2. Cybercrime
Definition
Susan Brenner Professor of Law at the University of Dayton, U.S.
The use of a computer to achieve illegal ends
Sherridan Morris Senior Research Officer at the Home Office, U.K.
Criminal or otherwise malicious activity utilising or directed towards the
Internet and/or information technology applications
Smith, Grabosky & Urbas Australian Institute of Criminology, Australian National University
Involves the use of digital technologies in the commission of the offence; or
Is directed at computing and communications technologies themselves; or
Is incidental to the commission of other crimes
3. Cybercrime
Instrument
Computer
A programmable electronic machine that performs automatic high-speed
mathematical or logical operations or that assembles, stores, correlates, or
otherwise processes information
Computer Systems
A system of one or more computers and associated software with common
storage
4. Cybercrime
Instrument
Information Technology
« The study, design, development, implementation, support or
management of computer-based information systems, particularly
software applications and computer hardware »
Information Technology Association of America
Information and Communication Technologies
An umbrella term that includes all technologies for the
communication of information
6. Cybercrime
1. Target
3 fundamental principles
• Integrity: data that has not been altered in an unauthorized
manner
• Availability: the accessibility of a computer or a network
• Confidentiality: data is not to be disclosed to those who are not
authorised to receive it
7. Cybercrime
1. Target
Malware: a malevolent software program deliberately created to
perform an unauthorized and often harmful action
• Viruses: A computer program that is designed to replicate itself
by copying itself into the other programs stored in a computer
• Worms: A destructive computer program that copies itself over
and over until it fills all of the storage space on a computer's
hard drive or on a network
• Trojans: A program that appears desirable but actually contains
something harmful
8. Cybercrime
1. Target
Other Malware: adware, spyware, rootkits
Hardware theft: physical devices such as computers,
components, multi media portable devices such as mobile
phones and personal assistants, cables
Service theft: wifi-spoofing/mooching, piggybakcing, war driving
Critical Information Infrastructure Attacks:
infrastructure associated with national security and with the
economic and social welfare of a nation
9. Cybercrime
2. Intermediairy
Property Crime
• Phishing: An activity which attempts to subtract sensitive and
personal information from a user by deceiving him.
• Botnets: A group of computers remotely controlled through an
application (bot) installed on an unprotected computer.
• ID Theft: Theft of personal and sensitive information about an
inidivdual.
11. Cybercrime
2. Intermediairy
Political Crime
• Political espionnage
• Sabotage
• Information Warfare
• Hacktivism
• Cyber attacks such as Critical Infrastructure Attacks
• Cyber terrorism (online training and propaganda)
12. Cybercrime
2. Intermediairy
• cyber stalking
• harassment
• hate speech
• sites displaying racial and
xenophobic content
• child pornography
• hooliganism
• vandalism
• moral offences relating to
cultural values
• fraud
• forgery
• extortion
Personal Crime
14. Legislation
OECD
• 1983: research in criminal law problems of computer
related crimes
• 1992: Guidelines for the Security of Information Systems
G8
• 1997: Subgroup of High-Tech Crime
15. Legislation
OAS
• 1999: established a group of governmental experts on
cybercrime
APEC
• 2002: commitment to enact a comprehensive set of laws
relating to cybersecurity and cybercrime
ASEAN & China
• 2003: plan of action in 2003 to formulate cooperative and
emergency response procedures for enhancing
cybersecurity and combating cybercrime
16. Legislation
United Nations
• 1998 -2000: resolutions on Developments in the Field of
Information and Telecommunications in the Context of
International Security
• 2003: resolutions on Combating the Criminal Misuse of
Information Technology & on the Creation of a Global
Culture of Cybersecurity
17. Legislation
European Union
• 2003 - 2005: Council Framework Decision on attacks
against information systems
Commonwealth
• 2002: Model Law on Computer and Computer Related
Crime
Council of Europe
• 2001: Convention on Cybercrime
18. Legislation
Convention on Cybercrime
• Binding International Treaty
• Signed by 43 countries
• Ratified by 21
• substantive criminal law, procedural law, including
investigation and prosecution, jurisdiction and
international cooperation
19. Legislation
Convention on Cybercrime
• Very political since drafted by Western Democracies
(namely US & Europe)
• Heavy critiques regarding privacy rights & excessive
interference by state authorities
• Beyond scope of cybercrime: fraud, forgery, IP
infringements, child pornography
20. International Telecommunication Union
The Global Cybersecurity Agenda and Goal of a Model Cybercrime Law
5 Work Areas:
– Legal Measures
– Technical and Procedural Measures
– Organizational Structures
– Capacity Building
– International Cooperation
Legal Measures
The elaboration of strategies for the development of a model cybercrime legislation
that is globally applicable and interoperable with existing national and regional
legislative measures.
21. ITU Mandate
• Endorsed in 2001 by the UN General Assembly
Resolution 56/183
• Organizing agency: International Telecommunication
Union
• ITU mandated as the sole facilitator for Action Line C5
“Building confidence and security in the use of ICTs”
22. ITU
Outcomes
• Global Strategic Report
– General recommendations and proposals
• Understanding Cybercrime Guide
– Description of types of cybercrime
• Toolkit for Cybercrime Legislation
– Model law / sample language
23. Conclusions
Is international legislation possible?
Difficulty at UN level due to unique nature of
cybercrime and political tensions
Other solutions? Leads from similar cases –
Intellectual Property / International
Commerce