International cybercrime
There is no commonly agreed single definition of “cybercrime”. It refers to illegal internet-mediated activities that often take place in global electronic networks.[1] Cybercrime is "international" or "transnational" – there are ‘no cyber-borders between countries'.[2] International cybercrimes often challenge the effectiveness of domestic and international law, and law enforcement. Because existing laws in many countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes on the Internet in order to take advantages of the less severe punishments or difficulties of being traced. No matter, in developing or developed countries, governments and industries have gradually realized the colossal threats of cybercrime on economic and political security and public interests. However, complexity in types and forms of cybercrime increases the difficulty to fight back. In this sense, fighting cybercrime calls for international cooperation. Various organizations and governments have already made joint efforts in establishing global standards of legislation and law enforcement both on a regional and on an international scale. China–United States cooperation is one of the most striking progress recently, because they are the top two source countries of cybercrime.
Information and communication technology (ICT) plays an important role in helping ensure interoperability and security based on global standards. General countermeasures have been adopted in cracking down cybercrime, such as legal measures in perfecting legislation and technical measures in tracking down crimes over the network, Internet content control, using public or private proxy and computer forensics, encryption and plausible deniability, etc.[2] Due to the heterogeneity of law enforcement and technical countermeasures of different countries, this article will mainly focus on legislative and regulatory initiatives of international cooperation.
Typology
In terms of cybercrime, we may often associate it with various forms of Internet attacks, such as hacking, Trojans, malware (keyloggers), botnet, Denial-of-Service (DoS), spoofing, phishing, and vishing. Though cybercrime encompasses a broad range of illegal activities, it can be generally divided into five categories:
Intrusive Offenses
Illegal Access: “Hacking” is one of the major forms of offenses that refers to unlawful access to a computer system.
Data Espionage: Offenders can intercept communications between users (such as e-mails) by targeting communication infrastructure such as fixed lines or wireless, and any Internet service (e.g., e-mail servers, chat or VoIP communications).
Data Interference: Offenders can violate the integrity of data and interfere with them by deleting, suppressing, or altering data and restricting access to them.
Content-related offenses
Pornographic Material (Child-Pornography): Sexually related content was among the first content to be commercially distributed over the Internet.
Racism, Hate Speech, Glorification of Violence: Radical groups use mass communication systems such as the Internet to spread propaganda.
Religious Offenses: A growing number of websites present material that is in some countries covered by provisions related to religious offenses, e.g., anti-religious written statements.
Spam: Offenders send out bulk mails by unidentified source and the mail server often contains useless advertisements and pictures.
Copyright and trademark-related offenses
Common copyright offenses: cyber copyright infringement of software, music or films.
Trademark violations: A well-known aspect of global trade. The most serious offenses include phishing and domain or name-related offenses, such as cybersquatting.
Computer-related offenses
Fraud: online auction fraud, advance fee fraud, credit card fraud, Internet banking
Forgery: manipulation of digital documents.
Identity theft: It refers to stealing private information including Social Security Numbers (SSN), passport numbers, Date of birth, addresses, phone numbers, and passwords for non-financial and financial accounts.
Combination offenses
Cyberterrorism: The main purposes of it are propaganda, information gathering, preparation of real-world attacks, publication of training material, communication, terrorist financing and attacks against critical infrastructure.
Cyberwarfare: It describes the use of ICTs in conducting warfare using the Internet.
Cyberlaundering: Conducting crime through the use of virtual currencies, online casinos etc.[3]
Threats
Similar to conventional crime, economic benefits, power, revenge, adventure, ideology and lust are the core driving forces of cybercrime. Major threats caused by those motivations can be categorized as following:
Economic security, reputation and social trust are severely challenged by cyber fraud, counterfeiting, impersonation and concealment of identity, extortion, electronic money laundering, copyright infringement and tax evasion.
Public interest and national security is threatened by dissemination of offensive material —e.g., pornographic, defamatory or inflammatory/intrusive communication— cyber stalking/harassment, Child pornography and paedophilia, electronic vandalism/terrorism.
Privacy, domestic and even diplomatic information security are harmed by unauthorized access and misuse of ICT, denial of services, and illegal interception of communication.[4]
Domestic, as well as international security are threatened by cybercrime due to its transnational characteristic. No single country can really handle this big issue on their own. It is imperative for us to collaborate and defend cybercrime on a global scale.[3]
International trends
As more and more criminals are aware of potentially large economic gains that can be achieved with cybercrime, they tend to switch from simple adventure and vandalism to more targeted attacks, especially platforms where valuable information highly concentrates, such as computer, mobile devices and the Cloud. There are several emerging international trends of cybercrime.
- Platform switch: Cybercrime is switching its battle ground from Windows-system PCs to other platforms, including mobile phones, tablet computers, and VoIP. Because a significant threshold in vulnerabilities has been reached. PC vendors are building better security into their products by providing faster updates, patches and user alert to potential flaws. Besides, global mobile devices’ penetration—from smart phones to tablet PCs—accessing the Internet by 2013 will surpass 1 billion, creating more opportunities for cybercrime. The massively successful banking Trojan, Zeus is already being adapted for the mobile platform. Smishing, or SMS phishing, is another method cyber criminals are using to exploit mobile devices, which users download after falling prey to a social engineering ploy, is designed to defeat the SMS-based two-factor authentication most banks use to confirm online funds transfers by customers. VoIP systems are being used to support vishing (telephone-based phishing) schemes, which are now growing in popularity.
- Social engineering scams: It refers to a non-technical kind of intrusion, in the form of e-mails or social networking chats, that relies heavily on human interaction and often involves fooling potential victims into downloading malware or leaking personal data. Social engineering is nevertheless highly effective for attacking well-protected computer systems with the exploitation of trust. Social networking becomes an increasingly important tool for cyber criminals to recruit money mules to assist their money laundering operations around the globe. Spammers are not only spoofing social networking messages to persuade targets to click on links in emails — they are taking advantage of users’ trust of their social networking connections to attract new victims.
- Highly targeted: The newest twist in "hypertargeting" is malware that is meant to disrupt industrial systems — such as the Stuxnet network worm, which exploits zero-day vulnerabilities in Microsoft. The first known copy of the worm was discovered in a plant in Germany. A subsequent variant led to a widespread global outbreak.[5]
- Dissemination and use of malware: malware generally takes the form of a virus, a worm, a Trojan horse, or spyware. In 2009, the majority of malware connects to host Web sites registered in the U.S.A. (51.4%), with China second (17.2%), and Spain third (15.7%). A primary means of malware dissemination is email. It is truly international in scope.
- Intellectual property theft (IP theft): It is estimated that 90% of the software, DVDs, and CDs sold in some countries are counterfeit, and that the total global trade in counterfeit goods is more than $600 billion a year. In the USA alone, IP theft costs businesses an estimated $250 billion annually, and 750,000 jobs.[6]
International legislative responses and cooperation
International responses
G8
Group of Eight (G8) is made up of the heads of eight industrialized countries: the U.S., the United Kingdom, Russia, France, Italy, Japan, Germany, and Canada.
In 1997, G8 released a Ministers' Communiqué that includes an action plan and principles to combat cybercrime and protect data and systems from unauthorized impairment. G8 also mandates that all law enforcement personnel must be trained and equipped to address cybercrime, and designates all member countries to have a point of contact on a 24 hours a day/7 days a week basis.[1]
United Nations
In 1990 the UN General Assembly adopted a resolution dealing with computer crime legislation. In 2000 the UN GA adopted a resolution on combating the criminal misuse of information technology. In 2002 the UN GA adopted a second resolution on the criminal misuse of information technology.[7]
ITU
The International Telecommunication Union (ITU), as a specialized agency within the United Nations, plays a leading role in the standardization and development of telecommunications and cybersecurity issues. The ITU was the lead agency of the World Summit on the Information Society (WSIS).
In 2003, Geneva Declaration of Principles and the Geneva Plan of Action were released, which highlights the importance of measures in the fight against cybercrime.
In 2005, the Tunis Commitment and the Tunis Agenda were adopted for the Information Society.
Council of Europe
Council of Europe is an international organisation focusing on the development of human rights and democracy in its 47 European member states.
In 2001, the Convention on Cybercrime, the first international convention aimed at Internet criminal behaviors, was co-drafted by the Council of Europe with the addition of USA, Canada, and Japan and signed by its 46 member states. But only 25 countries ratified later. [8] It aims at providing the basis of an effective legal framework for fighting cybercrime, through harmonization of cybercriminal offenses qualification, provision for laws empowering law enforcement and enabling international cooperation.
Regional responses
APEC
Asia-Pacific Economic Cooperation (APEC) is an international forum that seeks to promote promoting open trade and practical economic cooperation in the Asia-Pacific Region. In 2002, APEC issued Cybersecurity Strategy which is included in the Shanghai Declaration. The strategy outlined six areas for co-operation among member economies including legal developments, information sharing and co-operation, security and technical guidelines, public awareness, and training and education.
OECD
The Organisation for Economic Co-operation and Development (OECD) is an international economic organisation of 34 countries founded in 1961 to stimulate economic progress and world trade.
In 1990, the Information, Computer and Communications Policy (ICCP) Committee created an Expert Group to develop a set of guidelines for information security that was drafted until 1992 and then adopted by the OECD Council. In 2002, OECD announced the completion of "Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security".
European Union
In 2001, the European Commission published a communication titled "Creating a Safer Information Society by Improving the Security of Information Infrastructures and Combating Computer-related Crime".
In 2002, EU presented a proposal for a “Framework Decision on Attacks against Information Systems”. The Framework Decision takes note of Convention on Cybercrime, but concentrates on the harmonisation of substantive criminal law provisions that are designed to protect infrastructure elements.
Commonwealth
In 2002, the Commonwealth of Nations presented a model law on cybercrime that provides a legal framework to harmonise legislation within the Commonwealth and enable international cooperation. The model law was intentionally drafted in accordance with the Convention on Cybercrime.[3]
ECOWAS
The Economic Community of West African States (ECOWAS) is a regional group of west African Countries founded in 1975 it has fifteen member states. In 2009, ECOWAS adopted the Directive on Fighting Cybercrime in ECOWAS that provides a legal framework for the member states, which includes substantive criminal law as well as procedural law.[7]
GCC
In 2007, the Arab League and Gulf Cooperation Council (GCC) recommended at a conference seeking a joint approach that takes into consideration international standards.
Voluntary industry response
During the past few years, public-private partnerships have emerged as a promising approach for tackling cybersecurity issues around the globe. Executive branch agencies (e.g., the Federal Trade Commission in US), regulatory agencies (e.g., Australian Communications and Media Authority), separate agencies (e.g., ENISA in the EU) and industry (e.g., MAAWG, …) are all involved in partnership.
In 2004, the London Action Plan was founded, which aims at promoting international spam enforcement cooperation and address spam related problems, such as online fraud and deception, phishing, and dissemination of viruses.[8]
Case analysis
U.S.
According to Sophos, the U.S. remains the top-spamming country and the source of about one-fifth of the world's spam. Cross-border cyber-exfiltration operations are in tension with international legal norms, so U.S. law enforcement efforts to collect foreign cyber evidence raises complex jurisdictional questions.[9][10] Since fighting cybercrime involves great amount of sophisticated legal and other measures, only milestones rather than full texts are provided here.
Legal and regulatory measures
The first federal computer crime statute was the Computer Fraud and Abuse Act of 1984 (CFAA).
In 1986, Electronic Communications Privacy Act (ECPA) was an amendment to the federal wiretap law.
“National Infrastructure Protection Act of 1996”.
“Cyberspace Electronic Security Act of 1999”.
“Patriot Act of 2001”.
Digital Millennium Copyright Act (DMCA) was enacted in 1998.
Cyber Security Enhancement Act (CSEA) was passed in 2002.
Can-spam law issued in 2003 and subsequent implementation measures were made by FCC and FTC.[11]
In 2005 the USA passed the Anti-Phishing Act which added two new crimes to the US Code.[12]
In 2009, the Obama Administration released Cybersecurity Report and policy. Cybersecurity Act of 2010, a bill seeking to increase collaboration between the public and the private sector on cybersecurity issues.[13]
A number of agencies have been set up in the U.S. to fight against cybercrime, including the FBI, National Infrastructure Protection Center, National White Collar Crime Center, Internet Fraud Complaint Center, Computer Crime and Intellectual Property Section of the Department of Justice (DoJ), Computer Hacking and Intellectual Property Unit of the DoJ, and Computer Emergency Readiness Team/Coordination Center (CERT/CC) at Carnegie-Mellon, and so on.[2]
CyberSafe is a public service project designed to educate end users of the Internet about the critical need for personal computer security.[6]
Technical measures
Cloud computing: It can make infrastructures more resilient to attacks and functions as data backup as well. However, as the Cloud concentrates more and more sensitive data, it becomes increasingly attractive to cybercriminals.
Better encryption methods are developed to deal with phishing, smishing and other illegal data interception activities.
The Federal Bureau of Investigation has set up special technical units and developed Carnivore, a computer surveillance system which can intercept all packets that are sent to and from the ISP where it is installed, to assist in the investigation of cybercrime.[2]
Industry collaboration
Public-private partnership: in 2006, the Internet Corporation for Assigned Names and Numbers (ICANN) signed an agreement with the United States Department of Commerce (United States Department of Commerce) that they partnered through the Multistakeholder Model of consultation.
In 2008, the second annual Cyber Storm Exercise conference was held, involving nine states, four foreign governments, 18 federal agencies and 40 private companies.[14]
In 2010, National Cyber Security Alliance’s public awareness campaign was launched in partnership with the U.S. Department of Homeland Security, the Federal Trade Commission, and others.[5]
Incentives for ISP: Though the cost of security measures increases, Internet Service Providers (ISP) are encouraged to fight against cybercrime to win consumer support, good reputation and brand image among consumer and peer ISP as well.[15]
International cooperation
USA has signed and also ratified Convention on Cybercrime.
United States has actively participated in G8/OECD/APEC/OAS/U.S.-China cooperation in cracking down international cyber crime.
Future challenges
Privacy in tracking down cybercrime is being challenged and becomes a controversial issue.
Public-private partnership. As the U.S. government gets more involved in the development of IT products, many companies worry this may stifle their innovation, even undermining efforts to develop more secure technology products. New legislative proposals now being considered by the U.S. Congress could be potentially intrusive on private industry, which may prevent enterprises from responding effectively to emerging and changing threats. Cyber attacks and security breaches are increasing in frequency and sophistication, they are targeting organizations and individuals with malware and anonymization techniques that can evade current security controls. Current perimeter-intrusion detection, signature-based malware, and anti-virus solutions are providing little defense. Relatively few organizations have recognized organized cyber criminal networks, rather than hackers, as their greatest potential cyber security threat; even fewer are prepared to address this threat.[16]
China
In January 2009, China was ranked No.3 spam-producing country in the world, according to data compiled by security vendor Sophos. Sophos now ranks China as spam producer No.20, right behind Spain.[17]
China's underground economy is booming with estimated 10 billion RMB in 2009. Hacking, malware and spam are immensely popular. With patriotic hacktivism, people hack to defend the country.[18]
Legal and regulatory measures
Criminal Law – the basic law identifies the law enforcement concerning cybercrime.
In 2000, the Decision on Internet Security of the Standing Committee of the NPC was passed.
In 2000, China issued a series of Internet rules that prohibit anyone to propagate pornography, virus and scams.
In 2003, China signed UN General Assembly Resolution 57/239 on “Creation of a global culture of cybersecurity”.
In 2003, China signed Geneva Declaration of Principles of the World Summit on the Information Society.
In 2006, an anti-spam initiative was launched.
In July 2006, the ASEAN Regional Forum (ARF), which included China, issued a statement that its members should implement cybercrime and cybersecurity laws “in accordance with their national conditions and by referring to relevant international instruments”.
In 2009, ASEAN-China framework agreement on network and information security emergency response were adopted.
In 2009, agreement within the Shanghai Cooperation Organization on information security was made.[19]
Technical measures
Internet censorship: China has made it tougher to register new Internet domains and has put on stricter content control to help reduce spam.[17]
"Golden Shield Project" or "The Great Firewall of China": a national Internet control and censorship project. In 2009, Green Dam software: It restricts access to a secret list of sites, and monitors users’activity.[12]
Operating system change: China is trying to get around this by using Linux, though with a lot of technical impediments to solve.[20]
Industry collaboration
Internet Society of China — the group behind China's anti-spam effort — is working on standards and better ways of cooperating to fight cybercrime.
ISPs have become better at working with customers to cut down on the spam problem.[17]
International cooperation
In 2005, China signed up for the London Action Plan on spam, an international effort to curb the problem.
Anti-Spam “Beijing Declaration”2006 International Anti-Spam Summit was held.
The APEC Working Group on Telecommunications agreed an action plan for 2010–2015 that included “fostering a safe and trusted ICT environment”.
In January 2011, the United States and China committed for the first time at head of state level to work together on a bilateral basis on issues of cybersecurity. "Fighting Spam to Build Trust" will be the first effort to help overcome the trust deficit between China and the United States on cybersecurity. Cyber Security China Summit 2011 will be held in Shanghai.[19]
Achievement and future challenges
Successfully cracking down spam volume in 2009. However, insufficient criminal laws and regulations are great impediments in fighting cybercrime. A lack of electronic evidence laws or regulations, low rank of existing internet control regulations and technological impediments altogether limit the efficiency of Chinese governments' law enforcement.[21]
See also
References
- Chang, Weiping; Chung, Wingyan; Chen, Hsinchun; Chou, Shihchieh (2003). "An International Perspective on Fighting Cybercrime". Intelligence and Security Informatics. Lecture Notes in Computer Science. Vol. 2665. pp. 379–384. doi:10.1007/3-540-44853-5_34. ISBN 978-3-540-40189-6.
- "Guillaume Lovet Fortinet, Fighting Cybercrime: Technical, Juridical and Ethical Challenges,VIRUS BULLETIN CONFERENCE,2009" (PDF). Archived from the original (PDF) on 2011-09-02. Retrieved 2011-04-25.
- Understanding Cybercrime: A Guide for Developing Countries,ITU Telecommunication Development Sector,2009
- Wipul Jayawickrama, Cyber Crime—Threats, Trends and Challenges, Computer Security Week 2008, Info Shield, 2008
- "Cisco 2010 Annual Security Report, Cisco, 2010" (PDF). Retrieved 21 July 2017.
- "University of Oregon School of Law" (PDF).
- "ITU Projects" (PDF). ITU.
- "London Action Plan – International Cybersecurity Enforcement Network". 2 April 2023.
- Ghappour, Ahmed (2017-01-01). "Tallinn, Hacking, and Customary International Law". AJIL Unbound. 111: 224–228. doi:10.1017/aju.2017.59. S2CID 158071009.
- Ghappour, Ahmed (2017-04-01). "Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web". Stanford Law Review. 69 (4): 1075.
- "Maxim May, Federal Computer Crime Laws, SANS Institute Reading Room, 2004". Retrieved 21 July 2017.
- "Nicholas Cowdery AM QC, Emerging Trends in Cyber Crime, 13th Annual Conference – New Technologies in Crime and Prosecution: Challenges and Opportunities, International Association of Prosecutors, Singapore, 2008" (PDF). Archived from the original (PDF) on 2 April 2011. Retrieved 21 July 2017.
- Computer security
- "Emerging Cyber Threats Report for 2009, Georgia Tech Information Security Centre, 2008" (PDF). Retrieved 21 July 2017.
- Bauer, Johannes M.; van Eeten, Michel J. G. (1 November 2009). "Cybersecurity: Stakeholder incentives, externalities, and policy options". Telecommunications Policy. 33 (10–11): 706–719. doi:10.1016/j.telpol.2009.09.001.
- "Cyber crime: a clear and present danger combating the fastest growing cyber security threat, Delloitte, 2010" (PDF). Retrieved 21 July 2017.
- "Welcome to Network World.com". Network World.
- "An investigation into Chinese cybercrime and the underground economy in comparison with the West".
- "China's Cybersecurity and Pre-emptive Cyber War, EastWestInstitute". Archived from the original on 22 March 2011. Retrieved 21 July 2017.
- "China outlaws cyber crime".
- "Zhang Jianwen, The Current Situation of Cybercrimes in China, National Prosecutors College, 2006" (PDF). Archived from the original (PDF) on 21 July 2011. Retrieved 21 July 2017.