ASSIGNMENT 2

Ques 1 Why there is a need for Cyber Law ? Explain in detail.

Ans : In today’s techno-savvy environment, the world is becoming more and more
digitally sophisticated and so are the crimes. Internet was initially developed
as a research and information sharing tool and was in an unregulated manner. As the
time passed by it became more transactional with e-business, e-commerce, e-
governance and e-procurement etc. All legal issues related to internet crime are
dealt with through cyber laws. As the number of internet users is on the rise, the
need for cyber laws and their application has also gathered great momentum.

In today’s highly digitalized world, almost everyone is affected by cyber law.

For example:
# Almost all transactions in shares are in demat form.
# Almost all companies extensively depend upon their computer networks and keep
their valuable data in electronic form.
# Government forms including income tax returns, company law forms etc. are now
filled in electronic form.
# Consumers are increasingly using credit/debit cards for shopping.
# Most people are using email, phones and SMS messages for communication.
# Even in a non-cyber crime cases, important evidence is found in computers/cell
phones eg: in cases of murder, divorce, kidnapping, tax evasion, organized crime,
terrorist operations, counterfeit currency etc.
# Cybercrime cases such as online banking frauds, online share trading fraud, source
code theft, credit card fraud, tax evasion, virus attacks, cyber sabotage, phishing
attacks, email hijacking, denial of service, hacking, pornography etc. are becoming common.
# Digital signatures and e-contracts are fast replacing conventional method of
transacting business.

Ques 2: Explain 5 types of cyber crime that are done frequently in digital world
Ans : Following crimes are done frequently in cyber world
Phishing
Phishing is a type of attack were actors attempt to trick unsuspecting users
into doing something they wouldn’t ordinarily do, such as clicking on a malicious URL
or email attachment. Actors usually leverage phishing attacks to steal users’
login credentials, details which they can then abuse to gain unauthorised access to
their victims’ emails or financial accounts.

Ransomware
Ransomware is a subset of crimeware that in most cases infects a victim’s
computer via phishing attacks or an exploit kit campaign. Upon successful infection,
the ransomware commonly encrypts the victim’s data. It then demands a ransom
payment in exchange for the return of their data. But that’s not set in stone.
There’s no guarantee victims will ever get their data back.

In addition to following the anti-phishing steps laid out above, users should
formulate a data recovery plan for their computers. Such a program will help
ransomware victims recover their data for free if they ever experience an
infection. As part of that plan, users should in the very least maintain two local
backups to which they copy their data on a regular basis.

Malware
Malware comes in many different forms. Some specifically target users’ financial
information by installing keyloggers onto victims’ computers. Malware samples can
also reach users via a number of delivery methods, including phishing attacks and
malicious software packages that exploit unpatched software vulnerabilities. Once
installed, attackers can use the malware to spy on online activities, steal
personal and financial information or hack into other systems. Malware has become one
of the biggest online threats and it’s been used in some of the world’s largest
cyber-attacks including WannaCry, NotPetya and Cryptolocker.

Identity Theft
Attackers can do all kinds of things with a person’s identity. They can seize
control of victims’ banking credentials, apply for new banking accounts, steal
users’ hard-earned savings, and more. All they need are some key bits of information
about you to convince a bank or a customer service representative that they’re you.
To protect against identity theft, users should take care not to reveal too much
about themselves on social media and other websites. There is no reason to ever
publicly disclose financial information. In addition, users should never use email to
transmit their Social Security Number or other personal information to another
person, especially someone they don’t know.

Scams
Scams don’t come in one size. But many of them have something in common: they convey
an enticing offer that in many cases attempts to trick users into sending over
money. Of course, those offers are baseless, and victims end up losing money in the
process.

In life, when something sounds too good to be true, it probably is. Users should
never buy into incredible scenarios where they’re offered money or other rewards in
exchange for a fee. Instead they should see those messages for what they are:
campaigns designed specifically to steal their money.

Ques 3: What d you understand by conventional and cyber crime and also explain how
terrorists commit crime using internet ?
Ans 3: CONVENTIONAL CRIME

Crime is a social and economic phenomenon and is as old as the human society. Crime
is a legal concept and has the sanction of the law. Crime or an offence is “a legal
wrong that can be followed by criminal proceedings which may result into
punishment.”

(1). The hallmark of criminality is that, it is breach of the criminal law.

(2). A crime may be said to be any conduct accompanied by act or omission prohibited
by law and consequential breach of which is visited by penal consequences.

CYBER CRIME
Cyber-crime is the latest and perhaps the most complicated problem in the cyber
world. “Cyber crime may be said to be those crime, where either the computer is an
object or subject of the conduct constituting crime. “Any criminal activity that
uses a computer either as an instrumentality, target or a means for perpetuating
further crimes comes within the ambit of cyber crime.”

DISTINCTION BETWEEN CONVENTIONAL AND CYBER CRIME

There is apparently no distinction between cyber and conventional crime. However on a

deep introspection we may say that there exists a fine line of demarcation
between the conventional and cyber crime. The demarcation lies in the involvement of
the medium in cases of cyber crime. The prerequisite for cyber crime is that
there should be an involvement of the virtual cyber medium at any stage.
Uses of the Internet for countering terrorist activity
While terrorists have developed many ways to use the Internet in furtherance of
illicit purposes, their use of the Internet also provides opportunities for the
gathering of intelligence and other activities to prevent and counter acts of
terrorism, as well as for the gathering of evidence for the prosecution of such
acts. A significant amount of knowledge about the functioning, activities and
sometimes the targets of terrorist organizations is derived from website, chat
room and other Internet communications. Further, increased Internet use for
terrorist purposes provides a corresponding increase in the availability of
electronic data which may be compiled and analysed for counter-terrorism purposes.
Law enforcement, intelligence and other authorities are developing increasingly
sophisticated tools to proactively prevent, detect and deter terrorist activity
involving use of the Internet. The use of traditional investigative means, such as
dedicated translation resources for the timely identification of potential
terrorist threats, is also expanding.
For the purposes of the present publication, a functional approach has been adopted
regarding the classification of the means by which the Internet is often utilized
to promote and support acts of terrorism. This approach has resulted in the
identification of six sometimes overlapping categories: propaganda (including
recruitment, radicalization and incitement to terrorism); financing; training;
planning (including through secret communication and open-source information);
execution; and cyberattacks.
Ques 4: How digital evidence described under Information Technology Act 2000?
Ans : The proliferation of computers and the influence of information technology on
society as whole, coupled with the ability to store and amass information in
digital form have all necessitated amendments in Indian law, to incorporate the
provisions on the appreciation of digital evidence. The Information Technology Act,
2000 and its amendment is based on the United Nations Commission on
International Trade Law (UNCITRAL) model Law on Electronic Commerce. The
Information Technology (IT) Act 2000, was amended to allow for the admissibility
of digital evidence. An amendment to the Indian Evidence Act 1872, the Indian
Penal Code 1860 and the Banker' s Book Evidence Act 1891 provides the legislative
framework for transactions in electronic world. Digital evidence or electronic
evidence is any probative information stored or transmitted in digital form that
a party to a court case may use at trial. Before accepting digital evidence it is
vital that the determination of its relevance, veracity and authenticity be
ascertained by the court and to establish if the fact is hearsay or a copy is
preferred to the original. Digital Evidence is “information of probative value that
is stored or transmitted in binary form”. Evidence is not only limited to that
found on computers but may also extend to include evidence on digital devices such
as telecommunication or electronic multimedia devices. The e-EVIDENCE can be
found in e-mails, digital photographs, ATM transaction logs, word processing,
documents, instant message histories, files saved from accounting programs,
spreadsheets, internet browser histories databases, Contents of computer memory,
Computer backups, Computer printouts, Global Positioning System tracks, Logs from
a hotel’s electronic door locks, Digital video or audio files. Digital Evidence
tends to be more voluminous, more difficult to destroy, easily modified, easily
duplicated, potentially more expressive and more readily available.

Computer forensics is a branch of forensic science pertaining to legal evidence

found in computers and digital storage mediums. Computer forensics is also known
as digital forensics. The goal of computer forensics is to explain the current
state of a digital artifact. The term digital artifact can include: A computer
system storage medium (hard disk or CD-ROM) an electronic document (e.g. an email
message or JPEG image) or even a sequence of packets moving over a computer
network.

The definition of ' evidence' has been amended to include electronic records. The
definition of ' documentary evidence' has been amended to include all documents,
including electronic records produced for inspection by the court. Section 3 of
the Evidence Act, 1872 defines evidence as under: "Evidence" - Evidence means and
includes:- 1) all statements which the court permits or requires to be made
before it by witnesses, in relation to matters of fact under inquiry; such
statements are called oral evidence; 2) all documents including electronic records
produced for the inspection of the court. Such documents are called documentary
evidence.

The term ' electronic records' has been given the same meaning as that assigned to
it under the IT Act. IT Act provides for "data, record or data generated,
image or sound stored, received or sent in an electronic form or microfilm or
computer-generated microfiche". The definition of ' admission' (Section 17 of the
Evidence Act) has been changed to include a statement in oral, documentary or
electronic form which suggests an inference to any fact at issue or of relevance.
New Section 22-A has been inserted into Evidence Act, to provide for the relevancy
of oral evidence regarding the contents of electronic records. It provides that
oral admissions regarding the contents of electronic records are not relevant
unless the genuineness of the electronic records produced is in question. The
definition of ' evidence' has been amended to include electronic records. The
definition of ' documentary evidence' has been amended to include all documents,
including electronic records produced for inspection by the court. New sections
65-A and 65-B are introduced to the Evidence Act, under the Second Schedule to
the IT Act. Section 65-A provides that the contents of electronic records may
be proved in accordance with the provisions of Section 65-B. Section 65-B provides
that notwithstanding anything contained in the Evidence Act, any information
contained in an electronic, is deemed to be a document and is admissible in evidence
without further proof of the original' s production, provided that the conditions
set out in Section 65-B are satisfied.