Cyber Forensic and Cyber Laws

Cyber Forensic

Cyber Forensics is the process of gathering and documenting proof from a computer or computing device in a form that can be presented to a court using investigation and analysis techniques. Cyber Forensics is also known as Computer Forensics. The goal of cyber forensics is to determine who is responsible for what happened on the computer while documenting the evidence and conducting a thorough investigation. The investigators make a digital copy of the device under investigation’s storage media and conduct the investigation on the digital copy while ensuring that the device under investigation is not accidentally contaminated.

Need of Cyber Forensics

Cyber Forensics is required for crime investigation and law enforcement. In some cases, such as hacking and denial of service (DOS) attacks, the computer system serves as the crime scene. The computer system will contain evidence of the crime. Proofs can include browsing history, emails, documents, and so on. These computer proofs can be used as evidence in a court of law to sort out allegations or to protect innocent people from charges.

How do Cyber Forensics Experts Work?

1. Copying the hard drive of the system under investigation: Copying or imaging the hard drive means making a copy of the files and folders present on the hard drive. The replica of the drive is created on another drive-by copying every bit of data on the drive from the system under investigation.

2. Verification of the copied data: After the data is copied from the hard drive of the system under investigation to another hard drive, the forensic experts make sure if the copied data is exactly the same as the original data.

3. Ensuring the copied data is forensically sound: Based on the operating system used in the computer, the data written to the hard drive is in a format compatible with the operating system. Hence the forensic experts must make sure the data while being copied from the drive of the system under investigation into another drive is not altered in any way. That is, the data is copied using a write-blocking device in a forensically sound manner.

4. Deleted files recovery: The files deleted by the user on the computer can be recovered by forensic experts. The files are not deleted permanently by the computer and forensic experts know how to recover the deleted files.

5. Finding data in free space: The operating system sees the free space in the hard drive as space available to store the new files and folders but temporary files and files that were deleted years ago are stored here until the time new data is written into the free space.

6. Performing keyword search: Forensic experts make use of software that can go through the entire data for the given keywords and output the relevant data.

7. The technical report: The technical report must be an easy to understand document for anyone irrespective of the background. It should mainly focus on what is the offense, who is the offender and how did he commit the crime along with all the technicalities.

Cyber crimes can be categorized based on their targets :-

Cyber crimes can be categorized based on their targets.

Crimes Against People

Crime like these usually targets individuals and affects them financially, mentally, or physically.

Hacking — It involves a complete infiltration of the victim’s personal information to harm the individual, whether financially, mentally, or physically. An attacker bypasses an IT-enabled technology by gaining unauthorized access to it.

Cyber Bullying — The repeated, and deliberate harassment of an individual forges the core of cyberbullying. The most common example of such bullying can be people leaking private pictures or videos to harass their partners, friends, or anyone else. It is most common among teenagers, particularly school students.

Defamation — This crime includes hacking into an individual’s or an organization’s email or other social media accounts to send obscene content to their connections and defame their credibility.

Cyber Stalking — In this, the attacker, pretending to be an anonymous user, harasses a victim using the information media. Cyberstalking is the online equivalent of being followed around by a person through emails, instant messaging, social networking sites, or interactions over various chat groups or websites.

Crimes Against Property

Through technological advancements, property trading is not limited to the same country or region. It has gained international footing, and to manage this process, electronic management systems have replaced paper-based management. This technological factor adds to the risk of various cyber crimes in this domain.

Cyber Squatting — It is the process of illegally acquiring someone’s property through unfair means. A common example includes registering a look-alike domain of famous websites.

Cyber Vandalism — Cyber Vandalism refers to the act of destroying computer infrastructures or the information saved in them, by extracting login credentials from a system or erasing valuable information from hard drives.

Intellectual Property Crimes — This category of cyber crime includes Software piracy, infraction of patents, copyrights, trademarks, official blueprints, and many more such documents.

Hacking Systems — In this, cybercriminals attack a computer system with the sole purpose of destroying information to harm the credibility of a system or individual.

Crimes Against Government

Cyber Terrorism — Activities like Denial of Service (DoS) attacks, and attacks that target sensitive networks to damage Critical Information Infrastructure (CII) are referred to as Cyber Terrorism. Terrorists who practice such criminal activities interact with each other via emails that are either encrypted or secured with some kind of secret code.

Cyber Warfare — To gather military data of a different country, the attacker deliberately targets the information system of that nation to gain a military advantage over it. This data is used against that particular nation to disrupt wars.

Pirated Software — Piracy is an ongoing headache for the protectors of information systems. When used against the government, piracy can prove to be a significant issue. The pirated software damages and destroys confidential government records.

Acquiring Unauthorized Information — Through their widespread network, attackers can acquire confidential information about a nation’s politics, economy, religions, social issues, and other important domains that affect the governance of that nation, thereby posing a threat to the wellbeing of that nation.

INDIAN CYBER LAWS

After the General Assembly of the United Nations passed a resolution in January 1997 inter alia, recommending all States in the UN to give favorable considerations to the proposed Model Law, which recognized electronic records and accorded it the same treatment as paper communication and record, the Cyber Security Law of India or the Information Technology Act was composed.

Source : https://www.the420.in/wp-content/uploads/2021/11/india-it-act-2000.jpg

The Information Technology Act was then passed as a bill and was approved by the Union Cabinet on May 13, 2000. It was then consented by the President of India on 9 June 2000, and was entitled with the name the ‘Information Technology Act, 2000’. The Act was made effective from 17 October 2000 onwards.

The act originally dealt with –

1. Legal Recognition of Electronic Documents
2. Legal Recognition of Digital Signatures
3. Offenses and Contraventions
4. Justice Dispensation Systems for Cyber Crimes

But since technology is an ever-evolutionary component, the laws had to be revised. Due to this, the Information Technology Act of 2008 was acknowledged. It came into effect on 27th October 2009.

The Information Technology Act 2008 aimed to pursue technological neutrality, addressing certain shortcomings and insufficiencies in the original Act. It aspired to help accommodate the future development and the related security concerns of the IT sector.

The revised Act includes the following provisions regarding data protection and privacy.

1. Electronic Signature — To make the Act more ‘technologically neutral’, the term ‘Digital signature’ has been replaced by ‘Electronic signature’, since the latter represents the guardianship of various types of digital marketing, while the former only illustrates a specific type of electronic signature.
2. Cyber Terrorism — The amendment subsumed the concept of cyber terrorism and established punishments for it after the events of 26/11. Cybercrime has stretched its horizon under Section 66 with various crucial cybercrimes along with Section 66A, which penalized the exchange of “offensive messages”. However, Section 66A was later struck down after it was realized to violate one’s fundamental right to freedom of speech and expression.
3. Cyber Cafe Rules — Cyber cafes have always been a major hub for the exchange of obscene emails, identity theft, and net banking frauds, but the exclusion of cyber cafe security in the Act has failed to resolve this issue. The 2008 IT Act explicitly includes and defines these issues under the ‘intermediaries’.
4. Government Monitoring — In the original Act, the Telegraph Act restricted the government to monitor and listen in on phone calls, or read messages or emails of the public due to the condition of public emergency and safety, but the new Act expels such restrictions, extending the government’s authority.

Area of Cyber Law:

Source : https://img.onmanorama.com/content/dam/mm/en/news/india/images/2022/8/31/cybercrimes.jpg.transform/schema-4x3/image.jpg

Area of Cyber Law:
Cyber laws serve a variety of functions. Some laws establish guidelines for how individuals and businesses may use computers and the internet, while others protect people from becoming victims of crime as a result of unethical internet activity. The following are the major areas of cyber law:

1. Copyright:
   The internet has made copyright violations easier. In the early days of online communication, copyright violations were too easy. Both companies and individuals need lawyers to bring an action to impose copyright protections. Copyright violation is an area of cyber law that protects the rights of individuals and companies to profit from their creative works.
2. Fraud:
   Consumers depend on cyber laws to protect them from online fraud. Laws are made to prevent identity theft, credit card theft, and other financial crimes that happen online. A person who commits identity theft may face confederate or state criminal charges. They might also encounter a civil action brought by a victim. Cyber lawyers work to both defend and prosecute against allegations of fraud using the internet.
3. Defamation:
   Several personnel uses the internet to speak their mind. When people use the internet to say things that are not true, it can cross the line into defamation. Defamation laws are civil laws that save individuals from fake public statements that can harm a business or someone’s reputation. When people use the internet to make statements that violate civil laws, that is called Defamation law.
4. Harassment and Stalking:
   Sometimes online statements can violate criminal laws that forbid harassment and stalking. When a person makes threatening statements again and again about someone else online, there is a violation of both civil and criminal laws. Cyber lawyers both prosecute and defend people when stalking occurs using the internet and other forms of electronic communication.
5. Freedom of Speech:
   Freedom of speech is an important area of cyber law. Even though cyber laws forbid certain behaviors online, freedom of speech laws also allows people to speak their minds. Cyber lawyers must advise their clients on the limits of free speech including laws that prohibit obscenity. Cyber lawyers may also defend their clients when there is a debate about whether their actions consist of permissible free speech.
6. Trade Secrets:
   Companies that conduct business online frequently rely on cyber laws to protect their trade secrets. Google and other online search engines, for example, spend a significant amount of time developing the algorithms that produce search results. They also devote significant time to developing other features such as maps, intelligent assistance, and flight search services, to name a few. Cyber laws enable these businesses to take legal action as needed to safeguard their trade secrets.
7. Contracts and Employment Law:
   Every time you click a button that says you agree to the terms and conditions of using a website, you have used cyber law. There are terms and conditions for every website that are somehow related to privacy concerns.

References

1. https://cyberforensics.com/
2. https://www.cyberdegrees.org/jobs/computer-forensics/
3. https://www.geeksforgeeks.org/cyber-law-it-law-in-india/#:~:text=Cyber%20Laws%20yields%20legal%20recognition,all%20activities%20over%20the%20internet.
4. https://blog.ipleaders.in/category/cyber-law/
5. https://www.upcounsel.com/cyber-law

Authors:

Aditya Dere

Anushka Ahire

Mandar Ambulkar

Vedant Jore