While cybercrimes have surpassed traditional crimes, Karnataka is the first state to set up a Cyber Command. In an interaction with TNIE, Pronab Mohanty, Director General of Police, Karnataka Cyber Command, shares how the unit is working to tackle the rapidly evolving menace. Excerpts...
The Karnataka Cyber Command is a first of its kind unit in the country. What are its functions?
Cyber Command is a unique concept. It is a fusion platform combining issues of cybercrime, cyber hygiene, cyber outreach, cyber capacity building, enforcement and also cyber security. It also looks at parameters like disinformation, misinformation and malinformation. We advise governmental departments on cybersecurity and let them know if there are breaches.
Where does Cyber Command come into picture?
Cyber Command comes in as the engine. Interfaces are there. For cyber fraud particularly, there is 1930 helpline. There is the National Cybercrime Reporting Portal. The moment the call is made to 1930, the complaint gets lodged as an e-complaint. Command is the fusion platform.
What is the difference between cybercrime and cyber security?
When there is a threat to a database owned by the state or nation, banks or organisations, wherever malware can damage the enterprise or institution itself, it is called a cyber threat. Preventing these exploits is cyber security management. Cybercrime, on the other hand, is an individual oriented experience. There are many kinds of cybercrimes like cyber fraud, essentially cheating. Earlier, fraudsters used to come to the victims and cheat, now they do it through the online medium. People in enforcement categorise cybercrime into three broad categories -- traditional cybercrimes, cyber frauds, and crimes against children and women.
Can you elaborate on the three categories?
Phishing, skimming, data theft, hacking, credit card theft, spamming are traditional cybercrimes. Cyber frauds were there but have now mushroomed. Most of the attention of the police is going towards tackling cyber fraud. Crimes against women and children are the most serious, with two sub-categories. Categories related to children, basically dissemination of CSAM (Child Sex Abuse Material) is dangerous. Generally, it is viewed by paedophiles, prepared by paedophiles and disseminated by them. Crimes against women include cyber stalking, cyber bullying, sextortion, deep fakes, deep nudes, deep porn which may result in distress, financial loss and loss of reputation.
Have there been any changes since the Cyber Command came into force, particularly in terms of recovering money?
The Cyber Command is functioning as a fusion platform and ‘theatre command’ that brings all police resources under one umbrella to tackle cybercrime in a coordinated manner. Recovery of defrauded money is only one aspect of its operations, while the larger focus is on dismantling the cybercrime ecosystem. The common factor in most cyber frauds is the use of ‘mule accounts’, bank accounts used to transfer stolen money through multiple layers before it exits the financial system through cash withdrawals, cheques, or cryptocurrency wallets.
Targeting mule accounts can significantly weaken cybercrime networks. Cybercriminals usually procure such accounts from organised suppliers, referred to as ‘cyber herders’, who store and provide mule accounts, fake SIM cards, and other tools required for cybercrimes in exchange for commissions. This network facilitates ‘Cybercrime as a Service’, where different providers supply various illegal resources to fraudsters. By identifying and targeting these networks, police believe they can detect existing crimes and prevent future offences.
What exactly is a mule account, and how do cybercriminals use it in online frauds?
A mule account is usually a genuine bank account whose owner hands over control to cybercriminals in exchange for money. The account holder provides ATM cards, SIM cards, passbooks, cheque books, and internet banking access to the fraudsters, who use the account to transfer stolen money. During investigations, police trace these accounts back to “mule herders”, people who collect and manage multiple such accounts. They identify mule herders through intelligence inputs and raids, and often recover several ATM cards and passbooks belonging to different individuals.
How is the Cyber Command planning to build specialised manpower for tackling evolving cybercrimes?
Cyber Command will focus on training personnel and strengthening technical expertise. While many officers have the aptitude and interest, they also require advanced tools and specialised knowledge in digital forensics and cyber investigations. Authorities are exploring two approaches — training existing police personnel in cybercrime investigation or recruiting experts with technical backgrounds and later training them in policing. So, this quandary exists for us as well, and we will find a solution for it.
How does social media contribute to cyber fraud, especially among children and teenagers?
Social media plays a major role in influencing children and teenagers, particularly Gen Z, who spend significant time online and often trust information shared through various social media platforms, more than advice from parents or teachers. While social media can be used for positive purposes, it also spreads misinformation and exposes young users to cyber fraud risks. Policymaking could help reduce such dangers, like Australia’s move to restrict social media access for children below 16 years of age.
How do you protect children from online predators?
Predators are extremely skilled. They groom children by posing as someone else. So the onus is on parents and peers to observe and monitor their actions online. But snatching away devices is not the solution, as it can lead to trauma. Having social media counsellors in school can be beneficial.
Is any cyber education being provided to schools and students?
Yes, cyber awareness programmes are being conducted in schools and colleges with the support of police departments, volunteer organisations, and government agencies. Students and young people are being educated about social media safety, online frauds, cybercrime prevention, and responsible internet usage through awareness sessions, outreach campaigns and videos. Similar awareness drives are also being carried out for senior citizens.
Online gaming has become a major concern; some games are gender-specific. What needs to be done to curb it?
Games are both legal and illegal. Games where money is required are deemed illegal. The central government has come out with a blanket legislation that has made these games illegal. When the Karnataka Police Act was still in place, we came up with a metric to measure whether a game was based on skill or chance. Games like Chess are considered skill-based, while Ludo is a chance-based game. With the blanket legislation, this has become irrelevant. When it comes to addiction, parents, teachers and peers have to guide children. Sites which promote violence and addiction are being blocked, but new ones constantly pop up. It’s an ongoing war.
What role is AI playing in cybercrime today?
AI is both a boon and a challenge. It does not necessarily create entirely new cybercrimes, but significantly speeds up and strengthens existing ones. Earlier, fake content existed, but now deepfakes have become extremely realistic because of AI, which helps cybercriminals carry out attacks faster and more accurately. Law enforcement agencies use the same technology to identify vulnerabilities, strengthen cybersecurity systems, and improve investigations. AI can be used for both good and bad purposes.
How do police investigate crimes on apps where messages disappear?
Even if messages disappear, digital traces remain. Investigators use network forensics, operating system forensics, internet logs and traditional policing methods to trace offenders. While the content may vanish from the app, the sender’s activity and internet connections can still be tracked.
What are the usual profiles of the accused? Are they well educated?
Not necessarily. Cybercriminals can range from school-level educated individuals to highly qualified hackers. Some only have a basic understanding of systems and learn through experience, while others are experts in networks and operating systems. Most common cyber frauds are carried out by people with practical knowledge rather than advanced qualifications.
Victims of cyber fraud are often well-educated. How do fraudsters identify and obtain information about them?
Fraudsters usually target people with money, as they are more likely to yield financial gains. They obtain information through multiple sources such as word-of-mouth networks, leaked databases, “crime-as-a-service” operators, and even the dark web. In some rare cases, rogue insiders from banks or institutions may illegally share details of customers.
Are cyber fraud gangs operating from within India or abroad?
Cyber fraud networks operate both from India and abroad, particularly from lawless borders near Laos, Cambodia and Myanmar. These groups use VoIP servers based in other countries to mask calls and target victims. They often rely on local partners abroad to supply victim data and run fraud operations.
How challenging is it to crack or investigate the dark web?
The dark web itself is not a crime, but an unindexed part of the internet, often compared to the unseen portion of an iceberg. The dark web is divided into the deep web and dark web; both are not dark. While deep web contains harmless unindexed information, the dark web is actively exploited for crimes. Investigating it is highly challenging due to anonymity and hidden networks.
How has the internet changed the nature of human trafficking?
Trafficking has evolved from a largely physical crime into an organised internet-driven offence. Earlier, laws mainly targeted the end points of exploitation, but amendments have recognised recruitment, transportation, harbouring, exploitation and profiteering as parts of trafficking. With personal data now stored online, traffickers can identify vulnerable children, families and locations through databases and dark web networks.
With most transactions happening online, how can people protect themselves from QR code scams and cyber frauds?
Spoofed QR codes do exist, where fraudsters mimic trusted brands or payment platforms using nearly identical names or symbols. However, such frauds can often be avoided by verifying the recipient’s name before making payments.
How dangerous is cryptocurrency in the world of cyber fraud?
The underlying technology for cryptocurrency is blockchain. It operates in a decentralised method of trust. Let’s suppose a murder has happened, and only two people have seen it. That is a blockchain in itself, of two independent observers acting as ‘nodes’. The same thing can happen for any transaction. If multiple people testify to the fact that a given entity has paid me, then that becomes the truth. The encryption is military grade, 2048 bits in most cases. Once money goes into the cryptoverse, it becomes extremely hard to trace.
What is an insider threat in cyber security management?
The insider threat is becoming more and more common. Bengaluru is a city of startups, with many companies which have sensitive information. Here insider threat is a major threat. A company hires an employee of a different company with escalated privilege access. If the previous employer is not careful of cyber security, the employee takes away software and algorithms which are very valuable. Once intellectual property goes away, it cannot be reimbursed.
Within how much time should a cyber fraud victim register a complaint?
Cyber fraud complaints should be registered instantly through the national helpline 1930. Delays can allow the stolen money to move rapidly across multiple accounts and become difficult to trace within hours. The initial period after a fraud is the ‘golden hour’ during which chances of recovery are high.
With so many KYC update messages and calls circulating on WhatsApp and other platforms, how can people identify genuine requests?
People should remain sceptical of unsolicited KYC update messages and verify directly with their bank or service provider before responding. Treat every such message as suspicious unless verified.
Why is conviction rate low in cyber crimes?
We are trying to improve conviction rates. One has to understand that the number of cybercrime cases is huge. As of the end of last year, we have around 61,000 cases in investigation. That is around 50 cases per person, and each of these cases would be an individually difficult case. Detection rates are low too. Both will increase, with time.
You were with UIDAI; how safe is our Aadhaar data?
It is one of the safest environments in terms of cybersecurity. Its architecture is very well-reinforced. It incorporates security systemically with every layer, instead of building a database and adding security on top as an exo-layer, like icing on a cake. One’s Aadhaar number contains very sensitive data, and you should share it only with select departments. It is illegal for anyone outside these departments to demand your Aadhaar number.
How safe are DigiLocker and DigiYatra?
Aadhaar is a very sensitive number. Everybody cannot have access to it as per law, barring departments like Labour and IT. Otherwise, a masked number with only four visible digits is used. Even while checking into a hotel, Aadhaar is not mandatory. In this case, IDs like driver’s licence or PAN can be used. For DigiYatra, it is needed.
How can citizens save themselves from cybercrimes?
One should ask crucial questions like ‘Should I make this transaction?’ ‘Is digital arrest possible?’ ‘Can there be a two-fold rise in my earnings?’
