Sri Lankan perspective in meetin

Document Sample
Sri Lankan perspective in meetin Powered By Docstoc
					Sri Lankan perspective
     in meeting the
Cyber crime challenge

              Lal Dias
      Chief Operating Officer,
          Sri Lanka CERT
Role of Cyber systems in Sri Lanka
   e-Sri Lanka Development Initiative

       Multi-faceted program

       Objectives
            Bridge digital divide
            Improve delivery of public services
            Increase competitiveness of private sector
            Accelerate social development
            Poverty reduction
e-Sri Lanka Development Initiative
   Major Programs of e-Sri Lanka
       ICT Policy, Leadership & Institutional Development
       Information Infrastructure
       Re-engineering government
       ICT Human Resources Capacity Building
       ICT Investment & Private sector Development
       E-Society

   ICT Agency of Sri Lanka established to
    spearhead the e-Sri Lanka Development
e-Sri Lanka Development Initiative
    ICT Policy, Leadership & Institutional Development Program

                                                  e-Laws Project

                               Electronic Transactions Act No. 19

                           Sri Lanka Computer Crimes Act No. 24

                              e-Leadership Development Project

                    Information Infrastructure

                                         Sri Lanka CERT Project
e-Sri Lanka Projects
   e-Laws Project
      Electronic Transactions Act No. 19
           Law to enable validation of e-Commerce, e-
            Signature and e-Contracting

       Sri Lanka Computer Crimes Act No. 24
           Identification, Investigation and Enforcement of
            computer crimes
e-Sri Lanka Projects
   e-Leadership Development Project
       Develop a pool of champions to enforce security
        policies, monitor fraudulent activities and promote
        best practices

   Sri Lanka CERT Project
       National CERT mandated to protect Sri Lanka’s ICT
        infrastructure from attacks, be the single, trusted
        source for information on cyber crime techniques
        and coordinate efforts to handle Cyber crime
Conflict of Systems
   e-Sri Lanka introduces new challenges in
    fighting cyber crime:
      New (due to e-Sri Lanka)           Traditional

      • SLCERT Forensics Team      • Police Investigation Team
      • SLCERT Incident Handling       -CID

      • Computer Crimes Act        • Existing Penal Code
      • E-Transactions Act

      • New reporting mechanisms   •Traditional Reporting
Cyber crime in Sri Lanka: 2007
                         12%                         12%



            Publishing Information without consent (Sexual Harrassment)
            Hacking Addresses & Attempted cheats
            Violation of Intellectual Property Act
Cyber crime in Sri Lanka
   Prosecution of Cyber crime cases
                                                                                             Total Cases: 17


                                                                                             Total Cases: 9


                                                                                             Total Cases: 4



             0         20          40            60                   80             0
                                                                                     100   120

                            Successful   Dismissed        Pending   Uninvestigated
Computer Crimes Act
   Timeline

       1995: Work started by CINTEC Law Committee
       1997: Working paper on Computer crime Act submitted
       Decision to be made: Develop provisions for prosecution
        of cyber crimes under existing penal code OR develop a
        Subject specific law?
       2000: decision to develop Subject specific legislation
       2005: Bill finalized and presented in Parliament
       2006: Further review by Parliamentary committee
       2007: Passing of bill in parliament

   Computer Crime Act currently not enforced fully
Computer Crimes Act
   Features

       Provides clear structure for conducting of investigations and
       Provides distinct cyber crime categories and the corresponding
        parameters under which a case may be prosecuted, including
        maximum or minimum applicable penalties
       Use of Generic terms, so that even if technology changes, the
        nature of the crime will remain the same (example: phishing,
        vishing & phaxing)
       Provision of Cross Extradition arrangement with Council of
        Europe signatories. Increased ability to prosecute cases beyond
        Sri Lanka’s borders
       Clear statement of Resources that would be brought to bear on
        the case, including, among others, “experts”.
Computer Crimes Act
   Cyber crime Categories

       Computer-related offenses
        Computers used as tools for criminal activity
        (Theft, fraud)

       Hacking
        Activities which affect CIA of computer system or network
        (includes viruses and other malware)

       Content related offenses
        Computers with Internet access used to distribute illegal data
        (copyright infringement, pornography)
Computer Crimes Act
   Parameters

       Unauthorized Access
       Unauthorized Access in order to commit an offence
       Causing a computer to perform functions without
        lawful authority
       Offenses committed against national security
       Dealing with unlawfully obtained data
       Illegal interception of data
       Use of an illegal device
       Unauthorized disclosure of information
 Computer Crimes Act: Penalties
                            Jail Term       Fine
        Parameter                                     Or Both?
                             (Years)      (Rupees)
Unauthorized Access            ≤5          ≤100K        
Unauthorized Access to
commit offense
                               ≤5          ≤200K        
Function without Lawful
                               ≤5          ≤300K        
Offenses Against National
                               ≤5            -           ×
Unlawfully obtained data    0.5≤ ≤3     100K≤ ≤300K     
Illegal interception        0.5≤ ≤3     100K≤ ≤300K     
Use of illegal devices      0.5≤ ≤3     100K≤ ≤300K     
Unauthorized disclosure     0.5≤ ≤3     100K≤ ≤300K     
Identification of Cyber Crimes
   Limited reporting of crime
       Lack of trust in reporting methods
       No guarantee of confidentiality

   Verifying reports/Authenticity of Reports
       Genuine report or prank?

   Due diligence
       Reporting of crimes found at workplace. Professional
        obligation vs. Personal inconvenience
Investigation of Cyber Crimes
   Gathering of evidence
       Maintaining admissibility of evidence
            Lack of proper structure for cooperation between
             investigating organizations
            Poor system for maintenance of chain of custody

   Weight of Digital evidence in court
       Lack of understanding of importance of digital evidence
       Lack of Legal professionals conversant with CCA

   Jurisdiction
       NIB, CID, other organizations (SLCERT, TechCERT, etc)
Enforcement of Cyber Laws
   Tendency to prosecute under existing penal code; more
    lenient penalties (Case studies)

   Lack of IT Savvy lawyers

   Lack of ICT Knowledge of judges, making obtaining
    warrants more time consuming

   Lack of provisions for prosecuting Cross border crime,
    such as cross-extradition arrangements, cooperative
    investigation of cases, etc
Case study 1:
   A Foreign National published false information regarding the
    sale of DVD players online

   Online payments credited to Standard Chartered Bank

   Funds withdrawn by offender who left country

   DVD Players not delivered

   Suspect arrested upon return to Sri Lanka, fined and

   Problem: Waiting for suspect to return to Sri Lanka. Lack of
    extradition arrangements.
Case study 2:
   Superimposing nude images on a picture of a Buddha
    Statue (causing offense)

   Investigated by CID Cyber Crimes Unit

   NGO employee arrested

   Convicted and sentenced to 3 Years imprisonment,
    suspended for 3 years

   Problem: Leniency in sentence and enforcement of sentence.
    Much stronger penalties allowed for under CCA
Future plans for cyber crime fighting
   Build a defined structure and working relationship
    between organizations concerned with cyber
                                          International Judicial Community
     AG’s Department
                                          Inter-Governmental Relationships

       Police Force
                                           International Police Community

            CID          Sri Lanka CERT    International CERT Community

       Cyber crime
     Reporting Centres
Future Plans
   Identification

       Building and maintenance of Cyber Crime Reporting

       Additional “secured” reporting channels (E-mail, Web)

       Protection of Confidentiality through Information
        Security Measures

       Raises trust

       Expected Outcome: Reporting of more cases
Future Plans
   Investigation

       Develop a Digital Forensics Lab, Larger Forensics team to
        handle increase in cases

       Develop clear Chain of Custody procedures

       Build contacts with Foreign Police forces to increase skills
        available in investigating complex, cross-border cases and
        forensics knowledge

       Expected Outcome: Increased number of successfully
        prosecuted cases
Future Plans
   Prosecution

       Run Awareness Programs for the local judiciary to raise
        awareness of Computer crimes (attack techniques,
        potential damage, etc) and the provisions of the Computer
        Crimes Act (CCA)

       Build a pool of IT Savvy Legal professionals able to
        prosecute cases under the CCA

       Increase number of countries with which Sri Lanka has
        Extradition Treaties through Government intervention

       Expected Outcome: Increased number of successfully prosecuted

Shared By: