Classification of Cybercrimes, Categories & Criminal Profiles
A cybercrime is any illegal act in which a computer or digital device is either the instrument of the crime, the target of the crime, or both. As digital life expands, cybercrimes have grown exponentially in frequency, sophistication, and scale. India's IT Act 2000 (amended by the IT Amendment Act 2008) is the primary legal framework governing cybercrimes in India.
---
Primary Classification: Target of the Crime
Cybercrimes are classified by who or what is the victim:
| Classification | Target | Examples | Applicable Law | Punishment (India) |
|---|---|---|---|---|
| Against Person | Individual human beings | Cyberstalking, cyber harassment, identity theft, defamation | IT Act Section 66C, 66E, IPC 509 | Up to 3 years imprisonment |
| Against Property | Digital or physical property | Hacking, data theft, ransomware, IP theft | IT Act Section 43, 66, 66B | Up to 3 years + fine |
| Against Organisation | Corporations, governments | Corporate espionage, DoS attack, insider threat | IT Act Section 66, IPC 420 | Up to 3 years imprisonment |
| Against Society | Public order, social fabric | Cyberterrorism, CSAM, hate speech, fake news | IT Act Section 67, 69 | Up to 5–7 years |
| Against Nation | National security, critical infrastructure | Cyberwarfare, SCADA attacks, grid attacks | IT Act Section 66F | Life imprisonment |
---
Categories of Cybercrime by Method
Beyond classification by target, cybercrimes are grouped by the method used:
| Category | Description | Sub-types | Real Example | Estimated Annual Cost |
|---|---|---|---|---|
| Unauthorized Access | Breaking into systems without permission | Hacking, cracking, war driving | Anonymous hacking US government | $6 billion globally |
| Financial Crimes | Theft or fraud involving money | Online banking fraud, credit card skimming, crypto theft | Bangladesh Bank SWIFT heist ($81M) | $5 trillion globally |
| Data Crimes | Stealing or corrupting data | Data breach, data diddling, salami attack | Aadhaar data leak (2018) | $4.45M avg breach cost |
| Malware Crimes | Deploying malicious software | Virus, worm, ransomware, spyware | WannaCry 2017 | $20 billion (ransomware) |
| Communication Crimes | Abusing communication channels | Phishing, spam, vishing, smishing | BEC email fraud | $2.7 billion (FBI 2022) |
| Intellectual Property Crimes | Stealing creative or proprietary content | Software piracy, copyright infringement, trade secret theft | Software piracy in developing nations | $4.2 billion |
| Cyber-enabled Crime | Traditional crimes enabled by digital tools | Cyberstalking, drug trafficking online, dark web markets | Silk Road marketplace | Growing rapidly |
---
Profiles of Cybercriminals
Not all cybercriminals are the same. Understanding adversary profiles helps in threat modeling:
| Profile | Motivation | Skill Level | Tools Used | Examples |
|---|---|---|---|---|
| Script Kiddie | Notoriety, curiosity | Low | Pre-built exploit kits, Metasploit | Defacing websites |
| Hacker (Black Hat) | Financial gain, thrill | Medium–High | Custom exploits, zero-days | Account theft, data breach |
| Hacktivist | Political/ideological agenda | Medium | DDoS tools, defacement | Anonymous, LulzSec |
| Cybercriminal (Organized) | Financial profit (business model) | High | RaaS kits, botnets, phishing-as-a-service | REvil ransomware gang |
| Insider Threat | Disgruntlement, financial pressure | Varies | Authorized access, data exfiltration tools | Edward Snowden (case study) |
| Nation-State Actor (APT) | Espionage, sabotage, influence | Very High | Zero-days, custom malware, supply chain | APT29 (Cozy Bear), Lazarus Group |
| Cyberterrorist | Disruption, fear, political violence | High | SCADA exploits, grid attacks | Alleged attacks on power grids |
---
Notable Types of Criminal Attacks
Hacking is gaining unauthorized access to computer systems. It can be:
- White Hat (Ethical Hacking): Authorized testing to find vulnerabilities before criminals do
- Grey Hat: Unauthorized access but without malicious intent; may disclose vulnerabilities publicly
- Black Hat: Unauthorized access with malicious intent — theft, damage, disruption
Data Diddling: Altering data before or during entry into a computer system. Example: changing salary figures in payroll before processing — almost undetectable.
Salami Attack: Stealing tiny amounts from many sources (like slices of salami). In banking, rounding fractions of a cent from thousands of transactions into a criminal's account accumulates to large sums.
Logic Bomb: Malicious code that activates only when specific conditions are met (e.g., after a certain date, when a file is deleted). Commonly planted by disgruntled employees.
Exam Tip: Cybercrimes are classified as: (1) Against Persons, (2) Against Property, (3) Against Organizations, (4) Against Society, (5) Against the Nation. This classification appears directly in BCA exam questions. Also know that Section 66 of the IT Act 2000 covers computer-related offenses.
---
Study Deep: Cybercrime Classification
- The dark web fuels organized cybercrime: Criminal marketplaces on the dark web (accessed via Tor browser) sell stolen credit card numbers, ransomware-as-a-service kits, and hacking services. The RaaS (Ransomware-as-a-Service) model means criminals with no technical skills can launch ransomware attacks for a share of profits.
- Salami attacks are statistically invisible: Because each individual theft is below a detection threshold (a fraction of a rupee), salami attacks can run for years undetected. They require anomaly detection algorithms, not just threshold-based alerts.
- Insider threats cause 60% of data breaches (Ponemon): Organizations spend heavily on perimeter security but often neglect insider threat programs. Access control, user behavior analytics (UBA), and least privilege principle are critical countermeasures.
- Nation-state APTs operate like corporations: Advanced Persistent Threat (APT) groups have dedicated teams for reconnaissance, exploitation, persistence, and exfiltration. They often remain undetected for months or years (average dwell time: 207 days, IBM 2023). APT groups are named: APT1, APT28 (Fancy Bear), APT41, Lazarus Group (North Korea).
- Cybercrime reporting in India: India has the National Cyber Crime Reporting Portal (cybercrime.gov.in) managed by MHA. Victims can report financial fraud, cyberstalking, child pornography, and hacking. CERT-In (Indian Computer Emergency Response Team) handles national-level cyber incidents.
Exam Tip: Know Section numbers of the IT Act: Section 43 (unauthorized access), Section 66 (computer-related offenses), Section 66C (identity theft), Section 66E (privacy violation), Section 67 (publishing obscene material), Section 69 (government monitoring powers). These frequently appear in theory questions.