Computer Crime Research Center

hack/hack36.jpg

Computer crime trace: finding and evaluating

Date: December 12, 2005
Source: Computer Crime Research Center


Rapid introduction of up-to-date information technologies into economy, management and, in particular, banking provoked arising new crimes - cyber crimes. In opinion of criminologists and international experts the cited above poses a very serious threat both the economy and information security - an essential of national security.

As it stands today, of primary concern is to combat the new threat. The reason is that while computer technologies are rapidly making progress and reliance on the Internet is increasing the legislation on information and legal procedures governing cybercrime combat activities do not keep in step with these advances yet. [1].

To provide liability for cyber crimes by amending the Criminal Code (CC) of Ukraine, in particular Article 1981 "Disturbance of automated systems (АS) [2], would necessitate criminalistic study of new sorts of crime including identification and detection, development of criminalistic characteristics and finally recommendations for investigation.

The law "On computer information protection" was adopted in 1994. The law provides the legal basis for realizing and protecting information property right in the cited above area and for solving the cybercrime problem in general [3]. However, the practice has highlighted the law incomprehensive because of drawbacks in its drafting. As result the law lags behind the information advances that have taken place in the community recently.

Cyber crime and in particular its transnational expansion is on of the international problems provoked by prevailed reliance on global information networks, especially the Internet as the primary infrastructure that has already united most countries through out the world. The adoption of networked systems is likely to continue to increase. In the developed countries cyber crime causes severe financial losses. AS owners and users have to spend a great deal of money on developing and implementing software, hardware and other tools to protect information from unauthorized access, defacement and destruction.

According to the information by the FBI director, their cyber crime caseload doubled last year. In 1998 the bureau opened 547 computer intrusion cases; in 1999, that jumped to 1154. The national statistics tell the story. In the USA 90% respondents detected security breaches on Internet in 1999. At least 74% of respondents reported security breaches including theft of property information and financial fraud. Information theft and financial fraud caused the most severe financial losses, put at $68 million and $56 million respectively. The losses from 273 respondents totaled just over $265 million. Losses traced to denial of service attacks were only $77,000 in 1998, and by 1999 had risen to just $116,250. [4].

Cibercrimes are of the following characteristics. It is of high latency. It is complex to identify and investigate, to prove such cases to the satisfaction of the court. It is an increasingly global problem under using the Internet and suffering huge damage in even in one incident. According to the statistics the US law enforcement detect only 5% of cyber crimes. About 20% of them are prosecuted. [5].

Unfortunately Ukraine has no official cyber crime statistics. Though the June 1999 criminal case is evident that these categories of crime pose a great threat to social security. The case materials tell the story. On October 23, 1998 the intruders gained unauthorized access to the AS of Ukraine National Bank Administration Vinnizckaya Region and illegally transferred 80.4 mln. hryvnas (20 mln. $ exchange rate of UNB at a point of the commission) from the bank surplus fund. The eight months investigation by organized crime strike force officers was successful. The Strike Forces Chief Administration, Ministry of Interior developed the plan. The followed-up eleven simultaneous searches led to the arrest of about 30 individuals involved in this sensational criminal case. The officers detected and seized 81 thousand $ just only at one of perpetrator's dwelling. [6].

Government and private sector especially suffered from attacks especially under their banking activities give no much credence to the law enforcement capability to detect such crimes. It chiefly accounts for high latency. We believe that high latency and low level of incidents' detection, above all, is caused the challenges that cybercrime and technology present for law enforcement agencies to bring a criminal action. The cited above is sequent of the complexity to classify criminal acts and the peculiarities to conduct certain investigative activities.

Based on the analysis of the Ukraine's legislative policy as to information relationships, viz. social relationships under owning, utilizing and using information we can make the conclusion that having both positive and negative features the current legislation is not still and all exhaustive and adequate to address the expanding criminal threat effectively.

First of all it should be noted that one of the positive steps is government’s recognition of the right to information property. Thus, under Article 41, Constitution [7] information is a subject of national security that is provided by the laws «On information», of October 2, 1992 [8], «On AS information protection» [3] and Article 1981 , CC [2].

The law «On AS information protection» establishes the legal mechanism to regulate relations as to protecting AS information under the current legislation guaranteeing the citizens of Ukraine and legal entities the right to information property including the right to information access and the right to information owner to protect it and restrict access to information.

The law applies to any AS information. It specifies the objects that subject to law protection — information under processing in AS, rights of information and AS owners and users (Part 1 Article 2). Under the law any AS information is subject to protection. An information owner or the current legislation determines the necessity to protect information. (P. 2 Art. 2). It provides for general requirements as to information protection (Art. 11) and disciplinary, administrative, criminal and pecuniary responsibility for the law violations. (Art. 17).

It is the cited above provision that creates the law basis for enacting Article 1981 , CC. The former regulates criminal and law guard of the range of the cited above social relationships. The Article 1981 , CC provides for the liability for two independent criminal acts:

1) intentional break into AS work that led to defacement or destruction of information or information carriers;

2) dissemination of software and hardware devices designed to gain unauthorized access to AS and cause defacement or destruction of information or information carriers.

As is well known the Supreme has already adopted the draft Criminal Code (DCC) in second reading. The draft committee of the Cabinet of Ministers developed the draft CC and included new Section 16 " Automated and electronic computer systems-related crimes" [9].

To our mind Section 16 does not contain clear terms, which moreover haven't been brought to conformity with the current information legislation. The first variance is in terms “automated and electronic computer systems” and “automated system” in Section 16 and the law "On Information protection "respectively. The lack for terminology coordination can lead to confusion when interpreting and applying the Articles of the cited above section.

We consider it groundless that the draft committee included Article 1981 ,CC, in Article 332, the DCC, practically unchanged. The main drawback of the cited above transference is an attempt to unite two encroachments characterized by different objects into one provision:

· Violation of AS operation regulations;

· Unauthorized use of the means specified.

Such approach is inconsequent as Art.334; DCC is primarily and completely devoted to incidents when breaking AS operation regulations.

Another drawback is that the terms used in the headline of Art.334, DCC do not reflect the specificity of information-related crimes, provided that the Article's dispositions are specified and interpreted. Besides, we consider it inconsequent to overburden the dispositions of the cited above acts. The former can be classified according to the general provisions, i.e. computer information extortion. In that case the specificity of the object of encroachment is not appropriate for such specialization.

Let us discuss main circumstances that are binding for identification in criminal cases of the cited above category in compliance with the current legislation, viz.: object and instrument of a crime, objective and subjective crime essentials and subject of a crime.

Under the law “On AS information protection”, the crime object is legal relationships as to AS information protection.

Under the present CC [2], the crime object is:

· automated system (AS) - system of data automated processing. It contains technical facilities for data processing (calculation and communication devices) including methods, procedures and software;

· information carrier — individuals, field and signals, chemical medium, data stackers in information systems;

· information utilized in AS — the aggregate of all data and programs used in AS regardless of means of physical and logical presentation;

· software and hardware tools...


Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo