Three incidents have happened in the recent past involving cyberspace. An HSBC call centre employee in Bangalore had passed on banking details of some 20 UK based customers to accomplices who siphoned off almost Rs 2 crore. The employee had given false information and yet got employed in the BPO. The second incident was that of Ankit Shrivastava, an alleged hacker who exploited a loophole in the Airtel website and got the call details of key PMO officials and senior police officials. He thereafter demanded Rs 1 crore from Airtel for not divulging those call details. Airtel smartly lodged a police complaint. The third is the case of S.S. Paul, a system analyst of the National Security Council Secretariat who was passing on sensitive information to an American woman he had met in the course of an Indo-US cyber security meet last year.

Investigations are on in all three cases and more and more revelations are coming out. The initial arrests have been made. Some of the issues that haunt the Indian cyber march — like security of BPOs, cyber extortion and confidentiality and security of data — have been highlighted.

No doubt these incidents create awe about the extent to which cyber crimes are growing in our country, but at the same time they also show the helplessness that we still have in curbing such incidents. The good part is that cyber crimes are being reported because in most cases such incidents are generally hushed up to prevent embarrassment to the organisations involved. With IT penetration increasing and more and more people moving on to the online convenience of communicating, banking and shopping, such incidents reflect on the state of our preparedness in issues of technological regime. While India has had cyber legislation for a few years in the form of the Information Technology Act 2000, the past few incidents have shown that these laws need to be revamped to incorporate more possibilities. The call for more stringent punishment in the existing clauses and a separate data protection law are being again called for. Similarly, the readiness of the police force to deal with techno crimes is still much below the desired level on a national scale, although the police have done an excellent job in investigating some of the cases. There needs to be more involvement both in terms of cyber surveillance and cyber forensics. Likewise the responsibility of organisations like HSBC or Airtel has to be of the highest order and they need to install and ensure robust security practices.

... contd.