TYPES OF CYBER CRIME
WHAT IS CYBER CRIME?
Cybercrime is governed under Information Technology Act, 2000. The term cybercrime is not defined in a wider sense. The term cyber relates to things that are associated with computers, internet, information technology, and virtual reality. Cybercrime is criminal activity that is committed via a computer and a network. It involves numerous types of crimes such as hacking, pornography, phishing, fishing, web jacking, etc. It further includes illegal activities such as identity theft, fraud, robbery, defamation, and mischief which are penalized under the Indian Penal Code. These crimes are called computer-oriented crimes. It may be committed against an individual, a group of people, government, and private organizations. With the advancement in technology, the level of risk in cybercrimes is increasing on worldwide range. All these crimes involve unlawful access to computer systems and illegal activities over the internet. However, citizens are getting aware of these illicit crimes over the internet.
TYPES OF CYBER CRIME
Hacking is a crime where a person gains unauthorized access to computer systems. Under hacking, a hacker gains the access of others and uses a variety of software to enter their computer and the person may not be aware that their computer is being accessed from a distant location. The motive behind hacking could be various such as for personal monetary gains, like stealing the credit card information, transferring money from various bank accounts to their account followed by withdrawal of money[i]. Some people do it purely to show off their expertise. Hacking aims to break into a computer system or network where hackers often get accessed to sensitive and personal information of the users. Through this they manage to have access to every online activity of a person like banking credentials being added, banking transactions made, etc. Hacking is further classified into various types such as website hacking, network hacking, ethical hacking, email hacking, password hacking, online banking hacking, and computer hacking. Moreover, there are 3 types of hackers such as black hat hacker, white hat hacker, and grey hat hacker.
BLACK HAT HACKER:
These hackers are also known as a cracker. Here they have malafide intention to gain unauthorized access to computer systems and websites. The motive behind this is for personal gain.
WHITE HAT HACKER:
These hackers are known as ethical hackers. These are officially recognized hackers who gained access to systems intending to fix the identified weaknesses. An often company hire these computer enthusiasts to find flaws in their security systems and helps to fix them.
GREY HAT HACKER:
These hackers lie between black hat hackers and ethical hackers. Here they break into computer systems without authority to identify weaknesses and reveal them to the system owner. There does not lay any fraudulent intention.
In the case of Abhinav Kumar vs State Of Haryana And Or[ii]s: this case is one of the cases of hacking under which an employee hacked into the systems of one of the past employers and stole sensitive and confidential information and copyrighted drawings and disclosed them to the competitor company. He filed a petition for anticipatory bail which was rejected by the court. Held the court said that such an act amounts to hacking under section 66 of the IT Act.
DENIAL OF SERVICE ATTACK:
Denial-of-Service (DOS) attacks also known as email bombing or spamming. It is an explicit crime where attackers attempt to deny service to intended users of that service. In simple terms, we can say that these types of attacks flood systems with so much information that it can crash the servers that cyber businesses depend on. The aim behind these attacks is to close down the networks or services and made them beyond the reach of the intended users. This results in causing the resource (e.g. a web server) to crash or slow down significantly so that it won’t be accessed by anyone. Through these practices a site may get temporarily malfunction or crash completely, resulting in the incapacity of the system to communicate appropriately.
Furthermore, another variant to a denial-of-service attack is known as a “Distributed Denial of Service” (DDoS) attack wherein several perpetrators through geographically widespread flooded the network traffic.
It is malicious software that disrupts the computer operation and affects the data stored – either by modifying it or by deleting it altogether. It is a process that attaches to other software and destroys the victim’s system. In layman terms, viruses are the program that connects themselves through a computer or a file and then spreads themselves to other files and other computers on a network. On the other hand, unlike viruses, worms are malware that does not require the need of host to attach themselves to. They only make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer’s memory. Trojan horses are one of the forms of such viruses. A Trojan horse can cause damage similar to other viruses, such as stealing information or hamper/disrupt the functioning of computer systems.
One of the famous examples of malware attacks is the WannaCry ransomware attack that was committed globally in May 2017. Through this attack, more than 150 countries were affected. One of the instances in other cases, a website contained links that are infected and upon clicking on them it downloaded viruses or worms.
In the case of LockerGoga, ransomware, 2019: it is considered one of the dangerous threats which hit the news in 2019. It involves phishing scams, malicious emails, and credentials theft. This ransomware completely blocked the access of victims to the system. It’s estimated that it caused millions of dollars in damage in advanced and targeted attacks infecting large corporations in the world, such as Altran Technologies and Hydro.
Software piracy is an illicit approach to copying, distributing, modifying, selling, or using software which is legally protected. So in a simple term, we can say Software piracy is an illegal activity of stealing legal software illegally. So we can say that software piracy is the unauthorized use, duplication, and distribution of legal software. It is further classified into different types such as soft lifting, unauthorized renting, online piracy, OEM unbundling, hard-disk loading, and counterfeiting. In today’s world, the majority of software is purchased as a single-user license which means that only one computer has accessed software at a time. Copying that software to multiple computers or sharing and passing it on with your friends without multiple licenses or without buying a site license is considered illegal software piracy. This is called theft of software or using someone else’s intellectual property through the illegal and illicit means of genuine programs.
In the case of Microsoft Corporation vs. Electrowide Ltd. and Anr.[iii]: under this case, it was held that it constitutes a general threat to infringe the Copyright in the class of software.
The term pornography is derived from two Greek words i.e. “Porne and Graphos”. ‘Porne’ means prostitute and ‘Graphos’ means writing about and description off. In legal terms the word pornography means obscenity and it is often called porn.[iv] Pornography has been defined as an act that depicts sexual explicit of persons, that can be in words or images, that can be created with the proximate aim, primary and reasonable hope, of eliciting significant sexual arousal on the part of the consumer of such material. It includes a variety of media such as any video, pictures or movies, magazines, animation, writing, film, video games that renders sexually explicit acts that are considered indecent by the public. The word pornography does not include live exhibitions like sex shows and striptease instead it is the depiction of the act rather than the act itself. Present-day the primary content of pornographic depictions are pornographic actors who engage in filmed sex acts, and pornographic models, who pose for still photographs, and these are sell on the internet by pornographers to sex addicts and interested parties.
In the case of State of Tamil Nadu v. Dr. L. Parekh[v]: this case is of online obscenity. Herein under this case, a reputed medical practitioner was arrested on the grounds of online obscenity and was sentenced to life imprisonment. Here accused filed a writ petition in “special class prisoner” to provide with such facilities. Hence the apex court dismissed the petition and denied any special treatment.
Child pornography is one of the most heinous crimes and it has led to other various crimes such as sex tourism, sexual abuse of the child, etc. With the rise in the internet child pornography has become particularly problematic and its ability to both transmit data far and wide and provide a level of anonymity to its users and the victims depicted in images of child pornography[vi]
In the case of Bachpan Bachao Andolan v. Union of India:[vii] in this case, petitioners under the Indian Penal Code wanted intra-State trafficking of young children, their bondage and forcible confinements, regular sexual harassment, and abuses to be made cognizable. The referral was made to the Law Commission of India on matters of child sexual abuse by the Supreme Court of India. However, the Law Commission of India did not suggest any changes to the Act.
With the advancement in technology, Cyber Pornography has become a global problem. Cyber Pornography can be described as the publishing, distributing, or designing of pornography by using cyberspace. In simple terms, we can say it is the act of using cyberspace to create, display, distribute, import, or publish pornography or obscene materials. With the easy availability of the Internet, Cyber pornography has largely accessible in online/digital pornographic content through that thousands of people can now easily access porn on their mobile or laptops; they even have access to upload pornographic content online. Cyber pornography is banned in many countries and legalized in some. In India, under the Information Technology Act, 2000, this is a grey area of the law, where it is not prohibited but not legalized either. However, our government has decided to ban websites that contain pornographic content[viii]. Yet, youngsters, among all people are so addicted to cyberporn that they try to have access to different means such as VPN, DNS Server Change, or downloading Opera Mini that has inbuilt VPN activation, to view cyberporn.
In the case of Avinash Bajaj v. State (N.C.T.) of Delhi[ix]: under this case, an obscene material was uploaded on the website named bazee.com by a student of IIT. With that video or MMS sale was made to several people residing in different parts of the country within a short time. Hence, the court held website liable under section 67 of the IT Act.
Phishing is a fraudulent method or we can say it is a type of social engineering attack of extracting sensitive information or data such as passwords, usernames, credit card information, network credentials, and many more. It is done via e-mail, instant message, or text message luring individuals by portraying themselves as legitimate websites or emails and institutions to gain confidential information. In simple terms we can say it is a malicious act where scammers out of the blue will contact you through email, text message, phone call or it can even contact you through social media, pertaining themselves to hold legitimate business such as your bank, telephone company or even internet provider and tries to gain sensitive information from innocent users. ‘Cyber attackers’ attempts to manipulate victims through social engineering that leads them perform specific actions or tricks into clicking a malicious link, which can lead to the installation of malware, disclosing the confidential information of an individual. There are different types of phishing such as spear phishing, clone phishing, whaling, vishing, malware phishing, and more.
In the case of Nasscom vs. Ajay Sood & Others[x]: this case was one of the leading cases of phishing. Herein an agency head-hunting and recruitment were operated by the defendants. Defendants in NASSCOM’S name sent an email to third party to obtain personal data for headhunting. Held damages of Rs.16 lakhs were made.
Cyber defamation involves any type of fraudulent statement, publishing defamatory content against any person or individual which tends to harm the reputation of a particular person or individual with the use of computer and internet over an electronic platform. The Electronic platform includes social media platform, emails, and videos. Cyber defamation has been penalized under civil as well as criminal law in the Indian judiciary system [xi]where the victim could seek remedies.
In the case of Shreya Singhal v. Union of India[xii]: under this case, it was held by the apex court, that due to the vagueness in the definition in section 66A it was repealed. It was misused by the Government in curtailing and suppressing people’s freedom of speech and expression. There must be an injury to a reputation for something to be defamatory.
With the advancement in technology, cybercrime is now becoming a serious threat globally. Cybercrime is governed under IT Act, 2000 and the (IT) Amendment Act 2008 to deal with cybercrimes in India. Protection against cybercrime has become a vital part of a country. However, there is still a need for proper laws related to cybercrime in India.
[i] Sunita Yadav, Cybercrimes and Laws, http://dcac.du.ac.in/
[ii] (2004) 136 PLR 196
[iii] (1997) FSR 580
[iv] Subodh Asthana, cyber pornography, ipleaders.
[v] Writ Petition No. 7313 of 2002 and W.P.M.P.No. 10120 of 2002
[vi] Mayank Shankar, Child Pornography – A Menace, legalbites.
[vii] (2011) 5 SCC 1
[viii] Advocate Puneet Bhasin, Cyber Pornography Law in India- The Grey law decoded, ipleaders.
[ix] 2005 (79) DRJ 576
[x] 119 (2005) DLT 596, 2005 (30) PTC 437 Del
[xi] by Anshika Gubrele, Defamation in the Internet Age: Laws and Issues in India, ipleaders.
[xii] AIR 2015 SC 1523.
Author: Sushmita Anand,
I am a student from G.G.S.I.P.U, Ideal Institute of Management and Technology and School of Law, Delhi currently enrolled as a Bachelor’s in Law (BA LLB). I am in my Fourth year of five years integrated course.