DELITOS CIBERNETICOS Rodolfo Orjales CCIPS (Computer Crime and WE ARE IN OUR 4TH REVOLUTION WE WERE CASADORES Y SEGADORES COSECHEROS REVOLUCION INDUSTRIAL AHORA LA TAPA DIGITAL CON CADA TAPA, SOCIEDAD A ABRAZÓ LOS CAMBIOS POR LOS BENEFICIOS OBVIOS, PONIENDO POCA ATENCION A LOS DAÑOS INEVITABLEMENTE RESULTARÍAN. POR EJEMPLO, LA ÉPOCA DE LA REVOLUCION INDUSTRIAL PROMETIO AUMENTOS EN PRODUCCION Y EFICIENCIA, PRODUCTOS MAS BARATOS, Y MEJORIA EN LA CALIDAD DE VIDA. SOLO DESPUES PUSIMOS ATENCÍON A OTROS RESULTADOS: CONTAMINACÍON DEL AMBIENTE, LA MANO DE OBRA INFANTIL LA REVOLUCION DIGITAL: COMMERCIO ELECTRONICO, ACCESSO INFORMACION SIN LIMITE, DISCULSOS POLITICO, COMMUNICACÍON INVACION DE PRIVACIDAD, UN NUEVO MEDIO PARA DELINQUENTES Rodolfo Orjales CCIPS (Computer Crime and Intellectual Property Section) U.S. Department of Justice 1

Temas The Computer Crime & Intellectual Property Section (CCIPS) 3 Categorias de Delitos Cibernéticos El Alcance del Problema Soluciones Internacionales HOPE TO COVER FOUR TOPICS 1. WHAT IS CCIPS (E) 2. WHAT IS COMPUTER CRIME (E) 3. WHAT IS THE EXTENT OF THE PROBLEM (E) 4. FACTORS TO CONSIDER ON AN INTERNATIONAL LEVEL (E)

¿Que es CCIPS? Fundó en 1991 20 abogados: dobla en tamaño cada 3 años Misión Cibernético Estudiar alcance del problema Coordinar Investigaciones Concegar y entrenar agentes & fiscales Coordinar esfuerzos Internacionales Proponer & comentar sobre Legislaciones CCIPS STARTED IN 1991 20 LAWYERS; GROWING CYBER-CRIME MISSION STUDY THE PROBLEM TECHNICAL CONSIDERATIONS: “IS IT POSSIBLE TO TRACE THE SOURCE OF A COMPUTER ATTACK FOLLOWED BY A COUNTER-ATTACK? LEGAL CONSIDERATIONS: SHOULD THERE BE CIVIL OR CRIMINAL SANCTIONS IF A COUNTER-ATTACK DESTROYS INNOCENT SYSTEM PART OF THE EXECUTIVE BRANCH

CIVIL RIGHTS ANTI-TRUST FBI DEA INS U.S. ATTORNEYS OFFICE CRIMINAL DIVISION

OFFICE OF INTERNATIONAL AFFAIRS PUBLIC INTEGRITY FRAUD COMPUTER CRIME & INTELLECTUAL PROPERTY

¿Que es Un Delito Cibernético? (Tres Papeles) Computadora como Arma Computadora como Herramienta Computadora como Almacenaje ANY DISCUSSION ABOUT AN IMPORTANT TOPIC MUST BEGIN WITH A COMMON DEFINITION OF TERMS. WHAT DOES THE TERM “The term COMPUTER-CRIME” MEAN? BEST DEFINED BY LOOKING AT THREE GENERAL TYPES OF ROLES 1. WEAPON (E) 2. TOOL (E) 3. ACCOMPLICE (E) 2

Computadora como Arma “Verdadero” Delito Cibernetico Uso de sistema para Atacar Para Dañar un Sistema Robar información COMPUTER AS A WEAPON CRIMINALS USED TO USE GUNS CAUSE DAMAGE OR STEAL NOW THEY USE HOME COMPUTERS AND LAPTOPS TO (E) CAUSE DAMAGE, OR (E) STEAL INFORMATION 3

Daño a Sistema Unos asaltadores son como ladrones fuerzan entrada con otro propósito Unos son como vándalos rompen ventanas encolan cerraduras de puertas destruyen posesiones PEOPLE WHO DAMAGE TO SYSTEMS FALL INTO TWO CATEGORIES: BURGLARS BREAK INTO SYSTEMS TO COMMIT ANOTHER CRIME VANDALS (VÁNDALOS) WHO BREAK WINDOWS(DISFIGURAN PAGINAS DE WEB) GLUE DOORS( NIEGAN ACCESSO) DESTROY DATA 7

Daño a Sistema Negar Servicio Viruses incluye bombas de e-mail, ataques “SYN flood” , “ping of death” Viruses Melissa y otros Recent denial of service attacks hacker plants tool such asTrinoo, Tribal Flood Net, TFN2K On command victimsystemsends messages against target system Feb 7, YAHOO, CNN, E-Trade experienced attacks Attackers used spoofed addresses NIPC needed to manually review overwhelming log information MAFIA BOY apprehended in Canada VIRUSES: Tip by AOL to New Jersey Police, led to April 1 arrest of David Smith. Smith stipulated damage exceeded $80 mil. Affected 1.2 mil computers Usenet Newsgroup “Alt.sex” Practice SAFE SEX ON THE INTERNET 8

Gusano vs. Virus ¿ Que es un VIRUS? ¿ Como Se Transmite? ¿Cuán rápido? Un programa de sistema que salta a un archivo un archivo o disco, de sola una computadora ¿ Como Se Transmite? Sólo si usuarios la copia o la envía ¿Cuán rápido? Dictado por los usuarios NOT ENOUGH TIME TO TALK ABOUT ALL OF THE WEAPONS SNIFFERS, PINGS, CABALLOS TROYANOS FOCUS ON GUSANOS Y VIRUS WHAT IS A VIRUS? (E) A SOFTWARE PROGRAM JUMPS FROM ONE PC TO ONE PC HOW IS IT TRANSMITTED? (E) ONLY IF USER COPIE SOR SENT HOW FAST? (E) DETERMINED BY THE USER

Gusano ¿Que es un Gusano ¿ Como Se Transmite? Un programa de sistema específicamente deseñado para transmitirse de una computadora a otra ¿ Como Se Transmite? Engachado a mensajes de e-mail Transmitido por “share drives” UNLIKE VIRUSES, WORMS DO NOT NEED HUMAN INTERVENTION THEY SPREAD THEMSELVES TO OTHER PC’s VIA THE NETWORK MUCH FASTER THAN VIRUSES. EXAMPLE: I LOVE YOU SPREAD TO 2.5 MILLION IN 48 HOURS

¿ Quien haría daño a un Sistema? Autores de Virus Grupos de Delincuentes Terroristas Guerreros de la información VIRUS WRITERS: Melissa Virus CRIMINAL GROUPS: attack for purpose of $$$ Sept 1999 conviction ofCory Lindsey & Calvin Cantrell (“Phonemasters”) penetrated MCI, Sprint, ATT. Downloaded thousands of calling card numbers. Sold  Canadian Ohio  organized group Italy  Switzerland. Sentence: Cantrell 2 years; Lindsey 3 1/2 years Vladimir Levin who transferred $10 mil from Citibank to accounts in Calif., Germany, Israel using stolen passwords & id numbers TERRORISTS: formulate plans, raise funds, spread propaganda, communicate securely HAMAS, Abu Nidal, Hizbollah use computers to support operations. Ramzi Yousef (World trade Center mastermind) stored plans to destroy jets. INFORMATION WARFARE: Prospect of Information warfare by foreign military is greatest threat. Countries are developing programs. 2 Chinese officers wrote a book Propagation of computer viruses

¿ Quien mas? Personas internas--empleados, contratistas Intrusos - Hackers, Crackers Agentes del Espionaje Industriales Agentes de gobiernos INSIDRERS: knowledge of companies’ network + unrestricted access George Parente. 1997 terminated Forbes computer technician. Parente dialed into computer system from home using co-workers password. Crashed 5 out of 8 servers. Permanently erased all server volume. 2 day shut down National Library of Medicine medical rely on diseases, treatments, dosage infor. John Gray III downloaded hundreds of files through a back door he created. Threat to public safety. HACKERS:crack into systems for the thrill. Increase in financial motive. March, Wales arrest for theft of 26,000 credit cards from e-commerce sites. Mitnick stole info from telecommunications “Hactivism”deletion of 200 DOJ web site over Communications Decency Act FOREIGN INTEL First known hack in Berkley (1986) 9

Robo de Infornación De Valor Económico Datos Personales Información Estratégica clasificada / militar De Valor Económico Información propietario fraude financiero tarjetas de crédito Datos Personales archivos de crédito o médicos SECOND CATEGORY OF HOW THE PC IS A WEAPON IS WHEN IT IS USED TO STEAL INFORMATION WHAT KIND OF INFORMATION MILITARY OF GOVERNMENT SECRETS ECONOMIC VALUE INDUSTRIAL ESPONAGE FINANCIAL FRAUD CREDIT CARD PERSONAL INFORMATION MEDICAL CREDIT HISTORY 4

Computadora como Herramienta Traditional Crime Online Fraude Juegos de dinero Pornografía infantil Piratería Tormentar THE SECOND TYPE OF COMPUTER CRIME INVOLVES THE PC AS A TOOL OFTEN THE IT INVOLVES THE MORE TRADITIONAL OFFENSES FRAUD GAMBLING PORNOGRAPHY PIRACY TORMENT 10

Robo de Servicios: Phreaking Penetración de sistemas de teléfono Robo de servicio de larga distancia Uso Creativos Dos Porsches y $30,000 PHREAKING SOMETIMES CRIMINALS ARE CREATIVE PENETRATE TELEPHONE SERVICE STEAL LONG DISTANCE SERVICE CREATIVE EXAMPLE: RADIO CONTEST 5

Fraude en Internet Variedades Subastas del web Fraude de acciones Esquemas de pirámide Computers are also being used to facilitate more traditional forms of crime Accessibility of IMMENSE AUDIENCE ANONYMITY of the subject National American Securities Administrators Assoc. “$10 bil/ yr in fraud” EXAMPLES: April 7, 1999 a Yahoo financial news message board has a “scoop” on a telecommunications company “PairGain”. Shares went up 30%. North Carolina man arrested. March 5, 2000. 19 people arrested in NYC for a multi-$ mil trading scheme $8.4 mil stolen using inside info on Goldman Sachs clients 13

Delitos Cibernetico: Alcance del Problema Casos de intrusión reportados a NIPC FY 1998: 574 FY 1999: 1154 NIPC: National Infrastructure Protection Center How many cases would you estimate were reported in 1999? 1154

Estudio de Delitos Cibernéticos 98% descubrieron violaciones 74% violaciones incluyieron: robo información propietario fraude financiero penetración por desconocidos sabotaje rechazo de servicio Computer Security Institute 5th Annual Survey: 164 respondents corporate, financial institutions 19% reported 10 or more incidents

STATISTICS ARE DIFFICULT TO OBTAIN COMPANIES DON’T ALWAYS REPORT DON’T KNOW WHERE DON’T WANT BAD PUBLICITY ARE NOT AWARE THE QUESTION WAS ASKED TO LARGE AND MID-SIZED COMPANIES 6% ANY TIME 31% IF NO NEED TO IDENTIFY OURSELVES 24% IF EVERYONE ELSE DOES IT 36% IF OBLIGATED BY LAW 3% SOME OTHER WAY

THE THIRD CATEGORY OF COMPUTER CRIME IS WHEN THE PC IS USED AS A DEPOSIT PC ARE USED TO CREATE, SEND, AND STORE DOCUMENTS AND INFORMATION INDIVIDUALS, GOVERNMENTS, AND NOW CRIMINALS ARE USING PC’s

Quicken® para Narcotraficantes DRUG TRAFFICERS USED TO USE NOTE BOOKS TO KEEP TRACK OF TRANSACTIONS NOW

Pornografía Infantil Tráfico de ímagenes digitales Cómo y dónde Morphing Tráfico de ímagenes digitales Cómo y dónde Chat rooms/IRC WWW Newsgroups E-mail CHILD PORNOGRAPHERS USED TO KEEP PHOTOGRAPHS & MAGAZINES PC”S USED FOR MORPHING TRAFICK HOW AND WHERE IS IT DONE? CHAT ROOMS WWW NEWSGGROUPS E-MAIL 15

Resumen Papel de sistemas en los delitos “Delito cibernético” significa mas que intrusiones Papel de sistemas en los delitos arma contra otras computadoras nueva manera de cometer ofensas tradicionales Depósito de comunicaciones 18

MARCO INTERNACIONAL: PRINCIPIOS PARA CONSIDERAR Delitos Cibernéticos

ANTES DE TODO ACEPTAMOS QUE: Delitos cibernéticos no tienen fronteras Hay la necesidad de armonizar leyes para mejorar cooperación internacional BEFORE WE START COUNTRIES NEED TO AGREE ON BASIC PRINCIPALS 1. CYBER-CRIIME HAS NO FRONTIERS NO NATION IS SAFE AS LONG AS THERE IS A HAVEN 2. LAWS NEED TO BE HARMONIZED TO IMPROVE COOPERATION LOVE BUG DEFENDANT IN PHILIPINES

PRINCIPIOS DE ACUERDO Afirmamos la Importancia de: mantener la integridad, disponibilidad, y confidencialidad de sistemas; implementar una respuesta a delitos que sea adecuada y rápida; criminalizar y castigar amenazas; balancear intereses policiales con derechos fundamentales (privacidad) COUNTRIES MUST ACKNOWLEDGE THAT 1. COMPUTER INTEGRITY, CONFIDENTIALITY, AND AVAILABLITY MUST BE MAINTAINED; 2. COUNTIES MUST IMPLEMENT A MEANS TO RESPOND RAPIDLY AND ADEQUATELY 3. CRIMINALIZE AND PUNISH THREATS TO THE SECURITY 4. INTERESTS OF THE PUBLIC (PRIVACY) MUST BE BALANCED WITH INVESTIGATIVE NEEDS

Leyes Substantivas Actos contra la integridad, disponibilidad, y confidencialidad de sistemas: Acceso Ilegal Intercepción Ilegal Daño al Sistema Daño a Datos Aparatos Ilegales SUBSTANTIVE AND PROCEDURAL LAWS MUST SIMILARITY TO MAINTAIN OUR GOAL OF PRESERVING THE INTEGRITY AND CONFIDENTIALITY OF OUR SYSTEMS. SUBSTANTIVE LAWS SHOULD CRIMINALIZE THESE 5 ACTIVITIES 1. ILLEGAL ACCESS(Wworster, MASS) 2. ILLEGAL INTERCEPTION (L.A. RADIO SHOW) 3. INTENTIONAL DAMAGE TO A COMPUTER (DENIAL SERVICE) 4. DAMAGE TO DATA (VIRUS) 5. ILLEGAL TOOLS (I LOVE YOU VIRUS)

Ofensas Relacionadas con Computadoras PENALIZAR Fraude Falsificación THESE ARE CRIMES LOOKING AT THE COMPUTER AS A VICTIM OTHER OFFENSES TO CONSIDER FRAUDE AND FALSIFICACION

Ofensas Relacionadas Con Contexto Delitos Relacionada Con PORNOGRAFÍA INFANTIL Penalizar el uso de un sistema para: ofrecer, distribuir, transmitir producir poseer NOW, LET’S CONSIDER COMPUTER OFFENSES THAT FOCUSES ON CONTEXT CHILD PORNOGRAPHY WHOEVER OFFERS, DISTRIBUTES, TRANSMITTS, PRODUCES, POSSESS

Ofensas Relacionadas Con Derecho de Autor PENALIZAR El uso de un sistema para La reproducción y distribución de obras protegidas por las leyes de derecho de autor como definida por los tratados de TRIPS, WIPO, y la Convención de Bern cuando cometido a un nivel comercial ANOTHER EXAMPLE AT COMPUTER OFFENSES THAT LOOK AT CONTENT IS COPYRIGHT PENALIZE REPRODUCTION AND DISTRIBUTION OF COPYRIGHTED WORKS PROTECTED BY COPYRIGHT LAWS SUCH AS TRIPS, WIPO WHEN AT A COMMERCIAL LEVEL

LEYES PROCESALES Buscada y Colección de Datos Países deben permitir a sus autoridades BÚSCAR dentro de sistemas dentro de su pais; y de RECOLECTAR datos de sistemas para conducir investigaciones de delitos PROCEDURAL LAWS: SEARCH AND SEIZURE PERMIT AUTHORITIES SEARCH SYSTEMS WITHIN THEIR COUNTRY TO COLLECT DOCUMENTS AS PART OF A CRIMINAL INVESTIGATION

BUSCA Y COLECCIÓN DE DATOS Maneras De Colectar Datos hacer y retener una copia de datos mantener custodia del sistema rendir inaccesible el sistema WAYS TO COLLECT DATA MAKE A COPY MAINTAIN CUSTODY RENDER INACCESIBLE

LEYES PROCESALES Producción de Datos Países deben permitir Que Autoridades Competentes ordenen la producción de datos mantenidos en sistemas bajo el control de individuos dentro de su pais PROCEDURAL LAWS TO COMPEL PRODUCTION COUNTRIES SHOULD PERMIT COMPETENT AUTHORITIES TO ORDER PRODUCTION OF DATA MAINTAINED IN SYSTEMS MAINTAINED WITHIN THAT COUNTRY

LEYES PROCESALES Preservacion de Datos Las Autoridades Competentes poder ordenar la inmediata preservación de datos cuando hay razón pensar asistir en una investigación vulnerable a pérdida o modificación PRESERVATION OF DATA AUTHORITIES SHOULD BE ABLE TO ORDER IMMEDIATE PRESERVATION OF DATA WHEN ASSIST IN AN INVESTIGATION THE DATA IS VULNERABLE TO LOSS OR MODIFICATION

LEYES PROCESAES Preservacion de Datos Países deben obligar que esas personas (ISPs) mantengan confidencialidad de la investigacion PRESERVATION OF DATA ISP’S SHOULD BE OBLIGATED TO MAINTAIN THE CONFIDENTIALITY OF INVESTIGATIONS

COOPERACIÓN INTERNACIONAL ASISTENCIA MUTUA Petición Para Preservación de Datos Un Pais Debe Indentificar la autoridad haciendo la demanda el delito y los acontecimientos los datos demandados la necesidad de preservar INTERNATIONAL COOPERATION: MUTUAL ASSISTANCE WHEN A COUNTRY REQUESTS ASSISTANCE FOR PRESERVATION THEY SHOULD INDENTIFY THE AUTHORITY MAKING THE DEMAND THE CRIME AND EVENTS SUPPORTING ALLEGATIONS THE DATA REQUESTED WHY A NEED TO PRESERVE

PREGUNTAS? COMENTARIOS?