About Indian Cyber Crime Coordination Centre (I4C) :
- The Indian Cyber Crime Coordination Centre (I4C) scheme was authorised for two years (2018-2020) in October 2018 to deal with all kinds of cybercrimes in a systematic and organised manner.
- It is consistent with the 2013 National Cyber Security Strategy aimed at promoting the development of a safe computing environment and encouraging adequate trust and confidence in electronic transactions, as well as directing cyberspace defence behaviour by stakeholders. This centre is located in New Delhi.
- The appropriate law enforcement agencies in the states and UTs will have access to all cybercrime-related complaints and take action as required by law.
- Regional Coordination Centers for Cyber Crime will be formed at the state / UT level and currently 15 states and UTs have given their consent to set it up.
- National Cyber Crime Reporting Portal (NCRP) is a citizen-centered project that will allow people to report online cybercrimes through the internet with a special emphasis on crimes against women, children, in special child pornography, material on child sexual exploitation, online content on rapes and gang rapes, financial crime, etc.
- It also focuses on crimes like financial crime and social media related crimes like stalking, cyberbullying, etc.
- The portal was launched on a pilot basis on 30th August 2019.
- It will improve the capacity of law enforcement agencies to investigate the cases after successful completion by improving coordination amongst the law enforcement agencies of different States, districts and police stations.
Overview about the I4C Scheme
- To act as a nodal point in the fight against cybercrime
- Identify the research problems/needs of Law Enforcement Agencies (LEAs) and take up R&D activities in developing new technologies and forensic tools in collaboration with academia / research institutes within India and abroad
- To prevent misuse of cyber space for furthering the cause of extremist and terrorist groups
- Suggest amendments, if required, in cyber laws to keep pace with fast changing technologies and International cooperation
- To coordinate all activities related to implementation of Mutual Legal Assistance Treaties (MLAT) with other countries related to cybercrimes in consultation with the concerned nodal authority in MHA
Components of the I4C
- National Cybercrime Threat Analytics Unit (TAU)
- This will be met through a National Cybercrime Threat Analytics Unit (TAU), which shall provide a platform for law enforcement personnel, persons from private sector, academia and research organizations to work collaboratively in order to analyse all pieces of puzzles of cybercrimes.
- Threat Analytics Unit shall also produce cybercrime threat intelligence reports and organize periodic interaction on specific cybercrime centric discussions.
- Create multi-stakeholder environment for bringing together law enforcement specialists and industry experts.
- National Cybercrime Reporting
- This unit will work in tandem with already established investigation units at state and central levels as well as experts from different spheres to create expert investigation teams.
- Will have the capability to respond in real time to rapidly changing cybercrime threat.
- Will able to collaborate with partners to investigate cyber and cyber-enabled crime.
- Platform for Joint Cybercrime Investigation Team
- Its objective is to drive intelligence-led, coordinated action against key cybercrime threats and targets.
- This will facilitate the joint identification, prioritization, preparation and initiation of multi-jurisdictional against cybercrimes.
- National Cybercrime Forensic Laboratory (NCFL) Ecosystem
- Forensic analysis and investigation of cybercrime as a result of new digital technology and techniques.
- Develop a centre to support investigation process. NCFL and associated Central Forensic Science Laboratory to be well-equipped and well-staffed in order to engage in analysis and investigation activities to keep-up with new technical developments, using which a completely new kind of cybercrime might have been committed.
- National Cybercrime Training Centre (NCTC)
- National Cybercrime Training Centre (NCTC) will be setup to focus on standardization of course curriculum focused on cybercrimes, impact containment and investigations, imparting practical cybercrime detection, containment and reporting trainings on simulated cyber environments.
- Development of Massive Open Online Course to be delivered on a cloud based training platform.
- National Cybercrime Training Centre to also focus on establishing Cyber Range for advanced simulation and training on cyber-attack and investigation of such cybercrimes.
- Cybercrime Ecosystem Management Unit
- Develop ecosystems that bring together academia, industry and government to operate, investigate a cybercrime basis established standard operating procedures, contain the impact of cybercrimes and respond to cybercrimes.
- Provide incubation support for development of all components of cybercrime combatting ecosystem.
- National Cyber Research and Innovation Centre
- Track emerging technological developments, proactively predict potential vulnerabilities, which can be exploited by cybercriminals.
- To leverage the strength and expertise of all stakeholders, be it in academia, private sector or inter-governmental organizations.
- Create strategic partnerships with all such entities in the area of research and innovation focused on cybercrimes, cybercrime impact containment and investigations.
- Cybercrime is a broad term used to describe illegal activity in which computers or computer networks are a criminal activity weapon, target, or location, covering anything from electronic cracking to denial of service assaults.
- The typical crimes in which computers or networks are used to facilitate criminal activity are also protected.
- Cyber law is not a different legal structure in India. It is a mixture of laws on contracts, intellectual property, data security , and privacy.
- The Information Technology Act, 2000 discusses the spectrum of crimes of the digital century. The medium and the object of such crimes are computer technology, mobile devices, apps, and the internet.
- Traditional criminal activities are now part of cyberspace, such as stealing, fraud , forgery, slander, and mischief. These have already been discussed in the Indian Penal Code.
- ‘Police’ and ‘Public Order’ are subjects of the State as per the Indian Constitution. States / UTs are thus solely responsible, through their law enforcement machinery, for the prevention, identification, investigation and prosecution of crimes.
INTERPOL REPORT ON CYBER ATTACKS
- With over a million confirmed cases of SARS-CoV-2 virus across more than 200 nations and territories, coronavirus has spread its filthy feathers across the whole world.
- Globally, the total number of coronavirus cases neared 1.35 million while the death toll crossed 74,000.
- However, some people are out there who seek to gain advantage from crisis.
- According to an Interpol warning, cybercriminals are exploiting the coronavirus crisis and threatening to hold hospitals to ransom despite the lifesaving work they are carrying out.
- The International Criminal Police Organisation has issued a global alert to health care organizations about the ransomware attacks, often disguised as official advice from government agencies, which are designed to lock administrators out of the critical IT systems they need.
- Interpol’s Cybercrime Threat Response has detected a “significant increase” in the number of attempted ransomware attacks against key organizations around the world.
- The bane of the internet, cybercrime refers to any and all illegal activities carried out using technology.
- Cybercriminals, who range from rogue individuals to organized crime groups to state-sponsored factions, use techniques like phishing, social engineering, and all kinds of malware to pursue their nefarious plans.
- Cybercrime is defined as a crime in which a computer is the object of the crime (hacking, phishing, spamming) or is used as a tool to commit an offense (child pornography, hate crimes).
Types of Cybercrimes:
- A crime involving an attack or threat of an attack coupled with a demand for money to stop the attack.
- Ransomware: One form of cyberextortion is the ransomware attack, in which the attacker gains access to an organization’s systems and encrypts its documents and files – anything of potential value – making the data inaccessible until a ransom is paid.
- Cryptojacking: An attack that uses scripts to mine cryptocurrencies within browsers without the user’s consent. Cryptojacking attacks may involve loading cryptocurrency mining software to the victim’s system.
- Identity theft: An attack that occurs when an individual accesses a computer to glean a user’s personal information, which they then use to steal that person’s identity or access their valuable accounts, such as banking and credit cards.
- Cyberespionage: A crime involving a cybercriminal who hacks into systems or networks to gain access to confidential information held by a government or other organization. Cyberespionage activities can include every type of cyberattack to gather, modify or destroy data, as well as using network-connected devices, like webcams or closed-circuit TV (CCTV) cameras, to spy on a targeted individual or groups and monitoring communications, including emails, text messages and instant messages.
- Software piracy: An attack that involves the unlawful copying, distribution and use of software programs with the intention of commercial or personal use. Trademark violations, copyright infringements and patent violations are often associated with this type of cybercrime.
- Exit scam: The dark web, not surprisingly, has given rise to the digital version of an old crime known as the exit scam. In today’s form, dark web administrators divert virtual currency held in marketplace escrow accounts to their own accounts — essentially, criminals stealing from other criminals.
- Dark web: The deep web refers to all parts of the internet (sites, e-shops, forums, etc.) that are not accessible by a regular search engine like Google or Bing.
- Founded in 1923, Interpol is an international police organization made up of 194 member countries.
- The International Criminal Police Organization, or the Interpol is an international police agency that helps other law-enforcement agencies track criminals who operate across national borders.
- In each country, an INTERPOL National Central Bureau (NCB) provides the central point of contact for the General Secretariat and other NCBs.
- An NCB is run by national police officials and usually sits in the government ministry responsible for policing
Cyber Laws and Legislation in India and Abroad:
At Global Level:
Budapest Convention on Cyber Security:
- It is the first international treaty seeking to address Internet and computer crime by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations.
- It’s objective is to pursue a common criminal policy aimed at the protection of society against cybercrime, especially by adopting appropriate legislation and fostering international cooperation.
International Governance Forum (IGF):
- Internet Governance Forum (IGF) is a multi-stakeholder forum for policy dialogue on issues of Internet governance which brings together all stakeholders in the Internet governance debate.
- It facilitates a common understanding of how to maximize Internet opportunities and address risks and challenges.
- It is convened under the auspices of the Secretary- General of the United Nations.
National Technical Research Organization (NTRO):
NTRO is a highly specialized technical intelligence gathering agency.
It develops technology capabilities in aviation and remote sensing, data gathering and processing, cyber security, cryptology systems, strategic hardware and software development, and strategic monitoring.
National Critical Information Infrastructure Protection Centre (NCIIPC):
- National Critical Information Infrastructure Protection Centre is envisaged to act as a 24×7 center to battle cybersecurity threats in strategic areas such as air control, nuclear and space.
- It is placed under the National Technical Research Organization.
- The Computer Emergency Response Team (CERTIn) has been designated to serve as the national agency to perform the following functions:
- To collect and analyses information on cyber incidents
- To forecast and give alerts of cybersecurity incidents
- To provide emergency measures for handling cybersecurity incidents
- To coordinate cyber incident response activities
- To issue guidelines, advisories, vulnerability notes and white papers relating to information security practices, procedures, prevention, response and reporting of cyber incidents National
Cyber Coordination Centre (NCCC):
- NCCC is a critical component of India’s cyber security against hackers and espionage as well as to track terrorist activity online.
- It will scan the country’s web traffic to detect real-time cybersecurity threats and alert various organizations as well as internet service providers for timely action. It also will coordinate between intelligence agencies, specifically during network intrusions and cyber-attacks.
Crime and Criminal Tracking Network System (CCTNS):
- CCTNS is a nationwide network infrastructure for evolution of IT-enabled state-of-the-art tracking system around “investigation of crime and detection of criminals”.
- It is initiated in 2009 which aims at to interconnect about 15000 Police Stations and additional 5000 offices of supervisory police officers across the country and digitize data related to FIR registration, investigation and charge sheets in all Police Stations.
Information Technology Act, 2000:
- It is the most significant piece of legislation addressing conduct in cyberspace in India.
- It provides legal recognition to e-commerce and e-governance and facilitates its development as an alternative to paper-based traditional methods.
- The Act seeks to protect the advancement in technology by defining crimes, prescribing punishments, laying down procedures for investigation and forming regulatory authorities.
National Cyber Security Policy, 2013:
- The policy provides for developing effective Public-Private Partnership and collaborative engagements through technical and operational cooperation and contribution for enhancing the security of cyberspace.