By Sanjay Raman Sinha
The recent remarks of Chief Justice of India Surya Kant have brought into sharp focus a growing crisis: the exponential rise of cybercrime in India, and its direct assault on the judiciary.
“Almost every other day a new website is created in my name,” the CJI observed. “Some of my well-wishers send me messages informing me that a new site has been created in my name.”
His words are not an isolated lament. Cybercrime cases have surged dramatically, with a 31 percent rise in registrations over the previous year. The justice delivery system is already burdened with nearly 66 lakh pending cases. Financial losses from cyber breaches continue to mount. What began as digital mischief has evolved into organised criminal enterprise—extortion, impersonation, data theft, and digital blackmail.
No longer are ordinary citizens the sole targets. The judiciary itself is under sustained attack.
Even the apex court’s digital infrastructure has been breached. The Supreme Court’s official YouTube channel was hacked in September 2024, with court proceedings replaced by cryptocurrency promotions. In March 2025, hackers disrupted a session of the Calcutta High Court, broadcasting obscene content during live proceedings. Similar intrusions hit the NCLT Kolkata and other tribunals.
In November 2025, the Telangana High Court’s website was defaced. The Andhra Pradesh High Court faced claims of a data breach in May 2025. A bomb threat email forced evacuation of the Rajasthan High Court during a visit by CJI Kant in February 2026.
As India’s courts digitize rapidly under the e-Courts Mission Mode Project—embracing video conferencing, e-filing, and live-streaming—the attack surface has expanded.
THE AGE OF AI-DRIVEN MANIPULATION
In October 2025, judicial officers encountered “Social Engineering 2.0” attacks—AI-powered phishing emails impersonating the chief justice and the Bar Council. These attempts sought to steal credentials to the JustIS app, a judicial management platform used by judges.
By February 2026, the Supreme Court flagged serious concerns about generative AI being used in legal drafting after fabricated case citations surfaced. In lower courts, AI-generated deepfakes were allegedly presented as evidence in attempts to sway proceedings.
Criminals have also begun posing as law enforcement officials, threatening both citizens and judicial officers with so-called “digital arrests,” a tactic designed to intimidate and extort. The digital threat is no longer theoretical. It is systemic.
JUDGES AS HIGH-VALUE TARGETS
The vulnerability of the judiciary is part of a broader pattern. In 2021, the Pegasus spyware investigation revealed that phone numbers linked to Indian targets—including a sitting Supreme Court judge—appeared on a surveillance candidate list tied to Israel’s NSO Group.
In 2023, the exposure of New Delhi-based Appin Technology uncovered alleged industrial-scale espionage targeting judges, politicians, and corporate executives. Emails were hacked, data siphoned, and surveillance conducted to influence litigation or discredit adversaries.
Judicial institutions hold what experts describe as a “goldmine” of sensitive information: bank details, Aadhaar data, sealed records, witness statements, and confidential communications. As the National Judicial Academy has warned, the assumption that courts are immune to cyberattacks is dangerously misplaced.
BUILDING DIGITAL FORTRESSES
Yet, the judiciary is not passive in the face of this onslaught. The Information Technology Act, 2000, remains the primary legal framework for prosecuting cybercrime. The Indian Cybercrime Coordination Centre works alongside judicial authorities for swift breach responses.
Phase III (2023-2027) of the e-Courts project has introduced:
• Secured e-Corridors for protected digital communication.
• Cloud security via the S3WaaS platform to resist DDoS attacks.
• AI-driven monitoring systems to detect suspicious case access or data manipulation.
At the district level, staff now undergo simulated cyberattack drills with Rashtriya Raksha University. Role-Based Access Control limits access to sensitive records. CERT-In conducts periodic audits to identify vulnerabilities.
Meanwhile, the Supreme Court has issued guidelines on so-called digital arrests and clarified bank liabilities in fraud cases. The Digital Personal Data Protection Act, 2023, along with proposed AI regulatory frameworks, aims to strengthen safeguards.
The battle, however, is not merely technical. As CJI Kant warned: “What is at stake in the battle against cyber crimes is trust in the judiciary itself. When manipulated images and fabricated voices circulate freely, truth itself becomes contested.”
In the final reckoning, this is not just a war on hacking. It is a defence of institutional credibility—and the integrity of justice itself.
