Cybercrimes are criminal activities punishable by law that are done using a computer or the Internet. It could range from identify theft, vandalism/ defacement of websites, scams or even large-scale Distributed Denial of Service (DDoS).

Sample real-life cybercrimes are listed in the further reading below.

Types of Cybercrimes

Primarily, both as an investigator and responder, you need to be able to determine the type of cybercrime committed. It is important for you to be able to determine the correct response (technical and legal) in the incident.

1. Computer-assisted crime (source) – Computer is the enabler in the commission of the crime. (Ex. Stealing of credit card information through sniffing or phishing)
2. Computer-targeted crime (destination) – Computer is the primary target of the crime. (Ex. Denial of Service attacks)
3. Computer-incidental crime (indirect) – The involvement of the computer is secondary but important to the commission of the crime. (Ex. CHILD pornography is stored on a computer. Emphasis on CHILD since pornography in many places is legal but CHILD pornography is NOT)

Issues on Investigating and Resolving Cybercrimes

For developing countries like the Philippines, the cybersecurity infrastructure of the government in combatting cybercrimes is far from maturity.  But even the developed and well-funded cybersecurity programs of other advanced countries still face issues on investigating cybercrimes. The list below are the significant ones:

• Difficult to equate physical and logical assets.

The common misconception is that people don’t equate physical money to virtual money simply because the latter is not tangible. The P1 million in a bag is perceived as really one million. But transferring P1 million online is perceived as just sending bits and bytes using a web application. Due to this perception, cybercrimes are not treated as serious as physical crimes.

• Cyber-law environment has not been fully defined by courts.

For developing countries like the Philippines, cyber-law is not yet fully defined by courts because the basic principles of proving innocence or guilt are different in the cyber world. For instance, the common way of proving innocence is to show proof that you have evidence and witnesses that will show that you are not in the crime scene when the crime happened. However, you can be in the Philippines when you launched an attack in China. It will be hard for lawyers and courts to interrogate further without the proper knowledge in IT.

• Cybercrime spreads global.

Why do you think that even though there is a law that prohibits Torrent sites (P2P) that share pirated films and software, there are still a lot of Torrent sites online? A lot of countries may have laws against piracy, but there are still a lot of countries that don’t. Due to jurisdiction issues, our government cannot control everything on the Internet especially those that are not hosted in our own country.

• Cyber laws are highly technical

To explain Denial-of-Service (DoS) attacks, you need to be able to explain the purpose of port numbers, OSI Model, TCP and UDP to name a few.  The technical aspect of cybercrime adds more challenges in making the courts understand how the incident happened. It is not only the technical knowledge that is crucial but also how you are able to explain it in layman’s term, which is the usual problem in the IT industry. (techy but having a hard time explaining it to normal people)

These are some of the issues when investigating cybercrimes. The bottom line is that cybersecurity professionals need to be involved in the legal aspects of creating and implementing cybercrime laws. Lawyers may be good at putting into words how crimes work but they need expert inputs to ensure that all aspects are covered. On another angle, the need for cybersecurity professionals’ involvement shows the demand for the profession in the industry.

Further reading:

1. Cybercrimes up by 80% in 2018 (Philippine Star, March 2019)
2. Online child abuse top cybercrime in Philippines (Philippine Start, April 2019)
3. That Insane, $81M Bangladesh Bank Heist? Here’s What We Know (Wired, May 2016)
4. Equifax Data Breach Settlement (Federal Trade Commission, January 2020)