Crime and Oas Regional Cyber Essay

Submitted By rcd5011
Words: 1114
Pages: 5

Computer Crime & Intellectual Property Section

International
Cooperation in
Cybercrime
Investigations
Albert Rees
Computer Crime & Intellectual Property Section
Criminal Division, U.S. Department of Justice

Computer Crime & Intellectual Property Section

Romanian agents discover attack came from Vancouver

Canadian agents make the arrest Argentinean investigators discover attack came from
Bucharest

A Criminal
Intrudes into a Bank in
Bangkok

Thai investigators discover attack came from computer in Buenos Aires

OAS Regional Cyber Crime Workshop, April 2007

2

Computer Crime & Intellectual Property Section

The Challenges of
International Cybercrime
Investigations
• Countries must:
– Enact laws to criminalize computer abuses
– Commit adequate personnel and resources
– Improve abilities to locate and identify criminals
– Improve abilities to collect and share evidence internationally OAS Regional Cyber Crime Workshop, April 2007

3

Computer Crime & Intellectual Property Section

CHALLENGE:
Enacting Laws to
Criminalize Computer Abuses

OAS Regional Cyber Crime Workshop, April 2007

4

Computer Crime & Intellectual Property Section

The Need to Make Attacks on
Computer Networks a Crime
• “Dual Criminality” usually necessary for two countries to cooperate on a particular criminal matter
• Dual Criminality forms the basis for:
– Extradition treaties
– Mutual Legal Assistance Treaties

OAS Regional Cyber Crime Workshop, April 2007

5

Computer Crime & Intellectual Property Section

Overcoming the
Dual Criminality Divide
• Countries must agree on what to criminalize
– OAS Cybersecurity Strategy
– UN General Assembly Resolution 55/63

• Effort to do so: Cybercrime Convention
– A baseline for substantive law

• Countries must amend their laws to implement

OAS Regional Cyber Crime Workshop, April 2007

6

Computer Crime & Intellectual Property Section

CHALLENGE:
Committing Adequate Personnel and
Resources

OAS Regional Cyber Crime Workshop, April 2007

7

Computer Crime & Intellectual Property Section

Law Enforcement Needs





Experts dedicated to high-tech crime
Experts available 24 hours a day
Continuous training
Continuously updated equipment
– no longer a “flashlight and a gun”

• Each country needs this expertise

OAS Regional Cyber Crime Workshop, April 2007

8

Computer Crime & Intellectual Property Section

Solutions Are Not Always Easy
• Cyber security strategy must be formulated
• Difficult budget issues arise (even in the US)
• Requires commitment from senior officials
• Cooperation with the private sector can help

OAS Regional Cyber Crime Workshop, April 2007

9

Computer Crime & Intellectual Property Section

CHALLENGE:
Improve Ability to Locate and Identify
Criminals

OAS Regional Cyber Crime Workshop, April 2007

10

Computer Crime & Intellectual Property Section

The Problem of Locating and
Identifying Criminals
• Primary investigative step is to locate source of the attack or communication
– What occurred may be relatively easy to discover
– Identifying the person responsible is very difficult

• Applies to hacking crimes as well as other crimes facilitated by computer networks

OAS Regional Cyber Crime Workshop, April 2007

11

Computer Crime & Intellectual Property Section

Tracing a Communication


Only 2 ways to trace a communication:
1. While it is actually occurring
2. Using data stored by communications providers

OAS Regional Cyber Crime Workshop, April 2007

12

Computer Crime & Intellectual Property Section

Tracing a Communication
• Infrastructure must generate traffic data
• Carriers must keep sufficient data to allow tracing
• Laws and procedures must allow for timely access by law enforcement that does not alert customer • Information must be shared quickly
OAS Regional Cyber Crime Workshop, April 2007

13

Computer Crime & Intellectual Property Section

Solving the Tracing Dilemma I:
Traffic Data
• Countries should encourage providers to generate and retain critical traffic…