A. Sñhetilov

Some problems of cyber crime and cyber terrorism fighting

The international community has come to new epoch - information society epoch. At present the human activity depends on telecommunication technologies used in almost all fields of people activity (communications, transport, space, power industry, water supplying, finances, trading, science, education, defense, public maintenance of law and order, medicine and so). In 1998 there were connected to Internet only 143 millions of people, but in 2001 the users quantity has reached to 700 millions. Russian Internet segment yet has 6 millions users or so.

Rapid developing of telecommunications and global computer networks has created the reasons, which allow to commit of cyber crimes in the high technologies field more easier. The telecommunication technologies opportunities use by criminal organizations very widely. The typical examples of such kind of crimes are:

- transmitting of crimes collected capitals,
- untaxed financial operations,
- cracks and weapon sales through Internet,
- crimes connections commitment by use of E-mail,
- compromising" spreading,
- theft of passwords and accessing networks codes,
- unlawful information coping, including commercial and confidential one,
- hacker attacks,
- producing and use of cloned personal radio-electronic measures ("similar").

By the way many of these crimes by idea, committing and results may be named as terrorist actions.

Terrorist actions in the cyberspace could be done not only isolated persons or terrorist groups, but one state against another. By that cyber terrorism not differ from other kind of terrorism by nothing. Extremist groups, separatist forces, advocates of ideas, which defy to the universal values intensive use of modern technologies for their idea propaganda and information wars conduction.

So, creating of finding and neutrality of influence on the information technologies is the main task of the society and it law-defense authorities. This understood so in the Russian Federation well.

By the Maine office of special technical measures (M O S T M) of the Russian Department of Interior dates during 2001 year the quantities of committed in the cyber information field crimes on the territory of the Russia increased in 1.5 times or so compared with 2000 year.

The international community realized fully the possibility consequences rate from the cyber criminal thread and there was signed the International Convention of cyber criminal by the representatives of EC countries and also US, Canada and Japan in the November 2001. In the convention the crimes, which committed in the information field or against information resources or with the help of information measures factually ruled as cyber crimes and ruled the approximate list of this crimes:

- Unlawful access to information environment.
- No legal interception of information resources.
- Intervention into containing on the magnetic transmitters information.
- Intervention into the computer system.
- Unlawful use of telecommunication equipment.
- Forgery with use of computer measures.
- Deviousness with use of computer measures.
- Crimes, which connected with considered in the Convention contents actions.
- Crimes, which connected with "child" porno.
- Crimes, which connected with author and related rights breaking.


We think that cyber crime (and cyber terrorism as one of it kind) is the intervention into the telecommunication networks work, functioning in their environment computer programs or no sanctioning modification of the computer dates, leading to disorganization of the very important elements of the state infrastructure and creating of people death danger, causing the significant property loss or coming of other social danger consequences which makes to destroy the social protection, population frightening or influencing to the authorities decisions which profitably for criminals or their unlawful property and(or) other interests satisfaction.

I'll mark that to our mind cyber crime do not limited by crime boards which were committed in the Internet, it spread on all kind of committed in the information-telecommunication field crimes, where information, information resources, information technical could be subject (term) of crime infringes, field where offences has been doing and crime measure or tool.

Information weapon could act selectively, it could be use through trans-board links, that could be cause of source finding impossibility. So information weapon can become an ideal measure for terrorists and information terrorism could become the threat of many states existence, what make the information protection matter the important aspect of national and international protection and this aspect role will be increased. In the foreign countries legislation the cyber terrorist very often named as hacker. The arsenal of both are:

- different attacks kinds which allow to penetrate into the attacked network or intercept of network control
- cyber viruses, including network viruses (worms), which modify and delete of information or block of calculation systems work
- logical bombs- the commands kits , which penetrated into the program and operated at certain conditions for example after certain time period
- "gresian horses ",which allow to do certain actions without poisoned system master (user) knowledge ( at present time widespread the kind of "gresians", which send to its "master" through Internet different information from the spoiled computer, including registered users passwords)
- measures of information exchange suppressing in the networks.


It is no sense to doubt that the new measures will appear soon, as the cyber crimes weapon modified constantly depending from the protection measures which used by computer networks users: when the protection systems become improved, the attack measures become more sophisticated. The main features of cyber crimes are:

- cyber crimes secretiveness
- trans-broadness
- information, information resources, information technique could be the subject ( aim) of crime infringement, the environment when offenses committed and the crime measure or tool
- computer information (crime traces) deleting and changing easiness
- cyber crimes commitment traces kept in the technique facilities memory, in the electro-magnetic field, on the machine transmitters of computer information and occupy an intermediate position between material and ideal traces
- "virtual" traces could not be removed, it is only possible to copy them
- short time of cyber crimes traces keeping on the servers of the telecommunication networks companies-operators
- unique peculiarity - actions immediateness, which directed to the computer information recognizing and persons identification which deal with unlawful activity in the computer networks.


Taking into attention cyber crimes peculiarities there appear the whole technical and juridical problems complex, which connected with absence of:

1. Legislation acts, regulating of criminal-processional actions
2. Specially training staffs (operate and investigate staff, specializing on the discovering and exposing of the crimes in the information-telecommunication field)
3. Necessary technical measures.


Take into consideration some peculiarities of crimes investigation in the computer information field (cyber crimes)

Unlawful access to the computer information (crimes, which committed with regard to computer information situated in the global computer networks or during addressing to them).

There are some unique peculiarities in that crimes investigation with juridical qualification some of unlawful activities. During no sanctioning accessing to Internet there come unlawful regarding to the protected by law information ( commercial secret), which is the users passwords list. May be some society dangerous consequences which could come. In the common circumstance it is the computer network work breaking, including:

- failure in the equipment work, because provider firm equipment designed for the certain users quantities and, of cause, not take into account illegally connected persons. Excessive equipment loading lead to mistakes during dates transmitting and, therefore, to distortion of receiving and sending information; unfounded delays during work
- incorrect information giving out, because there is present registered user name in all protocols.


In addition the binding condition is the saving of computer physical integrity, computers system or their network. If among listed of equipment work faults the computer system physical integrity as the physical object is broken, it is require the add qualification by the paragraphs about anti-property crimes. Among work failure in the chance of access monopoly condition (or static IP address), there happened the information blocking, i.e. other user has not opportunity to enter under so name (address). Besides, during no sanctioning accessing there happened information modification in the Internet network record-statistic database, including information of work time of officially registered user and payment of purchased time.

To say about guilty form, that criminal technical qualification allow to realize unambiguously the society danger of his actions, to foresee the possibility of common danger consequences coming, not to wish but allow these consequences intelligently or take to them indifferently, that demand the premeditated crime commitment.

Crimes investigation committed with regard to computer information positioned in the electronic-calculated machine but not in computer. During crimes investigation committed with regard to computer information positioned in the electronic-calculating machine but not computer as we understand this word classically (such as pager, mobile-phone, cash register and others ), it is necessary to take into attention the next peculiarities. These devices are the microprocessor devices, which are able to record, keep, polish, copy of digital (computer) information . Such devices very often joined in the common network by controller, where the self-devices are the distant network work place, and central controller is the file and communication server. So, on the positioned in the mobile, paging and other communication networks information disseminated as it protected laws as appropriate articles of 28 chapter of Russian Federation CC.

Investigation of crimes which connected with production and/or spreading of harmful programs.

The practice of production and spreading of harmful programs investigation also discovered some peculiarities, which need of explanation. Besides the material compositions of premeditated crimes in objective side of which included the legally important common dangerous consequences, in the Russian Crime Code there are formal compositions, objective side of which limited by only common dangerous action or inactiveness. There explained by especially high range of common dangerousness that the criminal law pursue enough harshly for the fact of producing, using or spreading of harmful programs for computers, not saying that any consequences will come. In these cases the intent formally is the only awareness of action (inactiveness) common danger and the wish of it committing.