Peculiarities Of The National Cyber Crime In Ukraine
Date: January 19, 2005Source: Computer Crime Research Center
By:
1. Almost every ordinary Ukraine citizen thinks that cyber-terrorist is some one unreal, personage of thriller. However, recent incident of penetrating into the Central Election Committee’s server became the graphic evidence of the fact that cybercrime was real and actual phenomenon in Ukraine. Could you show other cases of cyber terrorism in Ukraine?
There are no other known facts of cyber terrorism in Ukraine, and hope we will not face with cyber terrorism in the nearest future.
Considering social threat of cyber crime, we have to divide hi-tech terrorism, especially computer terrorism or cyber terrorism. This form of terrorism is the most dangerous because of high vulnerability of computer systems controlling crucial elements of Critical Infrastructure (transport, nuclear power, water supply, industry, etc). Fortunately it is a potential threat for Ukraine. Cyber terrorism poses a serious threat for social and economic well-being, comparable with nuclear, bacteriological, chemical weapons. And scientific task is to research this potential threat and develop effective tools of fighting the threat of cyber crime and cyber terror.
2. What is peculiarity of the national cyber terrorism? Is computer crime a result of criminal genius, or it’s a result of information leakage, betray of passwords, etc)?
Do not mix concepts of cyber crime and cyber terrorism. Now we can talk about cyber crime only. Here is one recent case of cyber crime in Ukraine. Ternopol Police arrested hacker who penetrated into the corporate network of one Ukrainian bank and transferred money to his one account. Earlier, offender worked as a programmer in this bank, but was fired. So, he decided to take revenge. In a short time, he managed to steal more than 30 000 Hrivnas (about $6 000).
And one more interesting fact is that the arrested hacker in his time was a friend with Maxim Kovalchuk (Vysochansky) known as one of the dangerous special cyber offender. 25 years old Maxim Vysochansky was charged with infringement of copyright, money laundering, and distributing pirated software and other. According to U.S. officials, the total financial damage caused by Kovalchuk makes $100 million.
3. Could you describe Ukrainian hacker, who is he? Were there any legal processes over the hackers in Ukraine?
Researches conducted by Computer Crime Research Center on September, 2004 have shown that exactly personal characters and social environment determine motivation and purposes of the cyber offender. Also, researches have shown the fallowing:
• 36 % women and 64 % men commit cybercrime in Ukraine;
• the age of cyber criminals is between 16 and 57.
Social status
• 6% pupils
• 6% students;
• 6% employees of High Schools
• 18% bank employees;
• 12% programmers.
Both high skilled specialists and dilettantes are involved in committing cyber crime. They have different social status and level of education. However they can be divided into 2 large groups:
• persons, having friendly or business relations with the victims;
• persons non-related to the victims.
The first group consists of employees abusing their power: security service, controllers, technical and engineering.
According to our researches 42.3 % of unauthorized accesses to computer systems are committed by programmers, engineers, and operators. 18.1 % of these crimes are committed by other employees, and 10.7% - former employees.
Outsiders pose potential threat of unauthorized access to the computer systems.
The second group includes persons which have significant knowledge in the field of computer technologies and are interested in profit earning.
4. Is Ukrainian legislation sufficient for counteracting to cyber crime?
I think Ukrainian legislation gradually comes to the international law standards. January 10, 2005 President of Ukraine Leonid Kuchma signed the bill that will change Criminal Code of Ukraine in part that concerns computer crime and will toughen the punishment for committing such crimes as unauthorized access to the computer systems and networks; development and distribution of malicious programs, computer viruses and worms; unauthorized distribution of the information with restricted access; abnormal operation of computers by way of mass distribution of e-mail (spam).
5. To what extent Ukrainian law enforcements are prepared to fight cyber crime?
It is difficult to answer this question unambiguously, ‘yes’ or ‘no’. Criticizing law enforcements is all the rage at the moment. I think they still manage to stand against cyber crime adequately to the financial provision assigned for Cyber Crime Departments at Ukrainian Police and Security Service. However, this problem is complex, and I think it is related to the general problem of reforming Law Enforcement System in Ukraine. And the solving this problem is a crucial part in successful fighting cyber crime in Ukraine.
6. Who is more vulnerable before cyber crime – ordinary user or business?
I think everyone loses in this case. Ordinary users have to turn to computer experts for getting antivirus protection, or, at worst, for system recovery. Businesses suffer more significant losses from cyber attacks. Trivial viruses may cause significant material losses. And intrusion in the work of Governmental and Public Bodies may result in economic, political and social problems.
7. How do you think is the National Critical Infrastructure sufficiently secured from cyber crime; and what is necessary to do for effective NCI protection?
I think none computer security expert can answer this question optimistically, because protection and aggression are the competitors. It is a competition between the intellect and technical resources. Probably, someone may say that, for example, computer control system of a certain nuclear power plan is well protected, and in 15 minutes it may be broken by cyber criminals. There is known saying “The most secured computer is cut off and in the strong-box”.
Overall, Ukrainians need the complex governmental program of the National Information Space Protection. And this program is forming now by the developing appropriate Laws, training experts, and creating new domestic information security facilities.
Add comment
Email to a Friend
