REPORT ON CYBER CRIMES

SUBMITTED BY:-

HARSHIT MANWANI

AASHI DUA

KARTHIK PATHAK

KANAK BANATWAL
2|Page

Table of Contents
1. Introduction to Cyber Crimes……………………………………………… 3

2. The information Technology Act, 2000…………………………………….5

3. How bad are Cyber Crimes…………………………………………………8

4. Cyber Security Techniques…………………………………………………8

5. Cases related to Cyber Crimes……………………………………………..10

6. Recommendations to the Government…………………………………….12

7. Conclusion…………………………………………………………………....13
3|Page

INTRODUCTION TO CYBER CRIMES

 WHAT ARE CYBER CRIMES: Any illegal exercise done through computer system or
network including crimes like illegal distribution of information through networks or
computer systems, for example cyber crimes can contain credit card fraud, hacking,
fishing, cyber stalking etc.
 EXTENT: As fast as the technology is catching its pace there has been seen an increase
in cyber crimes all over the world. Particularly in India according to National Crimes
Record Bureau (NCRB) cyber crimes rate has increased by 77% in 20171. Majority of the
cyber crimes in India are done with the motive of fraud in 2017, followed by sexual
exploitation with 1,640 cases2. There is no specific mention of cyber crimes in Indian
statute. Even after its amendment by the Information Technology (amendment) Act 2008,
the Indian Cyber law. “Cyber terrorism is the premeditated, politically motivated attack
against information, computer systems, computer programs, and data which result in
violence against property, government and people at large.”3
 History of Cyber Crimes:-
1. The first cyber-crime which was recorded was done in 1820. It should not be
surprising considering the fact that the Abacus, which is the earliest type of computer
was invented in 3500 B.C. in India, China and Japan.
2. The first spam email was sent over the ARPANET (Advanced Research Projects
Agency Networks) in 1976 which was created for the people so that they could easily
access computers and which would also improve computer equipment.
3. It was started by some the hackers just for fun and thrill but on another side some
used it for gaining sensitive and classified material which went on and on, that too on
an increasing rate.

1
http://ncrb.gov.in/StatPublications/CII/CII2016/pdfs/Crime%20Statistics%20-%202016.pdf
2
Ibid
3
http://nagapol.gov.in/PDF/IT%20Act%20(Amendments)2008.pdf
4|Page

 Types of Cyber-Crimes:-

Mainly cyber-crimes can be categorized into three areas:-

1) Against persons:- This term refers to a broad chain of criminal offenses that usually
includes harassing any individual with the use of computers through things which are
online like emails etc.
Against the society at large the given types of crimes are done:-
 Hacking: - It means to alter any hardware or software of a computer so that it can
be used for legitimate (used by Government officials for some authorized work)
or for illegitimate purposes (taking out private information of people) . It also
means to intrude into any other person’s computer system and network.
According to Indian legal perspective hacking and cracking are the same
concepts.
 Cyber- stalking: - It refers to any electronic communication device which can be
used to stalk another person like webcam, websites, emails etc. It can be defined
as acts done by the cyber-criminal by which the victim gets physically threatened.
 Credit card frauds: - In this type of cyber-crime the data of the card holder is
stolen and then money is withdrawn from his account or his account is used for
illegal purposes.
 Web Jacking: - This happens when someone forcefully cracks the password of
your website and then later changes it and then gains access over the site and uses
it for his benefit.
2) Against property: -
 Computer vandalism: - When destruction or damage takes place in digital form
then it is called computer-vandalism. It means creating a malware which destroys
the software or the hardware of the computer system.
 It also includes unauthorized possession of information and unauthorized trespass
through cyberspace.
3) Against government: -
5|Page

 In this kind of cyber-crime the website of the government or military gets cracked
by individuals or group of people which can be a huge threat to the safety of the
country and can develop into terror.
 Prevention and Control of Cyber Crime: -
1. Use strong passwords: - There should be usage of strong id and passwords for
different accounts and it should not be written just anywhere for safety. The
password must be a complicated one and should be changed on a regular basis.
2. Secure your computer: - In the line of defense firewalls are the first one, they
block connections to unknown sites. Install anti-virus to prevent viruses infecting
your computer.
3. Secure your mobiles: - Your phone should be free from viruses, for which you
should download apps and software from trusted websites only.
4. Avoid being scammed: - Do not trust on any website that asks your id and
password for some purpose. You should not be pressurized by any fake emails, if
in doubt, always try to verify the source.
5. Be sharp on social media: - Be very careful about your social networking sites
like instagram, facebook etc. Whatever you post there, is there forever.

THE INFORMATION TECHNOLOGY ACT, 2000

The Information Technology Act, 2000 (IT act) came into force on 9th June, 2000 after the
president gave assent to it thereof. This act was brought after the United Nation General
Assembly (UNGA) passed a resolution on the Model Law on Electronic Commerce in 1997. It is
the act which deals with cyber crimes and electronic commerce in India though the term cyber
security is not defined in the IT act, 2000. It consists of XIII chapters, 94 sections and 4
schedules. It is also known as cyber law which is used in needs of fast developing technology in
India. Till now it has been amended once in, which is called Information Technology
(amendment) Act, 2008, it came into force on dated 27th October 2009. The amendments brought
with it new sections on cyber terrorism and data protection.4

FEATURES OF IT ACT, 2000

4
ibid
6|Page

 It recognizes and protects paperless transactions.

 It is known as cyber law and lays down rules and procedures giving legal recognition to
digital signatures, electronic record and electronic filing.
 This act provides offences that has occurred due to advancement in the technology and
because of which ways of doing crimes have also transformed, i.e. Cyber Crimes.
 It also deals with procedures regarding filing of complaints, investigation etc.
 It has made the breach of confidentiality and privacy punishable under its statutes which
deal with such crimes.
 This act applies to whole of India including the state of Jammu and Kashmir (now Union
Territory) unlike various other laws in India.
 This act also recognizes various authorities like the Cyber Regulation Appellate Tribunal
(CRAT), and the Cyber regulation Advisory Committee5.

RULES AND REGULATIONS UNDER IT ACT, 20006

1. “The Information Technology (Certifying Authorities) Rules, 2000”

2. “The Cyber Regulation Appellate Tribunal (Procedural) Rules, 2000”
3. “The Information Technology (Certifying Authorities) Regulation, 2001”
4. “The Cyber Regulation Appellate Tribunal (Procedure for investigation of
misbehavior or Incapacity of Presiding officer)”
5. “The Information Technology (Other powers of Civil Court Vested in Cyber
Appellate Tribunal) Rules”
6. “The Information Technology (Other Standards) Rules, 2003”
7. “The Information Technology (Qualification and Experience of Adjudicating Officers
and Manner of Holding Enquiries) Rules, 2003”
8. “The information Technology (Use of Electronics Records and Digital Signatures)
Rules, 2004.”
9. “The Information Technology (Use of Electronic Records and Digital Signatures)
Rules,2004”

5
ibid
6
ibid
7|Page

10. “The Cyber Regulation Appellate Tribunal (Salary, Allowance other Term and
Condition of Service of Chair Person and Members)”
11. “The Cyber Regulation Appellate Tribunal (Procedure for investigating of
Misbehavior in Capacity of Pres Chair Person and Member) Rules, 2009”
12. “The Information Technology (Procedure and Safe guards for Interception,
Monitoring and Decryption of Information) Rules, 2009”
13. “The Information Technology (Procedure and Safeguard for Blocking for Access of
Information by Public) Rules, 2009”
14. “The Information Technology (Procedure and Safeguard for Collecting and
Monitoring Traffic Data or Information) Rules, 2009”
15. “The Information Technology (Reasonable Security Practices and Procedures aand
Sensitive Personal Data Information) Rules, 2011”
16. “The Information Technology (Intermediaries Guidelines) rules, 2011”
17. “The Information Technology (Guidelines for Cyber Cafes) rules, 2011”
18. “The Information Technology (Electronic Service Delivery) Rules, 2011”
19. “The Information Technology (Recognition of Foreign Certifying Authorities
operating under a Regulating Authority) Rules, 2013”
20. “The Information Technology (Recognition of Foreign Certifying Authority not
operating under a Regulating Authority) Rules, 2013”
21. “The Information Technology (National Critical Information Infrastructure Protection
Centre and Manner of Performing Function and Duties) Rules, 2013”
22. “The Information Technology (Indian Computer Emergency Response Team and
Manner of Performing Function and Duties) Rules, 2013”

Though there are rules and regulation made by the government and other authorities under IT
Act, 2000, these are not enough to tackle cyber security in India. There is need to make many
inclusive cyber security laws.
8|Page

HOW BAD ARE CYBER CRIMES?

Today in our daily lives, we can’t live without internet, no day passes when we do not use
applications like Whatsapp, Instagram and Facebook. Even various big corporations use internet
to communicate via e-mails, self-made platforms, etc. But do we actually think that there is an
possibility such things that we use as our comfort today can kick us out of our comfort zone to a
very vulnerable position? I do not think that we all do the same. Today, more than 60% of the
transactions take place over the internet and whether we should feel secure or not answer to this
question lies in the cyber security laws i.e. The Information Technology Act, 2000. The scope of
Cyber security does not limit itself to just IT industries but various other fields like cyber space
etc.

CYBER SECURITY TECHNIQUES:

9|Page

This charts show the importance of various techniques. Source: A STUDY OF CYBER
SECURITY CHALLENGES AND ITS EMERGNING TRENDS ON LATEST
TECHNOLOGIES7

 Access control and password security: An user must regularly update his passwords
and should not keep it too easy.
 Authentication of data: Whatever data an individual is receiving should be checked by
him regularly whether is it from a reliable source or not as it may contain malwares that
can control your whole computer or IP to which it is connected. The best way to do is to
install an email antivirus software.
 Malware scanners: This software will scan all the files and documents on the computer
and will remove all the dangerous files available on your PC or mobile phones.
 Firewalls: It is a software that tackles with online threats like, fake mails, viruses,
malwares etc. It basically blocks any such thing that does not adhere to the security
protocols.
 Anti-virus software: This kind of software detects and repair softwares which might
contain viruses, malwares or any kind of dangerous files. It auto updates itself with the
information of the new viruses or malwares and recognize them and further repair the
software in which it is detected.

7
A STUDY OF CYBER SECURITY CHALLENGES AND ITS EMERGNING TRENDS ON LATEST
TECHNOLOGIES : G.NIKHITA REDDY , G.J.UGANDER REDDY
10 | P a g e

CASES RELATED TO CYBER C RIMES

Suhas Katti Vs. State of Tamil Nadu

The case is related to the posting of defamatory and obscene material online on a yahoo message group.
The accused also made several fake email accounts using the name of the victim and sent several emails
to the public. The emails contained the victim’s mobile number and the content clearly stated that the
victim is soliciting (prostitution). The posting of these messages resulted in annoying phone calls asking
the victim for soliciting. In 2004 the victim filed a FIR in a police station against the accused on the
grounds of defamation and online harassment.

The FIR was filed under section 67 of the IT act, which says, “Punishment for publishing and transmitting
obscene material in electronic form”.

The upside of this case was that after the case was decided in 2005 it encourages many people who were
subject to online harassment to speak up and lodge complaints in the police station. After this case the
number of online harassment cases being filed increased substantially.

Pune Citibank Mphasis call center fraud

Some ex employees of Mphasis Ltd defrauded the US customers of Citibank to collect 1.5 crore. The
facts of the case were that the employees of the Mphasis group, which had ties with Citibank, found
various loopholes in the Citibank operating system and through these loopholes the members, who
committed the fraud, made several high amount transfers from the accounts of the US citizens who were
the users of Citibank. The members of the call center called the US customers and asked them for their
pin in most cases they were successful. When they obtained these pins they went out of the offices and
used these pins to transfer money into various accounts. The police got to know about the crime when the
team of fraudsters started transferring money in unknown accounts and when the account holders
complained about the suspicious activity the police started investigating. The FIR was filed under section
66 and section 44 of the IT act.
11 | P a g e

Sony Sambhand.com Case

Sony India runs a website called sonysambandh.com targeting NRI’s and this site enables the NRI’s to
send their relatives gifts which they purchase from the Sony website. In May 2002 someone logged onto
the site by the name of Barbara Campa and ordered a Sony television set and a cordless headphone. The
payment was made via the users credit card and the payment was duly credited from the card. The
products were delivered to Arif Azim in Noida. Azim accepted the package and the transaction came to a
close. One and a half month later Barbara filed a complaint to Sony that she didn’t make these
transactions and thereafter Sony contacted CBI. CBI arrested Azim and it was found that Azim was a
employee in a call center and he gained access of a American citizens credit cards details which he used
on the Sony website. Because there were no laws in India regarding conviction the case was registered
under Indian Penal Code but the case is a historic one n the view of cyber crime because from the date the
case was decided this case is used as a case law to give further judgements.
12 | P a g e

Recommendations to the government8:

 Government should promote the use of encryption including end to end encryption and
should also make sure the good conditions of the encrypted data are made. Form policies
regarding it so that all the concerned corporations adhere to it.
 The government should establish evidence based guidance on state of the art cyber
security principles, standards and practices, accompanied by certification marks or
benchmarks for digital products and services, focused on improving consumers’
protection and understanding.
 The government should form a commission that would forecast India’s future cyber
security needs and recommend the same to the parliament, there should be a laid out
standard procedure for the same.
 Incentives should be given to the organizations to make them adhere to the evidence
based Cyber security standards. Strict action should also be taken against any
organizations which does not adhere to the requires security standards.
 The government should in their budget introduce a specific budget for promoting
research in Cyber Security. Such research would help individuals to become aware of
increasing Cyber Crimes as well as the government to form policies keeping in mind the
outcomes of the research.
 Various educational government institutions like the UGC should instruct various
colleges and the universities under its watch to promote research and education on cyber
security.

8
Progress and research in Cyber Security: Royal Society
13 | P a g e

CONCLUSION:
Though The Information technology act is already in force to see the Cyber security needs the
government still have to work to strengthen the laws and research to protect the individuals as
well as various institutions be it private or public institutions. There is a strict need to mention
the term ‘Cyber Crime’ in the Information Technology Act, it is necessary to do so as individuals
otherwise would not be aware of the importance of The Information Technology Act in tackling
the cyber security issues. All the recommendations provided by us are cited after going through
many research papers and we believe the government would think upon it. The motive of our
research was mainly to aware the citizens how bad cyber security is, what they can do to tackle it
and aware them about the present laws existing to tackle the issues related to Cyber Crimes.