cyber crim
TRANSCRIPT
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 1/72
CyberCyber--crime and Securitycrime and Security
Policy IssuesPolicy Issues
Rodolfo Noel S. QuimboResource Person
Information, Communication
and Space Technology DivisionUNESCAP
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 2/72
Two Part PresentationTwo Part Presentation
CyberCyber--crimecrime
•• Internet and Security ConceptsInternet and Security Concepts•• Incidents/AttacksIncidents/Attacks
•• Improving SecurityImproving Security
CyberlawCyberlaw
•• Statutes, Laws, and PoliciesStatutes, Laws, and Policies ––
Challenges to enforcersChallenges to enforcers•• Substantive and Procedural LawSubstantive and Procedural Law
•• Efforts to Combat CyberEfforts to Combat Cyber--crimecrime
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 3/72
--
Part I CyberPart I Cyber--crimecrime
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 4/72
Internet and Security ConceptsInternet and Security Concepts The Internet and Its VulnerabilitiesThe Internet and Its Vulnerabilities
•• When it started as a project of the AdvancedWhen it started as a project of the Advanced
Research Project of the US DefenseResearch Project of the US DefenseDepartment in 1969, the system was designedDepartment in 1969, the system was designed
for openness and flexibility, not securityfor openness and flexibility, not security
•• The first publicized international securityThe first publicized international securityincident was identified in 1986. An attemptincident was identified in 1986. An attempt
was made to use the network to accesswas made to use the network to access
computers in the US to copy information fromcomputers in the US to copy information from
them.them.
•• In 1988, the network had its first automatedIn 1988, the network had its first automated
network security incident courtesy of a wormnetwork security incident courtesy of a worm
programprogram
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 5/72
Internet and Security ConceptsInternet and Security Concepts The Internet and Its VulnerabilitiesThe Internet and Its Vulnerabilities
•• As a response to the worm threat, a computerAs a response to the worm threat, a computer
emergency response team was created (nowemergency response team was created (nowthe CERT Coordination Center)the CERT Coordination Center)
•• In 1989, the ARPANET Project officiallyIn 1989, the ARPANET Project officially
became the Internet. However, it has, forbecame the Internet. However, it has, formost part retained its inherent opennessmost part retained its inherent openness
•• The Internet being inherently open, extremelyThe Internet being inherently open, extremely
dynamic allows attacks, in general, to bedynamic allows attacks, in general, to bequick, easy, inexpensive and often timesquick, easy, inexpensive and often times
difficult to detect or tracedifficult to detect or trace
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 6/72
Important Security ConceptsImportant Security Concepts
•• Confidentiality of InformationConfidentiality of Information
Confidentiality is lost when someone without authorityConfidentiality is lost when someone without authority
is able to read or copy informationis able to read or copy information
•• Integrity of InformationIntegrity of Information
Modifying information in unexpected ways makes itModifying information in unexpected ways makes it
lose its integritylose its integrity•• Availability of InformationAvailability of Information
The erasure of information makes it unavailable whenThe erasure of information makes it unavailable when
needed. Often, this is the most important attribute inneeded. Often, this is the most important attribute in
service oriented businessesservice oriented businesses
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 7/72
Elements of a Secured NetworkElements of a Secured Network
EnvironmentEnvironment AuthenticationAuthentication
•• “ “I am who I Say I amI am who I Say I am” ”
AuthorizationAuthorization
•• “ “I am allowed to read the fileI am allowed to read the file” ” NonNon--repudiationrepudiation
•• “ “Yes, I sent the eYes, I sent the e--mailmail” ”
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 8/72
Attack TrendsAttack Trends visvis aa visvis InternetInternet
GrowthGrowth Trend 1Trend 1 –– Automation; speed of AttackAutomation; speed of Attack
ToolsTools•• Scanning for Potential VictimsScanning for Potential Victims
•• Compromising vulnerable systemsCompromising vulnerable systems
•• Propagate the AttackPropagate the Attack
•• Coordinated Management of Attack ToolsCoordinated Management of Attack Tools
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 9/72
Attack Trends (contAttack Trends (cont’’d.)d.)
Trend 2Trend 2 –– Increasing SophisticationIncreasing Sophistication
of Attack Toolsof Attack Tools
•• AntiAnti--forensicsforensics
•• Dynamic behaviorDynamic behavior
•• Modularity of attack toolsModularity of attack tools
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 10/72
Attack Trends (contAttack Trends (cont’’d.)d.)
Trend 3Trend 3 –– Faster Discovery of vulnerabilitiesFaster Discovery of vulnerabilities
Year 1995 1996 1997 1998 1999
Vulnerabilities 171 345 311 262 417
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 11/72
Attack Trends (contAttack Trends (cont’’d.)d.)
Trend 3Trend 3 –– Faster Discovery of vulnerabilitiesFaster Discovery of vulnerabilities
Year 2000 2001 2002 2003 2004 2005 2006
Vulnerabilities
1,090 2,437 4,129 3,784 3,780 5,990 8,064
Total Vulnerabilities reported (1995-Q2, 2006): 30,780
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 12/72
Attack Trends (contAttack Trends (cont’’d.)d.)
Trend 4Trend 4 –– Increasing Permeability of Increasing Permeability of
FirewallsFirewalls
Trend 5Trend 5-- Increasing AsymmetricIncreasing Asymmetric
ThreatThreat
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 13/72
Attack Trends (contAttack Trends (cont’’d.)d.)
Trend 6Trend 6 –– Increasing Threat fromIncreasing Threat from
Infrastructure AttacksInfrastructure Attacks
•• Attack 1Attack 1 –– Distributed Denial of Distributed Denial of
ServiceService
•• Attack 2Attack 2 -- WormsWorms
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 14/72
Attack Trends (contAttack Trends (cont’’d.)d.)
Trend 6Trend 6 –– Increasing Threat fromIncreasing Threat from
Infrastructure AttacksInfrastructure Attacks
•• Attack 3Attack 3 –– Attacks on the InternetAttacks on the Internet
Domain Name System (DNS)Domain Name System (DNS)
Cache PoisoningCache Poisoning Compromised DataCompromised Data
Denial of ServiceDenial of Service Domain HijackingDomain Hijacking
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 15/72
Attack Trends (contAttack Trends (cont’’d.)d.)
Trend 6Trend 6 –– Increasing Threat fromIncreasing Threat from
Infrastructure AttacksInfrastructure Attacks
•• Attack 4Attack 4 –– Attacks against or usingAttacks against or using
routersrouters
Routers as attack platformsRouters as attack platforms Denial of ServiceDenial of Service
Exploitation of Trust relationshipExploitation of Trust relationshipbetween routersbetween routers
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 16/72
Sources of Incidents/ThreatsSources of Incidents/Threats
3
Vulnerabilities
External
Interception Spoofing, viruses, Trojans
Message modification,
Break – in
Transaction interception
Internal
LAN sniffing Trojans
Access behind firewalls
Back connection topublic Internet
Internet
Cable Modem,Firewall, LAN
Server
PC
Viruses,
Trojans
Sniffers,back door
Transaction
trapping,hackers
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 17/72
Kinds of IncidentsKinds of Incidents
ProbeProbe•• Attempts to gain access into a systemAttempts to gain access into a system
ScanScan•• Large number of probesLarge number of probes
Account CompromiseAccount Compromise•• Unauthorized use of an account byUnauthorized use of an account by
someone other than the ownersomeone other than the owner
Root CompromiseRoot Compromise•• An account compromise where theAn account compromise where the
account has special privileges on theaccount has special privileges on thesystemsystem
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 18/72
Kinds of IncidentsKinds of Incidents
PacketPacket SnifferSniffer
•• A program that captures data asA program that captures data aspackets travel through the networkpackets travel through the network
Denial of ServiceDenial of Service
•• Preventing authorized users from usingPreventing authorized users from using
the systemthe system
Exploitation of TrustExploitation of Trust•• Forging of identity in order to gainForging of identity in order to gain
unauthorized accessunauthorized access
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 19/72
Kinds of IncidentsKinds of Incidents
Malicious CodeMalicious Code
•• Programs that, when executed,Programs that, when executed,cause undesired results such as losscause undesired results such as loss
of data, downtime, denial of serviceof data, downtime, denial of service
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 20/72
Kinds of IncidentsKinds of Incidents
Internet Infrastructure AttacksInternet Infrastructure Attacks
•• Rare but serious attacks on keyRare but serious attacks on keycomponents of the Internetcomponents of the Internet
structure such as network namestructure such as network name
servers and large archive sitesservers and large archive sites
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 21/72
Improving SecurityImproving Security
Recommended Security Practices thatRecommended Security Practices that
can minimize network intrusions:can minimize network intrusions:•• Ensure all accounts have passwords that areEnsure all accounts have passwords that are
difficult to guess. One time passwords aredifficult to guess. One time passwords are
preferred.preferred.•• Use cryptographyUse cryptography
•• Use secure programming techniques when writingUse secure programming techniques when writing
softwaresoftware•• Regularly check for updates, fixes and patchesRegularly check for updates, fixes and patches
•• Regularly check for security alertsRegularly check for security alerts
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 22/72
Improving SecurityImproving Security
Available technologiesAvailable technologies
•• One time passwordsOne time passwords•• FirewallsFirewalls
••
Monitoring ToolsMonitoring Tools
•• Security Analysis ToolsSecurity Analysis Tools
•• CryptographyCryptography
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 23/72
PART II:PART II: CyberlawCyberlaw
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 24/72
Countries withCountries with CybercrimeCybercrime StatutesStatutesCountry Law
ARMENIA Criminal Code (2003)
BANGLADESH Office of Law Commission approved the Law on IT
AUSTRALIA CRIMES ACT 1914 (PART VIA), Sections 76B, 76D
AUSTRIA Privacy Act 2000 (effective as of January 1, 2000)
BELGIUM Belgian Parliament in November 2000 adopted new articles in Criminal
Code (effective from February 13, 2001) Article 550(b)
BRAZIL Law no. 9,983 of July 14, 2000 Art. 313-A & B
CANADA Canadian Criminal Code Section 342.1
CHILE Law on Automated Data Processing Crimes no. 19.223, published June
7, 1993PEOPLES
REPUBLIC OF
CHINA
Decree No. 147 of State Council of the Peoples Republic of China,
February 18, 1994. Computer Information Network and Internet
Security, Protection and Management Regulations, (approved by
State Council December 11, 1997, and published December 30,1997)
HONG KONG Telecommunication Ordinance
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 25/72
Countries withCountries with CybercrimeCybercrime StatutesStatutesCountry Law
DENMARK Penal Code (Section 263)
ESTONIA Estonian Criminal Code (Sections 269 to 273)
FINLAND Penal Code Chapter 38 (Section 8)FRANCE New Penal Code, in effect since March 1, 1993 Chapter III
(Articles 323-1 to 323-4)
GERMANY Penal Code Section 202a, 303a, Section 303b
GREECE Criminal Code Article 370C§2
HUNGARY Penal Code (Section 300 C)
IRELAND Criminal Damage Act, 1991
ICELAND Penal Code (§ 228 Section 1)
INDIA Information Technology Act 2000 (No. 21 of 2000)
ISRAEL The Computer Law of 1995,
ITALY Penal Code (Article 615)JAPAN Unauthorized Computer Access Law Law No. 128 of 1999 (in
effect from February 3, 2000)
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 26/72
Countries withCountries with CybercrimeCybercrime StatutesStatutesCountry Law
LATVIA The Criminal Law (Section 241)
LUXEMBOURG The Act of July 15th, 1993, relating to the reinforcement of
the fight against financial crime and computer crime
MALAYSIA Computer Crimes Act 1997
MALTA ELECTRONIC COMMERCE ACT (Sections 337 (C) (1) to
337 (F) (1)
MAURITSIUS The Information Technology (Miscellaneous Provision) Act1998 (Act No. 18 of 1998) Penal Code (Section 369A)
MEXICO Penal Code Part 9 (Chapter II)
THE
NETHERLANDS
Criminal Code (Article 138a)
NEW ZEALAND Crimes Amendment (No 6) Bill is introduced (Section 305ZE
& 305ZF)
NORWAY Penal Code (§ 145, 151 b, § 261 & § 291)PAKISTAN Electronic Transactions Ordinance 2002
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 27/72
Countries withCountries with CybercrimeCybercrime StatutesStatutesCountry Law
POLAND The Penal Code (Article 267 to 269)
PORTUGAL Criminal Information Law of August 17, 1991
PHILIPPINES Republic Act No.8792 or the E-commerce LawSINGAPORE Computer misuse Act.
SOUTH AFRICA South African Law Commission published a Discussion Paper
on Computer-related crime.
SWEDEN The Data Act of 1973 (amendments in 1986 and 1990)
SWITZERLAND Penal Code (Article 143bis)
TURKEY Penal Code (Section 525/a)
UNITED KINGDOM Computer Misuse Act 1990
UNITED STATES Federal legislation (updated April 15, 2002) US CODE:
TITLE 18
VENEZUELA SPECIAL STATUTE AGAINST COMPUTER RELATED
CRIMES (Published in Official Gazette of Bolivarian
republic of Venezuela, October 30, 2001)
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 28/72
Challenges toChallenges to CyberlawCyberlaw EnforcersEnforcers
Technological ChallengesTechnological Challenges
•• Technology allows for near absoluteTechnology allows for near absoluteanonymity of culpritsanonymity of culprits
Legal ChallengesLegal Challenges
•• Laws lag behind the changes in technologyLaws lag behind the changes in technology
Resource ChallengesResource Challenges
•• Lack of sufficient experts/budgetLack of sufficient experts/budget
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 29/72
Substantive AspectsSubstantive Aspects
of the Proposedof the ProposedCybercrimeCybercrime PreventionPrevention
ActAct
Drafting Comprehensive Laws to Combat Cybercrime
“Cyberspace consists of transactions, relationships, and thought itself, arrayed
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 30/72
Cyberspace consists of transactions, relationships, and thought itself, arrayed like a standing wave in the web of our communications. Ours is a world that
is both everywhere and nowhere, but it is not where bodies live.
We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or
conformity.
Your legal concepts of property, expression, identity, movement, and context do not apply to us. They are all based on matter, and there is no matter
here.
Our identities have no bodies, so, unlike you, we cannot obtain order by physical coercion. We believe that from ethics, enlightened self-interest,
and the commonweal, our governance will emerge. Our identities may be distributed across many of your jurisdictions. The only law that all our
constituent cultures would generally recognize is the Golden Rule. We hope we will be able to build our particular solutions on that basis. But we cannot
accept the solutions you are attempting to impose.”
John Perry BarlowDeclaration of Independence of Cyberspace
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 31/72
OutlineOutline
Why a NewWhy a New CybercrimeCybercrime Bill?Bill?Salient Substantive Features ofSalient Substantive Features of
CybercrimeCybercrime BillBillPunishable ActsPunishable Acts
Liabilities and PenaltiesLiabilities and Penalties
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 32/72
Why a New Why a New Cybercrime Cybercrime Legislation? Legislation?
New ways of committing cyberNew ways of committing cyber--
crimes crop up every momentcrimes crop up every moment Need to factor in international effortsNeed to factor in international efforts toto
combat cybercombat cyber--crimescrimes
Most laws lack framework that takes intoMost laws lack framework that takes into
account theaccount the ““international facetinternational facet”” ofofcybercyber--crimescrimes
The ProposedThe Proposed CybercrimeCybercrime PreventionPrevention
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 33/72
The Proposed The Proposed Cybercrime Cybercrime Prevention Prevention
Act Act
Aims at harmonizing existing penal Aims at harmonizing existing penal
laws/measures & pending cyberlaws/measures & pending cyber--crime billscrime bills
with the current cyberwith the current cyber--crime measures in thecrime measures in theU.S. and the European Union.U.S. and the European Union.
Models: Models: 1. Budapest Convention on Cyber1. Budapest Convention on Cyber--crimecrime
2. US Computer Fraud & Abuse Act of 19862. US Computer Fraud & Abuse Act of 1986
3. Philippine E3. Philippine E--Commerce ActCommerce Act
What isWhat is CybercrimeCybercrime??
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 34/72
What isWhat is CybercrimeCybercrime??
Criminal JusticeCriminal Justice CybercrimeCybercrime Categories (ProfessorCategories (ProfessorDavid L. CarterDavid L. Carter – – 1979)1979)
1.1. Computer as the TargetComputer as the Target
Computer intrusion, data theft, technoComputer intrusion, data theft, techno--vandalism / trespassvandalism / trespass
2.2. Computer as the instrumentality of the CrimeComputer as the instrumentality of the Crime
Credit card fraud, telecommunications fraud,Credit card fraud, telecommunications fraud,thefttheft
3.3. Computer as Incidental to other CrimesComputer as Incidental to other Crimes
Drug trafficking, money laundering, childDrug trafficking, money laundering, child
pornographypornography4.4. Crimes associated with the Prevalence ofCrimes associated with the Prevalence of
ComputersComputers
Copyright violation, software piracy, componentCopyright violation, software piracy, componentthefttheft
Th C t T tTh C t T t
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 35/72
The Computer as Target The Computer as Target
Illegal accessIllegal access ((§§4.1, proposed bill)4.1, proposed bill)
Punishable ActsPunishable Acts
Unauthorized access to a computer system/networkUnauthorized access to a computer system/network
for the purpose offor the purpose of obtaining or using a computerobtaining or using a computer
data or program or in pursuit of a dishonest intent.data or program or in pursuit of a dishonest intent.
Example: Example:
Hacking/cracking, computer trespassHacking/cracking, computer trespass
Source: Source: Art. 2, Budapest ConventionArt. 2, Budapest Convention
Th C t T tTh C t T t
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 36/72
The Computer as Target The Computer as Target
Illegal interceptionIllegal interception ((§§4.2, proposed bill)4.2, proposed bill)Punishable act: Punishable act:
Unauthorized interception through technical means of any nonUnauthorized interception through technical means of any non--
public transmission of computer data to, from, or within apublic transmission of computer data to, from, or within acomputer system or networkcomputer system or network
Exception: Exception:
Interception deemed necessary for the maintenance/protectionInterception deemed necessary for the maintenance/protection
of facilities of service providers (of facilities of service providers (i.e i.e ., service observing or., service observing orrandom monitoring for mechanical or service control qualityrandom monitoring for mechanical or service control qualitychecks)checks)
Example: Example: Using electronic eavesdropping devices in obtaining dataUsing electronic eavesdropping devices in obtaining data
Source: Source: Art. 3, Budapest ConventionArt. 3, Budapest Convention
Th C t T tThe Computer as Target
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 37/72
The Computer as Target The Computer as Target
System interferenceSystem interference ((§§4.4, proposed bill)4.4, proposed bill)Punishable acts: Punishable acts:
IIntentional & unlawful hindering with the properntentional & unlawful hindering with the properfunctioning of a computer system or network by using orfunctioning of a computer system or network by using orinfluencing computer data/program, electronic documentinfluencing computer data/program, electronic documentor data message, including the introduction oror data message, including the introduction or
transmission of viruses; also known as computertransmission of viruses; also known as computersabotagesabotage
Example: Example: Virus dissemination, denialVirus dissemination, denial--ofof--service attacksservice attacks
Source: Source: Art. 5, Budapest ConventionArt. 5, Budapest Convention
The Computer as TargetThe Computer as Target
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 38/72
The Computer as Target The Computer as Target
Data interferenceData interference ((§§4.3, proposed bill)4.3, proposed bill)Punishable acts: Punishable acts:
IIntentional & unauthorized damaging, deletion,ntentional & unauthorized damaging, deletion,deterioration, alteration or suppression of computer data,deterioration, alteration or suppression of computer data,electronic document, or electronic data message,electronic document, or electronic data message,including the introduction or transmission of virusesincluding the introduction or transmission of viruses
Example: Example: Inputting malicious codes, such as viruses, resulting inInputting malicious codes, such as viruses, resulting in
modification of datamodification of data
Source: Source: Art. 4, Budapest ConventionArt. 4, Budapest Convention
The Computer as Instrumentality The Computer as Instrumentality
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 39/72
Misuse of devicesMisuse of devices ((§§4.5, proposed bill)4.5, proposed bill)Punishable acts: Punishable acts:
Use, production, sale, procurement, importation,Use, production, sale, procurement, importation,distribution, or making available, without right, ordistribution, or making available, without right, orpossession of any of the following:possession of any of the following:
1.1. Device primarily designed/adapted primarily forDevice primarily designed/adapted primarily forcommitting the crimes of (a) illegal access; (b) illegalcommitting the crimes of (a) illegal access; (b) illegalinterception; (c) data interference; and (d) systeminterception; (c) data interference; and (d) systeminterference, defined under the Act;interference, defined under the Act;
2.2. Computer password, access code, or similarComputer password, access code, or similardata by which a whole or part of a computerdata by which a whole or part of a computersystem or network is capable of beingsystem or network is capable of being
accessed.
p yp y
of the Crime of the Crime
accessed.
Th C t I t t litTh C t I t t lit
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 40/72
The Computer as Instrumentality The Computer as Instrumentality
of the Crime of the Crime Possession of any of the foregoing items with intent toPossession of any of the foregoing items with intent to
use them for the purpose of committing the crimes of (a)use them for the purpose of committing the crimes of (a)
illegal access; (b) illegal interception; (c) dataillegal access; (b) illegal interception; (c) datainterference; and (d) system interference, defined underinterference; and (d) system interference, defined under
the Act;the Act;
The Computer as Instrumentality The Computer as Instrumentality
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 41/72
p yof the Crime of the Crime
Exceptions: Exceptions:
1.1. Device, used for authorized testing of aDevice, used for authorized testing of a
computer system, program, or networkcomputer system, program, or network2.2. Production/creation of any of the devices is forProduction/creation of any of the devices is for
purely academic purposespurely academic purposes
Note: Note: In both instances, prior consent isIn both instances, prior consent isobtained from the owner of the computerobtained from the owner of the computer
system or network on which the device issystem or network on which the device is
to be used.to be used.Source: Source:
Art. 6, Budapest ConventionArt. 6, Budapest Convention
The Computer as Instrumentality The Computer as Instrumentality of the Crimeof the Crime
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 42/72
of the Crime of the Crime
Computer forgeryComputer forgery ((§§4.6, proposed bill)4.6, proposed bill)Punishable acts: Punishable acts:
1.1. Input, alteration, suppression, erasure orInput, alteration, suppression, erasure or
suppression of computer data/program orsuppression of computer data/program orelectronic document in a manner that wouldelectronic document in a manner that wouldconstitute the offense of forgeryconstitute the offense of forgery
2.2. Knowingly using a computer or electronicKnowingly using a computer or electronicdata which are products of computer forgerydata which are products of computer forgeryfor purposes of perpetuating fraudulentfor purposes of perpetuating fraudulent
design.design. Source: Source:
Art. 7, Budapest ConventionArt. 7, Budapest Convention
The Computer as Instrumentality The Computer as Instrumentality
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 43/72
of the Crime of the Crime
Computer fraudComputer fraud ((§§4.7, proposed bill)4.7, proposed bill) Punishable acts: Punishable acts:
1. Intentional/unauthorized input, alteration, suppression,1. Intentional/unauthorized input, alteration, suppression,etc. of computer data/programs or electronic documentetc. of computer data/programs or electronic documentor data message, oror data message, or
2. Interference in the functioning of computer system or2. Interference in the functioning of computer system or
network.network. ElementsElements
1.1. One of the punishable acts committed;One of the punishable acts committed;
2.2. Act is committed with intent of procuring economic benefit forAct is committed with intent of procuring economic benefit forone self or for another, or for the perpetuation of a fraudulentone self or for another, or for the perpetuation of a fraudulentactivityactivity
3.3. Damage is caused therebyDamage is caused thereby
The Computer as InstrumentalityThe Computer as Instrumentality
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 44/72
The Computer as Instrumentality The Computer as Instrumentality
of the Crime of the Crime
Examples: Examples:
Credit card fraud, identity theft/fraudCredit card fraud, identity theft/fraud
Source: Source:
Art. 8, Budapest ConventionArt. 8, Budapest Convention
The Computer as Instrumentality The Computer as Instrumentality
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 45/72
of the Crime of the Crime
Offenses related to child pornographyOffenses related to child pornography((§§5, proposed bill)5, proposed bill)
Child pornographyChild pornography -- materials which visually depict amaterials which visually depict aminor engaged in a sexually explicit conduct or a personminor engaged in a sexually explicit conduct or a personappearing to be a minor engaged in sexually explicitappearing to be a minor engaged in sexually explicitconductconduct
Punishable ActsPunishable Acts Producing child pornography for distributionProducing child pornography for distribution
Offering/making available child pornographyOffering/making available child pornography
Distributing/transmitting child pornographyDistributing/transmitting child pornography
all through the medium of a computer systemall through the medium of a computer systemor networkor network
The Computer as Instrumentality The Computer as Instrumentality
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 46/72
of the Crime of the Crime
-- Criminal liability is without prejudice toCriminal liability is without prejudice to
prosecution under Antiprosecution under Anti--Trafficking in PersonsTrafficking in Persons
Laws &Laws & Special Protection of Children AgainstSpecial Protection of Children AgainstChild Abuse, Exploitation and DiscriminationChild Abuse, Exploitation and Discrimination
LawsLaws
Source: Source:
Art.9, Budapest ConventionArt.9, Budapest Convention
The Computer as an Incident to the The Computer as an Incident to the
Commission of the CrimeCommission of the Crime
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 47/72
Commission of the Crime Commission of the Crime
Violations of Penal Codes or rules & other existingViolations of Penal Codes or rules & other existing
penal lawspenal laws ((§§7, proposed bill)7, proposed bill)
-- Should an act punishable under the Criminal Code,Should an act punishable under the Criminal Code, thethe
Consumer Protection Act, or other existing penal laws beConsumer Protection Act, or other existing penal laws be
committedcommitted ““through the use of, aided by, or involvingthrough the use of, aided by, or involving
computer systems or networks or through transactionscomputer systems or networks or through transactions
covered by or using electronic documents or electroniccovered by or using electronic documents or electronic
data messagesdata messages””, said act shall be punishable and, said act shall be punishable andprosecuted under those laws .prosecuted under those laws .
-- Purpose: Purpose:
Fill in the gaps in existing penal laws & eradicate preconceivedFill in the gaps in existing penal laws & eradicate preconceivednotions that our existing laws only punishes crimes committed innotions that our existing laws only punishes crimes committed in
real world.real world.
-- Source: Source: §§33(c), Philippine E33(c), Philippine E--Commerce ActCommerce Act
Crimes Associated with the Prevalence of Computers
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 48/72
Infringement of Intellectual Property RightsInfringement of Intellectual Property Rights ((§§6, proposed bill)6, proposed bill)
Punishable acts: Punishable acts:
Intentional copying, reproduction, dissemination, distribution,Intentional copying, reproduction, dissemination, distribution, oror
making available online by means of a computer system ormaking available online by means of a computer system or
networknetwork Of protected works (Of protected works (e.g e.g ., computer programs, systems and., computer programs, systems and
designs),designs),
without the knowledge and consent of the owners thereofwithout the knowledge and consent of the owners thereof
for his or another personfor his or another person’’s benefits benefit
Liability without prejudice to prosecution under the IntellectuaLiability without prejudice to prosecution under the Intellectuall
Property CodeProperty Code
Exception: Exception: Fair use, as defined in the Intellectual Property CodeFair use, as defined in the Intellectual Property Code
Source: Source:
Art.10, Budapest Convention
Prevalence of Computers
Art.10, Budapest Convention
Crimes Associated with the Prevalence of Computers
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 49/72
Prevalence of Computers
Unsolicited commercial communicationsUnsolicited commercial communications
((§§4.8, proposed bill)4.8, proposed bill)Punishable acts: Punishable acts:
UnconsentedUnconsented transmission of voice or datatransmission of voice or data
messages which seek to advertise, sell, or offer formessages which seek to advertise, sell, or offer forsale products and servicessale products and services
Example: Example:
Spam eSpam e--mailmail
Liabilities and Penalties Liabilities and Penalties
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 50/72
Prosecution under the proposed bill does notProsecution under the proposed bill does notbar prosecution under:bar prosecution under:
Criminal CodeCriminal Code
Consumer Protection LawsConsumer Protection LawsOther Relevant LawsOther Relevant Laws
Liabilities and Penalties Liabilities and Penalties
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 51/72
Who are liableWho are liable::Persons whoPersons who directly committeddirectly committed any of theany of the
punishable acts (punishable acts (§§8, proposed bill)8, proposed bill)
CoCo--conspirator(s)conspirator(s) in the commission of any ofin the commission of any of
the punishable acts (the punishable acts (§§10, proposed bill)10, proposed bill)
Persons whoPersons who aid/abetaid/abet in the commission ofin the commission ofany of the punishable acts (any of the punishable acts (§§11, proposed bill)11, proposed bill)
Liabilities and Penalties Liabilities and Penalties
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 52/72
Who are liableWho are liable::In case ofIn case of juridical entities juridical entities ((§§9, proposed bill)9, proposed bill)
a. Officers, board members, & employee(s) whoa. Officers, board members, & employee(s) whodirectly participated or knowingly authorizeddirectly participated or knowingly authorized
the commission of the unlawful act in behalfthe commission of the unlawful act in behalf
& for the benefit of the juridical entity& for the benefit of the juridical entityb. Officers & board members if the commissionb. Officers & board members if the commission
of the offense was due to lack of supervisionof the offense was due to lack of supervision
control, either willfully or through grosscontrol, either willfully or through grossnegligencenegligence
Liabilities and Penalties Liabilities and Penalties
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 53/72
Imposable penaltiesImposable penalties ((§§8, proposed bill)8, proposed bill)-- Jail sentence of between 6 months & 1 day to 6Jail sentence of between 6 months & 1 day to 6
yearsyears or a fine ranging from $ 2000or a fine ranging from $ 2000 -- $ 12000, or$ 12000, or
both fine & imprisonmentboth fine & imprisonment
-- Offenses related to child pornography: 6 years &Offenses related to child pornography: 6 years &
1 day to 12 years imprisonment or a $ 40001 day to 12 years imprisonment or a $ 4000 -- $$16000 fine, or both fine & imprisonment16000 fine, or both fine & imprisonment
-- Subsidiary penalty of imprisonment in case theSubsidiary penalty of imprisonment in case the
offender does not have enough property to satisfyoffender does not have enough property to satisfythe fine.the fine.
Civil liabilities for loss or damageCivil liabilities for loss or damage
Procedural AspectsProcedural Aspects
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 54/72
Procedural AspectsProcedural Aspects
of the Proposedof the Proposed
Cybercrime PreventionCybercrime PreventionActAct
Drafting Comprehensive Laws to Combat Cybercrime
OutlineOutline
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 55/72
OutlineOutline
JurisdictionJurisdiction
JointJoint CybercrimeCybercrime Investigation UnitInvestigation Unit
•• FunctionsFunctions•• CompositionComposition
•• PowersPowers
Enforcement and ImplementationEnforcement and Implementation•• Collection of Computer DataCollection of Computer Data
•• Search and Seizure of Computer DataSearch and Seizure of Computer Data
International CooperationInternational Cooperation RemediesRemedies
Some IssuesSome Issues
Extra Extra - - Territorial Application of the Territorial Application of the
Proposed Cybercrime Prevention ActProposed Cybercrime Prevention Act
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 56/72
JurisdictionJurisdiction-- Sec. 21, proposed bill:Sec. 21, proposed bill:
““The Competent Court shall have jurisdiction over anyThe Competent Court shall have jurisdiction over anyviolation of the provisions of this Act committed within theviolation of the provisions of this Act committed within the
territory. In case any of the offenses herein defined isterritory. In case any of the offenses herein defined is
committed outside the territorial limits, and by suchcommitted outside the territorial limits, and by suchcommission any damage is caused to a computer system orcommission any damage is caused to a computer system or
network situated within the territory, or to a natural ornetwork situated within the territory, or to a natural or
juridical person who, at the time the offense was committed, juridical person who, at the time the offense was committed,
is in the territory, the proper Court in the Territory shall havis in the territory, the proper Court in the Territory shall havee jurisdiction. jurisdiction.”
Proposed Cybercrime Prevention Act Proposed Cybercrime Prevention Act
”
Extra Extra - - Territorial Application of the Territorial Application of the
Proposed Cybercrime Prevention ActProposed Cybercrime Prevention Act
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 57/72
Proposed Cybercrime Prevention Act Proposed Cybercrime Prevention Act
JurisdictionJurisdiction
-- Two approaches in establishingTwo approaches in establishing jurisdiction: jurisdiction:
1.1. Where the crime is committedWhere the crime is committed
2.2. Where the effects of the crime areWhere the effects of the crime are
feltfelt-- If the answer to any of the foregoing isIf the answer to any of the foregoing is
the country, then the proper court maythe country, then the proper court maytake cognizance of the cybercrime case.take cognizance of the cybercrime case.
Extra Extra - - Territorial Application of the Territorial Application of the
Proposed Cybercrime Prevention ActProposed Cybercrime Prevention Act
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 58/72
Proposed Cybercrime Prevention Act Proposed Cybercrime Prevention Act
JurisdictionJurisdiction
-- This is without prejudice to the filingThis is without prejudice to the filing
appropriate actions in courts/tribunals ofappropriate actions in courts/tribunals of
other countries which, under theirother countries which, under theirrespective laws, may properly acquirerespective laws, may properly acquire
jurisdiction . jurisdiction .
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 59/72
Joint Cybercrime Investigation UnitJoint Cybercrime Investigation Unit
((““JCIUJCIU””))
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 60/72
Composition of the JCIUComposition of the JCIU§§14, proposed bill:14, proposed bill:
1.1. National Bureau of InvestigationNational Bureau of Investigation – – AntiAnti--Fraud and Computer Crimes DivisionFraud and Computer Crimes Division
2.2. Centers for TransnationalCenters for Transnational
CrimeCrime3.3. National PoliceNational Police – – Crimes Investigation and DetectionCrimes Investigation and Detection
GroupGroup Headed by an Executive Director to be appointed byHeaded by an Executive Director to be appointed by
the respective member organizations.
(( JCIUJCIU ))
the respective member organizations.
Joint Cybercrime Investigation UnitJoint Cybercrime Investigation Unit((““JCIUJCIU””))
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 61/72
(( JCIUJCIU ))
Powers §§15, proposed bill:15, proposed bill:
1.1. Prepare/implementPrepare/implementmeasures to suppressmeasures to suppresscybercrimescybercrimes
2.2. Investigate & conduct infoInvestigate & conduct info
gathering activities togathering activities toidentify & prosecute cyberidentify & prosecute cyber--offendersoffenders
3.3. Effect searches/seizuresEffect searches/seizures
4.4. Refer cases to proper govRefer cases to proper gov’’ttagency for prosecutionagency for prosecution
5.5. Formulate programs for intFormulate programs for int’’ll
cooperation
6.6. Solicit/coordinate privateSolicit/coordinate private
sector participationsector participation
7.7. Recommend enactment ofRecommend enactment of
appropriate laws &appropriate laws &
measuresmeasures
§§29, proposed bill:29, proposed bill:
-- Formulate/implementFormulate/implement
special & continuingspecial & continuing
training course for lawtraining course for law
enforcersenforcers
cooperation
Enforcement & Implementation
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 62/72
Role of service providers (Role of service providers (§§17 & 19, proposed bill):17 & 19, proposed bill):
1.1. Preserve computer data & traffic record up toPreserve computer data & traffic record up to
a maximum period of 6 months from date ofa maximum period of 6 months from date of
transactiontransaction
-- 66--month period, extendible uponmonth period, extendible upon JCIUJCIU’’ss orderorder
(reasonable belief that the computer data may(reasonable belief that the computer data may
have been used in committinghave been used in committing cybercrimecybercrime))
2.2. Cooperate in the disclosure of computer data &Cooperate in the disclosure of computer data &
traffic record covered by a lawful courttraffic record covered by a lawful court order/writ,order/writ,and to keep confidential info regarding theand to keep confidential info regarding the
execution by JCIU of such court order/writexecution by JCIU of such court order/writ
Enforcement & Implementation
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 63/72
Search, Seizure, & Collection of Computer Data (Search, Seizure, & Collection of Computer Data (§§16, 18, &16, 18, &
19, proposed bill):19, proposed bill):
-- Can only be done by virtue of a court order/writ,Can only be done by virtue of a court order/writ,upon finding probable causeupon finding probable cause
-- JCIU, by virtue of a court order/writ, can requireJCIU, by virtue of a court order/writ, can require
a person/service provider to submit specifieda person/service provider to submit specifiedcomputer data & subscriber info, & to collect andcomputer data & subscriber info, & to collect and
record traffic data associated with specifiedrecord traffic data associated with specified
communicationscommunications
Enforcement & Implementation
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 64/72
Search, Seizure, & Collection of Computer Data (Search, Seizure, & Collection of Computer Data (§§16, 18, &16, 18, &
19, proposed bill):19, proposed bill):
-- JCIU can perform/require the following by virtue of aJCIU can perform/require the following by virtue of awarrant:warrant:
1. Conduct surveillance operations
2. Secure computer system/network or portions thereof
3. Make/retain copy of computer data secured
4. Maintain integrity of the relevant stored computer data
5. Remove/render in accessible those computer data inthe accessed computer system/network
International Cooperation International Cooperation ((§§22 to 26, proposed bill)22 to 26, proposed bill)
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 65/72
((§§ , p p ), p p )
Treaty/International Agreement (Treaty/International Agreement (§§22 to 26, proposed bill)22 to 26, proposed bill)
The government may undertakes to cooperate withThe government may undertakes to cooperate withother nations in the detection, investigation, &other nations in the detection, investigation, &
prosecution of cyberprosecution of cyber--crimes & also in the collection ofcrimes & also in the collection ofevidence relating thereto.evidence relating thereto.
-- Condition: Formal request for cooperation orCondition: Formal request for cooperation or
assistance, made by a duly authorizedassistance, made by a duly authorizedrepresentative of the foreignrepresentative of the foreign govgov’’tt pursuant to apursuant to atreaty/agreementtreaty/agreement
ReciprocityReciprocity In the absence of treaty/agreement, mutual assistanceIn the absence of treaty/agreement, mutual assistance
or cooperation shall be based on the principle ofor cooperation shall be based on the principle of
reciprocity.reciprocity.
International Cooperation International Cooperation (§22 to 26, proposed bill)
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 66/72
(§ , p p )
Grounds for refusal to cooperate:Grounds for refusal to cooperate:
1. Offence punishable under country1. Offence punishable under country’’s laws & courtss laws & courts
have acquired jurisdiction over the person of thehave acquired jurisdiction over the person of theaccusedaccused
2. Info requested is privileged/protected under2. Info requested is privileged/protected undercountrycountry’’s laws or that which affects nationals laws or that which affects nationalsecuritysecurity
3. Production of requested info, unreasonable3. Production of requested info, unreasonable
4. Requesting government has previously refused4. Requesting government has previously refused
similar request by requested government withoutsimilar request by requested government without justifiable reason justifiable reason
5. Prior breach by the requesting government5. Prior breach by the requesting government
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 67/72
--
Efforts to Combat CyberEfforts to Combat Cyber--crimescrimes
Innovative Practices to CombatInnovative Practices to Combat
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 68/72
CybercrimesCybercrimes AntiphishingAntiphishing JapanJapan
OnGuardOnGuard Online in the USOnline in the US Video Campaigns to educate consumersVideo Campaigns to educate consumers
International CooperationInternational Cooperation
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 69/72
pp
Council of Europe Convention on CyberCouncil of Europe Convention on Cyber--
crime criminalizes:crime criminalizes:•• Offenses against confidentiality, integrityOffenses against confidentiality, integrity
and availability of computer dataand availability of computer data
•• Computer related offenses like computerComputer related offenses like computerrelated forgeryrelated forgery
••
Content related offenses like childContent related offenses like child
pornography; andpornography; and
•• Copyright related offensesCopyright related offenses
International CooperationInternational Cooperation
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 70/72
p
The Asia Pacific Economic CooperationThe Asia Pacific Economic Cooperationendorses the following action items to combatendorses the following action items to combat
CyberCyber--crime:crime:•• Immediate enactment of substantive, proceduralImmediate enactment of substantive, procedural
and mutual assistance laws;and mutual assistance laws;
•• Making cyberMaking cyber--crime laws as comprehensive ascrime laws as comprehensive asthose proposed in the Council of Europe;those proposed in the Council of Europe;
•• Assistance between and among economies;Assistance between and among economies;
•• Security and Technical guidelines that can be usedSecurity and Technical guidelines that can be usedby governments and corporationsby governments and corporations vsvs cybercrimecybercrime
•• Outreach programs to economies and consumersOutreach programs to economies and consumersregarding cyberregarding cyber--security and cyber ethicssecurity and cyber ethics
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 71/72
8/6/2019 Cyber Crim
http://slidepdf.com/reader/full/cyber-crim 72/72
@@
Thank YouThank You