In the digital era, Information Technology (IT) is pivotal, reshaping human life and introducing social, political, and ethical challenges, especially in cyberspace. Cybercrime, a significant concern, involves offenses like security breaches, information theft, and mobile exploits. As IT advances, so does the sophistication of cybercriminals, while legal frameworks lag, often reacting inadequately. Cybersecurity, involving technologies, processes, and policies, aims to defend against cyberattacks, protecting systems, networks, and data.

This research paper explores the interplay between cybersecurity and law, highlighting ethical, social, and legal dimensions of cybercrime. It emphasizes the need for user awareness and robust legal strategies to address the dynamic nature of cyber threats. The study aims to contribute to the discourse on combating cybercrime and enhancing digital resilience, advocating for a balance between technological progress and strong legal protections to ensure a secure and ethical digital environment.

Introduction
[1]Cybercrime, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy.

Cybercrime is a serious concern in the current digital era. It may take down entire networks in a matter of seconds, compromise military data, interfere with vital infrastructure, and deceive transportation systems. The philosophical field of ethics, which deals with what is right and wrong, encompasses a number of areas, including business ethics, legal ethics, bioethics, medical ethics, engineering ethics, and most notably, computer ethics. As technology has advanced, ethical issues in cyberspace have gained importance, especially in light of the rise in cybercrimes. Cybercrime includes a broad spectrum of illegal actions involving computers

Ethical issues in cyberspace have grown in significance with the emergence of cybercrimes, which comprise a broad spectrum of illicit actions made feasible by computers or networks. In the digital age, cybercrime poses a serious threat since it has the ability to quickly and severely damage infrastructure, compromise data, and disrupt global networks. In order to understand and counter the increasing cyber risks in India, this report examines the country's current legal frameworks as well as the urgent need for robust cybersecurity measures.

Crime has been interpreted historically and has reflected societal goals from prehistoric religious readings to mediaeval intellectual viewpoints. Both benefits and new avenues for criminal activity are brought about by modern technology, particularly in relation to data breaches and online crimes like identity theft.

Rise Of Cyber Crimes

[2]On average, there are 97 cybercrime victims every hour, which equates to a new victim approximately every 37 seconds. Moreover, in 2022, there have been instances where the data of 2 internet users was leaked every second. This marks an improvement from the previous year, 2021, when the rate was 6 users per second experiencing data leaks. The rise of social media platforms has opened new avenues for cybercriminals to exploit. [3]In 2022, Meta, the parent company of Facebook, discovered over 400 malicious iOS and Android applications designed to steal users' Facebook login credentials.

Among these, 43% masqueraded as innocuous 'photo editor' apps, allowing users to transform their photos into cartoons. Another 15% posed as 'business utility' apps, promising hidden functionalities absent in legitimate platforms' official apps. To deceive users, cybercriminals use fake reviews to boost their apps' rankings and mask negative feedback that exposes their flaws. Once installed, these apps prompt unsuspecting users to log in using their Facebook credentials, thereby granting hackers access to sensitive personal information.

[4]In 2022, the FBI recorded 800,944 cybercrime complaints impacting a minimum of 422 million individuals globally. Projections for 2023 estimate that 33 billion accounts will be breached due to cyber attacks, translating to approximately 2,328 breaches per day or 97 victims every hour. Phishing attacks, which account for 80% of reported cyber crimes, rank as the second most common cause of data breaches at 16%, with average breach costs amounting to $4.91 million. Over the past 21 years (from 2001 to 2021), cybercrime has affected at least 6.5 million victims, resulting in estimated losses of nearly $26 billion. Looking ahead, the global annual cost of cybercrime is expected to reach $10.5 trillion by 2025, highlighting the critical need for enhanced cybersecurity measures worldwide.

Cybercrime Count Projection

Recent Cyber-Attacks
In 2022-2023, several significant cybercrimes occurred, highlighting vulnerabilities across various sectors:

• HCA Healthcare: Between February 26th to March 7th, 2023, HCA Healthcare reported a data breach affecting 11 million patients. An unauthorized party released patient information, including names, addresses, and dates of birth, though sensitive details like social security numbers and payment information were reportedly unaffected.
   
• Marriot Hotel: In 2022, Marriot suffered a hack resulting in the theft of 20 GB of guest information. This incident follows a 2020 breach where over 5.2 million guests' personal data was leaked.
   
• War in Ukraine: The conflict in Ukraine became a prime target for cybercriminals utilizing donation and fundraising scams. Phishing emails in Slavic languages increased significantly, and malware disguised as data decryption tools aimed to destroy Ukrainian systems.
   
• Shields Health Care Group: Detected in March 2022, this breach impacted over 2 million individuals across Massachusetts, exposing social security numbers, medical records, and personal information like addresses and patient IDs.
   
• Broward Health: In January 2022, Broward Health reported a breach affecting 1.35 million people, originating from a third-party medical provider. Intruders accessed patient names, dates of birth, and Social Security numbers.
   
• Novant Health: Due to a Meta pixel code misconfiguration, Novant Health disclosed potential unauthorized access to protected health information of 1,362,296 individuals. This incident prompted legal action against Meta, although no evidence indicated misuse of the disclosed data.

History
The history of cybercrime is marked by significant events, starting in 1834 when two thieves infiltrated the French telegraph system to steal financial data, an act many consider the first cybercrime. Subsequent attacks targeted the telephone system, beginning in [9]1878 when teenage boys misdirected calls in Alexander Graham Bell's company. [10]Ethical hacking emerged in 1940 when Rene Carmille reprogrammed Nazi punch card machines to thwart their efforts. The rise of email in the 1980s and web browsers in the 1990s led to phishing scams and malware, while the 2000s saw hackers exploiting social media for data theft.

The proliferation of the Internet of Things (IoT) has further expanded opportunities for cybercriminals, allowing them to hack connected devices like appliances and systems, causing extensive physical damage. Cybercrime is a serious concern in the current digital era. It may take down entire networks in a matter of seconds, compromise military data, interfere with vital infrastructure, and deceive transportation systems. Crime has been interpreted historically and has reflected societal goals from prehistoric religious readings to mediaeval intellectual viewpoints. Both benefits and new avenues for criminal activity are brought about by modern technology, particularly in relation to data breaches and online crimes like identity theft.

Cyber Crimes in India

India ranks as the world's second-largest internet market with approximately 688 million active users, engaging predominantly on platforms like Facebook, YouTube, Twitter, Instagram, WhatsApp, and Snapchat. [11]Despite this expansive internet user base, there exists a stark gender disparity: 67% of users are male, while only 33% are female. This gender gap significantly contributes to the increasing incidents of cybercrimes targeting women. Cybercrimes encompass unlawful activities conducted through digital channels and technology.

These offenses can target individuals, property, or governmental entities, but this discussion focuses specifically on crimes against women. According to the National Crime Records Bureau (NCRB), there was a notable rise in cybercrime cases from 21,796 incidents in 2017 to 27,248 in 2018. In response to this trend, the NCRB began categorizing crimes against women and children separately starting in 2017.

Since the 1990s, advancements in information technology have facilitated widespread internet access even among households with modest incomes. The internet has fostered a virtual environment for sharing, cultural exchange, and numerous opportunities. However, it has also become a breeding ground for cybercriminals who exploit anonymity to perpetrate crimes, often escaping legal consequences. The rapid expansion of the internet complicates efforts to detect and regulate such activities, leading to a surge in cybercrimes specifically targeting women.

India's cybersecurity landscape is bolstered by a comprehensive framework of regulations and policies aimed at safeguarding data integrity and combating cyber threats. At the core of these efforts lies the Information Technology Act, 2000, which forms the foundational legal framework governing cybersecurity practices, data protection, and cybercrime prevention in the country. Managed by CERT-In (Computer Emergency Response Team - India), this act mandates that businesses and organizations adopt reasonable security practices and procedures to protect sensitive information. It also imposes penalties for the unauthorized access, use, and disclosure of personal data, ensuring accountability and deterrence in digital transactions.

Legal frameworks
The [12]Information Technology (Amendment) Act, 2008 further strengthens these provisions by expanding the definitions of cybercrimes and enhancing the legal framework for cybersecurity. This amendment holds intermediaries responsible for content and data hosted on their platforms, compelling them to adhere to stringent data protection measures. It extends its jurisdiction to cover not only Indian entities but also foreign organizations operating within the country's digital space, thereby ensuring a comprehensive regulatory approach.

In parallel, the Information Technology Rules, 2011 specify detailed guidelines for intermediaries and impose penalties for cyber offenses such as data breaches and unauthorized publication of private information. These rules are crucial in regulating sectors such as banking, insurance, telecommunications, and healthcare, where data privacy and security are paramount.

The [13]National Cyber Security Policy, 2013 complements these laws by outlining a strategic vision to create a secure cyberspace, develop a skilled workforce in IT security, and enhance resilience against cyber threats. Meanwhile, the recently introduced IT Rules, 2021 replace their 2011 counterparts and impose additional responsibilities on large social media intermediaries, including mandatory grievance redressal mechanisms and compliance audits. Looking ahead, the impending Digital Personal Data Protection Act, 2023 aims to align India's data protection standards with global benchmarks, echoing principles found in the European Union's General Data Protection Regulation (GDPR).

This legislation mandates data fiduciaries to ensure the accuracy and security of personal data, implement robust cybersecurity measures, and promptly report data breaches. It also establishes the Data Protection Authority of India to oversee compliance and enforce regulations across sectors. Supporting these regulatory efforts are key governmental bodies like CERT-In, which serves as the national nodal agency for cybersecurity incident reporting and response. CERT-In's mandate includes setting a strict six-hour deadline for reporting cybersecurity breaches, ensuring swift mitigation of risks and threats to critical infrastructure.

Furthermore, the National Critical Information Infrastructure Protection Centre (NCIIPC) plays a crucial role in safeguarding critical information systems across sectors such as power, banking, telecommunications, and government. Sector-specific regulators like the Securities and Exchange Board of India (SEBI) and the Insurance Regulatory and Development Authority of India (IRDAI) enforce cybersecurity guidelines tailored to their respective industries, promoting data integrity and risk management practices.

In the telecommunications sector, the [14]Telecom Regulatory Authority of India (TRAI) and the Department of Telecommunications (DoT) regulate user data privacy, imposing strict consent requirements for the processing of personal data. Together, these regulatory bodies and frameworks collectively reinforce India's cybersecurity architecture, addressing evolving threats and promoting robust data protection practices across diverse sectors of the economy.

The surge in cybercrimes against women in India can be attributed largely to their reluctance to report such incidents, often out of fear of familial shame. Many victims even blame themselves for the crimes perpetrated against them. Exploiting these vulnerabilities, cybercriminals engage in tactics such as forming online relationships to gain trust and subsequently sending obscene messages, thereby perpetuating a cycle of intimidation and silence.

According to a 2016 survey by the Feminism in India portal, 58% of respondents reported experiencing online aggression, yet a significant 38% refrained from taking any action against their perpetrators. This underreporting not only emboldens offenders but also puts other potential victims at risk. It is crucial for victims to come forward and report these crimes to prevent further incidents and ensure the protection of others vulnerable to similar exploitation.

Cybercrimes against women
Addressing the rising tide of cybercrimes against women necessitates multifaceted preventive measures. Despite the inevitability of sharing personal information online, exercising caution remains paramount. Vigilance against phishing attempts and safeguarding email addresses are critical. Understanding and adhering to privacy policies on websites can help mitigate risks associated with fraudulent platforms aimed at extracting personal information.

Combatting online harassment must be integrated into broader efforts against gender-based abuse. Remaining informed about technological advancements is crucial in countering online crimes that often exploit user ignorance. Collaborative initiatives involving media, clubs, associations, and women's networks are indispensable in promoting female leadership and decision-making within society.

The internet, with its expansive reach and veil of anonymity, presents unique challenges in combating cybercrime, particularly when it targets women. India, being the world's second-largest internet market with 688 million users, exhibits a stark gender divide with 67% male and 33% female users. This discrepancy significantly contributes to the escalating frequency of cybercrimes against women, exacerbated by their limited awareness of legal protections and their rights within the existing legislative framework.

Cybercrimes encompass a wide array of illegal activities facilitated by the anonymity and global reach of the digital realm. While specific laws directly addressing cybercrimes against women are lacking, offenses can still be prosecuted under the Indian Penal Code (IPC) and the Information Technology (IT) Act. The IPC, as the general criminal code of India, has been updated to incorporate cybercrimes, with the IT Act focusing specifically on crimes involving information technology, following its 2008 amendment which broadened its scope to include cyber offenses.

Measures to take
Efforts to monitor and report online violence and cybercrimes must be prioritized. Establishing an anonymous e-portal for reporting cybercrimes against women, coupled with a comprehensive criminal database accessible to law enforcement agencies, can empower victims and aid in swift legal action. Raising awareness about rights and safe practices on digital platforms is pivotal.

Educational institutions should incorporate contemporary issues related to online crimes into their curricula and promote safe internet usage. Strengthening regulations for Internet Service Providers (ISPs) to monitor and report suspicious activities is crucial for early intervention and crime prevention. Despite the robust legal framework in place, victims often remain silent due to societal stigma, while perpetrators exploit the perceived ease and low risk associated with online offenses. High-profile cases like the "boy's locker room" incident in Delhi, where teenage boys shared derogatory content about underage girls on social media, highlight the normalization of objectifying women.

Implementing preventive measures like data security and password protection, while essential, only scratch the surface of deeper issues rooted in patriarchal norms and misogyny. Addressing these systemic challenges requires long-term strategies such as evolving societal norms alongside technological advancements. Promoting digital literacy, establishing stringent data security protocols, expanding technology access for women and girls, and enacting specific laws addressing cybercrimes against women are imperative steps forward. However, laws alone are insufficient without active enforcement and societal support to ensure justice for victims.

The online realm, initially perceived as a sanctuary, mirrors real-world dangers for women, necessitating comprehensive efforts to protect and empower them. Through education, awareness campaigns, and rigorous enforcement of laws, we can foster a safer digital environment where women are informed, protected, and able to navigate the online world without fear of exploitation or harassment.

Making a complaint
In light of the rapid technological advancements and the consequential increase in cybercrimes, it is imperative to establish robust mechanisms for reporting and addressing such offenses to safeguard victims effectively. Here's a comprehensive guide on how to file a cybercrime complaint in India: Begin by reporting the incident to Cyber Cell India, either through their online portal, helpline number, or in person. Submit a written complaint detailing your name, contact information, and mailing address to the cybercrime cell in your city. Given the global jurisdiction of cybercrimes, complaints can be filed at any cybercrime cell across India, irrespective of your location.

If access to a cyber cell is unavailable, approach your local police station to file a First Information Report (FIR). If the station declines to register the complaint, seek recourse with a judicial magistrate or police commissioner. Alternatively, you can file an FIR under the Indian Penal Code (IPC) for offenses falling within its purview, with police officers mandated to register such complaints under section 154 of the Code of Criminal Procedure.

Notably, most cybercrimes categorized under the IPC are cognizable offenses, eliminating the need for warrants in arrests or investigations. While the Ministry of Home Affairs is currently developing a centralized online portal for cybercrime registration to streamline the process, the Cyber Crime Cell of the Delhi Police has already launched an online platform for registering complaints, aiming to enhance accessibility and efficiency in handling cybercrime cases.

Conclusion
In summary, the swift development of information technology (IT) has significantly changed society, posing both advantages and difficulties, especially in the area of cybersecurity. Cybercrime is a broad category of illegal activity that poses a major risk to people, businesses, and governments. Legal frameworks often lag behind technological advancements in cybersecurity, failing to keep pace with the increasing complexity of cyberattacks. Privacy violations and identity theft are two ethical concerns that highlight how crucial it is to incorporate ethical considerations into cybersecurity rules. Improving digital resilience and putting in place efficient legal rules depend heavily on raising user awareness and fostering international cooperation.

To tackle these systemic issues, long-term approaches are needed, like changing social standards in tandem with technology development. Important steps ahead include implementing laws specifically addressing cybercrimes against women, improving technology access for women and girls, promoting digital literacy, and creating strict data security measures. But without proactive enforcement and social support, laws by themselves cannot guarantee victims' justice.

References:

• The Evolution Of Cyber Crime, Legalserviceindia.com, 2021 [Online] available at: https://www.legalserviceindia.com/legal/article-8382-the-evolution-of-cyber-crime.html (last visited June 17, 2024).
   
• Cybercrime: History, Global Impact & Protective Measures [2022], BlueVoyant, 2022 [Online] available at: https://www.bluevoyant.com/knowledge-center/cybercrime-history-global-impact-protective-measures-2022 (last visited June 17, 2024).
   
• A Study on Cyber Crime and its Legal Framework in India - International Journal of Law Management & Humanities, International Journal of Law Management & Humanities, 2022 [Online] available at: https://ijlmh.com/paper/a-study-on-cyber-crime-and-its-legal-framework-in-india/ (last visited June 17, 2024).
   
• Nandan Gowda, CYBER-CRIMES AND INDIAN LEGAL REGULATORY FRAMEWORK – A REVIEW | RostrumLegal Rostrumlegal.com, 2023 [Online] available at: https://www.rostrumlegal.com/cyber-crimes-and-indian-legal-regulatory-framework-a-review/ (last visited June 17, 2024).
   
• Top Cybersecurity Regulations in India [Updated 2024] | UpGuard, Upguard.com, 2024 [Online] available at: https://www.upguard.com/blog/cybersecurity-regulations-india (last visited June 17, 2024).
   
• Sneha Mahawar, Cybercrime : types, consequences, laws, protection and prevention - iPleaders iPleaders, 2022 [Online] available at: https://blog.ipleaders.in/cyber-crime-types-consequences-laws-protection-and-prevention/#Cyber_Crime_Complaint_Online (last visited June 17, 2024).
   
• 90+ Cyber Crime Statistics 2024: Cost, Industries & Trends, Astra Security Blog, 2022 [Online] available at: https://www.getastra.com/blog/security-audit/cyber-crime-statistics/ (last visited June 17, 2024).

End-Notes:

1. Cybercrime | Definition, Statistics, & Examples | Britannica, Encyclopædia Britannica, 2024.
2. The Latest Cyber Crime Statistics (updated June 2024) | AAG IT Support, AAG IT Services, 2024available at: https://aag-it.com/the-latest-cyber-crime-statistics/ (last visited June 17, 2024).
3. Beware of malicious apps that want to steal your Facebook login, euronews (Euronews.com, 2022)available at: https://www.euronews.com/next/2022/10/10/meta-uncovers-400-malicious-apps-designed-to-steal-your-facebook-login (last visited June 17, 2024).
4. Internet Crime Complaint Center Releases 2022 Statistics | Federal Bureau of Investigation, Federal Bureau of Investigation, 2022available at: https://www.fbi.gov/contact-us/field-offices/springfield/news/internet-crime-complaint-center-releases-2022-statistics (last visited June 17, 2024).
5. These are the 11 biggest health data breaches of 2023 Ron Southwick, OncLive (OncLive, 2024)available at: https://www.chiefhealthcareexecutive.com/view/these-are-the-11-biggest-health-data-breaches-of-2023 (last visited June 17, 2024).
6. Lessons Learned From the Marriott Hack of 2022 Threater, 2022available at: https://www.threater.com/blog/lessons-learned-from-the-marriott-hack-of-2022/ (last visited June 17, 2024).
7. The Ukraine War & Cyberattacks Targeting Refugees and Humanitarian Organizations - The Henry M. Jackson School of International Studies Jessica Beyer, The Henry M. Jackson School of International Studies, 2023available at: https://jsis.washington.edu/news/the-ukraine-war-cyberattacks-targeting-refugees-and-humanitarian-organizations/ (last visited June 17, 2024).
8. Broward Health Data Breach Impacts 1.3 Million People Ionut Arghire, SecurityWeek, 2022available at: https://www.securityweek.com/broward-health-data-breach-impacts-13-million-people/ (last visited June 17, 2024).
9. History Of Cybercrimes - Part I» admin, Cybermithra / ಸೈಬರ್‌ಮಿತ್ರ, 2024available at: https://cybermithra.in/2024/05/01/history-of-cybercrimes-part-1/ (last visited June 17, 2024).
10. Salt Lake City Cybersecurity Summit Caleb Townsened, United States Cybersecurity Magazine, 2018available at: https://www.uscybersecurity.net/hacking-history/ (last visited June 17, 2024).
11. India's gendered digital divide: How the absence of digital access is leaving women behind, orfonline.org, 2021available at: https://www.orfonline.org/expert-speak/indias-gendered-digital-divide (last visited June 17, 2024).
12. Articles – Manupatra Manupatra.com, 2024available at: https://articles.manupatra.com/article-details/Information-Technology-amendment-Act-2008-An-Overview (last visited June 18, 2024).
13. National Cyber Security Policy 2013 - In a nutshell - Clear IAS Alex Andrews George, ClearIAS, 2013available at: https://www.clearias.com/national-cyber-security-policy-2013/ (last visited June 18, 2024).
14. Telecom Regulatory Authority of India(TRAI) Act, 1997 | Department of Telecommunications | Ministry of Communication | Government of India, Dot.gov.in, 2018available at: https://dot.gov.in/act-rules-content/2426 (last visited June 18, 2024).

Written By: Ishaan Shergill Jacob