CYBER CRIMES IN INDIA AND INTERNATIONAL RELATIONS: By Sunaina Sharma

Introduction:

The Internet has revolutionized not only the actual physical, social, educational, political, and real life is affected but the artifact has uprooted the established legal norms. Surpassing all the territorial borders, the digital world brings with it an array of criminal possibilities. Cyber Space opens the floodgates of possibilities of cybercrime is an evil having its origin in the growing dependence on computers in modern life.”The post-COVID world is moving towards a more vulnerable world. A world where crimes attack people even after being in the safety of their homes. Cyber-security problems are new to the world. Hence, countries have also come up with uncanny and unheard solutions.

Meaning of cybercrime: Any offenses committed against individuals or groups of individuals to harm the reputation or cause physical or mental trauma through electronic means can be defined as Cybercrime. Electronic means can include but are not limited to, the use of modern telecommunication networks such as the Internet (networks including chat rooms, emails, notice boards, and groups) and mobile phones (Bluetooth/SMS/MMS).

Why is a cyber crime considered a grave offense:

There are many privacy concerns surrounding cybercrime when sensitive information is intercepted and leaked to the public, legally or otherwise. Some of that information may include data about military deployments, internal government communications, and even private data about high-value individuals. Cybercrime is not confined to individuals alone. Internationally, both governmental and non-state actors engage in cybercrimes, including espionage, financial theft, and other cross-border crimes. Cybercrimes crossing international borders and involving the actions of at least one nation-the state is sometimes referred to as cyberwarfare. In 2018, a study by the Center for Strategic and International Studies (CSIS), in partnership with McAfee, a leading cyber security firm concludes that close to $600 billion, nearly one percent of global GDP, is lost to cybercrime each year.

What are the categories of cyber crimes :

Cyber crimes are categorized into three broad categories, individual, property, and government. Based on each category of cybercrime, cybercriminals use different levels and types of threats.

INDIVIDUAL: This cybercrime category includes disseminating malicious or illegal information via the internet and digital applications by one person. Cyber speaking, pornography distribution, and trafficking are a few examples of this category of cybercrime.

PROPERTY: This cybercrime is similar to a real-life incident where a criminal keeps bank or credit card information illegal. The hacker steals an individual’s bank details to acquire money or makes phishing scams online to obtain information from people.

GOVERNMENT: It is the least frequent cybercrime, but it is the most serious misconduct. A cybercrime against the government is also regarded as Cyber Terrorism. Government cyber crime involves the hacking of websites, military websites, or the distribution of government propaganda.

Common types of cyber crimes :

1.Web Attacks

2.SQL Injections

3.Cross-Site Scripting

4.DDoS Attacks

5.Password Attacks

6.Eavesdropping Attacks

7.Brute-Force and Dictionary Network Attacks

8.Insider Threats

9.Man-in-The-Middle Attacks

10.AI-powered Attacks

11.Drive-by Attacks

12.Phishing Attacks

13.Spear Phishing Attacks

14.Whale Phishing Attacks

15.Malware

16.Ransomware

17.Trojan Horses

18.Teardrop Attack

19.Ping of Death Attack

20.PuP’s

1. Web Attacks

A web attack affects the computer via the internet. These viruses can be downloaded from the internet and end up causing large-scale and irreversible damage to your system.

2. SQL Injections

SQL injection is a type of cybercrime that effectively employs malicious codes and manipulates backend databases to access information that is not intended to be displayed. These mostly involve private and sensitive data items including likes user lists and customer details, among others. SQLI can have long-term devastating effects such as the deletion of tables, unauthorized viewing of any user list, and even administrative access to databases.

3. Cross-Site Scripting

Cross-Site is another type of injection breach where attackers send malicious scripts from websites deemed responsible or reputed. Attackers inject malicious codes into trusted websites and applications and when a user visits such infected web page, the malicious JavaScipt code is executed on the user’s browser. This code can be used to steal important information like usernames and passwords.

4. DDoS Attacks

These are the attacks that aim at shutting down services or networks and making them inaccessible to the intended users. These attacks overwhelm the target with a lot of traffic and flood the same with information that can cause the website to crash. DDoS Attacks are targeted primarily at web servers of high-profile organizations such as the government or trade firms.

5. Password Attacks

These are simply meant to decrypt or even attempt to obtain a user’s password with the help of criminal intentions. Attackers can use Dictionary Attacks, Password Sniffers, or even Cracking programs in such cases. These attacks are conducted by accessing passwords that are exported or stored in a file.

6. Eavesdropping Attacks

An eavesdropping attack begins with the interception of network traffic. This type of cybercrime is also known as Sniffing or Snooping. In this type of cybercrime, individuals attempt to steal information that computers, smartphones, or other devices receive or send.

7. Brute-Force and Dictionary Network Attacks

These are networking attacks where attackers attempt to directly log into the user’s accounts by checking and trying out different possible passwords until they find the correct ones.

8. Insider Threats

Not all network attacks are executed by outsiders. The inside attack is a very common type of cybercrime. It is performed on a network or a system by individuals who have authorized access to the same system.

9. Man-in-the-Middle Attacks

A man-in-the-middle attack occurs when attackers eavesdrop on the communication between two entities. This type of cybercrime affects both the communicating parties as the attacker can do anything with the interpreted information.

10. AI-powered Attacks

Computer systems are now programmed to learn and teach themselves, and these AI-powered attacks mark a new type of cybercrime that is bound to get more sophisticated with time. AI is employed in many everyday applications with the help of algorithmic processes referred to as Machine Learning. This software is aimed at training computers to perform specific tasks all on their own. They can also accomplish these tasks by teaching themselves about obstacles that can potentially hinder their progress. AI can also hack many systems, including autonomous drones and vehicles, and convert them into potentially dangerous weapons. The AI-powered applications can be used for performing cyber crimes such as Password Cracking, Identity Theft, and automated, efficient, and robust attacks.

11. Drive-by Attacks

Drive-by attacks are used to spread malware through insecure websites. Hackers first look for websites with lesser security parameters and then plant malicious scripts into PHP or HTTP code onto one of the pages. The script can then directly install the malware onto the computer of anyone who visits the site.

12. Phishing Attacks

The Phishing Attack is a Social Engineering attack that is used to steal precious data such as login credentials or credit card details as attackers pretend to be trusted individuals and trick victims into opening malicious links.

13. Spear Phishing Attacks

These attacks are aimed at specific organizations’ data by individuals who desire unauthorized access. These hacks aren’t executed by any random attackers but by individuals who are trying to access specific information like trade secrets, military intelligence, etc.

14. Whale Phishing Attacks

A Whale Phishing Attack is a type of Phishing that generally attacks people with high statures, such as CFOs or CEOs. It primarily aims at stealing information as these individuals typically have unlimited access and are involved with sensitive data.

15. Malware

Malware is an umbrella term for a code/program that is intentionally built to affect or attack computer systems without the user’s consent.

16. Ransomware

Ransomware generally blocks victims’ access to their own data and deletes the same if a ransom is not paid.

17. Trojan Horses

Trojan Horse is a type of malicious software program which attempts to disguise itself to appear useful. It appears like a standard application but causes damage to data files once executed.

18. Teardrop Attack

A teardrop attack is a form of attack that causes fragmentation in the general sequence of the Internet Protocol (IP) packets and sends these fragmented packets to the victim’s machine that is attacked.

19. Ping of Death Attack

The Ping of Death Attack is a type of cybercrime where IP packets ping target systems with IP sizes that are much over the maximum byte limit.

20. PUPs

PUPs is an abbreviation for Potentially Unwanted Programs. These are a form of malware that is less threatening than other types of cyber crimes. This type of attack uninstalls the required search engine and pre-downloaded apps in your systems. Therefore, it is a good idea to install antivirus software to prevent maliciously.

History Of Cyber Crime

In the 1970s, the malicious link to hacking was first documented when early computerized phones became a target. Tech-savvy people called ‘Phreakers,’ who were the first hackers, have found a way to make long-distance calls through a series of codes by modifying software and hardware. This incident made people aware that computer systems are vulnerable to crime and that more complex systems are susceptible to cybercrime.

Impact Of Cyber Crime On Society

Cybercrime has posed a huge threat to internet users by stealing millions of information from users in recent years. It has also caused a huge dent in the global economy. According to Gartner, the global demand for Cyber Security is expected to hit $170.4 billion by 2022. 95% of Cyber Security violations occur because of human error, according to Cybint.

How To Fight Cyber Crime

Cybercrime is undoubtedly one of the biggest concerns in today’s digital era, but there are many simple and effective online security available in the market. Continuous development of new security initiatives and strategies to keep pace with criminals is necessary; thus, it is imperative to keep up with current developments in the Cyber Security domain. Multiple binding and non-binding legislations Arab League Model Cyber Law, Commonwealth Model Law on Computer and Computer-related Crime, ECOWAS Directive, Council of Europe Convention on Cybercrime, and EU Directives are the most prominent ones being followed across the globe. Several initiatives were started to legalize cybersecurity. But none was formulated and implemented in the real sense. 11th Crime Congress Bangkok 2005, called upon member states and discussed the proposal to emancipate upon the UN Convention on Cybercrime. But the member states never began the process of implementation.

In 2019, countries around the world gather as member states of the UN to work on a new and more efficient UN Treaty of Cyber Crimes. The talks are still under consideration. The devastating situation of society under continuously increasing cyber threats and deteriorating international relations, an international treaty and law on Cyber Crime is necessary and Appreciated

International relations :

Owing to countries involved in cyber-attacks and the ones colluding to create cyberterrorism, the world has been divided into fragments. Cyber crimes have been a cause of concern for international cooperation and relations at various levels. The superpowers of the world have been severely affected by the same.

US-Russia Relations:

It is believed by authorities and agencies that Russia has been devising and conducting subtle cyberattacks against post-Soviet countries for a decade. Soon after the advent of Vladimir Putin, in 2012, Russia expanded its strategic cyber operations in the US and Germany as well. Russia and US go on a toe-to-toe competition in cyber espionage. While the US manipulates information and plays a safe game, Russia outright starts “information warfare.” The countries have tried to put their differences aside and enter into diplomacy since 1998. But nothing fruitful has been achieved so far. These encounters have become common with the advancement of technology. In order to prove their supremacy, countries are fighting among themselves and deteriorating their international diplomatic relations. This in turn is affecting their economic, political as well as social prosperity

US-China Relations:

The US officials believe that the cyber-attacks received by their country are mostly sponsored by hostile states, mostly Iran, North Korea, China, and Russia. The US has been blaming China for the cyber-attacks that have been happening to its citizens. In 2013, China-US entered into a bilateral dialogue to maintain peaceful relations. The attacks and the breaches have not vanished after that, they have just been reduced considerably. The countries have taken a step towards understanding, co-operation, and trust and tried to overcome the cyber-security matter together. However, there still remain disagreements. On one hand where Russia and China emphasize a comprehensive cyber security agreement. The US on the other hand is adamantly focused on controlling cybercrimes.

The digital world is affecting and collapsing at each step. The invasion of a global pandemic does not help to rectify or benefit the situation in any manner. After the advent of the COVID-19 pandemic, the internet has turned into a necessity. Third-world countries and developing nations, which earlier were aloof from the digital intricacies have jumped into the sea. This makes the market more volatile and makes the struggle for international consensus on cyber security difficult.

Suggestions and future possibilities:

Countries around the world must come together and agree upon terms that would tie countries together in spirit and also help them to look into the matter of devastating cyberattacks. Since it is an international issue, coming to a consensus would not only solve jurisdictional and territorial issues but would also create a sense of fear in the criminals. Besides creating legislation, what is required of the authorities is proper and stringent implementation. A number of laws are wonderfully drafted for the cause but can never create a difference in society because of their weak or no implementation. Cyber situations to be handled in an appropriate manner requires appropriate implementation.

Apart from the official framework and the authorities and countries working towards a common goal, the onus is on the people as well. Proper legal and cyber awareness and the digital well-being of another individual must be respected in the virtual world. With almost everything shifting to an online platform, it is the individuals who must respect the boundaries of others. Keep themselves in their moral, ethical and social best behavior. And also, to keep themselves legally abreast of the happenings worldwide.

Conclusion:

In view of the difficulties in attributing cyber conduct to specific states, it is useful to identify when the responsibility of multiple states that are directly or indirectly implicated in a cyber operation can be engaged. Shared responsibility can allow victim states to identify the responsibility of more actors, without leading to a diffusion of responsibility.