This article has been written by Aryashree Kunhambu, pursuing a Diploma in Cyber Law, FinTech Regulations, and Technology Contracts from LawSikho.
Imagine an employee, sitting and working at her desk. “One new email,” her computer screen reads. She opens it, and then suddenly her screen turns pitch black. Baffled by what had just happened, she presses a few keys on her keyboard. Her confusion is suddenly interrupted by a rising commotion. She looks around and watches every monitor in the office turn black, one after the other. “What have I done?” she thinks to herself, only to be interrupted once again by the IT professional who informs all the employees that their company’s network was under attack.
I am sure that the above-described scene has been played one too many times in several movies and TV series. The chances of it occurring, in reality, are quite high as well. Every modern-day organization is heavily reliant on wireless networks as they are efficient and user-friendly. The disadvantage of such technology though, is as old as time itself – ill intentions of a person or a group of persons, possibly with the motive of gaining some monetary benefit by causing grievance to an organization. This article discusses some of the threats that have been encountered by organizations using a wireless network and suggest some of the actions that are available to the wronged party under Indian law.
A wireless network is a computer network that is not connected by any kind of cable. It eliminates the cost of the introduction of such cables into office buildings or as a connection between different equipment locations. The basis of wireless systems is radio waves which are used to connect devices such as laptops to the Internet, the business network, and applications.
When laptops are connected to Wi-Fi hotspots in public places, the connection is established to that business’s wireless network. The key to safeguard information on the laptop lies with the user granting access to it. Even though it might sound as simple as protecting the keys to your house from an unknown entity, oftentimes highly capable cybercriminals can hide their true intentions under a ruse such as an opportunity to avail free tickets to an EDM concert. They then fraudulently trick innocent users to gain access to their networks and all the information on it by something as small as a mouse click on a malicious advertisement.
10 types of cyber attacks threats in a wireless network
Discussed below are ten types of known cyber attacks that you should be protecting your wireless network against –
- Trojan horse
In computing, a Trojan horse is a foul attacking code or software that tricks users into running it willingly, by hiding behind a legitimate program.
It may appear as an email from someone you possibly know, and when the attachment in the email is clicked on, it immediately downloads malware onto the computer. They are also known to spread by clicking on a false advertisement. A Trojan horse can record passwords by tracking keystrokes, hijacking webcams, and stealing any sensitive data on the computer.
- Adware and spyware
Adware is any software that is designed to track data of a user’s browsing habits and, based on the information collected, show advertisements and pop-ups accordingly. Adware is a legitimate source of income for many companies that allow users to try their software for free, but with advertisements showing while using the software with their consent. Such an adware clause is often hidden in related User Agreements. Adware can be responsible for slowing down the computer’s processor and internet connection speed. The adware which is downloaded without consent is illegal.
Spyware works similarly to adware but without the user’s knowledge. Keyloggers that record personal information including email addresses, passwords, even credit card numbers are used. It is highly dangerous as it can lead to identity theft.
- SQL injection attack
SQL injection attacks are designed to target data-driven applications by exploiting security vulnerabilities in the software. It generally allows an attacker to view data that they are not normally able to view. An attacker uses malicious code to obtain data belonging to other users, or any other data that the application itself can access. This private data once retrieved can be changed or even destroyed. The attacker can even go as far as to void transactions on websites. SQL Injection attacks have become one of the most dangerous privacy issues for data confidentiality.
- Computer worm
Computer worms are pieces of malware programs that multiply and spread from one computer to another. It spreads from an infected computer by sending itself to all of the contacts in the computer and then on to the contacts of the other computers. Transmission of worms is often done by exploiting software insufficiencies.
Phishing is a method of social engineering to obtain sensitive data such as passwords, usernames, credit card numbers. The attacks mostly come in the form of instant messages or phishing emails that seem to be legitimate. The recipient is tricked into opening a link, which leads to the installation of malware on his computer. Sometimes, a manipulative email that appears to be sent from a bank, asking to verify the recipient’s identity is sent as a means to collect private information by these attackers.
- DOS and DDOS attack
Several times, a website’s server gets overloaded with traffic and simply crashes due to heavy demand. But, during a DoS attack, or denial-of-service, traffic overload occurs when attackers overflood a website. When a website has too much traffic, it’s unable to serve its content to its visitors. A DoS attack is performed by one machine with the help of an internet connection, by flooding a website. It blocks legitimate users from accessing the content of the flooded website.
A DDoS attack is a more severe version of a DOS attack. All the machines mostly don’t belong to the attacker, thus, they are compromised and added to the attacker’s network by malware. These computers can be distributed across the world and are called a botnet. A DDoS attack is much more difficult to defend against as the attack is launched from so many different IP addresses simultaneously.
- Computer virus
Computer viruses are one of the most common cybersecurity threats. They are pieces of software that are designed to be spread from one computer to another. Often, a virus is sent as an email attachment or downloaded from a specific website with the intent to infect a computer and other computers on the shared network. Viruses are known to send spam, disable security settings, corrupt and steal data from computers including personal information such as passwords, even going as far as to delete everything on the hard drive.
- Rogue security software
After the computer virus, came the rogue security software. Cybercriminals, while leveraging the fear that computer viruses had created, used this method to launch additional attacks. Rogue security software is malicious software used to mislead users into believing that there is a computer virus on their computer or that their security measures are not up to date. Either the user is asked to download their program to remove the alleged viruses or to pay for a tool. Both the cases lead to actual malware being installed on the computer.
A rootkit is a collection of software tools that enables remote control and administration-level access over a computer or computer networks. Once remote access is obtained, the rootkit can perform several disruptive actions such as stealing passwords and disable antivirus. Rootkits are hidden in legitimate software. Once the user permits that software to make changes to the computer’s operating system, the rootkit installs itself in the computer and waits for the hacker to activate it. Other ways of rootkit distribution include phishing emails, malicious links, files, and downloading software from suspicious websites.
- MIM attacks
Man-in-the-middle attacks are those which allow the attacker to eavesdrop on a private communication between two targets. For example, Person A sends Person B her private key, but Person C intercepts this message and in turn sends his private key to Person B, posing as Person A. Person B assumes that the key he just received is of Person A and sends her the amount of money due. The money is not transferred to Person A, but Person B. Person C is thus the man-in-the-middle.
Which laws govern cyber attacks in India today?
- The Information Technology Act, 2000
The IT Act is the most important law when it comes to cyber-attacks. One can even say it is the guide to anything digital in the Indian regulatory system. The applicable sections in case of a cyber attack are as follows –
- Section 43 – Damage to the computer systems without obtaining permission from the owner. The owner can claim compensation for the entire damage.
- Section 66 – A person found to dishonestly or fraudulently have committed any act referred to in Section 43, shall be imprisoned in such instances for up to three years or a fine of up to Rs. 5 lakh.
- Section 66B – Punishment for dishonestly receiving stolen computer resources or communication devices leads to three years of imprisonment. An additional fine of Rs. 1 lakh fine can be added, depending upon the severity.
- Section 66C – Punishment for identity theft related to imposter digital signatures, hacking passwords, or other distinctive identification features, if proven guilty, leads to the imprisonment of three years and can also be backed by Rs.1 lakh fine.
- Section 66 D – This section focuses on punishing for cheating by personation by using a computer resource such as scammers etc.
- Indian Penal Code (IPC) 1860
The Indian Penal Code, 1860 along with the Information Technology Act, 2000 deal with cyber frauds and identity theft. The following sections are applicable –
- Section 464,Section 465 – Forgery/ False documentation.
- Section 468 – Pre-planned forgery for cheating someone.
- Section 471 – Presenting a forged document as a genuine one knowingly.
- Section 469 – Forgery for the purpose of harming reputation.
- The Companies Act, 2013
Indian companies and their directors can be prosecuted by the SFIO (Serious Frauds Investigation Office) as empowered by the Companies Act 2013. Section 211 and Section 212 of the Companies Act, 2013 deal with the establishment of the SFIO and the investigation procedure to be taken by them. Post the notification of the Companies Inspection, Investment, and Inquiry Rules, 2014, SFIOs are on high alert. The Companies (Management and Administration) Rules, 2014 also prescribes strict guidelines confirming the cybersecurity obligations and responsibilities upon the company directors and other leaders.
Madam Curie once said, “Nothing in life is to be feared, it is only to be understood. Now is the time to understand more, so that we may fear less.” It is pivotal to understand the relevant resources, including comprehensive training for company professionals, and meet all safety standards by corporate entities, to assure data privacy and cybersecurity in India. The pandemic has now pushed India’s second-largest internet consumer base to over 560 million users in 2021. This alarming consumer base is also matched by the increase in cyber-security attacks on companies across all industries in India. A robust cybersecurity framework is of prime importance to manage this constant digitization and data growth. The above-mentioned laws do not provide the adequate framework to tackle all the problems faced by the Indian digital market today, but hopefully, the incoming Personal Data Protection Bill, 2019 shall be passed soon to help aid these spaces.
Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skills.
LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join: