Relationship Between Cyber-Security Cyber-Forensics

Crimes are happening and will happen in future as well. But in today’s modern era, crime is also happening in a modern way, i.e. via internet and computer which is formerly known as cyber-crime. Cyber crime has increased the threat not only to individual to an individual, or company but also to nation’s security.  A report published in 2014, estimated that the damage to the global economy annually was around $445 billion.

Meaning

Cyber security is the use of advances, cycles and controls to ensure frameworks, systems, projects, gadgets and information from cyber assaults. It expects to decrease the danger of cyber assaults and secure against the unapproved abuse of frameworks, systems and advances.

As per Section 2 (1) (n)(b), The Information Technology Act, 2000[i]

“Cyber Security” means protecting information, equipment, devices computer, computer resource, communication device and information stored therein from unauthorised access, use, disclosure, disruption, modification or destruction.

Cyber Forensics is a simple to use of computer investigation and analysis methods in the light of legitimate concern for deciding possible lawful proof. Forensic computing is the way toward recognising, protecting, investigating and introducing the computerised proof in a way that is lawfully worthy. It is the investigation of evidence from attacks on computer framework to realise what has happened, how to keep it from repeating and the degree of the harm.

The aim of cyber forensic examinations is to recover the evidence to support or oppose a criminal activity. It requires the investigators to collect and analyse the electronic evidence. It exists in forms, such as fingerprints reading, blood analysis, toxicology, DNA mapping, facial reconstruction, handwriting, paternity issues, ballistics, chemical analysis, autopsy, disputed document analysis, Brain Electrical Activation Profile, Narco, Polygraph, Sound Spectrograph/Voice Print Studies, Signature verification, Cyber Forensics etc. All these are being used to prove crimes and prosecuting the accused[ii].

National Cyber Security Policy of India, 2013

Objective

· The Cyber Security Policy endeavours at fortification of information infrastructure in cyberspace, trim down vulnerabilities, erect capabilities to thwart and counter cyber hazards and diminish injuries from cyberSanjeev Tomar “National Cyber Security Policy 2013: An Assessment” IDS comment August 26, 2013, through a amalgamation of institutional organizations, individuals, method, technology and assistance.

· The purpose of this policy in clear word is to build a secure cyberspace ecological unit and reinforce the regulatory structure

· A National and sectoral 24X7 machinery has been visualized to deal with cyber intimidation through National Critical Information Infrastructure Protection Centre (NCIIPC).

· Computer Emergency Response Team (CERT-In) has been elected to proceed as a Pilot agency for harmonization of disaster management endeavours.

· The policy aim at promoting efficient public and private corporation and collaborative rendezvous through technical and operational assistance.

· This Policy endeavours to promote the research and progress processes in cyber security.

· The policy envisages to encourage each institutes/ organisations dealing with online contact whether public or private to assign a person to act as Chief Information Security Officer (CISO) who will be accountable for cyber security initiatives.

The National Cyber Security Policy, 2013 is a very significant effort on part of the Government of India towards safeguarding the cyber security environment of our Country, but there are certain grey areas and drawbacks which needed a review and revision to make it more efficient for future complexities. Cyber security has been grabbing the attention of lawmakers and cyber experts for the last few years and in view of the various government initiatives to turn Indian economy into the digital economy, this topic comes out to be a more significant aspect to achieve that. Secure and safe cyber security infrastructure will definitely prove to be a boon for the Indian Economy and its status in the international market. “Can we secure the world from the bloodless war? I’m talking about cyber security. India must take the lead in cyber security through innovation. I dream of Digital India where cyber security becomes an integral part of National security,” Prime Minister Narendra Modi quoted on Cyber Security. Mere formulation of policy without goal-oriented roadmaps and detailed guidelines, it is impossible to defeat the rising graph of cyber-attacks especially looking at the complex dynamic of cyber security challenges and escalating sophisticated breaches where constant supervision, detection, revision and management of cyber risks are impertinent.

Types of Cyber Forensics

  1. Data forensics

2. System forensics

3. Network forensics

4. Internet forensics

5. Anti-forensics

Judicial Response

Law isn’t exhaustive always, to cope up the changing pace of information technology and society; to block the loopholes of legislation, judiciary comes forward for interpretation so that laws may be inclusive to cover the incidents of cyber terrorism. As we all know that laws can’t be amended on a daily or monthly basis so the role of the judiciary for the interpretation becomes more relevant. Legislative have certain limitations for amending laws on regularity basis as per according to the changes in society, furthermore, no law can be interpreted for achieving the purpose of every individual case. Thus, the judiciary has more responsibility for giving a verdict in favour of justice as well as to recognise digital evidence. For any piece of evidence to be introduced in court, it must meet certain standards of legal permissibility that allow the court to receive and consider it. Broadly speaking, one of the prime considerations before evidence is considered admissible is its relevance to the matter at issue. Here, under this heading, a humble attempt has been made to discuss various case laws dealing with the admissibility of digital evidence.

In the very popular case of Twentieth century Film Fox Corporation v. NRI Film Production Association (Pvt) Ltd.123 the court observed that following conditions must be complied in order to authenticate the video conferencing:

  • Before a witness is examined in terms of the audio-video with as is to file an affidavit or an undertaking duly verified before a notary or a judge that the person who is shown as the wetness is the same person who is going to depose on the screen. A copy is to be made avertable to the other side.
  • The person who examines the wetness on the screen is also supposed to file on undertaking before examine the weather with a copy to the other side with regarded to identification.
  • The witness has to be examined during working hours of Indian court oath is to be administration through the media.
  • The witness should not plead any innocence on account of time difference between Indian and United States America.
  • Before examination of the witness a set of plaint written statement and other document must be sent to the witness so that the witness has acquainted with the document and an acknowledgement is to filed before the court in this reject.
  • The learned judge is to record such remarks as is material regarding the demur of the wetness on the screen.

The case of State v. Navjot Sandhu, popularly known as Parliament Attack Case, which lead to the conviction of the Respondent under various provisions of the Indian Penal Code, 1860 and the Prevention of Terrorism Act, 2002. One of the pieces of evidence relied by the prosecution and subsequently forming the basis of conviction was the call records of the accused. In appeal before the Supreme Court has occasion to adjudicate on the admissibility of the call records as electronic evidence. The Court held that printouts taken from the computers/servers by mechanical process and certified by a responsible official of the service providing Company can be led into evidence through a witness who can identify the signatures of the certifying officer or otherwise speak to the facts based on his personal knowledge. This would make the call records admissible. The Supreme Court went further on to state that irrespective of the compliance of the requirements of Section 65B of the Evidence Act which is a provision dealing with admissibility of electronic records, there is no bar to adducing secondary evidence under the other provisions of the Evidence Act, namely Sections 63 and 65.

Conclusion

With the rise of science, technology and innovation, Cyber Security and Cyber Forensic has assumed a significant job. In addition with the expansion in the cyber violations like hacking and so on, the need of cyber crime scene investigation have felt , hence different apparatuses and strategies have been produced for following the wrongdoing, making the specific report so as to make it acceptable in the official courtroom.

The current legal instruments assume an indispensable job in the part of the recuperation. Each instrument has its own compels and impediments. There is have to make these instruments and procedures more development furthermore, upgraded to make cyber criminology a full achievement and legitimately substantial in law. The fate of cyber-crime scene investigation is boundless. With the development of innovation, the field will keep on extending along with it its advantages and boundaries. Just use instruments and techniques that have been tried and assessed to approve their exactness and unwavering quality. The proof so gathered by the expert need to be dealt with and safeguarded in a suitable way, So that they can be delivered under the steady gaze of the court in its accurate way. Any cycle or system breakdown in the execution of the digital legal sciences will eventually prompt endanger of the case.

Even Justice V.S. Malimath Committee Report (2003), 185th Report of the Law Commission of India and Justice J.S. Verma Committee(2013) have suggested for making efforts in the direction of scientific criminal investigation and Computer forensics.

Frequently Asked Questions

Q1. What is Cyber Security?

Q2. What is Cyber Forensic?

Q3. What is National Cyber Security Policy of India, 2013

Q4. What are types of cyber Forensics?

Q5. How has judiciary contributed in cyber security and cyber forensic?


References

[i] https://www.indiacode.nic.in/bitstream/123456789/1999/3/A2000-21.pdf

[ii] http://ijrar.com/upload_issue/ijrar_issue_1227.pdf

[iii] https://shodhganga.inflibnet.ac.in/bitstream/10603/243141/7/07_chapter%201.pdf

[iv] https://shodhganga.inflibnet.ac.in/bitstream/10603/268180/13/13_chapter%207.pdf

Leave a Reply

Your email address will not be published. Required fields are marked *