Sunday, September 11, 2011

Cybercrime: procedures, deterrent and investigation

Cybercrime: procedures, deterrent and investigation

The title cybercrime Convention on Cybercrime is not new and has had numerous airings going back to the late 1990s and early 2000s. It has largely languished there, though, until it became the economic follow-up to the war on terrorism given there has been a signifcant shift towards electronic attacks or gained perception about the potential threat for crimes to be committed using technoology.

Cybercrime isn't actually a qualification in itself of the 'actual crime' that has been or is about to be perpetrated, rather on the one hand it provides a global statement under which preventions, deterrent and investigation can be defined about crimes where technology is or can be used as a conduit for a criminal or terrorist event. The technologies that are perceived to be relevant and 'usable' for cybercrime are set out in:

Proposal for a COUNCIL FRAMEWORK DECISION on attacks against information systems

Article 2
For the purposes of this Framework Decision, the following definitions shall apply:
(a) "Electronic communications network" means transmission systems and, where applicable, switching or routing equipment and other resources which permit the conveyance of signals by wire, by radio, by optical or by other electromagnetic means, including satellite networks, fixed (circuit- and packet-switched, including Internet) and mobile terrestrial networks, electricity cable systems, to the extent that they are used for the purpose of transmitting signals, networks used for radio and television broadcasting, and cable TV networks, irrespective of the type of information conveyed"

So this represents a broad range of identified technologies (whether used in natural sciences or manmade systems) that are identified avenues for 'cybercirme' procedures, deterrent and investigation. Furthermore, and on the other hand, cybercrime equally requires the 'type' of crime (substantive or inchoate) to be identifed that has or could operate 'through' a single or combination of technologies. For instance:

- a virus that is inserted into the electronic communication messages sent via Broadband of Power Lines (BPL) that takes down or attempts to take down a power station causing blackout might range in criminal law as a type of crime indicted eg under criminal damage, ecomonic damage, computer misuse, terrorism etc
- a message mispresenting a genuine individual that allows funds to be removed from the indiviudals account using the wireless network may be indicted in criminal proceedings as a fraud etc 

In the UK, legislation covers crimes such as 'abstraction of electricity', 'obtaining a telecommunication service with the intention of avoiding payment', 'computer misuse', unlawful interception' etc. To re-write all the relevant Statutes to identify crimes like these and other as 'cybercrime' would not seem practical at all. Cybercrime, then, perhaps may well be best described for use as a 'global title' to identify a state of 'events' generated through the use of various technologies.

The International Telecommunications Union (ITU) recognises the need for cybercrime procedures, deterrent and investigation and published two highly informative draft guides that one would expect to find produced from such an experienced and authoritative organisation:


ITU toolkit cybercrime legislation.pdf

As these documents are drafts, it is clear that evolving documents will continue to refine and define 'cybercrime' but may remain unable to circumvent the identification of the actual technologies used in a crime. One possible consequence of this is that forensic exmainers and experts in their specific fields will continue to provide their services, but an adjustment to a report or opinion may be required to start with e.g.

"Cybercrime Report/Opinion: The use of  X-technology in such and such an alleged crime...."

No comments: