In this world, where everything is available at a click, crimes also have been committed at just a click. Increasing use of mobile and online banking, smartphones and personal devices, social media and cloud computing offer a wealth of attractive business solutions and opportunities to organizations but at the same time, they can also pose a plethora of information security risks.
Cyberwarfare utilizes techniques of defending and attacking information and computer networks that inhabit cyberspace, often through a prolonged cyber campaign or series of related campaigns.
Hacking has been one of the most powerfully used instruments of cyber-attack. According to a National Crime Records Bureau (NCRB), there has been a tremendous increase in the number of hacking incidents reported in the country. The number of hacking cases registered under the IT act 2000 increased from 5,548 in 2014 to 6,567 in 2015.
Under the IT Act 2000, section 66 states that,
“Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or diminishes its value or utility or affects it injuriously by any means, commits hack.”
Cyberwarfare denies an opponent's ability to do the same, while employing technological instruments of war to attack an opponent's critical computer systems. Cyberterrorism, on the other hand, is "the use of computer network tools to shut down critical national infrastructures (such as energy, transportation, government operations) or to coerce or intimidate a government or civilian population". That means the end result of both cyberwarfare and cyberterrorism is the same, to damage critical infrastructures and computer systems linked together within the confines of cyberspace.
Hacking attacks are tailored to target a particular organization or entity and are often focused on gathering sensitive data with monetary value. In computer security, a hacker is someone who focuses on security mechanisms of computer and network systems. There are various types of hackers.
- White Hat Hacker: An ethical hacker who gains access to systems with a view to fix identified weaknesses and also perform penetration testing and vulnerability assessments.
- Black Hat Hacker: A cracker who gains unauthorized access to computer systems for personal gain by stealing corporate data, violate human rights etc.
- Grey Hat Hacker: A hacker who breaks into computer systems without authority with a view to identify weakness and reveal them to the system owner.
- Script Kiddies: Non-skilled person who gains access to computer systems using already made tools.
- Hacktivist: A hacker who uses hacking to send social, religious and political messages.
Unethical hacking is an illegal activity to get unauthorized information by modifying a system’s features and exploiting its loopholes. Some commonly used hacking techniques are phishing, virus/ Trojan, cookie theft, clickjacking attack and key logger.
Vulnerability factor exploits how vulnerable an organization or government establishment is to cyber-attacks. An organization can be vulnerable to a denial of service attack, and a government establishment can be defaced on a web page. A computer network attack disrupts the integrity or authenticity of data, usually through malicious code that alters program logic that controls data, leading to errors in output.
The consequences for malicious hacking is imprisonment up to three years or with fine which may extend up to two lakh rupees or with both as per section 66 of IT Act 2000.
Since rapid and dynamic changes in technology space are throwing open, new ways of doing business, organizations have to find out appropriate ways to tackle the ‘new age’ sophisticated cyber-crimes emerging in the country by carrying out risk assessments on regular basis and by providing proactive and ongoing education and training to lay people on such cyber-attacks.
Information Technology Act, 2000
Computer Crime and Computer Forensics by Dr.R.K. Tewari, P.K. Sastry and K.V. Ravikumar
Cyber Crimes by Yogesh Barua & Denzyl P.Dayal (2001)