The Karnataka police have come out with a slew of measures to combat the growing menace of cybercrime. They have established departments that specifically look into how this menace can be curtailed, while making all effort to enlighten and educate citizens to not fall prey to antics by the cyber crooks. 

In an exclusive interview with DH’s Chetan B C, Pronab Mohanty, Director General of Police (DGP) rank officer, heading CEN wing, Computer wing, and IDTU, talks about the Information Disorder Tackling Unit (IDTU) that looks at crimes against children and women, and why strengthening the banks’ KYC verification process could prevent cybercriminals from exploiting it.

Excerpts: 

What are the major challenges cybercrime investigators are facing?

In 2023, we recorded over 22,000 cybercrime cases, averaging 70 to 80 per day, with Bengaluru account four 90%. Although we have skilled investigators, each of them is handling 4–5 cases simultaneously. What we are seeing is a tsunami of cybercrime cases. Mule accounts have become a significant menace, aiding cyber fraudsters.

Fraud cases constitute 80% of cybercrimes, while the rest include offences such as cyber blackmail, website defacement, child pornography, hacking, and similar crimes. These require technical expertise and focused investigation. While investigators work on cases, they need support in gathering information from various stakeholders, such as banks, other investigating agencies, and courts. When vacancies arise, the workload on each investigator increases, affecting the efficiency of investigations. 

What are the problems investigators are facing from the banks’ side?

Besides minimal coordination efforts with investigating agencies, one problem we face from banks’ side is the flawed KYC verification process followed by many. This single issue has resulted in a surge of mule bank accounts, which are critical tools for cyberfraud. Banks need to improve their KYC verification efforts by identifying and addressing the flaws that cybercriminals can exploit. Furthermore, banks need to closely monitor suspicious transactions and unusual activities linked to accounts, an area where they are also falling short.

For the first time ever, the CEN wing convened a meeting with over 50 bank representatives and RBI officials. Was it about mule accounts? 

The meeting was not only focused on mule accounts, but also addressed multiple issues. We discussed a wide range of challenges faced by the police in their interactions with banks and also listened to the banks’ concerns. We suggested that they adhere to RBI guidelines and resolve KYC-related issues. Key topics included their response time for lien marking, freezing, and unfreezing money in mule accounts. They were also advised to strictly conduct essential investigations, such as monitoring suspicious transactions and properly auditing account holders and customers withdrawing large sums of money.

Is it yielding any results? 

Yes, but not significant. However, this is just the beginning and will take time to produce meaningful results. The response time has improved slightly but it still requires further enhancement. All banks now have nodal and compliance officers who can be contacted for the quick exchange of information. A similar exercise has also been undertaken with the National Payments Corporation of India (NPCI).

How is capacity building progressing? 

Capacity building is moving forward at full pace with training conducted at multiple levels. Basic and intermediate training is provided at the Criminal Investigation Department (CID), while the police training institute equips investigators with electronic tools and comprehensive knowledge of the Information Technology (IT) Act. Refresher courses are also being offered for upskilling. Advanced and expert-level training is conducted by the Indian Cybercrime Coordination Centre, the National Crime Records Bureau, and the Bureau of Police Research and Development. Additionally, the Narcotics Control Bureau is training investigators to track drug sales and other activities on the dark web. Every investigator is required to undergo at least the basic and intermediate levels of training.

What are the steps taken by the Karnataka police to track down kingpins?

We do not distinguish between kingpins and foot soldiers; both are treated as accused in our cases and we actively pursue them. Cybercriminals operate through multiple layers, and our goal is to uncover all these layers and arrest everyone directly involved in or aiding cybercrimes. More importantly, to fully understand how cybercriminals operate, it is crucial to apprehend every foot soldier and establish their connections. A foot soldier today may learn the trade and eventually become a kingpin. 

And, how are you planning on achieving this? 

We call this approach networking investigations. We collaborate with various investigating agencies across states and maintain a database of cases to better understand cybercrimes. Additionally, building trust and coordination with stakeholders, such as banks and online media platforms, enhances our chances of apprehending cybercriminals.

What is the IDTU, and how does it work? 

The Information Disorder Tackling Unit (IDTU) addresses a wide spectrum of information disorders, including crimes against children and women -  such as cyberstalking and deep fakes. We are using an AI-powered portal, satya.karnataka.gov.in– launched on a trial basis– which scans the internet to detect misinformation related to women, children, and the medical field. It also identifies content that incites enmity between groups or religions, enabling us to bring such cases to legal platforms.