HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA

Dr. Sanjeev Kumar1 , 2

1M.Phil and PhD in International Relation and Politics & NTS from JNU, New Delhi 2 Assistant Professor in Legal, Department of History, Chanakaya Law College, Maniharan, Saharanpur, UP Affiliated Chaudhary Charan Singh University Meerut, UP-India ***

Abstract - Crime has also been associated with the history of Human life. Along with a civil society, crime has also been continuously associated. The crimes have also changed with the time and circumstances. In modern time, a word like cyber crime comes to the forefront. Almost all nation-state of the world have constituted laws to deal with cyber crime. The development of the technology and electronic information has led to the beginning of computer related crimes commonly known as cyber crime. In this article we are presenting the very important information which explains cyber crime. As well as studying what is the history of cyber crime in India and what laws have been constituted related to cyber security.

Keywords: Acts and Regulations, Cyber Crime, Cyber Security, Cyber laws, Cyberspace, ColdWar, Information Technology, Model Law, Netizens, National Security, Worldwide, etc.

1. INTRODUCTION

Theemergenceofcybercrimeisasignificantstepinhuman history. That had an impact on the crime's social and financial aspects. In the age of information technology, cybercrimemayseemtohavearecentpast,althoughthere has always been evidence of it. Numerous ancient texts, datingbacktoprehistorictimes,aswellaslegendarytales, have discussed crimes done by individuals, whether they were against another person, like common theft and burglary,oragainstthenation,suchespionageandtreason. Kautilya's Arthashastra, acknowledged to have been a realistic administrative treatise in India and published around350BC,discussesavarietyofcrimes,propersecurity measuresforrulerstoimplement,dangerouscrimeswithin astate,etc.Additionally,itsuggestspunishmentforthelist of predetermined offences. The Arthashastra further analysesthenotionofcompensatingvictimsfortheirlosses andliststhenumerouspunishmentsthathavebeenhanded out for the specified offences. All members of society are negativelyimpactedbycrime,regardlessofitsform.Dueto the Internet's fast spread and the digitalisation of commercial activity, cyber crime has risen sharply in developingnations.

Today, the world community started making cybercrime laws according to the way, the number of crimes in

cyberspaceincreasedinthevirtualworld.Ifwethrowlight on history of cybercrime laws, then its beginning is associatedwiththebeginningoftheinternetworld.Thelaws governing this area are known as Cyber laws and all the netizensofthisspacecomeundertheambitoftheselawsas itcarriesakindofuniversaljurisdiction.Cyberlawcanalso be described as that branch of law that deals with legal issues related to use of inter-networked information technology. In short, cyber law is the law governing computersandtheinternet.Theconceptofsecurityisacore conceptinthestudyofinternationalrelations.Traditionally, and until relatively recently, security analysis focused on statesecurity,viewingitasafunctionofthelevelsofthreats whichstatesfacefromotherstates,aswellasthemanner andeffectivenessofstateresponsestosuchthreats(Rather andJose2014)1 . Inreality,thephrase‘cybercrime’ismostly usedinknowledgesocietyofthe21stcentury,andiscreated bycombiningtwotermscyberandcrime. Thecontinually increasingcybercrimesnotonlythreatennationalsecurity but also pose a direct threat to international security. Cybercrime is ‘transnational or international’ there is no borderincyberworld.Whatsuchlawshavebeenmadeby worldgovernmentsandhowwilltheycontrolsuchcrimes, thosesubjectshavebeenhighlightedinthisresearcharticle.

2. SIGNIFICANCE OF THE STUDY

The entire world is moving towards development and simultaneouslytowardstechnologicaladvancementandthe rapid development of internet and computer technology globallyhasledtothegrowthofnewformsoftransnational crimeespecially.Theproblemsandcrimesbroughtbyorin sectorofinformationtechnology/internethavevirtuallyno boundaries.Theresearcherbelievesthatthefinalpaperwill providethereaderswithknowledgeofcyber-crimes,cyber lawsofIndiaespeciallyInformationTechnologyActofIndia.

3. OBJECTIVES OF THE STUDY

Theobjectivesofthestudyaresomefollowing:

1. Toinvestigatethehistoryofcybercrimeintheworld.

2. Toexaminetheconceptofcybercrimeandconstituted cyberlawsinIndia.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

3. To highlight the cyber crime impact on national and internationalsecurity.

4. Todiscussthecybercrimebreachofconfidentialityand privacyofNationalSecurity.

4. RESEARCH METHODOLOGY

Thisarticleisfocusedonbothhistoriesofcybercrimeand cyberlawsinIndia.Ihavetakenaccountbothprimaryand secondary sources of data information’s. The primary sourcesofinformationareconstitution,Actsandregulations ofIndiawhilesecondarysourcesofinformationarearticles, journals, commentaries and book. In this research, I have alsofollowedBluebookrulesofcitation.

5. SCOPE OF THE STUDY

Inthisresearchpaper,Ihavetriedtofocusoncyber-crime, itstypes,InformationTechnologyActofIndiaandcompare analysis with other countries. This article may touch any otherlaws,rulesorregulationsofthecountriesbutwillnot dealwiththemdeeply.ItwillcontainsomecasesofIndiabut thereisnoanytimeperiodlimitforthecases.

6. CONCEPT OF CYBER SECURITY

The word ‘cyber security’ is yet to be defined in a comprehensive manner because of the complex and fact changing nature of information and communication technologyatglobalandnationallevel.Thisdevicealloweda series of steps that was continual within the weaving of specialfabricsormaterials 2 Oneofthemostconciseones canbefoundontheTechtargetwebsiteanditstates:‘Cyber securityisthebodyoftechnologies,processesandpractices designedtoprotectnetworks,computer,programsanddata fromattack,damageorunauthorizedaccess.Thetermcyber securityincorporatesboththephysicalsecurityofdevicesas wellastheinformationstoredtherein.Itcovers“protection from unauthorized access, use, disclosure, disruption, modificationanddestruction” . 3AccordingtotheInformation Technology Act, 2000 cyber security means “protecting information, equipment, devices, computer, computer resource, communication device and information stored therein from unauthorized access, use, disclosure, disruption,modificationordestruction.”AdvocatePrashant Mali trying to define the cyber security as “cyber security means the processes & technologies designed & implemented to protect devices, networks and data from unauthorized access, vulnerabilities and incursion into IT infrastructureviaanynetworkorthecyberspace(internet) byamalefactorwithanyintent”. 4 Cybersecurityisstrategy against unauthorized access or threats to computers, programs,networks,personaldata,etc.

7.HISTORICAL GENESIS AND EVOLUTIONOF CYBER CRIME

ThehistorianKumarandothersideaabouthistoricalgenesis andevolutionofcybercrimeisthat“Theprimitivetypeof computerhasbeeninJapan,ChinaandIndiasince3500B.C, butCharlesBabbage’sanalyticalengineisconsideredasthe timeofpresentdaycomputers.Intheyear1820,inFrancea textilemanufacturernamedJoseph-MarieJacquardcreated the loom”. 5 According to Chaubey stated that “during the period of 1950’s, it would be an astonished feeling for everyonewhousespalmtopsandmicrochipstoday,toknow thatthefirstsuccessfulcomputerwasbuiltandthesizeof the computer was so big that it takes the space of entire roomandtheyweretooexpensivetooperate.ThePersonal computersbecomecheaperandbecomehouseholditemat the start of 21st century in India. The Internet was first startedbytheUSdepartmentofdefence,afterWorldWarII with the idea to have a network which could work in the eventofdisasterorwarandsecurelytransmitinformation”6

AbrahamandSeymourdescribedinhis book“Howeverat thatpointnobodyanticipatedtheopportunities’theinternet isgoingtoprovidethetechnologysavvycriminals.InIndia the internet services started by the state-owned Videsh Sanchar Nigam Limited in year 1995 and in 1998 the governmenthasendedthemonopolyofVSNLandmarketis openedtoprivateoperators.Atthatpoint,theinternetusers in India are 0.1% of total population, and now India has becomethe2ndlargestcountryintermsofinternetusers afterchinawith33.22%peopleusinginternet 7Theprocess ofcriminalizationofhumanbehaviourjudgedtobeharmful thepublicistypicallyonethatbuildsslowlyincommonlaw jurisdictions. Momentum gained through problem identification and pressures exerted mg special interest groupscaneasilyspandecadesbeforeundesirableactions areclassifiedas“crime”.Insomeinstances,thisprocessis accelerated through the occurrence of certain “catalyst events”thatcaptureattentionofthepublicandtheattention oflawmakers” 8

AccordingtoAbrahamandSeymourexplanation“Inthecase ofcomputercrime,legislatorsgrewincreasinglyattentiveis the 1980s as businesses became more dependent upon computerization and as catalyst event cases exposed significant vulnerabilities to computer crime violations. Criminalscannoweasilyencryptinformationrepresenting evidence of their criminal acts, store the information and even transmit it with little fear of detection by law enforcement”. 9 “Due to the extraordinary impact of the Internet, a computer crime scene can now span from the geographicalpointofthevictimizationtoanyotherpointon the planet, further complicating criminal investigative efforts.Acommonalityamongthesetypesofcrimesisthat the offender, to a great degree, depends upon the lack of technological skills of law enforcement to successfully commit the offenses and escape undetected. Based upon

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

whatempiricalevidencehasbeenavailableonself-assessed skillsofinvestigatorsinthisarea,computercriminalswould havegoodreasontofeelsomeconfidenceintheirchancesto evadedetectionoftheircrimes” 10 Asweadvancetowards the21stcentury,itcanbeobservedthat“thetechnological innovationshavelaidthewayfortheentirepopulationusing computer technology today, to experience new and wonderfulconveniencesintheirdailyliferangingfromhow toeducated,shops,entertain,toavailingtheunderstanding ofthebusinessstrategiesandworkflow” 11 Butit'sfairto saythatthetechnologicalmarvelsthathaveenhancedour quality of life also have certain risks. While computer technology has given many people access to improved conveniences,ithasalsogiventhievesnewentrypoints.

8. TYPES OF CYBER CRIME

This article examines the acts wherein computer or technologyistoolforanunlawfulact.Thekindofactivities usually involves a modification of conventional crime by usinginformationaltechnology.Hereisthelistofprevalent cybercrimes,someofthemwidelyspreadandsomearenot prevalent on larger scale. Cybercrime is classified on the basis of the subject of the crime. The cyber crimes are discussedbelow-

1. CybercrimeagainstIndividuals 2. CrimeagainstOrganizations 3. Crimeagainstsociety

8.1. Cybercrime against Individuals

Thesetypesofcrimesuchcrimesarecommittedagainsta person or his property.Followingare the examples of the mainoffensescoveredunderit.

A. UnauthorizedAccess B. Onlinefraud C. CyberStalking D. Hacking E. PlasticCardFraud F. Spoofing G. Identitytheft

8.2. Cyber Crime against Organizations

In contemporary era, almost all big companies and organizationsaremorebackontheironlinegrowth.Insuch a situation, they also have to deal with cybercrime. Some examples of the main cybercrimes committed against institutionsororganizationsare:

A. Databreach B. Cyberterrorism C. Warezdistribution

D. Denialofservice(DoS)attack

8.3. Cyber Crime against Society

Thesetypesofcybercrimesthateffectoftheentiresociety, inwhichthenumberofyoungmen&womenandchildren are more affected. Also, which are banned websites and products in the society and illegal materials are made availabletothepeoplethroughtheinternet.Followingare theexamplesofthecybercrimesagainstsociety.

A. Childpornography B. Onlinegambling C. Sellingillegalarticle D. Forgery E. Spamming

9. HISTORY OF CYBER CRIME

ThecybercrimeisevolvedfromMorrisWormtotheransom ware. Many countries including India are working to stop suchcrimesorattacks,buttheseattacksarecontinuously changingandaffectingournation.Thehistoricalevolutionof cybercrimethreatsaregiveninchronologicalorder.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

S.No. Country Year

Cyber Crime threats

1. France 1834 The first cyberattack ever is effectively carried out when two bandits breach the French TelegraphSystemandstealstockmarketdata. 2. USA 1878 NearthebeginningMobileCalls-TwoyearsafterAlexanderGrahamBellcreatedthedevice,the Bell Telephone Company disconnects a group of young boys from the New York telephone networkforregularlyandpurposefullymisdirectinganddisconnectingconsumercalls. 3. Davy Crockett Cat 1955 Inordertotestatheoryregardinghowphonenetworksfunction,PhoneHacker-DavidCondon whistles his phone while playing his "Davy Crockett Cat" and "Canary Bird Call Flute." The computer accepts the secret message, assumes he is an employee and links him to a longdistanceoperator 4. USA 1957 JoeEngressia,ablind,7-year-oldboywithperfectpitch,hearsahigh-pitchedwhistleonaphone lineandbeginstowhistlealongtoitata2600Hzspeed,helpinghimcommunicatewithphone linesandbecomingtheUnitedStates’firstphonehackeror“phonephreak.” 5. USA 1969 RABBITSVirus-TheUniversityofWashingtonDataCenterdownloadsaprogramonacomputer fromanunknownuser.Theinconspicuousmachinecreatescopiesofitselfbeforethemachine overloads and ceases running (breeding like a rabbit). It is known to be the first virus on a computer.

6. Nederland 19701995 KevinMitnick-KevinMitnickpenetratessomeofthehighest-guardednetworksintheworld, including Nokia and Motorola, leveraging specialized social engineering systems, tricking insidersintohandingcodesandpasswordsoverandusingcodestobreachinternaloperating systems. 7. USA 1973 Embezzlement-AlocalNewYorkbanktellerusesamachinetoembezzlemorethan$2million.

UK 1981 IanMurphy,alsoknownas"CaptainZap,"wasfoundguiltyofcybercrimeafterbreakinginto AT&T'snetworkandchangingtheinternalclocktochargeoff-hourratesduringtimesofhigh networktraffic.

Siberian 1982 TheLogicBombTheCIAblowsupaSiberiangaspipelinebyinjectingacodeintothenetwork andtheoperatingsystemtomonitorthegaspipelinewithoutusingabomboramissile.

USA 1984 USSecretService-TheUnitedStatesComprehensiveCrimePreventionActgrantsauthorityover electronicthefttotheSecretService.

USA 1988 TheMorrisWorm-RobertMorrisreleaseswhatontheInternetwillbeconsideredthefirstworm. Toshowthattheauthorisastudentthere,thewormisreleasedfromacomputeratMIT.

UK 1989 TrojanHorseProgramAdiskettethatappearstobeanAIDSinformationarchiveismailedtoa UKelectronicjournaltothousandsofAIDSresearchersandsubscribers.

USA 1994 ManagersofDatastreamCowboyandKujiattheRomeAirProductionCentre,aU.S.Over100 userprofileshavebeencompromisedthankstoa"sniffer"passwordinstalledontheAirForce testing facility's network. Investigators discovered two hackers who went by the names DatastreamCowboyandKujiwereresponsiblefortheattack.

Russian 1995 VladimirLevin RussiansoftwaredeveloperVladimirLevinhacksfromhisapartmentinSaint PetersburgintoCitibank’sNewYorkITmachineandauthorizesanumberofillegaltransfers, ultimatelywiringworldwideaccountsforanestimated$10million.

USA 1999 TheMelissaVirus-AvirusinfectsMicrosoftWordrecords,transmittingitselfviaemailasan attachmentautomatically.Itmailsoutto the first50namesmentionedinthe Outlookemail addressboxofaninfecteddevice.

Russis 2000 Barry Schlossberg, alias Lou Cipher, successfully extort $1.4 million from CD Universe for servicesgiventotheRussianhackerinanefforttoapprehendhim.

DNS 2002 OnlineAttack-ADDoStargetstheentireInternetforanhourbyattackingthe13rootserversof theDomainNameSystem(DNS).Usersaregenerallyunchanged.

Nigeria 2004 ChoicePoint-A41-year-oldNigeriancitizenbreachesChoicePoint’sconsumerrecords,butthe companyonlynotifies35,000citizensoftheabuse.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

USA 2006

cybercriminalgroupcapturesTJX,aMassachusetts-basedretailingcompany,45million credit,anddebitcardnumbers.ItusesamajorityofthestolencardstofundaWal-Martinternet shoppingspree.

Russia 2008 HeartlandPaymentSystems-134millioncreditcardsareexposedtospywareonHeartland’s computersystemsviaSQLinjection.

The Church of Scientology 2008

hacker group known as Anonymous targets the Church of Scientology website. The DDoS attackispartofapoliticalactivistmovementagainstthechurchcalled“ProjectChanology.”In oneweek,theScientologywebsiteishitwith500DDoSattacks.

Stuxnet Worm 2010 TheStuxnetWorm-Theworld’sfirstsoftwarebombisadestructivecomputervirusthatcan attackcontrolsystemsusedforcontrollingmanufacturingfacilities.

USA 2010 AnEasternEuropeancybercrimeringsteals$70millionfromU.S.banksusingtheZeusTrojan virustocrackopenbankaccountsanddivertmoneytoEasternEurope.Dozensofindividualsare charged.

Sony Pictures 2011 AhackofSony’sdatastorageexposestherecordsofover100millioncustomersusing their PlayStation’sonlineservices.Hackersgainaccesstoallthecreditcardinformationofusers.The breachcostsSonymorethan$171million.

2011 Epsilon-AcyberattackonEpsilonthatprovidesconsumers,includingBestBuyandJPMorgan Chase,withemailhandlingandmarketingfacilitiesresultsinmillionsofemailaddressesbeing hacked.

RSA SAFETY 2011 Sophisticated hackersstealinformation aboutRSA’sSecurID authentication tokens, used by millionsofpeople,includinggovernmentandbankemployees.Thisputscustomersrelyingon themtosecuretheirnetworksatrisk. 27. ESTsoft China 2011 Hackersexposethepersonalinformationof35millionSouthKoreans.AttackerswithChineseIP addresses accomplish this by uploading malware to a server used to update ESTsoft’sALZip compressionapplicationandstealthenames,userIDs,hashedpasswords,birthdates,genders, telephonenumbers,andstreetandemailaddressescontainedinadatabaseconnectedtothe samenetwork.

Lulzsec 20112012 LulzSecurity,orLulzSec,abreak-offgroupfromhackingcollectiveAnonymous,attacksFox.com and then targets more than 250 public and private entities, including an attack on Sony’s PlayStation Network. They thenpublicize their hacks though Twitter to embarrass website ownersandmakefunofinsufficientsecuritymeasures.

USA 20092013 RomanSeleznevhacksintomorethan500businessesand3,700financialinstitutionsintheU.S., stealingcarddetailsandsellingthemonline,makingtensofmillionsofdollars.Heiseventually caughtandconvictedfor38charges,includinghackingandwirefraud.

Russian 20132015 Global Bank Hack-More than 100 organizations around the world have access to secure informationfromacommunityofRussian-basedhackers.

Anthem

Anthem reports theft of personal information on up to 78.8 million current and former customers.

Pin

LockerPinresetsthepincodeonAndroidphonesanddemands$500fromvictimstounlockthe device.

Wikileaks

Leaks of DNC Emails: Ahead of the 2016 US presidential election, WikiLeaks received and publishedemailsthathadbeenstolenfromtheDemocraticNationalCommittee.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

37. Equifax 2017 Equifax-Equifaxiscompromised,revealing143millioncustomeraccounts,oneofthebiggestUS creditbureaus.SocialSecuritynumbers,birthdates,addresses,driver’slicensenumbers,and certaincreditcardnumbersarepartoftheconfidentialleakedinfo.

Chilpotle 2017 MillionsofChipotlepatronshadtheircreditcardinformationstolenbyanEasternEuropean criminalorganisationthattargetedeateries.

WannaCry 2017 WannaCry,thefirstknownexampleofransomwareoperatingviaaworm(viralsoftwarethat replicatesanddistributesitself),targetsavulnerabilityinolderversionsofWindowsOS.Within days,tensofthousandsofbusinessesandorganizationsacross150countriesarelockedoutof their own systems by WannaCry’s encryption. The attackers demand $300 per computer to unlockthecode. 40. Starwood 2018 Usingstolencredentials,athreatactorwasabletobreachMarriottHotelssystemsthrougha RemoteAccessTrojan(RAT).Datafromover500millionguests,includingsensitivedatalike creditcardandpassportinformation,wasstolen. 41. Dubsmash 2018 Thewell-knownvideostreamingplatformdiscoveredthat161.5millionuserdetailswereupfor sale on the dark web. The data contained information such as names, email addresses, and encryptedpasswords.

42. Alibaba 2019 Atelemarketingemployeeprivatelyobtained1.1millionpiecesofdataincludingAlibabaclient contact information and leaked it to a distributor’s staff member during the November 11Singles’Dayshoppingfestival. 43. Facebookk 2019

Anunidentifiedhackerpublishedphonenumbers,accountnames,andFacebookIDsbelonging tomorethan530millionFacebookmembers. 44. Sina Weibo China 2020 SinaWeibo,theChineseversionofTwitter,has538millionusers,andinformationonthemwas stolenandspreadonline.

Awell-knowncybersecuritycompany,FireEye,declaredtheyhadbeenthetargetofanationstate attack. Security personnel stated that their Red Team toolbox, which contained programmesusedbyethicalhackersinpenetrationexaminations,hadbeendestroyed.While looking into the nation-state attack against its own Red Team toolset, Fire Eye came into a distributionnetworkattack.Theresearchersstumbledacrossevidencethatattackersentereda backdoorintheSolarWindssoftware“trojanizing"SolarWindsOrionbusinesssoftwareupdates todistributemalware.

46.

Note-

10. NATURE OF CYBER SECURITY ATTACKS

In the time of cyberspace, today human beings are completely interconnected with each other of the world throughtheinternet.Thewayofinformationtechnologyhas limited the distance, in the same way cybercrimes are increasing day by day in different ways. Cyber security knowsnobordersandisnotlimitedtoanyonegeographyor culture. The challenges and opportunities facing cyber securityexperts,policymakersandthepublicareglobalin natureandrequireglobally-mindedsolutionsatalllevels.At thesametime,rapidchangesintechnologyhaveadirect

IRJET

impact on societies around the world and the changing threatenvironment.TheHewlettFoundation’s2019Cyber InitiativeGranteeConveningwillfocusontwopillars:(1)the global nature of cyberspace and (2) emerging technology challenges and solutions. These cybercrimes attack the securityinthefollowingway.

Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

11. CYBER ATTACKS LEGAL AND OTHERS CLASIFICATIONS

The cyber Attack due to increasing technology can be classifiedasdifferenttypes.Inthisclassification,thebasic five types of cyber attacks are described. In which legal classification is the subject of our study. The legal classificationofcyberattacksasamajorthreattonational securityandinternationalpoliticsinvariouscountiesinthe world.

SmallScale

This is increasing threat to the nation state as well as humanity.Inthisdiagramthelegalclassificationisdivided into the following four parts which are analyzed as cyber crime,cyberespionage,cyberterrorismandcyberwar.The technology has increased the number of cyber crimes leadingtochangesintheworldorderwhichisseeingthreat asanon-traditionalsecuritydimension.

12. REQUIREMENT FOR CYBER LAW IN INDIA

Firstly, India's legal system is quite comprehensive and well-defined.Themostimportantofthemanylawsthathave beenpassedandputintoeffectisTheConstitutionofIndia. TheIndianPenalCode,theIndianEvidenceActof1872,the Banker's Book Evidence Act of 1891, the Reserve Bank of IndiaActof1934,theCompaniesAct,andothersareamong

the laws they have that we also have. As a result, the advent of the Internet brought about a number of delicate legal difficulties and challenges, necessitating the adoption of Cyberlaws.

Secondly, “the existing laws of India, even with the most benevolent and liberal interpretation, could not be interpreted in the light of the emerging cyberspace, to include all aspects relating to different activities in cyberspace.Infact,thepracticalexperienceandthewisdom ofjudgmentfoundthatitshallnotbewithoutmajorperils andpitfalls,iftheexistinglawsweretobeinterpretedinthe scenario of emerging cyberspace”12 without enacting new cyberlaws.

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page1367

International Research Journal of Engineering

and

Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

Thirdly, “noneoftheexistinglawsgaveanylegalvalidityor sanctiontotheactivitiesinCyberspace.Forexample,theNet isusedbyalargemajorityofusersforemail.Yettilltoday, email is not “legal” in our country. There is no law in the country, which gives legal validity, and sanction to email. Courtsandjudiciaryinourcountryhavebeenreluctantto grant judicial recognition to the legality of email in the absence of any specific law having been enacted by the Parliament”13 AssuchtheneedhasarisenforCyberlaw.

Fourthly, “Internet requires an enabling and supportive legal infrastructure in tune with the times. This legal infrastructure can only be given by the enactment of the relevant Cyber laws as the traditional laws have failed to grantthesame.E-commerce,thebiggestfutureofInternet, can only be possible if necessary legal infrastructure complimentsthesametoenableitsvibrantgrowth”14

Othercyberhistorianandcybersecurityexpertanalysisthat “Cyber laws in India or cybercrime law in India are importantbecauseoftheprimereasonthatcybercrimeact inIndiaencompassesandcoversalltheaspectswhichoccur onorwiththeinternet-transactions,andactivitieswhich concern the internet and cyberspace.The rise of the 21st centurymarkedtheevolutionofcyberlawinIndiawiththe InformationTechnologyAct,2000(popularlyknownasthe ITAct).Thefirst-evercybercrimewasrecordedintheyear

1820.TheinformationTechnologyActisanoutcomeofthe resolutiondated30thJanuary1997oftheGeneralAssembly of the United Nations, which adopted the Model Law on ElectronicCommerce,adoptedtheModelLawonElectronic 17CommerceonInternationalTradeLaw” 15Thisresolution recommended, inter alia, that all states give favourable considerationtothesaidModelLawwhilerevisingenacting newlaw,sothatuniformitymaybeobservedinthelaws,of thevariouscyber-nations,applicabletoalternativestopaper based methods of communication and storage of information.

13. HISTORY OF CYBER SECURITY LAW IN INDIA

The Departmentof Electronics(DoE)in July1998 drafted thebill.However,itcouldonlybeintroducedintheHouseon December 16, 1999 (after a gap of almost one and a half years)whenthenewITMinistrywasformed.“Itunderwent substantialalteration,withtheCommerceMinistrymaking suggestionsrelatedtoe-commerceandmatterspertainingto WorldTradeOrganization(WTO)obligations.TheMinistry ofLawandCompanyAffairsthenvettedthisjointdraft.After itsintroductionintheHouse,thebillwasreferredtothe42member Parliamentary Standing Committee following demands from the Members”.16 “The Union Cabinet approved the bill on May 13, 2000 and on May 17, 2000, both the houses of the Indian Parliament passed the InformationTechnologyBill.TheBillreceivedtheassentof thePresidenton9thJune2000andcameto18beknownas the Information Technology Act, 2000. The Act came into forceon17thOctober2000”.17

Departmentofelectronicandinformationtechnologypolicy explain that “With the passage of time, as technology developed further and new methods of committing crime using Internet & computers surfaced, the need was felt to amendtheITAct,2000toinsertnewkindsofcyberoffences and plug in other loopholes that posed hurdles in the effective enforcement of the IT Act, 2000. This led to the passageoftheInformation Technology(Amendment)Act, 2008whichwasmadeeffectivefrom27October2009.The IT(Amendment)Act,2008hasbroughtmarkedchangesin theITAct,2000onseveralcounts”. 18

14. CYBER LAWS

Cyber crimes are a new class of crimes which are increasinglydayduetoextensiveuseofinternetthesedays. To combat the crimes related to internet The Information TechnologyAct,2000wasenactedwithprimeobjectiveto createanenablingenvironmentforcommercial useofI.T. The IT Act specifies the acts which have been made punishable. The Indian Penal Code, 1860 has also been amendedtotakeintoitspurviewcybercrimes.

14.1. CYBER SECURITY LAW IN INDIA

In India, cyber laws are contained in the Information Technology Act, 2000 (IT Act) which came into force on October17,2000.ThemainpurposeoftheActistoprovide legal recognition to electronic commerce and to facilitate filing of electronic records with the Government. The following Act, Rules and Regulations are covered under cyberlaws:

1. InformationTechnologyAct,2000 2. Information Technology (Certifying Authorities) Rules,2000 3. InformationTechnology(SecurityProcedure)Rules, 2004 4. Information Technology (Certifying Authority) Regulations,2001 5. NationalPolicyonInformationTechnology2012 6. NationalCybersecurityPolicy,2013 7.

National Cyber Security Coordination Centre (NCCC),2017 8.

CyberSwachhtaKendra(2017)

CyberSurakshitBharat(2018) 10. CyberWarriorPoliceForce(2018) 11. IndianCyberCrimeCoordinationCentre(I4C),2020 12. NationalCyberSecurityPolicyMission2020 13. Indian Computer Emergency Response Team (CERT-In)2022

The various offences related to internet which have been made punishable under the IT Act and the IPC are enumeratedbelow:

A- Cyber Crimes under the IT Act

1. Tampering with computer source documentsSection65

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

2. Hacking with Computer systems, Data alterationSection-66

3. Publishingobsceneinformation-Section-67

4. Un-authorisedaccesstoprotectedsystemSection70

5. BreachofConfidentialityandPrivacy-Section-72

6. Publishing false digital signature certificatesSection-73

B- Cyber Crimes under IPC and Special Laws

1. Sending threatening messages by Email- Section 503IPC

2. Sending defamatory messages by Email- Section 499IPC

3. Forgeryofelectronicrecords-Section463IPC

4. Boguswebsites,cyberfrauds-Section420IPC

5. Emailspoofing-Section463IPC

6. Web-Jacking-Section383IPC

7. E-mailAbuse-Section500IPC

C- Cyber Crimes under the Special Acts

1. Online sale of Drug under Narcotics Drugs and PsychotropicSubstanceAct

2. Onlinesaleofarms-ArmsAct

15. NATIONAL CYBER SECURITY POLICY

TheDepartmentofElectronicsandInformationTechnology hasapolicyframeworkcalledtheNationalCyberSecurity Policy (DeitY). It tries to defend both private and public infrastructurefromonlinethreats.Additionally,thepolicy aimstoprotect"information,includingpersonalinformation (of site users), financial and banking information, and sovereigndata."

15.1. National Cyber Security Policy Mission

1. To safeguard data and online information infrastructure.

2. Todeveloptheskillsnecessarytostopandaddress onlinedangers.

3. To use institutional structures, people, processes, technology, and collaboration to limit vulnerabilitiesandlessenharmfromcyberevents.

15.2. National Policy on Information Technology 2012

The National Policy on Information Technology 2012 was recentlyadoptedbytheUnionCabinetinSeptember2012.In order to meet the nation's economic and developmental issues, the Policy strives to make use of information and communicationtechnology(ICT).

15.3.

National Cyber security Policy, 2013

TheNationalCyberSecurityPolicywascreatedin2013asa response to the 2013 NSA eavesdropping scandal, which madeIndiaawareoftheneedforcybersecurity.Information maybedividedintotwocategories:thatwhichcanbeshared freelyandthatwhichhastobeprotected.

15.4. National Cyber Security Policy Vision, 2013

The goal of this policy is to create a resilient and secure cyberspace for individuals, organisations, and the government.

15.5. National Cyber Security Coordination Centre (NCCC), 2017

It was put into operation in 2017 and given the responsibility of doing real-time threat assessments and developing situational awareness of possible cyber threatstothenation.

15.6. National Critical Information Infrastructure Protection Centre (NCIIPC):

According to section 70A of the IT Act, the organisation was established. It is a national nodal agency for critical information infrastructure protection, and its mission is to defend critical information infrastructure (CII)fromthreatsincluding cyber terrorism and cyber warfare. Power andenergy, banking, financial services, insurance, communication, transportation, government, strategic, and public companies are all parts of the essentialinfrastructure.

15.7. Cyber Forensic Laboratory

TheCyberForensicLaboratoryandDigitalImagingCenter aids law enforcement authorities in the gathering and forensic examination of electronic evidence in cases of cybercrime

15.8.

Cyber Swachhta Kendra (2017)

It was released at the beginning of 2017 and offers a platform where users may analyse and purge malware, viruses,andotherthreatsfromtheircomputers.

15.9. Cyber Surakshit Bharat (2018)

“Cyber Surakshit Bharat initiative was launched by the Ministry of Electronics and Information Technology (MeitY),inassociationwithNationale-GovernanceDivision (NeGD) in 2018.It was launched with the objective of creatingawarenessaboutcybercrimeandbuildingcapacity forsafetymeasuresforChiefInformationSecurityOfficers (CISOs) and frontline IT staff across all government departments” 19

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page1369

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

15.10. The Cyber Warrior Police Force (2018)

In 2018, the government launched the plan to establish a cyberwarriorpoliceforce.Theideaistomodelitafterthe CentralArmedPoliceForce.

15.11. Indian Cyber Crime Coordination Centre (I4C), 2020

“The centre was inaugurated in 2020 by the Union Home Minister along with the National Cyber Crime Reporting Portal.I4ChassevenmajorcomponentsNationalCybercrime ThreatAnalyticsUnit(TAU),NationalCybercrimeReporting, PlatformforJointCybercrimeInvestigationTeam,National CybercrimeForensicLaboratory(NCFL)Ecosystem,National CybercrimeTrainingCentre(NCTC),CybercrimeEcosystem ManagementUnit,NationalCyberResearchandInnovation Centre”. 20 National Cyber Crime Reporting Portal is a citizen-centric initiative that will enable citizens to report cybercrimesonline.

16 NATIONAL CYBER SECURITY POLICY MISSION 2020

Inordertoreducevulnerabilitiesandminimizedamagefrom cyber incidents, this policy's mission is to protect informationandinformationinfrastructureincyberspace. Toachievethis,itcombinesinstitutionalstructures,people, processes,technology,andcooperationtobuildcapabilities to prevent and respond to cyber threats. A new cyber securitypolicywillbedevelopedbythegovernmentin2020 inresponsetothenecessityformodifyingthecurrentpolicy duetochangesintheICTenvironment.

17. INDIAN COMPUTER EMERGENCY RESPONSE TEAM (CERT-In) 2022

The document outlines the scope of the Cyber Security DirectionsofApril28,2022,issuedbyCERT-Inpursuantto subsection(6)ofSection70BoftheInformationTechnology Act,2000,inordertoimproveunderstandingamongvarious stakeholders and to advance the development of an open, safe, trusted, and accountable Internet in the nation. The Government is putting together a larger cyber security infrastructure to combat rising threats, and recently publishedCyberSecurityDirectionsarejustonecomponent ofthatarchitecture.“CyberSecurityRuleswerealreadyin placebuttheyarearoundelevenyearsold.Overthisperiod, size, shape & dimension of Internet has changed significantly.Thenatureofuserharmsandrisksin2022are different from what it used to be a decade back. The perpetrators of cyber crime are both state and non state actorswithsinisterdesigns.Rapid&Mandatoryreportingof incidentsisamustandaprimaryrequirementforremedial actionforensuringstabilityandresilienceofCyberSpace” . 21

“The Indian Computer Emergency Response Team shall serve as the national agency for performing the following functionsinthearea”22 ofcybersecurity:-

A. gathering, analysing, and disseminating data on cyberevents;

B. forecastingandwarningsofcybersecurityissues;

C. takingimmediateactiontoaddresscybersecurity problems;

D. Coordination of the activities involved in respondingtocyberincidents;

E. Publishing guidelines, advisories, vulnerability notes,andwhitepapersaboutinformationsecurity practises,procedures,andtheprevention,response, andreportingofcyberincidents;

F. Any additional cyber security-related duties that mayberequired.

18. CONCLUDING REMARKS

Itisclearedfromthepreviousstudiesandrecordsthatwith theincrementintechnology,cybercrimeincreases.Qualified peoplecommitcrimemores;thereisaneedtoknowabout principles and computer ethics for their use in proper manner. Today in the technology age, where human civilizationhasachievedunlimitedfacilitiesandsecurityin everyfield,ithasprovidedmoreeaseinthedevelopmentof cybertechnology.Butantihumanitarianandanti-nationalist peoplegavebirthtocybercrimes.Bothhumansecurityand national are being threatened through cyber-crimes. The socio-economic, political and cultural spheres are being directly harmed by cyber criminals. Track the number of cyber crimes through the National Crime Records Bureau andothersecurityagencies.Thesecrimereportsshowthat the numbers of cyber crimes are increasing day by day. TodayIndiahasbecomethesecondlargestinternetusers’ countryintheworld.ThegovernmentofIndiaisalsomaking newlawsfromtimetotimepreventcybercrimesandpunish cybercriminals.Thegovernmentalsoagreedtocooperation ontheinternationalconventionforthepreventionofcyber crimes. The government’s Ministry of Information Technology and Ministry of Law together made laws and policies to crack down on cyber criminals. In which the following important laws were passed like- Information Technology Act, 2000, National policy on information Technology 2012, National Cyber Security Policy 2013, Indian Computer Emergency Response Team (CERT-In) 2022 etc. The whole world stands together against cyber terrorism.Therealsoacampaignagainstsuchcriminalsin which women and children are also harassed. The civil society and government need to work together to stop all suchcybercrimes.Thegovernmentshouldmakesomemore lawsandmodifythesectionsofIPCandmakenewlaws.So that criminals can be stopped cyber crimes. In the age of moderntechnology,thesocietyofthenationisintertwined with cyber security. Therefore, without it the national securityofanynationisnotpossible.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

19. SUGGESTIONS

Thefollowingsuggestionscanbegiventhatmaybeuseful fordealingthecybersecuritychallengesinIndia:

1. The people’s participation can be of great help in combatingcybercrimeandcybersecurity.

2. A special cyber security Cell Station should be developed to handle cases dealing with computer offences.

3. A “Cyber Forensic Laboratory with all updated technologies should be endorsed to detect computerrelatedcrimes”.23

4. Public Awareness Programmes should be carried out to sensitized public and particularly police officers about the “National Cyber security Policy, 2013, National Cyber Security Policy Mission 2020, Indian Computer Emergency Response Team (CERT-In)2022”.24

5. The security expert in educational institutions to spread awareness about computer abuse among students.

ACKNOWLEDGEMENT

I am expressingoursinceregratitudeandthankstoCyber security agencies and expert of this area for his valuable guidance, and support and kind co-operation during preparationofthisresearcharticleandhelpingusinwriting thisreviewarticlesuccessfully.Iamalsothankfultovarious UniversitieslibrarylikeDU,JNU,NLU,NCRBresourcesand onlinereportstohelpforthisarticle.

REFERENCES

1Rather,M.A.&K.Jose(2014).“HumanSecurity:Evolution andConceptualization.”EuropeanAcademicResearch,2(5): 6766–6797.

2 Kasture, Jyoti Pralhad, (2018), Cyber crime and related laws in India, International Journal of Pharmacy and Analytical Research (IJPAR), Vol-7(3)July–Sep

3 Badruddin and Anis Ahmad (2017), Cyber Security Challenges:SomeReflectionsonLawandPolicyinIndia, The Haryana Police Journal,Volume1No.1,October

4 Mali, Prashant, (2015), Cyber Law & Cyber Crimes 2nd Edition, SnowWhitePublication, Mumbai.

5http://cybercrime.planetindia.net/intro.htm(Accessedon 4thFebruary,2016)

6Chaubey,R.K.(2012)“AnIntroductiontoCyberCrimeand Cyberlaw”,KamalLawHouse, 7https://en.wikipedia.org/wiki/List_of_countries_by_numbe r_of_Internet_users(Accessedon3rdFebruary,2016)

8AbrahamD.Sofaer,SeymourE,(2001),TheTransnational Dimension of Cyber Crime Terrorism, Hoover Institution Press,

9AbrahamD.Sofaer,SeymourE,(2001),TheTransnational Dimension of Cyber Crime Terrorism, Hoover Institution Press

10 Stambaugh, H., et. al, (2001), Electronic Crime Needs AssessmentforStateandLocalLawEnforcement,National InstituteofJusticeReport,Washington,Dc:U.S.Department of Justice, March. Available at : https://www.ncjrs.gov/pdffiles1/nij/grants/198421.pdf (Accessedat04thFebruary,2016)

11 Cyber crime and it Classification, (2020) www.bbau.ac.in/dept/Law/TM/1.pdf

12 Indian Cyber Security, (2022), Cyber Laws in India, http://www.indiancybersecurity.com/ cyber_law_in_india.php

13 Indian Cyber Security, (2022), Cyber Laws in India, http://www.indiancybersecurity.com/ cyber_law_in_india.php

14 Indian Cyber Security, (2022), Cyber Laws in India, http://www.indiancybersecurity.com/ cyber_law_in_india.php

15 History of cyber Security law in India, 2022, http://www.indiancybersecurity.com/ cyber_law_history_india.php

16DepartmentofElectronicsandInformationTechnology, Ministry of Communications and Information Technology, GovernmentofIndia,http://deity.gov.in

17DepartmentofElectronicsandInformationTechnology, Ministry of Communications and Information Technology, GovernmentofIndia,http://deity.gov.in

18DepartmentofElectronicsandInformationTechnology, Ministry of Communications and Information Technology, GovernmentofIndia,http://deity.gov.in

19 Krishnan, Dolly & Mohit Verma, (2020), Cyber security AndCyberLawsaroundtheWorldandIndia:MajorThrust HighlightingJharkhandforConcerns, Indian Politics & Law Review Journal,TheLawBridgePublishers,20thJuly

20 Krishnan, Dolly & Mohit Verma, (2020), Cyber security AndCyberLawsaroundtheWorldandIndia:MajorThrust HighlightingJharkhandforConcerns, Indian Politics & Law Review Journal,TheLawBridgePublishers,20thJuly

21 Ministry of Electronic and Information Technology, (2022), Indian Computer Emergency Response Team (CERTIn) 2022,GovernmentofIndia,18MAY,PIBDelhi

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 09 Issue: 08 | Aug 2022 www.irjet.net p-ISSN: 2395-0072

22 Ministry of Electronic and Information Technology, (2022), Indian Computer Emergency Response Team (CERTIn) 2022,GovernmentofIndia,18MAY,PIBDelhi

23 Badruddin and Anis Ahmad (2017),Cyber Security Challenges:SomeReflectionsonLawandPolicyinIndia, The Haryana Police Journal,Volume1No.1,October

24 Ministry of Electronic and Information Technology, (2022), Indian Computer Emergency Response Team (CERTIn) 2022,GovernmentofIndia,18MAY,PIBDelhi

BIOGRAPHY

Dr. Sanjeev Kumar has completed his M.Phil and PhD in Central Asian Studies, SchoolofInternationalStudies,Jawaharlal NehruUniversity,NewDelhi.Dr.Kumar ’ s area of specialization in Non-Traditional Security like drug trafficking, terrorism, cybersecurity,EnvironmentandNational Securityetc Hehasmorethan25research papersandarticles,4chapterscontribute in edited book, 3 books, published in national and International publications fromIndiaandAbroad.

2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page1372