Cybercrime: New Threat and Global Response · 2011. 4. 11. · Use computer networks to take over...
Transcript of Cybercrime: New Threat and Global Response · 2011. 4. 11. · Use computer networks to take over...
Cybercrime:Cybercrime:
New Threat and Global ResponseNew Threat and Global Response
Department on New Challenges and Threats
Сhernukhin Ernest
First Secretary – MFA Russia
Expert Group on Cybercrime
Vienna, 17-21 January 2011
What are the recent developments?What are the recent developments?
((Documents Documents ))
19 United Nations Commission on Crime 19 United Nations Commission on Crime
Prevention and Criminal Justice (CCPCJ) Prevention and Criminal Justice (CCPCJ)
ResolutionResolution on on CybercrimeCybercrime ((Vienna, 12Vienna, 12--19 19
May 2010)May 2010)
12 United Nations Congress on Crime 12 United Nations Congress on Crime
Prevention and Criminal Justice ResolutionPrevention and Criminal Justice Resolution
on on CybercrimeCybercrime ((Brazil, 12Brazil, 12--19 April 2010)19 April 2010)
UN CounterUN Counter--Terrorism Implementation Task Terrorism Implementation Task
Force Report Force Report ““On the use of Internet for On the use of Internet for
Terrorist PurposesTerrorist Purposes”” (New(New--York, February York, February
2009)2009)
What are the recent developments?What are the recent developments?
((Documents Documents ))
International Narcotics Control Board International Narcotics Control Board
(INCB) Recommendations (INCB) Recommendations oon Internet n Internet
misuse in illegal drug traffickingmisuse in illegal drug trafficking
(Vienna, 26 November 2008)(Vienna, 26 November 2008)
Draft International Telecommunication
Union Toolkit for Cybercrime legislation
(Geneva, 2007)
Draft International Telecommunication Draft International Telecommunication
Union Toolkit fUnion Toolkit foorr CybercrimeCybercrime legislation legislation
((Geneva, 2007)Geneva, 2007)
International Telecommunication Union
Agenda on Global Cybersecurity
(Geneva, 16 November 2007)
International Telecommunication Union International Telecommunication Union
Agenda on Global CybersecurityAgenda on Global Cybersecurity
(Geneva, 16 November 2007)(Geneva, 16 November 2007)
What are the recent developments?What are the recent developments?
(Events)(Events)
12 United Nations Congress on Crime Prevention and 12 United Nations Congress on Crime Prevention and
Criminal Justice Criminal Justice ((Brazil, 12Brazil, 12--19 April 2010)19 April 2010)
The OSCE expert workshop on CybersecurityThe OSCE expert workshop on Cybersecurity
(Vienna, 17(Vienna, 17--18 March 2009)18 March 2009)
The Council of Europe The Council of Europe ““Octopus InterfaceOctopus Interface””
Conference on Conference on ““ Cooperation against CybercrimeCooperation against Cybercrime””
(Strasbourg, 23(Strasbourg, 23--26 March 2010)26 March 2010)
19 United Nations Session on Crime Prevention and 19 United Nations Session on Crime Prevention and
Criminal Justice Criminal Justice ((Vienna, 12Vienna, 12--19 May 2010)19 May 2010)
What are the challenges of cybercrime?What are the challenges of cybercrime?
� Uncertainty of extent (absence of reliable information about
the extent of the problem and financial losses, as well as about
arrests, prosecutions and convictions)
� Uncertainty of extent (absence of reliable information about
the extent of the problem and financial losses, as well as about
arrests, prosecutions and convictions)
�Transnational dimension (difficulties for investigating)�Transnational dimension (difficulties for investigating)
� Differences in national legal approaches (preventing safe
havens for criminals – a key aspect of preventing cybercrime)
� Differences in national legal approaches (preventing safe
havens for criminals – a key aspect of preventing cybercrime)
� Organized crime (use of IT by traditional organized
criminal groups and organized crime groups focusing on
committing cybercrime)
� Organized crime (use of IT by traditional organized
criminal groups and organized crime groups focusing on
committing cybercrime)
What is the response to cybercrime?What is the response to cybercrime?
� Legislation
Due to limited reach of existing regional legal instruments
there is necessity at the global level to harmonize
legislation on cybercrime
� Law enforcement
Depends on the availability of investigation tools like
forensic software, management software or databases
� Capacity-building
Cybercrime is an issue not only for developed countries,
but also for developing countries
� Training
Important to provide training to law enforcement officers,
prosecutors and judges
What are the new high-tech forms of
committing cybercrime?
� “Phishing”
� “Botnet attacks”
� Digital piracy
� Malicious spreading of viruses
� Attacks of criminal groups on critical
information infrastructure
� Hacking
Web serverWeb server
BOTBOT--netnetBBОТОТ--netnet
BOTBOT--netnet
DDoSDDoS--attattааck scheme onck scheme on InternetInternet--serverserver
Use of computer networks by cybercriminals Use of computer networks by cybercriminals
and cyberterroristsand cyberterrorists
ComputerComputer
as a as a targettarget
ComputerComputer
as a as a tooltool
Why do terrorists turn to cyberattacks?Why do terrorists turn to cyberattacks?
To instill fear and shape public opinion with only small teams To instill fear and shape public opinion with only small teams
and minimal fundsand minimal funds
To be far away, making borders and other physical barriers To be far away, making borders and other physical barriers
irrelevantirrelevant
To cloak their true identities and locations, choosing to To cloak their true identities and locations, choosing to
remain anonymous or pretending to be someone elseremain anonymous or pretending to be someone else
To amplify the effect of other attacksTo amplify the effect of other attacks
What Are Their Aims?What Are Their Aims?
To spread havoc and cause enough harm to generate fear To spread havoc and cause enough harm to generate fear
To inflict death to a large scaleTo inflict death to a large scale
To cause mass destructionTo cause mass destruction
To compel a government or an international organisation to To compel a government or an international organisation to
do or to abstain from doing any actdo or to abstain from doing any act
CYBERTERRORISMCYBERTERRORISM
-- intentional use or threat of use of electronic information
systems for the perpetration of terrorist acts inspired by
certain motives (e.g., political, ideological or religious)
with the aim to cause death or serious bodily injury,
serious material damage, create a state of fear, compel a
government or an international organization to do or to
abstain from doing any act.
How Do They Achieve Their Aims?How Do They Achieve Their Aims?
Remotely disrupt the information technology underlying the Remotely disrupt the information technology underlying the
Internet, government computer networks, critical civilian Internet, government computer networks, critical civilian
systems such as financial networks or mass media; or systems such as financial networks or mass media; or
telephone switching equipmenttelephone switching equipment
Use computer networks to take over machines that control Use computer networks to take over machines that control
traffic lights, power plants, or dams in order to wreak havoc traffic lights, power plants, or dams in order to wreak havoc
Destroy the banks files by using anything from logic bombs to Destroy the banks files by using anything from logic bombs to
electromagnetic pulses and highelectromagnetic pulses and high--emission radio frequency emission radio frequency
gunsguns
Block emergency communications or cutting off electricity or Block emergency communications or cutting off electricity or
waterwater
How Do They Achieve Their Aims?How Do They Achieve Their Aims?
Remotely hijack control systems, with potentially dire Remotely hijack control systems, with potentially dire
consequences: breaching dams, colliding airplanesconsequences: breaching dams, colliding airplanes
Hack into a hospital computer system and changing Hack into a hospital computer system and changing
someone's medicine prescription to a lethalsomeone's medicine prescription to a lethal ddosage osage
Identify and recruit potential members of terrorist groups, Identify and recruit potential members of terrorist groups,
collect and transfer funds, organize terrorist acts, as well as collect and transfer funds, organize terrorist acts, as well as
to incite terrorist actions, including through the use of to incite terrorist actions, including through the use of
propaganda; shutting down the power grid propaganda; shutting down the power grid
What Will We Have in The Nearest Future?
Next generation of terroristsNext generation of terrorists
More powerful and easyMore powerful and easy--toto--use hacking tools at their disposal use hacking tools at their disposal
Greater potential for cyberterrorism than the terrorists of Greater potential for cyberterrorism than the terrorists of
today today
Greater level of knowledge and skill relating to hacking Greater level of knowledge and skill relating to hacking
What Sectors of Critical Infrastructure Are What Sectors of Critical Infrastructure Are
Potentially Vulnerable to Cyberterrorist Attacks?Potentially Vulnerable to Cyberterrorist Attacks?
energyenergyinformation, communication information, communication
technologies, ICTtechnologies, ICTwater water
food food health health financial public and legal public and legal
order and safetyorder and safety
civil civil
administration administration transport
space and space and
researchresearch
chemical and nuclear
industry
What legal basis do we have today? What legal basis do we have today?
Council of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on Cybercrimemost important international legal instrument aimed at most important international legal instrument aimed at most important international legal instrument aimed at most important international legal instrument aimed at most important international legal instrument aimed at most important international legal instrument aimed at most important international legal instrument aimed at most important international legal instrument aimed at
combating crime against computer securitycombating crime against computer securitycombating crime against computer securitycombating crime against computer securitycombating crime against computer securitycombating crime against computer securitycombating crime against computer securitycombating crime against computer security
Council of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on CybercrimeCouncil of Europe Convention on Cybercrimeone of the first attempts to codify the rules for combating one of the first attempts to codify the rules for combating one of the first attempts to codify the rules for combating one of the first attempts to codify the rules for combating one of the first attempts to codify the rules for combating one of the first attempts to codify the rules for combating one of the first attempts to codify the rules for combating one of the first attempts to codify the rules for combating
cybercrime, which is an especially dangerous cybercrime, which is an especially dangerous cybercrime, which is an especially dangerous cybercrime, which is an especially dangerous cybercrime, which is an especially dangerous cybercrime, which is an especially dangerous cybercrime, which is an especially dangerous cybercrime, which is an especially dangerous phenomenon owing to its scale and consequences for phenomenon owing to its scale and consequences for phenomenon owing to its scale and consequences for phenomenon owing to its scale and consequences for phenomenon owing to its scale and consequences for phenomenon owing to its scale and consequences for phenomenon owing to its scale and consequences for phenomenon owing to its scale and consequences for
national and international securitynational and international securitynational and international securitynational and international securitynational and international securitynational and international securitynational and international securitynational and international security
Is Convention enough to
respond effectively to the new
dynamic challenges in the
computer sphere?
NONO
-- The notions of cybercrime and cyberterrorism have not been The notions of cybercrime and cyberterrorism have not been
codified yet, and its components, in their entirety, have not codified yet, and its components, in their entirety, have not
been criminalized at the international levelbeen criminalized at the international level
-- There is no definition of terrorist intentions, without which There is no definition of terrorist intentions, without which
criminal sanctions would hardly commensurate with the criminal sanctions would hardly commensurate with the
terrorist threat of this criminal actterrorist threat of this criminal act
-- Convention on Cybercrime does not provide any systematic Convention on Cybercrime does not provide any systematic
response to the new challenge of cyberterrorismresponse to the new challenge of cyberterrorism
-- Convention on Cybercrime does not provide any systematic Convention on Cybercrime does not provide any systematic
response to the new trends of cybercrimeresponse to the new trends of cybercrime
-- Convention on Cybercrime does not incorporate provisions Convention on Cybercrime does not incorporate provisions
excluding fully impunity of a person, who has committed an excluding fully impunity of a person, who has committed an
illegal actillegal act
-- Responses to the threat of cyberterrorism could not be Responses to the threat of cyberterrorism could not be
found through the combined application of the Council of found through the combined application of the Council of
Europe conventions on Cybercrime (2001) and on the Europe conventions on Cybercrime (2001) and on the
Prevention of Terrorism (2005)Prevention of Terrorism (2005)
What Can We Suggest to Fill This Gap?What Can We Suggest to Fill This Gap?
First, to encourage the First, to encourage the international community to international community to
establish a comprehensive international legal establish a comprehensive international legal
instrument against the use of cyberspace by instrument against the use of cyberspace by
terrorists, including through closing everywhere the terrorists, including through closing everywhere the
moving webmoving web--sites of international terrorist groupssites of international terrorist groups, ,
criminalize cyberterrorismcriminalize cyberterrorism
Second, to work with other countries, Second, to work with other countries,
international groups, international groups, private sectorprivate sector to develop to develop
comprehensive and global plans for addressing comprehensive and global plans for addressing
the complex and challenging legal issues raised the complex and challenging legal issues raised
by unlawful conduct in the cyberspaceby unlawful conduct in the cyberspace
What could be the possible structure of
the UN Convention on cybercrime?
• Preamble
• I. General provisions
• II. Preventive measures on cybercrime
• III. Criminalization, incl. establishing of jurisdiction
and prosecution
• IV. Law enforcement
• V. International cooperation
• VI. Technical assistance and information exchange
• VII. Mechanisms for implementation
What is the purpose of the UN
Convention on Cybercrime?
• Promote and strengthen measures to prevent
and combat cybercrime more efficiently and
effectively
• Promote, facilitate and support international
cooperation and technical assistance in the
providing of an adequate response to all
criminal challenges in the computer sphere
What could be the scope of application
of the UN Convention on Cybercrime?
• This Convention shall apply, to the prevention,
investigation and prosecution of:
• criminal attempt on the computer systems and
databases; and
• using the computer systems or databases with the
intent to commit criminal offence, incl. covering
such offences established in accordance with the
UN counter terrorism and drug Conventions, as
well as UNCATOC.
Obligatory incorporated
provisions
• Fix the fundamental principle of the protection of
the state sovereignty (for example based on the
article 4, pp. 1 and 2 of the UNCAC)
• confirm the principle “aut dedere aut judicare”
with a view to bring an alleged offender to justice
• confirm the rule “excluding fully impunity of a
person, who has committed an illegal act”
• Stress the importance of state-business partnership
by elaborating the codes of conduct for private
sector
Obligatory incorporated
provisions
• Apply innovative mechanisms – “24/7
Network” – to respond effectively and more
flexible to the new dynamic challenges of
cyberthreat
Pending issues
• Asset recovery
• Cyberterrorism
• Using the provisions of the Convention on
cybercrime of COE (for example Chapters
I and II)
Thank youThank you