international security measures in cyberspace

Cybercrime Page: 1

INTERNATIONAL SECURITY MEASURES IN CYBERSPACE Indonesia Information Security Forum 10.10.2012, Bandung, Indonesia Prof. Dr. Marco Gercke

Cybercrime

WHAT ARE CYBER SECURITY MEASURES

Page: 2

BRINGING CYBER SECURITY AND CYBERCRIME INTO CONTEXT

Cybercrime

CYBERCRIME / CYBERSECURITY

•  Cybersecurity is broader than just Cybercrime

•  If a government employee accidentally drops an external storage device with important data that were not included in backup-plans it is a serious Cybersecurity incident – but not a crime

•  Based on the ITU Global Cybersecurity Agenda (GCA) it is possible to divide between 5 different pillars related to Cybersecurity (legal measures, technical and procedural measures, organizational structures, capacity building and international cooperation

Page: 3

Legal M

easures

Components of Cybersecurity Strategy (based on ITU GCA)

Techn. / Proced. M

easures

Organizational Structures

Capacity B

uilding

International Cooperation

Cybercrime


•  Within all pillars Cybercrime needs to be addressed

•  In some pillars (such as international cooperation) Cybercrime may even be the dominant part (international cooperation in Cybercrime investigations)

•  The same is relevant with regard to legal measures. Cybercrime legislation is in many country the most complex part of a Cybersecurity legal framework

•  But it is important to always keep in mind that in each pillar other issues will need to be addressed.

Page: 4

Legal M

easures


Techn. / Proced. M

easures


Capacity B

uilding


Cybercrime


•  And it is important to see that some components are not solely related to Cybercrime

•  Example: CERT

•  Preventing Cybercrime, analysing trends related to Cybercrime, development of tools in the fight against Cybercrime, capacity building and support of law enforcement agencies in fighting Cybercrime can be important tasks for a cert

•  But not all work of a CERT will be related to Cybercrime

Page: 5

Legal M

easures


Techn. / Proced. M

easures


Capacity B

uilding


CERT

Cybercrime page: 6

GLOBAL STANDARDS

TCP/IP

•  The Internet uses globally applicable technical standards

•  Whoever does not apply the global standards is in most cases excluded from using the network

•  With regard to Cybersecurity there is a lack in applying global standards

Page: 7 Cybercrime

Picture removed in print version Bild zur Druckoptimierung entfernt

IOL News 2011

Cybercrime page: 8

WHAT IS COMPUTER CRIME AND CYBERCRIME


Source: Wikipedia with ref to B. Bertram

Cybercrime page: 9

198oth

•  Increasing use of personal computers

•  Lead to an increase in the potential number of targets

•  First cases of software piracy

•  In addition malicious software was more frequently produced and distributed

Cybercrime Seite: 10

198oth - HISTORY OF VIRUSES

•  1982 the “Elk Cloner” virus was created (by Rich Skrenta). Designed for Apple OS

•  1986 “Brain Virus” was identified. Virus was designed for MS-DOS

•  1986 the the file virus “Virdem” followed

•  1990 the first polymorph virus attack “Tequila” was started


Example


198oth- MATH VIRUS

•  „Math virus“ stopped the computer after 30 steps and displays a simple addition or subtraction questions

•  Execution of the program is denied unless the correct answer is given by the user


Math Virus


198oth – WALKER VIRUS

•  Relatively harmless virus

•  Walker virus: Displays occasionally an animation


Walker Virus


Source: Wikipedia with ref. to Cailliau

Cybercrime page: 13

199oth

•  Introduction of the graphical user interface WWW (World Wide Web) in the 1990th lead to an increasing popularity of the network

•  It became easier to use the services offered

•  In addition it enabled the spreading of pictures, audio and video

•  In addition the Internet eased transnational communication

•  Went along with several challenges for law enforcement


1990th - VIRUS

•  While in the 1980th the speed of the distribution was limited due to the distribution by physical data storage media exchange it was less limited with the intensive use of the Internet


Example

Cybercrime page: 15

ACTIVITIES OF REG. AND INT. ORGANIZATIONS

RELATED TO CYBERCRIME


COMMONWEALTH MEMBER STATES

COMMONWEALTH OF NATIONS

•  The Commonwealth of Nations is a voluntary association of sovereign states

•  Currently 53 associated states

•  In 2002 the Commonwealth presented a model law on Cybercrime that provides a legal framework to address Cybercrime

•  The model law was intentionally drafted in accordance with the Convention on Cybercrime

Page: 16 Gercke, Cybercrime


ECOWAS MEMBER STATES

ECONOMIC COMMUNITY OF WEST AFR.

•  The Economic Community of West African States is a regional group of west African Countries

•  Founded in 1975 it has currently fifteen member states

•  In 2009 ECOWAS adopted the Directive on Fighting Cybercrime in ECOWAS that provides a legal framework for the member states

•  Directive includes substantive criminal law as well as procedural law


EAST AFRICAN COMMUNITY

•  5 Member states (Kenya, Uganda, Tanzania, Burundi, Rwanda)

•  Within the framework of an update of ICT legislation (EAC Legal Framework for Cyberlaws) EAS also addressed the issues of Cybercrime

•  Provisions dealing with the criminalisation of certain conduct became part of the draft legislation



EAC MEMBER STATES


EUROPEAN UNION

EUROPEAN UNION

•  The European Union is a political Union of 27 member states

•  One of the mandate of the EU is to harmonise legislation in selected areas

•  It has adopted several Framework Decision and Directives to harmonise the legislation with regard to Cybercrime

•  The 27 member states are obliged to implement the legislation within the given time period


EUROPEAN COMMUNITY / UNION

Page: 20 Cybercrime

98 97 99 00 01 02 04 03 05 06 07 08 09 10 10 11

Communication harmful content

Action plan harmful content

eEurope Action Plan

Safer Information Society General Policy Cybercrime

Counc. D. Child Pornography

FD Combating Fraud

FD Child Pornography

FD Attacks Information Systems

Dir. Data Retention

Amendment FD Terrorism

Draft Directive Child Pornography

Draft Directive Attacks Information Systems


COUNCIL OF EUROPE

COUNCIL OF EUROPE

•  Council of Europe is an international organisation focusing on the European integration

•  47 member states

•  Convention on Cybercrime (2001)

•  First addition protocol to the Convention on Cybercrime (2003)

•  Convention on the protection of children against sexual exploitation and sexual abuse (2007)



UNITED NATIONS ORGANISATION

UNITED NATIONS

•  United Nations Organisation is an international organisation (192 member states)

•  In 1990 the UN GA adopted a resolution dealing with computer crime legislation

•  In 2000 the UN GA adopted a resolution on combating the criminal misuse of information technology

•  In 2002 the UN GA adopted a second resolution on the criminal misuse of information technology


Cybercrime page: 23

Substantive Criminal Law

Illeg

al A

cces

s to

a C

ompu

ter

Illeg

al R

emai

ning

in a

Com

pute

r

Syst

em In

terf

eren

ce

Illeg

al In

terc

eptio

n

Illeg

al A

cces

s to

Com

pute

r D

ata

Illeg

al D

ata

Inpu

t

Illeg

al A

quis

ition

of C

omp.

Dat

a

Illeg

al D

ata

Inte

rfer

ence

Illeg

al U

se o

f Dat

a

Viol

atio

n of

Dat

a Pr

otec

tion

Regu

l.

Illeg

al D

evic

es /

Mis

use

of D

evic

es

Com

pute

r-re

late

d Fr

aud

Com

pute

r-re

late

d Fo

rger

y

Inde

cent

Mat

eria

l

Porn

ogra

phy

Child

Por

nogr

aphy

Solic

itatio

n of

Chi

ldre

n

Dis

sem

inat

ion

of R

acis

tic M

ater

ial

Iden

tity-

rela

ted

Crim

e

SPAM

Thre

at a

nd H

aras

smen

t

Dis

clos

ure

of a

n In

vest

igat

ion

Copy

righ

t Vio

latio

n

Viol

atio

n of

Sec

recy

CoE Cybercrime Convention (2001) ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ CoE Convention Protection Children (2007) ✔ ✔

EU FD Non-Cash Payment (2001) ✔ ✔

EU FD Child Pornography (2003) ✔

EU FD Attacks Information Systems (2005) ✔ ✔ ✔

EU DI Child Pornography (2011) ✔ ✔

EU Draft DI Attacks Information S. (2011) ✔ ✔ ✔ ✔ ✔

Draft African Union Convention (2011) ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔

Commonwealth Model Law (2002) ✔ ✔ ✔ ✔ ✔ ✔ HIPCAR Cybercrime Model Law (2010) ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔

UN MEMBER STATES

Page: 24 Cybercrime

UN MEMBER STATES

Page: 25 Cybercrime

COE MEMBER STATES

Page: 26 Cybercrime

COE MEMBER STATES

Page: 27 Cybercrime

WHO WAS INVITED TO DRAFT ?

COE MEMBER STATES

Page: 28 Cybercrime

IMPLEMENTATION 10 YEARS

Cybercrime page: 29

BRINGING LEGISLATION INTO CONTEXT

COMPONENTS

Page: 30 Cybercrime


Procedural Law


Convention on Cybercrime

COMPONENTS

Page: 31 Cybercrime

Cybe

rcri

me

Polic

y

Nat

iona

l Cyb

erse

curi

ty

Stra

tegy

Tech

nolo

gy,

CERT

, ....

Crim

inal

La

w

Crim

e Pr

even

tion,

Te

chno

logy


Procedural Law


Electronic Evidence

Liability of ISPs Trai

ned

Inve

stig

ator

s

Equi

ptm

ent

Trai

ning

Cybercrime Page: 32

Prof. Dr. Marco Gercke

Niehler Str. 35

D-50733 Cologne, Germany

[email protected]

www.cybercrime-institute.com

international security measures in cyberspace

Technology