|
Vladimir Golubev
The
search of ways of efficient struggle against crimes committed in the sphere of
computer technologies use and implementation is being conducted in different
directions. Scientific elaboration of the problem is one of them. Scientists’
interest towards these questions has increased recently. The detailed study of
computer or cyber crime (CC) reveals a number of aspects, the research of which
would be rather complicated. As a rule, they are situated in so-called
contiguous fields of science at the interfaces among different scientific
disciplines. Analysis of criminological characteristics of CC is of essential
importance for the genesis and development mechanism definition of CC
phenomena. The group of the three
factors describes the characteristics: criminal and legal; criminological;
social and demographic [1]. The last
group considers the characteristics of both: criminals and victims.
Unfortunately,
official statistics does not possess authentic data concerning criminalistic
characteristic of crimes committed in Ukraine in the sphere of computer
technology use and implementation, their dynamics and structure. It occurs both due to the imperfection of
statistics, and due to the high latency of such crimes, which is proved by
other national scientific workers’ researchers [2].
It’s
easy to forecast further increase of national infrastructure activity
dependence from the processes of
information and Ukraine’s entering into the single information space, the
spreading of criminogenic processes in the illegal computer technologies use
and so-called cyber crimes.
Cyber crime – is
phenomenon of international significance.
Its level is in direct dependence from the level of development and
introduction of up-to-date computer technologies in Ukraine and network access
to them. Thus, onrush and rapid information development in Ukraine enables to
use and implement computer technologies in lucrative impulse, which in some
extent threatens state information safety.
According
to the data of annual research of CC problems held by the Computer Security
Institute (USA), cumulative crime loss in the sphere of computer technologies
use for the lattest 5 years, from 1997 to 2001, results in more than $1 billion
[3]. According to General Department Against Organized Crime of the Ministry
of Internal Affairs statistics data on Sept.,2002, 18 criminal cases has been
instituted. Material damage of the one
case resulted in $ 249 million [4].
All
the abovementioned factors predetermine actuality and urgency of the questions
considered in this article. The
analysis of criminogenic crime characteristics, which are committed in the
sphere of computer technologies use, in practice will assist the generation or
formation and realization of the new Ukrainian information legislation
conception, and elaboration and introduction of urgent effective measures to
avoid negative information processes, which are related to computer crime.
Chapter
XVI of the Criminal Code of Ukraine “Crimes in the sphere of electronic
computers (computers), systems and computer networks use” (Adopted during the
seventh session of Verkhovna Rada, April, 5) contains a number of regulations,
which provide criminal liability for committing a crime in the sphere of
computer technologies use. They include article 361 CC “Illegal intervention in
the computers, systems and computer networks operation”, that is illegal
intervention in the computers, their systems or computer networks operation
which leads to the distortion or deletion of the computer information or
carriers of the information, spreading of computer viruses by program and
technical measures implementation, which are meant to penetrate into the
machine, systems or computer networks illegally and to cause distortion and
deletion of computer information or its carriers;
Article
362 CC “Stealing, misappropriation, claiming of computer information or seizing
the information by frauding and official position abuse”;
Article
363 CC “Violation of the rules and regulations of electronic computers
operation and maintenance” –violation of the rules of electronic computers,
their systems and networks operation and maintenance by a person, who is
responsible for their operation, if it caused stealing, distortion and deletion
of computer information, means of its protection, illegal copying of computer
information, disturbance in the computers, their systems and networks
operation.
Thus,
the theory of criminal law regarding criminal – legal base in struggle against
computer crime has some regulations, which contain qualifying crime attributes
or factors provided by the abovementioned articles of Criminal Code of
Ukraine.
Application
of these special regulations while qualifying computer crimes executes not only
criminal-legal function, but it carries a number of criminological and
criminalistic functions, including - maintenance of criminal statistics
objectivity, scientific researches objectivity, formation of empirical
background for elaboration of different methods of revealing and disclosing
crimes and their prevention. Struggle
efficiency against crimes committed in the sphere of computer technologies,
systems and networks use is determined by criminalistic essence of the type of
computer encroachment understanding. For example, let’s assume that a
trespasser penetrated into the bank computer system and with the manipulations
help transferred a sum of money into specific account. This sum was successfully withdrawn from the
account by on of the participants.
This
crime can be qualified according article 361 CC of Ukraine “Illegal
intervention in the computers, systems and computer networks operation”. In
this case, we can consider that illegal intervention into the automated bank
system and non-authorized computer information alteration occurred. They have all the data about clients’
accounts, besides they distorted information.
This specific case is subjected to the abovementioned article. Illegal
intervention in the computers, systems and computer networks operation should
be understood any form of intervention with the program and technical use which
are designated for illegal penetration, which allows information manipulation [5].
The
trespasser didn’t have legal right for the information access with the aim of
obtaining non-authorized access by illegal code capture. Banks used the codes for information
protection. According to the article 14 CC of Ukraine, the trespasser’s actions
can be qualified as crime preparation and obstacles avoiding, and deliberate
creation of the conditions for committing a crime. Thus, illegal intervention
into the bank computer system operation occurred, which was accompanied by illegal operations with means of access to the bank
accounts. This can be considered as a corpus delict, which subject to the
articles 200, 231 CC of Ukraine.
The
result of the trespasser’s actions is the following: the money has disappeared
from a proprietor’s account. Theft or
larceny took place – secret larceny in guilty person’s favour, which caused
damage to the proprietor’s property (article 185, CC). The problem is in how to
qualify such theft. The Criminal Code
states that a theft can be committed by penetration in a dwelling or housing,
other premises or depository (viewing automated banking system as a property
depository of the person, who suffered losses). But it doesn’t spread on
burglary, robbery and blackmailing.
The
obligatory factor of theft is a secret larceny. We can observe it in the considered case. But theft doesn’t
implement fraud or deception to seize smb’s property. But in our case fraud is obvious, because smb. else’s money was transferred. But as a material subject money wasn’t
stolen, - the appropriate requisites were altered in electronic files, which
lead to the alteration of rights on property (money) possession and
regulation.
These actions can be qualified according
article 190 “Frauding” CC of Ukraine, that is taking over somebody else’s
property or obtaining the right on the property by frauding or trust
abuse. But the peculiarity of the considered
case is that it looks like a proprietor transferred his property to the
criminal of his own record. According
to judiciary practice, fraud is a “deliberate distortion and concealment of
truth in order to deceive the person, who owns property, which leads proprietor
to transform property to the criminal of his own record”. In the considered
case money wasn’t transferred of proprietor’s own record, so we can hardly
qualify this crime as frauding.
Let’s decide when the deception takes
place. Computer memory can be considered as a place where information about
money is stored in electronic files.
This allows conducting operations with money. As a rule, special hardware-software
means of protection from non-authorized access to the information are used.
Criminal uses deception only when he
penetrates into bank computer network and overcomes the system protection.
There can be different methods but we’ll talk about them a bit later. According
article 185.3 CC of Ukraine, such actions can be considered as “illegal
penetration into dwelling, other premises or depository”. Penetration is also
an intrusion into depository with the help of different devices (in our case –
it’s a computer), and by deceiving somebody.
Penetrations are not the goal of a crime. They are the means of getting access to values. “Other premises or depository” can be
considered as “special place or device, specially equipped, for permanent or
temporal storage values from ravishment or destruction”.
The considered case can be qualified as theft, committed with
penetration into depository (article 185.3 CC of Ukraine).
It’s necessary to
mention, that theft can be recognized as complete and finished crime from the
moment of actual or de facto seizure of property and trespasser’s possibility
to dispose of the property of his own record.
In our case this possibility occurs from the moment of completing the
transaction.
Thus, we’re dealing with complex or
integrated crime, expressed in illegal intervention into computers, systems and
networks operation and unauthorized access to the computer information, which
is stored, to its modifications and money transfer from the victim’s
account.
So,
means of theft in the computer systems of financial sphere is set of receptions
and means which provide deliberate unauthorized access to bank information
resources and technologies, and also enable to carry out modification of the
existing bank information with the purpose of infringement of property
relations, which is expressed in illegal withdrawal of money and transfers to
the other person.
There are various known ways, which
constantly increase on methods of their fulfillment. It’s explained both by
computer technology complicity and by constant expansion of new information
operations, lots of which provide movement of financial values and means.
According to their criminalistic
essence these deliberate actions are recognized as a crime with clearly defined
stages of the development of criminal activity. They differ from one another by
their activity and by level of completeness of criminal action. The right and
correct assessment or evaluation of the committed crime requires definition of
the stages. There are 3 stages according article 14 CC of Ukraine. They are the following:
Preparation
for a crime. Preparation
for a crime is a search or adaptation of devices, search for new partners or
joint offenders or conspiracy for committing a crime. It also includes making out a special program that will overcome
protection of information network in the financial intermediary, the following
data collecting: bank clients, protection systems, and password selection,
overcoming system protection from unauthorized access.
Criminal attempt. Criminal attempt is a deliberately committed action by a
person. The action is directed on committing a crime. In this stage
unauthorized flow of means in the trespasser’s favour is organized by data
manipulation and by the programs that control it, which are stored in the
computer system memory.
Crime
termination. Criminal attempt considered to be terminated if a person has done
all the necessary actions to complete a crime. This is the final stage if all
the unauthorized transaction are completed and the trespasser has opportunity
to use the results of his criminal activity.
A questionnaire of employees of information safety
departments and system administrators of automated bank systems in 20 banks of
Ukraine was organized to study basic elements of criminalistic characteristics
of computer crimes.
According to our research
data the most common access to computers, systems and networks carried out by
company’s employees – programmers, engineers, operators, who are computer users
or maintenance staff (41.9% of the interviewed). Almost two times less this access carried out by other
employees (20.2%), and in 8.6% cases ex-workers have committed this crime. In 25% cases outsiders had access to the
computer information and system.
Remote method to get access
to computer, system or network is a mediate connection with a computer (network
server), located in a distance. This
connection is possible through local and global computer networks and other
means of connection. Network systems together
with common access in the framework of one computer system, is subjected to a
special kind of attacks. This is explained by resource and information
allocation in “cyberspace”. These are so-called remote network attacks.
Remote
network attack can be understood as destructive information influence on
distributional computer system, which spreads program through transmission
link. According to the results of the research 39.2% of the total number of
computer crimes is committed by remote access to computer, systems and
network.
19.7%
from the total number of such crimes spread harmful computer programs on
hardware carriers. Distribution of disks with harmful programs is carried out
during pirate software sale. The names of the compact disks are not impressive
and often speak for themselves: “Hackers-2002”, “Espionage tricks”, “Free
Internet” etc. The disks include a number of programs for “evil” computer
systems, and some harmful programs – program beetles and viruses.
A lot of attention is given to the site crime in the
sphere of computer technologies use, as in some cases it is the same as the
criminal’s permanent location.
According to the questionnaire data, site crime depends on the way it
was committed. If a criminal has direct access to the computer, system or network
site crime will be computer location (50% of the interviewed). In particular,
41%c of the interviewed information safety administrators confirmed illegal
intervention into the computer, system or networks operation by using remote
access.
At the remote access to
the computer, system or network operation when committing a crime criminal
location and computer location in most of the times are different. The results
of the research show that in 17,3% cases remote access was carried out from the
computer equipment at the criminal’s home.
In 8,2% cases access was carried out from the criminal’s workplace. In 5,1% the criminal used technical
facilities in different computer clubs and centers.
Alongside with the
traditional spreading of harmful programs, which is done by pirate compact
disks and infected computer games, viruses ( so-called network worms during the
work in the Internet or by using e-mail) spreading take a significant
place.
The
basic goals and motives for committing crimes in the sphere of computer
technologies use are: self-interest and greed (58,9% of the interviewed),
ruffian actions (17,2%), revenge (12,7%), commercial or industrial espionage
(9,1%). People with age from 30 to 45
years old prevail among the criminals.
People from 16 to 30 years old (37,8%) go under this category too.
Considering and examining the characteristic feature
of a criminal it’s important to mention a special category of the trespassers
in the sphere of computer technologies use, called “hackers”.
Hackers (English to hack – to cut, to chop)
– are a
special category of experts in the sphere of computer technologies use, who
commit unlawful actions in the sphere of computer system communication and
information technologies. Their activity is directed on access to the computer
information. In order to achieve their
goal they can use different techniques of “evil”, fraud protection. They can
steal and alter data, modify files, block the system or computer
operation when they penetrate into the network. They can use different
techniques and means, including special equipment for weak spot search in the
protection system.
Sometimes they crack just for fun or for gaining the authority
among hackers. But very often it happens with the purpose of getting rich and
to do some criminal actions. As a rule,
hackers are professional in the computer technology use, who have outstanding
skills. So it’s very easy for them to
manipulate computer systems at a distance (remote attacks in the Internet
Computer ruffians. Motivated
attacks on websites and e-mail servers have increased
recently. According to their methods
these attacks duplicate “hackerism”. In these cases groups or individuals overload e-mail servers or delete
or erase websites for messages transmission (for example, political). Though these infringements do
not result in damage of operation systems or a network, nevertheless they become the reason of
failures in email work which in turn
causes substantial money expenditures and blocking of
access of subscribers to the websites where there is valuable
information. In 1996 unauthorized access to the website
computer system of the US Ministry of Justice was committed. Trespassers deleted the contents of more
than 200 catalogues and placed pages with Adolf Gitler’s picture, swastika, obscene
materials etc.
Virus Writers. One of the forms of cyber crime is illegal damage of
computer system or network with the purpose of global communication systems
infringement. The infringement is
carried out by computer viruses.
Nowadays founders and creators of these programs represent serious
threat for users. There are a lot of computer viruses, such as Melissa
Macro Virus, Explore.Zip Worm, CIH (Chernobyl) Virus, etc. Not so long ago a
computer virus destroyed energy power database of one of the Ukrainian nuclear
station. Accident didn’t take
place just because the virus has got only in a system which duplicates the
basic system.
In
April 2002 a dangerous version of Internet-worm “Klez” got activated and
millions of the computers in the world were infected with this dangerous virus.
The quantity of the infected computers was increasing with tremendous speed
every day and because of its damage scope “Klez” stands together with such
viruses as “²LÎVÅÓΔ, “CodeRed” and
“S³rcam”,
which were the reason of substantial losses. The exact amount of the losses is
just being counted.
Criminal Groups. We can observe
a tendency in computer crime increase.
Criminal groups whose purpose is to ravish or steal money from bank
institutions or with other criminal purpose commit these crimes.
In 1999 in the USA a computer was used to
commit a murder. The criminals failed
several times in victim’s assassination by firearms. So to destroy the victim, who was in the hospital under FBI
protection, they hired hackers. The
hackers penetrated into the hospital local network through the Internet and
changed the cardio stimulator and artificial lung ventilation apparatus
operation regime. The victim had died. His death seemed rather natural, as he could
not struggle for life any longer because of the wound. And only in due time after logic files
analysis on local network access, conducted by providers, they discovered that
the unauthorized access changed the cardio stimulator operation regime.
Cyber terrorists. Terrorist
organizations started to use new informational technologies and Internet more
often with criminal intentions to get rich, to carry out some propaganda or
secret information transfer. Criminal groups such as Hizbollah,
HAMAS, the Abu Nidal organization and Bin Laden’s al Qa’ida use computer files, e-mail and encryption (cryptography and computer ???) to
support their illegal activity. Though terrorists have not used their cyber
weapon yet on purpose, they use new informational technologies and computer
progress achievements, and this already is a serious threat. Cyber terrorism,
up-to-date informational technologies use in the Internet, is a weapon, which
is implemented to damage state major infrastructures (such as energetic,
transport, governmental). It can become a real threat for the world highly
developed countries national safety in the nearest future.
Commercial or industrial espionage. This is a type
of crimes, which is related with commercial and industrial information
ravishment. Some foreign special services have used up-to-date computer
technologies as one of the methods to get access to state secrets and
confidential information of other state.
In the abovementioned cyber crimes computers are used as a “weapon” or
instrument and as the purpose
of a crime. Unfortunately, computers are used for committing traditional crimes
Network
swindlers. Internet use with a swindle
purpose is one of the mostly widespread cyber crimes, which affected both
private and state institutions of the world. Thus, it is very important for law
enforcement bodies to study the nature of such crimes and to fight with
trespassers using their weapon – Internet.
Due to the large “audience” and possibility of remaining
anonym Internet can become a perfect weapon for swindlers. Network swindle – is
criminal actions, which are committed by criminogenic elements (groups). These actions are aimed at profit gaining by
deceit or by citizens trust
abuse using up-to-date computer technologies, communications and transmissions,
and Internet.
Anybody with some practical
experience can find an effective way to deceive through the Internet either in
his/her apartment or in the office. Internet is the most favourable environment for committing any kind of crimes. Let’s take, for example, a
case happened on 7 April, 1999. The
visitors of the “Yahoo.Inc” financial news web site found sensational
news. An ad spread via e-mail in the
"Buyout News" section stated that the telecommunication company “PairGain”, Huston, USA is taken over by an Israel
company. The details could be found on
the Bloomberg News Service web site.
This news spread with unexpected speed and the share prices of
“PairGain” had become 30% higher. The sales volume had increased almost in 7 times. But it was all fake both the web site where the information appeared
and the Bloomberg’s web site wasn’t the company’s site. When the financial community found out the
truth the prices reduced immediately that had led to substantial financial
losses of the shareholders, who had bought shares at artificially increased
prices.
Intellectual pirates. Intellectual
property is a moving force of the world economic process of the XXI century. Nonlicensed
production (piracy) threatens economic and public safety, as it doesn’t
correspond with international quality standards. Increase in low quality pirate
production affected Internet networks, where thousand of web sites for pirate
products spreading are created.
Appropriate measures to
provide constitutional rights on information protection and information safety
guaranty, creation of the favourable conditions to avoid and fight cyber crime
are being used in Ukraine nowadays. Crime in the sphere of computer
technologies use doesn’t have any boundaries, hence traditional methods of
avoiding and fighting computer crime are not effective. There is a number of important points in this context: further computer
crime criminogenic problems research; scientific search of effective ways of
information safety level increase through organizational and
legal protection information perfection in computer systems; problems solving
on avoiding and investigating computer crime; law enforcement experts training
in the computer crime sphere.
1.
Criminology. Special part.
Study book. / Editor, professor I.M. Danshina. — Õ.: Law, 1999. —
p.8-9.
2.
Zimbaluk V.S. Computer crime latency. // Struggle against the organized
crime and corruption (theory and practice). —2001. — ¹ 3. — p.178.
3.
Hahanovsky V.G. The
organization of experts preparation in struggle against crime in the hi tech
sphere // Struggle against the organized crime and corruption (theory and
practice) —2001. — ¹ 3. — p.202.
4.
2001 SCI/FBI Computer Crime and Security Survey. Computer Security
Institute.2001. — ¹6. — P.9.
5.
Scientific and practical commentary of the Criminal Code of
Ukraine / under edition of the outstanding lawyer of Ukraine,
candidate of juridical sciences M.I. Melnik, candidate of juridical sciences
M.I. Havronyuk /.— Ê.: “Cannon”, “À.Ñ.Ê.”.— 2001.— p.902-907.