Vitaliy Nomokonov
Vladivostok Organized Crime Research Center
Actual problems of fighting cybercrimes
All of us are witnesses of a prompt development of information technologies. By 2005, about 1 billion computers will be connected to the Internet. At the same time several billions sites and images will be placed on the Net. In 2003 the Internet-economy worldwide accounts for about 5 % of a total product. Every quarter the volume of data transmitted through the Internet is doubled. According to the Saint Petersburg conference, most of advanced countries are dependent on the reliability of the international information infrastructure. This process has taken place in Russia as well. In five years, each second expert will receive the second higher education in a remote way. Russia has already started creating the National electronic library.
However, the Internet is known to be not only a world treasury, but also a global garbage ñan. The Spam and pornography are impudently imposed on users. The growth of social crimes has favored the increase in offenses committed through the Internet (cybercrimes and infowar).
There are five basic directions of regulating Internet-relations in a legal way: protection of personal data and private life in the Net^; regulation of electronic commerce, other electronic transactions and maintenance of their security^; protection of intellectual property^; control over illegal information contents and unlawful conduct in the Internet^; legal regulation of electronic messages.
1. Today, many experts consider cybercrimes as a skyrocket danger to the security of particular countries and world society as a whole.
This threat has induced to searching adequate counteraction measures. After adopting the Charter of global information society in 2000 and well-known European Council Convention on fighting cybercrimes in 2001, special forums on this problem were held throughout the world. In December 2002, the first Strategic congress on fighting e-crimes took place in London. In February 2003, the first international summit on fighting cybercrimes was held in the USA (Atlanta) under support of the Cybercrime Research Institute. Nevertheless, the problem remains very acute and it will take much time to solve it.
In 2002, the USA accounted for 35.4% of all cybercrimes committed in the world when compared with South Korea (12.8%), China (6.9%), Germany (6.7%), France (4%) and Great Britain (2.2%). The most popular among them were program viruses, self-reproducing computer viruses and other forms of program code malfunctions. As to the number of cyberattacks per 1000 Internet-users, South Korea took the first place last year (3.7%) leaving behind Poland (18.4%), Czech Republic (14.2%), France (14,1%) and Taiwan (14%) [2].
Cyberterrorism is the most dangerous form of cybercrimes. According to the Computer Economic group (the USA), the most serious act of terrorism ever registered was the distribution of “I love you” virus. The material damage inflicted by it for five days made up several billion US dollars. The Slammer virus has recently interrupted the work of the Internet in Korea and Japan for some hours and infected at least 80 thousand computers.
In future cyberterrorists can direct most of their attacks against main financial institutes. For example, if the New-York Stock Exchange loses connection with the outer world, it will suffer greater damages than those caused by the inner bomb explosion [3].
During 1997-2002, the number of crimes committed in Russia by using e-computers has increased from 33 up to 3700. Russia and Ukraine are known to be among five countries having the highest level of computer piracy. The Internet-fraud is actively used in our country (for example: famous Tula samovars can be offered to purchase on web sites). False marriage agencies are set up in the Internet [4].
2. Since there is a lot of information on cybercrimes, this phenomenon has not been clearly defined yet. Many experts identify “computer crimes’ with “cybercrimes” making them synonymous. However, we suppose to distinguish them when taking into account information security against which some offenses are committed by using e-computers (computer crimes in a narrow sense) and appropriate laws accepted throughout the world.
Cybercrimes present a common concept embracing computer crimes in a narrow sense (where a computer is an object whereas information security – that of crime) and other ones committed against property, copyright, social security or morals by using electronic computers (for example: computer fraud and so on). The latter are often “connected with computer crimes”.
It should be reminded that according to UNO expert recommendations, the term of “cybercrimes” covers any crime committed by using computer systems or networks, within their frameworks or against them. Theoretically, it embraces any crime that can be committed in the electronic environment. In other words, crimes committed by using e-computers against information processed and applied in the Internet can be referred to cybercrimes [5].
According to the character of using computers or computer systems, there are three types of cybercrimes: the computer is an object of crime (unauthorized access, destruction of files and devices, theft of information)^; the computer is a tool of crime (e-thefts and so on)^; the computer plays a role of intellectual means (for example: placing porno sites on the Internet) [6].
Creating web sites to propagate criminal ideology and exchanging delinquent skills and special knowledge should be considered as cybercrimes.
There are nearly 30000 web sites worldwide directed at cracking information systems and training to do it. Now any teenager can buy a cheap book on elementary ways of attacking information systems [7].
It is recommended to regard cybercrimes as a legal category and social phenomenon. The latter includes not only the set of all e-crimes but also different forms of related “maintaining” and organizing activities. In this sense, exchanging e-messages between persons preparing a crime, placing appropriate criminal information on web sites can be also referred to cybercrimes as a social phenomenon.
Cybercrimes are extremely latent and especially difficult to expose and investigate. Highly skilled persons commit them. They often inflict great damages. There are no single laws on fighting them. Those perpetrating them have transparent national borders.
3. Computer crimes proper are reflected in the international legislation in a different way. At present, more than 100 countries including 60% of Interpol members have no laws on fighting cybercrimes [8].
There are three main groups of crimes specified in laws:
• Unauthorized access to protected computer systems, virus infection and illegal use of computer systems and information (Norway, Singapore, South Korea, Russia, Slovakia, Philippines)^;
• Those connected with causing damage to property and information electronic processing (Denmark, Sweden, Switzerland, France, Japan)^;
• Those connected not only with inflicting property losses but also infringing human rights, threatening to the national security and so on (the USA, Germany, Great Britain, the Netherlands) [9].
The penal legislation does not provide any liabilities for blocking computer information or the work of computer networks (Spam), illegally using and distributing computer information, putting obstacles in the way of spreading legal data, for example, by disconnecting a web site from the Internet and so forth [10].
Limiting an access to the Net can legally reduce the probability of committing computer crimes. China and Singapore are known to register IP-address owners in police stations without fail.
4. Fighting cybercrimes in an effective way means to clear up the specific character of their growth reasons. However, we should not forget that crimes have a single complex of reasons based on profound and acute society deformation in all its spheres (political, economic, social and spiritual) and at all its levels (from global to individual). These deformations cause the injustice of social order, despotism, infringement of human rights and freedoms, dehumanization of the social status and degeneration of people’s mentality.
This degeneration (social or moral-spiritual) is a source of delinquent conduct because it makes an individual compensate his “inferiority” at the cost of other people’s rights, freedoms, health and even life. Globalization that divided the world into the so-called gold billion ensuring its prosperity at the cost of outcast countries suffering from poverty, famine, illnesses and having an acute urge towards making up for their degeneration or at least revenging it has become a new source of the social tension and crime growth.
The virtual world makes this urge easier because it allows responding any threats in an asymmetrical way. The most dangerous crime is very unproblematic and still unpunished to commit against the whole humanity with the help of a computer having an access to the Net.
The reasons of committing cybercrimes are connected with the specific character of the virtual world. Its relationships should be also harmonized.
The current “electronic inequality” gives rise to the shortage and expensiveness of computers and other means of mass communication in the countries and regions having an undeveloped computer infrastructure. Persons having no money to pay for an access to the Internet often try to be connected to it in an illegal way. Many proceedings were instituted in Russia against mathematics students that had stolen others’ Internet access passwords.
Piratical products are widely used in China, Russia, Ukraine, Vietnam and Indonesia because users often do not have enough money to purchase licensed ones at the higher price.
Cybercrimes have specific reasons and fighting them means to apply specific means. The world has already accumulated some appropriate positive skills. Thus, early 2003, the USA created the corresponding national system specified in the “National strategy of cybersecurity” and “National strategy of physical protection of critical infrastructure”. The latter (regarded as “a combination of physical and virtual systems and means that can result in ruining the national defense, economic, security and public health service when disabled or destroyed) has a list of objects included into the above structure [11].
Russia and Ukraine also need these specialized programs to protect themselves from cyberattacks.
1. V.Dremin Globalization of information systems as a factor of globalization of crimes // Information technologies and security. – Issue 1. – Kiev, 2002. – P.56^; Internet against slippers // Izvestia. – April 11th, 2002.
2. www.crime-research.org.
3. Some problems of up-to-date cyberterrorism // Fighting crimes abroad. - 2001. - ¹2.
4. RIA-News: February 4th, 2003^; S.Avdeev, S.Zhdakaev, Y.Nikolaev Our brains are boiling // Izvestia. – April 5th, 2003.
5. I.Rassolov Law and Internet. – M., 2003. – P.257.
6. Y.Baturin, A.Zhodsishsky Computer crimes and computer security. – M., 199. – P.11.
7. More than 30000 web sites train how to crack information systems // www.cnews.ru.
8. Legal aspects of fighting cybercrimes in EU // Fighting cybercrimes abroad. - 2003. - ¹ 2. - P. 37.
9. I.Bachilo, V.Lopatin, M.Fedotov Information law. – SPb., 2001. - P. 676.
10. A.Baranov Electronic legislation //www.zerkalo-nedeli.com.
11. A.Levakov. Security in an American way // Izvestia. – March 5th, 2003.
^macro[showdigestcomments;^uri[];Actual problems of fighting cybercrimes]