Although it has onlyappeared in the recent decade, due to the outstanding development of scienceand technology, especially the Internet, crimes using high technology havearisen, existed
Trang 1MINISTRY OF JUSTICE HANOI LAW UNIVERSITY
GROUP ASSIGNMENT SUBJECT: LEGAL ENGLISH
TOPIC: CYBERCRIME: A THREAT TO A MORAL
SOCIETY
TABLE OF CONTENTS
Trang 2A INTRODUCTION 1
B CONTENTS 1
I CONCEPTUALIZING CYBERCRIME 1
II HOW TO IDENTIFY CYBERCRIME 1
1 Statistics on the Cybercrime Landscape 1
2 Classification of Cybercrime 2
3 Examples of Cybercrime 4
III THE GLOBAL CYBERCRIME PICTURE 4
1 How Does the Threat of Cybercrime Differ Around the World? 4
2 The Perception Of Consequences In Cybercrime 6
IV LEGAL DOCUMENTS ON THE PREVENTION AND COMBAT OF CYBERCRIME 7
1 Cybercrime under transnational criminal law 7
2 Cybercrime under Vietnamese criminal law 8
V CHALLENGES AND SOLUTIONS AGAINST CYBERCRIME 9
1 Loopholes in legal documents on cybercrime 9
2 The need to improve the law on cybercrime 10
C CONCLUSION 11
REFERENCES AND ACKNOWLEDGEMENTS 12
Trang 3A INTRODUCTION
Currently, the scientific and technological revolution is developing rapidly
on a global scale, including in the fields of information technology and telecommunications networks The outstanding development of digital technology has been and is the foundation for the development of economic and social fields, from manufacturing, industry and information services to culture, entertainment, and transportation, medical Along with the development and popularity of information technology is the appearance of increasingly complex crimes in the cyber domain Although it has only appeared in the recent decade, due to the outstanding development of science and technology, especially the Internet, crimes using high technology have arisen, existed and developed rapidly in many countries around the world The situation of high-tech crime continues to be complicated and unpredictable, occurring in many fields of different countries Perhaps never before had criminals used the Internet to commit crimes as much as now when the world is entering the 4.0 industrial era
B CONTENTS
I CONCEPTUALIZING CYBERCRIME
There is no universally accepted definition of cybercrime However, the following definition includes elements common to existing cybercrime definitions:
Cybercrime is an act that violates the law, which is perpetrated using information and communication technology to either target networks, systems, data, websites or technology or facilitate a crime 1 Cybercrime differs from traditional crime in that it "knows no physical or geographic boundaries" and can
be conducted with less effort, greater ease and at greater speed than traditional crime.
II HOW TO IDENTIFY CYBERCRIME
1 Statistics on the Cybercrime Landscape
No country, no company, no individual can be immune to cybercrime or the damage it can cause Especially during the Covid-19 pandemic, which has forced companies to come up with work-from-home policies This makes cybercrime more dangerous than ever before Here are some statistics on cybercrime
1 UNODC (2019), Cybercrime in brief
Trang 4Firstly, we have numbers that will give you an idea of how widespread
cybercrimes are in an increasingly digital and connected world According to the statistics of Ga I Lup in 2020, Among the 13 crimes measured, the top two most worrisome for Americans are cybercrimes 72% feared computer hackers accessing their personal, credit card, or financial information, and 66% worry about identity theft Each year since 2001, the monetary damage caused by cybercrime has been increasing exponentially It already reached around $4.2 billion in 20202 That number does not include damages from unreported cases These attacks on different countries included assaults on defense agencies, government and federal systems, and prominent tech companies.3
Secondly, the data breach numbers make us more concerned about the
dangers of cybercrime today In January 2019 alone, 1.76 billion records were leaked from various data breaches around the world.4 In the first three quarters of 2020, there were 2,953 reported breaches across the globe It was
a 51% decrease compared to the same period in 2019 However, a staggering
36 billion records were exposed by the end of September 2020, making it the worst year on record in terms of data breaches.5 The global cost of cybercrime reached over $2 trillion in 2020.6
2 Classification of Cybercrime
The varying definitions of cybercrime and focus of researchers due to differing academic background and goals have led to numerous proposed taxonomies These taxonomies are based on factors such as, target, technological dependence, classes of offenders, method/tool used, degree of penetration, and motives
The overlap of classifications is seen particularly in the extant literature, which categorizes cybercrime based on the computer's relationship to the crime i.e technology based taxonomies The most well-known of which is
“Crime and the Internet” of David.S.Wall (2001)7, which divides cybercrimes into the following categories: cyber-trespass (e.g hacking),
2 Joseph Johnson ( 2021), “Total damage caused by reported cyber crime 2001-2020”, Statista
3 SecurityBrief, 2020
4 IT Governance, 2019
5 RiskBased Security, 2020
6 Juniper Research, 2019
7 David.S.Wall 2001 Crime and the Internet New York: Routledge.
Trang 5cyber deception and theft (e.g identity theft), cyber-porn and obscenity (e.g.exploitation) and cyber-violence (e.g cyberstalking) This typology by Wall (2001) can be simplified as crimes in the device, crimes using the device and crimes against the device Crimes in the device relate to where the devices content is prohibited or illegal and can lead to violence or hate crimes Crimes using the device apply to crimes where technology is used to engage and or deceive the intended victim i.e crimes against the individual The final category of crimes against the device relate to situations where the device, system or network are compromised by directly attacking the factors
of Confidentiality, Integrity and Availability, which is collectively called the CIA triad
“Cybercrime and society”of Yar Majid (2006)8 later added a new type of activity to the four above, which is “crime against the state” “Crimes against the state” are those activities that threaten the integrity of a nation's infrastructure such as: (cyber) terrorism, (cyber) espionage and disclosure of official secrets Another taxonomy categorizes cybercrime in terms of the specific role of the computer in the crime: crimes where the computer is the target; crimes where a computer is the medium; and crimes where the presence of computers is incidental
Building on Wall's (2001) four-category typology, a new taxonomy –
“The Internet as a Conduit for Criminals” of David.S.Wall (2005) later
emerged which expresses cybercrimes in terms of differing relation to a terrestrial crime or the importance of cyberspace in their execution This taxonomy drew on the precedents of criminal justice and suggests that computers are a tool that facilitates terrestrial crimes, making cybercrime a new category of traditional crime rather than a new area This new taxonomy classifies cybercrimes into three categories9: 1) Computerassisted crimes -traditional crimes adapted to be committed through cyberspace; 2) Computer content crimes - partially new crimes, which are known crimes that are modified to better correspond and react to the new media and 3) Computer integrity crimes - new crimes that have been made possible by the existence and scope of cyberspace
8 Yar, Majid., Cybercrime and society 2006 London: Sage.
9 Wall, D.S (2005) , The Internet as a Conduit for Criminals
Trang 6The above is a series of classification strategies related to cybercrime, however, the majority in their simplest form group the crimes based on the role/dependency/importance of technology in the execution of the crime This is important as it demonstrates a recurring theme of technology's defining role in cybercrime and the possible proportional nature of technology to the nature of specific cybercrimes.10
3 Examples of Cybercrime
Firstly about crimes where a computer or network is the target of the crime In this case that includes DDoS attack and malware One of the most commonly seen examples of cybercrime is a distributed Dos attack These attacks are mainly performed to shut down systems or networks Malware is used to infect systems or networks and harm users by damaging their software, data or entire systems Malware is often used to encrypt or shut down the targeted devices until a ransom is paid.11
Secondly about crimes in which the computer is used as a tool to facilitate traditional criminal activities Cybercrimes usually send fraudulent emails or messages to victims and redirect them to fake sites The site can be
an exact copy of any popular site and looks trustworthy Because of this, users enter their personal information such as usernames, passwords, bank details, or other important data, without knowing that these details are directly reaching cybercriminals A credential attack is the most common example of cybercrime, where a cybercriminal aims to steal information about a user's financial accounts In most cases, this type of attack is carried out using brute-force by installing the Keylogger software, which secretly logs everything that the user enters via the keyboard Another common example of cybercrime is website hacking where cybercriminals try to gain access to the website and change or remove content without authorization
III THE GLOBAL CYBERCRIME PICTURE
1 How Does the Threat of Cybercrime Differ Around the World?
10 Smith, Troy; Stamatakis, Nikolaos (2020), “Defining Cybercrime in Terms of Routine Activity and Spatial Distribution:
Issues and Concerns”, International Journal of Cyber Criminology; Thirunelveli Vol 14, Iss 2
11 What is Cybercrime: Definition & Examples (2020), Tutorials Mate
Trang 7Nowadays, the digital revolution has truly changed the way we live our lives and become an integral part of everyday life However, this digital frontier opens up a world of risk With everyone on the planet just a click of a button away, it has never been easier for fraudsters and criminals to find unsuspecting victims
To find out if the dangers of cybercrime are equally spread across the globe, a survey in 2021 from the cybersecurity firm SEON was born with the aim of combined data from a variety of cybersecurity indices and indicators
to come up with a global ranking of countries that are least and most at risk
of cybercrime12 SEON first collected data from the National Cyber Security Index (NCSI), which ranks every country based on the strength of their cybersecurity measures The company then took data from a similar ranking, the Global Cybersecurity Index 2020, which also ranked countries based on their respective cybersecurity practices Data from both of these sources were used since they used different criteria to rank each country In addition
to these various indices, SEON looked at the strength of cybercrime legislation in each country
About the lowest-risk countries for cyberthreats, at the top of the ranking for most cyber secure countries, Denmark secured an overall cybersafety score of 8.91, doing particularly well on the Cybersecurity Exposure Index, where it scored just 0.117 Germany came second overall, with a Cyber-Safety Score of 8.76 This tells us that Germany is generally a very safe place for people to use the internet The United States placed third in the rankings with a Cyber-Safety Score of 8.73, just missing out on second place This high score was helped by the USA getting the highest score in the Global Cybersecurity Index while also performing well in terms of low cybersecurity exposure and strong legislation Other countries that made it to the top 10 of most secure countries were, in order of ranking, Norway, the
UK, Canada, Sweden, Australia, Japan and Netherlands
At the other end of the scale are the countries with the highest risk for cyberattacks These countries have very weak cybercrime laws or even none
at all, and therefore pose the greatest risk to transactions involving personal information, the report said Myanmar has the worst ranking for internet safety, at just 2.22 on the SEON Global Cybersecurity Index Myanmar
12 Gergo Varga (2021), Global Cybercrime Report: Which Countries Are Most At Risk, SEON
Trang 8scores poorly across the board, especially in terms of legislation, as hardly any has been enacted to put barriers in the way of cybercriminal Cambodia follows Myanmar with a cybersafety score of 2.67, the second-worst overall score in the SEON rankings Cambodia performs marginally better than Myanmar in every metric other than the Global Cybersecurity Index Honduras takes third place with a score of 3.13 The Central American country scored lowest on the Global Cybersecurity Index of any in the study while performing poorly in all other areas However, Honduras does perform twice as well as Myanmar and Cambodia in terms of anti-cybercrime legislation.The other countries in the list of those most at risk of cyberthreats are (from most at risk to least): Bolivia, Mongolia, Algera, Zimbabwe, Nicaragua, Bosnia-Herzegovina, and El Salvador
2 The Perception Of Consequences In Cybercrime
The impacts of a single, successful cyber attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust The Internet, in particular, is a great tool for scammers and other miscreants, since it allows them to ply their trade while hiding behind a shield
of digital anonymity Cybercrime affects society in a number of different ways, both online and offline
Identity theft: Becoming the victim of cyber crime can have long-lasting
effects on life One common technique scammers employ is phishing, sending false emails purporting to come from a bank or other financial institution requesting personal information If one hands over this information, it can allow the criminal to access one's bank and credit accounts, as well as open new accounts and destroy credit ratings
Security costs: Cyber criminals also focus their attacks on businesses,
both large and small Hackers may attempt to take over company servers to steal information or use the machines for their own purposes, requiring companies to hire staff and update software to keep intruders out According
to EWeek, a survey of large companies found an average expenditure of $8.9 million per year on cyber security, with 100 percent of firms surveyed
Trang 9reporting at least one malware incident in the preceding 12 months and 71 per cent reporting the hijacking of company computers by outsiders13
Monetary losses: The overall monetary losses from cyber crime can be
people fall victim to some sort of cyber crime every day.With an average loss of $197 per victim, this adds up to more than $110 billion dollars lost to cyber crime worldwide every year As consumers get wise to traditional avenues of attack, cyber criminals have developed new techniques involving mobile devices and social networks to keep their illicit gains flowing
Piracy: The cyber crime of piracy has had major effects on entertainment,
music and software industries Claims of damages are hard to estimate and even harder to verify, with estimates ranging widely from hundreds of millions to hundreds of billions of dollars per year In response, copyright holders have lobbied for stricter laws against intellectual property theft, resulting in laws like the Digital Millennium Copyright Act These laws allow copyright holders to target file sharers and sue them for large sums of money to counteract the financial damage of their activities online
Social impacts: Cyber criminals take full advantage of anonymity,
secrecy, and interconnectedness provided by the Internet, therefore, attacking the very foundations of our modern information society Cybercrime can involve botnets, computer viruses, cyber bullying, cyber stalking, cyber terrorism, cyber pornography, denial of service attacks, hacktivism, identity theft, malware, and spam Computer-related crimes date back to the origins
of computing though the greater connectivity between computers through the Internet has brought the concept of cybercrime into the public consciousness
of our information society "Billions of dollars in losses have already been discovered Billions more have gone undetected Trillions will be stolen, most without detection, by the emerging master criminal of the twenty-first century-the cyberspace offender" (Stephens, 1995, p 24)
Emotional impact of cyber crime: A new study by Norton reveals the
staggering prevalence of cyber crime About 65 percent of Internet users globally, and 73 percent of US Web surfers have fallen victim to cyber crimes, including computer viruses, online credit card fraud and identity
13 Mohammad Anisur Rahaman ( 2016), “Cyber crime affects society in different ways”, The Financial Express
Trang 10theft The first study to examine the emotional impact of cyber crime shows that victims' strongest reactions are feeling angry (58 percent), annoyed (51 percent) and cheated (40 percent), and in many cases, they blame themselves for being attacked Only 3 percent don't think it will happen to them, and nearly 80 percent do not expect cyber criminals to be brought to justice resulting in an ironic reluctance to take action and a sense of helplessness
IV LEGAL DOCUMENTS ON THE PREVENTION AND COMBAT OF CYBERCRIME
1 Cybercrime under transnational criminal law
The complex nature of cybercrime, as one that takes place in the borderless realm
of cyberspace, is compounded by the increasing involvement of organized crime groups Perpetrators of cybercrime and their victims, are often located in different regions and its effects ripple through societies around the world This highlights need to mount an urgent, dynamic and international response
The United Nations passed General Assembly resolution 65/230 and Commission on Crime Prevention and Criminal Justice resolutions 22/7 and 22/8, created the Global Programme on Cybercrime to assist Member States in their struggle against cyber-related crimes through capacity building and technical assistance14
On October 27, 2015, with 74 votes in favor and 21 against, the US Senate passed the Cybersecurity Information Sharing Bill (CISA) to create a solid defense system in cyberspace, despite objections from the US Senate
In fact, in the US, acts that are considered illegal are very clearly stated in the US Code of Conduct, such as identity theft, hacking into computer systems, intellectual property infringement
With huge data "stores", on May 9, 2015, the European Union (EU) began to enforce the first Cybersecurity Law These provisions apply not only to organizations operating within the EU, but also to organizations that process the data of any EU resident Regardless of physical location, if an
EU citizen's data is being processed, existing organizations are subject to this regulation Fines have also become heavier and can total up to 20 million euros or 4% of annual revenue15
14 UNODC (2019), Global Programme on Cybercrime
15Mỹ Nga (2018), “Luật An ninh mạng - “Tấm khiên” pháp lý của nhiều quốc gia trên thế giới”, Báo Nghệ An