CCRC's Director Vladimir Golubev: "No State is capable of opposing cybercrime without help today"
Computer Crime Research Center (CCRC) is a leader in study cybercrime in Ukraine.
Vladimir Golubev, the director of CCRC is asked to comment Ukraine's position
in fighting cybercrime.
Dr. Golubev, are you aware of any cases where Ukrainian citizens have been arrested on software piracy charges or other cybercrimes?
There are no official statistics on such cases, I mean the software piracy charges. But an example of large-scale computer robbery in 1999 can prove the serious character of this problem. 80,4 million UHR ($20 million) were drawn from the reserve fund of Ukraine’s National Bank in Vinitsa by obtaining unauthorized access to the banking computer network. Eight months later, the mafia fighting service succeeded in arresting more than thirty persons involved in committing this resonance crime after conducting eleven preplanned searches.
Unfortunately, Ukraine knows some cases of spreading computer viruses in its information resources and receiving undesirable e-correspondence through Internet. In this connection, the State should urgently solve the problem of protecting computer systems and networks as a part of the national infrastructure, introducing changes into laws that regulate questions of fighting computer crimes, and creating an appropriate organizations.
To your knowledge, have any Ukrainian citizens been extradited to face software piracy charges in other countries?
We are not aware of such cases. Actually it is difficult to prosecute offenders in accordance with criminal legislation (Penal Code). Often, such offenders are responsible in frames of Code of administrative violations.
To what extent are computer criminals being prosecuted in the Ukraine under the laws adopted Sept. 1, 2001?
Ukrainian Criminal Code has three articles on cybercrime.
Article 361. Illegal interference in work of computers, computer systems and computer networks. Such actions are punished imprisonment till three years.
Article 362. Theft, misappropriation, extortion of computer information^; or occupation of computer information by way of fraud or abuse of power. These actions are punished with imprisonment till five years.
Article 363. Computer-based system operational imperfection. These actions are punished with limitation of pretrial freedom till five years.
Is the Ukrainian government serious about cracking down on computer crime in general?
Now we can think so. The Ukrainian government has passed the changes in "National Security Strategy", where computer crime and cyberterrorism were defined as priorities. And Security Service of Ukraine is charged to investigate computer crimes and cyberterrorism.
I'm told that computer crimes in general aren't considered a high priority by Ukrainian law enforcement agencies because they are occupied by other serious crimes. Can you comment on whether that is accurate or not?
That is not absolutely accurate. There are special divisions in structure of law enforcement agencies (Ministry of Internal Affairs of Ukraine and Security Service of Ukraine), which are engaged in fighting hi-tech crimes. July 4, 2003 Criminal responsibility for these kind of crimes has been toughened.
Initial press reports on Kovalchuk/Vysochansky arrest indicated that he also was a hacker who planted a "back door" in the counterfeit software to enable him to access the computer systems of those who purchased the product from him. Have you seen any follow-up information that would confirm that?
There no information in Ukraine, which could confirm that.
I've been told that U.S. authorities were able to identify Kovalchuk/Vysochansky while he was operating in the Ukraine by "following the money trail, which enabled them to arrest him once he left the country. Does this indicate that the Ukrainian government and banks are cooperating with U.S. authorities in tracking down computer criminals in the country, whether or not they are being arrested there?
Certainly yes, current legislation on money laundering make banks to trace the money trail and inform law enforcements about doubtful operations. In cases of transnational operations, it is necessary to cooperate with foreign law enforcement agencies, as well as it was in case of Kovalchuk.
Is there anything else you can tell about prospects in fighting cybercrime in Ukraine?
It would be important for Ukraine to create a special team (CERT-UA) responding on transnational computer incidents and mass counteraction to such cybercrimes. Information networks in Ukraine and other countries can suffer in the near future without such a team (-s).
In conclusion, I want to emphasize that the problem of fighting computer crimes is a complex one. No State is capable of opposing this evil without help today. It is necessary to intensify the international cooperation in this field. There is no doubt that the important place in this cooperation belongs to the internationally legal mechanism of regulation.
^macro[showdigestcomments;^uri;CCRC's Director Vladimir Golubev: "No State is capable of opposing cybercrime without help today"]