State govts fail to get cracking on cyber crime

Even as hackers attacked more than 5,500 websites in the first six months this year, security agencies are groping in the dark to find a way to tackle the problem.

Interestingly, though the Central Bureau of Investigation (CBI), the nodal agency to deal with cybercrime in India, trains 30 police officials every year, it says most state police units are ill-equipped to deal with the problem.

The number of cybercrime cases increased from 142 in 2006 to 217 in 2007, and stood at 288 in 2008 — a 100 per cent jump from 2006.

Of the 288 cases, 105 cases were related to obscene publication, or transmission in electronic form. And, there were 82 cases of hacking.

However, the number of cases registered under various sections of the Indian Penal Code related to cybercrime declined from 311 in 2006 to 176 in 2008. In 2008, 79 of the total reported cases were of criminal breach of trust.

“After the 26/11 attacks, the government is concerned about cybercrime, especially social networking, and there is a high level of sensitivity. However, the focus is not on persecuting, but protecting the integrity and sovereignty of the country,” said Pavan Duggal, a Supreme Court advocate and cyber law expert.
 

TOO HEAVY  TO PROCESS
Defaced Indian websites
Domain name	Number of  websites
.in	3,216
.com	1,988
.org	229
.net	133
Others	25
Total	5,591
Source: Indian Computer  Emergency Response Team

In the last 15 years, convictions were made in only three cybercrime cases. Duggal said out of 500 instances of cybercrime, only 10 per cent, or 50, are reported to the police, and only one gets translated into a first-hand report. Moreover, the Information Technology (IT) Act makes only three offences — cyber terrorism, child pornography and breach of a protected system — non-bailable.

“Cybercrime in India is categorised into a crime against persons, property or the nation. With time, the focus on targeting individuals has decreased, while on corporate property has increased. The focus on the nation, which is five per cent at present, will soon reach double digits,” he added.

The IT Act has provisions to deal with cybercrime such as tampering with computer source documents, computer-related offences, sending offensive messages through communication services, dishonestly receiving resources from a stolen computer, identity theft, violation of privacy, cyber terrorism and publishing or transmitting obscene material in electronic form. It also provides for penal action on breach of confidentiality and leakage of data by an intermediary.

“Maharashtra and New Delhi police are the best equipped to deal with cybercrimes. But cybercrime units in other states are lagging. We give training to police officers every year, and they are supposed to go back to their states and train other policemen. This has not worked so far. We have no record of the number of police officers who have trained by those who were trained by us,” said a senior CBI official.

Moreover, the government has asked the states to establish anti-cybercrime missions to stop those behind computer intrusions and frauds, and identify and thwart those who endanger national security and competitiveness. The missions are also supposed to dismantle national and transnational-organised criminal enterprises engaging in crimes on the internet.

“Protection of critical information infrastructure is pivotal to national security, economy, public health and safety, and thus, it has become necessary to declare such infrastructure as a protected system, so as to restrict unauthorised access,” said an official from the Indian Computer Emergency Response Team, which is a part of the IT Department.