TITLE

“CYBER LAWS AND CYBER TERRORISM: - A STUDY”

Submitted to

Dr.Ulhas Patil Law College, Jalgaon.

Affiliated to
Kaviyitri Bahinabai Chaudhari
North Maharashtra University, Jalgaon

For the partial fulfillment of the degree of

Masters Of Laws (LL.M)

By

Mrs. Manisha Santosh Patil

LLM 2nd year Sem lll, Roll No.23

Practical Training Doctrine Research

Work Place

Year 2024-2025.

Guide
Prof. Nayana Zope
 DECLARATION

I, Manisha Santosh Patil hereby declare that the present work in the form
of Practical Training Doctrinal Research Title “CYBER CRIME AND CYBER
TERRORISM : A STUDY” is an original work carried by me under the guidance of
Prof.Nayana Zope. The Doctrinal Research submitted for the partial fulfillment of the
degree of Master in Laws, has not been previously submitted by him for the award of
degree, diploma aasociateship or any other similar title of this University.

Name: Manisha Santosh Patil

Place: Jalgaon
Date: / / 2024
 CERTIFICATE

This is to certify that the present work in the form of Doctrinal Research titled
“CYBER CRIMES AND CYBER TERRORISM: A STUDY” is an original work carried
by your name Manisha Santosh Patil, under my guidance at the North Maharashtra
University, Jalgaon.
The Doctrinal Research submitted for the partial fulfillment of the degree of Master in
Laws, has not been previously submitted by him for the award of degree, diploma
associate ship or any other similar title of this University or any other University.

Place: Jalgaon

Date: / /2024

LL.M Research Guide.

 ACKNOWLEDGEMENT

I would like to express my special thanks to our principal sir Prof. NAYANA
Zope for their guidance and support in completing my project work. During the
research of this project, I came to know about many new things and new dimension
regarding my topic this, I am really thankful towards the sir and other teaching staff
for their valuable support.

Manisha Santosh Patil

LLM 2nd year Sem III
Roll No.23
 TABLE OF CONTAINS

TITILE

CERTIFICATE

DECLARATION

ACKNOWLEDGEMENT

CHAPTER – I INTRODUCTION

CHAPTER – II TYPES OF CYBER CRIME AND PENALTY FOR DAMAGE TO

COMPUTER SOURCES

CHAPTER – III CYBER TERRORISM

CHAPTER – IV FORMS OF CYBER TERRORISM

CHAPTER – V CONCLUSION AND SUGGESTIONS

BIBLIOGRAPHY
 CHAPTER I

 INTRODUCTION:-

Cyber law is a part of the overall legal system that deals with the Internet,
cyberspace, and their respective legal issues. Cyber law covers a fairly broad area,
encompassing several subtopics including freedom of expression, access to and
usage of Internet, and online privacy. Generically, cyber law is referred to as the Law
of the Internet.

The cyber-crime is an offence in which computer is an object of an crime

(hacking, squatting, pishing) or is used to commit an offence (child pornography,
hate crimes). Hence computer crimes can be broadly divided as,

1) A computer crime where the accused is a computer, victim is a computer and

the tool used to commit the crime is also a computer.

2) The second group is computer related crimes, where the computer becomes
a part of evidence and a crime has taken place with the help of a computer or
where computer forms a part of the complete crime scene.

The victim of cyber-crime can claim for remedy or compensation with the help of
following provisions,

1)The Information Technology Act,2000.

2) The Provisions in Indian Penal Code.

3) The Provisions in Criminal Procedure Code.

4) The laws relating to Intellectual Property Right (IPR)

 CHAPTER II

 TYPES OF CYBER CRIME AND PENALTY FOR DAMAGE TO COMPUTER

SOURCES

There are several types of cyber-crimes as,

1) Unauthorized Access and Hacking: - Unauthorized access means using the

computer without permission. Hacking means illegal intrusion into a computer
system or network.

2) Pornography: - It means the sexual act to cause sexual excitement through

pornography websites, magazines via computer and internet delivered on
mobile.

3) Cyber Stalking: - The threatening behavior or repeated actions of harassments of

the cyber criminals by using internet services.

4) Web hacking: - It is controlling others websites forcefully. Due to this he/she will
lose control on his/her website and content.

5) Phishing: - The act of sending an email falsely to gather private information as an

identity theft and ask to give personal information like password, credi card,
social security etc.

6) Piracy Of software: - The illegal copying of genuine programs like copy

infringement, trademarks violation, computer source code theft etc.

7) Online Gambling: - These is the matter of hawalatransactions, money laundering

etc.

8) Email Spoofing: - The case in which email appears to originate from one source
but actually has been sent from another and may cause monetary damage.

9) E-commerce and Investment Fraud: - These are the cases in which false offers
are given to customer relating to loans, investment for purchasing any property
or counterfeit securities etc.
10)Cyber Defamation: - When a particular person sends any defamatory matter to
all of the person’s friends.

 PROVISIONS FOR CYBER CRIMES IN INFORMATION TECHNOLOGY

ACT, 2000(Sections) :-

I. Tampering with computer source documents - Sec. 65

II. Hacking with computer systems, Data alteration – Sec.66
III. Publishing obscene information – sec.67
IV. Unauthorized access to protected systems – sec.70
V. Breach of Confidentiality and privacy – Sec.72
VI. Publishing false digital signature certificates – Sec. 73

 THE PROVISIONS OF CYBER LAW UNDER IPC AND SPECIAL LAWS:-

I. Sending threatening messages by email – Sec.505 IPC

II. Sending Defamatory messages by email – Sec.499 IPC
III. Forgery of Electronic Records – Sec 463 IPC
IV. Bogus wbsites,Cyber Frauds – Sec. 420 IPC
V. Email Spoofing – Sec.463 IPC
VI. Web Jacking – Sec. 383 IPC
VII. Email abuse – Sec.500 IPC

 CYBER CRIME UNDER SPECIAL CELLS :-

I.
Online cell of arms act.
II.
Online cell of Drugs under Narcotic Drugs and Psychotropic
Substances act.
According to whitepaper ‘Current state of cybercrime -2019’, released by RSA
Security (an American company of parent organization Dell technologies), social
media fraud has increased by 43% in 2018. It says the trend will continue in 2019
because of ease of using, absence of fees and multiple other benefits of these
platforms.
  PENALTY FOR DAMAGE TO COMPUTER OR COMPUTER SYSTEM:-

If any person without permission of the owner or any other person who is in
charge of a computer, computer system or computer network –
a) Accesses or secures access to such computer, computer system or
computer network;
b) Downloads, copies or extracts any data, computer data base or information
from such computer which is stored in any secondary storage or removable
storage medium;
c) Introduces or causes to introduce any computer contaminant or computer
virus into any computer, computer system or computer network
d) Damages or causes to damage any computer, computer system or computer
network , data, computer data base or any other programs residing in such
computer, computer or computer network;
e) Disrupts or causes disruption of any computer, computer system or computer
network;
f) Denies or causes denial of access to any person authorized to access any
computer, computer system or computer network by any means;
g) Provides any assistance to any person to facilitate access to a computer,
computer system or computer network;
h) Charges the services availed of by a person to the account of another
persone by tampering with or manipulating any computer, computer system,
or computer network,
He shall be liable to pay damages by way of compensation not exceeding one
crore rupees to the persona so affected.

 CYBER CRIMES IN STATES OF INDIA:-

In 5 years more than 5900 cases are registered in Maharashtra and became
at the top, utter Pradesh around 5000 cases at 2 nd position and Karnataka at 3rd with
more than 3500 cases. The statistics of cyber-crimes in state of India ranging from
2011-15 can be understand using following graph :

CHAPTER III
  CYBER TERRORISM

Cyber terrorism denotes unlawful attacks and threats of attack against

computers, networks and information stored therein to intimidate or coerce a
government or its people for propagating hidden political or unlawful social and
religious agendas. These attacks result in violence against persons or property or
cause public unrest. Few examples could be explosions, plane crashes and severe
losses. Terrorists are known to use internet to prepare the schemes, raise funds and
spread cyber terrorism. For instance, Razmi Yousef who was a key person behind
World Trade Centre attack had details schemes to destroy United States airliners
encrypted files in his laptop computer.

We know that Cyber terrorism is the crime that has emerged in recent times, to use
the medium of Internet to terrorize the minds of citizens. Admirably, the Laws
through the implementation of the Information technology Act, 2000, is one of the
efficient steps taken towards the creation of punishment of these kinds of crimes.
There is need of innovative laws and global standards on preventive action.

The Indian Information Technology Amendment Act 2008 lays down Section 66F as
a specific provision dealing with the issue of cyber terrorism that covers denial of
access, unauthorized access, introduction of computer contaminant leading to harm
to persons, property, critical infrastructure, disruption of supplies, ‘sensitive data’
thefts, acts which are punishable with imprisonment which may extend to
imprisonment for life.

Definitions: Terrorism and Cyber Terrorism

What is Terrorism?
Terrorism can be defined as “The unlawful use or threatened use of force or violence
by a person or an organized group against people or property with the intention of
intimidating or coercing societies or governments, often for ideological or political
reasons”- (Denning, 2000, pp. 54-55).

What is Cyber terrorism?

“The premeditated, politically motivated attack against information, computer
systems, computer programs, and data which result in violence against
noncombatant targets by sub national groups or clandestine agents.” -Mark M. Pollitt

Characteristics of Cyber – Terrorism

Generally speaking Cyber- terrorism has several distinct characteristics.
These features help to better differentiate the time-line between a cyber- terror attack
versus a cyber attack or activities of a hacker. Cyber- terrorism will or may display
following codes.

- Attack is predefined and victims are specifically targeted.

- Attack has an objective to destroy or damage specific targets such as political,
economic, energy, civil, and military infrastructure.
- Attack may even target specific opposing religions group’s information
infrastructures to insight religious racket.
- The purpose of any attack is to create fear of the group’s intentions and further
their own political agenda or goals or gain fellowship by succeeding in their attacks.

Cyber Terrorism – Is the hazard authentic?

The peril imposed by cyber terrorism has snatched the attention of the world
mass media, the security population, and the Information Technology (IT) industry.
Journalists, politicians, and experts in a variety of fields have popularizes a scenario
in which sophisticated cyber terrorists electronically break into computers that control
dams or air traffic systems, wreaking havoc and endangering not only millions of
lives but national security itself.

We know that the most critical infrastructure in Western Societies is

networked through computers, so any kind of threat from cyber terrorist is highly
alarming. Our dependence on IT is growing day to day and it has created
vulnerability giving terrorist the chance to approach targets that would otherwise be
utterly unassailable, such as national defense systems and air traffic control
systems. So in short, the most technologically advanced country is most vulnerable
to the cyber terrorist attacks.

General John Gordon indicated that whether someone explodes a bomb that
cause bodily harm to innocent people or hacked into a web-based IT system in a
way that could, for instance take a power grid offline and result in blackout, the result
is ostensibly the same. He also stated that the potential for terrorist cyber is real.
 CHAPTER IV

Forms of Cyber Terrorism

(I) Privacy violation:

The law of privacy is the recognition of the individual's right to be let alone and
to have his personal space inviolate. In recent times, however, this right has
acquired a constitutional status, the violation of which attracts both civil as well as
criminal consequences under the respective laws. The intensity and complexity of
life have rendered necessary some retreat from the world. Man under the refining
influence of culture, has become sensitive to publicity, so that solitude and privacy
have become essential to the individual. Right to privacy is a part of the right to life
and personal liberty enshrined under Article 21 of the Constitution of India. With the
advent of information technology the traditional concept of right to privacy has taken
new dimensions, which require a different legal outlook. To meet this challenge
recourse of Information Technology Act, 2000 can be taken.

The various provisions of the Act aptly protect the online privacy rights of the
citizens. Certain acts have been categorized as offences and contraventions, which
have tendency to intrude with the privacy rights of the citizens.

(II) Secret information appropriation and data theft:

The information technology can be misused for appropriating the valuable

Government secrets and data of private individuals and the Government and its
agencies. A computer network owned by the Government may contain valuable
information concerning defence and other top secrets, which the Government will not
wish to share otherwise. The same can be targeted by the terrorists to facilitate their
activities, including destruction of property. It must be noted that the definition of
property is not restricted to moveables or immovables alone.

In R.K. Dalmia v Delhi Administration the Supreme Court held that the word
"property" is used in the I.P.C in a much wider sense than the expression "movable
property". There is no good reason to restrict the meaning of the word "property" to
moveable property only, when it is used without any qualification. Whether the
offence defined in a particular section of IPC can be committed in respect of any
particular kind of property, will depend not on the interpretation of the word "property"
but on the fact whether that particular kind of property can be subject to the acts
covered by that section.

(III) Demolition of e-governance base:

 The aim of e-governance is to make the interaction of the citizens with the
government offices hassle free and to share information in a free and transparent
manner. It further makes the right to information a meaningful reality. In a
democracy, people govern themselves and they cannot govern themselves properly
unless they are aware of social, political, economic and other issues confronting
them. To enable them to make a proper judgment on those issues, they must have
the benefit of a range of opinions on those issues. Right to receive and impart
information is implicit in free speech. This, right to receive information is, however,
not absolute but is subject to reasonable restrictions which may be imposed by the
Government in public interest.

(IV) Distributed denial of services attack:

The cyber terrorists may also use the method of distributed denial of services
(DDOS) to overburden the Government and its agencies electronic bases. This is
made possible by first infecting several unprotected computers by way of virus
attacks and then taking control of them. Once control is obtained, they can be
manipulated from any locality by the terrorists. These infected computers are then
made to send information or demand in such a large number that the server of the
victim collapses. Further, due to this unnecessary Internet traffic the legitimate traffic
is prohibited from reaching the Government or its agencies computers. This results
in immense pecuniary and strategic loss to the government and its agencies.

It must be noted that thousands of compromised computers can be used to

simultaneously attack a single host, thus making its electronic existence invisible to
the genuine and legitimate citizens and end users. The law in this regard is crystal
clear.

(V) Network damage and disruptions:

The main aim of cyber terrorist activities is to cause networks damage and
their disruptions. This activity may divert the attention of the security agencies for the
time being thus giving the terrorists extra time and makes their task comparatively
easier. This process may involve a combination of computer tampering, virus
attacks, hacking, etc.

Difficulty Identifying Attackers

Anyone can easily obtain instructions for exploiting computer vulnerabilities

via the Internet. However, to date, there is no published evidence linking a sustained
or widespread attack using CNA with international terrorist groups. It remains difficult
to determine the identity of the initiators of most cyber attacks, while at the same
time security organizations continue to report that computer virus attacks are
becoming more frequent, causing more economic losses, and affecting larger areas
of the globe. For example, the Computer Emergency Response Team Coordination
Center (CERT/CC) reports that their office received 137,529 computer security
incidents in 2003, up from 82,094 in 2002. The unwillingness of commercial
enterprises to report attacks, owing to potential liability concerns, complicates the
challenge of identifying the source of the Cyber terrorism.

Possible Effects of Cyber Terrorism

While the number of random Internet cyber attacks has been increasing, the
data collected to measure the trends for cyber attacks cannot be used to accurately
determine if a terrorist group, or terrorist-sponsoring state, has initiated any of them.
A recent private study found that during the latter half of 2002, the highest rates for
global cyber attack activity were directed against critical infrastructure industry
companies. A new report on industrial cyber security problems, produced by the
British Columbia Institute of Technology, and the PA Consulting Group, using data
from as far back as 1981, reported a 10-fold increase in the number of successful
cyber attacks on infrastructure Supervisory Control and Data Acquisition systems
since 2000. DOD officials have also observed that the number of attempted
intrusions into military networks has gradually increased, from 40,076 incidents in
2001, to 43,086 in 2002, 54,488 in 2003, and 24,745 as of June 2004.

Costs of Cyber Crime

Attacks are becoming more destructive, widespread and more difficult to

contain. Post 9/11, there seems to be a greater appreciation for how much
information security means not only to each individual enterprise but also to the
economy itself and to society as a whole. Following are some economic impact
statistics:

- $17 billion dollars will be spent worldwide on security products and services
- $200 - $300 is spent by US companies for every host that needs patching
- In 2003, $221.2 billion dollars were lost worldwide due to identity theft (up from
$73.8 billion in 2002) with $73.8 billion (up from $24.6 billion) of those losses in the
United States.

The Information Technology Act, 2000

So far as India is concerned in order to combat cyber terrorism through law,

the Information Technology (Amendment) Act, 2008 has been enacted to include the
same within the meaning of offences and therefore, is made punishable. Though,
cyber terrorism has not been defined, but sec. 66(f) of the Information Technology
(Amendment) Act, 2008 prescribes as to when cyber terrorism is said to have been
committed. Sec. 66(f) of the said Act reads as to the following effect-

“Whoever:- (A) With the intent to threaten the unity, integrity, security or
sovereignty of India or to strike terror in the people or any section of the people by—

(i) By denying or cause the denial of access to any person authorized to access
computer resource; or (ii) Attempting to penetrate or access a computer resource
without authorization or exceeding authorized access; or (iii) Introducing or causing
to introduce any computer contaminant;

And by means of such conduct causes or is likely to cause death or injuries to

persons or to damage to or destruction of property or disrupts or knowing that it is
like to cause damage or disruption of supplies or services essential to the life of the
community or adversely affect the critical information infrastructure specified under
section 70, or

(B) Knowingly or intentionally penetrates or accesses a computer resource without

authorization or exceeding authorized access, and by means of such conduct
obtains access to information, data or computer database that is restricted for
reasons for the security of the state or foreign relations, or any restricted information,
data or computer database, with reasons to believe that such information, data or
computer database so obtained may be used to cause or likely to cause injury to the
interests of the sovereignty and integrity of India, the security of the state, friendly
relations with foreign states, public order, decency or morality, or in relation to
contempt of court, defamation or incitement to an offence, or to the advantage of any
foreign nation, group of individuals or otherwise, Commits the offence of cyber
terrorism.

(2) Whoever commits or conspires to commit cyber terrorism shall be punishable

with imprisonment which may extend to imprisonment for life.”

Cyber Terrorism threat to India

The sensational episodes of online warfare are high against this nation. But
still we witness that mostly we are not prepared to counter the cyber terror attack by
China and Pakistan against our great India. Recently gaping holes in the Indian e-
security environment were shown when a Swedish “ethical hacker” blogged details
of e–mail accounts and passwords of several Indian government institutions,
including the Defence Research and Development Organization, the National
Defence Academy etc. he matter assumes significance particularly because China
has been steadily strengthening its ability to wage electronic warfare alongside its
rapid (and non-transparent) modernization of its military and armory.

Hackers from Pakistan and terrorist organizations are increasing their attacks
on Indian websites to provide a new dimension to the ongoing Indo- Pak conflict over
Jammu and Kashmir. The terrorist organizations were resorting to the internet and
information systems to extend their warfare into a completely new ground to give a
new, lost-cost dimension, with maximum effect and reach. Hacker groups from
Pakistan like Pakistan Hacker Club had intensified their attacks on Indian websites,
especially over the last few years.

Some incidents of cyber attack

1. Cyber attacks in Middle East

With the Middle East Conflict as a very heated moment between bordering
countries Pro- Palestinian and Pro- Israel Cyber Groups have been launching an
offensive against websites and mail services used by the political sectors the
opposing groups show support for. The attacks had been reported by the NIPC
(National Infrastructure Protection Center) in October of 2000 to U.S officials. The
attacks were a volley of e-mail floods. DoS attacks and Ping flooding of such sites as
the Israel Foreign Ministry, Israeli Defense Forces, and in reverse, sites that
belonged to groups such as Hamas and Hezbollah.

2. Cyber attacks between Pakistan and India

As tensions between the neighboring regions of India and Pakistan over

Kashmir grew over time, Pro- Pakistan cyber-terrorists and recruited hackers began
to target India’s Internet Community. Just prior to and after the September 11th
attacks, it is believed that the sympathizers of Pakistan (which also included
members of the Al Qaeda Organization) began their spread of propaganda and
attacks against Indian Internet based communities. Groups such as G- Force and
Doctor Nuker have defaced or disrupted service to several major entities in India
such as the Zee TV Network, The India Institute of Science and the Bhabha Atomic
Research Centre which all have political ties. The Group, Pakistani Hackerz Club
also went as far as to target the United States Air Force Computing Environment and
the Department of Energy’s website.
 CHAPTER V

Conclusion And Suggestion

Now it’s high time to take action. It is a fact that counter terrorists are duty
bound to save property and lives. We all are increasingly connected, dependent and
vulnerable. With combination of knowledge, responsibility and expertise, a counter-
cyber terrorism team can build an effective policy for preventing cyber terrorist
incidents, managing threats and responding to Cyber- Terrorist acts. So now we
agree the fact that the traditional concepts and methods of terrorism have taken new
dimensions, which are more deadly and destructive in nature. The damage so
produced would be almost irreversible and most catastrophic in nature. The law
dealing with cyber terrorism is however not adequate to meet the precarious
intentions of these cyber terrorists and requires a transformation in the light and
context of the latest developments all over the world. The laws have to take care of
the problems originating at the international level because the internet, through
which these terrorist activities are carried out, recognizes no boundaries. Thus a
cyber terrorist can collapse the economic structure of a country from a place with
which a country may not have reciprocal arrangements, including an “extradition
treaty”. The only safe guard which is available to us is to use the latest technology to
counter these problems. Thus, we understand that a good combination of the latest
security technology and a law dealing with cyber terrorism is the need of the hour.

Bibliography

1. An introduction to Cyber Laws- Dr. R.K Chaubey

2. Guide to Cyber Laws- Rodney O. Ryder
3. CRS Report for Congress, Received through the CRS Web
4. Cyber Terrorism: A Study of the Extent of Coverage in Computer Security
Textbooks
5. Information Technology Act,2000
6. Live Law Website
7. Manupatra Fast Online Portal