CyberCrime

  Chapter 3 : 3. The challenges of fighting cybercrime

  3.1 Opportunities

  Law-enforcement agencies can now use the increasing power of computer systems and complex forensic software to

  speed up investigations and automate search procedures. It can prove difficult to automate investigation processes.

  While a keyword-based search for illegal content can be carried out easily, the identification of illegal pictures is

  more problematic. Hash-value based approaches are only successful if pictures have been rated previously, the hash

  value is stored in a database and the picture that was analysed has not been modified.

  Forensic software is able to search automatically for child-pornography images by comparing the files on the hard

  disk of suspects with information about known images. For example, in late 2007, authorities found a number of

  pictures of the sexual abuse of children. In order to prevent identification the offender had digitally modified the

  part of the pictures showing his face before publishing the pictures over the Internet. Computer forensic experts

  were able to unpick the modifications and reconstruct the suspect’s face. Although the successful investigation

  clearly demonstrates the potential of computer forensics, this case is no proof of a breakthrough in childpornography

  investigation. If the offender had simply covered his face with a white spot, identification would have

  been impossible.

  3.2 General challenges

  3.2.1 Reliance on ICTs

  Many everyday communications depend on ICTs and Internet-based services, including VoIP calls or e- mail

  communications.ICTs are now responsible for the control and management functions in buildings, cars and aviation

  services. The supply of energy, water and communication services depend on ICTs. The further integration of ICTs

  into everyday life is likely to continue. Growing reliance on ICTs makes systems and services more vulnerable to

  attacks against critical infrastructures. Even short interruptions to services could cause huge financial damages to

  e-commerce businesses. It is not only civil communications that could be interrupted by attacks; the dependence on

  ICTs is a major risk for military communications.

  Existing technical infrastructure has a number of weaknesses, such as the monoculture or homogeneity of operating

  systems. Many private users and SMEs use Microsoft’s operating system, so offenders can design effective attacks

  by concentrating on this single target.

  The dependence of society on ICTs is not limited to the western countries. Developing countries also face challenges

  in preventing attacks against their infrastructure and users. The development of cheaper infrastructure

  technologies such as WiMAX has enabled developing countries to offer Internet services to more people. Developing

  countries can avoid the mistakes of some western countries, which have concentrated mainly on maximizing

  accessibility, without investing significantly in protection. US experts have explained that successful attacks against

  the official website of governmental organizations in Estonia could only take place due to inadequate protection

  measures. Developing countries have a unique opportunity to integrate security measures early on. This may

  require greater upfront investments, but the integration of security measures at a later point may prove more

  expensive in the long run.

  Strategies must be formulated to prevent such attacks and develop countermeasures, including the development

  and promotion of technical means of protection, as well as adequate and sufficient laws enabling law-enforcement

  agencies to fight cybercrime effectively.

  3.2.2 Number of users

  The popularity of the Internet and its services is growing fast, with over 2 billion Internet users worldwide by 2010.

  Computer companies and ISPs are focusing on developing countries with the greatest potential for further growth.

  In 2005, the number of Internet users in developing countries surpassed the number in industrial nations, while the

  development of cheap hardware and wireless access will enable even more people to access the Internet.

  With the growing number of people connected to the Internet, the number of targets and offenders increases. It is

  difficult to estimate how many people use the Internet for illegal activities. Even if only 0.1 per cent of users

  committed crimes, the total number of offenders would be more than one million. Although Internet usage rates are

  lower in developing countries, promoting cybersecurity is not easier, as offenders can commit offences from around

  the world.

  The increasing number of Internet users causes difficulties for the law-enforcement agencies because it is relatively

  Cyber Crime

  10

  difficult to automate investigation processes. While a keyword-based search for illegal content can be carried out

  rather easily, the identification of illegal pictures is more problematic. Hash-value based approaches are for

  example only successful if the pictures were rated previously, the hash value was stored in a data base, and the

  picture that was analysed has not been modified.

  3.3 Legal challenges

  3.3.1 Challenges in drafting national criminal laws

  Proper legislation is the foundation for the investigation and prosecution of cybercrime. However, law- makers must

  continuously respond to Internet developments and monitor the effectiveness of existing provisions, especially given

  the speed of developments in network technology.

  Cyber Crime

  11

  Historically, the introduction of computer-related services or Internet-related technologies has given rise to new

  forms of crime, soon after the technology was introduced. One example is the development of computer networks in

  the 1970s – the first unauthorized access to computer networks occurred shortly afterwards. Similarly, the first

  software offences appeared soon after the introduction of personal computers in the 1980s, when these systems

  were used to copy software products.

  It takes time to update national criminal law to prosecute new forms of online cybercrime. Indeed, some countries

  have not yet finished with this adjustment process. Offences that have been criminalized under national criminal law

  need to be reviewed and updated. For example, digital information must have equivalent status as traditional

  signatures and printouts.

  Without the integration of cybercrime-related offences, violations cannot be prosecuted.

  The main challenge for national criminal legal systems is the delay between the recognition of potential abuses of

  new technologies and necessary amendments to the national criminal law. This challenge remains as relevant and

  topical as ever as the speed of network innovation accelerates. Many countries are working hard to catch up with

  legislative adjustments. In general, the adjustment process has three steps: adjustment to national law,

  identification of gaps in the penal code, and drafting of new legislation.

  Adjustments to national law must start with the recognition of an abuse of new technology

  Specific departments are needed within national law-enforcement agencies, which are qualified to investigate

  potential cybercrimes. The development of computer emergency response teams (CERTs), computer incident

  response teams (CIRTs), computer security incident response teams (CSIRTs) and other research facilities have

  improved the situation.

  Cyber Crime


  12