Namrata Kath Hazarika | 16 Aug, 2010
Noting that cyber crimes have risen alarmingly in India in recent times, Prashant Mali, Lawyer and President of Cyber Law Consulting in an exclusive interview to SME Times added that awareness on Cyber security is the need of the hour in the country.  

Excerpts of the interview...

Reports say that there is a rise in cyber crimes in India. What can be done to mitigate cyber crimes?
Prashant Mali: Yes, cyber crimes have risen alarmingly due to increasing reliance on cyber space by the corporate and individuals.

To mitigate cyber crime awareness, training programs about what is cyber crime and what is not a cyber crime amongst citizens and netizens by the government and non-government agencies are must. This applies to corporates for their employees too who should follow the global best security practices. A better controlled infrastructure of Law and Enforcement Agencies should be envisaged. Moreover, courses on cyber security in school and college courses should also be imparted.

What kind of legal infrastructure does the IT (Amendment) Act 2008 provides in order to deal with cyber crime issues?
Prashant Mali: The ITA A2008 is a very robust Act with regard to current cyber crime scenario. This amended Act has clear definitions of data theft, hacking, pornography and child pornography, impersonation, cyber terrorism and cyber security to name a few. This Act has also defined usage of electronic signature  and encryption algorithm specifications. A police inspector is now an investigating officer for cyber crime related cases and cases are filed in normal courts as any other crime.

Cyber frauds are usually faced by the corporate world and we know that it cannot be taken for granted. What are the major cyber frauds faced by the corporate world while doing business with overseas companies?
Prashant Mali: Some of the cyber frauds are the Illegal online bank transfers, repeat order processing, false or misleading application information, first-time payment default (for reasons that cannot be identified), fictitious identity of a business, identity theft of a business, email hacking and unauthorized email forwarding to personal accounts. These frauds are extremely technical and normally get proved after physical audits or as a consequence of audits of other department.

Is there any solution against Nigerian Scams, which are the simplest Cyber frauds these days?
Prashant Mali: Awareness campaigns through print and online media which at some extent is undertaken by banks, RBI and Income Tax departments. It should be taken in the rural areas because it is found that rural Internet users are falling prey to various Nigerian scams.

Other solutions I perceive and suggest is that the Government and Indian Computer Emergency Response Team (CERT-In) should have a national level database of spam email addresses, IP addresses and specific words updated on regular basis and provide it free to all Indian Firewalls so they can be blocked effectively.

What are the kinds of online frauds that usually take place?
Prashant Mali: Online Frauds are the illegal online bank transfer. In this case, the bank customers are found reporting to risk contamination units of various banks complaints as to sudden reduction of bank balance, or transfer of money which they have not initiated. In fact, the credit card frauds are also popular ones. Here, the credit card numbers along with details are sold across the Internet to online fraudsters from different countries. Indian mule bank accounts are used for holding illegal bank transfers for which they are paid peanut commissions. Data Theft is another critical area as various product users of banks get compromised. The data are sold in the international market. Besides these, hacking is the common of all where the passwords and login ids of Internet banking customers are hacked through technical know-how or also through social engineering.

Can we hope a national policy on cyber security and what kind of initiatives need to be taken under this policy?
Prashant Mali: The National Policy should state what should be the bare minimum security each corporate and government agencies should follow and also the policy should recommend audits of this policy compliance to check for violations, if any. Also this National Policy should have clear dictat on usage of foreign networking software and hardware products.

Why does Indian law not make cyber crime a non-bailable offence as there is the growing menace of Internet threat?
Prashant Mali: Any non-bailable offence places unlimited power in the hands of police and the problem with democracy is the sections can be misused by the law and enforcement authorities because everyone knowingly or unknowingly keeps committing one or other cyber crime again and again for the want of information. Pornography, cyber terrorism are still non bailable offence.

How much government mechanism is there in the country for Internet security as compared to other nations?
Prashant Mali: Internet security should always be coupled with political will in a democracy which is lacking in India. The government mechanism is slowly picking up to security expectations, but the speed needs to improve. We are better poised along with other nations if the IT Act 2008 is implemented and compliance is achieved with full blood by the government agencies and corporates.