Computer Crime Research Center

staff/gva2.jpg

Criminalistic description of interference with work of computers without right

Date: March 18, 2004
Source: Computer Crime Research Center
By: Vladimir Golubev

The article is topical because present-day practice of investigation and successful investigation of any crime depends on the ability of the investigative officer to reveal and estimate actual data and to a great extent on his faculty to delve into criminalistic crux of the investigated criminal activity. The detailed development of criminalistic description of computer related crimes is essential to reveal, disclose and investigate such crimes. Hence, it is very important to understand the sense of substantive law rules, to depict subject of proof and determine goals of investigation process.

The goal of this article is to study the most typical criminalistic information on signs and peculiarities of illegal interference with computer work. Hence, determination and forming of criminalistic description for illegal interference with work of computers (based on ways of committing a crime, crime concealment, background, tools and means, traces of crimes, mechanism of unlawful infringement and personal behavioral characteristics of those citizens who illegally interfere with computer work) are the main tasks of this research.

With due regard to the novelty of lawmaker’s decisions to determine criminal acts related to computer crimes, it is necessary to start any criminal activity examination with determining new concepts, introduced by the lawmaker while establishing corpus delicti (components of crime).

Analysis of Section 16 “Crimes in sphere of computers, computer systems and networks operation” of the Criminal Code of Ukraine shows that legislators introduced a number of concepts that had never been met before in legal criminal terms of law or in law regulating information relationship. These terms need to be essentially explained based on comprehension of both: technical features of new computer facilities and sense of information like new legal criminal and criminalistic category.

Taking into account the importance of semantic definition of the term “illegal interference”, which in general is not typical for conventional criminal legal descriptions of modus operandi, we will examine this concept with relation to current legislation.

Analysis of 361 Article shows that illegal interference with work of computers, systems and networks is penetration into these machines, systems and networks and committing actions that modify operation of computer, system or network, fully or partly stop its functioning without permission (assent) of the owner or the person authorized by him, as well as influence computer work with the help of various technical devices capable to corrupt functioning of this device.


Article 361 protects the proprietor’s right of inviolability of information in computers, systems or networks. The owner of automated system is any person that legally uses services of information processing as the proprietor of such system (computer, systems or networks) or as the person authorized to use such system.

Criminal act, responsibility for which is provided by Article 361, should consist of illegal intervention in the work of computers, systems or networks. It always has a character of certain actions FULFILLMENT, and can be a penetration into computer system using special technical means or software that allow to overcome installed systems of protection from illegal application of obtained passwords or posing as a legal user to penetrate into the computer system [3].

So, Part 1 of the Article 361 defines “illegal interference with operation of automated computers, systems and networks that has led to distortion or destruction of computer information or carriers of such information” as penal action. This component of crime has material character. Consequences of the crime are obligatory element. However, the law contains a limited list of harmful consequences in any other forms, except for specified in the Article 361. The person who has performed the specified actions in forms, not defined in the Article 361, is not subject to criminal liability.



N. Akhtyrskaya, P. Bilenchuck, V. Vekhov, A. Volevodz, Y. Gavrilin, M. Gutsaliuck, V. Kozlov, V. Krylov, V. Minaev, N. Rozenfeld, E. Rossinskaya, N. Saltevsky, O. Snigirev, V. Tsymbaluck, V. Cherkasov, N. Shuruhanov and others researched into problems of computer crimes lately. However they do consider issues of investigating illegal interference with work of computers as a separate crime. At the same time, law enforcement officers, engaged in investigating offences of the given kind, need scientifically based methods of examination. It is necessary to develop a criminalistic description of computer crime in order to conceive the scientific background of the problem.



Theoretical basis of general criminalistic description of crimes were worked out by P. Belkin, A. Vasilyev, V. Obraztzov, V. Shepitko, N. Yablokov and others.



The opinion of V. Korzh is also interesting. She researches into the concept and structure of economic crimes committed by organized criminal groups. Here she marks out features, specific character, signs, background, traces and other consequences of crimes [1].

N. Shuruhnov defines the criminalistic description of a crime as system of criminalistic features, properties, signs. This system contains data on typical methods of committing and concealing a crime, mechanism of criminal encroachment, traces, background of criminal event, subjects of criminal infringement, personal traits of the criminal and the victim, and also facts of the case that favour committing crimes [2].

According to V. Vekhov, the structure of criminal description should include important information on criminal’s personality, motivation and goal of his criminal actions, and also data on the victim [3].

According to V. Kozlov, criminalistic description of computer crimes is the most typical, significant, interrelated information on signs and features of these crimes. This information can be the basis for advancing cases (stories) of the crime [4].

Most homeland and foreign scientists think that criminalistic description is key element of criminalistic methods of investigating computer crimes.

Criminalistic methods of disclosing and investigating computer crimes is a complex of scientific regulations and recommendations, developed on their basis, i.e. scientifically based and approved in practice directions of disclosing and investigating computer crimes.

While estimating different definitions of criminalistic description, we may draw a conclusion that most researchers note elements of criminal description as follows: typical investigative cases, methods of committing crimes, typical material traces, personality descriptions of the criminal and the victim, methods of concealing crimes, crime background.

Mentioned approach allows to mark out a number of problematic issues in working out of criminalistic description of illegal interference with work of computers:


- high latency of computer crimes. V. Tsymbaluck notes that in majority of cases, victims are unwilling to notify police of criminal infringements with their computer systems because they do not want to undermine their reputation [5];

- complexity of evidence gathering and problems of proving at court;

- variety of criminalistic significant signs of computer crimes;

- absence of clear program on fighting computer crimes;

- complexity of disclosing computer crimes;

- absence of enough investigative practice of enquiry into computer crimes.



Criminalistic description of illegal interference with operation of computers, systems and networks is a system of summarized data on typical traces, methods and mechanisms of committing crimes, personality of the criminal and other significant features, properties, peculiarities of the crime and facts of the case that favour committing a crime. Criminalistic description helps to optimize investigation and practical application of means, ways and methods of criminalistics during disclosing and investigating crimes of the given kind. It consists of such data as follows: ways of crime committing (modus operandi) and mechanism of illegal action, ways of concealing illegal interference with operation of computer, system or network, instrument (means) of crime, facts of crime, place of crime, subjects of criminal encroachment, persons committed illegal interference with operation of computers, systems and networks, etc.

Let’s consider data on modus operandi and mechanism of illegal action. Modus operandi (way of committing crime) is a system of actions of the criminal (and/or related persons) united by one intention directed on preparing, committing and covering up a crime, determined by objective or subjective factors and connected to use of corresponding facilities and means. Today there is no clear classification of modus operandi for illegal interference in computers, systems and networks functioning [5]. On our opinion they can be divided in to 3 main groups:

The first group: ways of direct access.

This covers damaging, deletion, deterioration, alteration, suppression or copying of computer data, and also serious hindering without right of computer, system or network functioning by inputting corresponding commands from the computer where information is stored. Direct access may be made by both persons working with data (related to this work), and persons intentionally penetrating in restricted areas or premises, where information is processed.

The second...


Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo