Secret Search in Fighting Cybercrime
Date: November 19, 2003Source: Computer Crime Research Center
By:
Establishing the fact of committed crime is the main problem of investigating crimes in bank computer systems.
Especially, in order to assert with good reason that computer crime has been committed it is necessary to prove:
- the fact, that computer information to which unauthorized access was performed, is protected by laws of Ukraine;
- the fact, that the malefactor performed certain illegal actions;
- the fact, that unauthorized actions outraged rights of information owner;
- the fact of unauthorized access to computers or attempt of obtaining such access;
- the fact of using money resources obtained by malefactor as a result of illegal actions. For example, it is necessary to prove, that access was unauthorized with a view of committing a crime. Then such facts are to be established and proved:
- unauthorized operations, for example with software, were really performed;
- these operations were illegal;
- a person that has performed them knowingly and with criminal intent.
Complex of urgent investigatory actions, obligatory for an initial stage of investigation, should include^:
1. Carrying out a search in the office, at a workplace of suspect with a view of detection and withdrawal of physical carriers of computer information and other documents concerning, or probably concerning, unauthorized relation of software, or carrying other traces of preparation for money theft.
2. Examination of:
- log files for breakdown situations, computer operating time, and rotation of operators;
- security and control facilities of bank computer systems, that log users, time of system initiation (activation), time of users connection;
- logs of evening work, a copy of operators actions, printed on a paper during evening information processing, which is performed after each trading day;
- check numbers of files;
- software;
- chips of permanent memory devices, microprocessors and their circuit research.
3. Examination and analysis of technical instructions on processing daily accounting information with a list of outgoing forms.
4. Interrogation of programmers engaged in software development and its support, experts responsible for information security, experts engaged in service of computer facilities.
5. Assignment of complex judicial-accounting examination engaging experts of law enforcement bodies, experts in computers, document circulation, accounting and reporting organization, information security in computer systems.
During judicial-accounting examination, experts should establish, if infringements of document circulation regulations of representing basic documents in accounting had happened, and fixed on the information carrier, if reasons (committing a crime with intent, abusing or mistaking) and responsible for these infringements persons are established.
Results of technical expert examination should be drawn up as an expert opinion. Thus, it could be considered as evidence in court. Nowadays with the help of such examinations the following tasks may be solved:
1. Reproduction and listing of all parts of information contained on physical carriers, including information contained in other than text form.
2. Restoration of information that had been contained on physical carriers before, and was erased or changed for various reasons afterwards.
3. Establishing time of input, change, deletion or copying of information.
4. Decoding encrypted information, picking out passwords and disclosing security systems.
5. Establishing authorship, place, means, background and ways of documents manufacturing (files, programs).
6. Finding-out possible channels of information outflow from a computer network and premises.
7. Finding-out technical conditions, accuracy of hardware-software system, opportunities of their adaptation for the specific user.
8. Establishing professional training standard of separate persons engaged in programming.
The problem of information security maintenance in Ukraine yet has not involved attention of media and public. It does not bother common people and it seems rather exotic against background of continued economic, ecological and spiritual crisis, nonpayment, and decrease in a standard of living, extended increase in crime. And, nevertheless, it is the problem that has already gradually affected interests of everyone. It is becoming a serious barrier for successful activity of legal entities, funds, and public authorities. In future prospect, it will define a realization opportunity of economic prospects.
It is a question of information field - a field of information manufacture, search, reception, transfer and distribution as well inland, and abroad. It includes also a sphere of intellectual activity of people, their information interaction, cultural heritage preservation and augmentation, management of public life, economic activities of public authorities.
There are some distinctive features of mankind development nowadays. They are: essential increase in technological progress, its influence on people and society, cost increase of new knowledge. And as a result, we have new powerful means of intellectual work support, increase of person's ability to originate new knowledge and to use it efficiently.
There is some not of less important features of lasting period. The problem of increasing integration of people, their growing dependence from each other, integration of a global science, economy, culture, armed forces, states.
Rising need for information interaction between people is after-effect of these factors. Satisfaction quality of this need substantially defines opportunities of people for effective solving of arising professional and private problems. It acts as one of determining factors of successful activity of commercial, industrial and public organizations, and also economic development of countries and regions.
The development of property relations legal securing in information field is proceeding intensively. There is a general tendency for measures toughening of organizational and economic character, criminal prosecution of property offences in information field. In particular, it concerns unauthorized disclosure of state secret and commercial classified information, creation of preconditions to a possibility of such disclosure. Struggle for observance of copyright, industrial samples, intellectual property rights is becoming tougher.
Present-day information technologies (IT) and information play leading role in maintaining further progress of mankind. A significant recognition of this role in advanced countries lies in declaring it to be of a national priority. So the White House carries out initiative of President's Administration in information field that was defined in the Memorandum “Use of Information Technology to Improve Our Society”. According to this document technology in the USA should be developed in a new direction in order to strengthen economic power and to promote economic growth. One of ultimate goals of this initiative is to win a global leadership in abstract science, mathematics and engineering technology. It answers the purpose to strengthen position of US as a superstate that is capable to organize independently new world order under present-day conditions.
All these trends evidence about appearing preconditions for organization of open global information community. On one hand this community is promising an unprecedented opportunity for intellectual development of each person, further acceleration of technological progress. On the other hand, this new community brings a danger of new global scale.
Prepared by UNDP Ukraine in cooperation with the State Committee on Communication and Information, the report "E-Readiness Assessment of Ukraine" http://www.un.kiev.ua/en/undp/publications.php is based on the Harvard Readiness for the Networked World http://cyber.law.harvard.edu/people/seedsofchangemay02.pdf guide. And still, e-readiness of Ukraine is rated at 2.5 degree out of 4 possible. National and international experts analyzed 40 ICT (information and communications technology) indicators, and a series of discussions organized by UNDP brought together scientific, business and civil society groups with parliamentarians and government officials to examine issues. Although Ukraine reportedly ranks fourth in the world http://www.brainbench.com/pdf/globalitiq.pdf in number of highly qualified computer specialists, development of its ITC sector is lagging. [1]
Development of IT in any country is defined by information-technological policy. This policy does not only efficiently assist this process, but also lags it. Such situation had happened in the former Soviet Union in 70th of the last century, when an agreement about development of computer facilities means of the fourth generation together with firms of England, France and Italy has been prepared. Interest of top computer firms of the Western Europe in such agreement accounted for their mutual desire to get rid of monopoly for computer facilities manufacture of American firms, first of all IBM. Having understood arising serious threat of production sales in Europe, American party undertook emergency counter-measures. System IBM 360 was advertised as the best in the world. Myth about...
Next
Add comment
Email to a Friend
