dopewarsonline

Transcrição

dopewarsonline

CYBERCRIME
CYBERCRIME - THREATS, CHALLENGES AND LEGAL SOLUTIONS
Macau, 13.February 2008 - 15. February 2008
Dr. Marco Gercke
Lecturer at the University of Cologne, Germany
CYBERCRIME
FRAUD
• „That‘s where the money is“
Page: 1
AUCTION FRAUD
Picture removed in print version
• Due to the possibilities of anonymous
communication the internet is offering
advantages for offenders
• Due to the international dimension it is
very difficult to prosecute those crimes
CYBERCRIME
Page: 2
FRAUD
• Nigaria advance Fee
419 FRAUD
• 419 Fraud
• Named after the corresponding
provision of the Nigeria Penal Code
• Explanation: air crash, car accident
tsunami/earthquake coup over-invoiced
CYBERCRIME
FRAUD
• “Dialer”
• Programs that change the settings for a
modem dial-in connection
• Instead of regular access numbers
expensive premium-rate connections
are installed
• Often distributed by viruses
CYBERCRIME
Page: 3
DIALER
Page: 4
ONLINE GAMES
• Hugh interest in Online Games
ONLINE GAMES (SECONDLIFE.COM)
• Secondlife has more than 1.500.000
users
• Companies like Microsoft and Nissan
are present
• Includes a virtual currency (L$ - Linden
Dollar)
• First US$ Millionaire “Anshe Chung”
who earned 270.000.000 L$ by
developing and selling “real estate”
(FTD 28.11.2006)
CYBERCRIME
ONLINE GAMES
• Increasing number of links between the
virtual world and the real world
Page: 5
TRADE WITH L$ (EBAY.COM)
• L$ as well as SL-objects are offered on
Ebay
• First cases of “virtual theft”
CYBERCRIME
Page: 6
FRAUD
• Auction Platforms are misused for
committing crimes (eg. selling stolen
goods)
AUCTION FRAUD
Various fraud activities
• Selling goods that do not exist
(“prepaid” system)
• Buying goods without paying for them
• Due to the importance of “ratings”
closely connected to Identity Theft
CYBERCRIME
ACCOUNT TAKEOVER
• Customer is receiving an e-mail
• Request to verify his account by
entering password
• Password is transmitted to the
perpetrator
• Perpetrator is login and changes
information (e.g. e-mail address and
the password) to take over the control
• Perpetrator offers items and requires
prepay
CYBERCRIME
Page: 7
ACCOUNT TAKEOVER
Page: 8
ONLINE CASINOS
• Huge number of Online Casinos
available
GAMBLING
• Internet Casinos are offering
advantages for money laundering
• No face-to-face identification
possible
• Some Casinos offer anonymous
login (No registration necessary)
• Anonymous Payment: Transfer
via/to Prepaid Credit Cards /
Western Union
CYBERCRIME
ONLINE CASINOS
• Online gambling industry is growing
fast
Page: 9
GAMBLING (http://www.gamingpublic.com/)
• Global revenues from online gambling
could reach USD$16 billion in 2006
CYBERCRIME
Page: 10
ID RELATED CRIMES
• Hiding the identity is an essential
element is criminal activities
IDENTIFICATION DOCUMENT
• Falsified Passports are not available for
a broader public
• Falsification of identities in the internet
is still possible
• Search engines can be used to find
information that can be used to act
under a false identity
CYBERCRIME
IDENTITY THEFT
• Increasing number of reports about
Identity theft in the US
Page: 11
SOCIAL SECURITY NUMBER
• Special risk related to single IDSystems
• Social Security Number or one-card
systems
• Taking over a single ID can enable the
offender to abuse the ID
CYBERCRIME
Page: 12
IDENTITY THEFT
• Not only an Internet-related topic
DUMPSTER DIVING
• Current analysis proofs, that secret
information are in many cases not
shredded before the are thrown away
CYBERCRIME
FINANCIAL INSTITUTIONS
• Legal approach in the fight against
illegal Internet Gambling
• Unlawful Internet Gambling and
Enforcement Act
• Criminalising the participation in
Internet gambling activities
• Tendency of criminalising acts of
preparation
CYBERCRIME
Page: 13
SECTION 5363
Prohibition on acceptance of any financial
instrument for unlawful Internet gambling
No person engaged in the business of betting
or wagering may knowingly accept, in
connection with the participation of another
person in unlawful Internet gambling 1) credit,
or the proceeds of credit, extended to or on
behalf of such other person (including credit
extended through the use of a credit card);
SECTION 5366
Criminal Penalties
Whoever violates section 5363 shall be fined
under title 18, or imprisoned for not more than
5 years, or both.
Page: 14
IDENTITY THEFT & PHISHING
• Increasing number of reports about
Identity theft in the US
PHISHING MAIL
• SPAM related problem of “phishing”
mails that does influence the
acceptance of online banking
• Majority of cases have an international
dimension
CYBERCRIME
Page: 15
PHISHING - ORGANISED CRIME
Phishing is happening
on an organised
crime level
CYBERCRIME
Page: 16
PHISHING - QUANTITY
PHISHING SITES / MONTH (anti-phishing.org))
CYBERCRIME
Page: 17
PHISHING
Setting up a
„fake“ web page
Spoofing-Site
CYBERCRIME
Page: 18
SPOOFING
• “Fake” Webpage looking exactly like
the webpage of a legitimate company
(eg. Financial Institution)
SPOOFING WEB SITE
• Nearly impossible for regular users to
identify the fake background
CYBERCRIME
PHISHING
• Phishing Networks are complex
systems
Page: 19
SPOOFING SITES (www.antiphishing.org)
• Combination of fraud and money
laundering
• International dimension
CYBERCRIME
Page: 20
PHISHING
Sending out
phishing mails
CYBERCRIME
PHISHING
• E-Mail looking like the e-mail from a
legitimate company
• In most cases financial institutions
• Ordering the person who is receiving
the e-mail to access a (Spoofing)
Webpage and to enter certain sensible
information (eg. passwords or credit
card information)
• Reason mentioned why certain
information are necessary
• In most cases combined with a threat
(eg. bank account will be closed)
CYBERCRIME
Page: 21
PHISHING E-MAIL
Page: 22
PHISHING
Some victims
answer and
offer their
secret data
CYBERCRIME
Page: 23
PHISHING
Some victims
answer and
offer their
secret data
CYBERCRIME
Financial Manager
Page: 24
PHISHING
JOB OFFER - FINANCIAL MANAGER
• SPAM Mail with job offer
• Offenders pretend to run a serious
business company
• Offer up to 10% for the transfer of
incoming money via Western Union
• System to circumvent the financial
institutions technical protection
systems
CYBERCRIME
Page: 25
PHISHING
Financial Manager
Financial Manager
Offenders transfer money
from the victims account to
the FM
CYBERCRIME
Page: 26
PHISHING
Financial Manager
Offenders order the FM
to transfer the money
via Western Union
CYBERCRIME
Page: 27
PHISHING
Focus of the Police
CYBERCRIME
Page: 28
IDENTITY THEFT & PHISHING
• Missing protection is not limited to
computer data
DUMPSTER DIVING
• Current analysis (Fellowes, DumpsterDiving-Study) proof that even
businesses and private people that are
protecting their computer systems are
not properly deleting classic print
documents
CYBERCRIME
COMPUTER SABOTAGE
• Virus attacks
Page: 29
VIRUS
• Denial of Service (DoS) Attacks
• A number of free software tools can be
downloaded from the internet that
enable even people without special
technical knowledge to create viruses
and start DoS Attacks
CYBERCRIME
Page: 30
COMPUTER SABOTAGE
DENIAL OF SERVICE ATTACK
Regular
Access
CYBERCRIME
Page: 31
COMPUTER SABOTAGE
DENIAL OF SERVICE ATTACK
Victim
Regular
Access
CYBERCRIME
Page: 32
DATA ESPIONAGE
• Valuable and secret information are
often stored without adequate
protection
KEYLOGGER (rsaunois.free.fr)
• Lack of self-protection especially with
regard to small businesses and
private computer users
• Development of protection-plans is
inadequate (eg. change of hard-drive
without deleting sensible information
in advance)
CYBERCRIME
DATA ESPIONAGE
• Apart from hardware tools there are a
number of software-based keylogger
solutions
Page: 33
KEYLOGGER (ikitek)
• Unlike the hardware solutions most
software based keylogger tools can be
detected by anti-spyware tools
CYBERCRIME
Page: 34
EXCERPT
Use of keylogger by law enforcement
• Reports that the FBI is already using a
keylogger for investigation purposed
• German Federal Prosecution
requested permission to secretly
install an investigation software
• Federal Court refused the request
with regard to the missing legal basis
Magic Lantern (20.11.2001, msnbc.com)
The FBI is developing software capable of
inserting a computer virus onto a suspect’s
machine and obtaining encryption keys, a
source familiar with the project told
MSNBC.com. The software, known as “Magic
Lantern“ enables agents to read data that had
been scrambled, a tactic often employed by
criminals to hide information and evade law
enforcement. The best snooping technology
that the FBI currently uses, the controversial
software called Carnivore, has been useless
against suspects clever enough to encrypt
their files.
CYBERCRIME
DATA ESPIONAGE
• Most cable networks are not
protected against the interception of
electromagnetic emissions
Page: 35
INTERCEPTION
• Use of wireless networks increases
vulnerability
CYBERCRIME
Page: 36
DATA ESPIONAGE
vulnerability
WIRELESS LAN
CYBERCRIME
DATA ESPIONAGE
vulnerability
CYBERCRIME
Page: 37
WIRELESS LAN
Page: 38
DATA ESPIONAGE
vulnerability
WIRELESS LAN
CYBERCRIME
ILLEGAL ACCESS
• Phenomenon called “Hacking”
Page: 39
HACKING
• Entering a computer system without
permission
• In many cases the illegal access is
only the preparation for further
crimes such as data manipulation or
data espionage
• Number of attacks is a result of
softwaretools that automatically
detect and attack computer systems
CYBERCRIME
Page: 40
QUANTITY
• Huge number of attacks are a result
of automatic attacks
HACKING
• Software Tools available that
automatically scan IP-address areas
for unprotected computers (especially
open ports)
• It is possible to scan thousands of
computer systems with a single
computer
• Average time until a computer is
attacked for the first time after being
connected to the internet: 30 seconds
CYBERCRIME
ILLEGAL ACCESS
• Motivation varies
• Financial interest
• „Sport“ for the next generation of
computer criminals
CYBERCRIME
Page: 41
HACKING
Page: 42
ILLEGAL ACCESS
Famous victims of hacking attacks:
•
•
•
•
•
•
HACKING
NASA (1992)
CIA (1996)
US Air Force (1996)
US Department of Justice (1996)
Pentagon (1998)
German Government (2006)
Source:http://en.wikipedia.org/wiki/Timeline_of_hacker_history
CYBERCRIME
ILLEGAL ACCESS
Modus Operandi
• Access to a computer/network from
the inside
Page: 43
System
Professional attacks are always concentration
on the identification of the weakest point in a
system. Analyse methods include technical
means as well “social engineering”.
• Hacking attack from the outside
Techniques
• Social Engineering
• Use of software devices to break the
password protection
• Use or malicious software (spyware,
key-logger) to record passwords
• Use of search-engines (“Google”)
CYBERCRIME
Page: 44
SOCIAL ENGINEERING
• „Human Approach“
• In 1994, a French hacker contacted the
FBI office in Washington, pretending to
be an FBI representative who is
working at the U.S. embassy in Paris.
He persuaded the person in
Washington to explain how to connect
to the FBI's phone conferencing
system. Then he ran up a $250,000
phone bill in seven months.
SOCIAL ENGINEERING
Social engineering is the term used to
describe the utilization of human behaviour to
breach security without the participant (or
victim) even realizing that they have been
manipulated.
• Classic scam: Phoning
CYBERCRIME
WAR DRIVING
• Unlike classic hacking “war driving” is
not aiming for a certain victim but for
any vulnerable system
Page: 45
WAR DRIVING
• searching for wireless networks by
moving vehicles
• „Useful“ to hide the identity of the
acting person
CYBERCRIME
Page: 46
COPYRIGHT VIOLATIONS
• Filesharing is very often based on Peerto-Peer (P2P) technology
FILESHARING
• Legal and Illegal use of P2P technology
• Millions of files with copyright
protected artwork are available for free
download in Filesharing-Systems
• Necessary is only a client (software)
and internet access
CYBERCRIME
Page: 47
CNN (STAR WARS IN P2P)
Artwork available:
• Music (esp. but not only copyright
protected work)
• Movies (even before they were out in
cinema)
• Software (including serial numbers)
The sixth and final installment of the "Star
Wars" franchise was available for
downloading on Elitetorrents.org more than
six hours before it was released on theaters
Thursday after midnight, according to a
government statement released
Wednesday.Within 24 hours, more than 10,000
copies of the "Star Wars" film had been
swiped.
Source: www.cnn.com
CYBERCRIME
Page: 48
SOFTWARE WITH SPYWARE
Software related to spyware:
• DivX Dope Wars
• Grokster
• Kazaa
• Morpheus RadLight
• EDonkey2000
• EDonkey2000
• LimeWire
LIMEWIRE
CYBERCRIME
• Entertainment Industry developed a
number of technical protection systems
• Until now all systems could be
circumvented
• Especially with regard to CDs and DVDs
• Software Tools are available that
enable the user to circumvent technical
copy protection on DVDs and CDs
CYBERCRIME
Page: 49
COPY TOOLS
Page: 50
FILE SHARING
FILESHARING
Centralised Concepts (1st Generation Napster)
Server hosting
file list
Users, up- and
downloading files
CYBERCRIME
FILE SHARING
Page: 51
FILESHARING
Centralised Concepts (1st Generation Napster)
No possibility of
file exchance
without server
CYBERCRIME
Page: 52
FILE SHARING
FILESHARING
Decentralised Concepts (Gnutella)
User can take
over server
functions
CYBERCRIME
FILE SHARING
Page: 53
FILESHARING
3rd Generation
Users are offering
Server-services
enabling
anonymous exchange
CYBERCRIME
Page: 54
Focus of criminal investigations
• Users that are making files available
• Downloader
• Internet Service Provider
ITUNES
Movie removed in print version
• Decisions of US Courts that the
companies running FilesharingSystems can be responsible for
copyright violations committed by their
users forceD some Systems to stop
their services
CYBERCRIME
Page: 55
CRIMINALISATION
• Most legislations do not criminalise the
pure download of copyright protected
artwork
• Excluding on a civil or criminal level
• Practical problem is that most software
products do not allow pure download
CYBERCRIME
Page: 56
ONLINE CASINOS
available
• Webpages are available from all over
the world
• A number of countries have strict
regulations regarding gambling
including criminal sanctions for illegal
gambling
• Difficult to control gambling in the
internet
• Difficulties regarding the jurisdiction
GAMBLING
CYBERCRIME
PRONOGRAPHY
• “Sex sells”
Page: 57
SEXUAL RELATED CONTENT (Playboy)
• Hugh number of sexual related
business webpages
• Supported by the possibilities of
“anonymous” communication
CYBERCRIME
Page: 58
PORNOGRAPHY
• Link lists available that lead to sexual
related content
LINK LIST
• No access control that could exclude
access of minors
• Making pornographic material
accessible without a proper access
control is criminalised in some
countries
CYBERCRIME
PORNOGRAPHY
• Even regular search engines can be
used to find pornographic material in
the internet
CYBERCRIME
Page: 59
SEARCH ENGINES
Page: 60
PORNOGRAPHY
FILESHARING (Limewire)
• Thousands of pornographic movies and
pictures are available for free download
in Filesharing-Systems
• Current researches highlight, that
pornographic material is among the
most popular contents distributed via
Filesharing-Systems
CYBERCRIME
CHILD PORNOGRAPHY
• Closed IRC (Chat)
Page: 61
CHAT
• Password protected areas
• Use of encryption technology
• Very few information known
• Accessible only for insider
• Very difficult to intercept
• Investigations are operated by
specialists
CYBERCRIME
Page: 62
CHILD INCITEMENT
Internet Chat is closely related offences:
CHAT
• Exchange of Child Pornography
• Child Incitement
• Paedophiles use the internet to get in
contact with minors
• Pretending to be minors as well
• Offenders ask the minors for a
meeting
CYBERCRIME
CYBER TERRORISM
• No reports published about
successful internet attacks from
subversive groups
• Risk of attacks against critical
infrastructure)
• Reason: Vulnerability of Information
Technology
• Possible Targets: Electricity Supply,
Traffic Control, Economy in general
CYBERCRIME
Page: 63
2005 FBI ASS. DIRECTOR LOUIS REIGEL
In December 2005 the Associated Press cites
US FBI assistant director as stating that Al
Qaeda and related terrorist networks are
presently incapable of mounting cyberattacks that could damage US critical
infrastructure.
Page: 64
CYBER TERRORISM
AL QAEDA TRAINING MANUAL
• Various reports about activites of
terrorist organisations in the internet
“Using public sources openly and without
resorting to illegal means, it is possible to
gather at least 80% of all information required
about the enemy”
Main activities:
• Research
• Publishing Information (recruitment)
• Communication between members of
terrorist groups
• Terrorist financing and money
laundering
• Committing Cybercrime (political
motivated attacks)
CYBERCRIME
ORGANISATION
Page: 65
ORGANISATION
• Decentralised structure of subversive
organisations is supported by
decentralised structure of the internet
• Lack of physical territory and
infrastructure is compensated by network
infrastructure (virtual territory)
• Redundancy of the networks ensures the
operability even if cells are uncovered
• Flexibility of modern communication
allows quick reconstruction of destroyed
structures (Afghanistan)
• International dimension of the internet
allow the terrorists to play an international
role
CYBERCRIME
Page: 66
COLLECTING INFORMATION
• Internet is used as an information media
by the subversive groups as well as by
regular users
MILITARY INFRASTRUCTURE
• Search-engines and data-mining
strategies are supporting terrorists in
gathering information about possible
targets and security measures
• Additional Services (eg. Google Maps)
can support the planning of attacks
CYBERCRIME
• Services like Google Earth were
reported to be used in several attacks
- among them attacks against British
troops in Afghanistan and the planed
attacks against an airport in the US
CYBERCRIME
Page: 67
Telegraph.co.uk (13.01.2007)
Terrorists attacking British bases in Basra are
using aerial footage displayed by the Google Earth
internet tool to pinpoint their attacks, say Army
intelligence sources.Documents seized during
raids on the homes of insurgents last week
uncovered print-outs from photographs taken
from Google.The satellite photographs show in
detail the buildings inside the bases and
vulnerable areas such as tented accommodation,
lavatory blocks and where lightly armoured Land
Rovers are parked.Written on the back of one set
of photographs taken of the Shatt al Arab Hotel,
headquarters for the 1,000 men of the
Staffordshire Regiment battle group, officers
found the camp's precise longitude and latitude.
"This is evidence as far as we are concerned for
planning terrorist attacks," said an intelligence
officer with the Royal Green Jackets battle group.
"Who would otherwise have Google Earth imagery
of one of our bases?
Page: 68
• In the past secret information were
accidentally published on websites
TERRORIST HANDBOOK
• Robots used by search-engines can lead
the disclose of secret information
• Handbooks on how to build explosives
and construct chemical and even
nuclear devices are available
• Internet sources have been reported to
be used by the offenders in a number of
recent attacks
CYBERCRIME
• Information regarding the construction
of weapons were available long time
before the Internet was developed
Page: 69
RAGNAR’S ENCYCLOPEDIA
Bild wurde zur Speicheroptimierung entfernt
• Ragnar‘s Action Encyclopaedia of
Practical Knowledge and Proven
Techniques
• Approaches to criminalise the
publication of information that can be
used to
CYBERCRIME
Page: 70
USE AS FORUM
• In 1998 only 12 out of 30 terrorist groups
that were listed by the US State
Department had Internet websites
TERRORIST WEBSITE
• By 2004 nearly all terrorist groups –
among them Hamas and the Hisbollah
– used websites to publish information
about their organisation
CYBERCRIME
USE AS FORUM
Advantages
Page: 71
TERRORIST WEBSITE
• Possibility of anonymous set-up of a
webpage (free Webspace)
• Potential number of Users
• Worldwide access
• Low costs for the production compared
to press media
• Interest of the media to use the internet
as source for news coverage
CYBERCRIME
Page: 72
USE AS FORUM
Content
TERRORIST WEBSITE
• Information (targeting donators)
• Means of image building (videotaped
execution of foreigners)
• Disinformation
CYBERCRIME
RECRUITMENT
• Internet offers the possibility of global
recruitment
Page: 73
RECRUITMENT
• Data of users accessing information
webpages of subversive groups are
used by those groups to individually
contact those users afterwards
• Possibilities of interactive online
interaction (Chat, Voice over IP)
increased to possibilities of
recruitment
CYBERCRIME
Page: 74
USE FOR COMMUNICATION
Advantages:
• Easy access (Internet Cafes, Wireless
LAN, Mobile Internet Services)
• Very little regulation (about not
restriction with regard to the
anonymous use of internet services in
public internet cafes)
• Very little control of law enforcement
authorities
• Means of anonymous communication
• Speed of the information exchange
PUBLIC TERMINAL
CYBERCRIME
USE FOR COMMUNICATION
• Use of encryption technology and
means of anonymous communication
can seriously hinder investigations
• The law enforcement agencies in
majority of countries are not prepared
for this challenge
Page: 75
RESISTANCE AGAINST ATTACKS
There is a physical argument that a 128 bit key
is secure against brute force attack. It is
argued that, by the laws of physics, in order to
simply flip through the possible values for a
128-bit key one would need a device
consuming at a minimum 10 gigawatts (about
the equivalent of eight large, dedicated
nuclear reactors) running continuously for 100
years.
• Background for the current debate
about new investigation instruments
CYBERCRIME
Page: 76
TERRORIST FINANCING
• Most terrorist networks depend up to a
large degree on donations
• Internet supports the global
fundraising
• Information about accounts that can be
used for donations are published
throughout the internet
• Specialised software tools and SPAMDatabases are used to identify
potential supporters that should be
contacted individually
• Virtual currencies (e-gold) and online
payment services (PayPal) can be used
to hide the identity of the donators
CYBERCRIME
ME FINANCIAL ACTION TASK FORCE
Bahrain, Saudi Arabia, Syria, Lebanon, Qatar,
Kuwait, Tunisia, Jordan, Algeria, Morocco,
Egypt, Oman, the United Arab Emirates and
Yemen
Page: 77
TERRORIST FINANCING
• Terrorist financing = reverse money
laundering
• Money laundering: ML is concerned
with laundering assets of illegal origin
and bringing them back into legal
economic circulation
• Terrorist financing: TF is concerned
with using legal assets for an illegal
activity
• Where did the money come from (ML) /
Where did the money go (TF)
• Means and methods to identify ML can
not be transferred to TF detection
• In addition there is a lack of
international objective definition of the
criteria of a terrorist
CYBERCRIME
Page: 78
HOW IT WORKS
• Regular (fake) business is set up by
supporters of subversive groups
WEB SHOP
• Shop offers goods for high prices
• Donation buy an overpriced product to
indirectly donate
CYBERCRIME
Page: 79
CONCLUSION
• Terrorists use the Internet
• The extend and intensity is (until now)
staying below classic Cybercrime
• Questionable if it is necessary to
address the problem with new
provisions
CYBERCRIME
Page: 80
MONEY LAUNDERING
Money Launding in Cyberspace
CYBERCRIME
APPROACHES
1. Integrated Act
• Money laundering as an essential part
of a Cybercrime (phishing)
• Intention of the money laundering
activity is not only to disguise the origin
of assets of a crime but to hide the
identity of the offender
Page: 81
MONEY LAUNDERING
2. Individual Act
• Use of information technology within
the money laundering scams
CYBERCRIME
Page: 82
ML STRATEGY
• Avoid suspicious transaction detection
MONEY LAUNDERING
ML
• Adopt common “behaviour”
• “Hide in the crowd” to make the
detection as difficult as possible
CYBERCRIME
ML STRATEGY
• Avoid suspicious transaction detection
• Monitoring / analysing the criteria set
up
• Develop systems to avoid detection
CYBERCRIME
Page: 83
SUSPICIOUS TRANSACTION REGIME
suspicious
not suspicious
Page: 84
ML IN CYBERSPACE
ONLINE BANKING
• Financial Action Task Force identified
numerous Money Laundering Activities
that involve electronic payment
systems and network technology
• IT can especially help to improve the
speed of transactions
• IT is not only a benefit for money
laundering activities but also for
terrorist financing
CYBERCRIME
Page: 85
MONEY LAUNDERING
CYBERCRIME
V
O
!
!
Page: 86
MONEY LAUNDERING
V
O
Integration
!
Possibility to
hide Identity
!
FI
Placement
of the assets
FI
!
Layering
of the assets
CYBERCRIME
PLACEMENT
• The Internet offers no relevant
advantages for the placement of cash
Page: 87
WESTERN UNION
• Classic Instruments are used such as
Western Union
• Internet related services can be used to
circumvent tools to detect suspicious
transaction
CYBERCRIME
Page: 88
ONLINE CASINOS
available
ONLINE CASINOS
• Transfers to Online Casinos will in
general be related to rather high
amounts
• Depending on the popularity of the
provider, the location and the games,
daily transfers of 10.000 USD are quite
normal
CYBERCRIME
LAYERING / TRANSFER
• Official and unofficial transfer systems
Page: 89
HAWALA
• Legal / Illegal or Formal / Informal
• Money Wire Transfer is one of the
easiest transfer methods
• Online Transfer is a cost effective wire
transfer instrument that offers
flexibility and independence with regard
to the place of action
CYBERCRIME
Page: 90
CIRCUMVENTION
• Structured Payments (“Smurfing”)
ONLINE TRANSFER
Due to the comfortable functions of online banking
systems structured payments can easily be
automated
• Use of Falsified Identities
Synthetic Ids. Opening Accounts with false
documents. Online banking is limiting the face-toface contact
• Use of False Identities
Voluntary cooperation of legitimate account
holders as well as account takeover (“Phishing”)
• Offshore Banks
Countries with customer identity protection /
restrictive bank regulations / not cooperating in ML
investigations
CYBERCRIME
ONLINE BANKING
• Money Wire Transfer is one of the
easiest transfer methods
• Problems of Online Banking with
regard to a possible misuse for money
laundering activities have been
intensively discussed
Page: 91
ONLINE BANKING
• Key Problems are:
• Ease of access through the internet
• Depersonalisation (no face-to-face
control)
• Rapidity of online transactions
CYBERCRIME
Page: 92
LAYERING / INTEGRATION
• Electronic Payment Systems can be
used to disguising the origin of the
assets
VIRTUAL CURRENCY
• Depending on the amount of money and
the duration of the transfer EPS offer a
number of advantages for money
launderer
CYBERCRIME
VIRTUAL GOLD CURRENCY
• Account-based electronic payment
systems
Page: 93
VIRTUAL CURRENCY
• Identification requirements are rather
weak - Some providers do even enable
registration with nicknames
• Fast worldwide person-to-person
transfers
• Can be combined with anonymous ATM
cards
CYBERCRIME
Page: 94
PREPAID CREDIT CARDS
• Person-to-Person transfer
PRE-PAID CREDIT CARD
• E-Commerce
• Number of Providers offer in addition
E-Gold / Western Union Services
CYBERCRIME
Page: 95
CASE STUDY
Case Study 1:
Money Laundering Scam involving Online Casinos and Auction Platforms
CYBERCRIME
Page: 96
MONEY LAUNDERING
Offender who intends to launder money
CYBERCRIME
Page: 97
MONEY LAUNDERING
Layering
Onl. Casino
CYBERCRIME
Page: 98
MONEY LAUNDERING
Virt. Currency
Layering
Onl. Casino
CYBERCRIME
Page: 99
MONEY LAUNDERING
Auction PF
Virt. Currency
Layering
Onl. Casino
CYBERCRIME
Page: 100
MONEY LAUNDERING
Fin. Service
Auction PF
Virt. Currency
Layering
Onl. Casino
CYBERCRIME
Page: 101
CYBERCRIME
Dr. Marco Gercke
CYBERCRIME
page: 1
NEW CHALLENGES
•
•
•
•
•
•
•
•
Dependence of the society on information technology
Availability and power of devices that can be used to commit a crime
Number of available information in the internet
Languages
Missing control instruments
International relation
Speed of information exchange
Speed of the technological development, power and vulnerability of
devices
• Anonymous communication
• Deprivation of data/evidence
CYBERCRIME
page: 2
POSSIBILITIES
• There are no doubts that the ongoing
improvement of information
technology enables the law
enforcement agencies to carry out
investigations that were not possible
previously
EXAMPLE CHILD PORNOGRAPHY
• Automated search for key-words /
hash-values
• Great chance for public private
partnership (Microsofts CETS)
CYBERCRIME
POSSIBILITIES
• Apart from new instruments the
ongoing technical development is
going along with a number of
challenges for law enforcement
agencies.
page: 3
EXAMPLE CHILD PORNOGRAPHY
• Investigations can be more difficult or
even impossible if the offender is just
using some basic technical means
• Challenges of fighting Cybercrime go
way beyond that
CYBERCRIME
page: 4
RISK SOCIETY
• Development towards and Information
Society
• Availability and extensive use of
Information Technology
Background
Development of the Information Society is not
limited to the highest developed countries.
New high-tech products such as WMAX allow
even less developed countries to catch up with
regard to the technical infrastructure
• Discussion about the possibilities of
misusing the Information Technology
has just started
• Society is accepting a number of risks
with regard to the Information
Technology (insufficient protection of
computer and password, open WLAN,..)
CYBERCRIME
DEPENDANCE
• Major parts of the every day
communication are already based on
internet related services
page: 5
Example (ISS)
• Access to the WWW (world wide web)
and the uses of e-mail are only two
examples
• In the near future voice-over-ip (VoIP)
and the offer of multimedia content
for sale will be available for more
than a billion internet user
• Network technology integrated in cars
and buildings
CYBERCRIME
page: 6
DEPENDANCE
• Threats of internet based attacks
against critical infrastructure
Example (Energy Infrastructure)
• Electricity supply, Communication
Infrastructure
• Even military infrastructure is
depending critical technology
CYBERCRIME
DEPENDANCE
• Alternative Communication Systems
that could be used in cases of
emergency are not able to cover the
necessary resources
page: 7
Examples(Sasser)
Example
• Monoculture with regard to major
technical components of computer
systems, software and network
technology
A computer virus (Sasser), designed and
programmed by a German student caused
damage to business worldwide. A major
Airline in the US had to cancel flights for
hours because its computer system was
affected.
CYBERCRIME
page: 8
AUTOMATE
• Computer and Networks enable
offenders to automate attacks
Example (Hackerwatch.org)
• Within minutes millions of spam mails
can be send out without generating
high costs - sending out one million
regular letters would be very
expensive and take days
• Special software products enable
automatic attacks against computer
systems
CYBERCRIME
page: 9
AVAILABILITY OF DEVICES
Examples
• Internet connected devices as tool
and target
Misuse of open WLAN-Access Point to hide
identity; Terrorists communication via VoIP
using encryption technology;
• The number of people who have
access to the internet is still growing
fast
• New ways of access to networks are
implemented (UMTS, WLAN,)
• Capacity of Computers has increased
(great potential)
• Number of operations controlled by
the use of networks increased
CYBERCRIME
page: 10
AVAILABILITY OF ACCESS
• Numerous possibilities to get access
to the network
Example (Internet Cafe)
• Regular Internet Connection
• Mobile Data Services
• Public Terminals
• Wireless Access Points
CYBERCRIME
vulnerability
page: 11
WLAN
• Comfort vs. Security
CYBERCRIME
page: 12
• Signals from the wireless LAN station
can be received in a nearly
uncontrollable distance of up to 100
meter
WLAN
CYBERCRIME
• Signals from the wireless LAN station
can be received in a nearly
uncontrollable distance of up to 100
meter
CYBERCRIME
page: 13
WLAN
page: 14
• Data transfered to and from the user
can be intercepted as well
WLAN
CYBERCRIME
AVAILABILITY OF INFORMATION
• Secret Information are available in the
Internet
page: 15
Example (Sat. Picture)
• Available especially through search
engines
• “Google hacking”
CYBERCRIME
page: 16
Services like Google Earth were reported
to be used in several attacks:
• In attacks against British troops in
Afghanistan
• In the planning of attacks against an
airport in the US
• In attacks against British troops in
Iraq
• In attacks against Israel
Telegraph.co.uk (13.01.2007)
Terrorists attacking British bases in Basra are
using aerial footage displayed by the Google
Earth internet tool to pinpoint their attacks,
say Army intelligence sources.Documents
seized during raids on the homes of
insurgents last week uncovered print-outs
from photographs taken from Google.
Guardian (25.10.2007)
Palestinian militants are using Google Earth
to help plan their attacks on the Israeli
military and other targets, the Guardian has
learned. Members of the al-Aqsa Martyrs
Brigade, a group aligned with the Fatah
political party, say they use the popular
internet mapping tool to help determine their
targets for rocket strikes.
CYBERCRIME
•
Robots used by Search-engines can lead the
disclose of secret information
•
Handbooks on how to build explosives and
construct chemical and even nuclear devices
are available
•
Internet sources have been used by the
offenders in a number of recent attacks
CYBERCRIME
page: 17
TERRORIST HANDBOOK
page: 18
• Information regarding the construction
of weapons were available long time
before the Internet was developed
RAGNAR’S ENCYCLOPEDIA
• Ragnar‘s Action Encyclopaedia of
Practical Knowledge and Proven
Techniques
• Approaches to criminalise the
publication of information that can be
used to
CYBERCRIME
• Information about system vulnerabilities
are published on websites
page: 19
Example (http:wslabi.com)
• In addition these information are offered
for sale by some businesses
• Information can be used to increase
security as well as to commit computerrelated offences
CYBERCRIME
page: 20
NUMBER OF SOURCES & USERS
• The internet connects millions of
people
Examples
Development of Internet User
• Today more internet user in
developing countries than in
developed contries
• A single attack can effects millions of
systems
• Millions of webpage offer information:
Difficult to identify illegal information
1995: 45 Million
2000: 420 Million
2005: 1000 Million
2007: 1200 Million
Source: ECIN.DE taking regard to eTForecast (2006)
CYBERCRIME
NUMBER OF SOURCES & USERS
• Millions of webpage offer information:
Difficult to identify illegal information
page: 21
Example (www.skype.com)
• Popular Services do often have
millions of user
CYBERCRIME
page: 22
RESOURCES
Botnets (www.shadowserver.org)
• Current analysis proof that up to a
quarter of all computer connected to
the internet could be used by
criminals as they belong to “botnets”
Souce: BBC report “Criminals 'may overwhelm the web“
• Some analysis go even beyond that
number
CYBERCRIME
page: 23
BOTNET
Offender
Direct attack goes
along with the risc
to be identified and
has limited power
Target
CYBERCRIME
page: 24
BOTNET
Step 1: Sending out virus that is
infecting computer and enables
the offender to take over the
control
Offender
CYBERCRIME
page: 25
BOTNET
Offender
CYBERCRIME
page: 26
BOTNET
Step 2: Offer sends order to
start the attack
Offender
Target
CYBERCRIME
BOTNET
page: 27
Taking over control
• Short term for Robot-Network
User
Bot.
• Botnets are very powerful
instruments
Computer Power
• Main use: SPAM, DoS
.
• Computers are in most cases infected
by malicious software
• Software is taking over part of the
control
CYBERCRIME
page: 28
LANGUAGES
• with regard to the observation of
websites in Arabic language the
missing knowledge about the
language is often a critical point
Example (www.aliazeera.net)
CYBERCRIME
MISSING CONTROL
• Internet was developed as a military
network
• Consequences: Strategic and military
aspects dominated the development of
the technology - not the needs of a
global mass communication network
page: 29
Important
Decentralised concept was a necessary
element to protect the network against
malfunctions caused attacks against single
elements. Missing control instruments makes
the implementation of investigation routines,
that are necessary for a mass communication
system difficult.
• Resistant against nearly any form of
centralised control
CYBERCRIME
page: 30
MISSING CONTROL
Terrorist
Communication
CYBERCRIME
page: 31
MISSING CONTROL
Disconnected
CYBERCRIME
page: 32
MISSING CONTROL
Alternative Route
Alternative Route
CYBERCRIME
MISSING CONTROL
Major consequences
• Very few possibilities to protect a
territory against attacks from the
outside
• Very few possibilities to disconnect a
territory from internet services
page: 33
Important
Decentralised concept was a necessary
element to protect the network against
malfunctions caused attacks against single
elements. Missing control instruments makes
the implementation of investigation routines,
that are necessary for a mass communication
system difficult.
Additional consequences
• Independence of place of action an place
of the result
• International Dimension
CYBERCRIME
page: 34
MISSING CONTROL
Protection can not
stop any attack
CYBERCRIME
page: 35
INDEPENDENCE
• With access to the Internet the offenders
can act worldwide
CYBERCRIME
page: 36
INDEPENDENCE
• Offenders can act from any place in
the world
Example Phishing
• By choosing their place of action they
can take into account the status
criminalisation and the capabilities of
the law enforcement authorities
• “save havens”
CYBERCRIME
INTERNATIONAL DIMENSION
• Network Protocol contains an
automatic search procedure for the
fastest connection
page: 37
TRACING ROUTE
• This leads in an nearly uncontrollable
way to international dimensions
within data exchange processes
TCP-IP contains of two elements:
TCP (Transfer Control Protocol) and IP
(Internet Protocol)
Real Routes of data exchanges can be traced
back using tracing software such as
“TraceRoute”
CYBERCRIME
page: 38
Victim
CYBERCRIME
page: 39
Victim
Attacking
Computer
CYBERCRIME
page: 40
Victim
Real Offender
Attacking
Computer
CYBERCRIME
page: 41
Victim
Attacking
Computer
CYBERCRIME
Long lasting
Investigations
or delays can
Hinder the
identification
page: 42
SPEED OF THE DEVELOPMENT
Examples
• The transfer of an E-Mail normally only
takes seconds
Many important traffic information are deleted
within less than 1 hour. After 7 days
investigations are in most cases only effective
in countries with data retention.
• Easy to remove or move information
from one server to another
• Key information that are necessary to
identify an offender are often available
only for a short period of time (eg. traffic
data)
• Independence between place of action
an the result
• Traditional investigation instruments
are not able to catch up with the speed
of the information exchange.
CYBERCRIME
page: 43
SPEED OF THE DEVELOPMENT
Examples
• Computer technology is becoming more
and more complex
The use of new, innovative data storage
medias (mobile phones, digital camera, MP3player) led to a number of difficulties within
search and seizure procedures in the past.
• Development is continuing
• Users are expecting “easy to use”
software and hardware devices
• Comfort vs. Security (Open systems)
• Systems are becoming more and more
powerful on the one hand side and
vulnerable on the other hand side.
• Monoculture with regard to the
operation systems (Microsoft Windows).
CYBERCRIME
page: 44
DEPRIVATION DATA/EVIDENCE
ENCRYPTION TECHNOLOGY (pgp.com)
• Anonymous communication
• Encryption
• Steganography
• Deletion of data
CYBERCRIME
ANONYMOUS COMMUNICATION
• “Felt Anonymity”
page: 45
Notice
Anonymizer
(www.anonymizer.com)
• Key motivation especially with regard to
crimes connected pornography
• Technology available that can hinder law
enforcement to trace back the route of
an offender (eg. www.anon.de)
• Benefit of Anonymous Communication
vs. Effective Law Enforcement
Similar problem with regard to the use of
encryption software. Benefits for the Society
vs. Effective Law Enforcement
• Possibility to pretend to be some else
(Remote Software)
CYBERCRIME
page: 46
Anonymous communication can be
reached by:
Example (Public Internet terminal)
• Use of public terminals
• Use of open wireless networks
• Hacked (closed) networks
CYBERCRIME
page: 47
Offender
Victim
Last point in the row
leads to the offender
CYBERCRIME
page: 48
Offender
Last point in the row
Victim
CYBERCRIME
page: 49
HOW IT WORKS - PROXY
SERVER
User with IP-Address
123.88.2.4 wants to
secretly download
from host with IP
201.77.8.24 abrufen
123.88.2.4
Host
201.77.8.24
Proxy Server
133.1.1.1
201.77.8.24
201.77.8.24
CYBERCRIME
page: 50
HOW IT WORKS - PROXY
SERVER
123.88.2.4 wants to
secretly download
from host with IP
201.77.8.24 abrufen
Host
201.77.8.24
Proxy Server
123.88.2.4
133.1.1.1
201.77.8.24
201.77.8.24
CYBERCRIME
page: 51
HOW IT WORKS - TOR
123.88.2.4 wants to
secretly download
from host with IP
201.77.8.24 abrufen
123.88.2.4
123.88.2.4
201.77.8.24
CYBERCRIME
Host
201.77.8.24
A1
A2
A3
211.4.32.55
200.14.1.5
176.101.1.5
201.77.8.24
201.77.8.24
201.77.8.24
201.77.8.24
123.88.2.4
201.77.8.24
page: 52
HOW IT WORKS - TOR
123.88.2.4 wants to
secretly download
from host with IP
201.77.8.24 abrufen
123.88.2.4
Content
Host
201.77.8.24
A1
A2
A3
211.4.32.55
200.14.1.5
176.101.1.5
201.77.8.24
Content
Content
Content
Content
CYBERCRIME
page: 53
HOW IT WORKS - TOR
123.88.2.4 wants to
secretly download
from host with IP
201.77.8.24 abrufen
123.88.2.4
Content
CYBERCRIME
Host
201.77.8.24
A1
A2
A3
211.4.32.55
200.14.1.5
176.101.1.5
201.77.8.24
Content
Content
Content
Content
page: 54
ENCRYPTION
• Encryption is the process of obscuring
information to make it unreadable
without special knowledge
PGP
• Encryption can be used to ensure
secrecy
• Encryption can be used to hide the fact
that encrypted messages are
exchanged
• Encryption used by criminals can lead
to difficulties collecting the necessary
evidence
CYBERCRIME
BREAKING A KEY
• Brute Force Attack: Method of
defeating a cryptographic scheme by
trying a large number of possibilities;
for example, exhaustively working
through all possible keys n order to
decrypt a message
page: 55
How long it takes to break a key
• Gaps in the encryption software
• Dictionary-based attack
• Social Engineering
• Classic search for hints
• Need for legislative approaches?
CYBERCRIME
page: 56
GLOBAL PHENOMENON
• Availability of encryption technology is
a global challenge
MICROSOFT BITLOCKER
• Powerful software tool that enable are
available on a large scale in the
Internet
• Some of the latest versions of
operating systems contain encryption
technology
CYBERCRIME
SOLUTION
Technical solutions (with legal component)
page: 57
MAGIC LANTERN
• Magic Lantern (US)
• Remote Forensic Software (Germany)
Legal solution
• Various restrictions on import/export
and use of encryption technology
• UK: Obligation to disclose password
(Sec. 49 of the UK Investigatory Powers
Act 2000)
CYBERCRIME
page: 58
STEGANOGRAPHY
• Steganography is a technique used to
hide information in some other
information
Steganography
• Example: Hiding a message in picture
•
• Technique can be used to keep the fact
that the exchange of encrypted
messages is taking place secret
CYBERCRIME
DELETION
• If files are deleted on a computer
system the are often not removed from
the storage media
page: 59
Delete Files
• In addition deleted files can be
recovered by law enforcement
agencies by using magnetic fragments
left on the hard disk
• Offenders using tools to securely
delete files can hinder the recovery of
deleted files
CYBERCRIME
page: 60
DELETION
• Various software tools available that
enable secure deletion by overwriting
a file a number of times
PGP
Bild wurde zur Speicheroptimierung entfernt
• Recovery is nearly impossible in these
cases
CYBERCRIME
ANONYMOUS OS
• If the offender uses an operating
system that boots from a cd rom all
temporary files are deleted after the
end of use
CYBERCRIME
page: 61
ANONYM OS
page: 62
CYBERCRIME
Dr. Marco Gercke
CYBERCRIME
page: 1
LEGAL CHALLENGE
• Adequate Instruments for Law
Enforcement
• Protection of the interest of the user
• Adequate Criminalisation
• No Over-Crimininalisation
CYBERCRIME
page: 2
CHALLENGE NATIONAL LAW
CYBERCRIME
page: 3
ELEMENTS IN THE FIGHT
• Legislation / Law Enforcement
• Technical Experience
• Education of the Citizens to avoid victims
CYBERCRIME
page: 4
LAW ADJUSTMENT (GERMANY)
2000
1990
Adjust. Penal Law
1980
1970
Networks
Tech. Development
Hacking
Recognised Offences
Adjustment of the Law
CYBERCRIME
page: 5
LAW ADJUSTMENT
2000
Copyright Law
1990
Software Piracy
1980
1970
PC
Networks
Tech. Development
CYBERCRIME
Protection
Hacking
Recognised Offences
page: 6
LAW ADJUSTMENT
2000
1990
1980
1970
Responsibility
Internet
Illegal Contents
Copyright Law
Software Piracy
Protection
PC
Networks
Tech. Development
Hacking
Recognised Offences
CYBERCRIME
LAW ADJUSTMENT
page: 7
Challenge
• To cut down the time between the
recognition of crimes and the
adjustment of law is the main
challenge
Law Adjustment
• Challenge especially for the
Continental European law systems that
are not based on case law
Tech. Development
Recognised Crimes
• Advantage for the more flexible AngloAmerican-System
CYBERCRIME
page: 8
LEGAL SOLUTION
NATIONAL, REGIONAL, INTERNATIONAL
Religious Offences
Computer Fraud
CYBERCRIME
page: 9
LEGAL SOLUTION
Computer Fraud
CYBERCRIME
Religious Offences
page: 10
LEGAL SOLUTION
International Solution
CYBERCRIME
LEGAL SOLUTION
page: 11
Fill existing gaps
International Solution
CYBERCRIME
page: 12
INTERNATIONAL SOLUTION
• Currently the Council of Europe
Convention on Cybercrime is the only
International Agreement that covers
all relevant areas of Cybercrime
Legislation (Substantive Criminal Law,
Procedural Law, International
Cooperation)
• Intention: Harmonisation of selected
aspects of Cybercrime legislation
Art. 37 - Accession to the Convention
After the entry into force of this Convention,
the Committee of Ministers of the Council of
Europe, after consulting with and obtaining
the unanimous consent of the Contracting
States to the Convention, may invite any State
which is not a member of the Council and
which has not participated in its elaboration to
accede to this Convention. The decision shall
be taken by the majority provided for in Article
20.d. of the Statute of the Council of Europe
and by the unanimous vote of the
representatives of the Contracting States
entitled to sit on the Committee of Ministers.
• Open for non-members
CYBERCRIME
page: 13
SIGNATURES UNTIL 2007
DETAILS ABOUT SIGNATURES
43 States signed the Convention 185
(“Convention on Cybercrime”) until March
2006, among them are 4 Non-Members.
Details are available unter www.coe.int
Invited
Invited
CYBERCRIME
page: 14
LEGAL SOLUTION
Regional Solution
CYBERCRIME
REGIONAL SOLUTION
• A number of regional initiatives
page: 15
EU COUNTRIES
• Examples for current developments
are the European Union, Gulf
Cooperation Council (GCC)
• Advantage: Often comparable legal
systems
• Regional agreements can supplement
international agreements
CYBERCRIME
page: 16
LEGAL SOLUTION
National Solution
CYBERCRIME
REGIONAL & NATIONAL
Can regional an national solutions work?
page: 17
EU COUNTRIES
• One argument against regional and
national solutions is the fact that the
internet does not know any boarders
and boundaries and therefore
international solutions are necessary
• International dimension requires
harmonisation to effectively fight
Cybercrime
• It does not necessary exclude additional
regional and national approaches
CYBERCRIME
page: 18
REGIONAL & NATIONAL
• Geo-tracking enables to keep
geographic borders in times of the
Internet
BORDER
• It enables to exclude users with certain
IP addresses from services
• The fact that the possibility to
circumvent virtual or real border exists
does not mean that there are no borders
CYBERCRIME
page: 19
CONVENTION ON CYBERCRIME
• The need for a harmonisation
CYBERCRIME
page: 20
NEED FOR HARMONISATION
1. Technical aspect: Investigations depend on international cooperation of
investigation authorities
2. Legal aspect: Principle of National Sovereignty limits the possibilities of
transnational investigations without international cooperation
CYBERCRIME
page: 21
CURRENT SITUATION
•
Legal Aspect
Country with
proper legislation
CYBERCRIME
Countries without
proper legislation
page: 22
CURRENT SITUATION
Cooperation
possible
•
Legal Aspect
Cooperation
impossible
CYBERCRIME
page: 23
REASON FOR THE DIFFICULTIES
1. Need of adequate provisions in the national law
• Substantive Criminal Law and Procedural Law provisions are in
most cases an essential requirement for national investigation (no
crime - no investigation)
• Substantive Criminal Law and Procedural Law provisions are in
most cases an essential requirement for international cooperation
(dual criminality)
CYBERCRIME
page: 24
INTERNATIONAL UNIFICATION
• Attempts for improve the Fight against Cybercrime a number of International
Organisation such as
•
OECD
•
G8
•
UN
•
European Union
•
Council of Europe (CoE)
• Until now the CoE Convention on Cybercrime is the only international legal
framework with a broad approach
CYBERCRIME
page: 25
AIM OF THE CONVENTION
•
Legal Aspect
CYBERCRIME
Set of
minimum
standards
page: 26
STRUCTURE
• Section 1: Substantive criminal law
• Section 2: Procedural law
• Section 3: Jurisdiction
• International cooperation
• Additional protocol (xenophobic material)
Not covered:
• Responsibility of Internet Providers
CYBERCRIME
page: 27
SUBSTANTIVE CRIMINAL LAW
Art. 2 - Illegal Access
Each Party shall adopt such legislative and
other measures as may be necessary to
establish as criminal offences under its
domestic law, when committed intentionally,
the access to the whole or any part of a
computer system without right.
• Art. 1
Definition
• Art. 2
Illegal Access
• Art. 3
Illegal Interception
• Art. 4
Data Interference
• Art. 5
System Interference
• Art. 6
Misuse of Devices
• Art. 7
Computer-related Forgery
• Art. 8
Computer-related Fraud
• Art. 9
Offences related to Child Pornography
• Art. 10
Offences related to Copyright Violations
CYBERCRIME
page: 28
SUBSTANTIVE CRIMINAL LAW
• Art. 11
Attempt, aiding, abetting
• Art. 12
Corporate Liability
• Art. 13
Sanction an measures
Art. 11 - Attempt, aiding and abetting
establish as criminal offences under its
domestic law, when committed intentionally,
aiding or abetting the commission of any of
the offences established in accordance with
Articles 2 through 10 of the present
Convention with intent that such offence be
committed.
CYBERCRIME
page: 29
PROCEDURAL LAW
Art. 16 - Expedited preservation
enable its competent authorities to order or
similarly obtain the expeditious preservation
of specified computer data, including traffic
data, that has been stored by means of a
computer system, in particular where there
are grounds to believe that the computer data
is particularly vulnerable to loss or
modification.
• Art. 14
Scope
• Art. 15
Conditions, Safeguards
• Art. 16
Expedited Preservation
• Art. 17
Expedited Disclosure
• Art. 18
Production Order
• Art. 19
Search and Seizure
• Art. 20
Real time Collection of Traffic Data
• Art. 21
Real time Interception of Content Data
• Art. 22
Jurisdiction
CYBERCRIME
page: 30
INTERNATIONAL COOPERATION
• Art. 23
General principle
• Art. 24
Extradition
• Art. 25
General principle related to mutual assistance
• Art. 26
Spontaneous Information
• Art. 27
Absence of International Agreements
• Art. 28
Confidentiality and limitations of use
• Art. 29
Expedited preservation
• Art. 30
Expedited disclosure
• Art. 31
Access to stored computer data
• Art. 32
Trans-border access to stored computer data
CYBERCRIME
page: 31
INTERNATIONAL COOPERATION
• Art. 33
Real-time collection of traffic data
• Art. 34
Interception of content data
CYBERCRIME
page: 32
24/7 NETWORK
• Art. 35
24/7 Network
Art. 35 - 24/7
Each Party shall designate a point of contact
available on a twenty-four hour, seven- day-aweek basis, in order to ensure the provision of
immediate assistance for the purpose of
investigations or proceedings concerning
criminal offences related to computer
systems and data, or for the collection of
evidence in electronic form of a criminal
offence.
[...]
CYBERCRIME
page: 33
NATURE (LEGAL)
International Agreement
Needs to be ratified an implemented to come into effect
Binding only on a political level
Various spaces for interpretation and restrictions
CYBERCRIME
page: 34
SIGNATURES UNTIL 2007
DETAILS ABOUT SIGNATURES
43 States signed the Convention 185
(“Convention on Cybercrime”) until March
2006, among them are 4 Non-Members.
Details are available unter www.coe.int
Invited
Invited
CYBERCRIME
OPEN FOR NON-MEMBERS
• 4 Non-Members were involved in the
drafting of the convention and signed
the convention
• Convention is open for any non member
• Costa Rica and Mexico were recently
invited to access the Convention
CYBERCRIME
page: 35
Art. 37 - Accession to the Convention
After the entry into force of this Convention,
the Committee of Ministers of the Council of
Europe, after consulting with and obtaining
the unanimous consent of the Contracting
States to the Convention, may invite any State
which is not a member of the Council and
which has not participated in its elaboration to
accede to this Convention. The decision shall
be taken by the majority provided for in Article
20.d. of the Statute of the Council of Europe
and by the unanimous vote of the
representatives of the Contracting States
entitled to sit on the Committee of Ministers.
page: 36
RATIFICATION
CYBERCRIME
page: 37
RATIFICATION
Denmark
Island
Netherl.
Norway
Slovenia
Estonia
France
Finland
Lithuania
Croatia
Romania
Hungary
Ukraine
US
Cyprus
Bosnia/HG
Bulgaria
Albania
Macedonia
Armenia
Latvia
CYBERCRIME
page: 38
RATIFICATION
Norway
Netherl.
Armenia
Macedonia
US
Slovenia
Cyprus
France
Finland
Croatia
Hungary
Romania
Denmark
Ukraine
Latvia
Albania
Estonia
Lithuania
Bulgaria
Bosnia/HG
Island
2002
2003
2004
2005
2006
CYBERCRIME
2007
page: 39
! "
#
$
%
&
' !
+
!
( !
" *% &
"!
!
!
!
!
!
)!
!
! "
*
!
*%
!
!
+
"#
&
!
)
"
*
- !
!
!
*%
!
, !
!
!
*%
" !
!
$ *%
)
!
) !*/ !
!
) !*/
$
!
!
1!
!
!
)
$
!
)
&
*%
! . !
"
"#
!
*%
!
" "
!
,
)
*% !
$ *%
!
' !
"
!
&
0
!
!
*% &
2!
!
*%
"!
!
)
) ! "
#
!
"
!
!
)
)
!
!
*%
,"
"
!
!
3
!
! *%
#
) ! $&
!
!
!
!
$ *% )
!
*%
"
!
"
*%
!
!
!
)!
!*%
) !*/
!
!
!
!
!
!
*%
) !*/
"
!
) " &
)! $
!
!
*%
!
!
!
,
)
*%
) !
1
)
*/
!
5
+ !
"
6
7
4
!
"
!
!
5
)
=
%
+
+ , !
! "
%
1
1
)
*%
"
"
3
3
!
!
!
*%
!
' !
!
1 !
=
!
!
"*
!
!
!
3
). !
! $
)
!
!
!
H
'
) - !
*/
#
) - !
!
"
) *
$
4
*
+
3
!
)
!
!*/
)
!
) !*%
*/
!
)
! . !
1
#
*/
"
!
&
!
: */
C 4+ D
!
!
A
A
2 =,
! *%
!
*
;
4
: B ' C>9D
!
A0
!
! */
!
,
: B ' C>FD 9
$ *%
,! : B ' C89D G
" 1
!*%
!
! */
!
: B ' C>8D 8
!
)
!
1
)
: B ' C89D
"
!
)
*% &
B
C+
!
"
)
!
*%
#
8>
4
!
!
)
!
"
*/
" 1
A #
:B '
E
A
88FD
E
A
+
)! $
H
D
2
!
*/
*%
.
"
!
!
!
!
;
"
!
!*/
@>&
; %
- !
!
*/
!
" "
*%
8<<
=
)
)! $
!
"
!
' !
! *%
+
C>>D
$
&
!
) !*/
!
*/
#
"
!
!
"
"
3
: */
$ *%
888&
)
*%
?
!
*%
*%
;
#
!*%
"
"
8>8
7
1
*%
"
4
89
!
)
=
+
&
: */
!
*/
3
! )
+
!*%
! +
!*%
" "
!
$ *%
!
'
E
* C6
! */
!
*%
!
E
*
!
#
#
)
=
"
*%
>
B
8
*%
E
0
,"
I
+
!
"
!
!
!
"
!
!
!
*%
)! $
!
!
!,) !
= - !
!
*%
&
3
!
+
2!*%
)
@ "
!
C
%
!
*%
88FD
" "
"
!
!,
)
?
!
) !
!
&
2!
J
!" # $ %
+
&' (
)
"
D K?
)
"
" "
D K4
! L
!
= ! *%
)
!
!
CD
M
!
"* L
*%
!
) $
,"
&
) !
)
*/
)
0
!
"
) !
!
M
)
!
!
"*
$
!
$
)
! *%
!
$
"*
D K4
!
!
! *%
!
! *%
"*
)
) !
-" #
)!
)
!
!
!
$
+ ((
!
)
! *%
!
!
!
!
*%
!
)) (
+&, !
L
!
)! J
"*
!
)
C D
)!
!
*% &
)
!
"
$
)
!
!D K7
)!
L
!
= !
*% J
*
+
+
"
!
!
!
2 +
!
!
,
=
*
*%
!
!
1
)
) !*%
*%
!
!
!
,
)
." #
+
!
!
)
"
!
!
+
)
"
!
! *%
!
#! !
)
!
!
)
!
" !
!
!
!
!
!
/" #
!
!
"
) !*%
,
%
/
)
0 !
!
# !
2 +
!
!
/
)
% 0 +
!
) !
"
=
) !*%
)
!
!
) ) (
+
"
!
!
!
!
*%
&,
!
!
)
!
+
" I
"
"
) !*%
)!
!
;
"
) !*%
=
!
!
B
"
1" #
% 0 +
((
(
+
"
!
!
*%
)
"
!
*%
!
) !*%
!
,
"#
) ! *%
2" # 3(
)
*%
(* ) )(
*%
)
*%
( * (
! !
!
;
) ! *%
!
)
"
!
*%
!
%
%
+
D 2
"
) !*/
!
"
)
"
!
! )
!
)
J
*%
$ *%
$ *%
*%
J
!
!
"
!
B
)
!
9B&
!
!
!
) !*/
;
" I
)
*%
)
) !*/
$
B
2
2
$
!
!
!
)
!
!
!
D
!.
!
!
B
!
9B&
)
!
! "
9B 2 +
,
!
) !*/
*%
)
=
0
%
"
*%
)
!
*%
B
!
*%
$ *%
! " !
B 9B
"
%
!
!
!
#
)
)
!
!
$
$ *%
*%
!
) !*%
" *%
!*%
!
+
" I
%
"
)
4" # 5 ( ) )
%
*%
B
)
+
"
!
!
!
*%
,
) !*%
*%
!
)
*%
-
%
$
!
;
+
*%
,
"
!
! )
*%
!
)
,"
B
1"
6 +
!
!
!
!
%
$ *%
%
%
$
!
-
!
)
,"
=
*% )
!
7" #
%
6 +
+
"
!
!
!
!
) !*%
,
!
"
!
)
"# J
D 4
*%
)
D 4
!
!
*%
*%
%
!
"
*%
)
!
)
!
!
*%
),!
!
.
!
,
!
8" #
% +&' (
+
) (+
%
+
%
"
!
!
!
) !*%
!
!
,
D +
D
)
)
)
)
!
!
! &
$
)
)
D
)
!
)
"#
"#
"#
)
)
)
)
)
B
! &
!
.
% K
)
"
D ;
" "
!
!
=
)!
)
L
= ,!
!
=
= ,!
!
" "
= ,!
B
>
&
&
, !
=
)
!
J
" "
!D
!
G
)
)
$
D ;
=
)
"#
)
)
)
%
&
D +
+
)
! "
! &
!D 4 )
+
)
J
$
)
!
!
"
!
)
=
+
;
%
&
% K
L
!
!
=
<
+
" I
B
%
,
!
,
!
"
)
!9" # % +&' (
(+
: (
+
) (+
*
&, ) )
)
) (
+
"
!
! !
) !*%
*%
+
! )
!
*/
! *%
" *% ; "
4
G
E
8F
" *%
6
2 , !
2!
+
!
' !
!
4
2
!
=! *%
" */
!
)
!
!
!
!
"
+
)
)
*%
2
"
!*%
+
2
#!
!
+
4
3
A+
!
!
+
" *%
= !
'
) % C
+
!
! !
*%
"
)
) !*%
!
!
!
+
" *%
'
!
' !
*/
= ! */
! )
!
!
!
=
*/
!
+
7
D
*%
2
#
2
#!
!
7
"
)
) *
2!
!
"
!
)
!*%
!
)
!
)
"
!
)
"
!
!
4
3
=! *%
*/
A+
!
!
)
!
!
;
%
+
! !
( !
" I
B
!
"
*%
,"
%
+
)! $
*/
!
! *%
#
!!" #
*
!
$
!
%
+
B
&
+) )
+
"
!
!
!
!
B
!
B
"
!
) !*%
!
!
) !*/
!
*% !
*%
!
"
!
)
!
!
!
) !*%
!
+
"
!
!
!
"
B 9B FB >B 8B
"
) !*%
!
,
8
*%
+
" I
B
%
!
! )
) !*/
,
"
!
!
!-" #
(
(
) ) )
((
(+
+ * (
+
"
"
!
!
"
"
!
!
!
) !*/
*%
! "
!
!
),!
"
= *
! "
J
D +
!
*%
*%
!
D 2
= !
2#
!
! " &
!
!
"
B
! "
!
+
!
"
- !
4
!
"
!
! "
!,
G
),!
"
,$
) !*%
!
!." #
&' (
!
)
+
"
!
,"
*%
, !
!"
!
!
B
"
!
! "
" %
!
) !*/
! ! "
! " &
!
!
!
. %
!
!*%
! /
!D 2
!
)) (
+
"
!
) !*/
2
B
!
"
B
"
,"
"
*/
+
! ! " !
1
! *%
B )
)! $
%
!
"
! *%
" )!
)! $
!
"
"
*/
!
*/
!
+&, -
$
+ ((
'
!/" # ;
) ()(
( &' (
+ ((
(
+
!
? !*%
"
!
)
"
*%
!
"
"
? "
*%
!
DN
!
!
)
) !*/
!D N !
) !*%
!
B
!
)
! . !
+
)
" I
) !*/
!
$
B1
"
D :
)
"
) !*/
!
"
2
!
B
*% &
) !*/
D
+
B J
!
"
D2
B !
%
"
! . !
!
) !*/
) !*/
!
) !*/
+
!
,"
!
!
)
! &
B
! *%
!)!
1
)
B
!
*%
+
"
*/
"
*%
!
)
2
)
)
"
!
B
)
B 1 !
"*
!
!
*%
%
! */
),!
) !
$
:%
$
=% !
!
0
!
)
+
)
!
! */
0
!
" I
!
%
! */
+
!1" #
B
) &' (
1
"
)
,"
( *
) (
!
!
1 !
*/
"
? !*%
*%
!
5
!
"
"
"
!
!*%
!
*/
!
+
!*%
% C 89 D
"
+ , !
! "
"
!
4
+ !
C 8<<D
4
! )
*%
6
: */ ;
! *%
5
!
!
5
7
4
!
!,
"
!
%
!
%
"
)
!
!
B
+
! *%
M
"
!
! *%
2
%
!
)
$
!
!
*/
"
)
!
!
%
)
*%
(
)!
*%
! *%
! *%
!
!
!
:
0
*%
*
!
+
? !*%
!
,
!
( * &,
=
)
"
:
)
)
) ) ) (
%
+
6 + (
)
1
" *%
) (
!
"
"
!
=
?
!
=
*%
,"
+
"
B
!
$
"#
"
)
%
!
"
!
!
*%
1
+
!
)
8
;
*%
!,) !
+
!
!
"
"
%
,
*%
!,) !
$
!
%
=
!
)
)
!
"
<
"
!
!
)
!
!
(
!2" #
!
"
#
=
"
+
!
!
)
"
!
"
= ! *%
!
G
GB
!4" #
,
!
9B
"
)
"
)*
&,
" *%
+
) ) ) ()
"
6%
)
! *%
"
J
!
&
:
!
+
<B !
!
"
)
( * &,
2)
D 2
!
"*
"
"
" *%
%
)
!
! *%
"
)
!
D2
"
)
"
*%
)!
"#
1
!
! *% )
!
9B
GB
!
) ! *%
) !
*
)
!
"*
)
"
*
!7" #
+
!
!
+
"
!
!
D 2
)
!
!
)
!
D2
)
"
J
.
!
!,) !
)
!
$
!
$
&
!
"*
"*
.
!
+
!
"
"*
!
9B
GB
+
)
"
)
=
)
)
)
!
D
*%
!
0
!
! *%
,
M
!
,"
)
! *%
!8" #
(+
,"
,
*%
!
"
0
)
1
!
!
!
!
$ *%
!
!
!
"*
)
(, ) ) ) (
%
+
!
!
"*
)!
!
*%
"* &
+
!
#! !
0
!D
L
)
$
"* &
2
) !
"
J
"*
D
% K
)
)
!
"*
)
6 + (
<
) (
"
"
!
!
J
!
D 2
)
)
!
!
!
!
$
D 2
&
$
)
+
!
"
!
!
"
!
!
!
)
)
!,) !
!
)
!
!
$/
$
)
%
!
,"
*/
!
B
!
!
.
!
!
,"
!
)
)
!
=
!
)
+
"
!
"
!
)
!
)
"
)
$
! *%
!
!
J
D 2
)
$
D '
$
!D +
!
"
!.
"
)
D 3
!
G
!
)
! &
)
!
!
&
$
,"
&
)
"
!
"
!
!
!
*
)
!
)
$
)
*
$
"
)
! *%
9
#
-9" #
+ =
*/
!
)
"
%
) ) ) (
+
* (
"
!
"#
.
!
!
9B
!
' !
!
$ "
B
"
!
GB
D
)
!
+
)
"
B
! *%
6%
"
J
#! !
=
D
)
=
!
"*
(
!
!
#! !
J
' !
! *%
#! !
.
+
1
!
- !
!
)
.
M
"
!
+
)
"
, !
!
!
!
! */
#! !
!
! *%
)
"
.
=
.
"
"*
= !
!
"
"
) !
!
!
*%
G
!
9B
GB
-!" #
+
)
"
&, ) ) ) (
* (
+
+
>)
"
!
!
) !*/
D
,
!,) !
+
!
)
B
"
!
"#
!,) !
!
!,
%
"
!
)
! */
"#
"
' !
"
"
)
J
"#
! *%
#! !
=
.
D
)
=
!
"*
(
!
!
#! !
J
' !
"#
! *%
#! !
.
+
1
!
!
- !
"
)
M
+
%
"
!,) !
!
!
0
.
"
!
! */
"#
!,
!
!
, !
B
"
,
"
!
!
"
!
0
"#
.
!
! *%
!
! */
#! !
+
!,) !
=
.
"
!
)
!
"*
"
) !
!
"
!
)
G
!
9B
GB
+&, .
= !
*%
)
"
0 +
--" #
0 +
+
!
) !*%
" *%
D :
!
! )
) !*%
)
.
"
"
D +
!
!
) !
+
!
"
"
%
%
) !*%
!
)
!
GB
)
) !*%
+
=
!
"
"
I
I%
)
!
&,
,"
- !
*%
- !
= !
!
+
,"
- !
=
=!
+
!
" *%
&
!
!
) !*%
,"
.
*%
)
!
!
!
%
)
) !*%
% )
) !*%
!
!
6
!
*%
M
)
%
&
+
"
!
9
!
"
.
+
+
!,) !
- !
2
B
J
" %
*/
,
B
!
G
B
!
" I
,
+
!
"
!
"
!D 2
B
,
!
"
&
D 2
!
"
- !
- !
+
#
*%
!
*%
+&, !
+
(
(
.
-." #
2
/
+
+
(
(
!
!
!
* (?+
%
*/
"
)
!
+
)
! *%
!
)
,"
) !*/
!
*%
!
&,
!
,
!
!
!
*/
!
!
#
!
!
!
!
)
"
*/
!
"
!
! . !
)
) !*%
.
-/" # :
/ "
) &,
D
! I
) !*/
1 =
!
)
"
" "
+
*%
M
=
)
*%
)
,
! "
=
)
!
2
!
=
) !*/
) !*/
!
!
+
!
!
=
=
, !
)
G
2
+
!
2 =
:B
!
=
!
GD
#
!
,
I
*%
I%
!
*%
=
2 +
!
,"
=
*%
+
=
*%
*%
=
*%
*%
"
%
) !*/
)
!
"
!
+
*%
1
!
+
= - !
%
!
!
*% !
) !*%
"
"
%
! %
) !*/
!
,"
*% ) !
!
) !*/
=
1 !
+
=
*%
)
1
= - !
B
*%
*/
=
!
!
B
!
9
,
"
)
=
) !*/
*%
=
"
"#
B
,"
"
M
C?3
!,
!
B
*%
+
*%
"
B
!
,"
"
=
*/
+
*%
=
D
!
"
*%
+
! "
!
!
=
)
*%
<
:
!
=
*%
!
) !
!
"
!
!
!
!
+
$ %
"
!
D
+
!
!
!
!
)
!
1
! %
*%
!
0
%
*%
) !*%
+
B
+
2
*%
F
!
) !*%
1
!
!
+
+
!
) !*%
!
%
!
$
!
!
"
? !
!
)
@
.
!
*%
" *%
"
*%
D
? !
$
+
!
%
"
"
"
) ! *%
!
!
*%
- !
!
=
@
*%
!
+
"
!
- !
= !
%
!
.
-1" #
+
2 +
!
"
!
"
0
(
(
!
*/
!
)
"
* (
%
:
=,
>
@
0
!
,"
) !*/
"
)
!
) !*%
! . !
)
+
"
!
FB
!
- !
!
! */
!
*
!
+
)
!
!
)
) =
!
*/
!
=
*
*% D !
!
)
!
! *%
!
G
? "
,
+
)
!
=,
!
)
*%
=,
*%
0
!
"
*/
1
)
!
9B
!
!
1
!
0
$ ) !
0
! *%
!
"
1 !
1
=,
!
"#
=
!
2 +
"
"#
! . !
! *% C !
*%
)!
*/
)=
=,
0
! "
!
+
!
%
"
= !
!
) !*/
"
B
B
)
) !*%
!
9
M
! )
"
!
!
*%
!
=,
$
!
!
*%
!
)!
)
%
)
) !*/
-2" #
;
%
*/
&,
=,
!
) !*%
"
!
) !*%
%
) !*%
.
!
(
!
!
*/
!
"
+
"
" *%
+
*%
*/
)
!
"
!
!
)
*/
)
*
)
)
!
*/
*%
*/
!
*/
)
!
"
"
!
!
*/
!
$
!
,
!
!
- !
)
+
!
!
!
"
) !*/
)
2
+
+
+
#"
! ,
0
1 = - !
!
)
1
)
) !
*/
*/
+
)
!
+
+
)
!
?
)!
)
!
!
$
%
) *%
) !
+
!
"
.
"
2
-4" #
)
:
+ )
+ ) (
- !
*%
:%
(
)
%
! "
%
+
* (
(
!,
=,
!
!
!
+
8
!
*%
!
=,
!
!
0
= !
= ! *% &
!
!
! %
!
&
+
) ! *%
? !
(0 +
*%
+
2
>
!
1
!D
:
!
+
B
=
"
D
)) ()
+6* (
0
"
*/
! "
+
D
(
!
*%
" *%
.
%
@
! *%
)
!
!
D
? !
!
$
+
@
!
!
- !
+
= !
%
!
=,
!
)
=!
G
)
2#
=,
D
!
,"
!
!
*/
)
+
) !*/
!
, !
!
!
!
=
&
!
2 +
!
= ! *%
2
!
"
*/
!
!
!
!
)
!
2 +
*%
+
I 1 !
*/
!
)
)
,"
,"
!
)!
"
+
!
=!
!
)
1 = ! *%
!
%
)
?
!
)
!
+
!
"
=,
!
)
) *%
" !
%
= !
- !
!
!
1
!
0
+
.
+
! */
!.
#
!D M
) !
C
4 "
2 +
)
= ! *%
D
.
) $
!
!
+
0
+
!
=
!
2+
) !
,
+
"
)
"
+
)
"
8
BG
+
0
=,
>
9B
,
!
F
"
!
!
<
+
J
*
9
= !
+
!
+
) !*/
?
!)!
*%
!
!
?
!
D
%
!
:
1
!
!
!
+
! *%
$ *%
"#
!
+
)
!
+ ,!
D
D M
"
)
) !
! *%
%
)
!
,
I I
1
!
!
!
)
+
D
!
! */
)
) !
%
!*%
!
!
! *%
!"
!
1
)D
) !
!
+
)
!
*%
) !
" *%
! )
!
+
+
? !
@
.
-7" #
:
%)
+
( &, )
- !
!
*/
%
%
)
%
D ?
!
)
!
- !
)
D :%
)
!
G
M
!
$
!
)
*%
*%
"
*/
!
2
!
! *%
J
)
*%
!
$(
-8" #
+
" *%
!
+
*%
=,
!
0
%
*%
)
"
*%
) $
)
!
!
*/
!
!
?
%
!
+
" !
)
)
*
B
)
*/
=
1
!
*%
"
( &' ( (
+
)
1
$ *%
+%+ (
, "
)
!
+
+
"
)!
+
;
!
0
" "
!
%
*/
!
!
)
*%
+&, -
!
!
!
*%
1!
)
1
2
2 +
+
B
=,
!
!,
)! !
"
< &,
! "
=
+
! "
=!
*%
?
$/
0
!
) )
+
) ! *%
%
3
( * &,
:
)
4
) ) ) (
%
6 + (
<
) (
+
)
$
!
.
+
"
=,
0
*
)
!
"
!
%
*%
;
!
" *%
) !
D 2
B
!
D 2
) !*%
" =
#
)
D 3
)
D 2
"
!
!
2 .
!
!
)
)
+
)
)
=
*%
!
=,
*%
%
1!
% # =
*%
0
!
!
)
$
!
*%
!
" I
)
!
!
*%
$/
*% %
!
2#
!
D
) !*/
, !
!
D 2 +
!
" *%
+
!
*%
!
!
"
)
B
" *%
"
!
*%
*%
!
" *%
) !*/
!
*%
) !*/
B
!
!
"
9
"
" *%
+
!
!
"
=
!
!
"
0
$
!
!
"
! &
)
- !
*%
%
+
!)!
!
" *% &
!
!
)
;
*%
)!
!
1!
"
! $ *%
!
#"
!
,"
$
!
)D M
+
1
!
"
*%
!)! J
*% !
&
$
*/
!
)
"
" *% &
!
) !
*%
!D
) !*% &
G
*%
.
!
=
!
J
+
!
&
!
!
!
*
0
!
!
<
M
)!
! )
)
%
+
!
!
)
!
"
*%
+
%
!
)
+
"
" *%
!
= !
!
#
F
M
!
" *%
) !
"
)
,
%
)
<
)
)
%
!
*%
*%
*%
!
2 .
!
!
"
# 1
! %
.9" # $ *
?
&,
:
)
) () ) ()
= !
!
8B
!
+
!
!
! *%
!
%
!
"
6%
+
" *%
!,) !
( * ) (
"
)
!
) !
!
! *%
)
)!
!
"
)
+
)!
!
"*
"
! *% )
*%
)
!
)
! *%
"*
1+
"
"#
2
1 +
!
*%
"
"
B
B
J
D ?
!
) !*%
$
+
!
D?
!
) !*%
!
, !
!
+
!
= &
!
*
0
!
!
, "
.!" #
;
:
<
!
>
) (
*
+
+ ((
+
) ) (
"
!
)
"
)
+
6 + (
!
)
$
%
!
!
!
"
!
.
)
!
8B
2 +
) *%
!
!
!
1
"
=
D
!
,"
!
) ! *% &
1
!
*%
B
,
)
"
"
)
*/
"
D
!
*%
!
"
*%
)
J
%
B
!
"
.-" #
;
+
D
2!
D
D
+ ((
+ (
(%
&
B
) ) ( %
6 + (
) (, + (( * (
>
$ *%
)
)
!
!
)
.
"
+
!
! $ *%
!
0
)
!
C)
!
.
$
"#
:
!
,"
+
$
"
"
2 +
+
&
"#
!
) (A +
J
$
)!
!
.." #
<
>
!
)
*
?
%
=,
!
+ =
)
0
!
)
) ) ( )
$
!
.
B
)
=,
I
I1
!
6%
1
!
! */
! ?
*/
!
!,) !
,$
"
+
!
"
!
=,
$
1
,"
!
)
./" #
:
2 +
!
>
!
C
%
=,
)
!
+
&, ) ) ) ( ) +
>)
#
$
"
!
!,) !
1
0
!
)
5%
.1" #
) !*/
!
,"
0
! "
*/
1
!
!
!
! */
67
) -/D4
+
F
!
!
,"
)
"
*/
!
! . !
!
)
!
)
) !*%
!
)
=,
!
G
*%
G
- !
) !*/
!
!
) !
! *%
!
J
D2
*%
D2!
" *%
!D 2
!
!
#! ! &
!
"
)
)
*/
!
!
8B
!
, !
B&
!
$ *%
"
*%
D
!
!
!
I
D
!
+
!
?
!
"
!
!
=
)
!
*%
*% !
!
+
"
!
+
&
%
!
*%
!
)
+
)
) !
)
)
!
$(
.2" #
#! !
+
+
!
!
( &' ( 5
((
(
)
2
"
*
*%
1
%
!
*%
2
"
? !
*% #
) ! *%
!
*%
" *%
%
@
2
"
*%
"
,
-
!
! !
.
)
!
) ! *%
!
" *%
*%
!
)
!
G
)!
B
*/
" !
*%
" !
I
1
"
=
)
*/
) (, ?
2 .
*%
,
" !
*%
*
"
*%
2
1
&,
"
*%
.
I
B
"
"
"
"
!
!
.4" #
*%
=
!
!
"
*%
!
(
!
%
! % #
#
A
!
!
"
!
%
1
B
*%
"
,
!
!
"
#
A
*%
1
B
"
*%
,
%
? !
"
*%
!
-
"
.
@
.
)
!
.7" #
+ &,
M
.
) ! *%
.
!
*%
" *%
" *%
!
%
M
!
? !
! *%
!
*%
@
"
2
"
*%
*%
"
*%
M
!
*%
*%
*% )
$
) ! *%
$
)
-
.
()
&,
? !
.
@
)
.
? !
!
*%
@
!
*%
)
) ! *%
@
.8" # %
*
! "
*/
−
4
−
4
" *%
! "
# !
=
" *%
4 $
"
!
=
*%
89F C?3 :B GD&
*%
2 =,
2 !
1
+
"
A0
2
"
*%
*
"
)
) $-I
!
"
*%
#
"
!
*%
!
+
3
"
#
)
%
*%
,"
" 1
"
%
)
!
*/
)
"
A
A *
)
"
!
*%
*/
)
2 =,
F
*%
*/
*%
D&
!
"
+
A # +
898 C?3
B
!
#
!
+
B 88D
?
"
!
+
J
4 +
!
A # +
8F> C?3
−
:
-
!
!
,
? !
.
,
*%
,"
.
!
*%
=
!
!
) I I%
! "
!,
*/
*/
/9" # $ +
&' (
M
) ! *%
) ! *%
!
" *%
!
*%
) !
B B <B
=
/!" #
!
%
,
M
"
!,
B8
"
,
*%
)
)
"
"
*/
*/
1
!
"
)
!
B
!
$
)! $
)
"
,
*%
!
= ! *%
%
!
)
*/
!
!
)
"
"
"
*/
*/
"
,
%
!
I I
"
%
*%
) "
FB
)
)
- !
!
) !
*/
! *%
)
B
"
,
!
)
" I
=!
:
!
FB 8B
!
-@
@
% )
)
! ,
!
!
,"
@ "
? !
.
!
B
6 (
;
!
)
"
!
!
I
!
!
"
)
!
= !
/-" #
( * (
M
@
) ! *%
*%
B G
) ! *%
!
) $
C D
B
B
B
B
"
/." # (
*
8B
:
;
+
G B
? !
)
;
*%
)
1
) ! *%
"
! *%
? !
.
%
!
GB B
<B
8B
B G
G
B
!
)
) ! *%
2
!
*%
$
? !
@
?
"
$ )
) ! *%
? !
!
)
) ! *%
!
@
$ )
+
)
"
B
B
( * (
"
I
!
!
*%
" *%
" C D
"
GB
B
B
)
) (
I@
! *%
"
)
!
"
G B
! !
( !
? !
I@
)
+
)
!
"
*/
//" #
! "
)
"
"
(
M
1
"
+
%
%
!
*%
!
? !
!
"
!
)
!
*/
+
"
C 4+ D
1
*%
+
!
#
A
*%
"
FB
M
A
@
*%
!
!
1
G B
"
!
!
#
#
=
!
#
+
%
C 4+ D
" *%
+
. !
)
G
=
!
)
!
9
!
B
A
1 +
*%
M
!
"
? !
&, )
+
*%
!
,
"
,
2 +
$ *%
) ! *%
!
" *% &
!
E
!
(
I
D 2
*%
*%
*%
I%
! *%
,
(
!
! *%
) * I
C 4+ D
3
" "
/2" #
C 4+ D
"
+
*%
"#
!
+
)
(
)
,
B
+
" *%
#
!
!
.
! !
(
)
#
@
/1" #
:
#
!
!
! *%
!
#
! /
*
*%
" !
%
!
!
!,) ! 1
+
+
(
I%
!
= ! *%
) ! "
"
!
)
#
!
)
"
!
)
) !
*%
!
J
!
)
D 2
#! !
!
)
"
*/
" )!
! . ! &
)
!D 2
"
" "
,
+
!
!
*%
"
C 4+ D
!
*/ !
=
? "
! *%
) $
)
"
$
#
*%
!
-
*% !
" *%
+
!
!
B
2 +
)
/4" # $
%
*/
%
+
? !
= !,!
!
> +
M
+
!
"#
2
B
B
) *
!
+
*%
C 4+ D ) !
)
"
"
)
+
!
+
1
!
C 4+ D
!
#
, !
!
1
)
!
9
!
!
#
!
G
, !
) ! *%
0 !
? !
$
,
)
-
"
*%
@
-
.
!
*%
) ! *%
? !
@
/7" #
% + &,
? !
@
)!
%
"
!
*%
"
!
!
1
D3
*%
"
*%
J
&
D
.
) ! *%
!
*%
" *%
% &
!D 3
! )
"
!
D3
<B
!
"
)
*/
) !
! *%
"
*%
FB&
! *%
G BJ
C D
C DG B G B
D M
!
"
) ! *%
=
"
"
7
"
!.
!
*%
!
*%
$
)
)
0 !
? !
!-
-
=
@
!
%
"
!
*%
: "
)#
) $
"
! *%
*%
)#
=
"
!
!
*%
!
"
1

dopewarsonline

Transcrição

Documentos relacionados

Security Informatics - National Police Library

Terrorism and Political Violence Is Islamist

fulltext

Second NCCTs review (06/2001)

SoK: Automated Software Diversity

to full report.

October 2013

with this network of top shipping lawyers, arresting or releasing a

portugal

maritime safety and environmental protection in europe.

Sex offenders - Faculdade de Ciências Médicas da Santa Casa de

Volume IX - Symantec

September

March_April ATCB

JULY 15 2004\REPORT