IntroductionCybercrime is a crime whichinvolves computer as the object or tool of the crime (phishing, hacking,identity theft).
Cyber criminals use computer technology to get access topersonal information as well as business or trade secrets, or use the internetfor malicious purposes. (Dave & Patel. 2017) Cybercrime therefore signifies occurrence of harmful behaviour that is related tocomputer. It has no specific reference in law but the concept is invented bymedia (Wall,2003). Internet has impacted upon criminal or harmful activity inthree main ways. This classification has been done to distinguish cyber crimefrom other crime.
Firstly, internet is a vehicle of communication that assistin sustaining existing harmful activity like drug trafficking, hate speech,bomb talk, stalking and many more. Secondly, internet has created transnationalenvironment that provide new platform for harmful activity like paedophileincident, fraud etc. Thirdly, the internet has created crime like unauthorizedaccess to imagery, music, video, software tools etc. It has impacted bothprivate individuals and business houses. Now the policy makers are to decidewhich policy is suitable for each of these crimes categorised under differentlevel of cyber crime.(Wall,2003) Moreover, issuesof cyber ethics play a vital role in deciding policies made by policy makers.These policies guide the future of cyberspace in any country. This researchpaper is based on various newspaper reports, online media reports and scholarlypublications.
Digital India: A brief history Frommid-1990s onward government of India has taken e-government initiative toprovide better service to the citizen. The major ICT initiatives of thegovernment included some major projects such as railway computerization, landrecord computerization etc. that focused mainly on the development ofinformation technology and systems. (Turka& Singh, 2016) Later on many states startedimplementing e-governance project to give electronic service to its citizen. E-governanceproject could not make desired impact due to its limited features. E-governance project was characterised byisolated and less interactive systems, which posed as major drawback inadoption of this e-governance in broad spectrum of governance. They clearlypointed towards the need for a more comprehensive planning. Moreover, properinfrastructure is to be built in order to establish a more connected programme.
As a result, government of India started the digital India programme in 2014 topromote inclusive growth which covers electronic services, products, devices,job opportunities as well as transfer the entire ecosystem of public servicesthrough the use of information technology to a digital platform. (Turka & Singh, 2016) Literature Review In a research paper on “Latest Face of Cybercrimeand its Prevention in India” Vineet Kandpal and R.K. Singh discussed thevarious trends of cyber crime faced by Indian user on and before 2012. Theyalso focused on existing laws to combat cybercrime during that point of time.The time period of research was before Digital India concept was started bygovernment of India.
Moreover, the findings and result focused on howgovernmental policies can assist in formulating stronger law for protectingcyberspace more effectively. (Kandpal & Singh,2013)Research is done on “Cybercrime in India: A study,2007 to 2011” by Mohammad Ishaq Lone,where he showed growth pattern of cybercrime in India along with cybercrimecommitted against women. Findings showed the necessity to create provisions inlaws and awareness measure to be taken at community level.
(Lone, 2013)Research paper on “Review of Cyber-Crimes And TheirImpacts Over The Society” by Umesh R. Gadhave and Dr. Sandeep R. Sirsat focused on impact of cyber crime on societyin various form like economic disruption, threat to national defence and othersocial nuance as well as psychological disorder. The study showed restrictionof cyber crime is dependent on proper analysis and understanding of itsbehaviour and its impact on various level of society. (Gadhave & Sirsat,2015)Researchis also done on “An Overview of Corporate Cybercrime in India and US” by TanyaSyngle, which showed comprehensive comparative analysis of cyber crime in thecorporate sector of the East with India serving as the prototype, and the West,with United States of America (US) being the prototype.
An interpretivequalitative research design was used in this research to highlights thedifference between US and India and understand the cybercrimescenario. Study also explored probable reason behind these differences and howinternational cooperation can create policy framework to combat cybercrime.(Syngle,2017) But no such research work can be found on “How Digital India is tacklingcybercrime?” Inrecent times, government’s ambitious projects of Digital India and smart cityinitiatives have already earned enough attention from heads of technologygiant. But they are concerned about the security policy to be implemented bygovernment of India to enhance cyber security as security breaching is aregular feature now-a-days. (Ujaley, 2017) Financial Express e-newspaper also reported that theintegrated digital footprint created by Digital India and digital cities willbring increasing and alarming demand for resources to defend against the threatat various level and entry point of the new system. Digital India and smartcities will create social and economic opportunities.
(Ujaley, 2017) Theincreasing synchronisation of existing digital data and processes withingovernment departments will require maximum security. But critical data flow isto be left uninterrupted even in this high threatening environment. (Ujaley, 2017) Astudy made by Assocham-PwC revealed that India has witnessed a 350per cent risein cyber crime from 2011 to 2014. (Digital India & the Cyber Security Threat,n.d.
) With the spread of smart phone and internet India has emerged as one ofthe favourite countries to attack, among cyber criminals. The Indian ComputerEmergency Response Team (CERT-In) has also reported in a study conducted bythem under title “Protecting interconnected systems in the cyber era” that in2015 a rise in the number of incidents of cyber attack could be noted at around50000. (Digital India & the Cyber Security Threat, n.d.
) Statement of Problem Thisresearch paper seeks:RQ1.To investigate the current scenario of cyber crime in Digital India. RQ2. To investigate how India is actually tackling cyber crime in its’ newlytransformed digitally connected economy with its laws and policies. Research Method Interpretative qualitative research design isused in this research study.
To analyse the current cyber crime scenario inIndia, a brief analysis is done on six major events of cyber attack from 2010to June 2017. The search is based on secondary sources. Data is obtained from newspaperreports, website reports, journals, publications etc.
The search of informationis based on relevance of research topic and date of publication of information.High level general search as well as directed search is carried for thispurpose. To investigate how India isprepared to tackle cybercrime, analysis of various cyber laws and policies ofIndia are done. Present Scenario of Cyber Crime inDigital India Since2014 Indian government headed by Prime Minister Narendra Modi has taken severaltransformative initiatives like Adhaar, De-monetization and Digital India toadd speed to India’s transition from an analog to a digital economy. This isquite admirable goal and if executed properly it can jumpstart economic growthof India and creates crores of job opportunities. This goal will remainunattainable if India does not improve cyber security infrastructure. (Ganeshan,2017)Recentlytwo developments in cyber world in past few years made the scenario ofunpreparedness even more dangerous. The first major development was thediscovery of malicious computer worm called “Stuxnet.
” A group of cyberresearcher had found it in 2010. Stuxnet was created to target industrialcomputer system. Stuxnet was different from other virus in a way that it targetedprogrammable logic controller (PLC) which are not connected to the internet andpreviously thought to be safe from hacking. Stuxnet showed that many elements of any country’s infrastructure suchas water treatment facilities, hospital systems, dams, electric grids, factoryassembly lines, power plant that uses PLC system and supervisory control anddata acquisition system are also under cyber threat even though they are notconnected to internet. It is high time for India to fortify its critical infrastructure.(Ganeshan,2017)Seconddevelopment in cyber space was the advent of another sophisticated malwarenamed Advanced Persistent Threats (APT) in 2013. These malware perform in adifferent way compared to any virus.
Through this malware hacker aimed at datatheft and espionage. After infecting the target the malware use sophisticatedroot kit technique to disguise them. They connect to control servers andcommand on the internet. They can export data as well as take new instuction.This malware can remain undetected for months or even years while slowlycollecting valuable data from victim’s network. All the recent data theftincidents like Anthem, Target, Office of Personnel Management (OPM), Sony werevictims of this malware attack. In this context, Government of India shouldthink seriously regarding cyber security policy of the country. (Ganeshan,2017) Onlinenews sites have recently reported in September 2016 on data breach of India’stop secret file due to cyber attack.
The top secret “Scorpene” submarineprogram was published online and this data breach has brought the issue ofcyber security of India into newspaper headlines. The cyber security firm Symantec havementioned in its blog post on 2016 that it had traced cyber security breaches ofseveral Indian organisations by cyber espionage group called Suckfly. (Kambampati, 2016) According to Symantec thiscyber espionage group has targeted government organisations, financialinstitutions, large vendors to stock exchange, e-commerce companies etc. Basedon the targets that the group penetrated Symantec has speculated that theespionage was targeted at disrupting the country’s economic infrastructure. (Kambampati,2016) The government authority has neither denied nor accepted of being victim ofsuch data breach. (Kambampati, 2016)Recentlyin May, 2017 world was send to edge even without losing much money as intendedfrom the victims by a ransomware named WannaCry. Impact was heavily felt in UKwhere National Health Service was hard hit by stalling surgeries, calling backambulances etc.
This led the cyber experts throughout the world to think aboutthe real time impact like this. All of us live in a digital world wheredestructive effect is hard to stop. (Rajan, 2017) Researchers have observedthat WannaCry is a program mainly targeting Microsoft Windows operatingsystems.
The hacker uses this ransomware to take control of victim’s computerand lock the data until the victim pay in return. The hacker demanded paymentof $300 to $600 using Bitcoins. Microsoft has released cyber security to overcome this vulnerability butthat will not be applicable for any pirated software. Cyber security expertswere of opinion that outspread of attack would be high in India as majority ofthe computers are working on pirated software. (Shekhar, 2017) Some newspapersreported that Ministry of Home Affairs source had informed that Government ofIndia had ordered to shut down the service of some ATM outlets all over thecountry as preventive measures against the cyber attack.(WannaCry: Hundreds ofATMs shut down across India to escape ransomware attack RBI denies, 2017) As far as the effects are concerned ITminister of India, Ravi Shankar Prasad said that India was not affected much byransomware WannaCry. (WannaCry: Hundreds of ATMs shut down across India toescape ransomware attack RBI denies, 2017) He added that ransomware WannaCryhad partially affected Kerala and Andhra Pradesh.
(WannaCry: Hundreds of ATMsshut down across India to escape ransomware attack RBI denies, 2017) ReserveBank of India (RBI) had directed the banks to update the software in their ATMmachines to avoid ransomware attack. (Shekhar, 2017) The attack has crippledmore than 200000 computers throughout the world and affected hospital, banks,government agencies in several countries. (Shekhar, 2017) Researchers have come up with new term “cyberterrorism.” Cyber terrorism is the convergence of terrorism and cyber space.
Itis the use of internet to shut down critical infrastructure (electricity,bank,organisation,transport) with the purpose of coercing the people or intimidate a government.A hostile nation can exploit using these tools to penetrate poorly securedcomputer network and disrupt critical functions. (Wikipedia, n.
d.) Cyberspacetouches every part of our daily life through wireless signals, broadbandnetworks, local networks and even the massive grid that power our country. Tocreate a strong defence system against cyber attack would require combinedeffort from both public and private sectors. Combined effort is required todevelop new technologies and new approaches for maintaining real-timeprotection of their individual networks. (Periera, 2016) Cyber security and policies inDigital India Cyberlaws in India: 1.
Information and Technology Act, 2000 – The Information and Technology Act seeks to protect the technology andcyber space by defining crimes, laying down procedures for investigation,prescribing punishments as well as forming regulatory authority. Many cyber crimeshave been brought within the definition of traditional crimes too by means ofamendment to the Indian Penal Code, 1860, The Evidence Act, 1872 and Banker’sBook Evidence Act, 1891 was amended to facilitate collection of evidence infighting cyber crimes. The IT act itselfwas amended in 2008 to adapt with changing cyber space.
(InsightsIAS, n.d.)2.National Cyber security Policy 2013 – The Act was formulate to provide cybersecurity to growing IT industry in India but its implementation is not successfullydone yet. Important features of this Act are as follows:i.
Tobuild secure and resilient cyber space.ii. Creating a secure cyber ecosystem, generate trust in IT transactions.
iii. 24 x 7 National Critical Information Infrastructure Protection Center(NCIIPC)iv. Indigenous technological solutionsis to be set up,v. Testing of ICT products andcertifying them, Validated products,vi.
Creating workforce of 500,000professionals in the field,vii. Fiscal Benefits for businessman whoaccepts standard IT practices, etc. (InsightsIAS, n.d.) Whatis Cyber Ethics? InformationTechnology plays a pivotal role in every sphere like in business, industry,government, medicine, entertainment, education and in society at large. Theeconomic and social benefit gained from it hardly needs any explanation.Information technology too has negative implication in our society.
This posessome problems related to ethics and generally contains three main types ofethical issues: personal privacy, access right and harmful actions. (Gunarto,2014) Theincrease in business transaction on intangible assets like IntellectualProperty made cyber space an important commercial sphere. Therefore in order toextend this business, a secure cyber sphere is required. To protect intellectualproperty rights in online platform a strong regulatory agenda would be set andit will produce many technical methods of enforcement.
Internet has turn out tobecome the media of the people as the internet has spread fast which initiateda change in press environment that is centred on mass media. Unlike establishedpress there are no editors in internet; People produce content themselves andcirculate it. This direct way of communication over internet created manysocial debates. Hence, cyberspace content demands in future a reconciliation oftwo views – freedom of expression and concern for community standards. (InsightsIAS,n.d.
) Future Of Cyber Security In DigitalIndia: The government takes initiative to conducted severalawareness and training programmes on cyber crimes for law enforcementbody. Training is also given on the useof cyber forensic software packages and other associated procedures to collectelectronic evidence from crime scene. (InsightsIAS, n.d.) The initiative toprovide cyber security and related projects are quite less in numbers. Even ifthere are some proposal for projects but that remained in papers only. Indiahas launched e-surveillance projects like National Intelligence Grid (NATGRID),Central Monitoring System (CMS), Internet Spy System Network and TrafficAnalysis System (NETRA) of India etc. But none of them are governed by anylegal framework neither they were under Parliamentary Scrutiny.
Thus, theseprojects are violation of civil liberties protection in cyberspace. Governmenthas formed National Informatics Centre (NIC) to provide network backbone tomanage IT services, E-GOV initiatives to state and central government. To counter cyber crime a coordination isrequired from different agencies working under Ministry of Home Affairsand under Ministry of Communications andInformation Technology. Apart from CentralBureau of Investigation, The Intelligence Bureau, state police organizationsand other specialised organizations such as the National Police Academy, there are few agenciesof government which also work for tackling cyber crime. To name few of them are: National Information Board (NIB) , National Crisis Management Committee(NCMC), National Security Council Secretariat (NSCS), Department of InformationTechnology (DIT), Department of Telecommunications (DoT), National CyberResponse Centre – Indian Computer Emergency Response Team (CERTIn), NationalInformation Infrastructure Protection Centre (NIIPC), National DisasterManagement of Authority (NDMA), Standardization, Testing and QualityCertification (STQC) Directorate, The Cyber Regulations Appellate Tribunal. (InsightsIAS,n.d.
)Intergovernmental organisation and initiatives:Various intergovernmental organisations have takeninitiatives to address the issue of cyber crime at policy level.Council Of Europe – Council of Europe aimed atprotecting societies throughout the world from the threat of cyber crimethrough Convention on Cybercrime held atBudapest in November, 2001. It was thefirst international treaty to address the problem of cyber crimes that is doneusing internet and computers.
Budapest Convention entered into force from July2004. (Convention on cybercrime, n.d.)Internet Governance Forum (IGF) – It was establishedin 2006 by the World Summit on the Information Society to bring people togetherfrom different stakeholders groups for discussion on public issues related tointernet.
United Nation played a vital role in establishment of IGF. (Internetgovernance forum, n.d.)UnitedNation – The International Telecommunication Union (ITU) is the specializedwings of UN deals with information and communication of the world. They alsodeal with adoption of international standards to ensure uninterrupted globalcommunications and flexibility for next generation networks. They also work forbuilding confidence and ensure secure ICT usage. (InsightsIAS, n.
d.) MeridianProcess – The Meridian Process has setits goal in providing Governments throughout the world a platform or means todiscuss on how to work together at the policy level on matters of Critical Information Infrastructure Protection(CIIP). By holding annual conference theorganisation tries to build trust and establish international relations withinthe member countries as well as provide opportunity for sharing best practicesfrom the world. (Meridian Connecting and Protecting, n.d.
) NETmundialConference – Brazil had hosted NETmundial – Global Multistakeholder Meeting on the Future ofInternet Governance in 2014. The meeting was held in collaboration of BrazilianInternet Steering Committee and /1Net. It is a forum that gathers internationalentities of various stakeholders involved with e-governance. This meetingmainly focused on elaboration of principles of Internet governance and they proposed a roadmap for futuredevelopment of this network ecosystem. (NETmundial: the beginning of a process,n.d. ) Conclusion Theincrease in the number of internet users around the world makes data securityas well as its proper management very important for future growth andprosperity.
The main concern is with theunauthorized people who are trying to access remote services and disrupt thesystem. It has become our responsibilityfor our own cyber security. Simple steps are to be followed to stay in securedcyber space like installing antivirus software, personal firewall and update ittime to time. Also it is advisory to archive all security logs. Moreover accessshould be restricted to sensitive data and has to be password secured. Aboveall more cyber literacy related to cyber security has to be enhanced.
Government can also utilise specializations of private sectors to tackleproblems of cyber security and promote more PPP projects for having securedDigital India.