👁 Preview — Study, Practice and Revise are open; mock tests and the rest of the syllabus unlock on subscription. Unlock all · ₹4,999
← Back to Computer Offences
Study mode

Hacking definition

Study Practice Revise 🔒 Test

Introduction to Computer Offences under the Information Technology Act 2000

The Information Technology Act 2000 (IT Act 2000) is a landmark legislation in India that provides legal recognition to electronic transactions and aims to curb cybercrimes. Among its many provisions, it defines and penalizes various computer offences, which are unlawful acts involving computers and digital data.

This chapter focuses on understanding hacking, one of the most common and serious computer offences under the IT Act. To fully grasp what hacking means legally, we first need to understand what the law considers a computer, what constitutes computer access, and how access can be authorized or unauthorized. This foundational knowledge helps us appreciate the legal boundaries and consequences of hacking.

By the end of this chapter, you will be able to identify hacking activities, understand their legal implications, and differentiate them from legitimate computer use.

Computer Definition under the IT Act 2000

Before we discuss hacking, it is essential to understand what the law means by a computer. The IT Act 2000 defines a computer broadly to include both hardware and software components.

Hardware refers to the physical parts of a computer system - the tangible devices you can touch. Examples include the Central Processing Unit (CPU), keyboard, mouse, monitor, printer, and storage devices like hard drives.

Software means the programs and operating systems that run on the hardware. This includes the operating system (like Windows or Linux), application software (like word processors or browsers), and any other programs that instruct the hardware what to do.

Thus, legally, a computer is not just the physical machine but also the software that enables it to function.

Computer Components Hardware CPU, Keyboard, Mouse, Monitor, Printer Software Operating System, Applications

Understanding Computer Access

Once we know what a computer is, the next step is to understand what it means to access a computer. Access refers to the ability to use or interact with a computer system or its data.

Access can happen in two main ways:

  • Physical Access: Directly using the computer hardware, such as sitting at a computer and logging in.
  • Remote Access: Using a network or the internet to connect to a computer from a different location, for example, logging into a server via the internet.

Access can be either authorized or unauthorized. Authorized access means permission has been granted by the owner or administrator of the computer system. Unauthorized access means no such permission exists.

graph TD    A[Computer Access] --> B[Physical Access]    A --> C[Remote Access]    B --> D[Authorized]    B --> E[Unauthorized]    C --> F[Authorized]    C --> G[Unauthorized]

Unauthorized Access: What Does It Mean?

Unauthorized access occurs when a person accesses a computer or computer system without permission or exceeds the permission granted.

For example, if a student logs into their own college portal, that is authorized access. But if the same student tries to enter the principal's private records without permission, that is unauthorized access.

Unauthorized access is a key element in many cybercrimes, including hacking.

Aspect Authorized Access Unauthorized Access
Permission Explicit or implicit permission granted No permission or exceeded granted rights
Example Employee logging into company system Hacker breaking into company system
Legal Status Legal and permitted Illegal under IT Act 2000

Hacking: Legal Definition and Elements

Now that we understand unauthorized access, we can define hacking under the IT Act 2000.

Hacking is the act of gaining unauthorized access to a computer system or network by bypassing security mechanisms, often with the intent to steal, modify, or destroy data, or disrupt services.

The key elements of hacking include:

  • Unauthorized Access: Accessing a computer without permission.
  • Bypassing Security: Overcoming passwords, firewalls, or other protective measures.
  • Intent: Usually involves malicious intent such as data theft, damage, or disruption.

Hacking is a criminal offence under sections 66 and 66F of the IT Act 2000, with severe penalties.

graph TD    A[Start: Attempt to Access Computer] --> B{Is Access Authorized?}    B -- No --> C[Bypass Security Measures]    C --> D{Intent?}    D -- Malicious --> E[Data Theft, Damage or Disruption]    D -- No Malicious Intent --> F[Possible Minor Offence or No Offence]    E --> G[Hacking Confirmed]    B -- Yes --> H[Authorized Access - No Hacking]

Password Cracking and Access Codes

Two important concepts related to hacking are password cracking and access codes.

Password cracking refers to methods used to discover or bypass passwords protecting computer systems. Common techniques include:

  • Brute Force: Trying all possible password combinations.
  • Dictionary Attack: Using a list of common passwords or words.
  • Phishing: Tricking users into revealing passwords.

Access codes are any secret codes, passwords, or digital keys that allow access to a computer system. Misusing or stealing access codes is illegal and considered part of hacking.

Password Cracking Technique Description Legal Implication
Brute Force Systematically trying all possible passwords Illegal if done without permission; considered hacking
Dictionary Attack Using a list of common words/passwords to guess Illegal without authorization; hacking offence
Phishing Deceptive methods to obtain passwords from users Illegal; also punishable under IT Act and other laws

System Disruption and Criminal Liability

Hacking can lead to system disruption, which means causing damage, denial of service, or malfunctioning of computer systems. This can affect businesses, government services, or individuals.

Under the IT Act 2000, system disruption caused by hacking is a serious offence, attracting heavy penalties including imprisonment and fines.

Criminal liability arises when a person knowingly and intentionally commits hacking or related offences such as unauthorized access, password cracking, or system disruption. The law holds such persons responsible for the damage caused.

Key Concept: Hacking is not just unauthorized access; it involves bypassing security with intent to cause harm or steal data, making it a punishable offence under the IT Act 2000.

Worked Examples

Example 1: Identifying Unauthorized Access Easy

Ravi, an employee, logs into his company's database using his assigned credentials. Later, he accesses a confidential folder meant only for managers without permission. Is this authorized or unauthorized access under the IT Act 2000?

Step 1: Ravi has permission to access the company database using his credentials - this is authorized access.

Step 2: However, accessing the confidential folder without managerial permission exceeds his authorized rights.

Step 3: Therefore, accessing the confidential folder is unauthorized access under the IT Act.

Answer: Ravi's access to the confidential folder is unauthorized and may be punishable under the IT Act 2000.

Example 2: Hacking Scenario Analysis Medium

An attacker uses software to bypass the password protection of an online banking system and transfers money without the account holder's consent. Does this qualify as hacking under the IT Act 2000?

Step 1: The attacker gains access without permission by bypassing password protection - this is unauthorized access.

Step 2: The act of bypassing security measures (password) fits the hacking definition.

Step 3: The attacker's intent is malicious - to steal money.

Step 4: Therefore, this is a clear case of hacking under the IT Act 2000.

Answer: The attacker is guilty of hacking and liable for criminal prosecution.

Example 3: Distinguishing Authorized vs Unauthorized Access Medium

Classify the following scenarios as authorized or unauthorized access:

  1. A student logs into the university portal with their own credentials.
  2. An employee uses their login to access another employee's personal files.
  3. A hacker guesses a weak password and accesses a government database.

Step 1: Scenario 1: Student uses own credentials - authorized access.

Step 2: Scenario 2: Employee accesses files without permission - unauthorized access.

Step 3: Scenario 3: Hacker guesses password and accesses system - unauthorized access and hacking.

Answer: 1) Authorized, 2) Unauthorized, 3) Unauthorized (Hacking).

Example 4: System Disruption Case Study Hard

A hacker injects malware into a hospital's computer system, causing it to crash and preventing doctors from accessing patient records for several hours. Which sections of the IT Act 2000 apply, and what are the consequences?

Step 1: Injecting malware and causing system crash is unauthorized access with intent to disrupt.

Step 2: This falls under system disruption offences under sections 43 and 66 of the IT Act.

Step 3: The hacker is liable for criminal prosecution, including imprisonment and fines.

Answer: Sections 43 and 66 apply; the hacker faces severe penalties for system disruption and hacking.

Example 5: Criminal Liability Assessment Hard

Rahul uses a software tool to crack the password of a competitor's website and steals confidential business data. Analyze Rahul's criminal liability under the IT Act 2000.

Step 1: Using software to crack password is unauthorized access and password cracking.

Step 2: Stealing confidential data shows malicious intent.

Step 3: Rahul's actions constitute hacking under section 66 and data theft under section 43.

Step 4: He is criminally liable with penalties including imprisonment and fines.

Answer: Rahul is guilty of hacking and data theft under IT Act 2000 and liable for criminal prosecution.

Tips & Tricks

Tip: Remember that Unauthorized Access is the core element in hacking; always check if permission was granted.

When to use: When distinguishing hacking from legitimate computer use.

Tip: Use flowcharts to visualize the process of hacking and types of access for better retention.

When to use: While revising definitions and legal processes.

Tip: Relate password cracking techniques to common cybercrime cases to remember their legal implications.

When to use: When preparing for scenario-based questions.

Tip: Focus on the difference between access code and password as defined legally to avoid confusion.

When to use: During conceptual understanding and exam questions.

Tip: Practice classifying access scenarios quickly to save time in entrance exams.

When to use: While solving multiple-choice questions under time constraints.

Common Mistakes to Avoid

❌ Confusing authorized access with unauthorized access due to vague scenario details.
✓ Always check if explicit permission or legal authorization was present before classifying access.
Why: Students often overlook the permission aspect and focus only on technical access.
❌ Assuming all password cracking is hacking without considering intent and authorization.
✓ Understand that password cracking without malicious intent or with permission may not qualify as hacking.
Why: Misinterpretation of technical terms without legal context.
❌ Ignoring the distinction between system disruption and mere unauthorized access.
✓ Recognize that system disruption involves damage or denial of service, which has separate legal consequences.
Why: Students lump all offences under hacking without differentiating severity.
❌ Overlooking the role of access codes in defining unauthorized access.
✓ Remember that misuse or theft of access codes is a critical factor in hacking offences.
Why: Lack of attention to legal definitions leads to incomplete answers.
❌ Memorizing definitions verbatim without understanding practical application.
✓ Focus on applying definitions to scenarios rather than rote memorization.
Why: Entrance exams test application skills more than recall.
✨ AI exam tools — try them free (included in every plan)
Tip: select any text above to Explain / Example / Simplify it.
Curated videos per subtopic
Top YouTube explainers, AI-ranked for your exam and language. Unlocks with subscription.
Unlock

Try Practice next.

Progress tracking is paywalled — subscribe to mark subtopics as understood and save your streak.

Go to practice →
Ask a doubt
Hacking definition · 10 free messages
Ask me anything about this subtopic. You have 10 free messages this session — chat history isn't saved in preview.