Who are behind a cyber attack or cyber crimes is a very crucial aspect to decide to punish the guilty. Of course, this requires tremendous cyber forensics capabilities and cyber crime investigation capabilities.
Cyber crimes and cyber attacks are increasing world over. The semi anonymous nature of Internet has also encouraged these criminal activities. Besides there are many methods to conceal the identity of an accused and mixing within the crowd is one such method.
In many cases the offender hides himself among law abiding and legitimate Internet users. Many times even the identity of such law abiding users is stolen to commit the crime or launch a cyber attack.
Even worst, many computers are compromised and made part of the botnet that are used for all sorts of illegal activities over the Internet. For instance, for online advertisement industry alone, botnet are causing losses upto the extent of $6 million a month.
Even sensitive government secrets are not spared. Recently the computer systems of DRDO and security officials breached and sensitive information was leaked on the Internet. In fact, Internet is full of unprotected and unsafe devices, SCADA systems and computers.
When an accused commits a cyber crime by mixing among the legitimate and law abiding crowd, it becomes imperative to ascertain, with great certainty, that a particular culpable act has been committed by a particular person alone.
We at Perry4Law Organisation and Perry4Law’s Techno Legal Base (PTLB) believe that “authorship attribution” is an important aspect of “determining the culpability” of an offender where the means to commit the offence are common and accessible to many people simultaneously. Data mining and profiling of the accused to “attribute culpability” to him/her alone is an emerging area of cyber crime investigation and India must pay more attention to this branch.
India is still struggling to achieve these capabilities. Further, regulations and guidelines for effective investigation of cyber crimes in India are still missing. Cyber crime investigation in India is still not mature and cyber crime cases are still not handled properly in India.
There is an urgent need on the part of Indian government to ensure techno legal skills development in India for law enforcement agencies. Further, modernisation of law enforcement agencies of India is also required. Parliamentary oversight of law enforcement agencies and intelligence agencies of India is another crucial factor this has been missing for decades in India.
Fortunately, Indian government is planning a legislation mandating strict cyber security disclosure norms in India. This is an essentially required legislation as companies and banks in India are not reporting cyber attacks, cyber crimes and cyber frauds.
Indian government must also make it sure that the cyber security infrastructure in India must be established as soon as possible. The critical information infrastructure protection agency of India must also be established as soon as possible. The cyber security policy of India must be formulated as soon as possible and all the abovementioned aspects must be made part of the same.