This article has been written by Shrikar Ventrapragada.

Meaning

Cyberwarfare can be defined as the use of technology to create a cyberattack on a nation-state or a specific target place. The main intention of cyber warfare is to cause some significant harm to the targeted region. This damage can be physical as well as virtual. Physical damage can be damage/destruction of buildings/critical defence infrastructures. Virtual damage could be harmful to the economy due to an attack on a power grid that disrupted the city’s power sources causing millions of businesses to be paused. 

Cyberwarfare need not necessarily mean to be a cyber-attack by one nation-state on another nation-state. It can also be described as a cyber-attack by a terrorist group or hackers, which eventually aim at pushing the goals of an alien nation. 

Kinds of cyber weapons used in warfare 

1. Viruses, phishing, computer worms and malware can affect major infrastructures.
2. Denial of service attack, these attacks deny access to the affected device from its true owner. 
3. Theft of critical information by hacking the servers of reputed and important institutions/businesses of a country.
4. Cyber espionage or spyware, the purpose of espionage is to spy on other alien nations and track their activities. Espionage may also lead to theft of information which would eventually risk national security. 
5. Ransomware, it is a form of cyber-attack in which the attacker seeks ransom for critical information he possesses of the victim. 
6. Propaganda, it is an effort to control information and use it to influence the mind of the public in order to create chaos and disruption. Propaganda is mainly through social media apps, which triggers the crowd. 

How do Indian laws try to deal with Cyber Warfare?

In India, there is only one cyber law which is known as the IT Act, 2000; which was further amended in the year 2008. Though this act has multiple shortcomings when it comes to dealing with cyber war-related situations. In my opinion, this law is not very effective to supervise cyber wars which may occur. 

Some of the cyber crimes listed under the IT Act, 2000 and in its amendment, 2008 are as follows: 

1. Section 43: If any person without the permission of the owner of the computer, computer system, computer network; accesses, downloads, introduces, disrupts, denies or provides any assistance to another person can be held liable under this section.   
2. Section 66: If the accounts of a victim are compromised by an attack, who does any act mentioned in Section 43 of the IT Act, shall be imprisoned for a term which may exceed up to three years or with a fine which may exceed up to five lakh rupees or both. 
3. Section 66 F: This section of the IT Act deals with punitive punishment for crimes that come under the branch of cyber terrorism. A cyber attack is considered to be cyber terrorism if it has the intent to threaten the unity, security, integrity and sovereignty of India. A cyber terrorism attack is intended to strike terror in the people or a group of people. 

How can it be determined as cyber terrorism?

1. The attack denies access to any authorised person’s computer source (DDoS).
2. Unauthorised access to computer sources, or breaking the barriers to the computer source by illegal means, which is created by the true authorised owner of the computer to protect the device.
3. Bringing in any virus which contaminates the computer causing loss to the data/ computer. 

If the above-mentioned causes are fulfilled and the supra conduct causes death or injury to any person, and causes damage or destruction to property and disrupts the supplies of essential services to the community or in any manner affects the critical information infrastructure mentioned under Section 70, shall be punishable with imprisonment which may exceed up to imprisonment for life: 

Section 70A: This provision gives the central government the authority to appoint any department of the government as the national nodal agency in dealing with critical information infrastructure protection. Such an appointment shall only be valid if the notification is published in the Official Gazette. The notification shall also prescribe the process of how the agency shall function its duties. This appointed nodal agency shall solely determine and conduct the research and development related to the critical information infrastructure.

How is cyber warfare different from a normal cyber-attack?

A normal cyber-attack can be determined as an act of a ‘hacker’ who intends to violate the barriers set by a computer system or network and tends to expose its vulnerabilities.

Hackers’ can be classified into three categories:

1. White hat hacker: Who are also known as ethical hackers, they violate a network for non-malicious purposes, they test the level of attacks a barrier can manage before it is compromised. 
2. Black hat hacker- Hackers who attack for no cause but for personal gain and profits. They only violate the safety protections of a network in order to make some money, their intent is to act maliciously. 
3. Grey hat hacker- This category of hacker is the one who is a mixture of the above two types. They break into a system and demand ransom in order to notify the administrator about the security flaw. 

Cyberwarfare is a very tangled problem that demands a lot of concerns about its meanings and discrepancies in other wars. This is because an attack will defer depending on the ultimate outcome the attacker expects, distance, hardware and software. 

The main differentiation between cyber warfare and an ordinary cyber-attack lies in the intention, the primary motivation for cyberterrorism attacks is to disrupt or harm the victims, even if the attacks do not result in physical harm or cause extreme financial harm. Just like the basic rule in torts, if there is no intention, then there is no crime. Similarly, in the case of a cyber warfare type attack on a nation, organisation or a particular individual, the intention to attack shall be keen in such a situation. If the attacker does not have any intention of causing damage, physically or in monetary terms, it would be a tough task determining the attacker guilty.   

Both of them have the aim of using information technology and networks to obtain a strategic edge. One meaning is that cyber warfare involves acts of a nation-state to access computers or networks of another country for disruption or disturbance purposes. Any cyber-warfare activities may, however, involve non-state entities including militants, political groups or nations as aggressors or as targets.

But what if the attack is being conducted by a non-resident of India/outsider?

In such a case, Section 75(2) of the IT Act, 2000 comes into play. The provision states that the IT Act is applicable to any offence which is committed outside the territory of India by any person/ organisation if the act involves the offence being constituted involving a computer or a computer network located in India. 

According to Section 75(1), this provision is also applicable to any offence committed outside India by any person irrespective of his nationality. 

How India has progressed in cybersecurity

IT Act, 2000

This Act is the primary law in India that handles the issues related to Cybercrime and electronic commerce. The secondary legislation to the IT Act, 2000 is the Intermediary Guidelines Rules, 2011 and the IT Rules, 2021. The IT Act is amended from time to time when the government feels the need to improvise the Act. 

National Cybersecurity Coordination Centre (NCCC)

This agency’s responsibility is to scan internet traffic and elaborate the smaller details which are hidden inside each communication, which is coming into the country to identify real-time cyber threats. 

Cyber Swachhta Kendra, 2017

This platform was created in 2017, to help the internet users in the Indian territory to clean their computers and devices by wiping out viruses and malicious software, if any.  

Cyber Surakshit Bharat Initiative, 2018

This policy was launched in the year 2018 with the intent to spread awareness about cybercrime and to build the necessary safety measures for the Chief Information Security (CISOs) and for the IT staff working in the frontline across all the govt agencies.  

National Computer Emergency Response Team (CERT-In)

It functions as the Nodal agency for quick response to all types of cybersecurity threats, emergency responses and crisis management.

National Critical Information Infrastructure Protection Centre (NCIIPC)

Timeline of major events of Cyberwarfare attack

The Morris Worm, 1988

This worm was created by Robert Tapan Morris, who made this worm only to check how big the internet really was. He was the first accused to have been convicted under the US computer fraud and abuse act. It is known as being the first recognised worm that struck the cyber-infrastructures around the world. It mainly affected the computers in the region of the US. The worm detects the defaults in the UNIX system and it copies itself repeatedly. It affected the computer in such a way that the computers were no longer in working conditions.  

Bronze soldier, 2007

The Estonian government displaced the bronze soldier war memorial from the city centre of Tallinn, which was the capital of Estonia, to a cemetery that belonged to the army on the outskirts of the city. This resulted in several major cyber-attacks on the country. The attack was targeted on the Estonian banks, government websites and media channels as well. The attack was such that it increased the levels of traffic on the servers and eventually led the server to crash. 

Stuxnet, 2010

In 2010, the first-ever Digital Weapon namely ‘Stuxnet’, this weapon targeted a Nuclear Facility in Natanz, Iran. The attack was called ‘Operation Olympic Games’ and was claimed to be executed by Israel and the US jointly. The Stuxnet was an infected USD drive, which completely paralyzed the hardware and software facilities at the nuclear facility. Stuxnet is claimed to be a computer worm that is used to control a factory’s assembly line.   

Edward Snowden, 2013

A former employee of the Central Intelligence Agency Consultancy, namely Edward Snowden, leaked critical information of the U.S. National Security Agency’s cyber-surveillance system. He confessed to this attack after his ethical concerns about a program he was involved in, was ignored. His attack led to mass awareness amongst the corporate and public regarding how advanced the technology has reached and since then, it came to be known as the Snowden Effect. 

DDoS attack on Ukraine, 2014

The propaganda by the Russian govt by conducting a DDoS attack that destroyed the internet services in Ukraine, which led to Russian rebels taking control of Crimea, a city in Ukraine. 

Sony Pictures, 2014

The film ‘The interview’ was based on an interview with the North Korean leader Kim Jong Un, in which the leader was said to be wrongly portrayed. The cyber-attack on Sony Pictures after Sony released the movie was blamed on the North Korean hackers associated with its government. 

US presidential election, 2016

A report on the presidential elections by special counsel Robert Mueller concluded that Russia was involved in influencing the US presidential election, 2016. The Mueller report found that Russia made use of social media to disrupt the political situation in the US, using an ‘information malware’. The malware started by first misusing the electoral system in 2014 and later to benefit the election candidate Donald Trump.

---

LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join: