Digital regulation, otherwise called cybercrime regulation or web regulation, alludes to the  legitimate structure that administers exercises led over the web and in the internet. It includes  a large number of legitimate issues connected with advanced innovation, PC frameworks,  organizations, and the web. Digital regulation is essential in keeping everything under control,  safeguarding people and organizations, and guaranteeing that the advanced domain works  inside lawful and moral limits. 

In the present mechanically determined world, the vital pretended by the web and PCs couldn’t  possibly be more significant. They smooth out our undertakings, from long-range informal  communication to virtual gatherings and even cash moves. Be that as it may, this comfort  comes at a precarious cost: our protection. In a time where practically every aspect of our lives  is entwined with PCs and the web, the predominance of cybercrimes has flooded to disturbing  levels. 

Among the most considerable difficulties presented by this advanced age is the need to wrestle  with violations committed thanks to the web and PCs. In contrast to customary violations,  where an actual presence is much of the time an essential for the culprit, cybercrimes present a  special obstacle. The denounced remains covered in namelessness, their actual personality  clouded behind a PC screen. Laying out a substantial connection to the genuine transgressor is  a burdensome undertaking. 

To dissuade people from participating in such illegal exercises and to keep up with  cautiousness, strong regulation is basic. Such regulations ought to force severe punishments,  going about as an impediment against the commission of cybercrimes. The requirement for  Digital Regulation isn’t simply squeezing; it is an outright need. 


Cybercrime is defined by Dr. Debarati Halder and Dr. K. Jaishankar as:  “Offences committed against individuals or groups of individuals with a criminal motive to  intentionally harm the victim’s reputation or cause physical or mental harm, or loss, to the  victim directly or indirectly, via modern telecommunication networks such as the Internet (Chat  rooms, emails, notice boards, and groups) and mobile phones (SMS/MMS)” 

Oxford Dictionary defines cybercrime as follows: 

“Criminal activities committed via computers or the Internet.” “Cybercrime can be defined as  those species whose genus is traditional crime and where the computer is either an object or a  subject of the criminal conduct.” 

Indian Definition  

In India although the word “cybercrime” has not yet been defined in any act or statute approved  by Indian Legislature, but it has occasionally been interpreted by Indian Courts.1 

Cybercrime in India is mainly covered by the “Informational Technology Act 2000”. The act  was introduced to regulate various aspects of electronic commerce and digital communication  in India. The act was further amended in 2008 and 2009 to strengthen the provisions. The 2008  amendment was made to enhance provisions regarding cyber-crimes and electronic governance  and the 2009 amendment was focused on data security and privacy. 


Informational Technology Act, 2000 

The IT Act which came into effect in 2000, mainly regulates cyber laws in India. The  main objective of this act is to provide security to the people by making it simpler for  the people to register co-existent records with the government. The scope of IT Act has  been enlarged to include all modern communication devices. 

i. Section 43 of the IT Act 2000: Penalty and compensation for damage to  computer, computer system, etc. 

ii. Section 66 of the IT Act 2000: Computer related offences. 

iii. Section 66B of the IT Act 2000: Punishment for dishonestly receiving stolen  computer resource or communication device. 

iv. Section 66C of the IT Act 2000: Punishment for identity theft. 

1—an-uneasy-co existence 

2Informational Technology Act, 2000

v. Section 66D of the IT Act 2000: Punishment for cheating by personation by  using computer resources. 

1. Indian Penal Code 1860 

The IPC which came into effect in the year 1860, mainly provides provision for identity  and other related cyber offences which are punishable under both IT Act 2000, and the  IPC, 1860. 

The American definition 

The U.S. Department of Justice (DOJ) while defining cybercrime divided cybercrime into three  categories; crimes in which the computing device is the target; crimes in which the computer  is used as a weapon and crimes in which the computer is used as an accessory to a crime. 

In United States cyber-crimes are dealt under two respective statutes namely; Computer Fraud  and Abuse Act (CFAA) and Electronic Communications Privacy Act (ECPA). 

Computer Fraud and Abuse Act (CFAA): The act was primarily enacted in 1986 with the  purpose to penalize cyber-crimes. However, since then the act has undergone several  amendments to adapt to the ever-changing technology. 

Major Provisions Related to statute 

18 U.S.C. § 1030(a)(1)): Deals with unauthorised access to any computer with a view  to obtain any digital financial record of the government or any information relating to  any of the departments of the govt. or any information from any protected computer. 

(18 U.S.C. § 1030(a)(6)): Addresses the sale, transfer, or trafficking of passwords or  other access credentials to protected computers. 

Similarly, Electronic Communications Privacy Act (ECPA) was enacted in 1986 with a view  to protect and maintain the privacy of electronic communications. 

The act is focussed on several issues involving Protecting Privacy Rights, framework  Regulating Government Access and providing Protecting Against Unauthorized Access. 


Broadly cybercrimes are divided into two categories: 

Computer Fraud and Abuse act 1986

1. Crimes where a computer is used as a medium, 

2. Crimes where a computer is used as a target.  

The essential necessity to carry out a digital wrongdoing is by using a PC as a gadget or medium  to execute the bad behaviour, in this class, hoodlums use methodologies like phishing, social  planning, and online distortion to exploit individuals or affiliations. Additionally, in the last one  PC itself is the goal, in this class, hooligans revolve around compromising or hurting PC  structures, regularly through hacking, malware, or renouncing of-organization attacks. 

Both kinds of digital wrongdoings are perpetrated with the reason to do information break  bringing about unapproved admittance to delicate or private data put away on a PC framework,  organization, or data set. 

Information breaks can happen because of multiple factors, including burglary of individual  data for fraud, monetary benefit, or reconnaissance. The taken information might be sold on  the dark web or utilized for other malignant purposes. 

A portion of the usually perpetrated digital violations incorporate following, phishing, hacking,  digital tormenting, badgering and so forth. 



1. Hacking 

Hacking means gaining unauthorised access to any computer system, network or device with  an intent to steal sensitive information, cause, disruptions or demonstrate vulnerabilities. The  hackers may manipulate data and breach security protocols to get access. 

Hacking is further divided into two parts, white hat and black hat.  

White hat includes those ethical hackers who use their skill to get pre alerts and fix breaches  and vulnerabilities. These are generally employed people in security assessment departments  hacking devices which pose threat to the security. This type of hacking is done within the course  of employment and is not punishable. 

National Cyber Crime Reporting Portal available at : 

( visited on 28th Sep; 2023).

Black hat hacking includes those hackers who exploit vulnerabilities for personal gain, often  engaging in criminal activities like stealing data, distributing malware, or conducting fraud.  Black hat hacking is a criminal offence under various statutes of different countries. 

2. Malware 

Malware” is a broad term encompassing various forms of malicious software. This includes  viruses, worms, Trojans, spyware, and other software designed to compromise or damage  computer systems. It is created with the intent to infect systems, steal data, or provide  unauthorized access to cybercriminals.  

These malwares appear to be genuine but infect the system secretly by compromising various  personal data such as passwords, credit card credentials and personal data. 

3. Ransomware 

Ransomware is a specific type of malware that encrypts files on a victim’s system, making them  inaccessible. The primary goal of ransomware attacks is financial gain. Victims are coerced  into paying the ransom to regain access to their files.  

This type of malware can be delivered through various means, including phishing emails,  malicious attachments, infected websites, or exploiting software vulnerabilities. These have an  advanced algorithm which locks the files and data and makes then inaccessible to the users.  The attacker then demands ransom in exchange for decryption key. Even after paying the  ransom amount there is no guarantee for the decryption key. The attacker might as well might  not provide the key. 

4. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks 

DoS and DDoS attacks include flooding the targeted device or network with an aim to disrupt  a website, service, or network  

In a DoS attack, a single source floods the target. And in a DDoS attack, multiple sources  coordinate to flood the target. 

A DOS attack is carried through various methods including; 

-Bandwidth Attacks: These include flooding a target server or network with a massive volume  of traffic, overwhelming its capacity to handle legitimate requests.

-Resource Depletion Attacks: These attacks aim to deplete system resources, such as CPU,  memory, or disk space, making the system slow or unresponsive. 

-Protocol Exploits: These target vulnerabilities in network protocols or services, causing them  to become unresponsive or crash. 

-Application-Layer Attacks: These attacks target specific applications or services,  overwhelming them with a high number of requests. 

The above-mentioned are the most common ways through which a DoS attack is carried out.  The intention behind these attacks is to render the targeted service or website unavailable,  causing financial losses or reputational damage. 


Phishing involves sending fraudulent emails or messages that appears to be genuine and from  reputable sources. These messages aim to trick individuals into revealing sensitive information  like usernames, passwords, or credit card details. These e-mails generally have generic  greetings or no personalized information and have an Urgent or threatening language to create  a sense of urgency and fear in the mind of users. 

These e-mails requests users to share sensitive information like passwords or credit card  credentials. The primary intent of phishing is to steal valuable information for fraudulent  purposes. Once such sensitive information is obtained it may be used for theft, blackmailing or  further attacks. This can include unauthorized access to accounts, financial theft, or identity  theft. 

2. Social Engineering 

Social engineering is a manipulation technique that deceives individuals or organizations into  revealing or submitting confidential information or perform actions that compromise security. 

The methods are lucrative and compel the user to submit the credentials. These include discount  offers, free trips, lottery draws, quizzes and surveys. 

Social Engineering may also be done through phone calls appearing from genuine sources.  They constantly keep in touch with the targeted person offering them lucrative deals and offers.  As a result, users are manipulated into submitting their personal information.

The intent or purpose of social engineering attacks can vary widely. It may be for financial gain  resulting in identity theft or obtaining sensitive information resulting in blackmailing, gaining  unauthorized access resulting in stalking or causing harm to an individual or organisations  resulting in cyber-bullying.  

3. Online Scams and Financial and Banking Fraud 

Online scams and fraud encompass a wide range of deceptive schemes designed to trick  individuals or organizations for financial gain. This can include lottery scams, investment  fraud, and fake tech support calls in order to commit banking and financial frauds which  involves illegally accessing or manipulating financial accounts, credit card fraud, and various  forms of financial deception. 

The main purpose of online scams and fraud is to deceive victims into providing money,  personal information, or access to their financial accounts. 

Online scams and frauds done by the way of lottery prizes, tech support scams and  impersonation scams. These trick the users in believing that they are from reliable sources  and are genuine and real. The scammers present themselves to be very polite and co-operative  which tricks the users into believing in the truthfulness of their statements. 

The target victims are generally old and illiterate people who do not possess the required  knowledge of technology and get easily influenced. 

4. Intellectual Property Theft  

Intellectual property theft involves unauthorized reproduction, distribution, or use of  copyrighted materials, patents, trademarks, or trade secrets. It includes Unauthorized  copying, distribution, or use of copyrighted works, use of trademarks or logos. 

Unauthorized use, manufacture, or sale of a patented invention without the patent holder’s  permission and unauthorized access or disclosure of confidential information or trade secrets  that provide a competitive advantage to a business are also involved in this category. 

The purpose of intellectual property theft is to profit from the unauthorized use or distribution  of valuable intellectual assets. It involves selling counterfeit goods, replicating patented  technologies, or distributing copyrighted materials without proper authorization. 



This is the most commonly committed cybercrime. No technological expertise is required by  the attacker to commit this type of offence. It involves coercing an individual or organization  by threatening to reveal damaging information or commit harmful acts. In the digital realm,  extortion often takes the form of cybercriminals demanding payment or other concessions to  prevent the release of sensitive information or to prevent a cyberattack.  

The attackers first gather sensitive information through use of unfair means and then  blackmail the users to release that sensitive information on different social platforms if the  demanded money is not aid. The information includes personal chats, photos and videos. 

The purpose of extortion is to obtain money, property, or services from the victim through  threats, often leveraging sensitive or damaging information 

Child Exploitation, Cyberbullying and Online Extremism and Hate Crimes 

In the modern world social media holds a very powerful place. It can be used as a weapon if  given in wrong hands. The attackers usually use social media and other platforms to harass,  intimidate or harm individuals. It also involves using online platforms to spread hate speech,  promote violence, or engage in extremist ideologies. 

The purpose behind such crimes is to promote extremist ideologies, incite violence, or target  individuals or groups based on race, religion, nationality, or other characteristics or to cause  emotional distress, fear in the mind of victim, or harm to the victim, often driven by personal  animosity, prejudice, or a desire for power over the victim. 

Cyber bullying and hate speech also include child exploitation which involves the production,  distribution, or possession of explicit materials involving minors, as well as online  solicitation of minors. 

The attackers of such offences are generally driver by a desire to take revenge of some past  activity by the victim or the guardians of the victim. The intent behind such crimes is to  exploit and abuse minors for sexual purposes, as well as to distribute explicit materials  involving minors

Terrorist Activities 

Terrorist activities in cybercrime refer to the use of digital tools, technologies, and platforms  to plan, coordinate, or promote acts of terrorism. Cybercrime has become an integral 

component of terrorist tactics, allowing the attackers to exploit the internet for recruitment,  communication, fundraising, and even launching cyber-attacks against critical infrastructure  and alien countries. 

Internet is used as a medium to spread anti propagandas and to incite people to join the  unlawful activities. It includes social media and other online platforms to radicalize and  recruit people. 

Apart from that cyber- attacks targeting the protected computers systems are also included in  this category. The planning and execution of a physical attack can also be coordinated  through use of computers. 

The purpose of such extreme activities is to further ideological, political, or religious goals  through the planning, coordination, or promotion of acts of terrorism. 


1. Use Strong and Unique Passwords: 

Create passwords that are complex and known only to you. Avoid using easily  guessable information like birthdays or common words. 

2. Enable Multi-Factor Authentication (MFA): 

Activate MFA wherever possible. This adds an extra layer of security by requiring a  second form of authentication, like a temporary code sent to your phone. 3. Keep Software and Devices Updated: 

Regularly update your operating system, applications, and antivirus software to patch  security vulnerabilities. 

4. Install Antivirus Software: 

Install reputable antivirus and anti-malware software on your computer and keep it up  to date to protect against known threats. 

5. Use the Internet and Online Services Vigilantly: 

Be cautious with unsolicited emails or messages asking for personal information.  Verify the sender’s identity and avoid clicking on suspicious links or downloading  attachments. 

6. Use Secure Connections: 

Make sure websites use encryption (look for “https://” in the URL) before sharing  sensitive information. 

7. Monitor All Accounts, Including Bank Accounts:

The user must regularly review their bank accounts, credit reports, and online  transactions for any suspicious activity. 


Taking everything into account, as our dependence on computerized innovation keeps on  developing, the significance of network safety couldn’t possibly be more significant. Preventive  estimates assume a significant part in shielding people and associations from succumbing to  cybercrimes. Whether it’s major areas of strength for executing, routinely refreshing  programming, or instructing oneself about phishing and social designing strategies, proactive  advances can altogether diminish weaknesses.

Cybercrimes manifest in two primary forms:  those where computers serve as the medium and those where computers are the target.  Understanding these distinctions is vital in crafting effective defence strategies. As technology  evolves, so do the methods employed by cybercriminals, making it imperative that we keep  pace and adapt. 

The requirement for thorough digital regulations turns out to be progressively obvious in this  computerized age. Such regulations can give the legitimate system important to arraign  cybercriminals and safeguard the freedoms of casualties. As we push ahead, cooperative  exertion between people, organizations, and states is fundamental to make a more secure and  safer the internet for all. 

This article has been written and presented by Vaidehi Sharma and Sriganesh Ji.

Leave a Reply