An overview of the digital forensic investigation infrastructure of India
Introduction
Digital Forensic Investigation has become a recognised professional and academic discipline in a number of developed countries such as the United Kingdom and the USA, wherein there are a number of HE (Higher Education) courses available at both Undergraduate and Postgraduate level, there exist also a steadily increasing number of professional employment opportunities in this area. At the point of writing, more than 60 Universities in the UK offer an Undergraduate digital forensic investigation degree course (UCAS, 2011) and more than 15 offer a taught Postgraduate degree relating to this subject (Find a masters, 2010, UK Pass, 2010).
Further to this, there exists in the UK and US a reasonably well defined and accepted professional infrastructure that supports the investigation of cyber crime within the national police/secret forces and also the private sector. There is also clear and specific legislation that deals with computer misuse and there exist nationally accepted professional guidelines governing the manner in which digital evidence is processed and presented. The combination of government legislation, appropriate investigative guidelines and investigative structures, and higher education degree courses and professional training opportunities are referred to in this study as the digital forensic investigative infrastructure.
The Mumbai terror attacks of 2008 demonstrated that India and other emerging markets are in their infancy in terms of developing such digital forensic investigative infrastructures. Following the attack, a number of questions were raised regarding India’s preparedness and ability to respond efficiently and effectively to such attacks (Chandran, 2008) furthermore it was suggested that the Mumbai police may have ignored important digital intelligence from the US which warned of a potential attack (Robertson, 2008).
The subsequent investigation highlighted the role of digital devices in the planning and perpetration of the attacks and pointed to particular digital evidence that proved to be important in a dossier produced by the Indian Government relating to the attacks which involved the investigation of a satellite phone, Direct Inward Dialing [DID] facilities and GPS equipment and also the tracing of emails/IP addresses (Federation of American Scientists, 2008).
Whilst this particular incident raised heightened awareness of the use of digital devices in the planning of such attacks in India, a number of incidents had previously raised concern (Acharya, 2008). Indian Internet sites (including government web pages and the web site of an atomic research facility) had been attacked by Pakistani hacker groups for many years (Keegan, 2002). During the Mumbai train bombings of 2006, terrorists used advanced techniques including IP address masking and proxy services to conceal their communications and activities. India is emerging as a highly competent outsourcing destination with an economy that is predicted to overtake China and an outsourced software industry estimated to be worth $12 billion. India’s digital forensics investigative infrastructure is in its infancy and the issues described herein have raised heightened concern about the need for more cyber forensics and cyber security professionals to preserve India’s national critical IT infrastructure against operational sabotage and reputational damage.
This study explores the digital forensic investigative infrastructure in India and in particular investigates the judicial, law enforcement and academic structures. The study will be of value to both academia and industry, the former in light of fast developing changes to the HE sector which are encouraging UK academia to build and strengthen research and collaborative links with overseas markets such as India, and the latter because of the opportunities to develop stronger partnerships in the fight against borderless cyber crime.
There is little or no academic research available that has previously analysed and investigated these digital forensic investigative infrastructures. In this research we have analysed government/professional web sites and appropriate associated documentation in order to understand the current provision. There is no central authority in India governing the academic provision of the HE sector, course details are therefore only available through personal enquiry or internet research.
We begin in Section 2 by outlining the fundamental legislative acts that govern the prosecution of cyber crime. The investigative guidelines – often pertinent to the successful prosecution under such legislation are explored in Section 3. In Section 4 we proceed to explore the law enforcement structure and in Section 5 we conclude by outlining the opportunities for study and research at both undergraduate and postgraduate level and also the opportunities available for independent and professional training.
Section snippets
Legislation
The introduction of the Information Technology Act (ITA) 2000 led by the then Ministry of Information Technology (MIT – later Ministry of Communications and Information Technology – MCIT) served to give legal recognition to digital signatures and electronic records and also to categorise specific new cyber offences as criminal acts. These new offences were detailed under Sections 66 (hacking – defined as the altering of electronic information in some way) and 67 (publishing of obscene material
Guidelines
Whilst the statutes provide a broad basis for the recognition and prosecution of cyber crime, there is less consistent guidance in terms of evidence management procedure particularly in the context of cyber crime. The ACPO and NIST principles constitute the national computer investigation guidelines for the UK and USA respectively, there is no equivalent in India.
Section 80 of the ITA and Sections 154–176 Code of Criminal Procedure (1973) specify the process in terms of powers of the police to
Police Organisation
The issue of guidelines leads adequately to a discussion of the law enforcement infrastructure of India. The Indian police system is split into a two tiered system which is organised into a central government authority and state based police authorities. The central authority includes two armed paramilitary forces – the Central Reserve Police Force (which undertakes a counter insurgency role and will occasionally assist state police in keeping law and order) and the National Security Guard (a
Education and training
The higher education sector in India is comparatively complex in comparison with the UK and US. The University Grants Commission (UGC) was established by the Government of India under the University Grants Commission Act 1956 and is charged with controlling and maintaining academic standards throughout the many types of university and governing the authority to confer degrees (University Grants Commission, 2007). Recognised institutions can be categorised as follows:
- •
Central universities. Those
Conclusions
The 2008 amendment to the Information Technology Act further recognises cyber related crimes and is less restrictive in terms of the effective investigation of those crimes, it also makes provision for each state to develop their own procedures in respect to the investigation of cyber crime, at the same time, specific guidelines are used by certain law enforcement agencies, whilst this disparity in approach seems not to have been a specific problem it certainly raises scope for concern in terms
References (42)
Cyber terrorism-the dark side of the web world
(2008)Campuses and Programmes (M.Tech, PG Diploma & MCA) [Online]
(2010)Courses in Cyber Law [Online]
(2011)Brace Radical Information Security PVT.Ltd. [Online]
(2009)CBI Academy – Training Courses [Online]
(2010)CBI Crime Manual 2005 [Online]
(2005)Central Bureau of Investigation – About us [Online]
(2007)Indian Computer Emergency Response Team [Online]
(2011)Mumbai attacks show up India's technology shortcomings
(2008)Police Organization in India [Online]
(2009)
Cyber Laws Consulting Centre [Online]
Higher Education in India [Online]
Statement before the Senate Committee on Homeland Security and Governmental Affairs [Online]
Information Security Training: Ethical Hacking and Countermeasures/Penetration Testing [online]
Mumbai Terrorist Attacks [Online]
Find a Masters [Online]
Forensics Guru – investigative ingenuity [Online]
The Information Technology Act 2000 [Online]
The Information Technology (Amendment) Act, 2008 [Online]
News
Digital Investigation
IFS India – Intense Forensic Science Services India LLP [Online]
Cited by (2)
An overview of the digital forensic investigation infrastructure of Ghana
2020, Forensic Science International: SynergyCitation Excerpt :These include agencies responsible for the investigation of cybercrimes as well as national bodies responsible for prosecuting offenders of cyber and computer crimes. Without a clear national strategy and supervisory bodies, efforts in different agencies and departments become conflicted thereby preventing effective harmonization of digital forensic investigation processes [50]. The organisational infrastructures are discussed based on the existence of institutions involved in digital forensic investigation and prosecution at the national level.
The Impact of India's Cyber Security Law and Cyber Forensic on Building Techno-Centric Smartcity IoT Environment
2021, Proceedings - IEEE 2021 International Conference on Computing, Communication, and Intelligent Systems, ICCCIS 2021