Blog Image

Cybercrimes and Cyber Laws in India

Cybercrimes and cyber laws in India
- Ruchi Nehra, Banasthali Vidyapith, Rajasthan


Like every other invention in history, the internet came with its advantages and disadvantages. Little did the founding fathers know that their creation will be used someday to harm and destroy someone. Today, various dangerous things are happening in cyberspace. Using the web with criminal intent is known as cybercrime. 
The term “cybercrime” is not defined under any statute in India. But in the wider sense, it could mean, any activity done with criminal intent in cyberspace, where the computer could be a tool as well as the victim. Sometimes, these crimes are committed for generating profits, sometimes it is done to damage software and at other times it is done to ship malware into a system that enters other machines and spreads to the whole network in no time. Cybercrime could involve traditional criminal activities like theft, fraud, mischief, forgery, or defamation which are subject to the Indian Penal Code, 1860; and the new age crimes are subject to the Information Technology Act, 2000. 

Cybercrimes can be divided into two categories broadly;
1.Where the computer is used as a weapon. Such crimes are- cyber terrorism, credit card fraud, IPR violations, pornography
2.Where the computer is the target. Such crimes include the use of one computer to damage another one like launching virus, hacking, DOS attacks

There are various types of cybercrimes which are divided into mainly 3 headings based on their target-
1.Cybercrimes against person such as pornography, defamation, harassment via mail, email bombing, cyberstalking, cyber extortion, etc. These are the most important cybercrimes known today and are capable of causing potential harm to humanity. 
2.Cybercrimes against property such as cyber vandalism, data theft, transmitting the virus, unauthorized computer trespassing, IPR infringement, credit card frauds, etc
3.Cybercrimes against the government are like cyber terrorism. Cyberspace is misused by individuals and certain groups to threaten international governments and their citizens by cracking the official governmental or military websites.

Significant Cyber Crimes:-

Cyber extortion- This crime involves an attack or a threat to attack to demand extortion money. One such type is a ransomware attack. Cybercriminals hack into the network of an organization and make any potential data or documents inaccessible until a ransom is paid. 
Identity theft- This crime constitutes an attack where an individual trespasses into a computer to extract the personal information of the user like banking details, credit card number, identity card number, personal health details, etc. Such information is bought and sold on the dark web for profits and is often used to commit frauds and making unauthorized transactions. 

Cyber espionage- Under this crime, individuals or groups hacks into the system and gather confidential information from the government or any organization. It constitutes every type of attack from destroying the data to modifying it or using system-connected devices like a webcam to spy on an individual or monitoring the email, messages, and other connections.

Software piracy- This is one of the most common cybercrimes today which involves unauthorized use, unlawful copying, or distribution of such copy. This is often done for personal or commercial gain. IPR infringement, counterfeiting, internet piracy are some of its examples.

Exit scam- The digital version of this old scam involves the transfer of virtual currency held in marketplace escrow accounts to the accounts of dark web administrators. 

DDoS (Distributed Denial of Service) attacks- This type of attack is performed by using the organization’s protocol and taking advantage of its limits to shut down the server by overwhelming its capacity to respond to communications. These attacks are generally carried out for malicious purposes or committing mischief and sometimes to divert the attention of the targeted network from another attack.

Phishing attacks- This is the technique for acquiring sensitive information like login details, passwords, credit card details, company data, etc. of a user by sending fraudulent messages (mostly emails) that appear to be coming from a trustworthy and reputable source.  

Cyber Laws in India:-

“Every action and reaction occurring in the cyberspace has some legal and cyber legal perspectives”. The term “cyberlaw” is used to address the legal issues occurring in cyberspace. It is an integration of various laws to deal with and resolve such issues and challenges posed by humanity on the web every day.
As cybercrime is a field still developing towards specialization, there is absolutely no comprehensive law to deal with it, anywhere in the world till date. But Government of India has the Information Technology Act, 2000 in force to regulate the malicious activities on the web that violate the rights of an internet user. At times, one may find that there are provisions of the IPC and IT Act that penalize such activities overlap each other. 

Penalties under Cyber Crimes:-

Section 43 and 66 of the IT Act punishes a person committing data theft, transmitting virus into a system, hacking, destroying data, or denying access to the network to an authorized person with maximum imprisonment up to 3 years or a fine of rupees 5 lacs or both. At the same time data theft is also punishable under Section 378 and Section 424 of IPC with maximum imprisonment of 3 years or fine or both; and imprisonment of 2 years or fine or both respectively. Denying access to an authorized person or damaging a computer system is penalized under Section 426 of IPC with imprisonment of up to 3 months or fine or both.

Tampering with computer source documents is a punishable offence under Section 65 of the IT Act. Section 66E provides the punishment for violation of privacy. It states that if any person captures, publishes, or distributes an image of a private area of a person without his/her consent has committed a breach of privacy and is punishable with imprisonment up to 3 years or a fine up to 2 lacs or both.

Section 66F covers a crucial matter which is cyber terrorism and prescribes punishment for the same. It provides the acts which constitute cyber terrorism like denial of access or penetrating through a network or transmitting virus/malware utilizing which he is likely to cause death or injury to any person, which is all done with the purpose to threat the integrity, sovereignty, unity, and security of India or create terror in the minds of its citizen.

Section 66B of the IT Act and Section 411 of IPC deal with the offense of dishonestly receiving stolen computer resources or devices. Section 66C of the IT Act prescribes punishment for identity theft and states that any person who uses the identity credentials of a person for fraud or in a dishonest manner is liable for punishment with imprisonment up to 3 years and a fine up to Rupees 3 lacs. Cheating by personation using a computer resource is punishable under Section 66D of the IT Act. Similar provisions for these offenses are given under IPC under Section 419, 463, 465, and 468. IT Act not only punishes persons but corporate as well if they fail to implement and maintain a reasonable and diligent mechanism to protect the sensitive data of any person in their possession. Such a body corporate is liable to pay compensation to the aggrieved person who has suffered a loss due to the negligence of the corporation.

Apart from the provisions for punishment, the IT Act also empowers the Central Government to issue directions to block access of any information on an intermediary or computer resource for the public, if it feels necessary in the interest of the State. It can also intercept, decrypt or monitor such information.


The technology is evolving and with the evolution is coming disturbing elements surfacing on the dark web. Intelligent people are mis-utilizing their skills and exploiting the internet for evil deeds and sometimes for monetary profit. Thus, cyber law is the need of time. Cyberspace is an extremely difficult terrain to deal with and therefore some activities fall into the grey zone where there is no law to govern them. Thus, there is a long way to go before having a vast and comprehensive law for cyber crimes in India. 

-Vinod Joseph and Deeya Ray, Cyber Crimes under the IPC and IT Act - An Uneasy Co-Existence <> accessed on 22 July 2021
-Cyber laws of India <> accessed on 22 July 2021
-Prachi Mishra, Explained: What is cybercrime, its types, and laws in India <> accessed on 22 July 2021
-Kate Brush, cybercrime <> accessed on 22 July 2021
-Section 43A of the IT Act, 2000 < >accessed on 22 July 2021
-Section 65 of IT Act, 2000 <> accessed on 22 July 2021
-Section 69 of the IT Act, 2000 < >accessed on 22 July 2021