspace to diverse systems.

Initiatives taken to mitigate Cyber terror attacks worldwide:
The mushrooming menace of cyber terrorism has stimulated states and international organisations to reform the global cybersecurity architecture for combating cyber terrorism.

International Forums
Convention on cyber crime
The European Union's Convention on cyber crime, also called the Budapest Convention, is the sole binding international convention on cyber crimes. It aims at harmonising domestic laws, including an international cooperative framework, and also proposes to improvise investigation techniques on cyber crimes for member states. India is not part of this treaty.

United Nations (UN)
UN Global Counter-Terrorism Strategy: The strategy manifests the commitment of all UN member states to eliminate terrorism in all forms. The resolution aims to expand international and regional cooperation and coordination among states, private players and others in combating cyber terrorism, and also seeks to counter the proliferation of terrorism through cyber networks. The 2018 resolution over the sixth review of the strategy asks member states to ensure that cyberspace is 'not a safe haven for terrorists'. It urges member states to counter terrorists' propaganda, incitement and recruitment, including through cyberspace.

United Nations Office of Counter-Terrorism (UNOCT) : The UNOCT was set up on 15 June 2017, vide United Nations General Assembly (UNGA) resolution, following the Secretary-General's report over UN's role to assist member states in implementing UN counterterrorism strategy.

The UNOCT supplements the efforts of member states against terrorism, including cyber terrorism. It provides multi-stakeholder cooperation in securing the cyberspace of respective countries from Cyber terror attacks. It has initiated various projects aimed at building and upgrading capacity among states to combat cyber attacks and raising awareness against cyber terrorism among masses.

United Nations Security Council (UNSC):
In 2017, UNSC adopted a resolution for the protection of CI. The resolution asks the member states to establish cooperation with all stakeholders at international and regional levels to prevent, protect, respond and recover from cyber-enabled terror attacks over the state CI. It also asks the states to share operational intelligence over the exploitation of communication technologies by terror outfits. The UNSC presidential statement in May 2016 recognised the requirement of global effort to stop terror outfits from exploiting cyber networks.

Brazil, Russia, India, China and South Africa (BRICS) Counter-Terrorism Strategy
The strategy aims to counter international terrorism and its funding, enhance cooperation in mutual legal assistance and extradition against terrorists, improve practical cooperation among security agencies through intelligence sharing, etc. The strategy resolves to 'counter extremist narratives conducive to terrorism and the misuse of the Internet and social media for the purposes of terrorist recruitment, radicalization and incitement.

Shanghai Cooperation Organisation (SCO)
The SCO has adopted several significant steps to counter the menace of cyber terrorism. It established the Regional Anti-Terrorist Structure (RATS) in 2001 against terrorism. The 22nd session of SCO RATS council approved various proposals to combat cyber terrorism, and also discussed the proposal to establish a cyber terrorism centre. In 2019, SCO member states conducted anti-cyber terrorism drills to prepare for future Cyber terror crisis.

Further, in 2015, SCO submitted to UNGA an International Code of Conduct for Information Security, proposing a secured and rule-based order in cyberspace. The code suggests international cooperation among states to combat exploitation of ICTs for terror-related operations. Furthermore, it specifies a code of conduct, responsibilities of states and rights of individuals in cyberspace.

The US
Cybersecurity and Infrastructure Security Agency (CISA) Act
The act establishes that the CISA will secure American cyber networks and CIs, devise US cybersecurity formations and develop potential to defend cyber attacks. Further, it secures the federal government's '.gov' domain network. It also houses the National Risk Management Center (NRMC), which addresses most strategic threats to the country's CI and crucial functions whose disruption can have devastating impacts over American national interests, like security and economy. In 2017, the US President issued an executive order (EO 13800) to modernise US cybersecurity proficiencies against intensifying cybersecurity threats over CIs and other strategic assets.

National Cyber Strategy of the US
The strategy, released in 2018, strengthens the US cyberspace to respond against cyber attacks. It focuses on securing federal networks and CIs, as well as combating cyber attacks. The cyber strategy primarily aims to protect American people, preserve peace and advance American interests. It also provides for military action to combat cyber attacks.

Israel launched its first-ever National Cybersecurity Strategy in 2017. The policy document expounds the country's plan to advance its cyber robustness, systemic resilience and civilian national cyber defence. The objective is to develop an international collaboration against global cyberthreats, which certainly includes Cyber terror threats. It also prioritises to defend Israeli economic, business and social interests in cyberspace.

The Israel government passed several resolutions, like 3611, 2443 and 2444, to expand institutional capacity for cybersecurity framework by establishing National Cyber Directorate. Israel's cybersecurity framework focuses on four priority areas:
  • Improving domestic capabilities to confront futuristic and present-day cybersecurity challenges.
  • Continuously upgrading and enhancing defence of CIs in the country.
  • Fostering the republic's standing as an international hub for the development of ICTs.
  • Promoting effective coordination and cooperation among the government, academia and private players.

The United Kingdom (UK)
The UK introduced the National Cyber Security Programme in 2015 to protect its computer networks from cyber attacks. A five-year National Cyber Security Strategy was also revealed in 2016 to make UK's cyberspace resilient from cyber attacks and more secure by 2021. Further, in 2017, National Cyber Security Centre was opened to respond to high-end cyber attacks.

Initiatives Taken In India:

Information Technology Act: Cyber terror Law of India
The Information Technology Act (hereafter the Act) sanctions legal provisions concerning cyber terrorism. Section 66F of the Act enacts legislative framework over cyber terrorism. It provides for punishment, extending to life imprisonment, for cyber terrorism, along with three essential elements for an act to constitute as cyber terrorism:

The act must intend to afflict terror in people's mind or jeopardise or endanger the unity, integrity, security or sovereignty of India.
Act: The act must cause:
  1. unlawful denial of access to any legally authorised person from accessing any online or computer resource or network;
  2. unauthorised attempt to intrude or access any computer resource; or
  3. introduce or cause to introduce any computer contaminant.
3. Harm: The act must also cause harm, like death, injuries to people, adverse or destructive effect on the critical information infrastructure (CII), damage or destruction of property or such disruptions likely to cause disturbances in such services or supplies which are essential to life

Further, Section 66F also applies to instances where a person without any authorisation or by exceeding his legitimate authorisation intentionally penetrates or accesses a computer resource and obtains access to such data, or information or computer base which has been restricted for Indian security interests, or whose disclosure would affect the sovereign interests of India, etc.

Protected Systems and CII The Act has a provision of 'protected systems', empowering the appropriate government to declare any computer resource that either directly or indirectly affects the facility of CII as 'protected system'. Section 70(3) sanctions punishment up to 10 years with fine in case a person secures or attempts to secure access to a protected system. The explanation clause of Section 70 defines CII as: 'The computer resource, incapacitation or destruction of which, shall have a debilitating impact on national security, economy, public health or safety.'

The central government, under Section 70A of the Act, has designated National Critical Information Infrastructure Protection Centre (NCIIPC) as the National Nodal Agency in respect of CII protection. The union government has also established Defence Cyber Agency to deal with matters of cyberwarfare and cybersecurity.

Indian Computer Emergency Response Team (CERT-In) Section 70B of the Act provides for the constitution of CERT-In to maintain India's cybersecurity and counter cybersecurity threats against it. The CERT-In is expected to protect India's cyberspace from cyber attacks, issue alert and advisories about the latest cyberthreats, as well as coordinate counter-measures to prevent and respond against any possible cybersecurity incident.

It acts as the national watch and alert system and performs functions like:
  1. Collect, analyse and disseminate information on cybersecurity incidents;
  2. Forecast and issue alerts on cyber �incidents;
  3. Emergency measures to handle cybersecurity incidents;
  4. Coordinate cyber attack response activities;
  5. Issue guidelines, advisories, over cybersecurity measures, etc.

India has established domain-specific computer emergency response teams (CERTs) to counter domain-specific cyberthreats and create a more secured cybersecurity ecosystem in respective domains, like power grids and thermal energy. Further, sectoral CERTs in the cybersecurity fields of finance and defence have been constituted to cater to such critical domain's cybersecurity requirements.

National Cyber Security Policy:
The National Cyber Security Policy of India, released in 2013, aims to secure Indian cyberspace and concretise its resilience from cyberthreats in all sectors. It aims at developing plans to protect India's CII and mechanisms to respond against cyber attacks effectively. It further focuses on creating a safe and dependable cyber ecosystem in India.

The policy has facilitated the creation of a secure computing environment and developed remarkable trust and confidence in electronic transactions. Furthermore, a crisis management plan has been instituted to counter cyber-enabled terror attacks. The Parliament also amended the National Investigation Agency (NIA) Act in 2019, empowering the NIA to investigate and prosecute acts of cyber terrorism.

Moreover, technology and threat Intelligence play major roles to counter terrorism and cyber terrorism. The multi-agency centre (MAC) at the national level, set up after the Kargil intrusion, along with subsidiary MACs (SMACs) at state levels, have been strengthened and reorganised to enable them to function on 24x7 basis. Around 28 agencies are part of the MAC and every organisation involved in counter-terrorism is a member of this mechanism. This is yet another important element of national initiative.

Legislative Reforms:

The Information Technology Act
India, as a fast-developing economy, aspires to control the global supply chain and internationalise its economy. This vision automatically attracts a big responsibility to protect cyberspace from possible cyberthreats, including acts of cyber terrorism. India, however, has been rather vulnerable to cyberthreats.Currently, with major economic activities transpiring through digital platforms during the COVID-19 pandemic, the dreadful impact of cyber terrorism has intensified.

The purpose of Cyber terrorists is to cripple the CI of a nation and certain services, like telecommunications, banking, finance, military complexes and emergency services, are most vulnerable to Cyber terror attacks. Thus, it is necessary to comprehend the potential threat of cyber terrorism to a nation like India, keeping in mind that the vulnerability of Indian cyberspace to Cyber terror attacks has proliferated enormously. In 2018 too, the then Home Secretary admitted to India's exposure to cyberthreats and its inadequacy in countering them.

Therefore, reforming and modernising the existing machinery to counter the strategic challenge of cyber terrorism and providing efficient explications acknowledging global pandemic is peremptory. Though the Act enacts provisions regarding cyber terrorism, in order to make it a more focused legislation to combat cyber terrorism, the following modifications are suggested:

The Act was originally enacted to validate e-commerce activities. However, its preamble today must not remain limited to e-commerce only. It must additionally include the objective of combating cyber terrorism.

The scope of the definition for cyber terrorism should be made more extensive by including 'the usage of cyberspace and cyber communication'. The section does not cover cyberspace use for communication and related purposes to fulfil and execute terrorist objectives. The Act should incorporate provisions to cover such acts to prevent acts of cyber terrorism.

To focus the orientation of the Act to combat cyber terrorism, it must have a dedicated chapter on cyber terrorism, which would deal with all intricate elements and dimensions of the acts amounting to cyber terrorism in detail.
Indian Cybersecurity Act
In 2008, the Information Technology Act was amended to incorporate provisions concerning cyber terrorism. However, from 2008 to 2021, exploitation of cyberspace by terrorists has undergone a systematic transformation. The conglomeration of time and evolution of destructive technologies has made cyber terrorism intricately complex and devastatingly lethal to deal with. Cyber terrorists use innovative methods to exploit cyberspace for youth radicalisation and to propel cyber attacks causing massive destruction.

The evolution of destructive technological order aiding cyber terrorism warrants a new modernised legal order, with empowered law enforcement agencies, to protect Indian cyberspace against possible cyberthreats and preserve its cyber sovereign interest.

India must consider enacting a new cybersecurity legislation, Indian Cybersecurity Act, dedicated to deal with present-day cybersecurity challenges and regulate all aspects of cybersecurity, including cyber terrorism. Further, in view of the future consolidation of Cyber terror attacks, a new legislation would additionally provide more effective, deterrent and stringent legal framework against cyber terrorism.

Administrative Reforms:
Multiplicity of Organisations

Multiple government organisations handle cybersecurity operations of India, resulting in overlapping jurisdictions and operations among organisations. Some reformatory steps�like creating the National Cyber Security Coordinator under National Security Council Secretariat (NSCS) and bringing central agencies under its control�have been adopted. However, it is important to provide the exigent task of cybersecurity exclusively to three central agencies, namely, CERT-In, NCIIPC and Defence Cyber Agency, with well-delineated and defined jurisdictional limits of operations and responsibilities. Instead of creating a parallel hierarchical structure which results in unwarranted overlapping of work, the jurisdictional limits of operations must be detailed through legislation to the extent possible.

Further, there must be a regular review of the jurisdictions of organisations to keep India's cybersecurity mechanism updated as per the continuously evolving cyberspace. Since what today is not a CI might become intrinsically critical for preserving national security tomorrow, the National Cyber Security Coordinator must proactively coordinate the activities of the cybersecurity agencies to intensify capabilities of India to counter cyber terrorism.

Awareness Programmes
The government, like UNOCT, must undertake cybersecurity awareness programmes in the country and establish an informative environment in the country against possible cyberthreats (including cyber terrorism) in cyberspace. The government must consider launching a cyber literacy programme (initially in areas vulnerable to cyber attacks) on lines with 'Sarva Shiksha Abhiyan' to familiarise people about the cybersecurity threats in a time-bound manner. This is particularly important during the COVID-19 pandemic when most businesses are running digitally through online mediums.

Indian Cybersecurity Service
India cannot reform and strengthen its gigantic cybersecurity framework from one central place. Cybersecurity threats are the new normal for people, including those living in distant parts of India. Therefore, India must establish Indian Cybersecurity Service as an all-India civil service. It will provide India with the best professionals (posted in different parts of the country at the grassroots level) to deal with all aspects of cybersecurity, including cyber terrorism.

An all-India civil service would further equip the state governments with talented cybersecurity experts to protect their cyber operations and deal with breaches under their jurisdiction. The proposed civil service could also assist the state police in solving cyber-related offences more effectively and expeditiously, thereby improving the administration of justice in cyber crimes.

As these cybersecurity officials will get an opportunity to work in different parts of the country in various capacities, like officers from other all-India services, it will broaden their vision and first-hand operational experience of cybersecurity issues faced by the people at grassroots level, as opposed to the current paradigm (where majority of the officers and their work remains restricted to headquarters).

Therefore, just like officers from other all-India civil services get a significant say in the decision making due to their extensive groundwork and direct first-hand experiences bestowing them with actual ground realities, Indian cybersecurity officials will also get a far greater say over most policy decisions concerning cyberthreats, cybersecurity interests and others. Further, cyberspace is ubiquitous and interacts closely with major economic and other operations in society.

Therefore, affording greater say to cybersecurity officials in India will make cybersecurity central to our major policy decisions and strengthen our cybersecurity framework on a continuous basis.

Conclusion & Suggestions:
Cyberspace has developed as a decentralised network of communication, without any restriction over geographical boundaries of any country. Therefore, international regulation and cooperative cybersecurity framework is essential to deal with cyber terrorism effectively.

Since the current framework is incapable of dealing with the menace, it is time to strengthen international law to equip it to deal with cyber terrorism. India must also think about reforming its legal framework or legislating exclusive cybersecurity legislation, which may provide provisions for cyber terrorism.

With the prime minister advocating the use of technology for development and administration, and also due to the global pandemic, cyberspace has been integrated into various fields, like governance, public administration and trade and business operations. In addition, there is continuous integration of cyberspace with CI.

Thus, a multidimensional cybersecurity framework must be introduced. The outbreak of COVID-19 has also accelerated the digitisation of economic businesses and other activities. cyber attacks by terrorists can virtually paralyse the financial and economic operations (including Indian Goods and Services Tax [GST] network of the country. Hence, to boost the adoption of counter-measures by states against cyber terrorism

and strengthen the cybersecurity framework, the World Bank must consider 'cybersecurity' as one of the parameters to decide ease of doing business index. India must also try to reduce overlapping among cybersecurity organisations and harmonise its process and laws as per the international best practices.

Further, the accelerated digital operations of business due to the pandemic has made the state constitutionally bound to protect the cyberspace of India. Article 19(1)(g) of the Constitution, read with Sodan Singh and Anuradha Bhasin cases, grants the right to practice or do any form of livelihood within the realms of law. Thus, the state must make sure that the constitutionally protected fundamental right of occupation in cyberspace of Indian citizens is protected in the current scenario. It must be noted that any business can survive and flourish in a digital platform only when there is secured cyberspace in place. Thus, the government is constitutionally bound to protect India's cyberspace from cyberthreats, including cyber terrorism.

Cyberspace, today, interacts with significant economic, business and other interests of India. So as to secure India's strategic, sovereign, economic and business interests in cyberspace, the union must incorporate stringent deterrent strategies and cybersecurity reforms at all levels of operation. It is important to look at the big picture while analysing Cyber terror threats; and new mechanisms must be developed and reformatory steps need to be introduced with focus on the constitutional obligation of the state under Article 19(1)(g) and Article 355 of the Indian Constitution.

  • Information Technology Act, 2000 (Act 21 of 2000), Chapter III, Section 66F(2).
  • Ibid., Section 66F(1)(A)(i).
  • Ibid., Section 66F(1)(A)(ii).
  • Ibid., Section 66F(1)(A)(iii).
  • Ibid., Section 66F(1)(B).
  • Ibid., Section 70.
  • Ibid., Section 70(3).
  • Misra, S.N.; Indian Penal Code; Central Law Publicaions;ed-13;p-88
  • Cyber Law and its Applications by Prof. Shilpa S. Dongre
  • http.//

Law Article in India

Ask A Lawyers

You May Like

Legal Question & Answers

Lawyers in India - Search By City

Copyright Filing
Online Copyright Registration


How To File For Mutual Divorce In Delhi


How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...

Increased Age For Girls Marriage


It is hoped that the Prohibition of Child Marriage (Amendment) Bill, 2021, which intends to inc...

Facade of Social Media


One may very easily get absorbed in the lives of others as one scrolls through a Facebook news ...

Section 482 CrPc - Quashing Of FIR: Guid...


The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of t...

The Uniform Civil Code (UCC) in India: A...


The Uniform Civil Code (UCC) is a concept that proposes the unification of personal laws across...

Role Of Artificial Intelligence In Legal...


Artificial intelligence (AI) is revolutionizing various sectors of the economy, and the legal i...

Lawyers Registration
Lawyers Membership - Get Clients Online

File caveat In Supreme Court Instantly