Interview: Computer Crime Research Center director Vladimir Golubev
The web site of the Computer Crime Research Center (CCRC) is very popular. It contains links to the best resources, an electronic library, fresh news and a survey of the most important events, articles and analysis of related materials. The interview by Vladimir Golubev, director of the CCRC, is dedicated to the Internet-project www.crime-research.org.
Mr. Golubev, could you say some words about the CCRC history and its main landmarks?
My scientific and professional activity resulted in establishing the Computer Crime Research Center. Early 1999, I was the first to lecture on “National information security” at Ukraine’s Academy of Internal Affaires. On May 21, 2000, I defended the Ph.D. thesis “On organizational and legal aspects of protecting information in the banking computer system”.
In 2002, I created a team of professionals and enthusiasts, scientists and experts in cybercrime prevention and investigation.
Certainly, it was followed by a large scientific and research work at the chair of criminal investigation, Ukraine’s MIA Institute of Law.
Early in June 2001, the center was set up as a Crime-research web site. The creation of the web-site, registration of its domain name, hosting and so on were backed up by the grant for joint American and Ukrainian scientific researches on preventing transnational computer crimes in Ukraine.
The CCRC exchanges scientific information with many interested organizations^; holds international conferences and seminars^; has a constantly renewed electronic library of scientific publications. On September 1, 2001, a new discipline “Procedures of computer crimes investigation” was included into the curriculum of the Humanitarian University ZIGMU. The Center also cooperates with many volunteers: scientists, researchers, officers from law enforcement bodies and experts in fighting computer crimes and cyberterrorism. Since August 1, 2003, the CCRC has published materials on three domains: http://www.crime-research.org/ (English)^; http://www.crime-research.ru/ (Russian)^; http://crime-research.iatp.ru.ua/ (Ukrainian).
It is an open secret that CIS country citizens commit most of resonant computer crimes. For example, a “homeland” hacker is known to penetrate into the City Bank computer system and obtain an unauthorized access to several tens billions US dollars thereby nearly cause a giant financial crisis worldwide. What is state of cybercrime in Ukraine? Many people think that the cyberterrorism does not threaten us, does it?
We should not flatter ourselves that the information isolation and technological gap (especially, in the sphere of information technologies) make Ukraine less vulnerable than the USA. There is a certain relation between acts of terrorism and the development of information infrastructure and national computerization. Moreover, the development of satellite communication and global networks makes it possible to launch an attack from any part of the world. Therefore, the cyberterorism is a crucial problem for countries with highly developed information infrastructure. According to experts, Ukraine has the same level of computer crimes that the USA early in 80-s. However, their rate of growth cannot but put Ukraine on its guard. Some features of our country should be taken into account to assess the cyberterrorism threat. First, it is a high potential and professionalism of Ukrainian programmers that very often render their services to such leaders of software industry as Microsoft. Second, teenagers are capable of mastering technical innovations in a quick way. The reduction of prices for computers is expected to increase the number of Internet users. Third, it is inevitable that the economic development will cause the growth of computerization thereby will make us approach countries with high infrastructure. You have mentioned a cybercrime committed by a hacker from Saint Petersburg (Russia) that illegally drawn nearly $12.5 million from the City Bank. However, the resonant crime committed in Vinnitsa (Ukraine) by drawing 80 400 thousand UAH (about $15 227 thousand) from the local National Bank exceeds it in impertinence and size.
Mr. Golubev, does the Computer Crime Research Center cooperate with local law enforcement agencies, for example, Ukraine’s Security Service and Ministry of Internal Affaires? The information searched and processed by the CCRC experts could help these bodies to investigate specific cybercrime, couldn’t it?
The CCRC cooperates with law enforcement bodies and Ukraine’s Security Service on the scientific basis including conferences, seminars and panel discussions. On September 26, 2003, the Center will hold the international scientific seminar on “Problems of fighting computer crimes”. Ukraine’s Intellectual Property and Hi-Tech Crime Unit chief and the Interdepartmental Research-and-Development Center (IRDC) senior research assistant at Coordination Committee on Corruption and Organized Crime Combating at the Office of the President of Ukraine are expected to take part in it. We are not engaged in investigating specific cybercrimes.
The priorities of the CCRC are to lay the scientific and methodological foundation, contribute to the professional training of officers from law enforcement agencies and coordinate efforts of law enforcement bodies, special services and courts to fight and investigate computer crimes.
What about your teamwork with appropriate foreign organizations?
Our researches are conducted within the framework of the joint American and Ukrainian scientific program of the Computer Crime Research Center at the Humanitarian University “ZIGMU” (Zaporozhye, Ukraine) and the Transnational Crime and Corruption Center at the American University (Washington, DC, USA). We have a lot of foreign partners to exchange scientific articles and news, organize and hold international conferences and seminars. On February 24-26, 2003, the CCRC experts participated in the Southeast Cybercrime Summit held in Atlanta (USA) by the Southeast Cybercrime Institute and Atlanta High Tech Crime Investigation Association.
The cyberterrorism is the most dangerous form of the terrorism and it can entail catastrophic consequences. Acts of terrorism in the USA on September 11, 2001 and the power system damage in August 2003 are obvious cases of it. The efforts of national law enforcement agencies should be coordinated to prevent and investigate transnational computer crimes in a more effective way.
Taking into consideration the Council of Europe-passed Convention on Cybercrimes, many countries worldwide should generally specify offences to be considered as cybercrimes. Their Penal laws ought to be harmonized at the national level by taking into account recommendations of the Council of Europe and norms of the international legislation because when committing computer crimes their objects or subjects are often under various jurisdictions. It means that cybercriminals can launch an attack from the country having no appropriate laws. No state can solve the problem of cybercrimes alone. The developed western countries have plenty of experience in fighting cyberterrorism and passing appropriate laws. For example, in 1998 the USA accepted the President’s PDD-6 Directive to ensure security of the national critical infrastructure. The interdepartmental plan to fight cyberterrorism (1999) and the National schedule to protect information systems (2000) followed it. Six weeks after terrorist attacks on New York and Washington, the US Congress approved a new anti-terrorist law known as “Act of 2001”. It introduced a legislative neologism “cyberterrorism” and classified forms of hacking and damaging protected computer networks of citizens, juridical persons and state offices including losses inflicted to computer systems used by governmental establishments to ensure national defense and security.
Therefore, the CCRC maintain any effective contacts with related organizations. In September Timofey Saytarly, project administrator, and I will visit the National Hi-Tech Crime Unit in London. The Network Security & System Center experts in protecting Vietnam information networks and systems also invited us.
Ukraine’s President Leonid Kuchma is known to sign up the Parliament-approved amendments to the Conception on Ukraine’s National Security. On June 19, 2003, the Parliament passed a law on “Principles of Ukraine’s National Security”. The law has come into effect since its publication. Could you share your opinion on it?
The Conception specifies priorities of Ukraine’s national interests and threats to its national security and interests including acts of cyberterrorism and the distribution of computer viruses, payment plastic card frauds, banking account money and computer information thefts, as well as intervention into the work of computer systems. Fighting cyberterrorism and computer crimes is an acute problem for Ukraine and many other countries worldwide. Such assassinations and offences are of transnational nature and have a tendency to change for the worse every year. They represent a definite social danger that carries a real threat for Ukraine’s national security.
There is no doubt that the Conception on Ukraine’s National Security will contribute to fighting cyberterrorism and cybercrimes at the national level, initiating the international cooperation and coordinating efforts of law enforcement bodies and special services.
Although the CCRC fights cyberterrorism and computer crimes at the ideological level, it is certainly to run some risks, is it not?
Almost every day various computer viruses, hackers and crackers attack the CCRC web site. Somebody tries to scan our ports or to install bugs in the office and so on and so forth.
Ukraine’s Parliament considers the law “On telecommunication monitoring”. How could you comment the emergence of this legislation?
The legislation “On information monitoring in the telecommunication systems” is being considered now to prevent information systems from being used to obtain personal and other confidential data in an illegal way thereby to protect rights of particular citizens and ensure the national information security. This bill stirred up a heated dispute about the monitoring purposes. Some legal experts looked upon it as an attempt to secretly control the personal electronic correspondence.
However, it provides for obtaining information to prevent, suppress, expose and investigate computer crimes. Ukraine’s law “On information” (Article 14) specifies that citizens, juridical persons and the State have a right to legally obtain and accumulate documented and public information. The term “monitoring” was also fixed in the current legislation. Therefore, it should not be subjected to criticism. Principles of Ukraine’s operators of the public internal and external telephone communication network of February 14, 2001, define the network monitoring as “a way of collecting, processing, storing and analyzing information on the system current condition without intervening into its operation”.
To our mind, the bill should establish the monitoring status, for example, as an investigating action or criminalistical procedure with introducing appropriate amendments into laws, for example, a clause that provides for destroying data obtained during the telecommunication system monitoring on a person against whom proceedings were not instituted. The information should be deleted six months after the monitoring was finished, an appropriate report being drawn up. If the monitoring is regarded as a crime-preventing step, it is expedient to supplement the Comprehensive program on preventing crimes for 2001-2005.
The information and cyberterrorism is a new form of the traditional terror. Could you give a more narrow definition of “cyberterrorism” and tell about ways of fighting it?
The cyberterrorism means a premeditated, politically motivated attack on information, computer systems and their programs that represents a mortal danger to people and causes material losses. The technical progress develops so quickly that the society realizes its negative consequences too late when considerable efforts should be required to correct the situation. Today the problem of cyberterrorism ought to be solved as that of the traditional terrorism and organized crimes at the international level. The effective cooperation of law enforcement agencies in fighting cyberterrorism worldwide can be achieved by simplifying the current procedure of making appropriate decisions, it being complicated by the necessity to adjust documents to be ratified. It could be made easier by rejecting agreements and using frame resolutions. The questions of internal security should be submitted to the Council of Europe and settled by a majority of votes.
The cyberthreat or cyberintervention is an unauthorized attempt to penetrate into computers, their systems and networks. Unauthorized penetrations are usually directed at facing a risk, satisfying interests, tickling a vanity or stealing information and money, taking revenge, blackmailing, disturbing or damaging computers and critical infrastructures (water and power supply systems).
Solving such juridical and technical top-priority problems connected with the lack of 1) laws regulating criminal and procedural actions, 2) specially trained experts in revealing and exposing information and telecommunication crimes, 3) necessary technical means of suppressing cyberattacks, 4) a reliable system of interaction at the national and international levels will make it possible for law enforcement bodies worldwide to coordinate their efforts on fighting cyberterrorism.
Mr. Golubev, do you think that passing and signing up the Convention on Cybercrimes will allow Ukraine to fight these offences in a more effective way?
I think that passing the Convention on Cybercrimes will allow Ukraine’s law enforcement agencies to coordinate more effectively the investigation of, first of all, transnational computer crimes. The effectiveness of this coordination due to the Convention can be proved by time. It should be understood that the Convention is not a panacea. The mechanism of its realization ought to be worked through and, finally, it is very important to determine a circle of persons that will implement these regulations. Early in April 2003, Ukraine’s Parliament passed the bill “On Amendments to Ukraine’s Criminal-Procedural Code” thereby widely empowered Ukraine’s Security Service to investigate crimes committed in the computer systems. It is proposed to supplement Article 112, Ukraine’s Criminal-Procedural Code that permits officers from Ukraine’s Security Service to carry out pre-court investigations of crimes specified in Articles 361-363, Ukraine’s Criminal Code. Despite of the fact that the prepared bill is an urgent and timely legal step, some of its clauses require to be discussed and revised.
Mr. Golubev, what is the CCRC going to do in the near future?
On September 26, 2003, the CCRC with the assistance of the Transnational Corruption and Crime Center at the American University (Washington, DC, USA) will hold the international scientific seminar on “Problems of Fighting Cybercrimes”. The seminar participants will discuss questions of fighting cyberterrorism^; consider criminalistical methods of fighting cybercrimes, as well as criminal and legal, criminal and procedural, criminalistical problems of information security. We invite scientists, officers from law enforcement bodies, lecturers and post-graduate students to take part in it.
On September 19, 2003, N. Rosenfeld, the CCRC volunteer, is scheduled to defend the Ph.D. thesis “On criminal and legal characteristic of unauthorized penetration into electronic computers, their systems and networks”.
V. Polivanyuk, militia captain and the CCRC researcher, finishes his work on the Ph.D. thesis. The sphere of his scientific researches concerns problems of crimes committed in Ukraine’s banking system.
^macro[showdigestcomments;^uri;Interview: Computer Crime Research Center director Vladimir Golubev]