Bytes are replacing bullets in the crime world
Abstract- Cybercrimes are at the height of the 21st century as mass information via network tool is readily available and easily accessible. Emerging social media and communication technologies has led to the rise of organized cybercrimes such as phishing, banking frauds, identity thefts, spamming, cyber pornography, etcetera for which cyber forensics expertise are needed.
Cyber forensics plays a crucial role in the modern day criminal activities where digital footprint leads to arresting criminal activities apriority or annexing cybercriminals. Role of cyber forensic experts entails evidence gathering from computer systems and presents them in the Court of Law. This paper discusses the role of cyber forensic experts before or after the execution of the crime. In particular, the study stresses cybercrime and related activities in the context of the Indian and international judiciary system and its enacted laws enforcing strict violation penalties.
More specifically, case studies will be presented how cyber forensic expertise and Indian law has fought cybercrimes in the past. The study addresses the regional divide among the cybercrimes conducted in different part of India i.e. north, south, east, and west zone. As final remarks, cat and mouse relationship between cyber security and cyber forensic is discussed. Preventive measures to curtail or avoid being a victim of cybercrimes are addressed.
INTRODUCTION:
Internet goes in the right hands does wonders, but when goes in the wrong hands do blunders. Use of the internet world is a click away. The internet is playing a crucial role in connecting the world. Despite that, with the emergence of the internet and computers, the number of cybercrimes has simultaneously increased. This crime could be committed sitting miles away from the victim. Spending excess time on computer systems has created frightful problems for the users.
Criminal activities related to computers and network fall under the category of cyber-crimes. They are broadly classified into Hacking, Identity Theft, Cyber Stalking, Cyber Pornography, and Cyber Terrorism.
However, government agencies and law enforcing bodies are struggling to secure the users from being the victims of cybercrimes. The optimum ways to prevent oneself from cybercrimes and to protect the personal data is by making the best use of the dense wall of security that has a unified system of software and hardware which authenticates every detail or information which is being accessed or scrolled over the World Wide Web.
CLASSIFICATION OF CYBER CRIMES:
1. Hacking: Most well-known and frequently committed crime in which the personal information or computer system of an individual or group of an individual could be easily hacked by an intruder sitting several miles away. It is defined under Section 66 in Information Technology Act, 2000. There are several types of hacking such as-
I. Phishing – It is sending emails to the user in the name of well-established organizations and firms in order to acquire user’s personal information like Personal details, Bank details, and etc. According to the study conducted by the Anti-Phishing Working Group (APWG) in 2014 remarks that 54% of the phishing, emails targeted major brands including Apple, PayPal and Chinese marketplace Taobao, indicating that phishers update their approaches looking out new victims in the industry of cybercrime. Millions of URLs were reported in 2014 of which there were 123, 972 unique phishing attacks across the globe in 2014[1].
II. Denial of Service– It is an attack when severs, systems or networks are flooded with traffic and the authorized users are unable to access the service.
2. Identity Theft: Identity Theft is faced by people using internet banking for transactions and other banking services. Attacker peeps into sensitive information like bank account details, credit or debit card number, and social site account details. He could very easily use the above information for illegal activities which eventually results in a heavy financial loss. Banking frauds are also a part of identity theft.
3. Cyber Stalking: Cyber Stalking is targeting and threatening victims using social media or electronic communication. The intruder invades the privacy of the victims causing anxiety and terror. The intruder in most cases is in victim’s confidante friend circle.
4. Cyber Pornography: Cyber pornography is using the internet for creating, distributing and publishing of obscene material. Children are the major victim of cyber pornography[2]. They are forcefully engaged in sexual activities with adults.
5. Cyber Terrorism: Cyber Terrorism is defined as Internet Terrorism. With the emergence of internet, groups of individuals or political parties misuse the internet for spreading anti-social messages in the community spreading hatred and chaos.
CYBER CRIME IN MODERN SOCIETY:
Cybercrime today is not practiced due to ego or expertise since everyone has basic knowledge about system and network. Instead, cybercriminals want to gain more profit in a very short interval of time.
Cybercrimes are a big threat to the human society around the world. They are different from the conventional old crimes such as robbery, murder, kidnapping, etc. as the criminal single-handedly can commit the crime and does not require any physical appearance on the crime spot. Cybercrime is trapping globe like a web circuit and is not in the ambit of any strong law as there are many advancements of technologies which are being used in day to day basis.
CYBER FORENSICS:
Cyber Forensic is a branch of forensics. Cyber refers to computer and forensic refers to scientific techniques used by experts during an investigation. Therefore, Cyber Forensic is defined as using the scientific procedure of identification, collection, preservation and retrieving of digital evidence and presenting it before the Court of Law. Cyber Forensic is divided into several category such as disk forensic, wireless forensics, mobile forensic, e-mail forensic, malware forensics.
HISTORICAL NOTE ON CYBER FORENSICS:
Before 1980s cybercrimes were dealt with the laws prevailing at that time. For the first time in 1978, the first cybercrime was dealt with the Florida computers crimes act, which also included the legislation against the unauthorized deletion or modification of the computer data on computer system[3]. Thereafter laws were passed with the increase in the or cybercrimes such as child pornography, harassment, etc
NEED OF CYBER FORENSICS:
The utility of cyber forensics is becoming more and more in the present scenario in both private investigations as well as criminal laws. In the court of law, evidence collected using the cyber forensics examinations can either be in the support or oppose the hypothesis. Cyber forensics is the wider form of the investigation process and can occur in several disciplines.
In the era of 1980s the attacks were done using the telephonic lines but today the cybercrime is committed through the means of internet[4]. The objective of cyber forensic examination is the recovery of the desired evidence of the act done by the criminal (actus reus).
The recovery of different computer data present in a digital device could help various areas of the investigation.
ROLE OF CYBER FORENSIC EXPERTS:
No specific college degree is needed to become a cyber-forensic expert. Training and experience are the skills which make a successful cyber-forensic expert. Cyber Forensic Experts start their investigation by checking computer system documentation. Their main aim to gather evidence from computer’s hardware and software which involves cracking the password, tracing the IP address, observing the computer and, preserving the digital evidence.
The first step after the after victimizing is to report to the Cybercrime branch or any police station of your state. The police officer not below the rank of Deputy Superintendent of Police can start registration. The police officer will register First Information Report (F.I.R) under Section 154 Criminal Procedure Code. The provision of the Criminal Procedure Code shall apply in investigation of the offense done under Information Technology Act[5]. Issues of cybercrimes are investigated by the Law Enforcement Agency (LEA) on registration of F.I.R. The LEA contacts the Computer Emergency Response Team of India also known as CERT-In. CERT-In is one of the four pillars of the National Cyber Security Coordinator (NCSC), which plays an important role in protecting the computer systems and users from cybercrimes.
NCSC has four pillars:
i. National Technical Research Organization (NTRO)
ii. National Critical Information and Infrastructure Protection Centre (NCIIPC)
iii. Computer Emergency Response Team of India (CERT-In)
iv. Ministry of Defense (MoD)
CERT-In is the national nodal agency, authorized by the Central Government under Section 70B of the Information Technology Act, 2000. CERT-In has been appointed by the notification in the Official Gazette for responding to computer security incidents. Computer and internet users can report vulnerabilities to CERT-In.
CERT-In is designated to perform following functions in the area of cyber security under Section 70B (4):
a) collection, analysis and dissemination of information on cyber incidents,
b) forecast and alerts of cyber security incidents,
c) emergency measure for handling cyber security incidents,
d) coordination of cyber incidents response activities,
e) issue guidelines, advisories, vulnerability notes and white papers relating to information security practices, procedures, prevention, response and reporting cyber incidents,
f) other functions relating to cyber security as may be prescribed[6].
Some of the Software used by Cyber Forensic Experts are Digital Forensics Framework, Open Computer Forensics Architecture, CAINE, X-Ways Forensics, SANS Investigative Forensics Toolkit- SIFT, Encase,VMWare, The Sleuth Kit, CaseNotes, Forensic Toolkit.
Computers and network are the integral part of modern life and are vital organ which is used in private educational government commercial and medical organizations. The enormous use of technology on a large scale is the root cause of the criminals for doing unlawful and unethical activities through the means of network and cyberspace. Collection and restoration of the data and necessary evidences is a job of great challenge for the local police and investigating agencies in India. The Evidence collected from computers and its successful analysis requires smart skills and knowledge in the field of computers and network. It can only be successful when India takes a standby with the investigating agencies of our country.
PROCEDURE CARRIED OUT IN CYBERCRIME INVESTIGATION:
In the era of digital India many developments and inventions through the different means of technology are still under process with this increase technology the crime committed through cyberspace are finding new innovative means and are getting registered under IT Act, 2000 and also and are the alarming threat to national security and integrity. In initial stage when cybercrime is reported it is registered under IT Act, 2000. The following next step are the part of cybercrime investigation methodology.
Questioning?!
Investigating agencies collect information about the crime committed and does the critical analyses on the reasons of the commencement of the crime and further precede the investigations. The information collected is general through the means of hardware, webcams, wire taps, etc.
Cyber Forensic:
After questioning and gathering of information, E-Forensic tools are used to collect the evidences. The evidence collected are kept carefully because they have to be present in Court of Law.
Techniques used in Cybercrime investigation
Searching of the criminal.
Tracking IP address.
Analysis of web server logs.
Restoring of hidden data.
Tracking of email account.
Recovering of deleted evidences and cracking the passwords.
These procedures help the cyber forensic investigator to meet out the successful investigation and the recovery of the original data safely. Data integrity should be maintained by the forensic investigator.
The following steps in investigating the cyber forensic cases are as follows:
For legal opinions the companies should call for a legal advisor.
The forensic investigator should prepare the First Response of Procedure (F.R.P).
The collected evidences are converted into possible mathematical programs- logarithms or MD5 Hashing algorithm as well as bit stream images.
Finally, the forensic investigator should hand over the report to client or the competent authority.
Investigation of Cybercrime carried out by Police Department.
Emerging trends of cybercrime includes hacking, phishing, spamming, identity theft. With these emerging types of crime the investigating agencies and the police department must revamp and reform the investigation topologies which will be helpful for prosecution of the cybercrime. If we study current scenario there are several potholes existing in the system for investigation and creates a gap between the reporting of crimes, arresting of criminals and finally the producing the criminals for prosecution in cybercrimes. According to the section 16 of Criminal Procedure Code and Section 2 of Indian Penal Code will be used in handling the cases which has territorial jurisdiction. To avoid the lack of operational procedures which elaborate the methodologies of resolving and investigating of cybercrimes, law manuals are into the action. The Cybercrime cell should be equally sound to counter all the possible attacks from the site of World Wide Web and should consist a skillful team which should be capable enough to tackle conventional as well as the latest cybercrime and should be techno-friendly.
However, the police department fails to recognize itself as a cyber expert and deals with the conventional point of view in the crime committed. As a result it failing to give a necessary relief to the common ones who are the victim of cybercrime.
Prosecution of Cybercrime cases in Indian Judicial System
Information Technology Act or computer law includes cybercrime, E-commerce, freedom of expression, copyright, intellectual property right and privacy right. Cybercrime involves activity like email spamming, unauthorized access, child pornography etc.
Privacy rights addresses data protection and privacy on internet. India judicial system deals cybercrime cases in the ambit of criminal judicial system taken under Indian Penal Code. And works on the principles and sections of the supportive law i.e. IT Act as well as the statutory law i.e. IPC.
In some cases all the evidence maybe electronic evidence without any fact filled story or human witness. However, the computer forensic examiner will be the percipient witness. The forensic examiner must convince the court about the ability to be used as evidence in trial and reliability of the safe.
Challenges faced by Judicial system while deciding Jurisdiction
The major issues faced by Indian Judiciary while deciding the Jurisdiction of cybercrime because of its universal of crime. As cyberspace eradicates the territorial concept as the crime committed is totally different and unique from the conventional ones.
Section 75 of Information Technology Act, 2000 empowers the judiciary to handle cybercrime cases outside the jurisdiction and also provide assistance from outside in terms of collecting evidences, with the coordination of law enforcement agencies in that jurisdiction.
JUDICIAL REFORMS:
In India, cybercrimes are mainly registered under three broad categories-
Information Technology Act, Indian Penal Code and other state level legislations.
The following crimes are registered under IT Act.
Tempering of electronic documents- Sec.65
Loss of resource or damage to computer utility- Sec. 66(1)
Hacking- Sec.66(2)
Electronic obscenity- Sec. 67
Failures of order of certifying authority- Sec. 68
Unauthorized access to computer system- Sec. 70
Misrepresentation- Sec.71
Fake digital signature publishing- Sec. 73
Fake digital signature- Sec. 74
Privacy breach- Sec. 72
And many other crimes
As per the guidelines from honorable Supreme Court of India central government has taken initiative to create online complain launching portal for handling all types of cybercrime. The portal will be useful in identifying the status of crime and will help police of track the current status of the same.
CHALLENGES FACED BY INVESTIGATING AGENCIES:
Due to lack of knowledge and understanding of the internet, it is difficult to investigate where and by whom the crime has been planned. Some of the challenges encountered during the investigation are-
1. Hiding, spoofing and remote storage.
2. Lack of skilled investigator.
3. Online investigations.
4. Liaisons with the Internet industry.
5. Forensic computing.
6. Lack of cooperation.
LAWS RELATED TO CYBERCRIME IN INDIA:
Overview of Information Technology Act, 2000.
Information Technology Act, 2000 is based on United Nation (UNCITRAL) Model of Law. This Act was enacted on 17th October 2000. The IT Act is spread in total of 13 chapters and 90 Sections. The last four sections of the IT Act, 2000 i.e. 91 to 94 are the amendments to the Indian Penal Code, 1860, The Indian Evidence Act, 1872. The Act majorly contains two schedules the first deals with documents or transactions to which the Act shall not apply, second deals with the electronic signature or technique and procedure. The Information Technology Act has several salient features made to deal with cyber issues.
Salient Features of Information Technology Act, 2000:
i. The Act gives legal recognition to the electronic document as well as the digital signature.
ii. It describes and elaborates contraventions penalties and offenses.
iii. It gives an outline of the judicial dispensation systems for cybercrimes.
iv. It provides a constitution for the advisory committee, which shall advise the government regarding any rules or for any other purpose with the Act.
The Information Technology Act, 2000 has been upgraded and amended in the year 2008. The technology is never static, it gets better and better. Cyber criminals exploits the advanced technology to discover new methods of cybercrime. Thus, as the criminals are exploring and keeping pace with the advancement in technology. it is equally important for the law to keep itself updated.
The IT Act came with the following amendments and was made effective on October 27, 2009.
The amended Information Technology Act, 2000 laid stressed on the following points:
It focuses on privacy issues as well as information security.
It came with surveillance on cyber cases.
It clarified reasonable security practices for corporate.
New faces of cybercrime were added.
Severe punishment and fines were added.
Powers were given to inspector to investigate cybercrime as against only to the DSP.
In India, the Information Technology, 2000 is the sole savior to combat cybercrime. The Act shows a good vision of cyber security with the blend of conventional laws like IPC and Evidence Act to the latest as of Information Technology, 2000. The Act needs to be more strong and regulated, possibly covering all the threat to security and integrity of the country. The upcoming time seeks more powerful laws for the cybersecurity and rectification of cybercrimes.
Authentication of Digital Evidence:
In the 21st century, communication technologies have made dramatic changes in the way we live. Information is stored in electronic form instead of traditional paper documents. Storing information in electronic form has many advantages, it is cheaper, easier to store, retrieve and speedier to communicate. The Law of Evidence is conventionally based on paper-based records and oral testimony. Under The Indian Evidence Act, 1872 it is accepted in the Court of Law, Section 65B Admissibility of electronic records. The Indian Evidence Act states that any evidence in form of an electronic record printed on a paper, stored, recorded or copied in optical or magnetic media produced by a computer shall be deemed to be also a document. Section 85A, 85B, 85C– states that the court shall presume every electronic to be an agreement, the court shall preserve the electronic record, the court shall presume that the information noted in an Electronic Signature Certificate to be correct.
COMPARATIVE STUDY OF INDIA & U.S.A:
Unlike traditional crimes, it is difficult to criminalize and legalize the provisions related to cyberspace i.e. cybercrime and cyber security. There are significant differences between the definitions of cybercrime identified in the United States of America (U.S.A) and India. In U.S.A, access information that has been declared to be confidential accounts as a criminal act committed through cybercrime or by the means of internet. However, in India criminality requires dissemination of the information obtained without authority. The significant difference between the prosecutions of cybercrime in two countries relates to obscenity and decency laws.
When we study the current scenario of development, implementation, upgrading, and enforcement of the policy action plan the strategy of U.S.A is far better than India in terms of implementation. The United States of America Has a defensive approach towards the security against cybercrimes. They have a well managed resources and expertise to attain a safe cyberspace in an offensive manner. Therefore, they have a better protection of their resources from the cyber threats in comparison to other countries.
Cyberspace is an intrinsic part of the development of any county in terms of economic, political and social spheres. India, have recognized the usage of social media for the launch of extensive awareness campaigns. The cyber sensitivity in India is at an initial stage and its infrastructure is still struggling to safeguard itself from the cyber threats throughout the globe. Compared to other countries like U.S.A which has a fully equipped expertise of as well as a strong infrastructure to deal with the problems, India still runs on the conventional laws of British era including Indian Evidence Act, 1872, Indian Penal Code, 1860 and the information technology act is still an infant as compared to the problems faced by people on daily basis. India lacks a large part of the availability of cyber experts who can easily deal with these virtual threats. As a result, the burden lies on the local police who is already involved into number of investigations leading to not well organized implementation of cyber laws. The absence of cyber security cells and the cyber police stations in India creates a chaos in the field of cybercrime. The case resolution percentage is less than fifty percent of the registered cases under the IT act, 2000. The government of India is still investing its large part on the training of the police officers as well as appointed executive officers to deal with the cybercrimes but the rapid advancement of virtual space fails down the available resources in India. To counter this issue India relies upon the foreign software (or a third party software) which have a high maintenance cost. The usage of these foreign software hands the security to the third party challenging the sovereignty and integrity of the country as data may be sold by the owned company just to fulfill their own interest of needs.
CONCLUSION:
The paper derives relationship between cyber security and cyber forensic. Cyber security is the process of securing computer systems from cybercrimes such as cyber stalking, cyber terrorism, etc. Cyber Forensic is the branch of forensic which deals with the scientific methods used during the investigation of crime and present them in Court of Law. There are existing cyber laws in the country, but with the passage of time and new advancements in technology laws need to be amended.
PREVENTIVE MEASURES:
There is a need to secure the present structural cyberspace of the country and to tackle crime cases on a war footing. Most of the offences defined under the Information Technology Act are bailable upto 3 years of imprisonment. The tenure of punishment is not the propionate scale to which the crimes are taking place on regular base. The term of punishment should increase so that the mindset of cybercriminals change and ultimately leading to peace in society.
India is a developing country not only have challenges on the part of its external and internal security, geographical factors, political mindsets and an enormous diversity but the immature security infrastructure to counter the cybercrime is not so sufficient to safeguard the country from this global issue. As a result paper draws the alarming concerns that to be implemented as soon as possible to make India cyber safe space.
The preventive measures suggested are as follow:
Government should taken an initiative to discuss on the all possible threats of cyberspace and to draw out effective measures with the assistance of techno experts as per the requirement.
Cyber Laws should be amended on a uniform interval of time.
Government should intake more and more awareness programs to make them aware of cybercrimes.
Along with the cyber investigation cell cyber forensic labs should be a integral part of cells in every district.
Cyber forensic should be a necessary subject in the part of police training curriculum.
Government should take initiative to encourage victims of cybercrime to get register their cases under the existing laws.
References:
1.http://www.antiphishing.org/apwg-news-center/
2.https://www.dailymail.co.uk/indiahome/indianews/article-4855694/India-world-s-worse-rates-online-child-pornography.html
3. “Florida Computers Crimes Act” https://search.ufl.edu/web/#gsc.tab=0&gsc.q=florida%20computer%20crimes%20act%20site%3Aclas.ufl.edu
4. Warren G. Kruse, Jay G. Heiser, Computer forensics: Incident response essentials. Addison- welsley. P. 392 (2002)
5. Nayan Joshi, e Crimes& Frauds, Lawmann’s, Page-279.
6. Bare Act, Information Technology Act, 2000.
This post was extremely interesting
Informative and on point 🔥