For every lock, there is someone out there
trying to pick it or break it.
~David Bernstein
Abstract
As we see today, alongside technological advancements, crime rates have evolved as well, giving rise to certain forms of cyber-based crimes. Law enforcement agencies must use current cutting-edge technologies and digital resources to combat and investigate these cybercrimes. One crucial branch of forensic science which has been essential to this process, is the cyber forensics. Within this domain, digital forensic investigation is majorly concerned with the application of scientific procedures and specialised tools for collecting, preserving, as well as analysing digital evidence in order to obtain a forensically-sound investigation of digital media. This research paper will delve into the dynamic relationship between cyber forensics- also known as computer forensics, which in reality, is a sub division of digital forensic science and Cyber-crimes. It also demonstrates the necessity for additional research that is needed in order to understand the insulation of cyber forensic research to improvise identification of cybercrimes.
Keywords: Cybercrimes, Forensically-sound investigation, cyber forensics, digital forensic science, computer forensics
Introduction
As internet technologies continue to integrate and proliferate into every aspect of our day-to-day life, we come one step closer to realising both current and new opportunities and challenges that exist around us. One such critical advancement is in cyber forensics, a unique and specialised division which includes the special process of identifying, preserving, analysing and presenting the digital evidence in a legally admissible manner. The American Heritage Dictionary defines forensics as – “relating to the use of science or technology in the investigation and establishment of facts or evidence in a court of law”.[1] This principle helps in applying cyber forensics into the digital realm, which enables the investigators and law enforcement agencies to interpret and uncover electronic evidence.
As per Centre for Advanced Research in Digital Forensics and Cyber Security, India currently stands at the position of third most vulnerable country for cyber threats. In order to mitigate these growing threats, the fields of digital forensics have become crucial so that such crimes can be investigated and addressed appropriately.[2] By employing advanced forensic techniques and tools, investigators can effectively uncover fraudulent activities and strengthen cybersecurity measures in the digital landscape.
In today’s interconnected world, nothing can be considered as completely immune to cyber-attacks, so much so, that the most secure and advanced systems are not safe as well. Digital forensics serves a dual purpose- it acts as a proactive approach to shelter susceptible data, and as a reactive measure when it comes to finding out and reducing cyber incidents.[3] By systematically uncovering digital footprints, cyber forensics not only aids in tracking the perpetrators but also strengthens cybersecurity frameworks to prevent future attacks.
Fundamentals of Digital/Cyber security and Cyber Forensics
Prima facie, it might appear that cyber security is a newly developed concept and hacking is an act that has started to create havoc since that past one or two decades, but in reality, history tells us a different story. The very first cyberattack took place in France in the year 1843, wherein financial market information was stolen when a duo hacked the French Telegraph System.[4] Small acts of hacking different systems kept happening until the World War II, when multiple acts of hacking and disrupting the efforts of the enemies became common. In the early 1960’s, computer passwords started to protect the user’s privacy and for other tasks but there were people who hacked into this system too and slowly came the world’s first computer virus called RABBITS Virus in 1969 which caused the computer to shut down automatically by overwhelming it with tasks that it could not handle.[5] All these instances, from over the past seven to eight decades led us to cyber security or digital security.
Digital security gives focus on protecting confidentiality, integrity and also availability of data. The CIA triad (confidentiality, integrity and availability) is one of the fundamental concepts to security practices. Confidentiality makes sure that sensitive content is not conveniently accessible to unauthorized individuals. Integrity basically includes maintaining accuracy and entirety and information and it is trustworthy. Availability ensures that the data and systems are available and accessible whenever it is required.[6]
However, challenges exist inspite of development in the branch of digital forensic because that is not the only thing that has been developing. There has been a rapid evolution of cyber threats and cybercriminals have been developing advance techniques so that they can bypass security measures. This makes it a requirement for organizations and institutions to adopt cybersecurity strategies that are proactive. Furthermore, government and regulatory bodies also play a significant role in cybersecurity and cyber forensics. There are many countries that have adopted different cybersecurity laws and regulations for protecting individuals and organizations from cyber-crimes and cyber threats. For example, the European Union’s General Data Protection Regulation, considered to be the strongest privacy and security law in the entire world, enforces strict data protection measures and penalizes anyone for any kind of data breaches.[7]
Relationship and Challenges
- ROLE OF CYBER FORENSICS IN CYBER-CRIME INVESTIGATION
In today’s era of digital India, rapid advancements as well as continuous innovations have transformed various sectors. But as we know, with the rise of technology, there has also been a significant inclination in cyber-related crimes. Thousands of cases are registered everyday under the Information Technology Act of 2008, addressing cases of unauthorised access, hacking cyber terrorism, data theft, and many more. The process of cybercrime investigation involves a structured methodology to track, analyse and prosecute criminals. Following are certain key steps involved a cybercrime investigation:
- Questioning
- Collecting and Gathering information
- Computer/Digital Forensics
It is crucial to preserve the chain of custody, ensuring that the evidence remains untampered. Once the evidence has been gathered, it is imperative to maintain the original data safely and must start working on the duplicate data.[8]
Cyber forensic investigators are those specialized experts who are trained in analysing encrypted data with the use of advanced software technologies as well as forensic tools. In line with the continuous expansion and development of cyber threats, investigators must employ certain emerging techniques that are specifically tailored to the specific nature of each cybercrime. Some of the most crucial or primary tasks include- Cracking the encrypted password, recovering any sort of deleted files and identifying the source of security breaches.[9]
After the digital evidence has been collected, it should be securely stored and relocated in order to make it presentable in front of the court or for further examination.
RIGHT TO PRIVACY IN CYBER FORENSICS AND CYBER SECURITY
When we talk about the development and revolutionization of digital forensics, India substantially lacks a codified legal framework dedicated to this field. Such absence of a specific legislation governing digital forensics can be attributed to the nascent stage of technology law in the country. As of now, there are at present no regulatory bodies that oversees the digital forensics profession in India, because of which individuals who wish to become cyber forensic experts can easily do a certified course in digital forensics after the completion of graduation, without any government or licensing authority. This lack of regulation raises serious concerns about the competency and credibility of forensic professionals handling sensitive and delicate cyber-crime cases.[10]
As we know right to privacy is a fundamental right under Article 19 of the Constitution of India.[11] However, privacy concerns do arise when electronic data is handed over to the forensic analysts for investigation. While forensic investigators require access to digital evidence in order to track down the criminals, there still exists a fine line between privacy infringement and necessary investigation. A major concern is that the investigators tend to collect unnecessary information as well that is not required, including some sensitive and confidential data unrelated to the case. In some instances, such information might get misused, posing serious threat to personal privacy of an individual. This issue is particularly reminiscent in the case of Adhaar, wherein UIDAI collected extensive personal information on behalf of the government. If unauthorised individuals gain access to PINs, passwords or usernames in the name of forensic investigation, it could lead to account manipulation or other cyber-crimes like identity theft. As a result, if investigators obtain any sort of personal data or confidential information beyond what is required, it should be considered as a breach of the right to privacy. For addressing this issue, strict ethical guidelines as well as regulatory oversight must be established in order to ensure that digital investigations balance the protection of individual privacy and the need for justice.
In the landmark case of United States v. Ivanov,[12] the court addressed with the issue of cybercrimes committed by foreign individuals beyond the jurisdiction of U.S. Some Russian hackers gained unauthorised access to U.S. servers, and the U.S. investigators promptly accesses the Russian server under court’s order. This led to Ivanov’s imprisonment without his consent. In response to these actions, Russian authorities filed a criminal case against U.S. officials for unauthorized access.
Cybercrime is addressed in the Council of Europe’s 52-nation treaty[13] on cybercrime. This aims to balance digital forensic investigations with privacy rights and establishes a comprehensive legal framework among signatory nations and also fosters international cooperation in cybercrime investigations. There are 5 key areas of cyber offences under this category:
- Unauthorized computer access
- Blocking data without permission
- Tampering with data
- Interfering with systems without authority
- Misusing devices
CHALLENGES FACED BY CYBER FORENSICS
Some of the major challenges include:
- Data Encryption – Forensic investigators might find it difficult to gather or collect evidence when encryption makes it difficult to access data on a device or network. This can require use of specialized decryption tools and scientific techniques.
- Lack of Metadata – Certain saved files may lack critical details making it easier for criminals to forge or change evidence.
- Discrepancy between Display and Storage – What appears on the screen may vary substantially from what is actually saved on the disk. This may create difficulties about inaccurate evidences.
- Data Storage – Modern digital devices have vast storage capacities, making it challenging for forensic investigators to identify and retrieve relevant information.
INDIA’S CYBERSECURITY LANDSCAPE
India is a country which is transforming at a rapid pace when it comes to technology and digitization. This transformation and growth have provided the country with numerous benefits but has also exposed the nation to some extreme cyber threats. Incidents of data leak, like Star Health data leak in 2024,[14] has highlighted the vulnerable position that Indian organization are in. Furthermore, the data breach of people holding frequent flyer account in Quantas[15] underscores the risks involved when it comes to outsourcing and also highlights the importance of strict security measures.
With a view to directly tackle with such challenges, India has initiated measures in order to strengthen its cybersecurity stance. The government has planned to form a national registry of suspected cyber criminal and also position 5,000 cyber commandos in the next five years. These expert commandos are supposed to collaborate with law enforcement agencies for the purpose of dealing with cybercrime in a more effective manner. Apart from this, the Reserve Bank of India is introducing secure website domain names for the purpose of mitigating rising digital frauds which reflects a dynamic approach in order to safeguard transactions.
Furthermore, encouraging ethical hacking by professionals so that vulnerabilities in the government and private sectors can be addressed can make India’s cyber defences better and stronger. Additionally, by introducing bug bounty programs, backed and supported by the government, can address any cybersecurity flaws that an organization faces and protect the organizations before they are exploited by cybercriminals.
Suggestions and Conclusion
It is the need of the hour to effectively tackle computer-based crimes. There is an even more urgent need to strengthen legal procedures and impose stricter penalties for cyber offenders. At present, most offences under the IT Act are bailable, with a maximum punishment of three years’ imprisonment. Such a lenient approach will not help in deterring cybercriminals, necessitating harsher penalties to discourage repeat offences.
Following are certain key recommendations to effectively handle cybercrime cases:
- Augmenting internet security in order to prevent unauthorised access of personalised data
- Raising general public awareness on cybercrime preventive measure
- Administering encryption technology for data protection
- Encouraging victims to report the cybercrimes, ensuring justice and deterrence to offenders.
- Setting up cyber forensic labs in all police stations for efficient digital investigations.
The integrity of digital evidence in court cases will be guaranteed, cybersecurity will be strengthened, and investigation efficiency will increase with a well-regulated digital forensic system.
[1] American Heritage Dictionary Entry: forensics, https://ahdictionary.com/word/search.html?q=forensics (last visited Mar 11, 2025).
[2] Yuthika Bhargava, India Third Most Vulnerable Country to Cyber Threats, The Hindu, Apr. 4, 2018, https://www.thehindu.com/news/national/india-third-most-vulnerable-country-to-cyber-threats/article61869968.ece (last visited Mar 11, 2025).
[3] Vishnu Institute of Technology et al., Cyber Forensic Science to Diagnose Digital Crimes- A Study, 50 IJCTT 107 (2017).
[4] Cybersecurity History: Hacking & Data Breaches | Monroe University, https://www.monroeu.edu/news/cybersecurity-history-hacking-data-breaches (last visited Mar 8, 2025).
[5] Simran Makhija, Rabbits Virus 1969: The First Virus In The Cybersecurity History, Chaintech (2024), https://www.chaintech.network/blog/rabbits-virus-1969-the-first-virus-in-the-cybersecurity-history/ (last visited Mar 8, 2025).
[6] Goni et al., supra note 7.
[7] The general data protection regulation, Consilium, https://www.consilium.europa.eu/en/policies/data-protection-regulation/ (last visited Mar 10, 2025).
[8] Zlatko Jakjovski, A Detailed Study to Examine Digital Forensics and Cyber Security: Trends and Pattern in India, 5 IJFSC (2020), https://medwinpublishers.com/IJFSC/IJFSC16000184.pdf (last visited Mar 11, 2025).
[9] Id.
[10] Vishnu Institute of Technology et al., supra note 3.
[11] Article 19 in Constitution of India, https://indiankanoon.org/doc/1218090/ (last visited Mar 11, 2025).
[12] United States v. Ivanov, 175 F. Supp. 2d 367 (D. Conn. 2001), Justia Law (2025), https://law.justia.com/cases/federal/district-courts/FSupp2/175/367/2419190/ (last visited Mar 11, 2025).
[13] Jakjovski, supra note 12.
[14] Bhumika Indulia, Legal Ramifications of a Data Breach Discussed in Light of the Star Health and Allied Insurance Breach, SCC Times (Jan. 28, 2025), https://www.scconline.com/blog/post/2025/01/28/legal-ramifications-data-breach-discussed-in-light-of-star-health-and-allied-insurance-breach/ (last visited Mar 14, 2025).
[15] Qantas Frequent Flyer Privacy Breach – ALA, (2024), https://australianloyaltyassociation.com/qantas-frequent-flyer-privacy-breach/ (last visited Mar 14, 2025).
