![]() ![]() Section 65: Tampering with computer source documents, punishable with imprisonment of up to three years or with a maximum fine of Rs.Section 43, read with section 66: Damage to a computer/ computer system without the owner’s consent, punishable with imprisonment of up to three years or a fine or Rs.The relevant provisions of the IT Act applicable to such acts, inter alia are: Ī ransomware attack often results in concealment, damage, disruption, theft, alteration, deletion of data or a computer code, programme, system, network, and includes the introduction and/ or spread of virus therein. The provisions of the IT Act have an overriding effect over any other law for the time being in force. However, the Indian legislature has enacted a special statute, i.e., the Information Technology Act 2000 (“ IT Act”), along with rules framed thereunder to deal with electronic governance and cybercrimes. A ransomware attack, subject to the facts and circumstances of each case, may constitute an array of offences including, criminal conspiracy, theft, extortion, cheating, dishonest inducement of property, fraudulent removal/concealment of property, mischief and/or criminal intimidation under Sections 120A, 120B, 378, 379, 383, 384, 415, 416, 417, 419, 420, 424, 425, 426 and 503 of the Indian Penal Code, 1860 (“ IPC”), respectively. Decryption Phase –The victim, if he/ she has complied with the demands of the attacker, receives a decryption tool to regain control of the data, without any guarantee.Ī ransomware attack is not only penal in nature, but also directly in the teeth of the fundamental right to privacy, enshrined under Article 21 of the Constitution of India.Pertinently, due to the pseudo-anonymity of cryptocurrencies, coupled with the fact that it only records a public address, comprising a string of random numbers and letters, cryptocurrencies are one of the preferred modes of payment of ransom for such transactions. Such payment is often demanded through pseudo-anonymous mediums (recently through cryptocurrencies) in an attempt to prevent tracking of the transactions. Extortion Phase – The victim usually receives a communication for the payment of the ransom amount in return for a decryption tool/ key to release the data.Encryption Phase –The malware encrypts the target data stored on the host’s servers, while deleting any backup that may be present.Infection Phase –The attacker selects the medium of attack and uses pre-decided methods to introduce malware onto the host’s computer device. ![]() This may also involve setting up bogus websites and/or a flurry of phishing fraudulent emails.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |