7

Information Technology Act and Cyber Terrorism: A Critical Review Debarati Halder Introduction After 9/11, it has become a trend for the militant outfits to avail cyber assistance in order to achieve extremist missions. The Kosovo conflict in 2001 which also inspired defacement of numerous NATO websites and denial of services by hackers who supported the anti NATO activities (Denning, 2010) and the 1997 Internet Black Tigers attack on Sri Lankan embassy which involved 800 emails carrying extremist messages to disrupt the communications (Denning, 2001), were some of the early evidences of cyber terrorism. The 9/11 attack saw typical execution of cyber attack by Al Qaeda against the US government, which carried not only the threat messages, but also defaced many websites, disrupted internet communication for government as well as civil amenities (Denning, 2010) and also created a huge empathy among the Muslim hackers to support the militant forum in their jihad. The trend thus turned highlights to Muslim jihadists and their cyber terrorism activities against governments, from non-Muslim fundamentalist groups against governments. In India, cyber terrorism has emerged as new phenomena. The probe against the 2008 serial blasts in cities like Ahmedabad, Delhi, Jaipur, and Bangalore found considerable evidences of cyber terrorism (NDTV Correspondent, 2010); the 2008 attack on Mumbai Taj Hotel, which is now famously known as 26/11 and the 2010 blast in the holy city of Varanasi also had trails of cyber terrorism (NDTV Correspondent, 2010). Ironically, most of these incidences involved Muslim Jihadists like the Indian Mujahiddin. However, an analysis on news reports on extreme usage of cyber communications would show that spreading of terror messages targeting State Heads or claiming responsibilities for terror attacks had been done by non-Muslim youths as well. However, all these incidences indicate two main aspects of cyber terrorism, namely, gathering of information and spreading of the terror through cyber communications for disruption of national security and peace. After the 26/11 attack, the Indian government had brought into effect a set of proposed amendments to the Information Technology Act 2000, which has specific provisions for combating cyber terrorism. The provision under section

Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

66F discusses about cyber terrorism in the broadest sense.1 This provision actually lays down the punishment to be meted out for actors of cyber terrorism. The definition of the term cyber terrorism is glaringly missing in the said legal provision. To strengthen the law on cyber terrorism, the Indian government had further proposed a set of Rules in 2011,2 which promises to tighten the loose loops. In this chapter, I claim that, this particular law has addressed cyber terrorism from a holistic aspect; however, loopholes still exist to withhold the proper execution of the laws for prosecuting the accused. Further, in this chapter I aim to analyze the provision of this law in the light of internationally established nuances of cyber terrorism. This chapter will address the problem from three different angles, namely: 1. The myth and truth about cyber terrorism. 2. Could laws regulate this issue? 3. Whether Indian laws really address the issues of cyber terrorism in the light of freedom of speech. Background Even though the issue of cyber terrorism has attracted huge attention from cyber criminologists, cyber law specialists and social science researchers, very few researches have been done for analyzing the legal issues involved in cyber terrorism in India. Globally, the issue of cyber terrorism has been analyzed from four main angles, namely the missions that are involved in cyber terrorism (Denning, 2010), the methods that are followed for achieving the ultimate purpose of cyber terrorism (Denning, 2010; Wykes & Harcus, 2010), the results of cyber terrorism (Denning, 2010) and the role of laws in combating cyber terrorism (Trachtman, 2009). Most of these researches have shown that usage of cyber space by terrorist organizations has a three folded purpose, to spread the threat, to gain maximum information about the target government and the governmental property in cases damage to property and civil society is also aimed for and to recruit new forces (Denning, 2010). Some researches have established that cyber terrorism includes two main types of activities, viz., cyber crime and misuse of information technology, and therefore it would be wrong to assume that cyber terrorism is a new kind of cyber crime (Schjolberg, 2007). It may be worthy to note that the types of cyber crimes that are involved in cyber terrorism may vary from identity theft (Wykes & Harcus, 2010), to denial of service attack (Denning, 2010). At the same time, the extremists may leave a trail in the cyber space after the real terrorist activity has taken place (Wykes & Harcus, 2010). This may necessarily include visits to the
The definition can be found in Section 69F of the information technology Act, 2000 (amended in 2008). The definition will be analyzed in later parts of this chapter. 2 These rules could be found at http://www.mit.gov.in/sites/upload_files/dit/files/RNUS_CyberLaw_15411.pdf
1

Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

websites, sending emails etc. but the question, which remains, is how the police and law and justice machinery combat this overall misuse of technology in the name of Jihad? Due to lack of proper infrastructure and easy methods of deletion of the evidences, it may become impossible for security experts and the police to track the trouble creator (Jewkes, 2010). Further, some studies have also shown that before 9/11, cyber terrorism was not particularly associated with jihad, but with demands from the extremist groups from the government (Denning, 2010). After 9/11, the term cyber terrorism has been mostly associated with the cyber warfare between Muslim fundamentalists and the government, especially the US and those national governments who support US policies and rules and regulations (Wykes & Harcus, 2010). The term cyber terrorism has been attempted to be defined from various angles. According to the definition provided by the US national infrastructure protection centre (2001), cyber terrorism may mean
a criminal act perpetrated by the use of computers and telecommunication capabilities resulting in violence, destruction and/or disruption of services to create fear by causing confusion and uncertainty with a given population with the goal of influencing a government or population to conform to particular political, social or ideological agenda (Denning, 2010, p. 198).

The term has also been defined by the International Handbook on Critical Information Infrastructure Protection (CIIP) 2006 Vol. II, as attacks or series of attacks on critical information carried out by terrorists and instills fear by effects that are disruptive or destructive and has a political , religious and ideological motivation (Schjolberg, 2007, p. 2). As such, the EU convention on cyber crimes, 2001 had laid down strategic roles for the member parties to corroborate with each other on 24/7 basis in cases of criminal misuse of cyber space.3 Given the fact that cyber terrorism includes criminal misconduct and trespass in the cyber space, Schjolberg (2007) had pointed out that domestic courts therefore play great role in combating cyber terrorism. From the above literature, it could be understood that cyber terrorism is not a new phenomena. This is a criminal conduct in the cyber space to disrupt peaceful governance. Even though countries like the US had developed and is still developing strategic methods to combat cyber terrorism, lack of focused law, proper infrastructure and trained experts to trace the details of the extremist pose serious problems for countries like India to combat terrorism in cyber space. Core characteristics of cyber terrorism Cyber terrorism has some universal characteristics, which are as follows: 1. It is done to convey a particular destructive or disruptive message to the government(s).
3

See chapter III, Article 23-35 of the EU Convention on Cyber Crimes, 2001.

Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

2. There are various methods to convey this message, viz., through denial of services, sending threatening emails, defacing of government websites, hacking and cracking of crucial governmental systems or protected systems,4 disrupting the civil amenities through destroying the proper working of the digital information systems, etc. 3. It could affect the computers and the networks as a whole, it could also affect the governing system, and it could affect the population of target area to create threat. 4. Computer and digital communication technology are used as a main tool to achieve extremist purposes. 5. The whole act could be motivated by religious, social or political ideologies. 6. It is mostly done by hi-tech offenders. For elaborating these characteristics, I take up the 26/11 Mumbai terror attack case. Even though the media had highlighted the phenomenal terrorist attack on crucial business and Jewish settlements in Mumbai, the Indian Ministry of Home affairs in their annual report (2010) had released a detailed nexus between digital technology and the (mis)use of the same by extremists. Oh, Agrawal, and Rao (2011) and LaRaia and Walker (2009) had corroborated the usage of cyber technology to extremist use to present the scenario of cyber terrorism which engulfed India as well as the whole world. Both Oh et.al (2011) and LaRaia and Walker (2009) have elaborated how satellite phones, GPS and various websites were widely used for fulfilling the mission of the extremists. Without going into the details, it could be said, that, unlike the Al Qaeda attack on the twin towers in the US in 9/11, or the Tamil Tigers email attacks to computers in the Sri Lankan embassies, in India, the cyber terrorism scenario has not been expanded to attack on the machines or the network widely. On the contrary, the term cyber terrorism has been broadly used by the media especially to identify the usage of cyber space and /or cyber technology to aide the terrorist activities, gain information about the target place and population, recruitment and motivation etc.
Section 70 of the Information technology act, 2000 (amended in 2008) describes protected system and regulations related to it as follows: (1) The appropriate Government may, by notification in the Official Gazette, declare any computer resource which directly or indirectly affects the facility of Critical Information Infrastructure, to be a protected system. Explanation: For the purposes of this section, "Critical Information Infrastructure" means the computer resource, the incapacitation or destruction of which , shall have debilitating impact on national security, economy, public health or safety. (Substituted vide ITAA2008) (2) The appropriate Government may, by order in writing, authorize the persons who are authorized to access protected systems notified under sub-section (1) (3) Any person who secures access or attempts to secure access to a protected system in contravention of the provisions of this section shall be punished with imprisonment of either description for a term, which may extend to ten years and shall also be liable to fine. (4) The Central Government shall prescribe the information security practices and procedures for such protected system (Inserted vide ITAA 2008).
4

Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

There are several reports on the hacking and defacement of Indian government websites. Some of the examples are the 2010 hacking and defacement of the CBI website by the Pakistani hackers, who called themselves Pakistan cyber army, wherein the hackers had put up a message stating Pakistan cyber army is warning the Indian cyber army not to attack their websites (NDTV Correspondent, 2010). The website was affected, but not the regular emailing services. The media stated that the experts hoped that it was a mere defacement and not the case data vandalizing because the server hosting the website was different from the one, which managed confidential correspondences (NDTV Correspondent, 2010). During the period of January to June 2011, a total of 117 government websites had been defaced (Saxena, 2011). Some important websites like the website of National Investigation Agency (NIA) was also affected, but it was temporarily disabled and not hacked. Investigation on these offences is still going on. Experts had suggested that regular cyber security audits could prevent such attacks (NDTV Correspondent, 2010). Such types of attacks actually fulfill the qualities of cyber attacks against government. Basing on this very assumption, Duggal commented on the web defacement of the CBI website as an act of cyber terrorism (NDTV Correspondent, 2010). Indian interpretation of cyber terrorism A minute analysis of the 26/11 Mumbai attacks would show that cyber communication between the terrorists and usage of cyber technology by them to be acquainted with the target population and the place, created similar devastating results in India. In July 2011, the digital technology was further used for bomb blasts in a crowded city market in Jhaveri Bazaar, Mumbai. The 2010 Varanasi blast case also saw the usage of cyber communication wherein the Indian Mujahiddin claimed responsibility for the blast. Awakened by this, the Government of India took strong steps to strengthen the cyber security, including prohibition of terrorist activities through cyber space by way of amending the existing Indian information Technology Act, 2000. The provision that was specifically inserted in this legislature for this purpose was section 66F which defines and describes cyber terrorism. Section 66F mentions that
(1) Whoever,(A) with intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by (i) denying or cause the denial of access to any person authorized to access computer resource; or (ii) attempting to penetrate or access a computer resource without authorisation or exceeding authorized access; or (iii) introducing or causing to introduce any Computer Contaminant. and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

of the community or adversely affect the critical information infrastructure specified under section 70, or (B) knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorized access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism. (2) Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.

From the above definition, it could be inferred that, cyber terrorism is an act of hacking, blocking and /or computer contaminating in order to restrict legally authorized persons to access computer resources in general, and /or to gain or obtain unauthorized access to any information which is a restricted information for the purpose of security of the state, or foreign relation etc. These are gruesome acts which is done with an intention to threaten the security, sovereignty and integrity of India or strike terror in the minds of people or a section of people; and which may result in death and injury to people, damage to properties, disruption of civil services which are essential to the life of a community, and also affects the critical information infrastructure. However, in the case of 26/11 Mumbai attacks, it could be seen that terrorists had used communication services not to hack or block the protected information, but to aide the terrorists to carry on with the massacre. The intercepted messages that were availed by the Government of India during the prosecution of the Mumbai attack case would clearly show the extremists were communicating purely on the basis of their personal freedom of speech. However, when looked at the communication in total, it could be seen that this speech was carried on to disrupt the peace, security and sovereignty of India and thereby it looses its nature of a protected speech under Art 19A of the Constitution of India. At the same time, it is an act of terrorism. In the definition provided by section 66F, this particular aspect is glaringly absent. The Information Technology Act, 2000 (amended in 2008) had painstakingly taken efforts to secure protected systems, which is defined by Section 70. The appropriate Government may, by notification in the Official Gazette, declare any computer resource which directly or indirectly affects the facility of Critical Information Infrastructure, to be a protected system. Explanation added to this section further explains that "Critical Information Infrastructure" would mean that vital computer resource regarding national security, economy, public health and safety, which if destructed or damaged, shall have a debilitating impact on these issues.
Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

I argue that the present Indian legal approach towards cyber terrorism has therefore emphasized unauthorized access to restricted information only, which is but a part of the whole modus operandi of terrorism through cyber space. This is very much evident from the two specific provisions which are dedicated to define and describe cyber security under section 2(nb); and unauthorized access to computer and computer network system and contamination etc under section 43 of the Information Technology Act, 2000 (amended in 2008). Further, to strengthen these two sections, section 69, 69A and 69B were also enacted. Section 69 speaks about powers to issue directions for interception or monitoring or decryption of any information through any computer resource; section 69A speaks about power to issue directions for blocking for public access of any information through any computer resource, and section 69B speaks about power to authorize to monitor and collect traffic data or information through any computer resource for Cyber Security. All these sections may signify the communicational aspect of cyber terrorism, which is missing in the definition of cyber terrorism in section 66F. The unfortunate truth is that this legislation could not come out of the basic scope of legal recognition of electronic commerce that was laid down at the time of the birth of this law. This scope was further enhanced in the Information Technology Amendment Bill, 2006 to cover e-governance, e-commerce, e-transactions, protection of personal data and information and protection of critical information infrastructure. Even though the amended Act in 2008 had included provisions, which would protect personal data, prevent financial frauds and restrict offensive communication, the purpose of preventing extremist usage of the cyber communications was not properly satisfied. In this connection, I need to further emphasize that the term cyber terrorism was coined in 1996 by Barry Collin, who defined the term as the convergence of cybernetics and terrorism (cited in Krasavin, 2002, para 6). However, the definition was not stagnated in this meaning alone. Various researchers have attempted to define the term from various angles, which include the usage of the term to mean using information technology with political motivation to attack on civilians (Pollit, 1997 cited in Krasavin, 2002). This term has further gained popularity due to the media, who interpreted the term from mischievous pranks to terrorize others (Krasavin, 2002), to even serious attacks like the Mumbai attack ((NDTV Correspondent, 2010). It could therefore be seen that cyber terrorism could be defined depending upon the terms linguistic usage and interpretation of the same through various approaches. As I had mentioned earlier, cyber terrorism is a holistic term. This includes general usage of the cyber space, which would also aide to terrorist purposes. Oh et.al (2010) had showed that apart from general websites giving details about Mumbai target areas, the terrorists had extensively used Twitter posts made by common people to gather information about the current status of situations. Most of these posts were made in connection of warning people about sensitive areas, blood donation camps that were set up to supply blood to the wounded, information for friends and relatives.
Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

Apparently, these posts were well within their constitutional limits; however, they fed unconstitutional missions. From these points, it could be seen that the present law failed to understand the reach of terrorists physical communication to cyber space. This failure had further motivated more cyber usage for terrorist purposes. The 2011 Javeri Bazaar blast, again in Mumbai is a glaring example. It could further be seen that due to this lacuna in the legislation, the prosecution pays minimum heed to the application of this law in the course of prosecuting the accused. After the amended version of the Information Technology Act was brought in, section 69F was sparingly used to nip the bud of cyber terrorist acts. In most cases, cyber reliance by the terrorists or extremists was used for forensic evidences (NDTV Correspondent, 2010). Even though no official report has still come out on the usage of this provision (Duggal, 2011), this law could mostly be referred for hacking and defacement of government websites like that of the case of defacement of CBI website by the Pakistan cyber army that is referred above; provided this law creates threat to the population and also threat to sovereignty and integrity of the country, or cases of misuse of identity for financial gains towards the fulfillment of terrorist purposes. However, I refuse to call Pakistan cyber army hacking and defacement case as a case of cyber terrorism. Such attacks on government websites could be vital as this may actually hamper the machine, the congenital government data as well as the network. However, this attack neither affected the confidential data (NDTV Correspondent, 2010), nor created extreme threat to the sovereignty and integrity of nation, neither threat to population of a targeted area as was done in Mumbai attack, and thereby failed to attract the core characteristics of cyber terrorism. These are cases of Terrorists use of Internet and not Cyber Terrorism per se. Ironically, the provisions in the proposed Information Technology guidelines for cyber caf Rules, 2011, have provided ancillary support towards the prevention of cyber terrorism. The cyber smart extremists prefer to avoid private internet connections through home computers, as the internet protocol address (I.P address) may easily disclose the location data. India had witnessed the usage of cyber caf for such mischievous purposes (NDTV Correspondent, 2010). The two particular sections of this proposed Rule attract my attention for this specific purpose; section 2(bb) of this proposed rule defines log register as a register maintained by the Cyber Caf for access and use of computer resource and thereby indicates that every cyber caf must have a log register to notify the persons who would are using cyber cafes for accessing and using computer resources. Section 4 of this proposed rule further states regulations for Cyber caf. The rule has also proposed that the cafes responsibility must also include prohibiting any user from accessing the computer or computer networks established in the caf unless 1. the intended user produces a valid identity proof as has been specified under section 4(1) of this Rule;
Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

2. the intended user actually allows the caf to store his data through photocopy of the same, as has been specified under section 4(2) of this Rule; 3. if the intended user is a minor, he/she is accompanied by an adult as has been specified under section 4(4) of this Rule; 4. the accompanying person (if any) of the intended user produces identity data as has been specified under section 4(5) of this Rule. Apparently these provisions are made to monitor the users of cyber caf . It is evident from these proposed regulations that drafters of the Indian laws towards protection of cyber communication are well aware of the misuse of the public server facilities that are provided by the cyber caf (Halder, 2011). Conclusion Apparently a legislation made to safeguard the e-commerce, cannot be pulled in to protect non-commercial issues including extremist communications and ideologies that are hatched in the cyber space. In India, extremist activities which are carried out to disrupt the sovereignty and integrity are strictly regulated the Prevention of Terrorism Act, 2002 (repeal ordinance, 2004), besides various provisions under the Indian Penal code, especially chapter VI, which deals with offences against the State. The prime focus of these legislations is to restrict terrorist activities in India. As such, they also emphasize on the forensic evidences that could trace the motive, the master plan as well as the master planner and the executers of such plans. With the growth of digital communications, the Indian Evidence Act has also adopted the cyber forensic specimens as evidences for the extremist ideologies and activities. A minute analysis of the Information Technology Act, 2008 would show that the language of the provisions, especially section 69 F, fails to recognize the inherent meaning of terrorism through cyber space. Rather, this law remained a shadow of the existing anti terrorism legislations. Vandalizing the cyber space could definitely be termed as cyber terrorism, but cyber communication carried out to vandalize the peace of civil society must not be ignored. Nothing but a focused law could be the only answer for preventing cyber terrorist activities in India. It could be seen that Information Technology Bill 2006 had a larger holistic statement of objects and reasons. Para 1 and 2 of the statement of objects and reasons of this Bill stated as follows:
The Information Technology Act was enacted in the year 2000 with a view to give a fillip to the growth of electronic based transactions, to provide legal recognition for e-commerce and e-transactions, to facilitate e-governance, to prevent computer based crimes and ensure security practices and procedures in the context of widest possible use of information technology worldwide. With proliferation of information technology enabled services such as e-governance, ecommerce and e-transactions, protection of personal data and information and implementation of security practices and procedures relating to these applications Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

of electronic communications have assumed greater importance and they require harmonisation with the provisions of the Information Technology Act. Further, protection of Critical Information Infrastructure is pivotal to national security, economy, public health and safety, so it has become necessary to declare such infrastructure as a protected system so as to restrict its access.

However, the amended Act of 2008 does not show case these objects and reasons. Here lies the pivotal focus of my argument. A law meant for safeguarding electronic commerce could go to save the personal data of the individuals, but it may not successfully envelop the issues of terrorism, even though such terrorist move could disrupt the commercial transactions through cyber space and thereby cause financial loss to the nation. In order to make the present Information Technology Act, 2008 a focused legislation to prevent cyber atrocities, especially cyber terrorism, the following recommendations could be adopted: 1. The statement of object and reasons must be stretched to cover crimes committed in the cyber space, and not limited to safeguard electronic commerce and related communications only. 2. Cyber terrorism must be broadly defined to include the usage of cyber space and cyber communication. 3. The language of Section 66F must be stretched to cover cyber communication that is carried out with intent to fulfill terrorist missions. Further, the provisions of section 69, which speaks about power to issue for interception or monitoring or decryption of any information through any computer resource, must be included in the ambit of section 66 E. This could form a new chapter dedicated for cyber terrorism and extremist speeches in the main legislation. References Collin, B. (1996). The Future of CyberTerrorism. Proceedings of 11th Annual International Symposium on Criminal Justice Issues, The University of Illinois at Chicago. Denning, D. E. (2001). Cyberwarriors: Activists and Terrorists turn to cyberspace. Harvard International Review, XXIII(2), 70-75. Denning, D. E. (2010). Terrors Web: How the Internet is transforming Terrorism. In Y. Jewkes & M. Yar (Eds.), Handbook of Internet Crimes (pp. 194 - 213). Cullumpton: Willan Publishing. Duggal, P. (May 30, 2011). Cyber Terrorism Some legal perspectives. Retrieved on 12.08.2011 from http://neurope.eu/cybersecurity2011/?p=47 Halder D. (7 August 2011). The caf with better responsibility. Retrieved on 12.08.2011 from http://cybervictims.blogspot.com/2011/08/cafe-with-betterresponsibility.html Jewkes, Y. (2010). Public Policing and Internet crime. In Y. Jewkes & M. Yar (Eds.), Handbook of Internet Crimes (pp. 525 - 545). Cullumpton: Willan Publishing.
Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.

Krasavin, S. (2002). What is Cyber-terrorism? Retrieved on 12.08.2011 from http://www.crime-research.org/library/Cyber-terrorism.htm. LaRaia, W., & Walker, M. C. (2009). The Siege in Mumbai: A Conventional Terrorist Attack Aided by Modern Technology. In M. R. Haberfeld., & A.V. Hassell. (Eds.), A New Understanding of Terrorism (pp. 309-340). New York: Springer. NDTV Correspondent (2010). Hacked by 'Pakistan cyber army', CBI website still not restored. Retrieved on 12.08.2011 from http://www.ndtv.com/article/india/hacked-by-pakistan-cyber-army-cbiwebsite-still-not-restored-70568 Oh, O., Agrawal, M., & Rao, H. R. (2011) Information control and terrorism: Tracking the Mumbai terrorist attack through twitter. Information Systems Frontiers, "Special Issue on Terrorism Informatics", 13(1), 33-43. Pollitt, M. M. (1997). A Cyberterrorism Fact or Fancy?. Proceedings of the 20th National Information Systems Security Conference (pp. 285-289). Saxena, A. (August 4 2011). 117 Indian Government Websites Defaced Till July. MEDIANAMA. Retrieved on 12.08.2011 from http://www.medianama.com/2011/08/223-indian-government-websiteshacked/ Schjolberg, S. (2007) Terrorism in Cyberspace - Myth or reality? Retrieved on 12.08.2011 from http://www.cybercrimelaw.net/documents/Cyberterrorism.pdf Trachtman, J. P. (2009). Global Cyberterrorism, Jurisdiction, and International Organization. In M. F. Grady & F. Parisi (Eds.), The Law and Economics of Cybersecurity (pp. 259 - 296). New York: Cambridge. Wykes, M. & Harcus, D. (2010). Cyber-terror: construction, criminalisation and control. In Y. Jewkes & M. Yar (Eds.), Handbook of Internet Crimes (pp. 214 229). Cullumpton: Willan Publishing.

Chapter published in: Madhava Soma Sundaram, P., & Umarhathab, S. (Eds.), (2011). Cyber Crime and Digital Disorder. Tirunelveli, India: Publications Division, Manonmaniam Sundaranar University.