IMPACT OF CYBER CRIME ON BANKING SECTOR IN INDIA

DISSERTATION

SUMITTED IN PARTIAL FULFILLMENT OF THE REQUERMENT FOR THE AWARD

OF THE DEGREE

MASTER OF ARTS IN ECONOMIC, PLANNING

AND DEVELOPMENT
BY
ANITA

UNDER THE SUPERVISION OF

DR. ROOPALI SRIVASTAV

DEPARTMENT OF ECONOMICS, PLANNING AND DEVELOPMENT

SCHOOL OF HUMANITY AND SOCIAL SCIENCE
GAUTAM BUDDHA UNIVERSITY

i
 Department of Economics, Planning and Development
School of Humanities and Social Sciences

Declaration by the Candidate

I hereby declare that the dissertation entitled, “submitted in partial fulfilment of the requirements for the award of
the degree of Master of Arts is a record of bona-fide research work carried out by me under the supervision of Dr.
Roopali Srivastava”.

This is an original work and this dissertation fulfils the requirements as per the regulation of this University and
meets the necessary standard for submission. I, further declare that the work reported in this dissertation has not
been submitted either in part or in full for the award of any degree or any diploma of this University or any other
University.

Greater Noida Signature of the candidate

Date: Anita

ii
 Department of Economics, Planning and Development
School of Humanities and Social Sciences

Certificate
This is to certify that the dissertation entitled “An analytical study about impact of Cyber crime on banking
sector in India, by Anita is submitted in partial fulfilment of the requirements for the award of the degree of
Master of Arts in Economics, Planning and Development under the supervision of Dr. Roopali Srivastava,
School of Humanities and Social Sciences, Gautam Buddha University, Greater Noida, U.P. (India).

This is an original work and this dissertation fulfilled the requirements as per the regulations of this
university and meets the necessary standard for submission. The content of this dissertation have not been
submitted either in part or full for the award of any other degree or diploma in this or any other University.

------------------ Dr. Roopali Srivastava

Dean Programme Coordinator

iii
 Department of Economics, Planning and Development
School of Humanities and Social Sciences

Certificate by the Supervisor

This is to certify that the dissertation entitled “An analytical study about impact of Cyber crime on banking
sector in India ”submitted by Ms. Anita in partial fulfilment of the requirements for the award of the degree of
Master of Arts is a record of bona-fide research work carried out by her under my supervision. This
dissertation fulfils the requirements as per the regulations of this university and meets the necessary standard
for submission. The content of this dissertation have not been submitted either in part or full for the award of
any degree or diploma in this or any other University.

Date: …………… _______________

Signature

Name of the supervisor: Dr. Roopali Srivastava

iv
 Acknowledgement

This study has been carried out in the Department of economics, Planning and Development, School of
Humanities and Social Sciences, Gautam Buddha University, Greater Noida, Uttar Pradesh, from January 2018
to April 2018. I have received great help and assistance from many people. It is difficult to acknowledgements
it adequately in short and formal manner here.

My Teacher and guide, Dr. Roopali Srivastava trained and exposed me to the vast world of academics. Her
guidance and direction opened new avenues in my life. She taught me how the academic work can be a
pleasure. I never felt that I was under any work pressure. I am privileged to have worked under her and also
grateful to her for her hospitality, affection and concern bestowed.

I must thank all the teacher of my department for their valuable suggestions. I express my sincere thanks to my
friend without those help and cooperation; I would not have been able to complete my research work.

I am greatly indebted to my parents and grandparents who have been the source of constant encouragement and
support at all times. Some of my relatives also provided me all the assistance in the completion of work.

v
 ACRONYMS

Abbreviation Full Form

NCSP National Cyber Security Policy

ICERT Indian Computer Emergency Team

DSK Digital Swachhata Kendra

CISO Chief Security Officer

RBI Reserve Bank of India

IDRBT Institute Development Research Banking

Technology

PIN Personal Identification Number

ATM All Time Machine

ICT Information Communication Technology

DDS Distribute Denial of Service

vi
 LIST OF FIGURES

Fig 4.1 Status the top five bank of security

Fig 4.2 Bank cyber fraud some previous year

Fig 4.3 Leading bank for cyber fraud

vii
 LIST OF TABLES

Table 4.1 Perceived awareness level of respondent Cyber crime

Table 4.2 Comparison of bank services between traditional and modern mobile

Table 4.3 Status of top five bank security

Table 4.4 National crime record bureau

Table 4.5 National crime record trend 2008 to 2012

Table 4.6 According Indian computer team record

viii
 CONTENT

Sr. No. Title Page No

1. Declaration by the candidate ii

2. Certificate iii
3. Certificate by the Supervisor iv
4. Acknowledgement v
5. Acronyms vi
6. List of Figures vii
7. List of Tables viii
8. Abstract xi

Chapter 1 Introduction

1.1 Concept Cyber crime in India 1

1.2 History 2
1.3 Introduction of banking sector 2
1.4 Types of Cyber crime 3
1.5 Cyberspace 5
1.6 Classification 6
References 8

Chapter 2 Review of literature

2.1 Studies on analysing Cyber crime in banking system 9

References 12

Chapter 3 Research Methodology

3.1 Objective of study 13

3.2 Data source 13
3.3 Methodology 13

Chapter 4 Impact of Cyber crime

4.1 Internet banking of India 14

4.2 Comparison between 2014 to to 2016 16
ix
 4.3 Status of bank 17
4.4 RBI financial report 19
4.5 Cyber security challenge 21
4.6 Problem of Indian banking system 23
4.7 Cyber fraud statistic 24
4.8 Mode and manner of Cyber crime 26
References 29

Chapter 5 Government Initiative

5.1 Initiatives by RBI 30

5.2 Need for security 31
5.3 National policy 2013 32
5.4 Prevention for cyber security 38
References 40
Conclusion 41
Fruitful suggestions and directions 42

Bibliography 43

x
 ABSTRACT

Everybody know, with the advancement of technology Cyber crime increase. A lot people in the India have limited
knowledge of Cyber crime in cyber space, known as Cyber crime. Cyber crime happen in the world of computer
and internet, this kind of crime has a serve impact on economy, society and lives . use the statically data to show
the performance of Cyber crime in India. The study about impact of Cyber crime banking sector become very
dangerous and loss full .Government take various action against the crime ,they make strong policy protect the
customer.
All over say that the Cyber crime are any illegal activity committed using computer and network for criminal
activities , study the types of crime in India like ATM fraud, credit card fraud, spam etc.
The modern contemporary era has replaced these traditional instrument from paper and metal based currency to
plastic money which we called debit card, credit card etc. this has resulted in the increasing use of ATM all over
the world. The use ATM not only safe but it also convenient.
The paper will be provide a introduction to the concept on e-banking and its drawback by explaining the list of
fraud in banking focusing on information technology Act, 2000 with the help of statistic on Cyber crime reported
in last years .some of the banking Cyber crime in banking sector phishing, hacking, skimming, pharming etc.
Internet commerce grown exponentially during the past few year and is still growing. but unfortunately the growth
is not done because the credit card fraud which has become common has retarded the e-commerce growth.
The term internet fraud refers generally to any type of fraud scheme that uses one or more component the internet-
such as chat room, e-mail, or web sites-to present fraudulent solicitation to prospective victims, to conduct
fraudulent transaction.
“The modern thief can steal more with a computer then with a gun. Tomorrow terrorist may be able to do more
damage with a keyboard than with a bomb.
The financial loss suffered from the cyber incident .it can also lead higher risk such as disruption in banking
continuity, loss of reputation customer trust.
.

xi
 Chapter-1
INTRODUCTION

Technology is growing rapidly day by day. It is not about in any particular field but it spreads in all
directions i.e., in the field of education, Entertainment, Sport, Business etc. As we know that everything in
the world has pros and cons. So the technology also has
many pros and cons. But in topic have to be discuss about
cons due to technology that is called as CYBER CRIME.

Source: imagebay.com

Now the questions are what cybercrime is and how it

becomes cons for technology? So, Cyber crime is the
criminal activities which are done on machine over
internet. Some of the cases it does not need internet but
mostly chance is performed over Internet. It becomes
cons for technology because it infiltrates our privacy and damages our physical or social life. Cyber crime
provides unauthorized access to a computer system which is intent of damaging, deleting or stealing or
Misusing the precious information.
1.1 CYBER CRIMES IN INDIA

India is a fourth highest number of internet user in the world, Cyber crime in India also increased 50% in
2007 over the previous year. According to information technology (IT) Act, the majority of offenders
were under 30 years of age.

Around 46% of Cyber crime were related to incident of cyber pornography, following by hacking,
according to recent published 2017 by national crime record bureau (NCRB), in over 80 the cases,
offender between 18 and 30.These Cyber crime are punished under two categories; the IT Act 2000 and
Indian panel cod. According the report, 217cases of Cyber crime were registered under IT Act in 2017
compared to 2016.

1
1.2 History of Cyber crime:

Cybercrime was started with hackers who were trying to break a computer network. Some of the hackers
did it for the thrill of accessing high level security network and also to gain sensitive informations. So,
hackers started to ,infect computer systems with computer viruses which led breakdowns on personal and
business computer. They made virus in the form of program codes and uses malware programs that can
damage, destroy and steal the data of another computer.

In India, People are committed with cybercrimes day by day. This is all about lack of awareness about the
crimes that could be dined through the internet.

1.3 Some brief introduction of banking sector in India:

The banking industry was once a simple and reliable business that deposit from investor at a lower interest
rate and borrows the money from this sector at minimum return interest. The deregulation and technology
revaluation in banking sector the business industry as main aim is provided credit. The banking sector
collapse of in industry this become financial crisis means some more complex securitization activities and
more extreme risk. Banking in India originated in last decades of 18th century the oldest bank is state bank
of India. The first bank of India BANK OF HINDUSTAN.

2
1.4 Types of Cyber crime
We can classify Cyber crimes into following types:

1. Identity Theft & Invasion of Privacy:

Cyber crime affects both a virtual and a real body. This phenomenon is clearest in the case of
identity theft. For example, if you have to buy a mobile sim card and you visits a service center of
any telecommunication operator. Then they demand to you for an Identity Card middle man like a
worker at there may get yours information very easily. Even they can sell your information to any
other company and get money
A hacker may easily get that information by paying to
that company and a hacker can start to track you
because they have some precious information like your
mobile number, your address and other information.
Then hacker will start to find some more information
by which they could damage you physically and
virtually.[2]
Source: shutterlock.com

2. Cyber Terrorism:

Cyber Terrorism is use of internet to conduct violent acts that results in, or threaten, loss of life or
significant bodily the harm, in order to achieve political gains through
intimidations. On the way if understanding cyber terrorism is the idea
that terrorist could cause massive loss of life, worldwide economic
chaos and environmental damage by hacking into critical infrastructure
system.

Source: pixbay.in

3
3. Cyber warfare:

Cyberwarfare involves the battlespace use and targeting of computers and networks in warfare. It involves
both offensive and defensive operations pertaining to the threat of cyber-attack, espionage and sabotage.

4. ATM Fraud:

Take the automated teller machines(ATM) through which many people now get cash. In order to access
an account, a user supplies a card and personal identification
number (PIN). Criminal have developed means to intercept
both the data on card’s magnetic strip as well as the user’s PIN.
In turn, the information is used to create fake cards that are then
used to withdraw funds from the unsuspected individual’s
account.

Source: Google Image

5. Illegal Interception of Telecommunications:

Development in telecommunications provides new opportunities for electronic eavesdropping. From

activities as time -honour as surveillance of an unfaithful spouse, to the newest forms of political and
industrial espionage, telecommunications interception has increasing applications. Here again,
technological developments create new vulnerabilities. The electromagnetic signals emitted by a computer
may themselves be intercepted. Cables may act as broadcast antennas. Existing law does not prevent the
remote monitoring of computer radiation.

6. Online Funds Transfer Fraud :

The Cyber Space is increasingly used by organized criminal groups to target credit cards, banks account
and other financial instruments for fraudulent transactions. Most of the online banking fraud conducted
either through phishing, stealing of banking informations or
through cloning of credit/debit cards. In phishing, a fraudster
will have sent an email pretended to be sent from the Bank to
the victim asking for their personal details including banking
informations like PIN code or Banking user name and
password. Once the person reveals such crucial information, the

4
fraudster may withdraw or transfer the money from the victim’s account.

Online fraud is considered to be third amongst economic crimes prevalent in India. According to the
Global Economic Crime Survey 2011, conducted by Price House Water which reveals the propensity of
such crimes in India.

1.5 Cyberspace:
Cases of cybercrime grow; there is a growing need to prevent them. Cyberspace belongs to everyone.
There should be electronic surveillance which means investigators tracking down hackers often want to
monitor a cracker as he breaks into a victim's computer system. The two basic laws governing real-time
electronic surveillance in other criminal investigations also apply in this context, search warrants which
means that search warrants may be obtained to gain. S u c h evidence would include the computer used to
commit the crime, as well as the software used to gain unauthorized access and other evidence of the
crime. Researchers must explore the problems in greater detail to learn the origins, methods, and
motivations of this growing criminal group. Decision-makers in business, government .[1]

5
1.6 Classifications of Cyber crime
Cybercrimes can be basically divided into 3 major categories

Classification Of
Cyber crime

Cyber crime Cyber crime Against Cyber crime Against

Against Person Property Government

 Cybercrimes Against Persons

Cybercrimes committed against persons include various crimes like transmission of child-pornography,
harassment of any one with the use of a computer such as e-mail. The trafficking, distribution, posting,
and dissemination of obscene material including pornography and indecent exposure, constitutes one of
the most important Cybercrimes known today. This is one Cybercrime which threatens to undermine the
growth of the younger generation as also leave irreparable scars and injury on the younger generation, if
not controlled.

 Cybercrimes Against Property

The second category of Cybercrimes is that of Cybercrimes against all forms of property. These crimes
include computer vandalism (destruction of others' property), transmission of harmful programs. A
Mumbai-based upstart engineering company lost a say and much money in the business when the rival
company, an industry major, stole the technical database from their computers with the help of networking

6
  Cybercrimes Against Government

The third category of Cybercrimes relate to Cybercrimes against Government. Cyber terrorism is one
distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is
being used by individuals and groups to threaten the international governments as also to terrorize the
citizens of a country. This crime manifests itself into terrorism when an individual "cracks" into a
government or military maintained website

7
 References

1. Rao Shankar,(2014), “effect of Cyber crime in Indian economy”,ISSN:2348-1439, Page No-4.

2. Ahuja vashumal, (2009) “Cyber crime in banking sector” ,Page No. 17-25.

8
 Chapter-2

REVIEW OF LITERATURE

In this chapter the existing literature on impact of Cyber crime on baking sector in India, comparison
between traditional and modern mobile internet banking and security system of bank has been reviewed.
The study conducted in this field in last decades. This chapter cover the studies of Cyber crime in banking
sector in India.

2.1 Studies analysing impact of Cyber crime on banking sector in India

A study presented by Simran(2018)1 ,The world is fast moving online with 46.1% of total world
population now connected to the web according to internetlivestats.com (as on July 1, 2016). A
remarkable instance of this phenomena has been experienced in India with a notable increase in the past
three years i.e. 18% of the Indian population online in 2014, 27% in 2015 and 34.8% in 2016 (as on July
1, 2016).
According to Agrawal Sanchi (2017)2 Indian banking sector cannot avoid banking activities carried out
through electronic medium as the study suggest that there has been an increase in the number of payments
in e-banking. However, the change in the banking industry must be such which suits the Indian market.
The Origin of Knowledge Page 19 Banks are required to be updated and ahead with the latest
developments in the IT Act, 2000 and the rules, regulations, notifications and orders issued therein
pertaining to bank transactions and emerging legal standards on digital signature, electronic signature,
data protection, cheque truncation, electronic fund transfer etc. as part of overall operational risk
management process.

A study presented by Raghavan A. R (2014)3, Banks in order to enhance their customer base introduced
many platforms through which transactions could be done without much effort . These technologies
enabled the customer to access their bank finances 24*7 and year around through, ATMs and Online
banking procedures. the problem of cybercrime in the banking sector and its impact on the banks finances.
It assesses the cybercrime scenario and identifies the actors involved in the scenario.

9
A study conducted Rao Shankar (2015)4, cyber security make impossible for maintaining the continuity
this vital services and for preserving public trust in IT sector. Some example of cybercrime likes stealing
personal information (identity theft),. theft the data through the computer view (hacking) , making internet
service unavailable for the user, tricking someone into revealing their personal information , software and
plagrism privacy , free fraud advanced so many crime are committed in India. Therefor awarenance of
cybercrime need to be presented the by full view and analysed.

According economic times banking (2017)5, NEW DELHI: India was among the 99 countries affected
by a global cyber-attack that took down, among others, health services in the UK, a telecom network in
Spain and government computer systems in Russia this weekend. As many as 102 computer systems of
Andhra Pradesh police were hacked on Saturday. The malware reportedly halted production at a Nissan-
Renault Alliance plant on the outskirts of Chennai, but the company did not comment on the issue.

As Per RBI Report (2017)6, they measured to check the Cyber crime in banking sector. As per the RBI,
a number of Cyber crimes like ATM fraud, debit card and internet banking these showed as rises to 4.4%
from 13,653 in 2016-2017. The RBI has issued cyber security structure to banks and mentioned to put in
place to approved cyber security policy. So they covers the risk from cyber threats and their measures to
meet. The RBI provided the instruction to bank for reversal of fraud for debit or other transaction also.

Digpal and Karan(2015)7, a cybercrime in digital wrong doing the ICT (Information communication
technology had revolute in different aspect for the people and made our lives simpler and has also implied
on the industrial and has made simple business process by sorting, summarizing, customizing and coding.
Cybercrime affected different sectors among which banking sector is most affected and witnessed in
different forms of cybercrime. Today we know that the importance and facilities of baking sector like
Debit and Credit Card facility and net banking etc.

PWC's Global Economic Crime Survey (2016)8, there is no causes that the Cyber crime is all time high.
It seen that not a single day goes without the any organisation suffering a security of customer of the
major bank having money theft from their account. In fact cybercrime jump to second most reported crime
globally and that is 54% of companies have hit with Cyber crime in last two year. this is highlighting

10
because of the big business hacking has become, however some organisation are more target than others
including cyberattack.

Tesco Bank, which hacker stolen over 2 million from customer account while their various threats target
are the part of the system and their customer. Still success of Cyber crime because our financial institution
shifts to digital channel online.

Das Sumanjit (2013)9 The government still has an important role to play, but most of the prevention
needs to be done by commercial entities producing software and those with the ability to stop fraud.
Relying on consumer education programs will only affect a percentage of possible victims. The others
need to be automatically protected through measures that do not stress and require considerable
participation. Security needs to be easy and effective if it is doing work.

Neena (2013)10 A bigger share of private and foreign banks in frauds related to online banking, ATM,
cards and other digital banking transactions. Even with the reducing number of cases, the value of such
cases did not come down proportionately. Banking cyber frauds in the country are the result of
introductory phase of banking technology like ATM, online banking, mobile banking, EFT etc. which
need time for people, market and technology to get matured. Regulatory framework also gets stronger by
experience. Recently RBI has issued guidelines suggesting measures and reporting methods of cyber fraud
cases to be followed by the banks.

11
 References
1. Simran,2018, “Cyber crime;- a growing threat to Indian banking sector” ,ISSN 2394-3386,
volume 5 .
2. Agarwal Sanchi,2016 “Cyber crime in banking sector”, ISSN 2455-2488,volume 3
3. Raghavan A.R,2014, “The effect of Cyber crime on a bank’s finance, ISSN 2347-3215,
volume 2.
4. Rao shanker,2014 “effect of Cyber crime of Indian economy, ISSN 2348-1439.
5. The e- newspaper “economic times banking,2017.
6. As per RBI report 2017
7. Digpal and Karan,2011 “Cyber crime in banking sector” ,ISSN 2321-6417.
8. PWC’s global economic crime survey ,2016.
9. Das Sumanjit,2013 “Cyber crime issue and challenge”, ISSN 2231-6604, volume 6.
10. Neena soni,2013 “banking cyber fraud in India special reference to private and public
banks” ,ISSN 2319-1171, volume 2.

12
 Chapter-3

RESEARCH DESIGN AND METHODOLOGY

In this chapter objective of the study has been elaborated. The impact of Cyber crime on banking sector in
India has been discussed in this chapter. The main objective of the study to know about cyber security in
banking sector, its prevention, policy types, classification etc.

3.1Objective of the Study

The study has been undertaken with the following objectives:

 To study background of Cyber crime on banking sector in India.

 To know the various causes of Cyber crime on banking sector in India.
 To see the impact of Cyber crime on banking sector in India.
 To study about Government initiatives for Cyber crime on banking in India.
 To make fruitful suggestion and directions.

3.2 Data source

The study is basically on secondary data. This data has been collected various Journals, manual and
source published by government of India. The study cover period between 2008 to 2017 to analyse to
increase the number of Cyber crime on banking in India. Main source of data are the website like
Economic survey, RBI reports.

3.3 METHODOLOGY
The study analyses the available secondary information and literature of background of Cyber crime on
banking sector in India. Cause of Cyber crime on banking sector in India has been analysed. To measure
the impact of Cyber crime on banking in India has been taken from published “Cyber crime on baking
sector in India. With the view of accomplish the afore said objective of the study trend growth have been
studied.

13
 Chapter-4
Impact of cyber crime on banking sector in India
Cyber crime can be simply started as crime that involves the use of computer and a network as a medium
of source, instrument, and target place of a crime. With the growing aspect of e-commerce and e-
transaction, the economic crime has dirtied towards the digital world. Cyber crimes are increasing globally
and Indian too has been witness a sharp increase in cyber related case in recent years. Various types of
crime become in banking sector such as cracking, software piracy, and pornography etc.in this chapter
what are the impact Of Cyber crime on banking sector is analysed .The current status of Indian bank and
traditional bank system have been analysed in this chapter.

4.1 Internet banking of India

The Indian banking industry is enjoying growth, with the credit card and debit card user increasing every
day and new technologies like internet wallets slowly gaining popularity, the financial transaction are
touching all-time highs. This firm progression in the mounting paper less transaction number where a total
where a total of 95479743 transaction were commended using credit and debit card in the year 2015
alone can be partially seen the recent development in the e-banking and e- commerce vertical

Analysis of data types of cyber -crime happen in banking sector, their security hack by criminals, and their
percentage

Table 4.1 : Perceived awareness level of respondent Cyber crime

TYPES OFCRIME OPTION SECURITY PERCENTAGE

1.CRACKING SA 29 52.7

A 24 43.6

U 1 1.8

14
 SD 1 1.8

TOTOAL 55 100

2.SOFTWARE SA 29 52.7
PIRACY

A 17 30.9

U 1 3.6

D 5 9.1

SD 1 1.8

MISSING 1 1.6

TOTAL 55 100

3.PORNOGRPHY SA 22 40

A 18 32.7

U 4 7.3

D 4 7.3

SD 5 9.1

MISSING 2 3.6

TOTAL 55 100

4.ATM FROUD SA 29 52.7

A 17 30.9

U 2 3.6

D 2 3.6

15
 SD 4 7.3

MISSING 1 1.8

TOTAL 55 100

5.YAHOO SA 25 45.5
/EXTARTIAN

A 21 38.2

U 1 1.8

D 2 3.6

SD 5 9.1

MISSING 1 1.8

TOTAL 55 100

Source: Effect of Cyber crime Indian economy (2014),ISSN no-2348-1439, page no 5 .

Analysis of data, the category of the table

SA-Strongly Agree , A- Agree , U -Undecided , D- Decided , SD- Strongly Decided
The table show that clearly that cracking is the major crime in our society with this frequency is 29 and
the percentage 52.7% with the lowest disagree went for 1 with percentage 1.8%. this implement not too
far from the fact the internet is almost available for every user. Almost the same level of awareness goes
for pornography, software , piracy, and fraud with the frequencies of 22,29 and 29 and percentage of
40%,52.7%,52.7%. the table show that 25 respondent strongly 45.5% with only 1 respondent undecided
with a percentage 1.8%.
4.2 Comparison between 2014 to to 2016
It has reported by times of India that number of transaction in mobile banking has increase than doubled
from 98 million to 265 million in first 8 month in fiscal year of 2014-2015.if they increase continuously
such rate then it is clear that mobile based transaction be it mobile wallet or mobile banking transaction. if
we look at the rise E- banking it is clear that people have started using this facility are in comparison for

16
banking to traditional as evident from the table below for transaction in April – November 2015 (in
million).
If we look rise E-banking it is clear that people have started using this facility are in comparison to
traditional for banking as evident from the table
below for transaction in April-November 2015(million)
.
Table 4.2 Banks Services Between 2014to 2016

Services 2014-2015 2015-2016

Cheques 793.1 729.3

Online payment RTGS 59.3 64.0

Retail electronic clearing 890.4 1922.3

Mobile wallet 133.9 309.1

Mobile banking 97.7 203.1

Source: RBI payment system indicators 2015.

4.3 STATUS OF INDIAN BANKS WEBSITE

In this paper we take five Indian bank and try to find out the security features using by bank for online
transaction. This collect data various forms like newspaper website and the other media. for every security
features we provide 5 points

 State bank of India(SBI)

 Punjab national bank(PNB)
 Central bank of India (CBI)
 Bank of Baroda (BOB)
 Allahabad bank

17
 Table 4.4 status of bank

BANK NAME PE VK SSL SMS UPA TOTAL

SBI 4 4 4 3 0 15

PNB 4 4 3 4 0 15

CBI 3 4 3 2 0 12

BOB 4 4 3 4 0 15

ALLAHABAD 3 4 4 3 0 14

status of bank
6

0
SBI PNB CBI BOB ALLAHABAD

PE VK SSL SMS UPA

Source: Times of India ,page no 45

1.PE-password encryption
2-VK-virtual keyboard
3-SSL-secure socket layer
4-SMS-short message service alert
5-UPA-user awareness program

18
In this study found that the all feature for his website. The all are providing password encryption facilities
with virtual keyboard we provide 5 marks for each feature but no bank has full fill the feature and
aggregate total of every bank is vary between the 12 to15 out of 25. One the interesting thing is that in
future this technology increase rapidly . It mean the user will have to use these facility therefor we need to
make our
system more secure regarding to this security mechanism we have to aware this technology and also need
to increase secure humankind.

4.4 RBI reported 16,468 instance of financial Cyber crime in 2014-2015

Financial Cyber crime India has been steadily increasing over the years. For the year 2015-2016 the
Reserve Bank of Indian (RBI) Reported 16,468 Cyber crime related to ATM, debit card ,credit card and
net banking fraud. The number of frauds reported by RBI was 13,083 in the year 2014-15 and 9500 in the
year 2014. Minister of state for electronic and information technology. He added additional information
from national collect and record bureau (NCRB) collected and maintain statistical data of police recorded
cognizable crime. RBI set up the Reserve bank information technology Private Ltd to take care of its IT
requirement, including the cyber security needs of the bank and its regulated entities .ReBIT WILL
FOCUS ON it and cyber security including research for the financial sector and assist in IT system audit
and assessment of RBI regulated entities, in addition to implement and manage internal or system wide IT
project management.
The ministry of electronics and information technology has also issued a consultation paper which calls
for developing a framework for security of digital wallets operating in the country .the government will
CERT.
In shall notify the categories of incidents and breaches that a require to be reported mandatorily.
With digital payment on the rise digital heists and fraud becoming common. In India most notably over
3.2 million debit card details were stolen by hackers from ATM and POS machine in October 2016 the
national payment corporation of India said that the complaints of fraudulent withdrawal are limited to card
of 19 banks and 641 customers. The total amount involved is 1.2 crore .more recently bank of marashtra
reported a loss of rupees 25 crore I march as fraud exploited a bug in their UPI application and core
banking.
India registered over 100 per cent increase in Cyber crime during 2016-17, a two-day conference on
cyber laws and cyber security being held in Srinagar .As per the statistics made available to the
participants of the conference, there has been a significant rise in attacks on government and private

19
sector, particularly financial sector. “In government sector, there has been 136 percent increase in cyber
crimes while the private sector has seen 119 percent in 2016-17,” said Prof Yasir Latif Handoo, assistant
professor, Kashmir Law College. He added that there is need for International Court on cyber crime on the
lines of International Court of Justice to deal with such crimes.

“After IT Act 2000 was enacted, many amendments have been brought in to cope with growing
challenges in terms of privacy and theft in cyber world but we are far behind,” he said asserting “Our

“The scale of cyber crimes in India is negligent, mostly dealing with privacy issues, while huge cyber
scams have been reported globally. Keeping this in mind, we have to be proactive in evolving an effective,
since most of offences defined in IT Act 2000 are bailable,” he said.

“Securing data is a big issue. In today’s world, most people don’t know importance of cyber laws, which
are meant to protect your information. There is need to educate people on cyber laws,” he said.

Source: Pexel.com

20
  The number of cyber security incidents has gradually increased in India over the last few
years.

for Electronics and IT, Mr. PP Chaudhary stated that as per the information collected by India’s Computer
Emergency Response Team (CERT-in), 44,679, 49,455 and 50,362 cyber security incidents took place in
India during the years 2014, 2015 and 2016, respectively. These incidents include phishing, website
intrusions and defacements, virus and denial of service attacks amongst others.

 As per the ‘2016 Cost of Data Breach Study India’ the average total cost of a data breach paid
by Indian companies increased by 9.5 percent, while the per capita cost increased by 8.7 percent
and the average size of a breach grew by 8.1 percent. Although, the government has taken certain
cyber security initiatives as discussed below, more expansive and aggressive measures are required
to meet the rising challenge.

4.5 Cyber security challenges in India

1. Information technology (IT) has exposed the user to a huge data bank of information
regarding everything and anything. However, it has also added a new dimension to terrorism.
Recent reports suggest that the terrorist is also getting equipped to utilize cyber space to
carryout terrorist attacks. The possibility of such attacks in future cannot be denied.
Terrorism related to cyber is popularly known as ‘cyber terrorism’.

2. As brought out earlier India has carried a niche for itself in the IT Sector. India's reliance on
technology also reflects from the fact that India is shifting gears by entering into facets of e-
governance. India has already brought sectors like income tax, passports visa under the realm
of e -governance. Sectors like police and judiciary are to follow. The travel sector is also
heavily reliant on this. Most of the Indian banks have gone on full-scale computerization.
3. This has also brought in concepts of e-commerce and e-banking. The stock markets have also
not remained immune. To create havoc in the country these are lucrative targets to paralyze
the economic and financial institutions. The damage done can be catastrophic and
irreversible. Some challenges and concerns are highlighted below:

 Lack of awareness and the culture of cyber security at individual as well as institutional level.

21
  Lack of trained and qualified manpower to implement the counter measures.
 Too many information security organizations which have become weak due to 'turf wars' or

Financial compulsions, A weak IT Act which has become redundant due to non-exploitation and
age old cyber laws. No e-mail account policy especially for the defiance forces, police and the
agency personnel. Cyber-attacks have come not only from terrorists but also from neighbouring
countries inimical to our National interests.

Cyber security, in the near future, will be the main component of the state’s overall national security and
economic security strategies. Recently, Government made public a report by the working group to set up
the Computer Emergency Response Team in the Financial Sector (Cert-Fin) RBI released guidelines on
customer liability in case of unauthorized electronic banking transactions.

Significant of challenges of cyber security in India.

They represent different aspects of the cyber security problem—the technical and the economic
framework. Push for a less-cash economy is increasing the digital density of India’s financial services
space. The cyber-attacks getting audacious Government’s response thus far has focused only on the
technical aspects of the problem.

There is a risk that Cert-Fin will become deadwood given that sectoral regulators RBI, SEBI and IRDA
are already working on cybersecurity issues. So proper coordination across the sector is necessary.
Companies and institutions will rarely expend the resources necessary for the collective security needed to
protect the sector, until the right economic incentives are found. In case of a complex system, attackers
will always have the edge over defenders. The number of potential bugs and vulnerable points in any
system mean that the mathematical odds favor the attackers. No code can be perfect enough to
compensate for human error.

Example: A bank might have robust cybersecurity architecture, but it will still be vulnerable if the systems
of other networks that carry pertinent information are not secure.

In software industry, the more people use a particular software, the more valuable it becomes- has led to a
“release first, patch later” approach In case of ATM frauds, in US, burden of proof lay with the banks,
fared much better than Britain, Norway and the Netherlands, where burden of proof lay with the customer.
22
4.6 The three big problems in India’s banking sector, according to the RBI

The country’s banking system in India , the Reserve Bank of India (RBI) warned that the sector is under
severe stress, with mounting bad loans and an increase in bank fraud, among other issues. All this, the RBI
says, could drag down India’s economy. “Weak investment demand, partly emanating from the twin
balance sheet problem (a leveraged corporate sector alongside a stressed banking sector) is a major
challenge,” the report said.

The key problems plaguing India’s banking sector, according to the RBI:

 Bad loans

At nearly Rs10 lakh crore, India’s pile of bad loans is bigger than the gross domestic products of at
least 137 countries. But so far, the RBI’s attempts to reduce Non-Performing Assets (NPAs) in the
banking sector have yielded little result.

The share of gross NPAs in India could inch up to 10.2% by March 2018, from 9.6% in March 2017,
according to the FSR. In September 2016, gross NPAs were at 9.2%.

Currently, the worst-hit are the state-owned banks, which dominate the Indian banking system. In March
2017, the average bad loans of PSBs stood at 75% of their net worth. These bad loans are squeezing
banks’ profitability and capital positions, threatening the health of some of India’s biggest banks. In the
report, the RBI cautioned that the situation could get woe with any for seen stress in the economy.

 Cyber Threats

An estimated 95% of transactions in India are paid for in cash but with the growing penetration of
computers and smartphones, and increasing access to the internet, Indians are taking to digital channels
for their banking needs. Cybercrime is becoming a greater threat as a result.

The FSR labelled cyber-attacks as a high-risk zone for India’s banking sector. The RBI classifies bank
fraud as transactions involving any cheating, negligence, misappropriation of funds, or forged documents.
“Not only simple attacks using phishing, vishing and social engineering, but also increasingly audacious
attacks by organized gangs with or without backing by state players have come to light,” the RBI said.

The clamours to secure India’s banking system increased following a massive data breach of 3.2 million
debit and credit cards last year, one of the biggest attacks in the country. Another red flag was the recent
global ransomware attack that affected the computer systems of governments and several companies in
23
various countries, including India. The RBI recommended that banks invest in preventive software and
frequently assess the risks at hand, not just for in-house operations but also for the external vendors that
the lenders employ.

 BANK FRAUD

Another pressing concern for the banking regulator is the increased number of fraudulent transactions at
Indian banks. What’s adding to the concerns is that banks often seem reluctant to report these cases.

“Almost all corporate loan-related fraud cases get seasoned for two to three years as NPAs before they are
reported as fraud, the RBI said in the report. In the last five years, the volume of bank fraud has increased
by 19.6% to 5,064 cases.

4.7 Cyber Fraud Statistics In Indian Banks: ICICI Leads

Reserve Bank of India recently released statistics on Cyber Frauds pertaining to Internet Banking, ATMs,
Debit Cards and Credit Cards for past 4 years and even after all the security and policies introduced, cyber
fraud in terms of total amount is on the rise.

Fig 4.3 bank cyber frauds in last few years

Source: www.bankcybercerimeindina.com

24
As per the report, in 2010, cyber frauds accounted for close to 40.5 crore rupees as compared 52.7 crores in
2012. On the other hand, the cases reported have seen a decrease from 15018 cases reported in 2010 as
compared to 8322 cases reported in 2012. This also show that average value per cyber fraud case has also
increased alarmingly.[1]

ICICI FRAUDS

ICICI Bank customers have been the biggest victims of Cyber Frauds. In last 4 years (from 2009 to 2012)
ICICI Bank alone reported 34918 cases amounting to 74.25 crore rupees. Though, ICICI Bank is one of
the biggest private commercial Banks in India, the number of cases are relatively very high. With the
measures that ICICI Bank has taken over the years, the number of cases as well as the value of cyber
frauds in dropping. In 2009, ICICI Bank had 15,666 cases, 9811 in 2010, 6013 in 2011 and 3428 in 2012.
Even the value has been progressively down.

Fig 4.4 leading bank for cyber frauds 2009-12

Source: www.bankcybercrimeindia.com

American Express ranked 2nd based on the value of cyber frauds with 4 years (2009 to 2012) amounting
to 26 crore rupees nearly 3 times less than ICICI Bank. Citibank came in at 3rd reporting 24 crores worth
of cyber frauds followed by Axis (15.9 crore) and HSBC (13.8 crore).

25
The surprising aspect is low number of cyber fraud cases witnessed by HDFC Bank. In past 4 years, they
witnessed only 1330 cases valued 9.77 crore rupees. Given that it is one of the largest bank in India, the
have effectively managed the security of their customers against cyber frauds.

4.8 Mode and manner of Cyber crime

1. Unauthorized access to computer system or network/hacking

This kind of offenses normally referred as the hacking generic sense the farmer act 2002 have nowhere
used this term so to avoid them

2. Theft of information content in electronic form

We all know the all information stored in computer hard disk ,so the data theft by the physically or
tempering them through virtual medium.

3. Email Bombing
This type of activity refers to sending large no of mail to the victim which may be single or in group or
even ultimately resulting into crashing.

4. Salami attack

This type of crime basically in the financial institution for the purpose of committing financial crime.
Example Ziegler case wherein a logic bomb was introduced the banking system which deposit 10% from
every account and deposited in particular account[2].

5. Data diddling

This kind of crime attack involves alerting row data just before computer process it and then changing
after completed. The electricity board forced problem of data diddling while the department was being
computerized.

6. Denial of service attack

The computer of the victim is flooded with more request than it which cause it to crash distributed denial
of service (DDS) attack is also a type of denial of service attack.

7. Virus /worm attack

Virus is a program that joint with the computer or a file and it circulate them others file and computer on a
network. They usually affect the data of computer either by entering or deleting.
For example, love bug virus, which affect 5% global.

26
8. Logic bomb

These are program depend on programs. These are related to the events.
For example, Chernobyl virus.

9. Trojan attack
This term origin tins the word Trojan horse. In the software field it means unauthorized program, which
specially focus on another computer by representing itself as a authorized program the most special
example email.

8. Internet time theft

Normally in these kinds of theft the internet suffering hours of the victim are used by another person.
These access profit purpose such a login id and account. There are various causes of Cyber crime on
banking sector every cause have different to others, so we should analysis this cause thoroughly.

Table 4.4 National Crime Record Bureau (NCRB) collects and maintaining statistical data of
Policy records.

Types of Cases 2013 2014 2015 % Increase or % Increase or

Decrease in Decrease in
2014 since 2015 since a
2013 2014
Cheating using - 1115 2255 - 102.0
computer as a
medium/target
Forgery using 747 63 45 -91.5 -28.6
Computer as
medium or
target
Criminal 518 54 42 -89.6 -22.2
breach of
trust/fraud
using
computer as a
medium/target
Counterfeiting 59 10 12 -83.0 20.0
using
computer as a
medium
Source: Economic survey, page no 957

27
According to the table 4.5 crime record have increased gradually i.e. in 2008 national crime record was
288,in 2009 it increased to 420,and in 2012 it increased to 2,876.

Table 4.5 National Crime Record

Year Cases

2008 288

2009 420

2010 966

2011 1,791

2012 2,876

Source: “crime in baking sector”,2016,ISSN 2455-2488

Table 4.6 Indian computer team record

Year cases
2011 308
2012 371
2013 781
Source: Cyber crime in banking sector” ,ISSN 2321-6417

Source:

According to this table 4.6 Indian computer team record gradually increase the number of Cyber crime i.e.
2011 Indian computer team record was 308,in 2012 it increased to 371 and in 2013 it increased to 781.

28
 References
1. Kumar Shubham, Kumar Uday, (2015) “ present scenario of Cyber crime India”.
2. Agrawal Sanchi (2016), Cyber crime in banking sector, Issn- no 2455-2488, Page No 8

29
 Chapter- 5

Government initiatives for Cyber Security in India

5.1 Initiative by RBI

The number of cyber security incident has gradually rise in India in over last few years. Ministry Of State
For Electronic and IT , Mr. PP Chaudhry started that as per information collected by India emergency
response team(CERT),44679,49679 and 50362 cyber security incident took place in India during the tear
2014,2015 and 2016, respectively. These incidences include ATM fraud virus Cyber Attacks.

 Technology and threats are developing

 Utilizing new channels of correspondence are essential to better serve client, an indicated by this
current report hazard radar which depend on our review discoveries, phishing botnets and portable
malware were evaluated among the in all probability dangers confronted, and furthermore among the
ones with the greatest effect.

 The long road ahead

 The last quarter of 2015, RBI governor Raghuram Rajan announced that the revenue arm of the
government plans to set up an information technology(IT) subsidiary for monitoring and regulated
internet services issued by bank of India.
 As we are moving towards a paperless banking system driven by dependence on IT, the subsidiary
will help the bank address issue on cyber security and evaluate the technological capability of bank.
the step to say ahead of Cyber crime is a prime concern for banking sector and customer who are
becoming more and more dependent on simplified digital banking.
 The India is the second largest number of smartphone users in the world and the internet play
important role in them, this has increase the baking facility like internet banking. thus they end up
rendering themselves vulnerable to an array of cyber security threats.

The centre offer the following security and protective tools

 USB Patriot”, was also launched by the government which , Union IT and Electronic Minister
Ravi Shankar Prasad states is aimed at controlling the unauthorized usage of removable USB
storage media of device like pen drive and USB supported mass storage device. One app also
launched, an app called “samivd”.it is desktop based Application whitelisting solution for window
operating system.it allow only preapproved set of executable files for execution protect desktop
from suspicious application from running.

30
  The one most important device m-Kavach, this for security of android mobile device has also
been developed. this provide security against issue related to malware that steal personal data and
credentials, misuse Wi-Fi and Bluetooth resource, this was lost and stolen mobile device, spam
SMSs, premium rate SMS and unwanted income calls.

 Browser, is the tool which serve as a browser extension which detect and defends malicious
HTMAL and java script attacks made through the web browser based on heuristics. It is alert the
user when he visits malicious web pages and provides a detailed analysis threat repot of the web
page. RBI strongly providing bank to take step up the awareness against Cyber crime, because this
is very dangerous for customer. Bank take direct step, specially place a security policy enlisting
the strategy to combat such threats, duly approval by the board.

Although, bank have tell to set up a security operation centre and beef up the role of the chief
information security officer (CISO) within individual bank, besides, the need to leverage the CISO forum
under RBI institute for development and research in banking technology(IDRBT) for exchanging
information among banks and generating quick response to cyber incident has been stipulated by the
bank .The security imperative is even more compelling with regard to preventing data theft and Spate of
cyber-attack have been turning highly.
RBI, IT Act with regard to Indian Banking Sector. Section 43A of IT Act provide for compensation in the
situation that a company or bank fail to use responsible security practice in order to protect sensitive
personal data and negligence in wrongful profit and loss.

5.2 Need for cyber security

 To ensure critical infrastructure system do not collapse under any circumstance.

 To ensure business continuity.
 Ensure disaster recovery plans and upgrade.
 For the success of government initiatives and smart cities.
 As many as 1,44,496 cyber security attacks were observed in the country last three years.

31
 5.3 National policy of 2013
There are various ongoing activities and programs of the government to address the cyber security
challenges which have significantly contributed to the creation of a platform that is now capable of
supporting and sustaining the efforts in securing the cyber space. Due to the dynamic nature of
cyberspace, there is now a need for these actions to be unified under a National Cyber Security Policy,
with an integrated vision and a set of sustained & coordinated strategies for implementation.

The cyber security policy is an evolving task and it caters to the whole spectrum of ICT users and
providers including home users and small, medium and large enterprises and government & non-
government entities. It serves as an umbrella framework for defining and guiding the actions related to
security of cyberspace. It also enables the individual sectors and organizations in designing appropriate
cyber security policies to suit their needs. The policy provides an overview of what it takes to effectively
protect information, information systems & networks and gives an insight into the government’s approach
and strategy for protection of cyber space in the country. It also outlines some pointers to enable
collaborative working of all key players in public & private to safeguard country’s information and
information systems. This policy, therefore, aims to create a cyber security framework, which leads to
specific actions and programmers to enhance the security posture of country’s cyber.

Vision : To build a secure and resilient cyberspace for citizens, businesses and government.

Mission : To protect information and information infrastructure in cyberspace, build capabilities to

prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber incidents
through a combination of institutional structures, people, processes, technology and cooperation.

Objectives
To create a secure cyber ecosystem in the country, generate adequate trust & confidence in IT systems and
transactions in cyberspace and thereby enhance adoption of IT in all sectors of the economy.

 To create an assurance framework for design of security policies and for promotion and enabling
actions for compliance to global security standards and best practices by way of conformity
assessment (product, process, technology & people).

32
 To strengthen the Regulatory framework for ensuring a Secure Cyberspace ecosystem.

 To enhance and create National and Sectoral level 24 x 7 mechanisms for obtaining strategic
information regarding threats to ICT infrastructure, creating scenarios for response, resolution and
crisis management through effective predictive, preventive, protective, response and recovery
actions.

 To enhance the protection and resilience of Nation’s critical information infrastructure by

operating a 24x7 National Critical Information Infrastructure Protection Centre (NCIIPC) and
mandating security practices related to the design, acquisition, development, use and operation of
information resources.

 To develop suitable indigenous security technologies through frontier technology research,

solution oriented research, proof of concept, pilot development, transition, diffusion and
commercialization leading to widespread deployment of secure ICT products / processes in general
and specifically for addressing National Security requirements.

 RRTo improve visibility of the integrity of ICT products and services by establishing
infrastructure for testing & validation of security of such products.

 To create a workforce of 500,000 professionals skilled in cyber security in the next 5 years through
capacity building, skill development and training.

 To provide fiscal benefits to businesses for adoption of standard security practices and processes.

 To enable protection of information while in process, handling, storage & transit so as to safeguard
privacy of citizen's data and for reducing economic losses due to Cyber crime or data theft.

 To enable effective prevention, investigation and prosecution of Cyber crime and enhancement of
law enforcement capabilities through appropriate legislative intervention.

 To create a culture of cyber security and privacy enabling responsible user behavior & actions
through an effective communication and promotion strategy.

33
 To develop effective public private partnerships and collaborative engagements through technical
and operational cooperation and contribution for enhancing the security of cyberspace.

 To enhance global cooperation by promoting shared understanding and leveraging relationships

for furthering the cause of security of cyberspace.

 Strategies - Creating a secure cyber ecosystem

1) To designate a National nodal agency to coordinate all matters related to cyber security in
the country, with clearly defined roles & responsibilities.

2) To encourage all organizations, private and public to designate a member of senior

management, as Chief Information Security Officer (CISO), responsible for cyber security
efforts and initiatives.

3) To encourage all organizations to develop information security policies duly integrated

with their business plans and implement such policies as per international best practices.
Such policies should include establishing standards and mechanisms for secure information
flow (while in process, handling, storage & transit), crisis management plan, proactive
security posture assessment and forensically enabled information infrastructure.

4) To ensure that all organizations earmark a specific budget for implementing cyber security
initiatives and for meeting emergency response arising out of cyber incidents.

5) To provide fiscal schemes and incentives to encourage entities to install, strengthen and
upgrade information infrastructure with respect to cyber security.

6) To prevent occurrence and recurrence of cyber incidents by way of incentives for

technology development, cyber security compliance and proactive actions.

7) To establish a mechanism for sharing information and for identifying and responding to
cyber security incidents and for cooperation in restoration efforts.

34
 8) To encourage entities to adopt guidelines for procurement of trustworthy ICT products and
provide for procurement of indigenously manufactured ICT products that have security
implications.
B. Creating an assurance framework

1) To promote adoption of global best practices in information security and compliance and
thereby enhance cyber security posture.

2) To create infrastructure for conformity assessment and certification of compliance to cyber

security best practices, standards and guidelines (Eg. ISO 27001 ISMS certification, IS system
audits, Penetration testing / Vulnerability assessment, application security testing, web security
testing).

3) To enable implementation of global security best practices in formal risk assessment and risk
management processes, business continuity management and cyber crisis management plan by all
entities within Government and in critical sectors, to reduce the risk of disruption and improve the
security posture.

4) To identify and classify information infrastructure facilities and assets at entity level with
respect to risk perception for undertaking commensurate security protection measures.

5) To encourage secure application / software development processes based on global best

practices.

6) To create conformity assessment framework for periodic verification of compliance to best

practices, standards and guidelines on cyber security.

7) To encourage all entities to periodically test and evaluate the adequacy and effectiveness of
technical and operational security control measures implemented in IT systems and in networks.[1]

C. Encouraging Open Standards

1) To encourage use of open standards to facilitate interoperability and data exchange among
different products or services.
35
 2) To promote a consortium of Government and private sector to enhance the availability of tested
and certified IT products based on open standards.

D. Strengthening the Regulatory framework

1) To develop a dynamic legal framework and its periodic review to address the cyber security
challenges arising out of technological developments in cyber space (such as cloud computing,
mobile computing, encrypted services and social media) and its harmonization with international
frameworks including those related to Internet governance.

2) To mandate periodic audit and evaluation of the adequacy and effectiveness of security of
information infrastructure as may be appropriate, with respect to regulatory framework.

3) To enable, educate and facilitate awareness of the regulatory framework.

E. Creating mechanisms for security threat early warning, vulnerability management and response to
security threats

1) To create National level systems, processes, structures and mechanisms to generate necessary
situational scenario of existing and potential cyber security threats and enable timely information
sharing for proactive, preventive and protective actions by individual entities.

2) To operate a 24x7 National Level Computer Emergency Response Team (CERT-In) to function
as a Nodal Agency for coordination of all efforts for cyber security emergency response and crisis
management. CERT-In will function as an umbrella organization in enabling creation and
operationalization of sectoral CERTs as well as facilitating communication and coordination
actions in dealing with cyber crisis situations.

3) To operationalize 24x7 sectoral CERTs for all coordination and communication actions within
the respective sectors for effective incidence response & resolution and cyber crisis management.

4) To implement Cyber Crisis Management Plan for dealing with cyber related incidents impacting
critical national processes or endangering public safety and security of the Nation, by way of well-
coordinated, multi-disciplinary approach at the National, Sectoral as well as entity levels.
36
 5) To conduct and facilitate regular cyber security drills & exercises at National, sectoral and
entity levels to enable assessment of the security posture and level of emergency preparedness in
resisting and dealing with cyber security incidents.

F. Securing E-Governance services

1) To mandate implementation of global security best practices, business continuity management

and cyber crisis management plan for all e-Governance initiatives in the country, to reduce the risk
of disruption and improve the security posture.

2) To encourage wider usage of Public Key Infrastructure (PKI) within Government for trusted
communication and transact.
Creating Cyber Security Awareness

1) To promote and launch a comprehensive national awareness program on security of cyberspace.

2) To sustain security literacy awareness and publicity campaign through electronic media to help
citizens to be aware of the challenges of cyber security.

3) To conduct, support and enable cyber security workshops / seminars and certifications.

Developing effective Public Private Partnerships

1) To facilitate collaboration and cooperation among stakeholder entities including private sector, in the
area of cyber security in general and protection of critical information infrastructure in particular for
actions related to cyber threats, vulnerabilities, breaches, potential protective measures, and adoption of
best practices.

2) To create models for collaborations and engagement with all relevant stakeholders.

3) To create a think tank for cyber security policy inputs, discussion and deliberations. Information
sharing and cooperation

37
4) To develop bilateral and multi-lateral relationships in the area of cyber security with other countries.

5) To enhance National and global cooperation among security agencies, CERTs, Defence agencies and
forces, Law Enforcement Agencies and the judicial systems.

6) To create mechanisms for dialogue related to technical and operational aspects with industry in order to
facilitate efforts in recovery and resilience of systems including critical information infrastructure.
N. Prioritized approach for implementation
To adopt a prioritized approach to implement the policy so as to address the most critical areas in the first
instance. [2]

Operationalization of the Policy

This policy shall be operationalized by way of detailed guidelines and plans of action at various levels
such as national, sectoral, state, ministry, department and enterprise, as may be appropriate, to address the
challenging requirements of security of the cyberspace.

5.4 Prevention measure for Cyber crimes

 We know that that prevention is always better then cure. A netzines should take certain precaution
while operating the internet and should follow certain prevention measure for Cyber crime.

 You identify of exposure through education will assist responsible companies and firms to meet
the issue.

 One most important thing should avoid disclosing personal data to stranger via e- mail or while
chatting.
 One most not spending any photograph to the stranger by online as misusing of photo incidence
day by day.

 An upgrade antivirus software to guard against virus attacks should be used by all the netzines and
should keep back volume.

38
  Any person should send credit cards number to any site because that is not secure

 It is better to use security programmers by the body corporate to control information on sites.

 To use strong password code.

 Keep your debit, credit card in safe hands.

 To use secured online transactions

 Do not use multiple types of account because they take your information by their coding language.

Proactively Protect Your Money

The rate of conviction in Indian cybercrime cases is low because of weaknesses in the INFORMATION
TECHNOLOGY ACT 2000 The legal process is also notoriously slow. Though many Indian banks claim
to protect customer accounts, it’s not easy to recover stolen money from a bank after a breach. It’s better
to exercise caution and follow online security best practices: Use a strong password, change it often and
never use it across multiple sites. Check with your bank to determine whether your account is insured
against internet fraud.

Monitor your account regularly and notify the bank of any unusual activity as early as possible .Update
your computer’s operating system and software and protect it with a good security solution .Do not open
suspicious emails or attachments, and do not share your SPI with strangers .Exercise caution when
clicking on social media links and do not post your SPI on social media .Never access online banking
from a public computer or over a public Wi-Fi. Withdraw money from ATMs located in secure areas and
use your card only with trust worth merchants.

If your account is compromised, report it immediately to your bank and the local police. Swift action can
help you minimize the damage and bring the cybercriminals to justice

39
 References

1. “National cyber security policy” (2015), Issn no. 2229-5518.

2. Kumar Shubham(2015), “present scenario of Cyber crime in India”

40
 CONCLUSION

It is clear by the study and records with the increment of technology Cyber crime have increased
among qualified people commit crime more. There is need about their principles and computer ethics
for their use in proper manner. Cyber Attack in the current era have become more specialized and
concentrated in nature t6argeting specific organization and individual. Cyber security is among the top
challenge being faced by many organizations in the country.

The national institute of justice, technical working group digital evidence are some of the key
organization involved in research. The ATM fraud is not the sole problem of bank alone, it is a big
threat and it require a coordinate and cooperation action on part of bank ,customer and the law
enforcement machinery . The ATM fraud not only cause financial loss to bank but they also
undermine customer confidence use of ATM.

Capacity of human mind is unfathomable. It is not possible to eliminate Cyber crime from the cyber
space. History is the witness that no legislation has succeeded in totally eliminating crime from the
India. The only possible step is make people aware of their rights and duties and further making the
application of the laws more stringent to check crime. Undoubtedly the act is a historical step in the
cyber world.

There is a need to bring changes in the information technology Act to make effective to combat Cyber
crime. Preventing cyber money laundering is an uphill task which needs to be tacked at different
levels. This has to be fought on three planes , first by banks/financial institution , second by nation
states account all the related issue like development of e-money , right to privacy of individual .

Therefore there is need for holistic approach to combat these crimes in all ramification our proposal
therefore is the need for cyber policy who are to be trained specially to handle cybercrimes in India.In
additional, the policy should have central computer crime investigation agencies to guide and
coordinate computer crime investigation. Also proposing that the country should set up national
computer crime resource centre, a body which will comprise expert and professional to establish rules,
regulation and standard of authentication of each citizen record and the staff of establishment and
recognized organization, firms, industries etc. forensics commission should be established .

41
 FRUITFUL SUGGESTIONS AND DIRECTIONS

 It is always necessary to take some preventive measure to prevent banking transaction from
banking fraud and other threats. For this, the following suggestion can be made.

 Make sure with a protection that gives power over cookies that forward information back sites.

 Make sure web servers in row public site are physically separate and individually confined from
in-house corporate network

 Bring into lay latest anti-virus software, operating system, web browsers and email Programme.

 Place firewall and develop your content off line.

 Forward credit card information just to safe and sound web sites.

 If web site serves up active content from a database, consider putting that database behind a
second interface on your firewall, with tighter access rules than the interface to your serve.

 Systematically confirm out the site you are doing business carefully

 Don’t transit credit card information to unfamiliar sites.

 Don’t reveal password with other people.

42
 BIBLIOGRAPHY

 Rao shanker,10 September (2014) “effect of Cyber crime I Indian economy”

 Ahuja vashumal (2009to 10) “Cyber crime in banking sector, page no 17 to 25.

 Agarwal Sanchi (2016) “Cyber crime in banking sector” Issn no 2455-2488.

 “National cyber security” (2015), Issn no 222-95518.

 Goel Seema Cyber crime (2016) “A growing threat to Indian banking sector” Issn no 978-93-
86171

 Simran,2018, “Cyber crime;- a growing threat to Indian banking sector” ,ISSN 2394-3386,
volume 5 .

 Agarwal Sanchi,2016 “Cyber crime in banking sector”, ISSN 2455-2488,volume 3

 Raghavan A.R,2014, “The effect of Cyber crime on a bank’s finance, ISSN 2347-3215,
volume 2.

 Rao shanker,2014 “effect of Cyber crime of Indian economy, ISSN 2348-1439.

 The e- newspaper “economic times banking,2017.

 As per RBI report 2017

 Digpal and Karan,2011 “Cyber crime in banking sector” ,ISSN 2321-6417.

 PWC’s global economic crime survey ,2016.

43
 Das Sumanjit,2013 “Cyber crime issue and challenge”, ISSN 2231-6604, volume 6.

 Neena soni,2013 “banking cyber fraud in India special reference to private and public banks”
,ISSN 2319-1171, volume 2.

44