CYBERCRIME

2. About cybercrime

Cybercrime is essentially any illegal activity that involves computers, networks, or digital devices. Criminals can use these tools to steal data, commit fraud, disrupt computer systems, or cause other harm. Some common types of cybercrime include:

• Stealing someone's personal information like their name, Social Security number, or credit card details to impersonate them and commit fraud.
• Tricking people into giving up their personal information or clicking on malicious links by disguising emails or websites as legitimate ones.
• Malicious software that can be installed on a computer to steal data, damage files, or disrupt operations.
• Gaining unauthorized access to a computer system or network to steal data, install malware, or cause damage.

3. What is NCRP?

The National Cybercrime Reporting Portal is an online platform established by the government of India to facilitate the reporting of cybercrimes by citizens. The portal allows individuals to report incidents of cybercrime in a streamlined and accessible manner.

Key features and functions of the National Cybercrime Reporting Portal include

• Individuals can report various types of cybercrimes such as online harassment, financial fraud, ransomware attacks, and identity theft. The portal provides specific categories for different types of cyber incidents to ensure proper documentation and handling.
• The portal places a special emphasis on crimes related to women and children, providing a dedicated section to report cases of online harassment, child pornography, and other related offences.
• The portal allows users to report crimes anonymously if they choose, ensuring the confidentiality and privacy of the complainant.
• Once a complaint is filed, the portal provides a tracking number which can be used to follow up on the status of the complaint.
• The portal offers resources and guidelines on how to protect oneself from cybercrime, as well as information on legal recourse and support available for victims.

5. What is the Budapest Convention?

The Budapest Convention, also known as the Council of Europe Convention on Cybercrime, is the world's first international treaty specifically designed to address cybercrime. It came into effect in 2004 with three main objectives:

1. The convention aims to improve how countries investigate cybercrime by setting standards for collecting electronic evidence and fostering cooperation between law enforcement agencies.
2. It facilitates cooperation among member states in tackling cybercrime. This includes sharing information, assisting with investigations, and extraditing cybercriminals.
3. The convention encourages member countries to harmonize their national laws related to cybercrime. This creates a more unified approach to defining and prosecuting cyber offences.

India's Stand: India is not currently a party to the Budapest Convention. There are concerns that some provisions, like data sharing with foreign law enforcement agencies, might infringe on India's national sovereignty. India has also argued that it wasn't involved in drafting the initial convention.

6. What is the Global Cybersecurity Index?

The Global Cybersecurity Index (GCI) is an initiative by the International Telecommunication Union (ITU) to measure and rank the cybersecurity capabilities of countries around the world. The index provides insights into the commitment of countries to cybersecurity at a global level, assessing their strengths and identifying areas for improvement. The key aspects of the Global Cybersecurity Index

Purpose

• To promote cybersecurity awareness and foster a global culture of cybersecurity.
• To encourage countries to enhance their cybersecurity infrastructure and strategies.
• To facilitate knowledge sharing and cooperation among nations.

Assessment Criteria

 The GCI evaluates countries based on five main pillars:

1. Examines the existence of cybersecurity legislation and regulatory frameworks.
2. Assesses the implementation of cybersecurity technologies and technical institutions.
3.  Looks at national cybersecurity strategies, policies, and dedicated agencies.
4. Evaluate the availability of cybersecurity education, training, and awareness programs.
5. Measures the extent of international and national cooperation in cybersecurity efforts.

Impact

 The GCI serves several important functions:

• Provides a benchmarking tool for countries to assess their cybersecurity maturity.
• Helps policymakers identify gaps and prioritize areas for improvement.
• Encourages international cooperation and collaboration to tackle global cyber threats.

7. The challenges related to cyber security in India

India faces numerous challenges related to cybersecurity, reflecting its rapidly growing digital economy and increasing reliance on technology. 

Increasing Cyber Threats:

• India has seen a significant rise in cybercrimes, including hacking, phishing, ransomware attacks, and identity theft. Sophisticated, state-sponsored attacks targeting critical infrastructure and sensitive data are becoming more common.
• Many public and private sector systems rely on outdated technology, making them vulnerable to attacks. Inadequate implementation of robust cybersecurity measures and protocols leaves systems exposed.
• There is a significant gap in the number of trained cybersecurity experts needed to protect against and respond to cyber threats. Ongoing education and training programs are insufficient to keep pace with evolving cyber threats.
• The absence of a unified regulatory framework complicates cybersecurity management. While laws like the IT Act 2000 exist, enforcement and implementation remain inconsistent and weak.
• Many individuals and small businesses lack awareness of basic cybersecurity practices. Practices like using weak passwords, not updating software, and falling for phishing scams are common.
• The absence of robust data protection legislation makes it difficult to safeguard personal and sensitive data. Ensuring privacy and protection of personal information remains a significant challenge.
• Effective cybersecurity often requires international cooperation, which is currently limited and inconsistent. Cross-border cyber threats and geopolitical tensions complicate collaboration and response efforts.
• The rapid adoption of IoT devices, often with minimal security features, increases vulnerabilities. While AI can enhance security, it also introduces new risks and attack vectors.
• Sectors like banking, healthcare, and energy are increasingly targeted, requiring enhanced protection measures. Ensuring coordinated efforts among various governmental and private entities involved in critical infrastructure protection is challenging.
• Limited financial resources allocated for cybersecurity initiatives hinder the development and implementation of comprehensive security measures.
• Staying abreast of the latest cybersecurity technologies and tools is difficult due to financial and logistical constraints.