Computer Crime Research Center

hack/spy.jpg

World run by ones and zeros

Date: February 17, 2008
Source: Sundaytimes.lk
By: Ruwani Dharmawardana

"The world isn't run by weapons anymore, or energy, or money. It's run by ones and zeros--little bits of data--it's all electrons....There's a war out there, a world war. It's not about who has the most bullets. It's about who controls the information--what we see and hear, how we work, what we think. It's all about information."- David L. Carter, Ph.D., FBI Law Enforcement Bulletin –USA.

There are five laws governing the ICT industry in Sri Lanka namely:

1.Sri Lanka Telecommunication (Amendment) Act No. 27 of 1996- To cover frauds committed via telephone calls, SMS &Internet etc.

2.Information and Communication Technology Act, No. 27 of 2003- To promote and accelerate “egovernment in Sri Lanka”, by establishing an ‘Information and Communication Technology Agency’.

3.Intellectual Property Act, No. 36 of 2003- To address ‘computer software copyright’ &‘computer database’ etc.

4.Electronic Transaction Act, No. 19 of 2006- To cover the legal recognition of electronic documents in the form of data messages and other communications, the acceptance of electronic documents in place of documents required in writing, the legal recognition of electronic signatures, the use of electronic records and electronic signatures in government and statutory bodies, the retention of electronic records and the legal acceptance of electronic contracts.

5.Computer Crime Act, No. 24 of 2007- To prevent unauthorized access, malware like; Viruses, Worms (worms can identify credentials like passwords &user names and generate multiple copies), Trojans (appear as friends but perform hidden functions), Spy ware (transmit information gathered from a computer such as bank details back to an attacker) &Logic bombs etc, misuse of the computer by unlawful function, illegal interception &using illegal devices etc.

How do we deal with computer crimes? Computer crimes can be dealt at two levels. One is the conventional approach of legal method. The other is technological solutions like firewalls and patches etc.

Generally computer crime consists of three components:

Computer related crimes –computers used as a tool for criminal activity such as theft, fraud (e.g.: printing illegal money) etc.
Hacking offences- which affects integrity, availability and confidentiality of a computer system or network (also includes the introduction of viruses, worms, etc).

Content related cyber crimes – where computers together with Internet resources are used to distribute illegal data e.g.: internet based pornography, criminal copyright infringement.

The Computer Crime Act does not provide an exact definition of ‘computer crime’. As per the definition provided by ‘Alliance for Telecommunication Industry Solutions-USA’, ‘computer crime’ is a violation of law committed with the aid of, or directly involving, a data processing system or network. Examples of computer crimes are ‘Phishing scams, Cyberstaliking, Hoaxes, Spam e mails &Internet frauds etc’.

Unauthorized access appears to be the basic building block of most other computer crimes. It is the "least included offence" in a hierarchical series of crimes that become increasingly more grave as aggravating harms and culpability states are added to the base offense. Performing a function without lawful authority is also an offence under the Computer Crime Act. For example, if the system asks you a question “do you want to delete this?”, and you answer as “Yes”, whereas it should be “No”, which damages the system, you will be guilty of an offence. Another example is; if the payroll handling officer feeds wrong data to increase his/her salary it amounts to an unauthorized arithmetical process. However to convict a person ‘intention, knowledge of results and absence of authority’ are required to be proved.

The above discussed laws are designed for the protection of arts and inventions which are results of human intellect.


Add comment  Email to a Friend

Discussion is closed - view comments archieve
2008-03-09 13:09:28 - "Unauthorized access appears to be the... Filimon Florin
Total 1 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo