Cyber Crime – An Indian Scenario

As India is marching towards its development, many new technologies have

entered into the nook and corner of the country. Of these, Information Technology with
computers has paved a way to Internet, e-Banking, e-Commerce and other types of
communication systems. This has reduced the cost, increased the sophistication, more
speed, efficient and reduced the manpower. These technologies has emerged as a blessing
for the present pace of life but at the same time also resulted in various threats to the
consumers and other institutions for which it proved to be most beneficial. It even did not
spare the security of the country when this crime reached its pinnacle.

In a Cyber Crime the criminals use computes as a tool, target or both for their
unlawful act either to gain information which result in heavy loss or damage to the owner
of that intangible sensitive information. They can launch an attack from any corner of the
world without any fear of being traced or prosecuted. This is an international problem
with no national boundaries.

Though the pattern of cyber crime is similar through out the world there are some
difference in few countries according to the technology, culture and economy of that
country. The scenario in India is also different from the rest of the world. Here very high
technology cyber crimes like Hacking, virus attack etc., are in the budding stage where as
pornography, forgery, fraud etc., are spreading like a wild fire.

Legal framework on Cyber Crime

The information Technology (IT) Act, 2000, specifies the acts which are
punishable. Since the primary objective of this Act is to create an enabling environment
for commercial use of I.T., certain omissions and commissions of criminals while using
computers have not been included. Several offence have bearing on cyber-arena are also
registered under the appropriate sections of the IPC with the legal recognition of
Electronic Records and the amendments made in several sections of the IPC vide the IT
Act, 2000.
Cyber Pornography

Cyber Pornography is believed to be one of the largest businesses on the Internet

today. The hundreds of pornographic websites with Indian contents have flourish on the
Internet are testimony to this. They operate from across the nation and there agents will
upload the pornography contents from India. While pornography per se is not illegal in
many countries, child pornography is strictly illegal in most nations today.

They accept online payments and allows paying customers to view or download
pornographic pictures, videos etc., from that website. There were also some website
which offers pornographic pictures and videos free of cost. They are mainly responsible
for the spread of pornography through out the country. The major victims for this type of
crime are children and youth especially teen ages. It is very easy to keep these contents in
one’s cell phone and pass on to others.

According to the Crime in Indian 2007 report 45.6% (99 cases) of the total 217
cases registered under IT Act 2000 were related to Obscene Publication or Transmission
in electronic form, normally known as cyber pornography. 86 persons were arrested for
committing such offence during 2007. 55.8% (86 out of 154) of the offenders arrested
under ‘Obscene Publication or Transmission in electronic form’ of which 70.9% (61 out
of 86) were in the age-group 18-30 years. Table - 1 show that there is a steady increase in
this crime when compare with the previous years.

Table - 1
Cyber Crimes/Cases Registered and Persons Arrested under IT Act during
2004 - 2007
Cases Registered % Persons Arrested %
Variation Variation
Crime Heads 2 2 2 2 2 2
2004 2007 in 2007 in 2007
005 006 004 005 006 007
over 2006 over 2006
Obscene
publication/transmission in 34 88 69 99 43.5 21 125 81 86 6.2
electronic form

Source: Crime in India 2007

2
Hacking with Computer System

Computer Hacking

Hacker is a computer expert who uses his knowledge to gain unauthorized access
to the computer network. He is not any person who intends to break through the system
but also includes one who has no intent to damage the system but intends to learn more
by using one’s computer. IT Act 2000 doesn’t make hacking per se an offence but looks
into factor of mens rea. Crackers on the other hand use the information cause disruption
to the network for personal or political motives. Hacking by an insider or an employee is
quite prominent in present days.

Most business organization stores their sensitive information in computer

systems. This information is targeted by rivals, criminals and sometimes disgruntled
employees. The skilled hackers were employed to obtain the vital information from the
rival company. In one case a very good looking woman was sent to meet the system
administrator of a large company, she interviewed the administrator for a “Magazine
Article”. During the interview she flirted a lot with the administrator and while leaving
she left her pen drive at the system administrator’s room. The system administrator
accessed the pen drive and saw that it contained many photographs of the lady. He did
not realize that the photographs were Trojanized. Once the Trojan was in place, a lot of
sensitive information was stolen very easily.

There were 76 cases of Hacking with Computer System during the year wherein
48 persons were arrested. Out of the total (76) Hacking cases, the cases relating to Loss
or damage of computer resource or utility under section 66(1) of the IT Act 2000 were
39.5% (30 cases) whereas the cases related to Hacking under section 66(2) of IT Act were
60.5% (46 cases). Table – 2 shows the increase in the percentage of hacking over the
previous years.

3
 Table - 2
Cyber Crimes/Cases Registered and Persons Arrested under IT Act during
2004 – 2007

Cases Registered % Persons Arrested %

Variation Variation
Crime Heads
2004 2005 2006 2007 in 2007 2004 2005 2006 2007 in 2007
over 2006 over 2006
Hacking with Computer System
i) Loss/damage to computer
14 33 25 30 20.0 31 27 34 25 26.5
resource/utility
ii) Hacking 12 41 34 46 35.3 1 14 29 23 -20.7

Source: Crime in India 2007

Email Hacking

Email Hacking is the new trend of crime that is emerging all over India now.
Emails are increasingly being used for social interaction, business communication and
online transactions etc. Most email account holders do not take basic precautions to
protect their email account passwords. Cases of theft of emails passwords and subsequent
misuse of email accounts are becoming very common.

In one case the victim’s email account password is stolen and the account is then
misused for sending out malicious code (virus, worm, Trojan etc.) to people in the
victim’s address book. The recipients of these viruses believe that the email is coming
from a known person and run the attachments. This in turn infects their computer with the
malicious code. In another incident the victim’s email account password is stolen and
obscene emails are sent to the people in the victim’s address book or request for money is
made to from the victim’s friends who are in the address book.

Fake Profile in Social Networking Website

Yahoo messenger, MSN messenger and Orkut are some of the famous social
networking websites. Of these Orkut is a very popular online community website. This
website is very familiar to school and college students as they can search for and interact
with people who share the same hobbies and interests. They can create and join a wide
variety of online community. Profile of a person can be created using any email account.
These profiles of the members are publicly viewable.

4
 A fake profile of a women can be created by create a free email account where
there is no need to give correct name or address. Then the profile displays her correct
name and contact information (such as address, residential phone number, cell phone
number etc.). Sometimes it can even have her obscene photograph. In some cases the
profile describes her as a prostitute or a woman of “loose character” who wants to have
sexual relations with anyone. Other members see this profile and start calling her at all
hours of the day asking for sexual favours. This leads to a lot of harassment for the victim
and also defames her in society.

Using this fake email account an online hate community can be created. This
community displays objectionable information against a particular country, religious or
ethnic group or even against national leaders and historical figures. In some cases the
victim will not come forward to report the case as it may aggravate the problem faced by
them. Most of the offenders in this type of crime are from school going children. Still
some of the crimes could not be traced as there is no proof of address of the offenders.

Cyber Frauds and Forgeries

Credit Card Fraud

Credit cards are commonly being used for online booking of airline and railway
tickets and for others e-commerce transactions. Although most of the e-commerce
website have implemented strong security measure (such as SSl, secure web servers etc.),
instance of credit card frauds are increasing. The offender would install key loggers in
public computers (such as cyber cafes, airport lounges etc.) or the computers of the
victim. Unsuspecting victims would use these infected computers and the card
information of the victim would be emailed to the offender.

Offenders also use the Social Engineering methods to collect the important
information about the card, CVV or CVC number, PIN number etc. Innocent women and
people with no knowledge on these types of offence become an easy target to this crime.
There is an urgent need to create a awareness among the people about the protection of
the passwords and other secret numbers.

5
 Online share trading fraud

With the advent of dematerialization of shares in India, it has become mandatory

for investors to have demat accounts. In most cases an online banking account is linked
with the share trading account. This has led to a high number of online share trading
frauds. This is done by using the victim’s stolen account passwords and misusing his
accounts for making fraudulent bank transfers or doing unauthorized transactions that
result in the victim making losses.

Tax Evasion and Money laundering Fraud

Many unscrupulous businessmen and money launders are using virtual as well as
physical storage media for hiding information and records of their illicit business. They
use both physical and or virtual storage media for hiding the information, ex. USB dirves,
mobile phone memory cards, iPods, email accounts, online briefcases, FTP sites etc.

Fraud Digital Signature Certificate

Digital Signature Certificates are used to confirm the receipt of the information
and for the secure transfer of the data from one computer to another computer. One has to
pay fees and proper residential proof in order to obtain a Digital Signature Certificate
from the Registering Authority. This Digital Certificate is must for all kinds of
e-Commerce so, the offenders try to get it by giving false information. According to
Crime in India 2007 there is a 300 % increase in this type of crime.

Table - 3
Cyber Crimes/Cases Registered and Persons Arrested under IT Act during
2004 – 2007

Cases Registered % Persons Arrested %

Variation Variation
Crime Heads 2 2 2 2 2 2
2004 2007 in 2007 in 2007
005 006 004 005 006 007
over 2006 over 2006
Fraud Digital Signature Certificate 0 1 1 3 200.0 0 3 0 3 -

Source: Crime in India 2007

6
 Forgery and Criminal Breach of Trust

Using a computer and the advanced software one can create any kind of duplicate
document or stamp paper or counterfeit currency. Indians are were very much talented in
art and artistic work, so with the help of computers he can create all kinds of ID’s and
Certificates. This can fetch more money if it feels in the hands of criminal minded person.
As per Crime in India 2007 record Majority of the crimes out of total 339 cases registered
under IPC falls under 2 categories viz. Forgery (217) and Criminal Breach of Trust or
Fraud (73).

Although such offences fall under the traditional IPC crimes, these cases had the
cyber overtones wherein computer, Internet or its enabled services were present in the
crime and hence they were categorized as Cyber Crimes under IPC. The Cyber Forgery
(217 cases) accounted for 0.33% out of 65,326 cases reported under cheating. The Cyber
Fraud (73) accounted for 0.47% of the total Criminal Breach of Trust cases (15,531)

A total of 429 persons were arrested in the country for Cyber Crimes under IPC
during 2007. 61.5% offenders (264) of these were taken into custody for offences under
“Cyber Forgery”, 19.8% (85) for “Criminal Breach of Trust or Fraud” and 11.4% (49) for
“Counterfeiting Currency or Stamps”. The offenders arrested under Cyber Crime (IPC)
for the year 2007 revealed that offenders involved in Forgery cases were more in the age-
group of 30 – 45 (54.9%) (145 out of 264). 57.6% of the persons arrested under Criminal
Breach of Trust or Cyber Fraud offence were in the age group of 30 – 45 years (49 out of
85).

Table - 4
Cyber Crimes/Cases Registered and Persons Arrested under IPC during
2004 – 2007
Cases Registered % Variation Persons Arrested % Variation
Crime Heads in 2007 in 2007 over
2004 2005 2006 2007 2004 2005 2006 2007
over 2006 2006
Forgery 77 48 160 217 35.6 81 71 194 264 36.1

Criminal Breach of Trust/Fraud 173 186 90 73 - 18.9 181 215 121 85 -29.8

Property / Mark 12 0 13 8 -38.5 8 0 7 23 228.6

Currency / Stamps 10 59 48 36 -25.0 43 82 89 49 -44.9

Source: Crime in India 2007

7
Source Code Theft

Computer source code is the most important asset of software companies. Simply
put, source code is the programming instructions that are compiled into the executable
files that are sold by software development companies. As is expected, most source code
thefts take place in software companies. Some cases are also reported in banks,
manufacturing companies and other organizations that get original software developed
for their use. This is being done by copying the code in virtual or small physical storage
devices.

Piracy

Software Piracy

Many people do not consider software piracy to be theft. They would never steal a
rupee from someone but would not think twice before using pirated software. There is a
common perception amongst normal computer users not to consider software as
“Property”. This has led to software piracy becoming a flourishing business. The most
common type of piracy is creating duplicate CDs by using high speed CD duplication
equipment. This pirated software is sold through a network of computer hardware and
software vendors.

In other method the offender registers a domain name using a fictitious name and
then hosts his website using a service provider that is based in a country that does not
have cyber laws. Anybody can download the required software by paying either by credit
Card or through Pay Pal. Such service providers do not divulge client information to law
enforcement officials of other countries

Audio and Video Piracy

There are so many music and movie lovers in our country. Each and Every day
there may be new relies of music and movie in some part of the country. It will give a
huge profit if it is sold in the market without purchasing the right to copy and sale. Due to
Piracy many entertainment companies are suffering huge loss. Though there were many

8
law enforcing agencies like Anti pirate CD cell the pirated CDs still reaches the end user
without any difficulty. The offenders sell this or circulate this through websites, bulletin
boards, newsgroups, spam emails etc.

Email Scams

Criminals are using emails extensively for their illicit activities. Most of the
offenders operate from abroad and all the victims are educated people who fell in the
offenders trap. The offender convinces the victim that the victim is going to get a lot of
many. They offer this by way of a lottery or from a corrupt African bureaucrat who wants
to transfer his ill gotten gains out of his home country. In order to convince the victim,
the suspect sends emails that contain official looking documents as attachment which are
forged using software.

Once the victim believes this story, the suspect asks for a small fee to cover the
legal expenses or courier charges. If the victim pays up the money the suspect stops all
contact or ask to arrange some credit card details from which they swindle all the money
from the victim’s card.

Phishing

With the tremendous country wide increase in the use of online banking, online
share trading and e-Commerce and there has been a corresponding growth in the
incidents of phishing being used to carry out financial frauds. It involves fraudulently
acquiring sensitive information (e.g. passwords, credit card details etc) by masquerading
as a trusted entity.

The victim receives an email that appears to have been sent from his bank. The
email urges the victim to click on the link in the email. When the victim does so, he is
taken to “an anther page of the bank’s website”. The victim believes the web page to be
authentic and he enters his username, password and other information. In reality, the
website is a fake and the victim’s information is stolen and misused.

9
 The offender registers a domain name using fictitious details. The domain name is
usually such that it can be misused for spoofing eg. Noodle Bank has its website at
www.noodle.org. The offender then sends spoofed emails to the victims e.g. the emails
may appear to come from genuine website but it may be from different domine name like
info@noodle.com. The fake website is designed to look exactly like the original website.

Online Sale of Illegal Articles

It is becoming increasingly common to find cases where sale of narcotics drugs,

weapons, wildlife etc. is being facilitated by the Internet. Information about the
availability of the products for sales is being posted on auction websites, bulletin boards
etc. which has a server in some other country where there is no proper law for cyber
crime. If the buyer and seller trust each other after their email and or telephonic
conversation, the actual transaction can be concluded. In March 2007, the Pune rural
police cracked down on an illegal rave party and arrested hundreds of illegal drug users.

Virus Attacks

Computer Viruses are malicious programs that destroy electronic information. As

the world is increasingly becoming networked, the threat and damage caused by viruses
is growing by leaps and bounds. A highly skilled programmer creates a new type of strain
of virus and releases it on the Internet so that it can spread all over the world. Anti virus
companies are usually able to find a solution after 8 to 48 hours. In India though there is
no record of such a high skilled virus programmer some young computer engineers create
such small programs for fun and it gets detected by anti virus program very soon. So they
did not get caught to law enforcing agents.

Indian computer are the victims to the virus attacks that were programmed from
abroad. There some illegal website which installs some Ad-ware and compels the victim
to purchase the product to remove the particular virus.

10
Web Defacement

Web defacement is usually the substitution of the original home page of a website
with another page usually pornographic or defamatory in nature by a hacker. Religious
and government sites are regularly targeted by hackers in order to display political or
religious beliefs. Disturbing images and offensive phrases might be displayed in the
process as well as a signature of sorts, to show who was responsible for the defacement.
Even they insert some links to pornographic website which could not be found to normal
view.

Use of Internet and Computers by Terrorists

Many terrorists are using virtual as well as physical storage media for hiding
information and records of their illicit business. They also use emails and chat rooms to
communicate with their counterparts around the globe. One terrorist composes an email
and saves it in the draft folder. Another terrorist logs into the same account from another
city or country and reads the saved draft mail. He then composes his reply and saves it in
that draft folder. The emails are not actually sent. This makes email tracking and tracing
almost impossible.

The also use the encryption and other ways of secrete communication methods
like Steganography and decoders. It has been found in the parliament attack case that
they use steganography to send secrete message which were embedded in images. They
also use GPS and Internet phones to execute the plane as the terrorist did in the Mumbai
attack. The devices seized from the terrorist helped the investigator to trace the origin of
these attackers and the method of their operation.

A futuristic approach to control this Cyber Crime

Though there are many techniques evolved to curb the criminal activities by
Cyber Criminals but still the problem persists in legal structure and has failed to produce
a deterring effect on the criminals. Crucial aspect of problem faced in combating crime is
that, most of the countries especially India lack enforcement agencies to combat crime
relating to Internet and bring some level of confidence in users.

11
 Present law lacks teeth to deter the criminal group for committing cyber crimes.
Law has to be created or amended keeping mind the growing trend of cyber crime in
India. In order to control external cyber attacks there is an urgent need to make
Extradition Treaties with all the countries of the globe and instruct the global emailing
service providers to follow the rule otherwise they may be subjected to be blocked on the
Indian cyber space.

The Crime in India 2007 report clearly shows that the younger generation is very
much prone to the Cyber Crime. They need proper guidance and awareness through
education system on this issue. So, a subject has to be introduced on Cyber Crime and IT
Security in their school curriculum.

References

National Crime Records Bureau, ‘Crime in India 2007’

Asian School of Cyber Law, ‘Real World Cyber Crime Cases’
Akanksha Malhotra & Aksha kumar, ‘Cyber Crime And Law – Indian Perspective’
Sankar Sen, ‘Human Rights & Law Enforcement’, 1st ed., 2002, Concept Publishing Co.,
New Delhi.
Dr. Subhash Chandra Gupta, ‘Information technology Act, 2000 and its Drawbacks’,
National Conference on Cyber Laws & Legal Education, Dec. 22-24th 2001, NALSAR,
University of Law, Print House, Hyderabad.
Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi.
1992 U.S. App. LEXIS 9562 (4th May 4, 1992)
Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi.
R V. Sean Cropp, Snearesbrook Crown Court, 4th July 1991. (303)
B.R Suri & T.N Chhabra, ‘Cyber Crime’, 1st ed., 2002, Pentagon Press, Delhi.
Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi.
Rupam Banerjee, ‘The Dark world of Cyber Crime’, July 7, 2006 can be viewed at
http://articles.sakshay.in/index.php?article=15257
Prof. Unni, ‘Legal Regulations on Internet Banking’, 2007, NALSAR University of Law,

12