Network Security

Cyber ​​Security and Indian Cyber ​​Laws

Cyber ​​Security and Indian Cyber ​​Laws
Written by ga_dahmani
Cyber ​​Security and Indian Cyber ​​Laws

Cyber ​​security is an abstract concept that encompasses everything from desktops to smartphones, software, web and mobile applications, clouds, servers, and all the infrastructure that supports vital business processes. The increasing interaction between people and technology-based services has led to the evolution of cyberspace where people can store any type of information (in various forms) and interact with technology at their convenience.

This type of interconnection, however, can be as fatal as it is beneficial due to its tendency to be misused by cybercriminals. To maintain the integrity of this relationship between man and technology, certain laws and governance frameworks were created and mandated.

DevOps Connection: DevSecOps @ RSAC 2022

What are Cyber ​​Crimes?

Any crime related to or concerning information systems could be labeled a Cyber ​​Crime. They are defined as illicit acts when:

  1. The crime is committed through the use of the computer as a tool, such as cyber terrorism, violations of intellectual property rights, and credit card or fund transfer fraud.
  2. Your computer can also serve as a target for criminal activities, such as hacking, virus/worm attacks, and DoS attacks.
  3. Or a computer is both the medium and the target of these illegal activities.

A very common example of cybercrime could be the hacking of a social media account, such as Facebook or Instagram. Other cases may include various virus-based attacks, phishing, cyber bullying, pornography, email bombing, and crimes related to finance or intellectual property.

Categorization of Cyber ​​Crimes

Cyber ​​crimes can be classified based on their goals.

  1. crimes against people
  2. Crimes against individual property
  3. crimes against the government
  1. crimes against people

Crimes like these often target people and affect them financially, mentally, or physically.

  • To hack – It involves a complete infiltration of the personal information of the victim in order to harm the individual, whether financially, mentally or physically. An attacker circumvents an IT-enabled technology by gaining unauthorized access to it.
  • Cyber ​​Bullying – Repeated and deliberate bullying of an individual forms the core of cyberbullying. The most common example of this type of bullying may be people leaking private photos or videos to harass their partners, friends, or anyone else. It is more common among adolescents, particularly among schoolchildren.
  • defamation – This crime includes hacking into a person’s or organization’s email or other social media accounts to send obscene content to their connections and defame their credibility.
  • Cyber ​​bullying – In this, the attacker, posing as an anonymous user, harasses a victim using the information media. Cyber ​​bullying is the online equivalent of being followed by a person through emails, instant messages, social networking sites, or interactions on various chat groups or websites.

two. Property Crimes

Through technological advances, property trading is not limited to the same country or region. It has gained international positioning and, to manage this process, electronic management systems have replaced paper-based management. This technological factor adds to the risk of various cyber crimes in this domain.

  • Cybersquatting – It is the process of illegally acquiring someone’s property through unfair means. A common example includes registering a domain similar to famous websites.
  • Cyber ​​Vandalism – Cyber ​​vandalism refers to the act of destroying computer infrastructure or the information stored on it, by extracting login credentials from a system or deleting valuable information from hard drives.
  • Intellectual Property Crimes – This category of cyber crime includes software piracy, infringement of patents, copyrights, trademarks, official blueprints, and many more similar documents.
  • Hacking Systems – In this, cyber criminals attack a computer system for the sole purpose of destroying information in order to damage the credibility of a system or individual.

3. Crimes against the Government

Many cyber attacks target the government of a nation or that of other countries. Some of them are –

  • Cyber ​​terrorism – Activities such as denial-of-service (DoS) attacks and attacks that target sensitive networks to harm critical information infrastructure (CII) are called cyberterrorism. Terrorists who practice this type of criminal activity interact with each other through emails that are encrypted or protected with some kind of secret code.
  • Cyberwar – To collect military data from a different country, the attacker deliberately targets that nation’s information system to gain a military advantage over it. This data is used against that particular nation to disrupt wars.
  • pirated software – Hacking is a constant headache for the protectors of information systems. When used against the government, hacking can be a major problem. Pirated software damages and destroys sensitive government records.
  • Acquisition of unauthorized information – Through their extensive network, attackers can acquire sensitive information about a nation’s politics, economy, religions, social issues, and other important domains that affect that nation’s government, posing a threat to the well-being of that nation. that nation.

CYBER LAWS OF INDIA

After the United Nations General Assembly passed a resolution in January 1997, among other things, recommending that all UN states give favorable consideration to the proposed Model Law, which recognized electronic records and accorded them the same treatment as the communication and paper record, the Indian Cyber ​​Security Act or Information Technology Act was composed.

The Information Technology Act was then passed as a Bill and passed by the Union Cabinet on May 13, 2000. It was then passed by the President of India on June 9, 2000 and titled with the name of “Information Technology Act, 2000”. ‘. The Law entered into force on October 17, 2000 onwards.

The act originally dealt with –

  1. Legal Recognition of Electronic Documents
  2. Legal Recognition of Digital Signatures
  3. Crimes and Contraventions
  4. Justice Dispensing Systems for Cyber ​​Crimes

But since technology is a constantly evolving component, the laws had to be revised. Because of this, the Information Technology Act of 2008 was recognized. It came into force on October 27, 2009.

The Information Technology Act of 2008 was intended to seek technological neutrality, addressing certain shortcomings and insufficiencies of the original Act. It aspired to help accommodate the future development and related security concerns of the IT industry.

The revised Law includes the following provisions on data protection and privacy.

  1. Electronic signature – To make the Law more ‘technologically neutral’, the term ‘Digital Signature’ has been replaced by ‘Electronic Signature’, since the latter represents the protection of various types of digital marketing, while the former only illustrates a specific type of signature. electronics.
  1. Cyber ​​terrorism – The reform subsumed the concept of cyberterrorism and established sanctions for it after the events of 11/26. Cybercrime has broadened its horizon under Section 66 with several crucial cybercrimes along with Section 66A criminalizing the exchange of “offensive messages”. However, Section 66A was later struck down after it was found to violate the fundamental right to freedom of speech and expression.
  1. Child Pornography – A set of sections have been provided under Section 67 to recognize the offense of publishing child pornography as a heinous act. Alongside this, a reduction in the prison sentence was discussed, along with an increase in the fine for publishing obscene material in electronic format.
  1. Internet cafe rules: Internet cafes have always been a major hub for the exchange of obscene email, identity theft, and online banking fraud, but the Act’s exclusion of Internet cafe security has not solved this problem. The IT Act 2008 explicitly includes and defines these issues under ‘intermediaries’.
  1. Government Surveillance – In the original Law, the Telegraph Law restricted the government from monitoring and listening to telephone calls, or reading messages or emails from the public due to the condition of public security and emergency, but the new Law removes such restrictions, extending the government’s authority .

Adhere to cyber laws with Kratikal

Cyber ​​laws are unique to each country and are enforced according to law, and Compliance bring policies to lead the way to comply with these industries, individuals and government legislation.

For organizations to function in the field of cyber security, they must adhere to certain standards. These standards are nothing more than rules and regulations set by the governments of various countries based on their IT rules.

Kratikal is a CERT-In Paneling security solutions company that provides auditing for regulatory and standard compliance such as ISO 27001, a security standard true to the data security requirements imposed by the Act, SOC2, PCI-DSS, HIPAA and many more, along with a full set of VAPT testsboth manual and automated.

Auditing against these standards makes a company more efficient and trustworthy in a field riddled with deception.

Do you think Indian cyber laws tackle cyber crimes effectively? Share your thoughts in the comments below!

The charge Cyber ​​Security and Indian Cyber ​​Laws first appeared in Kratikal blogs.

*** This is a syndicated Security Bloggers Network blog from Kratikal blogs written by Deepti Sachdeva. Read the original post at: https://www.kratikal.com/blog/cybersecurity-and-the-indian-cyber-laws/

About the author

ga_dahmani

Leave a Comment