NeelamVidyaVihar, Sijoul, Mailam, Madhubani, BIHAR – 847235

Website:http://www.sandipuniversity.edu.in Email: info@ sandipuniversity.edu.in

School of Computer Science and Engineering

CYBER SECURITY
Lab Manual

Sl. No. Name of the Experiment

1 Study of Information Technology Act – Indian Perspective

Experiment No: 01

Title: Study of Information Technology Act – Indian Perspective

Aim: To study and understand the Information Technology Act, 2000, its amendments, and its
implications on cyber security, e-commerce, and digital governance in India.

Hardware / Software Requirement:

Hardware: Computer, Keyboard, Internet Connection

Software:

Web Browser (Google Chrome, Mozilla Firefox, Microsoft Edge, etc.)

PDF Reader (Adobe Acrobat, Foxit Reader, etc.)

Word Processor (MS Word, Google Docs, etc.)

THEORY

Introduction to the Information Technology Act, 2000

The Information Technology (IT) Act, 2000 was enacted by the Government of India to provide
legal recognition to electronic transactions and to curb cybercrimes. It lays down provisions to
regulate electronic communication, data protection, cybersecurity, and digital signatures.

Key Objectives of the IT Act, 2000

To provide legal recognition to electronic records and digital signatures.

To regulate e-commerce and electronic transactions.

To prevent cybercrimes and impose penalties for violations.

To facilitate secure electronic governance.

To promote confidence in digital transactions.

Major Provisions of the IT Act, 2000

Legal Recognition of Electronic Records and Digital Signatures:

Section 4: Electronic records have the same legal status as physical documents.

Section 5: Digital signatures are legally valid.

Regulation of Certifying Authorities:

Ensures that digital certificates are issued by authorized agencies.

Cyber Crimes and Penalties:

 Hacking (Section 66): Punishment for unauthorized access to computer systems.

Section 66A of the Information Technology Act, 2000 is a provision that makes it a
punishable offence for any person to send offensive information using a computer or any other
electronic device. The provision also makes it punishable for a person to send information that
they believe to be false.

Identity Theft (Section 66C): Punishment for fraudulent use of another person's identity.

Section 66C of the Information Technology Act deals with identity theft. It states that
anyone who fraudulently or dishonestly makes use of the electronic signature, password, or any
other unique identification feature of another person can be punished with imprisonment of up to
three years and a fine of up to one lakh rupees

66D. Punishment for cheating by personation by using computer resource. -

Whoever, by means for any communication device or computer resource cheats by

personating, shall be punished with imprisonment of either description for a term which
may extend to three years and shall also be liable to fine which may extend to one lakh
rupees.

Cyber Terrorism (Section 66F): Acts that threaten national security through cyber means.

A person can face life imprisonment if he/she denies authorized personnel access to the
computer resource or attempts to penetrate/access a computer resource without authorization,
with an aim to threaten the unity, integrity, security, or sovereignty of the nation. This is a non-
bailable offense.

Data Protection and Privacy:

Section 43A: Compensation for failure to protect sensitive personal data.

Section 72: Breach of confidentiality and privacy is punishable.

Offenses Relating to Digital Transactions:

Punishment for credit card fraud, phishing, and data breaches.

IT Act Amendments

The IT Act was amended in 2008 to address new challenges in cyberspace, including:

Inclusion of electronic signatures.

Strengthening laws against cyber terrorism and data breaches.Providing guidelines for
intermediary liability.
Enhancing protection for critical infrastructure.

Relevance of IT Act in Various Sectors

E-Governance: Facilitates online services like Aadhaar, PAN, and passport applications.

E-Commerce: Provides legal framework for online transactions and digital contracts.

Banking and Finance: Ensures security in online banking, UPI transactions, and digital
payments.

Cybersecurity: Addresses hacking, data breaches, and cyber threats.

Steps to Study the IT Act Practically:

Read the IT Act, 2000: Download a copy from the official government website.

Case Study Analysis: Analyze cybercrime cases in India (e.g., Aadhaar data breach, banking
frauds, etc.)

Zivame data breach: Exposing the intimates

Zivame, a popular online platform for women’s wear in India, experienced a significant data
breach, leading to the personal information of thousands of its female customers being offered
for sale on the internet.

The breach involved the data of approximately 1.5 million Zivame customers, including their
names, email addresses, phone numbers, and physical addresses.

An investigation conducted by India Today’s Open Source Intelligence (OSINT) team revealed
that a seller claiming to possess the data was willing to sell it for $500 in cryptocurrencies. To
verify the authenticity of the data, the team posed as a potential customer and contacted the
seller using a Telegram handle.

The seller provided a sample dataset containing the personal details of over 1,500 users as
proof. It was emphasized that the data was not publicly available, and the seller insisted on
receiving payment exclusively in cryptocurrency, a common practice in such illicit transactions.

Practical Application:Explore how digital signatures work.Test cybersecurity measures in

personal devices.

how digital signatures work?

Create a unique code (hash): This code is made from the document's content, like a
digital fingerprint.

Encrypt the code with a private key: This turns the code into a digital signature. Only
the sender has the private key.

Send the document and signature: The sender sends both to the recipient.

Verify with the public key: The recipient uses the sender's public key to decrypt the
signature and get the original code.

Generate a new code: The recipient makes their own code from the received
document.Compare codes: If the original code matches the new one, the document is
authentic and unchanged.

In simple terms, digital signatures ensure that the document is from the right person and
hasn't been tampered with.

Example- Creating a Tax Return Document: You complete your tax

return document using government tax software or an online tax filing
service.

Report Writing: Summarize findings and implications of the IT Act in daily digital transactions.

Conclusion: The Information Technology Act, 2000 is a

cornerstone of India's digital legal framework. Understanding
its provisions helps individuals and businesses navigate the
digital landscape securely and legally.