Cybercrime Criminal Law Definitions and Concepts

Size: px
Start display at page:

Download "Cybercrime Criminal Law Definitions and Concepts"

Transcription

1 Cybercrime Criminal Law Definitions and Concepts How to Criminalize Attacks on Computer Networks and Information Computer Crime and Intellectual Property Section U.S. Department of Justice 1

2 Overview Introduction Substantive Offenses Computer intrusions Actions that cause damage Interception of communications Trafficking in passwords/hacking tools Mental state issues Punishment issues 2

3 Introduction What is Computer Crime? Computer as a Tool Fraud Child Pornography Extortion Computer as a Storage Device Computer as a Target 3

4 What are Computer Crimes? Network crimes implicate Attacks on: Confidentiality Integrity Availability of information or systems Theft of information or services Release of a virus 4

5 Overview Introduction Substantive Offenses Computer intrusions Actions that cause damage Interception of communications Trafficking in passwords/hacking tools Mental state issues Punishment issues 5

6 Computer Intrusions Unauthorized Access Gains Unauthorized Access Individual has no authority to access the computer An outsider or trespasser Also called hacking 6

7 Intruder scans network ports Intruder finds a vulnerabilty Intrusion The Anatomy of an Attack: The Outsider Obtains access to network as a user. Gains control of the network as a superuser 7

8 Intrusion Exceeding Authorized Access Gains Unauthorized Access Or Exceeds Authorized Access Individual has authorized access to a computer system, but exceeds that authorization An insider 8

9 Intrusion The Anatomy of an Attack: The Insider Employee normally cannot access secure files Employee circumvents security And obtains access to financial or government secrets 9

10 Intrusion Laws Prohibiting Unauthorized Access Many countries create a separate crime for unauthorized access (with nothing more) Cybercrime Convention, Title 1, Article 2 Countries must criminalize intentional access to the whole or any part of a computer system without right Some countries impose other restrictions Circumvention of security measures Applies only to network computers 10

11 Intrusion Obtaining Information Gains Unauthorized Access Or Exceeds Authorized Access + Obtains Information Individual actually obtains information Downloads a file or views information on a screen 11

12 Intrusion Obtaining information Types of information Financial E.g.: credit card numbers Medical E.g: celebrity s medical records Government/national security E.g.: espionage or terrorism Trade Secrets & Proprietary Business Information E.g.: industrial formulas 12

13 Intrusion Obtaining Information Sample laws Singapore makes it a crime to gain access without authority to any material held in any computer No damage or download required United States Prohibits intentionally accessing a computer without authorization or in excess of authorization where an intruder obtains information (obtains = merely viewing information) no damage or download required 13

14 Intrusion Obtaining Information Sample laws Netherlands statute distinguishes between: 1. Unauthorized access of a computer (six month maximum sentence) and 2. Unauthorized access of a computer where data is copied (four year maximum sentence) Canada Supreme Court has held that in order for there to be a theft the owner needs to be deprived of the object. 14

15 Intrusion Facilitating Other Crimes Gains Unauthorized Access Or Exceeds Authorized Access Obtains Information + Facilitates Another Crime Intent of hack may be to further a fraud or other crime E.g.: employee breaks into payroll computer and triggers overtime payments to herself Not necessarily any proof of damage or theft of information 15

16 Intrusion Facilitating Other Crimes Sample Laws United States Prohibits unauthorized access to a computer to further a fraud scheme (5 year maximum sentence) Australia Prohibits unauthorized use of a computer with intent to commit a serious offense (5 year maximum sentence) 16

17 Intrusion Facilitating Other Crimes Sample Laws Title 1, Article 8 Computer-related fraud Countries must criminalize acts that intentionally and without right cause a loss of property to another by: any input, alteration, deletion or suppression of computer data, any interference with the functioning of a computer system with the intent to gain an economic benefit 17

18 Overview Introduction Substantive Offenses Computer intrusions Actions that cause damage Interception of communications Trafficking in passwords/hacking tools Mental state issues Punishment issues 18

19 Causing Damage Gains Unauthorized Access Or Exceeds Authorized Access Obtains Information Facilitates Another Crime Causes Damage Business computer shut down Customer data deleted 19

20 Causing Damage Definition Damage can occur following an intrusion E.g.: disgruntled ex-employee hacks into company computers and deletes critical files But it can also occur without an unauthorized access or the exceeding of authorized access E.g.: viruses, worms, and denial of service attacks 20

21 Causing Damage Examples A virus is a self-replicating, destructive program that infects a host file A worm is a free standing program that can replicate itself and spread across networked computers A denial of service attack (or DOS) is any attack that prevents a computer from functioning properly can occur when a server receives too many requests for connections, making it impossible for legitimate requests to succeed Drafting Note: Technology Neutrality is Key 21

22 Causing Damage Cyber-crime Convention recommends criminalizing both interference with data and systems Title 1, Article 4 Data Interference Countries must criminalize intentionally and without right the damaging, deletion, deterioration, alteration or suppression of computer data Article 5 System Interference Similar provision against the serious hindering of the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data 22

23 Introduction Overview Substantive Offenses Computer intrusions Actions that cause damage Interception of communications Trafficking in passwords/hacking tools Mental state issues Punishment issues 23

24 Interception of Communications Gains Unauthorized Access Or Exceeds Authorized Access Obtains Information Facilitates Another Crime Causes Damage Intercepts Communications 24

25 Interception of Communications Examples Capture of communications while in transmission Similar to live interception of a telephone call Includes interception of , web surfing, or other protocols Hacker breaks into computer network and installs a sniffer Can then obtain the logon and password of users of the computer network System administrator intercepts communications of president of the company Note: when drafting the statute to criminalize this activity, it is important to include exceptions for proper activities of the system administrators (e.g., to render service, to promote security, and to protect the system ) 25

26 Overview Introduction Substantive Offenses Computer intrusions Actions that cause damage Interception of communications Trafficking in passwords/hacking tools Mental state issues Punishment issues 26

27 Trafficking in Passwords/hacking tools Transferring passwords or other access devices that enable a person to gain unauthorized access to a computer Also includes possession with intent to use criminally Rationale: Prohibiting possession or distribution limits and deters the underlying crime of hacking Analogous to prohibiting burglar tools 27

28 Trafficking in Passwords Definition Access device includes passwords, codes, or any data by which a computer system or service can be accessed or used Q: Should this encompass distribution of vulnerability information? With intent to commit fraud or another criminal act? Distribution need not be a formal sale passwords are commonly traded by hackers 28

29 Trafficking in Passwords Cybercrime Convention Title 1, Article 6 Misuse of Devices Countries must prohibit the possession, production, sale, procurement for use, import, distribution or otherwise making available a computer password, access code, or similar data by which the whole or any part of a computer system is capable of being accessed with intent that it be used for the purpose of committing any of the [hacking offenses] 29

30 Introduction Overview Substantive Offenses Computer intrusions Actions that cause damage Interception of communications Trafficking in passwords/hacking tools Mental state issues Punishment issues 30

31 Mental State Issues Lawmakers can require proof of a mental state for each element of a crime E.g.: intentionally accesses a computer without authorization and thereby obtains information Or: intentionally transmits a program, code, or command and recklessly causes damage Each country should consider carefully which mental states are appropriate For crimes involving damage to computers, generally the law should require proof only of the intent to cause damage and NOT the type or amount of damage 31

32 Overview Introduction Substantive Offenses Computer intrusions Actions that cause damage Interception of communications Trafficking in passwords Mental state issues Jurisdictional issues Punishment issues 32

33 Punishment Issues Best practices Punishment structures are unique and will vary from country to country Relying solely on monetary loss as the basis for sentencing will not adequately reflect the degree of harm Consider allowing victims the right to claim civil damages Listing aggravating factors 33

34 Questions? 34

CYBER CRIME A COMPARATIVE LAW ANALYSIS SANDRA MARIANA MAAT. submitted in part fulfilment of the requirements for the degree of MAGISTER LEGUM.

CYBER CRIME A COMPARATIVE LAW ANALYSIS SANDRA MARIANA MAAT. submitted in part fulfilment of the requirements for the degree of MAGISTER LEGUM. CYBER CRIME A COMPARATIVE LAW ANALYSIS by SANDRA MARIANA MAAT submitted in part fulfilment of the requirements for the degree of MAGISTER LEGUM at the UNIVERSITY OF SOUTH AFRICA SUPERVISOR: PROF D P VAN

More information

Legal, Ethical, and Professional Issues in Information Security

Legal, Ethical, and Professional Issues in Information Security Legal, Ethical, and Professional Issues in Information Security Downloaded from http://www.utc.edu/center-information-securityassurance/course-listing/cpsc3600.php Minor Changes from Dr. Enis KARAARSLAN

More information

ITU Model Cybercrime Law: Project Overview

ITU Model Cybercrime Law: Project Overview ITU Model Cybercrime Law: Project Overview Jody R. Westby ICT Applications and Cybersecurity Division Policies and Strategies Department, BDT International Telecommunication Union International

More information

PTLGateway Acceptable Use Policy

PTLGateway Acceptable Use Policy 1 PTLGateway Acceptable Use Policy Last Updated Date: 02 March 2018 Acceptable Use Policy Your use of our Services must fall within our Acceptable Usage Policy. Contents Key details... 1 COVERAGE OF THIS

More information

IS Today: Managing in a Digital World 9/17/12

IS Today: Managing in a Digital World 9/17/12 IS Today: Managing in a Digital World Chapter 10 Securing Information Systems Worldwide losses due to software piracy in 2005 exceeded $34 billion. Business Software Alliance, 2006 Accessories for war

More information

Chapter 10: Security and Ethical Challenges of E-Business

Chapter 10: Security and Ethical Challenges of E-Business Chapter 10: Security and Ethical Challenges of E-Business Learning Objectives Identify several ethical issues in IT that affect employment, individuality, working condition, privacy, crime health etc.

More information

Acceptable Use Policy ("AUP")

Acceptable Use Policy (AUP) Acceptable Use Policy ("AUP") Pacificnet Hosting (PacHosting)'s Acceptable Use Policy ("AUP") is provided to give our customers and users a clear understanding of what PacHosting expects of them while

More information

Glenwood Telecommunications, Inc. Acceptable Use Policy (AUP)

Glenwood Telecommunications, Inc. Acceptable Use Policy (AUP) Glenwood Telecommunications, Inc. Acceptable Use Policy (AUP) All customers should read this document. You are responsible for the policy written here, and your account WILL BE DISABLED WITHOUT WARNING

More information

NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014

NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014 NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014 OUR MANDATE O The EFCC is the agency charged with the responsibility for the enforcement

More information

AN ANALYSIS OF CYBER CRIME AND INTERNET SECURITY

AN ANALYSIS OF CYBER CRIME AND INTERNET SECURITY WORLD JOURNAL OF PHARMACY AND PHARMACEUTICAL SCIENCES Shoba. SJIF Impact Factor 6.647 Volume 6, Issue 5, 304-308 Review Article ISSN 2278 4357 AN ANALYSIS OF CYBER CRIME AND INTERNET SECURITY *Prof. V.

More information

300 Lena Drive Aurora, Ohio P: F: Page 1 of 5

300 Lena Drive Aurora, Ohio P: F: Page 1 of 5 Privacy MindStreams LLC respects the privacy of users who visit each of the sites within the MindStreams network. No effort is made to identify individuals without their knowledge. The following policies

More information

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1 Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005 Chapter 12 1 IT Ethics, Impacts, and Security Chapter 12 2 Chapter Outline Ethical Issues Impact

More information

Lesson-1 Computer Security

Lesson-1 Computer Security Threats to computer Security: What do they mean by a threat? Lesson-1 Computer Security A threat, in the context of computer security, refers to anything that has the potential to cause serious harm to

More information

Thailand Initiatives and Challenges in Cyber Terrorism

Thailand Initiatives and Challenges in Cyber Terrorism Thailand Initiatives and Challenges in Cyber Terrorism Agenda Cyber-Terrorism weapons & tactics MICT Cyber Inspector Group IT Laws Development Challenges Cyber-Terrorism weapons & tactics What is Cyber-Terrorism?

More information

LEGAL FRAMEWORK FOR THE ENFORCEMENT OF CYBER LAW AND CYBER ETHICS IN NIGERIA

LEGAL FRAMEWORK FOR THE ENFORCEMENT OF CYBER LAW AND CYBER ETHICS IN NIGERIA LEGAL FRAMEWORK FOR THE ENFORCEMENT OF CYBER LAW AND CYBER ETHICS IN NIGERIA Umejiaku Nneka Obiamaka, Department of Commercial and Property Law Faculty of Law, Nnamdi Azikiwe University, Awka, Nigeria

More information

Data and Cyber Crisis how to manage a crisis and reduce loss. Melissa Russell Special Counsel February 2016

Data and Cyber Crisis how to manage a crisis and reduce loss. Melissa Russell Special Counsel February 2016 Data and Cyber Crisis how to manage a crisis and reduce loss Melissa Russell Special Counsel February 2016 Introduction cyber risks Most commonly reported types of economic crime from PwC The causes and

More information

Whitepaper on AuthShield Two Factor Authentication with SAP

Whitepaper on AuthShield Two Factor Authentication with SAP Whitepaper on AuthShield Two Factor Authentication with SAP By AuthShield Labs Pvt. Ltd Table of Contents Table of Contents...2 1.Overview...4 2. Threats to account passwords...5 2.1 Social Engineering

More information

Guidelines for the use of the IT infrastructure at the University of Bayreuth 10 February 2005

Guidelines for the use of the IT infrastructure at the University of Bayreuth 10 February 2005 IT Guidelines Guidelines for the use of the IT infrastructure at the University of Bayreuth 10 February 2005 In accordance with Article 32 para 3 sentence 1 of the Bavarian Higher Education Act (Bayerisches

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 1 Introduction to Security Objectives Describe the challenges of securing information Define information security and explain why

More information

Chapter 6 Network and Internet Security and Privacy

Chapter 6 Network and Internet Security and Privacy Chapter 6 Network and Internet Security and Privacy Learning Objectives LO6.1: Explain network and Internet security concerns LO6.2: Identify online threats LO6.3: Describe cyberstalking and other personal

More information

CYBERCRIME LEGISLATION DEVELOPMENT IN NIGERIA AN UPDATE. Octopus Conference, Strasbourg 06 June, 2012

CYBERCRIME LEGISLATION DEVELOPMENT IN NIGERIA AN UPDATE. Octopus Conference, Strasbourg 06 June, 2012 CYBERCRIME LEGISLATION DEVELOPMENT IN NIGERIA AN UPDATE Octopus Conference, Strasbourg 06 June, 2012 T.GEORGE-MARIA TYENDEZWA Head, Computer Crime Prosecution Unit, Federal Ministry of Justice, Abuja,

More information

Legal Foundation and Enforcement: Promoting Cybersecurity

Legal Foundation and Enforcement: Promoting Cybersecurity Legal Foundation and Enforcement: Promoting Cybersecurity Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection February 19, 2008 Mark L. Krotoski Computer

More information

God is in the Small Stuff and it all matters. .In the Small Stuff. Security and Ethical Challenges. Introduction to Information Systems Chapter 11

God is in the Small Stuff and it all matters. .In the Small Stuff. Security and Ethical Challenges. Introduction to Information Systems Chapter 11 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise 1 Eleventh Edition 2 Chapter Objectives C h a p t e r 11 Eleventh Edition James A. O Brien Identify several ethical

More information

13. Acceptable Use Policy

13. Acceptable Use Policy 13. Acceptable Use Policy Purpose Indian River State College s intention for publishing an Acceptable Use Policy is to outline the acceptable use of computer equipment and services at Indian River State

More information

The Readlyn Telephone Company dba RTC Communications NETWORK MANAGEMENT AND ACCEPTABLE USE POLICY Internet Service

The Readlyn Telephone Company dba RTC Communications NETWORK MANAGEMENT AND ACCEPTABLE USE POLICY Internet Service The Readlyn Telephone Company dba RTC Communications NETWORK MANAGEMENT AND ACCEPTABLE USE POLICY Internet Service The Readlyn Telephone Company, dba RTC Communications (the Company) Acceptable Use Policy

More information

Midstate Telephone & Midstate Communications. Acceptable Use Policy

Midstate Telephone & Midstate Communications. Acceptable Use Policy Midstate Telephone & Midstate Communications Acceptable Use Policy Introduction Midstate is at all times committed to complying with the laws and regulations governing use of the Internet, e-mail transmission

More information

region16.net Acceptable Use Policy ( AUP )

region16.net Acceptable Use Policy ( AUP ) region16.net Acceptable Use Policy ( AUP ) Introduction By using service(s) provided by region16.net (including, but not necessarily limited to, Internet Services and videoconferencing), you agree to comply

More information

Cleveland State University General Policy for University Information and Technology Resources

Cleveland State University General Policy for University Information and Technology Resources Cleveland State University General Policy for University Information and Technology Resources 08/13/2007 1 Introduction As an institution of higher learning, Cleveland State University both uses information

More information

Network Security Issues and Cryptography

Network Security Issues and Cryptography Network Security Issues and Cryptography PriyaTrivedi 1, Sanya Harneja 2 1 Information Technology, Maharishi Dayanand University Farrukhnagar, Gurgaon, Haryana, India 2 Information Technology, Maharishi

More information

GhostFiber Acceptable Use Policy

GhostFiber Acceptable Use Policy GhostFiber Acceptable Use Policy Blue Sky Satellite & Theater Services LLC, dba Blue Sky Satellite, dba GhostFiber provides a variety of Internet Services (GhostFiber ) to both residential and business

More information

Chapter 4 Network and Internet Security

Chapter 4 Network and Internet Security Understanding Computers in a Changing Society, 3 rd Edition Chapter 4 Network and Internet Security Learning Objectives Explain why computer users should be concerned about network and Internet security.

More information

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable? Introduction Controlling Information Systems When computer systems fail to work as required, firms that depend heavily on them experience a serious loss of business function. M7011 Peter Lo 2005 1 M7011

More information

IP CHANGES IN THE THAI COMPUTER CRIME ACT. Cyber crime in Thailand Introduction & Overview

IP CHANGES IN THE THAI COMPUTER CRIME ACT. Cyber crime in Thailand Introduction & Overview IP CHANGES IN THE THAI COMPUTER CRIME ACT Cyber crime in Thailand Introduction & Overview POL.LT.COL.NAUGHTAKID PHROMCHAN DEPUTY SUPERINTENDENT SOCIAL MEDIA MONITORING CENTER, ROYAL THAI POLICE 7th November

More information

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Cybercrime Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Organizations can prevent cybercrime from occurring through the proper use of personnel, resources,

More information

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security Symantec Enterprise Security WHITE PAPER Integrated Security: Creating the Secure Enterprise INSIDE Evolving IT and business environments The impact of network attacks on business The logical solution

More information

Computer Security Policy

Computer Security Policy Administration and Policy: Computer usage policy B 0.2/3 All systems Computer and Rules for users of the ECMWF computer systems May 1995 Table of Contents 1. The requirement for computer security... 1

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy. August 2016 1. Overview Kalamazoo College provides and maintains information technology resources to support its academic programs and administrative operations. This Acceptable

More information

II.C.4. Policy: Southeastern Technical College Computer Use

II.C.4. Policy: Southeastern Technical College Computer Use II.C.4. Policy: Southeastern Technical College Computer Use 1.0 Overview Due to the technological revolution in the workplace, businesses such as Southeastern Technical College (STC) have turned to computer

More information

Hacking and Cyber Espionage

Hacking and Cyber Espionage Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge

More information

NebraskaLink Acceptable Use Policy

NebraskaLink Acceptable Use Policy NebraskaLink Acceptable Use Policy Introduction This acceptable use policy (the "Policy") defines acceptable practices relating to the use of NebraskaLink's services (the "Service") by customers of NebraskaLink

More information

State of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy

State of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy State of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy Public School Facilities Authority, IT Acceptable Use Policy 1 State of NM Public School Facilities

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy 1. Overview The Information Technology (IT) department s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Quincy College s established

More information

Acceptable Use and Publishing Policy

Acceptable Use and Publishing Policy 1. Purpose This Policy outlines the principles, guidelines and requirements of acceptable use of and publishing to ecreators Pty Ltd (ecreators) hosting products and services. The purpose of this Policy

More information

INTERNET ACCESS SERVICE AGREEMENT PLEASE READ CAREFULLY

INTERNET ACCESS SERVICE AGREEMENT PLEASE READ CAREFULLY INTERNET ACCESS SERVICE AGREEMENT PLEASE READ CAREFULLY Plains Communication Services ( PCS ), LLC and Plainstel.com provides its subscribers with access to the Internet only on the terms and conditions

More information

Violations of any portion of this policy may be subject to disciplinary action up to and including termination of employment.

Violations of any portion of this policy may be subject to disciplinary action up to and including termination of employment. Page 1 of 6 Policy: All computer resources are the property of Lee County and are intended to be used for approved County business purposes. Users are permitted access to the computer system to assist

More information

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY Published By: Fusion Factor Corporation 2647 Gateway Road Ste 105-303 Carlsbad, CA 92009 USA 1.0 Overview Fusion Factor s intentions for publishing an

More information

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model Abhijit Vitthal Sathe Modern Institute of Business Management, Shivajinagar, Pune 411 005 abhijit_sathe@hotmail.com

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy Jackson Energy Authority 731.422.7500 INTRODUCTION Jackson Energy Authority ( JEA ) has formulated this Acceptable Use Policy ( AUP ), in order to set forth terms regarding the responsible

More information

2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM

2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM 2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM Recap of 1 st ARF Jeju (South Korea) Cyber Terrorism recently been brought

More information

Writer Corporation. Data Protection Policy

Writer Corporation. Data Protection Policy Writer Corporation Data Protection Policy 1. Introduction The Data Protection Policy (DPP) lays a solid foundation for the development and implementation of secure practices within Writer Corporation (the

More information

716 West Ave Austin, TX USA

716 West Ave Austin, TX USA Fundamentals of Computer and Internet Fraud GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION What Is Computer Crime?... 2 Computer Fraud

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy 1. Overview ONS IT s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to ONS established culture of openness, trust and integrity.

More information

Security Policies and Procedures Principles and Practices

Security Policies and Procedures Principles and Practices Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability

More information

Tularosa Communications, Inc. (TCI) General Service Terms and Conditions

Tularosa Communications, Inc. (TCI) General Service Terms and Conditions Tularosa Communications, Inc. (TCI) General Service Terms and Conditions Updated: June 11, 2018 Effective: June 11, 2018 APPLICABILITY These Terms and Conditions apply to all services provided by TCI unless

More information

APPLICATION TO OPEN PORTS THROUGH THE FIREWALL

APPLICATION TO OPEN PORTS THROUGH THE FIREWALL P: +61 2 9231 3644 E: admin@ccl.com.au W: www.ccl.com.au A.B.N. 72 000 111 Level 1 Selborne Chambers 174 Phillip Street Sydney NSW 2000 APPLICATION TO OPEN PORTS THROUGH THE FIREWALL Only outbound data

More information

African Forum on Cybercrime, Addis Ababa, 16 18 October 2018 Workshop 4: Current status of cybercrime legislation in Africa and international standards Cybercrime legislation in Africa and the Budapest

More information

H. R To reduce unsolicited commercial electronic mail and to protect children from sexually oriented advertisements.

H. R To reduce unsolicited commercial electronic mail and to protect children from sexually oriented advertisements. I 0TH CONGRESS ST SESSION H. R. To reduce unsolicited commercial electronic mail and to protect children from sexually oriented advertisements. IN THE HOUSE OF REPRESENTATIVES MAY, 00 Ms. LOFGREN (for

More information

CHAPTER 8 SECURING INFORMATION SYSTEMS

CHAPTER 8 SECURING INFORMATION SYSTEMS CHAPTER 8 SECURING INFORMATION SYSTEMS BY: S. SABRAZ NAWAZ SENIOR LECTURER IN MANAGEMENT & IT SEUSL Learning Objectives Why are information systems vulnerable to destruction, error, and abuse? What is

More information

China and International Governance of Cybercrime

China and International Governance of Cybercrime China and International Governance of Cybercrime Prof. Dr. Shenkuo WU Law Professor of CCLS, Beijing Normal University Head of Research Centre of Internet Society of China Consultant of Supreme Court of

More information

Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope

Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope Jacksonville State University Acceptable Use Policy 1. Overview Information Technology s (IT) intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Jacksonville

More information

DCU Guide to Subject Access Requests. Under Irish Data Protection Legislation

DCU Guide to Subject Access Requests. Under Irish Data Protection Legislation DCU Guide to Subject Access Requests Under Irish Data Protection Legislation Context Under section 4 of the Irish Data Protection Acts 1988 & 2003 an individual, on making a written request to DCU, may

More information

IT ACCEPTABLE USE POLICY

IT ACCEPTABLE USE POLICY CIO Signature Approval & Date: IT ACCEPTABLE USE POLICY 1.0 PURPOSE The purpose of this policy is to define the acceptable and appropriate use of ModusLink s computing resources. This policy exists to

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy 1. Purpose The purpose of this policy is to outline the acceptable use of computer equipment at Robotech CAD Solutions. These rules are in place to protect the employee and Robotech

More information

Guiding principles on the Global Alliance against child sexual abuse online

Guiding principles on the Global Alliance against child sexual abuse online Annex to the Declaration on Launching the Global Alliance against child sexual abuse online, further setting forth the intent of the participants Guiding principles on the Global Alliance against child

More information

Insider Threats. Nathalie Baracaldo. School of Information Sciences. March 26 th, 2015

Insider Threats. Nathalie Baracaldo. School of Information Sciences. March 26 th, 2015 Insider Threats Nathalie Baracaldo Ph.D. Candidate date School of Information Sciences March 26 th, 2015 1 Insider Attacks According to CERT insider attackers are defined as: Currently or previously employed

More information

Accounting Information Systems

Accounting Information Systems Accounting Information Systems Fourteenth Edition Chapter 6 Computer Fraud and Abuse Techniques ALW AYS LEARNING Learning Objectives Compare and contrast computer attack and abuse tactics. Explain how

More information

Magna5 reserves the right to make modifications to this policy at any time.

Magna5 reserves the right to make modifications to this policy at any time. INTERNET ACCEPTABLE USE POLICY This Acceptable Use Policy specifies the actions prohibited by Magna5 to users of the Magna5 Network or the networks of third-party providers. Magna5 reserves the right to

More information

The AUP applies to all Snowball products and services but is in particular applicable to internet services.

The AUP applies to all Snowball products and services but is in particular applicable to internet services. ACCEPTABLE USAGE POLICY Introduction Snowball is committed to complying with legislation and ensuring all its Customers have the ability to use its network and the Internet without interference or harassment

More information

ITNP023 - Autumn Aims

ITNP023 - Autumn Aims PROFESSIONAL ISSUES 2 Aims Give a precise meaning of the terms profession and professional Discuss the obligations and privileges which membership of a profession carries Consider some codes of conduct

More information

WEBSITE TERMS OF USE

WEBSITE TERMS OF USE WEBSITE TERMS OF USE Effective Date: April 14, 2018 Welcome to the Center for Behavioral Sciences, Inc. ( CBS ) website! CBS, Inc. maintains this website ( Website ) for your personal information, education

More information

Cybersecurity and Hospitals: A Board Perspective

Cybersecurity and Hospitals: A Board Perspective Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy Effective: September 2, 2016 Purpose Montreat College is committed to protecting its employees, partners, and itself from illegal or damaging actions by individuals, either knowingly

More information

Horry County IT /GIS Policy Acce table Use Com uter S stems

Horry County IT /GIS Policy Acce table Use Com uter S stems HORRY COUNTY IT/GIS DEPARTMENT 1301 Second Avenue Conway, South Carolina 29526 www.horrycounty.org Post Office Box 296 Conway, South Carolina 29528-0296 Phone: (843) 915-5240 Fax: (843) 915-6240 Horry

More information

Sac County Mutual Telephone Company Acceptable Use Policy High Speed Internet Service Page 1 of 5. Sac County Mutual Telephone Company

Sac County Mutual Telephone Company Acceptable Use Policy High Speed Internet Service Page 1 of 5. Sac County Mutual Telephone Company Page 1 of 5 Sac County Mutual Telephone Company ACCEPTABLE USE POLICY FOR HIGH SPEED INTERNET SERVICE This Acceptable Use Policy ( AUP ) governs high speed Internet service provided to you by Sac County

More information

Acceptable Use Policy

Acceptable Use Policy 1 INTRODUCTION and its subsidiaries ( us, we or our ) have produced this acceptable use policy in order to: Give you a better understanding of what is and is not acceptable when using the internet Encourage

More information

Bloom Broadband Acceptable Use Policy

Bloom Broadband Acceptable Use Policy Acceptable Use Policy for Bloom Internet Service Bloom s goal is to provide its customers with the best residential cable Internet service possible. In order to accomplish this, Bloom has adopted this

More information

The Regional Cyber Crime Unit response to Cyber Crime

The Regional Cyber Crime Unit response to Cyber Crime British Computer Society Tuesday 9th January 2018 The Regional Cyber Crime Unit response to Cyber Crime Cyber Protect Officer Chris Phillips Overview Cybercrime threat Law enforcement response Priorities

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy Why is Cleveland Broadband providing this Policy to me? Cleveland Broadband s goal is to provide its customers with the best Internet service possible. In order to help accomplish

More information

HIPAA UPDATE. Michael L. Brody, DPM

HIPAA UPDATE. Michael L. Brody, DPM HIPAA UPDATE Michael L. Brody, DPM Objectives: How to respond to a patient s request for a copy of their records. Understand your responsibilities after you send information out to another doctor, hospital

More information

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks Overview Handling Security Incidents Chapter 7 Lecturer: Pei-yih Ting Attacks Security Incidents Handling Security Incidents Incident management Methods and Tools Maintaining Incident Preparedness Standard

More information

PURPOSE: To establish policies and procedures for the use of University-owned and -operated information technology resources.

PURPOSE: To establish policies and procedures for the use of University-owned and -operated information technology resources. MERCER UNIVERSITY SECTION: Policies and Procedures Manual SUBJECT: INFORMATION TECHNOLOGY ACCESS AND USE POLICY EFFECTIVE: January 1, 2004 PURPOSE: To establish policies and procedures for the use of University-owned

More information

Technology in Action

Technology in Action Technology in Action Chapter 7 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses 1 Peer-to-Peer Networks Nodes communicate with each other Peers Share peripheral

More information

Cognizant Careers Portal Terms of Use and Privacy Policy ( Policy )

Cognizant Careers Portal Terms of Use and Privacy Policy ( Policy ) Cognizant Careers Portal Terms of Use and Privacy Policy ( Policy ) Introduction This Policy applies to the Careers portal on the Cognizant website accessed via www.cognizant.com/careers ("Site"), which

More information

UNIQUE IAS ACADEMY-COMPUTER QUIZ-15

UNIQUE IAS ACADEMY-COMPUTER QUIZ-15 1. Which menu should you access if you need to edit header or footer of a document: a) Insert b) Edit c) View 2. Watermark is available on: a) Insert b) Page Layout c) Format 3. Background color or picture

More information

PRIMUS ACCEPTABLE USE POLICY

PRIMUS ACCEPTABLE USE POLICY PRIMUS ACCEPTABLE USE POLICY For purposes of this Agreement, You, users, and account holders are used interchangeably, and where applicable. These terms are subject to the Privileges and Immunities of

More information

Computer Security. Assoc. Prof. Pannipa Phaiboonnimit. Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak

Computer Security. Assoc. Prof. Pannipa Phaiboonnimit. Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak Computer Security Assoc. Prof. Pannipa Phaiboonnimit 1 Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak Classification of Threats Computer Attack Intend to damage files, computers

More information

ACCEPTABLE USE POLICIES FOR INFORMATION SERVICES COMPUTING RESOURCES

ACCEPTABLE USE POLICIES FOR INFORMATION SERVICES COMPUTING RESOURCES ACCEPTABLE USE POLICIES FOR INFORMATION SERVICES COMPUTING RESOURCES Information Security Team DePaul University 1 East Jackson Boulevard Chicago, Illinois 60604 US https:/infosec.depaul.edu/ 13th December

More information

Personal Cybersecurity

Personal Cybersecurity Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions

More information

FBI. National Security & Oil and Natural Gas. NOIA Conference April 11, 2014

FBI. National Security & Oil and Natural Gas. NOIA Conference April 11, 2014 FBI National Security & Oil and Natural Gas NOIA Conference April 11, 2014 Strategic Partnership Program Partnership with public and private sector entities to protect the national and economic security

More information

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS

More information

Effective security is a team effort involving the participation and support of everyone who handles Company information and information systems.

Effective security is a team effort involving the participation and support of everyone who handles Company information and information systems. BACKED BY REFERENCE GUIDE Acceptable Use Policy GENERAL GUIDANCE NOTE: This sample policy is not legal advice or a substitute for consultation with qualified legal counsel. Laws vary from country to country.

More information

The Honest Advantage

The Honest Advantage The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents

More information

Motorola Mobility Binding Corporate Rules (BCRs)

Motorola Mobility Binding Corporate Rules (BCRs) Motorola Mobility Binding Corporate Rules (BCRs) Introduction These Binding Privacy Rules ( Rules ) explain how the Motorola Mobility group ( Motorola Mobility ) respects the privacy rights of its customers,

More information

(U) Cyber Threats to the Homeland

(U) Cyber Threats to the Homeland UNCLASSIFIED (U) Cyber Threats to the Homeland October 2016 The overall classification of this briefing is: (U) Warning: This product may contain US person information that has been deemed necessary for

More information

Information Security Management System ISO/IEC 27001:2013

Information Security Management System ISO/IEC 27001:2013 Information Security Management System ISO/IEC 27001:2013 OF ICT FACILITIES PENGGUNAAN KEMUDAHAN ICT For PTM Use Only Date: 7 th June Written By: Junnaini Ismun Pengerusi Jawatankuasa ISMS Verified By:

More information

Securing Information Systems

Securing Information Systems Chapter 7 Securing Information Systems 7.1 2007 by Prentice Hall STUDENT OBJECTIVES Analyze why information systems need special protection from destruction, error, and abuse. Assess the business value

More information

LIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 26 September 2008 (30.09) (OR. fr) 13567/08 LIMITE ENFOPOL 170 CRIMORG 150

LIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 26 September 2008 (30.09) (OR. fr) 13567/08 LIMITE ENFOPOL 170 CRIMORG 150 COUNCIL OF THE EUROPEAN UNION Brussels, 26 September 2008 (30.09) (OR. fr) 13567/08 LIMITE ENFOPOL 170 CRIMORG 150 NOTE from : Presidency to : Working Party on Police Cooperation No. prev. doc.: 11784/08

More information

June 2 nd, 2016 Security Awareness

June 2 nd, 2016 Security Awareness June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy Introduction and Scope General: This Acceptable Use Policy ( AUP ) sets forth acceptable practices relating to the use of the Crown Castle entities (collectively, Crown Castle ) Internet

More information

Security Awareness Company Policies and Processes. For Biscuitville, Inc. with operations in North Carolina and Virginia

Security Awareness Company Policies and Processes. For Biscuitville, Inc. with operations in North Carolina and Virginia Security Awareness Company Policies and Processes For Biscuitville, Inc. with operations in North Carolina and Virginia Issued on 11/22/2013 Updated on 06/17/2015 Table of Contents 1 COMPANY POLICIES AND

More information