This article is written by Jaya Vats, a practising advocate, Delhi. In this article, the author throws some light on all the aspects relating to cybercrime. The article examines many forms of cyberattacks, cybercrime in India, how to protect oneself from becoming prey to such crimes, and the necessity of cyber security.
This article has been published by Sneha Mahawar.
Table of Contents
Introduction to cybercrime
The World Wide Web allows us to easily access a wide range of activities. In reality, our use of the internet is essential for the successful completion of our daily tasks and activities. However, accessing the internet can also lead to a number of online crimes, such as breach of data and account hacking.
A number of cybercrime cases including phishing, identity theft, and fraud, have surged in recent years. In the previous year alone, India saw a 16% increase in the number of cyberattacks throughout the Country. Cybercrime infiltration is anticipated to increase further. This emphasises the significance of creating more effective and deterrent legal structures, as well as stricter legislations, to combat cybercrime. In this situation, it becomes important to examine the country’s existing cybersecurity legislation to see if they provide adequate protection against these crimes.
What is cybercrime
Cybercrime is defined as any criminal misconduct carried out through a network, technical gadgets, or the internet. Although some cybercrimes are intended to cause harm to the victim, the vast majority are committed for financial gain.
Individuals and corporations are both targets. Individuals are typically part of a bigger assault in which the hacker tries to distribute malware across machines for-profit motive. Business assaults, on the other hand, are usually a one-shot deal. Businesses are also far more prone to be the subject of hacktivist demonstrations, which constitute a type of cybercrime in their own right.
Origin of cybercrime
Despite the fact that the internet is only roughly 30 years old, experts believe the 1834 hack to be the first cyberattack in history. Two crooks infiltrated the French Telegraph System and gained access to financial markets, conducting data theft.
Some early cyberattacks, which began in the late 1800s and the early 20th century, saw cybercriminals target telephone infrastructure. Only two years after the invention of the telephone, adolescent guys stole into Alexander Graham Bell’s telephone firm and wreaked havoc by misleading calls. Phone hacking, also known as phreaking, became popular in the 1960s and 1980s.
Rene Carmille, a French computer scientist, broke into the Nazi data registry in 1940 to disrupt their intentions to identify and monitor Jews.
The introduction of email in the 1980s brought with it phishing schemes and viruses sent via attachments. Web browsers, like computer viruses, had grown prevalent by the 1990s.
Because of the nature of these platforms, the broad use of social media in the 2000s only exacerbated cyber crime, particularly data theft. Malware infections and data theft have surged rapidly over the last 10 years and show no indications of slowing down anytime soon.
With the evolution of the internet, hackers now have a plethora of novel attack vectors at their disposal. As more and more ordinary devices — refrigerators, washing machines, heating systems, light bulbs, and so on — go online, cybercriminals gain new weaknesses and possibilities.
Types of cybercrimes
The following are the various types of cybercrimes:
- Theft via cyberspace: Cyber theft is a sort of cybercrime that includes an individual infiltrating another person’s or company’s system in order to steal wealth, private information, financial information, or proprietary information. Identity theft and embezzlement are examples of fraudulent crimes that might be classified as cyber theft crimes.
- Cyberbullying: Bullying an individual online is referred to as cyberbullying. Cyberbullying includes any threat to a person’s safety, coercion of a person to say or do anything, and expressions of hatred or subjectivity against someone. While children are more likely to be victims of cyberbullying, adults are not exempt. According to a survey, 40% of polled teens said they had encountered online harassment, while 24% of adults aged 26–35 said they had experienced cyberbullying.
- Malware: Malware is a term that refers to any software program that is meant to infiltrate or harm a device. Viruses are a type of software that falls under the malware category. Viruses may cause a range of problems once they enter a device. They may delete files, record your keystrokes, erase your disk drive, or otherwise corrupt your data.
- Phishing: Phishing happens when fraudsters act as an organisation in order to dupe victims into disclosing important information. Scare techniques, such as notifying the victim that their bank account or personal device is under assault, are frequently used by cybercriminals to effectively fulfil their phishing aims.
- Extortion via the internet: Cyber extortion is a type of blackmail that takes place through the internet. In these occurrences, cybercriminals target or try to harm the person and demand pay or a reaction in order to halt their threats.
- Ransomware: Ransomware is a sort of cyber extortion that uses malware to achieve its purpose. This software threatens to disclose the victim’s data or to block the user from retrieving his/her data unless the cybercriminal gets a predetermined sum of money.
- Cryptojacking: When hackers utilise other people’s processing resources to mine cryptocurrency without their permission, this is referred to as cryptojacking. Cryptojacking varies from cyber crimes that utilise malware to enter the device of a victim to steal data whereas the cryptojackers are not interested in stealing a victim’s data. Cryptojackers, on the other hand, employ the computing power of their victim’s gadget. Despite appearing to be less harmful than other cybercrimes, cryptojacking should not be taken lightly because falling prey to it can drastically delay one’s device and render it vulnerable to further cyber assaults.
- Cyber spying: Cyber spying occurs when hackers target a public or private entity’s network in order to gain access to classified data, private information, or intellectual property. Cybercriminals may utilise the sensitive information they discover for a variety of purposes, including blackmail, extortion, public humiliation, and monetary gain.
- Spyware: Spyware is a software that cybercriminals employ to monitor and record their victims’ actions and personal information. Often, a victim unintentionally downloads spyware onto their device, giving a cybercriminal unwitting access to their data. Cybercriminals can access a victim’s credit card data, passwords, web cam, and microphone depending on the type of spyware employed.
- Adware: Adware is software that you may unintentionally download and install when installing another program. Every time someone views or clicks on an advertisement window, the developers of adware programs profit financially from their actions on people’s computers. Although some adware software is lawful and innocuous, others are invasive due to the type and number of ads they display. Many nations consider some adware applications to be unlawful because they contain spyware, malware, and other dangerous software.
- Botnets: Botnets are malware-infected computer networks. Malicious hackers infiltrate and gain control of these machines in order to do things online without the user’s consent, allowing them to commit fraudulent crimes while remaining undetected. They may send spam emails and conduct targeted hacks into a company’s assets, financial records, data analyses, and other vital information.
- Dating hoodwinks: Some hackers utilise dating websites, chat rooms, and online dating apps to pose as possible mates and attract people in order to have access to their data.
- Hacking: Any illegal access to a computer system is generally referred to as hacking. When a hacker gains unauthorised access to a company’s or an individual’s computers and networks, they can obtain access to important corporate information as well as personal and private data. Despite this, not all hackers are crooks. Some “white hat” hackers are employed by software businesses to identify faults and gaps in their surveillance systems. These hackers get into a company’s network in order to uncover existing holes in their clients’ systems and provide fixes to such issues.
Cybercriminals or “black hat” hackers may desire to go clean and abandon their criminal activities occasionally. In these circumstances, one of the finest possibilities is to work as a security analyst for the organisations they used to torture. These individuals have greater expertise and experience with network intrusion than the majority of computer security specialists.
The consequences of cyber crimes
The actual extent of cyber crime is hard to determine. Because of the significant danger of data loss, the consequences of cyber crime may be disastrous. The consequences of cyber crime may be divided into three categories:
Individuals bear the brunt of the consequences of cyber crime. With the gadgets, there may be difficulties such as data breaches, identity theft, or trafficking to harmful websites, among other things. As a result, one may notice unusual purchases on their credit cards and lose access to their financial accounts. Furthermore, fraudsters may utilise data saved on smartphones to harass and blackmail victims.
Businesses may suffer from the loss of sensitive data, financial loss, or brand harm, among other things. It can have a direct impact on the value of a firm, and the stock value can result in a loss of reputation, clients, and so on. Companies that fail to secure client data will face fines and penalties. Furthermore, a malicious user may discreetly sell critical data from the firm to other businesses.
Gaining access to government information with the purpose of misusing it, is a serious breach of data. Cybercriminals employ cutting-edge tools and technology to obtain access to extremely sensitive government data. The primary goal of attacking government data is to corrupt or sell national defence and security information.
Cybercrime as a business
The dark web, which is distinct from the deep web, has its own economy where cybercrime occurs. Criminals purchase and sell adware, botnets, data lists, and other items in order to conduct fraud and identity theft. However, there is a darker side to the dark web.
The dark web is used for a variety of purposes, including sex trafficking, the spread of child pornography, hitmen, and much more. There’s a sector of the internet, hidden behind many redirection and encrypted pages, that allows such heinous actions to take place. We’re referring to it as the “cyber crime economy.”
Due to the extensive paper trail created by accessing the internet, criminals who engage in such operations are concerned about their identity. Access to relevant portions of the dark web is typically possible through a combination of TOR browsers (The Onion Router) and a secure virtual private network, as well as the confidence of individuals who run in such circles.
The data, especially if it was compromised in a data breach, is almost certainly accessible for purchase on the dark web. According to Experian, a business that provides identity theft protection, someone’s social security number might be sold on the dark web for as low as $1. Credit card numbers may be purchased for as low as $5.
In the majority of cases, your identity is used to make fraudulent transactions as anybody could use a different identity on the internet. Securing our personal data is critical, not just for the money in the bank account, as well as for our liberty.
Cybercrime laws around the globe
Cybercrime is a worldwide issue that necessitates a cohesive global reaction. Different countries throughout the world have enacted several cyber laws that specify the offences and punishments for cyber crime. Some of these are as follows:
The United States of America
Computer fraud and abuse are prohibited under the Computer Fraud and Abuse Act (CFAA), 18 USC 1030. These are cyber defence legislations. It safeguards federal systems, bank computers, and Internet-connected systems. It protects them from intrusion, threats, vandalism, spying, and being corruptly utilised as fraud instruments. It is not a complete provision, but rather covers holes and crevices in the protection provided by other federal criminal statutes.
Few other cyber legislations prevalent in the US are Cybersecurity Information Sharing Act (CISA), United States Code, and The Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.
A complicated legal and regulatory structure governs data protection and cybersecurity in Canada. Failure to comprehend this framework and actively mitigate risks (or the effect of such risks when they materialise) can have major legal and financial ramifications for a business. As a result, understanding this quickly growing area of law and governance is critical for enterprises that operate in Canada (in whole or in part) or have business partners operating in Canada.
The Personal Information Protection and Electronic Documents Act, SC 2000 c 5 (‘PIPEDA’) along with the Criminal Code of Canada is a data privacy act that essentially provides two key cybersecurity duties for Canadian private sector organisations. The PIPEDA mandates organisations to report specific cybersecurity events to the regulator and impacted persons, as well as to implement proper security protections.
The EU intends to create a single set of guidelines and laws covering cybersecurity and data protection. Directives are legislative actions that establish legally obligatory objectives for all member nations. Once enacted, each country must enact its own laws and regulations to fulfil these objectives.
The General Data Protection Regulation (GDPR) is the most comprehensive and unified piece of cyber law in the EU. It has a direct impact on foreign corporations doing business in the EU and applies to all organisations dealing with the personal data of EU residents, regardless of where the organisation is based. The GDPR, which was established in 2018 to harmonise data protection and privacy rules across member nations, is now in effect. It empowers member governments to impose severe penalties on organisations that fail to comply.
The Cybersecurity Act is another significant advancement in cybersecurity measures that directly affect enterprises. It went into effect on June 27, 2019, with the goal of boosting network security for vital industries.
When China’s Cybersecurity Law went into effect in June 2017, it created the groundwork for a defence plan against widespread cybercrime and possible nation-state strikes. The rule places a special emphasis on “critical information infrastructure operators,” requiring them to keep personal and essential network data within China. However, the criteria might be imprecise and wide, and even organisations in the financial industry may fall under the category of information infrastructure operator. Multinational firms must keep data generated in China within the country’s boundaries, collaborating with local cloud data centre providers or developing their own centres in partnership with a local company.
The Data Security Law (“DSL”) was passed by the People’s Republic of China’s National People’s Congress Standing Committee on June 10, 2021. The DSL’s primary goal is to safeguard and secure important data related to national security and the public interest.
The United Kingdom
In the United Kingdom, the Computer Misuse Act, of 2013, criminalises all “unauthorised” access, bolstered by even broader clauses criminalising preparatory conduct and the trafficking of technology used for unauthorised computer access.
Famous incidents relating to cyber crimes
Cyber assaults and data breaches are common occurrences. If we read tech news, we might have come across headlines indicating cybercriminals are continually developing and implementing new cyber risks.
In late 2019, the Australian Cyber Security Centre issued a warning to national businesses about the Emotet virus, a significant global cyber threat. Emotet was created to crack simple passwords, steal information, and inject other malware onto computers. This virus was a financial trojan with a variety of characteristics and capabilities that has been affecting governmental bodies, public enterprises, and private groups all over the world since 2014.
Cyber security risks are not limited to technology firms; they have also invaded the video gaming sector. An excellent example is Capcom, a Japanese video game creation business, which had a data breach. Capcom’s plans for the next four years were disclosed online in November 2020 when thieves stole its systems. Not only did the attack have an influence on the company’s 2021 releases, but it also raised concerns among its consumers about the security of their personal information.
The evidence presented above indicates that cybercrime may affect every type of company in any industry.
Yahoo was negotiating a transaction with Verizon at the time of the announcements. The transaction price was reduced by an estimated $350 million once the news surfaced. It’s frightening to believe that this was one of the greatest data breaches in history, and Yahoo delayed three years to announce anything about it.
The Blackshades RAT was a popular extortion tool about the same period, if not earlier. A Distant Access Tool, or RAT, allows a remote computer to operate yours without requiring a physical connection. The vast majority of RATs are used legally, such as when a computer maker gives the assistance.
A hacking gang called Blackshades customised a commercially available RAT and exploited it for extortion. Cassidy Wolf, Miss Teen USA in 2014, was one of the more well-known instances. Jared Abrahams, a student who had previously cyber-attacked 100-150 other women, hacked and monitored her webcam for a year.
Sextortion was carried out using photos of her dressed and undressing. Abrahams threatened to publish the webcam photos if she did not create sexual recordings. The Blackshades RAT, which was a prominent example in our article on how to secure your camera, affected nineteen additional nations.
Cybercrime in India
With approximately 658 million internet users as of February 2022, India has the world’s second-largest internet population. Cybercrime in India cost Rs.1.25 lakh crore in 2019, putting India in second place among nations hit by cyber-attacks between 2016 and 2018. Ransomware assaults are becoming more common, and many cybercriminals operate from their homes. In other words, cybercrime in India may be described as unlawful access to a computer system without the consent of the legitimate owner or location of criminal activity and can range from online cracking to denial of service assaults.
Phishing, spoofing, DoS (Denial of Service) attacks, credit card fraud, online transaction fraud, cyber defamation, child pornography, and other forms of cybercrime are examples.
There are several vulnerabilities in devices such as mobile phones that individuals use to access services. An examination of the attack vector in a mobile phone found that other than the programs, there are 15 distinct points through which a hacker might gain access to it. Bluetooth, communication modules, microchips, operating systems, CPUs, and Wi-Fi are all examples.
Hackers have devised a number of methods for acquiring user passwords by leveraging the inadequate IT infrastructure at employees’ residences. Indeed, the frequency of cyber assaults is growing, with 7 lakh documented intrusions through August of this year—a stunning 175 percent rise over the same period last year.
So, let’s take a closer look at India’s current cybersecurity regulations and what advances and improvements we may expect in the future.
Grounds of cybercrime in India
Even though it is unlawful, cybercriminals frequently select an easier approach to generate money. They target cash-rich organisations, like banks and other financial institutions, where large sums of money are handled on a daily basis. They hack sensitive information by taking advantage of flaws in IT security mechanisms. The following are the reasons why IT platforms are so vulnerable:
- Accessibility– Due to the complexity of technology, there are several ways to breach a computer system. Hackers can obtain access codes, sophisticated voice recorders, retina scans, and other data that can be used to circumvent security measures.
- Complex codes– Operating systems are used to run computers, and these operating systems are made up of millions of lines of code. Because the human mind is flawed, errors can occur at any time and in such cases, cybercriminals take advantage of every code error.
- Ability to store data in a relatively small space– A computer has the unique ability to store data in a very tiny space. This makes it easier for someone to take data from other storage devices and utilise it for personal gain.
- Carelessness– One of the hallmarks of human behaviour is negligence. As a result, there is a chance that when securing the computer system, we may make a mistake that allows cyber-criminal access and control over the computer system.
- Evidence loss– Data relating to the crime can be readily deleted. As a result, evidence loss has become a very widespread and evident problem that paralyses the mechanism behind the cyber-crime investigation.
Cybercrime cases in India
The following are notable cybercrime incidents that have resulted in massive losses for well-known Indian firms.
In 2018, a cyber-attack on the Cosmos bank in Pune startled the whole banking industry. Hackers stole Rs 94.42 crore by breaking into the bank’s ATM server and stealing the personal information of numerous debit cardholders. Money was stolen, and hackers from 28 nations promptly withdrew it.
In 2018 again a massive data breach involving 1.1 billion Aadhar card users occurred. The hacked data contained personal information such as Aadhar, cellphone, PAN, and bank account numbers, as well as IFSC codes. Surprisingly, unknown merchants were quickly selling Aadhar information on WhatsApp for Rs 500 per individual. In addition, for a meagre Rs 300, one could obtain a printout of anyone’s Aadhar card.
Canara bank’s ATM servers were attacked in a cyber assault in mid-2018. The crooks have over Rs 20 lakhs stashed away in several bank accounts. Skimming devices were used by hackers to acquire information from 300 debit cards. The imposters targeted 50 people and took money ranging from Rs 10,000 to Rs 40,000.
Pegasus spyware is a type of malicious software that infiltrates a device, collects data, and then sends it to a third-party provider without the user’s permission. NSO Group, an Israeli cyber weaponry company, designed it. It mostly needed links to function. When a consumer clicks on one of these links, Pegasus is instantly installed on their phone. According to the Indian news portal The Wire, a leaked global database of 50,000 telephone numbers alleged to have been provided by different government clients of NSO Group includes over 300 verified Indian mobile telephone numbers, including those used by ministers, opposition leaders, journalists, the legal community, businesses, government employees, scientists, rights activists, and others.
Reporting a cybercrime in India
The initial step in reporting cybercrime in India is to register a complaint with a cybercrime cell in a police station in the city where the crime occurred, or where the affected device is located.
The second step is to know where to report cybercrime in India, which may be done both online and offline by filing a complaint against the perpetrator of the cybercrime. In India, one can file a complaint with either a cyber cell or a police station. One can go to your state’s police station or write an email to the police, who will pass your report to the Cyber Cell, or one can mail the complaint directly to the Cyber Cell.
The first step in learning how to report cybercrime in India is to file a complaint in accordance with India’s cybercrime regulations. There is no online letter style for filing a cybercrime report, however, the following papers must be provided:
To register a cybercrime report in the instance of hacking, the following information is required:
- Logs from the server.
- If a website is vandalised, make a soft and hard duplicate of the defaced web page.
- A soft copy of the original data and a soft copy of the compromised data are required if data on a server or computer is compromised.
- Details on the access control system, such as who had access and what sort of access.
- If the victim suspects anybody, compile a list of suspects.
To register a cybercrime report in the instance of email abuse, the following actions must be taken:
- The problematic email’s extended headers must be removed, and both the soft and hard copies must be saved.
- The problematic email should not be removed from the inbox.
- The objectionable email must be copied and stored on the computer’s hard disk.
Cyber Crime Complaint Online
In the past decades the advancement in technology and the number of internet users have grown at a great pace and upto a great extent. With the increase in use of internet it is obvious that there will be cons for excessive use as well. In lieu of the excessive use certain crimes online are also committed and thus, for the protection of the victim it is necessary to have provisions for registering the complaint and intimating the officials about the commission of the crime for punishing the accused.
One can submit a complaint about cybercrime both offline and online. Cyber Cell India is the department that deals with online and offline cyber complaints and thus, the first step is to report the complaint to this department. One can also give a call on the cybercrime helpline number. You can visit here to file an online cybercrime complaint.
A written complaint has to be filed with the cybercrime cell by the victim in the city he or she is in. But since cybercrime comes under the purview of the global jurisdiction thus, it is implied from this that one can file a cyber complaint in the cybercrime cell of any city irrespective of the fact that the person originates from some other cities in India.
Following information is required to be given by the victim at the time of filing the complaint with the cyber cell-
- Name of the victim/person filing the complaint,
- His contact details,
- Address for mailing.
The written complaint shall be addressed to the head to the department.
In case of no access to the cyber cell India, one can report the matter to the local police station by filing a First Information Report. If the complaint due to any reason does not get accepted in the police station then in that case one can approach the judicial magistrate or the commissioner.
One can also file a First Information Report under the provision of the Indian Penal Code if the offence falls under this Code. it is an obligation of every police officer to lodge the complaint as it has been made mandatory under section 154 of Code of Criminal Procedure.
Since most of the cyber crimes under the Indian Penal Code are classified under the category of cognizable offences, thus, there is no requirement of any warrant for arresting the accused because cognizable offences are those offences in which for the purpose of carrying out the investigation or for making an arrest there is no requirement of any warrant.
- The Ministry of Home Affairs is in lieu of establishing and launching a centralised online cyber crime registration portal. The purpose is to remove the requirement of moving to the police station for lodging any cyber crime complaint.
- An online portal for registration of Cyber crime online has been launched by the Cyber crime cell of the Delhi police.
- You can visit it here.
Cyber crime legislation and agencies
To combat the threat posed by cybercriminals, the government created the Information Technology Act of 2000, the primary goal of which is to provide an enabling environment for successful internet use as well as to report cyber crime in India. The Information Technology Act (IT Act), which was enacted in 2000, governs Indian cyber legislation. The main goal of this Act is to provide eCommerce with trustworthy legal protection by making it easier to register real-time information with the government. However, as cyber attackers became more cunning, coupled with the human predisposition to manipulate technology, a number of adjustments were made.
The IT Act, which was passed by India’s Parliament, emphasises the harsh fines and penalties that protect the e-governance, e-banking, and e-commerce sectors. The scope of ITA has now been expanded to include all of the most recent communication devices.
The IT Act is a comprehensive piece of legislation that addresses technology in the areas of e-governance, e-commerce, and e-banking. In India, the cyber law also establishes sanctions and punishment for cyber crime.
The IT Act is the most important, as it directs all Indian legislation to strictly regulate cyber crime:
Section 43 – This section applies to those who destroy computer systems without the owner’s authorization. In such instances, the owner is entitled to full recompense for the total loss.
Section 66 – This section applies if a person is determined to have committed any of the acts listed in section 43 dishonestly or fraudulently. In such cases, the penalty might be up to three years in prison or a fine of up to Rs. 5 lakh.
Section 66B – Incorporates the penalties for obtaining stolen communication devices or computers in a dishonest manner, which affirms a possible three-year sentence. Depending on the severity, this sentence might also be followed by a fine of Rs. 1 lakh.
Section 66C – This section looks at identity thefts including impostor digital signatures, password hacking, and other unique identifying elements. If found guilty, a three-year sentence could be accompanied by a fine of Rs.1 lakh.
Section 66 D – This section was added on the spot to focus on penalising cheaters who use computer resources to impersonate others.
The Indian Penal Code was also updated to encompass crimes such as fraud, forgery, theft, and other similar offences committed through the internet or through electronic media.
Sections 43 and 66 of the IT Act penalise a person who commits data theft, transmits a virus into a system, hacks, destroys data, or denies an authorised person access to the network with up to three years in jail or a fine of Rs. five lacs, or both. Simultaneously, data theft is penalised under Sections 378 and 424 of the IPC, with maximum sentences of three years in jail or a fine, or both, and two years in prison or a fine, or both. Denying access to an authorised user or causing damage to a computer system is punishable under Section 426 of the IPC by imprisonment for up to three months, a fine, or both.
Section 65 of the IT Act makes it illegal to tamper with computer source materials. Section 66E specifies the penalty for invasion of privacy. It states that anyone who captures, publishes, or distributes an image of a person’s private area without his or her consent has committed a violation of privacy and is punishable by imprisonment for up to three years or a fine of up to two lacs, or both.
Section 66F addresses a critical issue, cyber terrorism, and sets penalties for it. It defines cyber terrorism as acts such as denial of access, breaching a network, or transmitting a virus/malware with the intent of causing death or injury to any person, all with the intent of undermining India’s integrity, sovereignty, unity, and security or instilling fear in the minds of its citizens.
The offence of deceitfully obtaining stolen computer resources or devices is dealt with under Section 66B of the IT Act and Section 411 of the IPC.
Section 66C of the IT Act specifies penalties for identity theft, stating that anybody who uses another person’s identification credentials for fraud or in a dishonest manner faces imprisonment for up to three years and a fine of up to Rs. three lacs. Cheating by impersonating another person while utilising a computer resource is a violation of Section 66D of the IT Act. Sections 419, 463, 465, and 468 of the IPC include similar prohibitions for these offences. The IT Act penalises not only individuals but also corporations, if they fail to build and implement a reasonable and attentive procedure to secure any person’s sensitive data in their control. Such a corporation is obligated to compensate the individual who has sustained a loss as a result of the corporation’s carelessness.
In addition to the measures for punishment, the IT Act authorises the Central Government to give orders to prevent access to any material on an intermediary or computer resource for the public if it deems it essential in the interests of the state. It can also intercept, decode, and monitor such data.
Protection against cybercrime
In order to protect ourselves from the perils of cybercrime, the following preventative actions can be taken:
- It is required to install an antivirus program. An antivirus program is designed to safeguard users against cybercrime. Modern programs monitor the machine’s data for harmful content and give real-time security against dangers like phishing.
- Making use of a Virtual Private Network. A VPN connection will protect your online privacy. It’s an important tool for privacy, which protects people from identity theft.
- Unsolicited emails, text messages, and phone calls should be avoided, especially if they utilise the crisis to coerce people into circumventing standard security safeguards.
- Change the Wi-Fi network’s default password to something more secure. Limit the number of devices that may connect to the Wi-Fi network and only allow trustworthy devices to connect.
- Use lengthy and complicated passwords that incorporate numbers, letters, and special characters.
- Make sure to update all the systems and programs, as well as to install and maintain an antivirus software up to date.
- Data backup should be a routine procedure since data may be quickly destroyed, infected, or manipulated.
Prevention against cybercrime
To effectively combat cybercrime, multidimensional public-private alliances involving authorities, the digital tech industry, information security groups, internet firms, and financial institutions are required. Cyber thieves, unlike their counterparts in the physical world, do not compete for dominance or control. Instead, they collaborate to enhance their talents and even assist one another with new chances. As a result, traditional crime-fighting strategies cannot be employed to combat cyber crime in India. Mentioned below are some steps to prevent cyber crime:
- Use complex passwords: Use various login details combinations for separate accounts and avoid writing them down.
- Keeping online profiles secret: Make sure to keep your social networking profiles (Facebook, Twitter, YouTube, and so on) private. Make sure to double-check your security settings. Take caution with the information you put on the internet. Once it’s on the Internet, it’s there for good.
- Safeguard mobile devices: Many individuals are unaware that their mobile devices are exposed to dangerous software such as computer viruses. An individual should only download software from reputable sites. It is also critical that your operating system is kept up to date. Install anti-virus software and utilize a secure lock screen in addition. Otherwise, if you misplace your phone or lay it down for a few seconds, anyone may see all of your personal information on it. Someone may even install malicious software that uses GPS to follow your every step.
- Safeguarding data: Encrypt sensitive files such as financial documents and tax returns, to protect your data.
- Secure online identity: When it comes to protecting one’s identity online, an individual should be vigilant. When providing personal information such as your name, address, phone number, and/or financial information on the Internet, you must exercise extreme caution. While making an online purchase, etc., be sure to check whether the websites are safe. This includes turning on your privacy settings while using or visiting social networking sites.
- Safeguarding computers with security software: For basic internet security, several types of security softwares are required. Firewall and antivirus software are key pieces of security software. A firewall is typically the first line of defence for your computer. It governs who can communicate, and access the computer via the internet. Assume a firewall to be a type of ‘policeman’ who monitors all data attempting to flow to and from the computer via the Internet, permitting transactions that it knows are secure while preventing ‘bad’ traffic such as cyberattacks.
As people’s reliance on technology grows, cyber laws in India and throughout the world must be constantly updated and refined. The epidemic has also driven a large portion of the workforce into a remote working mode, heightening the need for app security. Legislators must go above and beyond to keep ahead of the impostors and stop them in their tracks. cyber crime can be managed, but it takes the combined efforts of governments, Internet or network providers, intermediaries such as banks and shopping sites, and most crucially, consumers.
Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skills.
LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join: