Computer Crime Research Center


Criminalization of computer wrongdoing prerequisite for combating computer crime

Date: April 25, 2005

... a new virus that specifically infected mobile telephones and that virus was spreading primarily in developing countries. Some virus infections might only be a staging ground for another type of attack. Fast worms became a new tool for committing cybercrime and opened a window of opportunity for other crime. Those new uses of worms might expose developing countries to new threats at the same time that they sought to adopt information and communication technology.

Case Studies in International Cooperation

AMANDA HUBBARD, Trial Attorney, Computer Crime and Intellectual Property Section, Department of Justice, United States, provided a case study, noting that, on 16 July, the United States Department of Justice received an emergency request for assistance from a Federal Bureau of Investigation ( FBI ) attaché in South America. The federal police reported that a woman had been kidnapped. They requested assistance from the Justice Department to track down the individual who was using an e-mail address. The user could have been anywhere in the world, but had chosen an Internet service provider that provided free mail access as it was easy and fast. By midday that day, the attaché had obtained the address for the Internet service provider e-mail account and set up a trap and trace order on the account. Later that day, the Department of Justice contacted a United States district court to let it know they needed a “pen trap” order. A judge had been asked to stay late so that, when the information arrived, he would be able to help find the victim.

Two hours later, the Justice Department had obtained the order, she said. The FBI agents in the field office where the service provider was located began monitoring traffic immediately for any information they could find. Innovative technical assistance at the Internet service provider found a way to link the address with a beaconing device so that he could be notified within seconds of a perpetrator logging into the account. The federal police in the participating country also used other methods to search for the kidnappers. The following morning, the targets of the investigation accessed the e-mail account. The police received the Internet protocol address and placed a trace that showed that the account was being accessed from a South American country. While it could have been anywhere in the world, because of online real-time investigative efforts they had been able to find out that the person was in the country. They worked with a local service provider to follow up on trace information provided by the FBI, closing in on where the kidnappers were checking the account. The police moved in and were able to free the victim, who was elderly and in bad health. Swift action on the part of all saved her life.

Cyberspace moved much faster than human beings, she said. Speed was key when saving property or lives. Other important lessons included not neglecting traditional law enforcement techniques; building relationships between police forces, prosecutors and judges; and cooperating with the private sector.

IOANA ALBANI, Chief, Prosecutor’s General Office Attached to the High Court of Cassation and Justice, Romania, said a lack of resources had led to the failure of investigations into the first cases of Internet fraud reported in Romania. In 2000, the authorities had decided to establish an office for the investigation of computer-related crimes in the Prosecutor’s General Office Attached to the High Court of Cassation and Justice. When investigating the first cases, a first criminal charge was established, that of fraud. Regardless of the environment, those criminal actions were considered deception, and the first cases were filed by using charges of fraud, forgery or identity theft, and several people were convicted.

There were difficulties in finding the right jurisdiction, she continued. Was it that place where the crime was committed ( Romania ) or the place where the crime produced its results ( at that time almost always in the United States )? With the support of the legal attaché of the United States Department of Justice, a new modus operandi was established to meet standards required by the Romanian courts. Romania had signed the Budapest Convention on Cyber Crimes in 2001, and legislative measures had been taken to counter cybercriminality. An inter-ministerial working group, joined by representatives of civil society and Internet providers, was established.

In 2002, there was a boom in information and communication technology, as well as a boom in complaints about fraud committed by Romanians on the Internet, she said. The Romanian Parliament had adopted special legislation on electronic commerce. It was now criminal to forge electronic payments. The new law offered law enforcement agencies an instrument sufficient for prosecution. In April 2003, a law on countering cybercriminality had been adopted that criminalized several acts against the integrity and confidentiality of information technology data. Child pornography was also addressed. Through the law, a special department within the Prosecutor’s General Office Attached to the High Court of Cassation and Justice had been established, with the duty to answer international information requests regarding cybercrime. Also, the police had established a special service within their General Inspectorate.

The Romanian Public Ministry and Inspectorate of Police ran a website to communicate in an accessible language with the computer community. It disseminated information on legislation in the field, gave warnings, received complaints, and provided statistics, as well as a forum for discussion. Regarding international cooperation, she said that Romania, even without the necessary resources, had answered and was still answering international legal assistance requests. Her country had ratified the European convention on cybercriminality in 2004.

HAMISH McCULLOCH, Assistant Director, Interpol General Secretariat, explained how the Interpol child abuse image database was used to identify the victims and perpetrators of child pornography. The purpose of the database was to support law enforcement globally. An investigator would want to know several things, including whether the child was investigated; where the child was; whether the image was known; and whether the image had been distributed. Was there evidence in the picture to identify the child? Since the inception of the database, the number of images had increased. Individuals in 100 countries were involved in the distribution of the images. There were some 10,000 to 20,000 victims from more than 14 countries. Interpol received 20 to 30 new requests per month

He then provided examples of several cases in which the use of the database had resulted in the identification of children and conviction of the offender. While it was not an offence in many countries to possess images of child abuse, it was, however, an offence to abuse a child. Investigations focused on the prosecution of distributors of images. Law enforcement needed to shift its focus to the identification of victims.


CHRISTOPHER RAM, individual expert observer from Canada, asked if, considering the ever changing nature of cybercrime, technical assistance materials could be considered, such as the United Nations Manual of Cybercrime which was last published in 1994. What was the extent to which crime prevention could be built into new technology? To what extent should fighting cybercrime be born by the State? In what other way could technologies be used by authorities to counter cybercrime?

Mr. GRABOSKY said the manual referred to had been produced a long time ago, and a revision was long overdue.

SCOTT CHARNEY, of Microsoft, said that the private sector had an enormous role to play. On the proactive side, the information and communication technology industry had to produce usable technology to ensure that crimes did not occur. It also had a responsibility to work with law enforcement. The information technology industry must also provide training for law enforcement and help in capacity-building.

Mr. McCULLOCH, of Interpol, said his organization used technology in a number of ways. With the increasing number of videos being circulated with kidnapping victims, there was a highly secure communication network through which, for instance, dialects could be tracked down. The analysis of images was also important in identifying victims. The clue to a country was often found in a remote corner of the picture, and the moment that was the case, modern technology could be used to get a response back from a country. Interpol hoped to develop resource centres of excellence with experts in various fields.

Mr. SANSOM noted that cases of technical ability to collect digital evidence required forensics training at the officer level. Computer worms were sometimes written by programmers in a number of different countries. When the worm was released, it had spread to dozens of other countries, launching subsequent attacks. Worms were active, communicating with a central control point to update them and provide them with new modules.

Ms. HUBBARD ( United States ), addressing the issue of assistance, noted that the International Legal Law Enforcement Assistance Centre in Bangkok held training sessions.

Mr. REDO said there were a number of projects concerning training. The United Nations had produced a manual on the control of computer crime in the 1994. That would need to be more actively followed up. Following the Congress, the Secretariat would be looking into the issue of technical assistance.


Add comment  Email to a Friend

Discussion is closed - view comments archieve
2006-11-05 12:27:02 - Great work!... Emily
2006-11-05 12:26:57 - Good design! My homepage | Please visit Felix
Total 2 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo