Reconceptualizing online offenses: A framework for distinguishing cybercrime, cyberattacks, and cyberterrorism in the Indian legal context

From a legal standpoint, there are significant disparities in treating online offenses targeting individuals, organizations, and nation-states. These disparities arise due to influences that vary discreetly based on crucial factors such as the target, motive, or impact. This article draws upon the Information Technology Amendment Act (ITAA) of 2008 in India, analyses how these factors regulate online crimes, and thereby conducts a comprehensive analysis of current literature to differentiate cybercrime, cyberattacks, and cyberterrorism. The proposed framework includes a target-impact (intent) model to differentiate illicit online activities, complemented by a discussion on the actor-intent model, which emphasizes their treatment and implications within the legal context. The article explores the target-impact (intent) definition of cybercrime, highlighting its significance in capturing the cyber aspect and differentiating it from cyberattacks. Case studies are presented to illustrate these distinctions effectively. Furthermore, the article highlights variations in mitigation strategies, investigative protocols, punitive measures, and legal consequences corresponding to the identified classifications. Lastly, it incorporates insights from theoretical criminology and sociology, discusses how the actor-intent model aligns with the routine activity theory, and explores attempts to distinguish online crimes using the institutional theory.