MODULE IV

Cybercrimes and cyber ethics: cyber space, cyber crimes-nature and scope of cyber crimes,
types and categories of cybercrimes, penalty for cybercrimes under IT Act, digital foot
prints, cyber forensics, Cyber ethics- concerns and responsibilities.

Cyber Space

Cyberspace is a virtual network of computers that facilitates communication across

theworld.
It's a digital world that allows people to access information and communicate
overcomputer networks without physically moving.
The best way to define Cyberspace is the virtual and dynamic space created by
themachine clones.
According to the Cyberspace definition, it is a web consisting of consumer
computers, electronics and communication networks by which the consumer is
connected to the world.
Cyberspace mainly refers to the computer which is a virtual network and is a
medium electronically designed to help online communications to occur.
This facilitates easy and accessible communications to occur across the world.
The whole Cyberspace is composed of large computer networks which have many
sub- networks. These follow the TCP or IP protocol.
Cyberspace is that space in which users share information, interact with each
other;engage in discussions or social media platforms, and many other activities.
Cyber Crimes

Cybercrime refers to criminal activities carried out using digital technology or the
internet. These offenses involve the use of computers, networks, or electronic devices
to commit illegal acts, often targeting individuals, organizations, or governments.

Nature and Scope of Cyber Crimes

The nature and scope of cybercrime have grown immensely with the evolution of
technology and the pervasive presence of the internet.
Cybercrime refers to criminal activities that are carried out using computers or over
the internet. Its nature is diverse and constantly evolving, encompassing various
illegal activities facilitated by technology.
Cybercrime is Transnational in nature. These crimes are committed without being
physically present at the crime location. These crimes are committed in the
impalpable world of computer networks.
To commit such crimes the only thing a person needs is a computer which is connected
with the internet.
With the advent of lightning fast internet, the time needed for committing the
cybercrime is decreasing.
The cyberspace, being a boundaryless world has become a playground of the perpetrators
where they commit crimes and remain conspicuously absent from the site of crime.
It is an Open challenge to the law which derives its lifeblood from physical proofs and
evidence.
In crimes relating to cyber space there is nothing sort of physical footprints, tangible
traces or objects to track cyber criminals down.
Cybercrimes possess huge amount complications when it comes to investigation.
Scope of Cyber Crimes
Cyber Crime is when an individual intentionally uses information technology to
produce destructive and harmful effects on the tangible and/or intangible property
of others.
 It has no national boundaries and is usually a term for criminal activities involving
a computer or a network as a tool or a target.
Cybercrime can be basically categorized into three parts:
1. Cyber Crimes against persons
2. Cyber Crimes against property
3. Cyber Crimes against government.

Types of Cyber Crime

1. Hacking: Unauthorized access into computer systems, networks, or devices to

steal data, disrupt operations, or cause damage.
2. Malware Attacks: Spreading malicious software (viruses, ransomware, spyware)
to compromise systems, steal information, or extort money.
3. Phishing and Social Engineering: Deceptive techniques to trick individuals into
revealing sensitive information such as passwords, credit card details, or personal
data.
4. Identity Theft: Stealing personal information to impersonate someone for
financial gain, access to services, or commit fraudulent activities.
5. Online Fraud: Various fraudulent schemes conducted online, including
investment scams, lottery scams, and fake websites to deceive victims for
monetary gain.
6. Cyberbullying: Harassment, intimidation, or defamation using digital platforms
to harm or harass individuals.
7. Distributed Denial of Service (DDoS) Attacks: Overloading servers or networks
with excessive traffic to disrupt services or websites, rendering them inaccessible
to legitimate users.
8. Child Exploitation: Online exploitation of children for pornography, grooming, or
trafficking purposes.
9. Data Breaches: Unauthorized access to and theft of sensitive information from
databases or systems, leading to the exposure of personal or confidential data.
Penalty for cybercrimes under IT Act
The following table shows the offence and penalties against all the mentioned sections of the

Section Offence Punishment

65 Tampering with Computer Source Code Imprisonment up to 3 years or fine up
to Rs 2 lakhs
66 Computer Related Offences Imprisonment up to 3 years or fine up
to Rs 5 lakhs
66-A Sending offensive messages through Imprisonment up to 3 years and fine
Communication service, etc...
66-B Dishonestly receiving stolen computer Imprisonment up to 3 years and/or
resource or communication device fine up to Rs. 1 lakh
66-C Identity Theft Imprisonment of either description up
to 3 years and/or fine up to Rs. 1 lakh
66-D Cheating by Personation by using Imprisonment of either description up
computer
to 3 years and /or fine up to Rs. 1 lakh
resource
66-E Violation of Privacy Imprisonment up to 3 years and /or
fine up to Rs. 2 lakh
66-F Cyber Terrorism Imprisonment extend to imprisonment for
Life

67 Publishing or transmitting obscene On first Conviction, imprisonment up to 3

materialin electronic form years and/or fine up to Rs. 5 lakh On
Subsequent Conviction imprisonment up
to 5 years and/or fine up to Rs. 10 lakh

67-A Publishing or transmitting of material On first Conviction imprisonment up

to 5 years and/or fine up to Rs. 10 lakh On
containing sexually explicit act, etc... in
electronic form Subsequent Conviction imprisonment up to
7 years and/or fine up to Rs. 10 lakh
67-B Publishing or transmitting of material On first Conviction imprisonment of either
depicting children in sexually explicit act etc., description up to 5 years and/or fine up to
in electronic form Rs. 10 lakh On Subsequent Conviction
imprisonmentof either description up to 7
years
and/or fine up to Rs. 10 lakh
67-C Intermediary intentionally or knowingly Imprisonment up to 3 years and fine
contravening the directions about
Preservation and retention of information
68 Failure to comply with the directions given Imprisonment up to 2 years and/or
by Controller fine up to Rs. 1 lakh
69 Failure to assist the agency referred to insub Imprisonment up to 7 years and fine
section (3) in regard interception or
monitoring or decryption of any information
through any computer
resource
69-A Failure of the intermediary to comply with Imprisonment up to 7 years and fine
the direction issued for blocking for public
access of any information through any
computer resource
69-B Intermediary who intentionally or Imprisonment up to 3 years and fine
knowingly contravenes the provisions of
sub-section (2) in regard monitor and
collect traffic data or information through
any computer resource for cybersecurity
70 Any person who secures access or attempts Imprisonment of either description up
 to secure access to the protected system in to 10 years and fine
contravention of provision of Sec. 70
70-B Indian Computer Emergency Response Imprisonment up to 1 year and/or
Team to serve as national agency for fine up to Rs. 1 lakh
incident response. Any service provider,
intermediaries, data centres, etc., who fails
to prove the information called for or
comply with the direction issued by the
ICERT.
71 Misrepresentation to the Controller to the Imprisonment up to 2 years and/ or
Certifying Authority fine up to Rs. 1 lakh.
72 Breach of Confidentiality and privacy Imprisonment up to 2 years and/or
fine up to Rs. 1 lakh.
72-A Disclosure of information in breach of Imprisonment up to 3 years and/or
lawful contract fine up to Rs. 5 lakh.
73 Publishing electronic Signature Certificate Imprisonment up to 2 years and/or
false in certain particulars fine up to Rs. 1 lakh
74 Publication for fraudulent purpose Imprisonment up to 2 years and/or
fine up to Rs. 1 lakh
Digital Footprint

Anyone who uses and browses the Internet has a digital footprint.
A digital footprint is commonly based on how an individual contributes data to
the internet through websites and other sources of medium.
Any kind of online activity like sending emails, submitting your personal information
towebsites, social media interactions leaves a digital footprint on a device.
All the data which is accessed is being stored recorded and even tracked. In other
words, your digital identity can be easily discredited and is at risk.

Types of Digital Footprints :

Digital Footprint usually falls into two categories, based on how the information is acquired:-
1. Active Digital footprint

• An “Active Digital Foortprint” is formed when your data should be submitted for
accessing an internet service deliberately.
For example, to send an email where the data is exchanged in either way.
To submit an online examination application form, to access any e-governance
services. In all such cases, an active digital footprint is formed which is
unavoidable. This data resides in the data servers for years or more.
2. Passive Digital footprint

If you are accidentally accessing data or accessing a website directly or indirectly then
a Passive Digital Footprint can be observed.
Whenever we are browsing a website, the IP address of your device is recorded by the
respective web-server.
These details are enough to track your precise Geo-location data and ISP and retrieve
much more information.
A simple Google search, online shopping activities, search engine histories or even
justvisiting a website leaves a passive digital footprint beside.
Irrespective of the IP address or the device you are accessing from, a passive
digital footprint cannot be avoided.
Cyber Forensics

Cyber forensics is a process of extracting data as proof for a crime (that involves
electronic devices) while following proper investigation rules to nab the culprit by
presenting the evidence to the court. Cyber forensics is also known as computer
forensics. The main aim of cyber forensics is to maintain the thread of evidence and
documentation to find out who didthe crime digitally. Cyber forensics can do the
following:

It can recover deleted files, chat logs, emails,

etcIt can also get deleted SMS, Phone calls.
It can get recorded audio of phone conversations.
It can determine which user used which system and for how much
[Link] can identify which user ran which program.
The Process Involved in Cyber Forensics
1. Obtaining a digital copy of the system that is being or is required to be inspected.
2. Authenticating and verifying the reproduction.
3. Recovering deleted files (using Autopsy Tool).
4. Using keywords to find the information you need.
5. Establishing a technical report.

Types of computer forensics

There are multiple types of computer forensics depending on the field in which digital
investigation is needed. The fields are:

Network forensics: This involves monitoring and analyzing the network traffic to and
from the criminal’s network. The tools used here are network intrusion detection systems
and other automated tools.
Email forensics: In this type of forensics, the experts check the email of the criminal
and recover deleted email threads to extract out crucial information related to the
case.
 Malware forensics: This branch of forensics involves hacking related crimes. Here,
the forensics expert examines the malware, trojans to identify the hacker involved
behind this.
Memory forensics: This branch of forensics deals with collecting data from the
memory(like cache, RAM, etc.) in raw and then retrieve information from that data.
Mobile Phone forensics: This branch of forensics generally deals with mobile
phones. They examine and analyze data from the mobile phone.
Database forensics: This branch of forensics examines and analyzes the data from
databases and their related metadata.
Disk forensics: This branch of forensics extracts data from storage media by
searching modified, active, or deleted files.

Cyberethics
Cyberethics is a branch of computer technology behavior that defines the best
practices that must be adopted by a user when he uses the computer system.

It refers to the basic ethics and etiquette that must be followed while using a
computer system.

Ethics, in general, refers to propagating good behavior, similarly by cyber ethics we

referto propagating good behavior online that is not harsh or rude.

Cyberethics governs rules that individuals must be polite and responsible when they
usethe internet.

Cyberethics aim to protect the moral, financial, social behavior of individuals.

Cyberethics engages the users to use the internet safely and use technology
responsibly and sensibly.

Cyberethics empathizes the behavior that must be adopted while using cyber
technology.
Cyber Ethics Concerns the following

1. Cyber Bullying:

Cyberbullying is a form of bullying carried out via internet technology such as social
media where individuals are mocked on their physical appearance, lifestyle,
preferences, etc.
The teenage generation or say youngsters are the major victims of this form of
cyber ethic breach.
Cyberbullying affects the emotional ethics of individuals and can cause mental
disturbance to individuals.
2. Hacking:

is not considered a good practice.

It is one of the riskiest cyber breaches to data leak. Data leak includes passing of
sensitive information such as passwords, bank details of the user to a third-party
user who is not authorized to access the information.
3. Copywriting:

Claiming of
another must be

eradicated.

your own.
It leads to a serious problem called plagiarism, which is a punishable offense and
considered a legal crime.
It is always advisable to follow general cyberethics, while using the internet or say
any kind of technology.
A proper code of conduct must be followed while using cyber technology.
Cyberethics if not used wisely can lead to serious situations.
Social and legal laws are defined to use cyber technology wisely. In extreme
cases,legal action can be taken if there is a violation of cyber ethics.
Responsibilities of Cyber Ethics

Respect for Privacy: Safeguarding the privacy of oneself and others by not intruding into
personal information, avoiding unauthorized access to private data, and respecting
boundaries in digital communications.

Security Practices: Acting responsibly to ensure the security of digital systems, including
using strong passwords, keeping software updated, and being cautious with sharing
sensitive information.

Responsible Online Behavior: Behaving ethically in online interactions, which includes

avoiding cyberbullying, harassment, spreading false information, or engaging in illegal
activities.

Respect for Intellectual Property: Respecting copyrights, trademarks, and intellectual

property rights by not plagiarizing content, respecting licensing agreements, and giving
credit where it's due.

Ethical Use of Technology: Using technology in a manner that benefits society while
considering the potential ethical implications of its use, such as in artificial intelligence,
surveillance, or data collection.

Compliance with Laws and Regulations: Abiding by legal frameworks and regulations
related to cyber activities, including data protection laws, cybersecurity standards, and
internet regulations.