Debaratiitactcyberterrorimchapter

  • 1,121 views
Uploaded on

Operation Noah's Ark is a firm and proud supporter in assisting in the regulating Cyber Terrorism we have a O% tolerance to this types of activities among those who are involved in these acts.

Operation Noah's Ark is a firm and proud supporter in assisting in the regulating Cyber Terrorism we have a O% tolerance to this types of activities among those who are involved in these acts.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,121
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
22
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. 7Information Technology Act and Cyber Terrorism: A Critical Review Debarati HalderIntroduction After 9/11, it has become a trend for the militant outfits to avail cyberassistance in order to achieve extremist missions. The Kosovo conflict in 2001which also ‘inspired’ defacement of numerous NATO websites and denial ofservices by hackers who supported the anti NATO activities (Denning, 2010) andthe 1997 Internet Black Tiger’s attack on Sri Lankan embassy which involved800 emails carrying extremist messages to ‘disrupt the communications’(Denning, 2001), were some of the early evidences of ‘cyber terrorism’. The 9/11attack saw typical execution of cyber attack by Al Qaeda against the USgovernment, which carried not only the threat messages, but also defaced manywebsites, disrupted internet communication for government as well as civilamenities (Denning, 2010) and also created a huge empathy among the Muslimhackers to support the militant forum in their jihad. The trend thus turnedhighlights to Muslim jihadists and their cyber terrorism activities againstgovernments, from non-Muslim fundamentalist groups against governments. InIndia, cyber terrorism has emerged as new phenomena. The probe against the 2008serial blasts in cities like Ahmedabad, Delhi, Jaipur, and Bangalore foundconsiderable evidences of cyber terrorism (NDTV Correspondent, 2010); the 2008attack on Mumbai Taj Hotel, which is now famously known as 26/11 and the2010 blast in the holy city of Varanasi also had trails of cyber terrorism (NDTVCorrespondent, 2010). Ironically, most of these incidences involved MuslimJihadists like the Indian Mujahiddin. However, an analysis on news reports onextreme usage of cyber communications would show that spreading of terrormessages targeting State Heads or claiming responsibilities for terror attacks hadbeen done by non-Muslim youths as well. However, all these incidences indicatetwo main aspects of cyber terrorism, namely, gathering of information andspreading of the terror through cyber communications for disruption of nationalsecurity and peace. After the 26/11 attack, the Indian government had brought into effect a setof proposed amendments to the Information Technology Act 2000, which hasspecific provisions for combating cyber terrorism. The provision under sectionChapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 2. 66F discusses about cyber terrorism in the broadest sense.1 This provision actuallylays down the punishment to be meted out for actors of cyber terrorism. Thedefinition of the term cyber terrorism is glaringly missing in the said legalprovision. To strengthen the law on cyber terrorism, the Indian government hadfurther proposed a set of Rules in 2011,2 which promises to tighten the looseloops. In this chapter, I claim that, this particular law has addressed cyberterrorism from a holistic aspect; however, loopholes still exist to withhold theproper execution of the laws for prosecuting the accused. Further, in this chapter Iaim to analyze the provision of this law in the light of internationally establishednuances of cyber terrorism. This chapter will address the problem from threedifferent angles, namely: 1. The myth and truth about ‘cyber terrorism’. 2. Could laws regulate this issue? 3. Whether Indian laws really address the issues of cyber terrorism in the light of freedom of speech.Background Even though the issue of cyber terrorism has attracted huge attention fromcyber criminologists, cyber law specialists and social science researchers, very fewresearches have been done for analyzing the legal issues involved in cyberterrorism in India. Globally, the issue of cyber terrorism has been analyzed fromfour main angles, namely the missions that are involved in cyber terrorism(Denning, 2010), the methods that are followed for achieving the ultimate purposeof cyber terrorism (Denning, 2010; Wykes & Harcus, 2010), the results of cyberterrorism (Denning, 2010) and the role of laws in combating cyber terrorism(Trachtman, 2009). Most of these researches have shown that usage of cyber spaceby terrorist organizations has a three folded purpose, to spread the threat, to gainmaximum information about the target government and the governmental propertyin cases damage to property and civil society is also aimed for and to ‘recruit’ newforces (Denning, 2010). Some researches have established that cyber terrorism includes two maintypes of activities, viz., cyber crime and misuse of information technology, andtherefore it would be wrong to assume that cyber terrorism is a new kind of cybercrime (Schjolberg, 2007). It may be worthy to note that the types of cyber crimesthat are involved in cyber terrorism may vary from identity theft (Wykes &Harcus, 2010), to denial of service attack (Denning, 2010). At the same time, theextremists may leave a trail in the cyber space after the real terrorist activity hastaken place (Wykes & Harcus, 2010). This may necessarily include visits to the1 The definition can be found in Section 69F of the information technology Act, 2000 (amended in 2008).The definition will be analyzed in later parts of this chapter.2 These rules could be found athttp://www.mit.gov.in/sites/upload_files/dit/files/RNUS_CyberLaw_15411.pdfChapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 3. websites, sending emails etc. but the question, which remains, is how the policeand law and justice machinery combat this overall misuse of technology in thename of Jihad? Due to lack of proper infrastructure and easy methods of deletionof the evidences, it may become impossible for security experts and the police totrack the trouble creator (Jewkes, 2010). Further, some studies have also shownthat before 9/11, cyber terrorism was not particularly associated with jihad, butwith demands from the extremist groups from the government (Denning, 2010).After 9/11, the term cyber terrorism has been mostly associated with the cyberwarfare between Muslim fundamentalists and the government, especially the USand those national governments who support US policies and rules and regulations(Wykes & Harcus, 2010). The term cyber terrorism has been attempted to be defined from variousangles. According to the definition provided by the US national infrastructureprotection centre (2001), cyber terrorism may mean a criminal act perpetrated by the use of computers and telecommunication capabilities resulting in violence, destruction and/or disruption of services to create fear by causing confusion and uncertainty with a given population with the goal of influencing a government or population to conform to particular political, social or ideological agenda (Denning, 2010, p. 198). The term has also been defined by the International Handbook on CriticalInformation Infrastructure Protection (CIIP) 2006 Vol. II, as “attacks or series ofattacks on critical information carried out by terrorists and instills fear by effectsthat are disruptive or destructive and has a political , religious and ideologicalmotivation” (Schjolberg, 2007, p. 2). As such, the EU convention on cyber crimes,2001 had laid down strategic roles for the member parties to corroborate with eachother on 24/7 basis in cases of criminal misuse of cyber space.3 Given the fact thatcyber terrorism includes criminal misconduct and trespass in the cyber space,Schjolberg (2007) had pointed out that domestic courts therefore play great role incombating cyber terrorism. From the above literature, it could be understood that cyber terrorism is nota new phenomena. This is a criminal conduct in the cyber space to disruptpeaceful governance. Even though countries like the US had developed and is stilldeveloping strategic methods to combat cyber terrorism, lack of focused law,proper infrastructure and trained experts to trace the details of the extremist poseserious problems for countries like India to combat terrorism in cyber space.Core characteristics of cyber terrorism Cyber terrorism has some universal characteristics, which are as follows: 1. It is done to convey a particular destructive or disruptive message to the government(s).3 See chapter III, Article 23-35 of the EU Convention on Cyber Crimes, 2001.Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 4. 2. There are various methods to convey this message, viz., through denial of services, sending threatening emails, defacing of government websites, hacking and cracking of crucial governmental systems or ‘protected systems’,4 disrupting the civil amenities through destroying the proper working of the digital information systems, etc. 3. It could affect the computers and the networks as a whole, it could also affect the governing system, and it could affect the population of target area to create threat. 4. Computer and digital communication technology are used as a main tool to achieve extremist purposes. 5. The whole act could be motivated by religious, social or political ideologies. 6. It is mostly done by hi-tech offenders. For elaborating these characteristics, I take up the 26/11 Mumbai terrorattack case. Even though the media had highlighted the phenomenal terroristattack on crucial business and Jewish settlements in Mumbai, the Indian Ministryof Home affairs in their annual report (2010) had released a detailed nexusbetween digital technology and the (mis)use of the same by extremists. Oh,Agrawal, and Rao (2011) and LaRaia and Walker (2009) had corroborated theusage of cyber technology to extremist use to present the scenario of cyberterrorism which engulfed India as well as the whole world. Both Oh et.al (2011)and LaRaia and Walker (2009) have elaborated how satellite phones, GPS andvarious websites were widely used for fulfilling the mission of the extremists.Without going into the details, it could be said, that, unlike the Al Qaeda attack onthe twin towers in the US in 9/11, or the Tamil Tiger’s email attacks to computersin the Sri Lankan embassies, in India, the cyber terrorism scenario has not beenexpanded to attack on the machines or the network widely. On the contrary, theterm cyber terrorism has been broadly used by the media especially to identify theusage of cyber space and /or cyber technology to aide the terrorist activities, gaininformation about the target place and population, recruitment and motivation etc.4 Section 70 of the Information technology act, 2000 (amended in 2008) describes protected system andregulations related to it as follows: (1) The appropriate Government may, by notification in the OfficialGazette, declare any computer resource which directly or indirectly affects the facility of CriticalInformation Infrastructure, to be a protected system. Explanation: For the purposes of this section, "CriticalInformation Infrastructure" means the computer resource, the incapacitation or destruction of which , shallhave debilitating impact on national security, economy, public health or safety. (Substituted vide ITAA-2008)(2) The appropriate Government may, by order in writing, authorize the persons who are authorized toaccess protected systems notified under sub-section (1)(3) Any person who secures access or attempts to secure access to a protected system in contravention ofthe provisions of this section shall be punished with imprisonment of either description for a term, whichmay extend to ten years and shall also be liable to fine.(4) The Central Government shall prescribe the information security practices and procedures for suchprotected system (Inserted vide ITAA 2008).Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 5. There are several reports on the hacking and defacement of Indiangovernment websites. Some of the examples are the 2010 hacking and defacementof the CBI website by the Pakistani hackers, who called themselves ‘Pakistancyber army’, wherein the hackers had put up a message stating ‘Pakistan cyberarmy is warning the Indian cyber army not to attack their websites’ (NDTVCorrespondent, 2010). The website was affected, but not the regular emailingservices. The media stated that the experts hoped that it was a mere defacementand not the case data vandalizing because the server hosting the website wasdifferent from the one, which managed confidential correspondences (NDTVCorrespondent, 2010). During the period of January to June 2011, a total of 117government websites had been defaced (Saxena, 2011). Some important websiteslike the website of National Investigation Agency (NIA) was also affected, but itwas temporarily disabled and not hacked. Investigation on these offences is stillgoing on. Experts had suggested that regular cyber security audits could preventsuch attacks (NDTV Correspondent, 2010). Such types of attacks actually fulfillthe qualities of cyber attacks against government. Basing on this very assumption,Duggal commented on the web defacement of the CBI website as an act of cyberterrorism (NDTV Correspondent, 2010).Indian interpretation of cyber terrorism A minute analysis of the 26/11 Mumbai attacks would show that cybercommunication between the terrorists and usage of cyber technology by them tobe acquainted with the target population and the place, created similar devastatingresults in India. In July 2011, the digital technology was further used for bombblasts in a crowded city market in Jhaveri Bazaar, Mumbai. The 2010 Varanasiblast case also saw the usage of cyber communication wherein the IndianMujahiddin claimed responsibility for the blast. Awakened by this, the Government of India took strong steps to strengthenthe cyber security, including prohibition of terrorist activities through cyber spaceby way of amending the existing Indian information Technology Act, 2000. Theprovision that was specifically inserted in this legislature for this purpose wassection 66F which defines and describes cyber terrorism. Section 66F mentionsthat (1) Whoever,- (A) with intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by – (i) denying or cause the denial of access to any person authorized to access computer resource; or (ii) attempting to penetrate or access a computer resource without authorisation or exceeding authorized access; or (iii) introducing or causing to introduce any Computer Contaminant. and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the lifeChapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 6. of the community or adversely affect the critical information infrastructure specified under section 70, or (B) knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorized access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism. (2) Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life’. From the above definition, it could be inferred that, cyber terrorism is anact of hacking, blocking and /or computer contaminating in order to restrict legallyauthorized persons to access computer resources in general, and /or to gain orobtain unauthorized access to any information which is a ‘restricted information’for the purpose of security of the state, or foreign relation etc. These are gruesomeacts which is done with an intention to threaten the security, sovereignty andintegrity of India or strike terror in the minds of people or a section of people; andwhich may result in death and injury to people, damage to properties, disruption ofcivil services which are essential to the life of a community, and also affects thecritical information infrastructure. However, in the case of 26/11 Mumbai attacks,it could be seen that terrorists had used communication services not to hack orblock the protected information, but to aide the terrorists to carry on with themassacre. The intercepted messages that were availed by the Government of Indiaduring the prosecution of the Mumbai attack case would clearly show theextremists were communicating purely on the basis of their personal freedom ofspeech. However, when looked at the communication in total, it could be seen thatthis speech was carried on to disrupt the peace, security and sovereignty of Indiaand thereby it looses its nature of a protected speech under Art 19A of theConstitution of India. At the same time, it is an act of terrorism. In the definitionprovided by section 66F, this particular aspect is glaringly absent. The InformationTechnology Act, 2000 (amended in 2008) had painstakingly taken efforts to secureprotected systems, which is defined by Section 70. “The appropriate Governmentmay, by notification in the Official Gazette, declare any computer resourcewhich directly or indirectly affects the facility of Critical InformationInfrastructure, to be a protected system.” Explanation added to this section furtherexplains that "Critical Information Infrastructure" would mean that vital computerresource regarding national security, economy, public health and safety, which ifdestructed or damaged, shall have a “debilitating impact” on these issues.Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 7. I argue that the present Indian legal approach towards cyber terrorism hastherefore emphasized unauthorized access to ‘restricted information only, which isbut a part of the whole modus operandi of terrorism through cyber space. This isvery much evident from the two specific provisions which are dedicated to defineand describe cyber security under section 2(nb); and unauthorized access tocomputer and computer network system and contamination etc under section 43 ofthe Information Technology Act, 2000 (amended in 2008). Further, to strengthenthese two sections, section 69, 69A and 69B were also enacted. Section 69 speaksabout powers to issue directions for interception or monitoring or decryption ofany information through any computer resource; section 69A speaks about powerto issue directions for blocking for public access of any information through anycomputer resource, and section 69B speaks about power to authorize to monitorand collect traffic data or information through any computer resource for CyberSecurity. All these sections may signify the communicational aspect of cyberterrorism, which is missing in the definition of cyber terrorism in section 66F. Theunfortunate truth is that this legislation could not come out of the basic scope oflegal recognition of electronic commerce that was laid down at the time of thebirth of this law. This scope was further enhanced in the Information TechnologyAmendment Bill, 2006 to cover e-governance, e-commerce, e-transactions,protection of personal data and information and protection of critical informationinfrastructure. Even though the amended Act in 2008 had included provisions,which would protect personal data, prevent financial frauds and restrict offensivecommunication, the purpose of preventing extremist usage of the cybercommunications was not properly satisfied. In this connection, I need to further emphasize that the term ‘cyberterrorism’ was coined in 1996 by Barry Collin, who defined the term as the“convergence of cybernetics and terrorism” (cited in Krasavin, 2002, para 6).However, the definition was not stagnated in this meaning alone. Variousresearchers have attempted to define the term from various angles, which includethe usage of the term to mean using information technology with politicalmotivation to attack on civilians (Pollit, 1997 cited in Krasavin, 2002). This termhas further gained popularity due to the media, who interpreted the term frommischievous pranks to terrorize others (Krasavin, 2002), to even serious attackslike the Mumbai attack ((NDTV Correspondent, 2010). It could therefore be seenthat cyber terrorism could be defined depending upon the term’s linguistic usageand interpretation of the same through various approaches. As I had mentionedearlier, cyber terrorism is a holistic term. This includes general usage of the cyberspace, which would also aide to terrorist purposes. Oh et.al (2010) had showedthat apart from general websites giving details about Mumbai target areas, theterrorists had extensively used Twitter posts made by common people to gatherinformation about the current status of situations. Most of these posts were madein connection of warning people about sensitive areas, blood donation camps thatwere set up to supply blood to the wounded, information for friends and relatives.Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 8. Apparently, these posts were well within their constitutional limits; however, theyfed unconstitutional missions. From these points, it could be seen that the presentlaw failed to understand the reach of terrorist’s physical communication to cyberspace. This failure had further motivated more cyber usage for terrorist purposes.The 2011 Javeri Bazaar blast, again in Mumbai is a glaring example. It could further be seen that due to this lacuna in the legislation, theprosecution pays minimum heed to the application of this law in the course ofprosecuting the accused. After the amended version of the InformationTechnology Act was brought in, section 69F was sparingly used to nip the bud ofcyber terrorist acts. In most cases, cyber reliance by the terrorists or extremistswas used for forensic evidences (NDTV Correspondent, 2010). Even though noofficial report has still come out on the usage of this provision (Duggal, 2011), thislaw could mostly be referred for hacking and defacement of government websiteslike that of the case of defacement of CBI website by the “Pakistan cyber army”that is referred above; provided this law creates threat to the population and alsothreat to sovereignty and integrity of the country, or cases of misuse of identity forfinancial gains towards the fulfillment of terrorist purposes. However, I refuse tocall Pakistan cyber army hacking and defacement case as a case of cyberterrorism. Such attacks on government websites could be vital as this may actuallyhamper the machine, the congenital government data as well as the network.However, this attack neither affected the confidential data (NDTV Correspondent,2010), nor created extreme threat to the sovereignty and integrity of nation, neitherthreat to population of a targeted area as was done in Mumbai attack, and therebyfailed to attract the core characteristics of cyber terrorism. These are cases ofTerrorists use of Internet and not Cyber Terrorism per se. Ironically, the provisions in the proposed Information Technologyguidelines for cyber café Rules, 2011, have provided ancillary support towards theprevention of cyber terrorism. The cyber smart extremists prefer to avoid privateinternet connections through home computers, as the internet protocol address (I.Paddress) may easily disclose the location data. India had witnessed the usage ofcyber café for such mischievous purposes (NDTV Correspondent, 2010). The twoparticular sections of this proposed Rule attract my attention for this specificpurpose; section 2(bb) of this proposed rule defines log register as “a registermaintained by the Cyber Café for access and use of computer resource” andthereby indicates that every cyber café must have a log register to notify thepersons who would are using cyber cafes for accessing and using computerresources. Section 4 of this proposed rule further states regulations for Cyber café.The rule has also proposed that the cafes responsibility must also includeprohibiting any user from accessing the computer or computer networksestablished in the café unless 1. the intended user produces a valid identity proof as has been specified under section 4(1) of this Rule;Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 9. 2. the intended user actually allows the café to store his data through photocopy of the same, as has been specified under section 4(2) of this Rule; 3. if the intended user is a minor, he/she is accompanied by an adult as has been specified under section 4(4) of this Rule; 4. the accompanying person (if any) of the intended user produces identity data as has been specified under section 4(5) of this Rule. Apparently these provisions are made to monitor the users of cyber café . Itis evident from these proposed regulations that drafters of the Indian laws towardsprotection of cyber communication are well aware of the misuse of the publicserver facilities that are provided by the cyber café (Halder, 2011).Conclusion Apparently a legislation made to safeguard the e-commerce, cannot bepulled in to protect non-commercial issues including extremist communicationsand ideologies that are hatched in the cyber space. In India, extremist activitieswhich are carried out to disrupt the sovereignty and integrity are strictly regulatedthe Prevention of Terrorism Act, 2002 (repeal ordinance, 2004), besides variousprovisions under the Indian Penal code, especially chapter VI, which deals withoffences against the State. The prime focus of these legislations is to restrictterrorist activities in India. As such, they also emphasize on the forensic evidencesthat could trace the motive, the master plan as well as the master planner and theexecuters of such plans. With the growth of digital communications, the IndianEvidence Act has also adopted the cyber forensic specimens as evidences for theextremist ideologies and activities. A minute analysis of the InformationTechnology Act, 2008 would show that the language of the provisions, especiallysection 69 F, fails to recognize the inherent meaning of terrorism through cyberspace. Rather, this law remained a shadow of the existing anti terrorismlegislations. Vandalizing the cyber space could definitely be termed as cyberterrorism, but cyber communication carried out to vandalize the peace of civilsociety must not be ignored. Nothing but a focused law could be the only answer for preventing cyberterrorist activities in India. It could be seen that Information Technology Bill 2006had a larger holistic statement of objects and reasons. Para 1 and 2 of thestatement of objects and reasons of this Bill stated as follows: The Information Technology Act was enacted in the year 2000 with a view to give a fillip to the growth of electronic based transactions, to provide legal recognition for e-commerce and e-transactions, to facilitate e-governance, to prevent computer based crimes and ensure security practices and procedures in the context of widest possible use of information technology worldwide. With proliferation of information technology enabled services such as e-governance, e- commerce and e-transactions, protection of personal data and information and implementation of security practices and procedures relating to these applicationsChapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 10. of electronic communications have assumed greater importance and they require harmonisation with the provisions of the Information Technology Act. Further, protection of Critical Information Infrastructure is pivotal to national security, economy, public health and safety, so it has become necessary to declare such infrastructure as a protected system so as to restrict its access. However, the amended Act of 2008 does not show case these objects andreasons. Here lies the pivotal focus of my argument. A law meant for safeguardingelectronic commerce could go to save the personal data of the individuals, but itmay not successfully envelop the issues of terrorism, even though such terroristmove could disrupt the commercial transactions through cyber space and therebycause financial loss to the nation. In order to make the present InformationTechnology Act, 2008 a focused legislation to prevent cyber atrocities, especiallycyber terrorism, the following recommendations could be adopted: 1. The statement of object and reasons must be stretched to cover crimes committed in the cyber space, and not limited to safeguard electronic commerce and related communications only. 2. Cyber terrorism must be broadly defined to include the usage of cyber space and cyber communication. 3. The language of Section 66F must be stretched to cover cyber communication that is carried out with intent to fulfill terrorist missions. Further, the provisions of section 69, which speaks about power to issue for interception or monitoring or decryption of any information through any computer resource, must be included in the ambit of section 66 E. This could form a new chapter dedicated for cyber terrorism and extremist speeches in the main legislation.ReferencesCollin, B. (1996). The Future of CyberTerrorism. Proceedings of 11th Annual International Symposium on Criminal Justice Issues, The University of Illinois at Chicago.Denning, D. E. (2001). Cyberwarriors: Activists and Terrorists turn to cyberspace. Harvard International Review, XXIII(2), 70-75.Denning, D. E. (2010). Terror’s Web: How the Internet is transforming Terrorism. In Y. Jewkes & M. Yar (Eds.), Handbook of Internet Crimes (pp. 194 - 213). Cullumpton: Willan Publishing.Duggal, P. (May 30, 2011). Cyber Terrorism – Some legal perspectives. Retrieved on 12.08.2011 from http://neurope.eu/cybersecurity2011/?p=47Halder D. (7 August 2011). The café with better responsibility. Retrieved on 12.08.2011 from http://cybervictims.blogspot.com/2011/08/cafe-with-better- responsibility.htmlJewkes, Y. (2010). Public Policing and Internet crime. In Y. Jewkes & M. Yar (Eds.), Handbook of Internet Crimes (pp. 525 - 545). Cullumpton: Willan Publishing.Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.
  • 11. Krasavin, S. (2002). What is Cyber-terrorism? Retrieved on 12.08.2011 from http://www.crime-research.org/library/Cyber-terrorism.htm.LaRaia, W., & Walker, M. C. (2009). The Siege in Mumbai: A Conventional Terrorist Attack Aided by Modern Technology. In M. R. Haberfeld., & A.V. Hassell. (Eds.), A New Understanding of Terrorism (pp. 309-340). New York: Springer.NDTV Correspondent (2010). Hacked by Pakistan cyber army, CBI website still not restored. Retrieved on 12.08.2011 from http://www.ndtv.com/article/india/hacked-by-pakistan-cyber-army-cbi- website-still-not-restored-70568Oh, O., Agrawal, M., & Rao, H. R. (2011) Information control and terrorism: Tracking the Mumbai terrorist attack through twitter. Information Systems Frontiers, "Special Issue on Terrorism Informatics", 13(1), 33-43.Pollitt, M. M. (1997). A Cyberterrorism Fact or Fancy?. Proceedings of the 20th National Information Systems Security Conference (pp. 285-289).Saxena, A. (August 4 2011). 117 Indian Government Websites Defaced Till July. MEDIANAMA. Retrieved on 12.08.2011 from http://www.medianama.com/2011/08/223-indian-government-websites- hacked/Schjolberg, S. (2007) Terrorism in Cyberspace - Myth or reality? Retrieved on 12.08.2011 from http://www.cybercrimelaw.net/documents/Cyberterrorism.pdfTrachtman, J. P. (2009). Global Cyberterrorism, Jurisdiction, and International Organization. In M. F. Grady & F. Parisi (Eds.), The Law and Economics of Cybersecurity (pp. 259 - 296). New York: Cambridge.Wykes, M. & Harcus, D. (2010). Cyber-terror: construction, criminalisation and control. In Y. Jewkes & M. Yar (Eds.), Handbook of Internet Crimes (pp. 214 - 229). Cullumpton: Willan Publishing.Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime andDigital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.