Legal understanding of cyber warfare in India



In the 21st century it is impossible to imagine our life without the internet. The internet has become an essential part of human life. As internet use has increased, so has the struggle for power in cyberspaces, leading to the emergence of cyber warfare. Put simply, cyber warfare means the process of stealing or manipulating sensitive data over a computer network in order to cripple the financial and operational structures of a state or organization by sabotaging their networks, websites and services. The goals behind such attacks are to harm a nation with which a country is at war; or to disrupt and destroy vital computer technology of rival nations. Aside from individuals launching attacks on the Internet for financial reasons, many countries in modern times launch attacks against one another, or at least plan attacks for political reasons or to gain strategic influence over one another. In the national strategies of several countries, gaining offensive power on the cyber battlefield figures has been prominently and explicitly mentioned in the doctrines of many of them, including China, Russia and the United States. It is widely accepted that hacking networks of enemies and their allies will lay the groundwork for future cyber conflicts.


There are a number of techniques to attack a device or computer network. How to proceed depends on the purpose of the attack, ie what the attacker wants from the target. Attack tactics are categorized based on intent. You are:

Espionage and violations of national security: Espionage is the process of obtaining secret, confidential, or classified information through unauthorized methods of manipulation via the Internet, applications, and computer networks of opposing parties, nations, regimes, or governments for the purpose of military, political, and economic gain. Simply put, it is a practice of spying on specific nations and their institutions to gather data and information about the enemy.

malware: Malware is malicious software or application that can harm a device or computer system. There are many types of malware including viruses, spyware, worms, trojans, etc. This software is designed to perform a variety of malicious tasks such as: B. intercepting, encrypting, stealing, deleting or altering confidential data or sabotaging important computer resources and spying on users’ behavior, all without consent.

Denial of Service Attacks (DoS): A denial of service or distributed denial of service (DDoS) attack is a malicious attempt to overload a web server with traffic in order to shut down a server, website, or computer, making it inoperable for intended users more is available. These attacks will deter real consumers from getting the services and resources they expect. A DoS attack is carried out either by flooding the intended host or server with abnormal traffic or by transmitting data that could cause a crash. Web servers of well-known organizations such as government organizations, banks, media companies, and trade associations are usually victims of these attacks.


With advances in technology and increasing number of crimes in cyberspace, there was an immediate need for strict legal regulations to control illegal activities in cyberspace and protect the technological development framework. Illegal operations are not easily detected in the virtual world known as cyberspace and require special knowledge. In addition to specific law enforcement skills, having up-to-date law is essential to investigating cybercrime cases.


Although India does not have adequate regulations to curb cybercrime, overlook cyberwar and determine jurisdiction, in 2000 the Indian government passed the Information Technology Act 2000. The IT Act 2000 was later amended in 2008 and the amended law is now called the Information Technology Amendment Act 2008 also known as the Cyber ​​Law of India. The amended law had a separate chapter for “offences”. This chapter consisted of various cyber crimes classified into criminal offenses and their respective penalties. Additionally, some violations in this chapter are related to cyber warfare. These offenses are:


Hacking is the process of breaking through a system’s firewalls to take control of a private network or system data or computer network security system for some illegal motive. Simply put, it is the method of gaining unauthorized access to a computer system or technology. In general, hacking is done to compromise devices such as computers, cell phones, tablets and networks on the Internet. But not every hacker necessarily needs some illicit purpose to hack. Sometimes hacking is done as a challenge for financial reasons, to spy on someone, and for fun.

Under the IT (Amendment) Act 2008, hacking also refers to computer hacking and may also include activities such as:

  • A company within the computer programmer subculture.
  • An attempt to gain access to computer networks, lawfully or otherwise.
  • A computer crime.

Under Section 43(a) in conjunction with Section 66 of the IT (Amendment) Act 2008, hacking is an offense punishable by imprisonment for up to three years or a fine of up to two lakh rupees or both. However, Sections 379 and 406 of the Indian Penal Code can also be read in accordance with the IT Act to punish an offender guilty of hacking.


Viruses or worms are a type of cyber tool that can do whatever damage the designer wants. These transmit private or confidential information to third parties and then delete the data from the machine. Without an operating system reinstallation, it can even ruin the system and make it unusable. Typically, viruses load files onto the device and then customize the system to trigger the virus software every time the system starts running. By passing itself on to other future victims, it would then attempt to reproduce itself.

Sections 43(c) and 43(e) in conjunction with Section 66 of the IT (Amendment) Act 2008 and Section 268 of the Indian Penal Code apply to virus and worm propagation offenses. However, these offenses are recognizable and punishable offenses.

On July 23, 2013, a unique and dangerous version of the computer virus called “Beebone” was discovered in Indian cyberspace. “Beebone” is part of the notorious Trojan malware family that gains “privileged access” into victim’s computer by forging their identification and using intelligent and corrupt strategies to attack the most vulnerable systems in a network.


Email spoofing is the electronic cloaking of one device as another to gain an illegitimate advantage over the victim’s computer. In email spoofing, the sender’s (cyber criminal’s) email address and email body (which contains a phishing link) look similar to the email previously sent by the original sender. In a fake email, the email appears to come from a single source, but in reality the email was sent from another source with malicious intent. The phishing links in the email are used to download and install malware. This malware is then spread to other devices connected to the same network without the user’s knowledge.

Email spoofing is a public and recognizable criminal offense. Section 66-D of the IT (Amendment) Act and Sections 417, 419 and 465 of the Indian Penal Code are applicable in email spoofing cases.


With the advent of global use of technology, there is an immediate need to create strict regulations to protect a nation from cyber warfare. From what is available in India, the laws and regulations are outdated and the emergence of novel cybercrime techniques are not monitored now. This could increase the likelihood of cyber warfare in the country and act as a potential threat in cyberspace. The main problem with cyber attacks is that while the threat can be detected, it has become a challenge to identify the person behind such an attack and therefore would not be able to avoid further damage to the computer technology . Nobody can completely avoid a cyber attack, but the damage can be minimized with appropriate and efficient technology. The majority of a country’s population uses the Internet for basic services and convenience. In certain situations, cyberattacks can ultimately bring down a structure or government, causing significant financial and physical damage. So it takes strict regulations and skilled professionals to deal with crimes in cyberspace. In addition, there is an immediate need for upgrading defense networks against cyber attacks and improved counterintelligence.

Online Sources:


About Author

Comments are closed.