210 likes | 581 Views
Preventing Information Technology Crimes. Mohamed Gheyath Manager, Technical Affairs Telecommunications Regulatory Authority, UAE. Outline. Introduction Importance of Cyber Crime Law Case Study: Preventing Information Technology Crimes in the UAE addressing the followings: Access Crimes
E N D
Preventing Information Technology Crimes Mohamed Gheyath Manager, Technical Affairs Telecommunications Regulatory Authority, UAE
Outline... • Introduction • Importance of Cyber Crime Law • Case Study: Preventing Information Technology Crimes in the UAE addressing the followings: • Access Crimes • Network Crimes • Data Crimes • Other Related Crimes • Conclusion
Cyber Crime… • Due to the anonymous nature of the Internet…it is possible to engage into a variety of criminal activities with freedom… People have been misusing this aspect of the Internet to carry on criminal activities in cyberspace… Hence the need for Cyber Crime law is required in UAE… • The Cyber-Crime Law was approved and published early 2006. • Non compliance with the Cyber-Crime Law in the UAE leads to: • imprisonment and financial penalties; • or either of these.
Cont….Cyber Crime… • Examples of recent activities:- • Phishing • Pharming • Credit Card Details Theft
Importance of the Cyber-Crime Law… • It protects the integrity of the government and reputation of the country. • It helps preclude a country from becoming a shelter for bad actors, including terrorist actions using/attacking IT systems. • It helps prevent a country from becoming a repository for cyber-criminal data. • It increases market confidence and certainty regarding business operations and attract foreign direct investment. • It increases national security and deter corruption. • It helps develop ICT in the country.
Case Study: Preventing Information Technology Crime in UAE The UAE Cyber-Crime law addresses: • Access Crimes(unauthorized access, virus .. hacking, identity theft) • Data Crimes(interception, modification, theft, privacy) • Network Crimes(interference, sabotage) • Other Related Crimes(phising, pharming, cybersquatting, Obscenity)
Access Crimes • Intentional • Unauthorized / Authorized access
Cont….Access Crimes • “Only Access” to systems, DataBase, or network elements • Access that lead to data loss or damage or alteration results to higher penalties • Access that lead to Personal data loss or damage or alteration results to even higher penalties • Access crimes covers trespassing an authorised access to data or system. • Access crimes covers assisting access to data and systems.
Network Crimes • Network Interference • Network Sabotage
Cont…Network Crimes If the network is used to threat or force someone into committing an “act” then imprisonment could reach up to 2 years with fifty thousand Dirhams fine. If the Network is used to threat or force someone into committing a crime or to carry out acts in offense to honor and honesty then imprisonment could reach up to 10 years.
Cont…Data Crimes Using forged or fraud data willingly leads to the same punishment as the forge or fraud act it self.
Cont…Related Crimes Offending Islam holy shrines or rituals Offending any of other religions’ holy shrine or rituals Assaulting Family principles or values, family life privacy breach of individuals by publishing or news spreading. Drug dealing or facilitating. Money Laundry. Terrorist activities or assisting in activities. Inciting Male or female or seducing into committing obscenity or assisting to commit the same using the network.
Conclusions • Extending the rule of law into cyberspace is a critical step to create a trustworthy environment for people and businesses. • But this is an ongoing work and it is in progress. • organizations today must defend their own systems and information from attack. They may rely secondarily on the deterrence that effective law enforcement can provide. • The penalties should provide adequate deterrence for crimes that can have large-scale economic and social effects. • Self-protection remains the first line of defense. It is important that private sector develops and adopts strong and efficient technical solutions and management practices for information security.
Cont…Conclusions • Little consensus exists among countries regarding exactly which crimes need to be legislated against. In the networked world unless crimes are defined in a similar manner across jurisdictions (with some exceptions), coordinated efforts by law enforcement officials to combat cyber crime will be difficult. • A model approach is needed. some countries, particularly developing ones, are seeking a model to follow. But few have the legal and technical resources necessary to address the challenges of adapting local or regional criminal provisions to cyberspace. Public and private coordination to produce a model approach can help in creating a secured and safe Cyber Space haven.