Introduction
Cybercrime can be committed for a variety of reasons, such as financial gain, personal vengeance, or ideological motivation.
Cybercrime falls into four broad categories: crimes against people, crimes against things, crimes against organisations, and crimes against society. Individual crimes include cyber stalking, defamation, indecent exposure, email spoofing, fraud, net trespass, internet theft, and crimes involving intellectual property. Computer vandalism, intellectual property crimes (Copyright, patented, trademark, etc.), online threats, and so on are all examples of crimes against property. Cyber-attacks on government or military websites, as well as cyberterrorism, are examples of organisational crimes. Crimes against society include child pornography, the indecent exposure of youth-polluting financial crimes, the sale of illegal goods, trafficking, forgery, and online gambling.
The distinction between Cyber Crime and Traditional Crime
Cybercrime differs from traditional crime in that it causes greater harm to society and is more difficult to detect, investigate, and prosecute. Hate crimes, identity theft, terrorism, stalking, and bullying are examples of traditional crimes. Both types of crimes are committed by professional thieves, educated hackers, organised criminal gangs, ideological hackers, and cyberactivists.
Evidence and physical force are the two most important distinctions between traditional and cybercrime. The use of force determines physical force, whereas evidence is based on the evidence of the offences. Traditional crimes involve the use of physical force to cause physical harm to the victim, whereas cybercrimes only involve the use of computer technologies to conceal other people’s identities or accounts.
Reasons for Commission of Cyber Crimes
Financial gain is a major motivator for many cybercriminals who carry out malware, phishing, identity theft, and fraudulent money request attacks. Cybercriminals frequently use cryptocurrencies for smaller transactions and wire transfers for larger ones. According to Business Week, the annual global revenue from cybercrimes involving online banking accounts is close to $700 million. Personal emotions and grudges often drive cybercrime, such as an enraged employee infecting company computers with a virus or a stalker breaking into a person’s social media accounts.
Cybercrime is committed for ethical, ideological, or moral reasons, such as when financial institutions prohibit account and card holders from donating to Wikileaks. Cybercrime is committed for competitive reasons due to the value of IP, blackmail, competitive intelligence, and complex intellectual property in industries with complex intellectual property at their core.
Cyber Criminals and their types
A cybercriminal is someone who engages in illegal activity while using computers or the Internet. They commit cybercrime using a variety of tools as well as their understanding of computer, network, and human behaviour. Hackers are classified into three types: white hat, black hat, and grey hat. White hat hackers are moral hackers who oppose the misuse of computer systems and networks, whereas black hat hackers compromise or breach the security of a computer system or network without the consent of authorised parties. Grey hat hackers are a hybrid of white and black hat hackers who may or may not be criminals.
Crackers, pranksters, career criminals, cyberterrorists, and bullies can all engage in cyberbullying. Cyberbullying includes name-calling, creating fake profiles, and sending hurtful or cruel emails or messages.
Attackers using salami tactics make minor changes in order to commit financial crimes, whereas drops convert virtual currency into actual cash and children buy and resell online scams. Coders create ready-made tools and sell them to the cybercrime workforce.
Identity thieves seek to obtain victims’ personal information, such as their names, addresses, phone numbers, places of work, bank accounts, credit card information and social security numbers. As a result, businesses and consumers have suffered significant losses, with recent research showing that thefts totalled $112 billion over the past six years. An Internet stalker is someone who tracks a victim’s online activities in order to intimidate them and/or collect personal information. Businesses need to be aware of internet stalkers and the tactics they use in case their employees are targeted by this type of cyberattack.
Digital Forensics and Cyber Forensics
“Digital forensics” is a subfield of forensic science that focuses on the recovery and examination of digital or electronic data. Some of its many sub-branches include computer forensics, network forensics, forensic data analysis, and mobile device forensics. The use of forensic science to gather, analyse, and present digital evidence in court, as well as to assist in criminal investigations, is known as cyber or computer forensics. Because of the increase in cybercrime, it is becoming increasingly important for law enforcement, national security, and public safety.
Policies and Procedures for Forensic Investigation
Law enforcement and government agencies are hiring skilled cyber security professionals to develop standards, policies, and procedures for computer forensic investigations. Examining hard drives, email accounts, social networking sites, and other digital archives is all part of evidence assessment, which is an important part of digital forensics because it provides a clear understanding of the case specifics. The investigators must also properly preserve the evidence gathered.
Computer forensic investigators must follow rules to protect the integrity of potential evidence. The examination of the evidence reveals details about the data’s creation and download, including the date, time, and location. Reporting is required to ensure the accuracy and integrity of the data obtained, as well as compliance with all rules, regulations, and policies.
Laws regulating cyber crime in India
In India, cybercrime is covered by the Information Technology Act 2000 and the Indian Penal Code 1860. The Information Technology Act 2000 is the law that regulates online crime and e-commerce fraud. However, the law was amended in 2008 to include definitions and penalties for cybercrime. It defines cyber-crime as the act that facilitates the electronic filing of documents with government agencies, provides legal recognition for transactions using electronic data interchange and other forms of electronic communication (also known as electronic communication and information storage methods), and complies laws such as the Indian Penal Code, 1872 Indian Evidence Act 1891, Bankers Evidence Act 1891 and Reserve Bank of India Act 1934.
Poona Auto Ancillaries Pvt. Ltd., Pune v. Punjab National Bank, HO New Delhi, and Others (2018). Rajesh Aggarwal of Maharashtra’s IT department ordered Punjab National Bank to pay Manmohan Singh Matharu, MD of Pune-based company Poona Auto Ancillaries, Rs 45 lakh after a fraudster transferred Rs 80.10 lakh from Manmohan Singh Matharu’s account at PNB, Pune. The bank was found to be negligent because no security checks were performed on accounts that were opened fraudulently in order to defraud the complainant.
In December 2004, the CEO of Bazee.com was arrested for selling CDs containing offensive material on the site. This CD is also sold in Delhi markets. Delhi Police and Mumbai City Police took immediate action. The CEO was later released on bail. This raises the question of how to differentiate between Internet Service Providers and Content Providers. The defendant must prove that he provided the service and not the content. It also raises many questions about how the police should handle cybercrime cases, requiring extensive training.
In the Bank NSP case, a bank management trainee was engaged to be married. The couple sent and received numerous emails on company computers. Following their split, the girl set up bogus email accounts like “Indian bar associations” and began sending emails to the boy’s international clients. She did this by using the bank’s computer. The boy’s company lost a lot of customers and decided to sue the bank. The bank held the emails sent through its system accountable.
Penalties
The controller has the power to order the certification body or any employee of the body to take any action or to cease the activities specified in the order to comply with the provisions of this Act, the rules or any regulations made under this Act. Whoever fails to obey a judgment given under subsection commits an offense and is liable to imprisonment for not less than three years and a fine of not less than two lakh rupees, or two. This section provides non-bailable and identifiable penalties.
Section 70 allows the relevant government to designate any computer, computer system or computer network as a protected system. Subsection (1) permits access to protected systems, and those who access or attempt to access protected systems in violation of the prohibition are subject to penalties under subsection (2). A false declaration is punishable by imprisonment for two years or a fine of 100,000 rupees.
Conclusion
In conclusion, just as cybercrime is extremely diverse, cybercriminals also fall into a broad category with a variety of motivations driving them. Furthermore, while traditional and cybercrime may appear to be similar on the surface, they differ in a few key ways. In order to address these issues, cyber forensics is currently being actively used to investigate and collect digital evidence, as well as to catch cyber criminals.
References
- Sammons J, Cross M.: The Basics of Cyber Safety, 2017; Science Direct: Cybercriminals, https://www.sciencedirect.com/topics/computer-science/cybercriminals
- Cyberforensics; Technopedia; https://www.techopedia.com/definition/2388/cyberforensics
- Cyber Criminals: Who They Are and Why They Do It; Vircom; https://www.vircom.com/blog/cybercriminals-who-they-are-and-why-they-do-it/
