UNIT 3

3.1- MEANING NATURE AND CLASSIFICATION

Cybercrime is an illegal activity committed online against computers and networks like stealing
people information, hacking into systems, spreading malware, and tricking users private data or
money. A computer playing a very crucial role in business, education, and other sector.
Cybercrime poses a serious threat not only to business, entertainment, and government but to
the individual security and safety of a nation economic security as well.

In this article, we are going to cover various types of cybercrimes, analyze examples, and learn
some strategies for countering them.

What is Cyber Crime?

Cybercrime can be defined as illegal activities in which the computer, or the internet is used as
a tool to commit crimes. It could be through various conducts such as identity theft, online
fraud, cyberbullying, and the propagation of malware such as viruses or ransomware. It can
target individuals, organizations, or even government systems, causing much harm. As the
internet has become something essential to use at workplaces, for shopping, or even to
communicate, cybercrime emerged into being a concern.

It’s very important to know and protect ourself against the cyber crime. We can avoid these by
use of secure networks, frequent updating of software, and not to engage in activities that may
appear suspicious online. Cybercrime, especially through the Internet, has grown as the
computer has become central to every field like commerce, entertainment, and government.
Cybercrime may endanger a person or a nation security and financial health.

NATURE

Cybercrime is a complex and growing issue that mirrors real-world crime but in a more elusive
and challenging virtual space. As societies evolve, the nature of crime also changes, with
technology playing a significant role in shaping modern criminal behavior. The rise of the
internet has made global communication easier, but it has also created new problems,
particularly in terms of jurisdiction and legal enforcement, as the virtual world is borderless and
often difficult to regulate.

Despite the advancements in technology, law enforcement agencies struggle to address

cybercrime due to insufficient resources and knowledge. The transnational nature of
cybercrime complicates the ability to apply existing laws, as modern crimes often defy
traditional legal frameworks. The global nature of the internet has made it easier for criminals
to commit crimes with little risk of detection.
Cybercrime, including activities like cyber terrorism, poses significant threats to society, and
combating it requires an international effort. National laws alone are inadequate, and there is a
need for global cooperation to enact new laws, develop preventive measures, and create a
defensive strategy to protect societies from the growing threat of cybercrime.

Classification of Cyber Crimes

Cyber crimes are commonly classified into four main types based on their target and impact:

1. Cyber Crimes Against Individuals

2. Cyber Crimes Against Property

3. Cyber Crimes Against Organisations

4. Cyber Crimes Against Society

These categories of cybercrime encompass a wide range of illegal activities, each with its own
motivations and consequences.

1. Cyber Crimes Against Individuals

Cyber crimes against individuals directly affect personal privacy, finances, or mental well-being.
Below are some notable types under this category:

a) Email Spoofing

Email spoofing is when a cybercriminal forges the sender’s email address to make the message
appear as if it’s from a legitimate source. Spoofed emails are used to deceive individuals, often
leading them to click malicious links or share personal information, resulting in financial loss or
identity theft.

b) Spamming

Spamming involves sending unsolicited emails or messages to a large number of recipients.

While some spam is harmless, other spam emails are used to spread malware, conduct phishing
attacks, or promote scams, creating privacy risks for recipients.

c) Cyber Defamation

Cyber defamation refers to the act of harming a person’s reputation through false statements
made online. This can happen through social media posts, emails, or websites, where
defamatory content is published to damage someone’s reputation, often leading to serious
consequences for the victim.

d) Cyber Stalking

Cyberstalking is the act of harassing or intimidating someone through digital means.

Cyberstalkers may send unwanted messages, track a person’s online activities, or create a
feeling of fear or insecurity in their target.

e) Phishing

Phishing attacks involve deceiving individuals into sharing confidential information, such as
login credentials or financial data, typically via fake emails or websites that appear legitimate.
Phishing remains one of the most common methods used by cybercriminals to steal sensitive
information.

2. Cyber Crimes Against Property

Cyber crimes against property often involve stealing or damaging digital assets. These crimes
target individuals and organisations to compromise valuable data or intellectual property for
financial gain.

a) Credit Card Fraud

Credit card fraud occurs when a cybercriminal gains unauthorised access to someone’s credit
card information, leading to illegal purchases and financial loss. Often, this crime is committed
through phishing, data breaches, or card skimming.

b) Intellectual Property Theft

Intellectual property crimes include the unauthorised use or distribution of copyrighted

material, patents, and trade secrets. Examples include software piracy, copyright infringement,
and trademark violations. Such crimes harm businesses and creators by depriving them of due
revenue or damaging their brand.

c) Internet Time Theft

Internet time theft occurs when someone uses another person’s internet connection without
permission. This crime often affects businesses where an employee may misuse company
resources for personal activities, leading to unnecessary costs for the organisation.

d) Cyber Vandalism
Cyber vandalism is the act of defacing or damaging someone’s online property, such as altering
websites or social media profiles. This can include deleting data, corrupting files, or posting
offensive content, creating inconvenience and reputational harm.

3. Cyber Crimes Against Organisations

Cyber crimes against organisations primarily aim to disrupt operations, steal sensitive
information, or extract financial gain. These attacks can severely impact a business’s financial
stability and reputation.

a) Unauthorised Access and Data Theft

Unauthorised access involves intruding into an organisation’s computer systems without

permission, often with the goal of stealing sensitive data. This can include personal information,
trade secrets, or financial data, with stolen information either sold or used for blackmail.

b) Denial of Service (DoS) Attacks

A DoS attack is an attempt to overload a company’s servers with an excess of fake traffic,
preventing legitimate users from accessing services. DoS attacks disrupt operations, causing
potential revenue loss and reputational damage.

c) Virus and Malware Attacks

Viruses and malware are malicious programs installed on a system to cause damage, steal
information, or disrupt operations. Organisations often fall victim to ransomware attacks,
where cybercriminals encrypt files and demand payment to unlock them, significantly
impacting businesses.

d) Salami Attacks

In salami attacks, small amounts of money are stolen over a prolonged period, often remaining
unnoticed due to the minor impact of each transaction. This type of attack is typically financial,
exploiting vulnerabilities in a company’s accounting systems.

e) Web Jacking

Web jacking is a type of cybercrime where an attacker takes control of an organisation’s

website, often redirecting it to a malicious site. This can lead to data breaches, malware
distribution, or extortion demands. Web jacking in cyber security is especially dangerous, as it
deceives website visitors and can tarnish a company’s reputation.
 4. Cyber Crimes Against Society

Cyber crimes against society are crimes that impact large groups of people, potentially
threatening public safety, social order, and even national security.

a) Forgery

Forgery using computers involves creating fake documents like currency, certificates, or official
forms. With access to high-quality printers and scanners, cyber criminals can produce
counterfeit documents, causing financial and reputational damage on a large scale.

b) Cyber Terrorism

Cyber terrorism uses digital means to intimidate or harm people, organisations, or

governments. Cyber terrorists may hack government databases, spread propaganda, or launch
cyberattacks on critical infrastructure, aiming to instil fear and disrupt societal stability.

c) Web Jacking for Propaganda

In some cases, web jacking is used to control high-traffic websites, redirecting them to spread
misinformation, propaganda, or harmful content. This tactic can influence public opinion,
create panic, or manipulate political views, especially during sensitive events.

3.2- CONVENTINAL CRIME THROUGH COMPUTERS

Conventional Crimes Through Computers as per the Information Technology Act, 2000

The Information Technology Act, 2000 (IT Act, 2000) is India's primary legislation governing
cyberspace and its activities. The Act primarily aims to address issues relating to cybercrimes
and electronic commerce. With the rapid advancement of technology, conventional crimes
have adapted to the digital world. These crimes, like cyber defamation, digital forgery, cyber
pornography, cyber stalking, online gambling, and the sale of illegal articles online, are now
recognized under the IT Act. Below is an explanation of each crime in detail, with relevant
sections and examples.

1. Cyber Defamation

Definition:

Cyber defamation refers to the act of defaming or harming someone's reputation through the
use of electronic means, such as the internet or other digital platforms. The intent behind cyber
defamation is to damage an individual’s or a company's reputation by making false or
misleading statements. This is a serious offense under the IT Act and is akin to traditional
defamation but occurs in the digital space.

Relevant Sections:

Section 66A of the IT Act (before being struck down by the Supreme Court in 2015) criminalized
sending offensive messages, including defamation, through electronic means. Although the
specific provision was quashed, defamation can still be addressed under the Indian Penal Code
(IPC) in conjunction with cyber laws.

Example:

A person may post false and defamatory statements about someone on social media, claiming
that they have committed a crime they did not. This harms the individual's reputation and can
lead to legal repercussions, as the statements were disseminated via the internet.

2. Digital Forgery

Definition:

Digital forgery involves the creation or alteration of digital documents, images, or data with the
intent to deceive or defraud others. This crime includes the use of digital tools or software to
manipulate electronic documents, such as fake invoices, signatures, or contracts, to commit
fraudulent activities.

Relevant Sections:

Section 465 (Punishment for Forgery) of the IPC can be invoked alongside the IT Act to deal with
digital forgery.
Section 66D of the IT Act addresses fraud by using false identification through electronic means.

Example:

A hacker gains access to someone's digital signature and uses it to forge a contract or a bank
transfer, defrauding the original person. This constitutes digital forgery, and the offender could
be penalized under the relevant laws.

3. Cyber Pornography

Definition:

Cyber pornography refers to the creation, distribution, or consumption of pornographic content

through the internet or other digital platforms. This includes obscene or sexually explicit
material shared via websites, social media, or messaging platforms. It can also include the
exploitation of minors for the creation or distribution of such material.

Relevant Sections:

Section 67 of the IT Act criminalizes the publishing or transmission of obscene material in

electronic form.

Section 67B deals specifically with child pornography and the transmission or publication of
material involving children.

Example:

Sharing explicit images or videos without consent, such as "revenge porn," constitutes cyber
pornography. If the material involves minors, it attracts harsher penalties as per the provisions
under Section 67B.

4. Cyber Stalking/Harassment

Definition:

Cyber stalking or harassment is the use of the internet to stalk, harass, or intimidate an
individual. This can include repeated and persistent sending of offensive or threatening
messages, posting harmful content about the person online, or using digital means to monitor
the victim’s activities without consent.

Relevant Sections:

Section 66A of the IT Act (before being struck down) dealt with sending offensive or threatening
messages online. The sections under the IPC related to stalking also apply to cyberstalking.
Section 354D of the IPC deals with stalking, including cyberstalking. The IT Act strengthens
these provisions for digital communication.

Example:

A person repeatedly sends threatening emails or harasses an individual through social media
platforms. If the behavior persists and causes distress, the offender can be charged under the
relevant sections of both the IPC and the IT Act.

5. Online Gambling

Definition:

Online gambling refers to betting or gaming activities conducted via the internet. This includes
activities such as online poker, sports betting, and casino games. While online gambling itself is
not illegal in India, certain forms of online gambling may be prohibited, particularly those that
violate public policy or local regulations.

Relevant Sections:

Section 67 of the IT Act could be invoked in cases where obscene gambling content is
transmitted through electronic media.

The Public Gambling Act, 1867, governs the legality of gambling in India and applies to online
gambling activities if the game involves real money.

Example:

If an individual engages in online betting on sports or casino-style games on websites that

operate illegally within India, they could face penalties under Indian laws. Even if the websites
are hosted abroad, individuals can still be charged for participating in illegal gambling.

6. Online Sale of Illegal Articles

Definition:

The online sale of illegal articles refers to the sale or purchase of goods that are prohibited by
law, using the internet as the medium. These illegal articles can include counterfeit products,
drugs, weapons, or pirated digital content, and the transaction takes place over online
platforms or marketplaces.

Relevant Sections:

Section 66A (before being quashed) could be used against platforms facilitating such sales.
Section 63 of the Copyright Act, 1957, and the Narcotic Drugs and Psychotropic Substances Act,
1985, also apply when drugs or counterfeit goods are sold online.

Example:

An individual may use an e-commerce platform to sell counterfeit luxury goods. The buyer may
not realize that the goods are fake, but the seller could be prosecuted for fraud, under both the
IT Act and the relevant laws governing the sale of counterfeit products.

Conclusion:

The IT Act, 2000, plays a critical role in regulating cybercrimes in India. The aforementioned
offenses highlight how traditional crimes have morphed into digital versions that have serious
implications in the online world. Legal frameworks continue to evolve to address these
challenges effectively. With the increasing reliance on the internet and technology, individuals
must be aware of these digital offenses and the legal consequences associated with them.

3.3 CRIME ON COMPUTER NETWORK

The Information Technology Act, 2000 (IT Act, 2000) is a comprehensive law in India that
addresses cybercrimes and electronic commerce. It was enacted to provide legal recognition to
electronic transactions, promote the use of digital signatures, and address offenses related to
computers, computer systems, and networks. This Act aims to deal with a variety of
cybercrimes, including hacking, data alteration, destruction, denial of service, email spam,
internet fraud, virus attacks, worms, trojans, and logic bombs. Below is a more detailed
explanation of each of these crimes and the corresponding punishments under the IT Act, 2000.

1. Hacking (Section 66)

Definition: Hacking, as defined under Section 66 of the IT Act, involves gaining unauthorized
access to a computer system, network, or database, with the intention of tampering, stealing,
altering, or destroying information. Hacking is one of the most serious cybercrimes, as it can
lead to significant loss of sensitive information, financial data, or intellectual property.

Example: A person may hack into a corporate server and steal confidential information such as
trade secrets, customer details, or financial data. Another example could be a hacker breaking
into a bank’s system and transferring funds without the owner’s consent.

Punishment: According to Section 66, hacking is punishable with imprisonment of up to

3 years and/or a fine of up to ₹5 lakh. The punishment is intended to deter individuals
from engaging in unauthorized access or tampering with computer systems.

2. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks (Section 66F)

Definition: Denial of Service (DoS) attacks aim to make a computer, network, or website
unavailable by overwhelming it with traffic or requests. A Distributed Denial of Service (DDoS)
attack amplifies this effect by using multiple systems to target the victim simultaneously,
thereby preventing legitimate users from accessing the services.

Example: A hacker may orchestrate a DDoS attack on an online e-commerce website during a
major sale event, thereby causing the site to crash and preventing customers from making
purchases. This kind of attack often leads to significant financial losses for businesses.

Punishment: Under Section 66F of the IT Act, cyber terrorism, which includes actions like DoS
and DDoS attacks, is considered a grave offense. The punishment can be severe, including
imprisonment for life and a fine. In case of a DoS attack intended to cause severe disruption,
the penalty can include imprisonment for up to 10 years.
3. E-mail Spam and Cyber Harassment (Section 66A)

Definition: Spam refers to unsolicited and often irrelevant or inappropriate emails sent in bulk,
usually for commercial purposes. Cyber harassment, on the other hand, refers to the act of
sending offensive or threatening emails to an individual, causing them distress. These forms of
cybercrime are aimed at disturbing or manipulating the recipients for personal gain or harm.

Example: An individual may send thousands of unsolicited emails to users, advertising

fraudulent products or services, or sending abusive, offensive, or threatening emails to harass a
particular person or group. This is a common method used in phishing and scam operations.

Punishment: Although Section 66A was struck down by the Supreme Court in 2015, it
previously allowed for imprisonment of up to 3 years and a fine for sending offensive messages
through email, SMS, or other electronic means. In the absence of Section 66A, individuals can
still be prosecuted under various provisions for harassment or defamation via electronic means.

4. Internet Fraud and Financial Crimes (Section 66C, 66D, 66E)

Definition: Internet fraud involves deceptive activities conducted through the internet with the
intent to mislead, defraud, or cheat individuals or organizations. This can include phishing
attacks, fraudulent e-commerce websites, or fake job offers. Financial crimes via the internet
include cyber crimes like online banking fraud, identity theft, and illegal transactions conducted
using digital platforms.

Example: An example of internet fraud would be a cybercriminal creating a fake e-commerce

website that mimics a well-known brand. The criminal collects payments from customers but
never delivers any goods. Another example is identity theft, where a person uses stolen credit
card information to make fraudulent purchases online.

Punishment:

Section 66C: This section covers identity theft, such as impersonating someone online to access
their accounts, and is punishable with imprisonment up to 3 years and a fine of up to ₹1 lakh.

Section 66D: Covers cheating by personation, such as using fake identities to defraud others,
with a punishment of 3 years imprisonment and a fine of ₹1 lakh.

Section 66E: Involves violations of privacy, particularly the unauthorized publication or

transmission of private images, punishable by up to 3 years of imprisonment and a fine of up to
₹2 lakh.
5. Viruses, Worms, Trojan Horses, and Logic Bombs (Section 43, 66)

Definition:

Virus: A malicious software program that attaches itself to a file or program, which can
replicate itself and spread to other files or systems, often resulting in damage or data loss.

Worms: Similar to viruses, but unlike viruses, worms can propagate independently over a
network.

Trojan Horses: These are malicious programs disguised as legitimate software, designed to
grant unauthorized access to a system or steal sensitive data.

Logic Bombs: These are hidden programs triggered by a specific condition (like a date or event)
that causes harm to a system or data.

Example: A virus might infect a computer system and corrupt or delete files. A worm might
spread across a network, clogging up bandwidth and causing system failures. A Trojan could be
hidden in a software update that, once installed, allows a hacker to remotely control the user’s
system. A logic bomb might be set to delete critical data when a specific date is reached, or
when an employee leaves the company.

Punishment: Under Section 43, if an individual introduces a virus or worm, the penalty can be a
fine of up to ₹1 crore. Section 66 provides additional punishment for creating, distributing, or
causing such malicious programs, with imprisonment up to 3 years and fines of up to ₹5 lakh.

6. Cyberstalking and Cyberbullying (Section 66A, 66E)

Definition: Cyberstalking refers to using the internet or other digital means to repeatedly stalk
or harass a person. It involves the use of online communication to monitor, intimidate, or
manipulate someone. Cyberbullying is a similar form of harassment, where individuals use
electronic communication to spread false or damaging information, intimidate, or threaten
others.

Example: An example of cyberstalking might be an individual sending threatening or obsessive

messages through social media or email. Cyberbullying could involve posting humiliating
pictures or messages on a public platform, intending to damage a person's reputation or cause
emotional distress.
Punishment:

Section 66A (before it was struck down) had provisions for punishing cyberstalking with
imprisonment of up to 3 years and a fine.

Section 66E covers privacy violations, including the transmission of obscene or intimate images
without consent, punishable by up to 3 years imprisonment and a fine of ₹2 lakh.

7. Data Alteration, Destruction, and Tampering (Section 43, 66)

Definition: Data alteration or destruction refers to unauthorized modification, deletion, or

corruption of data stored in digital formats. Tampering with data involves unauthorized
changes to data, often leading to its distortion, loss of integrity, or inaccessibility.

Example: A hacker may break into a government database and alter the records, such as
changing the names or financial details of individuals, or a person may delete critical data from
a company’s system, causing operational disruptions.

Punishment:

Section 43 of the IT Act provides for a fine of up to ₹1 crore for causing damage, destruction, or
alteration of data.

Section 66 punishes data tampering or destruction with imprisonment of up to 3 years and a

fine of ₹5 lakh.

Conclusion

The Information Technology Act, 2000 serves as the cornerstone of India's cyber law
framework, defining and punishing cybercrimes such as hacking, data alteration, cyberbullying,
and internet fraud. By recognizing digital transactions and establishing the penalties for
malicious activities, the Act plays a vital role in protecting individuals, organizations, and the
economy from the growing threat of cybercrime. The punishments under this Act range from
fines to imprisonment, depending on the nature and severity of the offense. This
comprehensive legal framework aims to ensure the security of electronic data and foster trust
in the digital ecosystem.