Section 84C of the Information Technology Act ensures that a failed cyber attack is still a punishable crime. If an intruder attempts to breach a system and is stopped by a firewall or an alert, they remain legally liable for the attempt itself.\n
\n\nAttempt vs. Completion in Cyber Law\n
\nIn many criminal cases, an attempt that does not lead to a final act is ignored. Section 84C removes this ambiguity for cyber offences. It states that anyone who attempts to commit an offence punishable by the IT Act, and takes any step toward doing so, can be punished. The penalty for an attempt is half the longest term of imprisonment provided for the completed offence. This means that a failed attempt to hack a protected system, which carries a 10-year term, could still land an attacker in prison for 5 years. For businesses, this legal framework justifies taking action even when a breach was successfully blocked. Regular penetration testing helps identify where these attempts are most likely to focus.\n
\n\nThe Legal Threshold of a \"Step Toward Commission\"\n
\nNot every curious scan is a criminal attempt. The law looks for a concrete action that demonstrates intent to commit a specific offence. This could include running a brute-force script, uploading an exploit kit, or attempting to bypass an authentication layer. Identifying these \"steps\" requires detailed log analysis. If your systems show repeated, sophisticated attempts to gain entry, you have enough ground to file a report. Implementing strong application security ensures that these attempts remain failures, but also provides the data needed to prosecute them.\n
\n\nDeterrence Through Prosecution of Failed Attacks\n
\nProsecuting attempted offences sends a clear message: the attempt alone is a high-risk activity. For large organizations, this is a vital part of a deterrence strategy. By holding attackers accountable for failed breaches, you raise the cost of targeting your infrastructure. If you have logs showing a targeted attempt to compromise your systems, you should treat it as a serious incident. We recommend preserving all traffic data and server logs related to the attempt to build a Section 84C case.\n
\n\nTake Action Against Attempted Breaches\n
\nDon't wait for a successful breach to involve the law. If your security team has blocked a targeted attack, the evidence exists to hold the perpetrator accountable. Contact our security and legal team to help you package your logs and traffic data into a formal complaint under Section 84C.\n