A Criminal Intrudes into a Bank in Geneva Korean agents. Canadian agents make the arrest. Argentinian investigators. discover. attack came from Seoul

Similar documents
International Cooperation in Cybercrime Investigations

ISACA National Cyber Security Conference 8 December 2017, National Bank of Romania

- To aid in the investigation by identifying. - To identify the proper ISP, webhosting. - To use in search warrant affidavits for to

ITU Model Cybercrime Law: Project Overview

CYBERCRIME LEGISLATION DEVELOPMENT IN NIGERIA AN UPDATE. Octopus Conference, Strasbourg 06 June, 2012

UNODC. International Cooperation and Assistance in Cybercrime Matters

Promoting Global Cybersecurity

ITU/HIPPSA Technical Assistance on Cybercrime Law for the Republic of Rwanda, Kigali 11 th -12 th July 2013

Legal Foundation and Enforcement: Promoting Cybersecurity

Comprehensive Study on Cybercrime

Workshop on Cyber Security & Cyber Crime Policies. Policies for African Diplomats

Universal Trusted Service Provider Identity to Reduce Vulnerabilities

Project CyberSouth Cooperation on cybercrime in the Southern Neighbourhood

10007/16 MP/mj 1 DG D 2B

Cybercrime and e-evidence: challenges and solutions.

Guiding principles on the Global Alliance against child sexual abuse online

Data Preservation Checklists

MEETINGS OF MINISTERS OF JUSTICE OR OEA/Ser.K/XXXIV

Legal framework of ensuring of cyber security in the Republic of Azerbaijan

Overview on the Project achievements

ΚΕΝΤΡΟ ΜΕΛΕΤΩΝ ΑΣΦΑΛΕΙΑΣ CENTER FOR SECURITY STUDIES

GLOBAL CYBERSECURITY INDEX 2016

Cybersecurity & Spam after WSIS: How MAAWG can help

LEGAL SOLUTION CYBERCRIME LEGAL SOLUTION LEGAL SOLUTION NATIONAL, REGIONAL, INTERNATIONAL

A1. Actions which have been undertaken by Governments

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Joint ICTP-IAEA School of Nuclear Energy Management November 2012

CYBERCRIME RESPONDERS TRAININGS

The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC

UNODC tackling cybercrime in support of a safe and secure AP-IS

Thailand Initiatives and Challenges in Cyber Terrorism

PRIVACY STATEMENT +41 (0) Rue du Rhone , Martigny, Switzerland.

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

RESOLUTION 45 (Rev. Hyderabad, 2010)

OAS Cybersecurity Capacity Building Efforts


New Legal instruments for Cross-border Crime Investigation in EU

BRIEFING COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES. Geneva 18 April David Satola

Garry Mukelabai Communications Authority Zambia

Responding to Cybercrime:

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

EDENRED COMMUTER BENEFITS SOLUTIONS, LLC PRIVACY POLICY. Updated: April 2017

PRIVACY NOTICE STORM RECRUITMENT UNIT 11, 2 ND FLOOR CHARLESLAND CENTRE, GREYSTONES, CO. WICKLOW 1. INTRODUCTION

Police Technical Approach to Cyber Threats

10025/16 MP/mj 1 DG D 2B

COMPUTER HACKING Forensic Investigator

China and International Governance of Cybercrime

WORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS. Okechukwu Emmanuel Ibe

REGIONAL AND INTERNATIONAL TRENDS IN INFORMATION SOCIETY ISSUES CYBERCRIME CHALLENGE

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

REGIONAL WORKSHOP ON E-COMMERCE LEGISLATION HARMONIZATION IN THE CARIBBEAN COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES

A Multi-Stakeholder Approach in the Fight Against Cybercrime

Developments in the field of information and

NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014

COMPUTER FORENSICS (CFRS)

RESOLUTION 130 (Rev. Antalya, 2006)

THE SOUTHEAST ASIA REGIONAL CENTRE FOR COUNTER-TERRORISM (SEARCCT)

Information Security Incident Response Plan

Digital Forensic Science: Ideas, Gaps and the Future. Dr. Joshua I. James

Gujarat Forensic Sciences University

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Council of the European Union Brussels, 23 November 2016 (OR. en)

Project III

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

RESOLUTION 130 (REV. BUSAN, 2014)

CYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response

Regional Cyber Security and Cyber Crime Best Practices Workshop November 28-30, 2011 Bogotá, Colombia

European Investigation Order: Frequently Asked Questions

Privacy Policy... 1 EU-U.S. Privacy Shield Policy... 2

Key United Nations counter-terrorism references & architecture: Impact on customs.

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

PRIVACY POLICY. Personal Information We Collect

G8 Lyon-Roma Group High Tech Crime Subgroup

INTERPOL s Role and Efforts in Combating Cybercrime. Dr. Madan M. Oberoi Director Cyber Innovation and Outreach

NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE

Europol Unclassified Basic Protection Level. Council Working Party on Information Exchange and Data Protection (DAPIX) Friends of Presidency

Framework for Cybersecurity in Nigeria

Republic of Mauritius CYBERCRIME STRATEGY Page

Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI)

GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius

Role of 24/7 points of contact regarding MLA requests for computer data/e-evidence, Cooperation with competent authorities

Cybersecurity and Vulnerability Assessment

What are the next Steps after the UN GGE?

Global Cybersecurity Agenda

Privacy Notice for Business Partners

The cost of cybercrime the benefits of cooperation

Computer forensics Aiman Al-Refaei

Cyber Intel within European Cybercrime Center Ops

Professional Training Course - Cybercrime Investigation Body of Knowledge -

Case 1:14-cr KBF Document 57 Filed 09/05/14 Page 1 of 10 : : : : : : : : : DECLARATION OF CHRISTOPHER TARBELL

Honeypots. Security on Offense. by Kareem Sumner

Cyber Security Strategy

PROJECT RESULTS Summary

CSM-ACE 2010 KUALA LUMPUR CONVENTION CENTRE OCTOBER 2010

Criminal Justice System s Intervention to Cybersecurity Threats: Panacea or Pandora's Box?

CYBER CRIME A COMPARATIVE LAW ANALYSIS SANDRA MARIANA MAAT. submitted in part fulfilment of the requirements for the degree of MAGISTER LEGUM.

Designing Robustness and Resilience in Digital Investigation Laboratories

RippleMatch Privacy Policy

Commonwealth Cyber Declaration

Transcription:

Harmonizing National Legal Approaches and International Legal Coordination International Cooperation in Cybercrime Investigations A Law Enforcement Perspective Colonel Claudio Peguero ITU / WSIS Thematic Meeting on Cybersecurity Geneva, Switzerland June 28 July 1, 2005 Commander, High Tech Crimes Investigation Department National Police Dominican Republic 1

Canadian agents make the arrest A Criminal Intrudes into a Bank in Geneva Korean agents discover attack came from Vancouver Swiss investigators discover attack came from computer in Buenos Aires Argentinian investigators discover attack came from Seoul 2

The missing person s hotmail account was last accessed by an IP address in Miami Both e-mail accounts reside on a server in the U.S. A person disappears from the Dominican Republic An e-mail from him is received by his wife in Cuba 20 days after he disappears. The e-mail comes from an e-card service in Argentina. 3

The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel and resources; Improve abilities to locate and identify criminals; Improve abilities to collect and share evidence internationally to 4 bring criminals to justice.

The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel and resources; Improve abilities to locate and identify criminals; Improve abilities to collect and share evidence internationally to 5 bring criminals to justice.

I. The Need for Criminalization of Attacks on Computer Networks Where Country A criminalizes certain conduct & Country B does not, a bridge for cooperation may not exist Extradition treaties Mutual Legal Assistance Treaties 6

Bridging The Dual Criminality Divide Countries need to reach consensus about what to criminalize APEC Cybersecurity Strategy (2002) U.N. General Assembly Resolution 55/63 (2001) Effort to do so: Cybercrime Convention Provides a baseline for substantive law Countries then need to actually amend their laws 7

The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel and resources; Improve abilities to locate and identify criminals; Improve abilities to collect and share evidence internationally to 8 bring criminals to justice.

II. Law Enforcement Needs Experts dedicated to High-tech Crime Experts available 24 hours a day (home & beeper) Continuous training Continuously updated equipment (no longer a flashlight and a gun ) Each country needs this expertise 9

The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel and resources; Improve abilities to locate and identify criminals; Improve abilities to collect and share evidence internationally to 10 bring criminals to justice.

III. The Problem of Locating and Identifying Criminals Primary investigative step is to locate source of the attack or communication Very often what occurred is relatively easy to discover, but identifying the person responsible is very difficult Applies to hacking crimes as well as other crimes facilitated by computer networks 11

In Order to Trace a Communication: Only 2 ways to trace a communication: 1. While it is actually occurring 2. Using data stored by communications providers 12

In Order to Trace a Communication: Infrastructure must generate traffic data in the first place Carriers must have kept sufficient data to allow tracing E.g.: anonymizers anonymizers choose not to collect the data Certain legal regimes require destruction of data The legal regime must allow for timely access by law enforcement that does not alert customer The information must be shared quickly 13

Solving the Tracing Dilemma I: Traffic Data Countries should encourage providers to generate, and permit them to retain, critical traffic data Law enforcement s ability identify and criminals and terrorists is enhanced by access to the data 14

Solving the Tracing Dilemma II: Law Enforcement Access Legal systems must give law enforcement appropriate authorities to access traffic data E.g.: access to stored log files and to traffic information in real-time Preservation of evidence by law enforcement Critical given the speed of international legal assistance procedures Must be possible without dual criminality Convention on Cybercrime, Article 29 15

Solving the Tracing Dilemma III: Sharing Evidence Countries must improve their ability to share data quickly If not done quickly, the electronic trail will disappear Yet most cooperation mechanisms take months (or years!), not minutes Convention on Cybercrime, Article 30: expedited disclosure of traffic data 16

Solving the Tracing Dilemma III: Sharing Evidence When law enforcement gets a request, it should be able to 1. Preserve all domestic traffic data 2. Notify the requesting country if the trace leads back to a third country 3. Provide sufficient data to the requesting country to allow it to request assistance from the third country Countries must be able to do this for each other quickly, and on a 24/7 basis 17

The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel and resources; Improve abilities to locate and identify criminals; Improve abilities to collect and share evidence internationally to bring criminals to justice. 18

IV. Collecting and Sharing Evidence Will evidence collected in the U.S. be admissible in Switzerland? Computer forensics: It is easier to deny the threatening e-maile It is easier to hide evidence on a computer It is easier to change electronic evidence by mishandling it 19

Solutions for Collecting and Sharing Evidence Convention on Cybercrime Acts as a Mutual Legal Assistance Treaty where countries do not have an MLAT Parties agree to provide assistance to other countries to obtain and disclose electronic evidence 20

Conclusion Every country relies on the others for assistance in responding to the threat of cybercrime Each country needs to: Enact adequate substantive and procedural laws Empower its law enforcement authorities to collect evidence for other countries Work to enhance the rapid collection and international sharing of electronic evidence 21

Future Challenges We need to start thinking of: Cyber-cafés. 70% of criminal activity is coming from public access places. There s currently no way to identify the user of a computer in a cyber-café. café. Urgent Need for some level of regulation. Wireless networks. Hot Spots 22

Thank You

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback