CyberCrime

Kelly R. Burke District Attorney Houston Judicial Circuit

Contact at 478.218.4810 or E-mail at burke@houstonda.org Website: www.houstonda.org

Well examine:
Definition of Cybercrime Georgia Law on Computer Issues Federal Laws on Computer Issues Forensic Issues Case Studies Sexual Predator Cyber Stalking Computer Theft

Definition of Cybercrime
any illegal act involving a computer, its systems, or its applications Must be intentional not accidental Types or categories of cybercrime- 3 Ts
Tool

of the crime traditional crime w/ a computer Target of the crime Hacking Tangential to the crime drug records

Georgia Computer Systems Protection Act"

The General Assembly finds that: (1) Computer related crime is a growing problem in the government and in the private sector;

Georgia Computer Systems Protection Act"

(2) Such crime occurs at great cost to the public, since losses for each incident of computer crime tend to be far greater than the losses associated with each incident of other white collar crime;

Georgia Computer Systems Protection Act"

(3) The opportunities for computer related crimes in state programs, and in other entities which operate within the state, through the introduction of fraudulent records into a computer system, unauthorized use of computer facilities, alteration or destruction of computerized information files, and stealing of financial instruments, data, or other assets are great;

Georgia Computer Systems Protection Act"

(4) Computer related crime operations have a direct effect on state commerce; (5) Liability for computer crimes should be imposed on all persons, as that term is defined in this title; and

Georgia Computer Systems Protection Act"

(6) The prosecution of persons engaged in computer related crime is difficult under previously existing Georgia criminal statutes.

Georgia Law Definitions

(1) "Computer" means an electronic, magnetic, optical, electrochemical, or other high-speed data processing device or system performing computer operations with or on data and includes any data storage facility or communications facility directly related to or operating in conjunction with such device;

Georgia Law Definitions

(1) ....but such term does not include an automated typewriter or typesetter, portable hand-held calculator, household appliance, or other similar device that is not used to communicate with or to manipulate any other computer.

Georgia Law Definitions

(2) "Computer network" means a set of related, remotely connected computers and any communications facilities with the function and purpose of transmitting data among them through the communications facilities.

Georgia Law Definitions

(3) "Computer operation" means computing, classifying, transmitting, receiving, retrieving, originating, switching, storing, displaying, manifesting, measuring, detecting, recording, reproducing, handling, or utilizing any form of data for business, scientific, control, or other purposes.

Georgia Law Definitions

(4) "Computer program" means one or more statements or instructions composed and structured in a form acceptable to a computer that, when executed by a computer in actual or modified form, cause the computer to perform one or more computer operations...

Georgia Law Definitions

(5) "Data" includes any representation of information, intelligence, or data in any fixed medium, including documentation, computer printouts, magnetic storage media, punched cards, storage in a computer, or transmission by a computer network.

Georgia Law Definitions

(6) "Financial instruments" includes any check, draft, money order, note, certificate of deposit, letter of credit, bill of exchange, credit or debit card, transaction-authorizing mechanism, or marketable security, or any computer representation thereof.

Georgia Law Definitions

(7) "Property" includes computers, computer networks, computer programs, data, financial instruments, and services. (8) "Services" includes computer time or services or data processing services.

Georgia Law Definitions

(9) "Use" includes causing or attempting to cause: (A) A computer or computer network to perform or to stop performing computer operations;

Georgia Law Definitions

(9) "Use" includes causing or attempting to cause: (B) The obstruction, interruption, malfunction, or denial of the use of a computer, computer network, computer program, or data; or (C) A person to put false information into a computer.

Georgia Law Definitions

(10) "Victim expenditure" means any expenditure reasonably and necessarily incurred by the owner to verify that a computer, computer network, computer program, or data was or was not altered, deleted, damaged, or destroyed by unauthorized use.

Georgia Law Definitions

(11) "Without authority" includes the use of a computer or computer network in a manner that exceeds any right or permission granted by the owner of the computer or computer network.

Computer Crimes O.C.G.A. Sec. 16-9-93

Computer Theft Computer Trespass Computer Invasion of Privacy Computer Forgery Computer Password Disclosure

Computer Crimes O.C.G.A. Sec. 16-9-93

All computer crimes are felonies: Computer Theft (15 years, $50,000 fine) Computer Trespass (15 years, $50,000 fine) Computer Invasion of Privacy (15 years, $50,000 fine) Computer Forgery (15 years, $50,000 fine) Computer Password Disclosure (1 year, $5,000 fine)

Computer Crimes O.C.G.A. Sec. 16-9-93

Any person who uses a computer or computer network with knowledge that such use is without authority and with the intention of: (1) Taking or appropriating any property of another, whether or not with the intention of depriving the owner of possession; (2) Obtaining property by any deceitful means or artful practice;

Computer Crimes O.C.G.A. Sec. 16-9-93

or (3) Converting property to such person's use in violation of an agreement or other known legal obligation to make a specified application or disposition of such property shall be guilty of the crime of computer theft.

Computer Trespass
Any person who uses a computer or computer network with knowledge that such use is without authority and with the intention of: (1) Deleting or in any way removing, either temporarily or permanently, any computer program or data from a computer or computer network;

Computer Trespass
(2) Obstructing, interrupting, or in any way interfering with the use of a computer program or data; or (3) Altering, damaging, or in any way causing the malfunction of a computer, computer network, or computer program, regardless of how long the alteration, damage, or malfunction persists

Computer Trespass
... shall be guilty of Computer Trespass.

Computer Invasion of Privacy

Any person who uses a computer or computer network with the intention of examining any employment, medical, salary, credit, or any other financial or personal data relating to any other person with knowledge that such examination is without authority shall be guilty of the crime of computer invasion of privacy.

Computer Forgery
Any person who creates, alters, or deletes any data contained in any computer or computer network, who, if such person had created, altered, or deleted a tangible document or instrument would have committed forgery under Article 1 of this chapter, shall be guilty of the crime of computer forgery.

Computer Forgery
The absence of a tangible writing directly created or altered by the offender shall not be a defense to the crime of computer forgery if a creation, alteration, or deletion of data was involved in lieu of a tangible document or instrument.

Computer Password Disclosure

Any person who discloses a number, code, password, or other means of access to a computer or computer network knowing that such disclosure is without authority and which results in damages (including the fair market value of any services used and victim expenditure) to the owner of the computer or computer network in excess of $500.00 shall be guilty of the crime of computer password disclosure.

Anonymity and the Internet Computer False Identity

(a) It shall be unlawful for any person, any organization, or any representative of any organization knowingly to transmit any data through a computer network or over the transmission facilities or through the network facilities of a local telephone network

Anonymity and the Internet Computer False Identity

for the purpose of setting up, maintaining, operating, or exchanging data with an electronic mailbox, home page, or any other electronic information storage bank or point of access to electronic information

Anonymity and the Internet Computer False Identity

if such data uses any individual name, trade name, registered trademark, logo, legal or official seal, or copyrighted symbol to falsely identify the person, organization, or representative transmitting such data

Anonymity and the Internet Computer False Identity

or which would falsely state or imply that such person, organization, or representative has permission or is legally authorized to use such trade name, registered trademark, logo, legal or official seal, or copyrighted symbol for such purpose when such permission or authorization has not been obtained;

Anonymity and the Internet Computer False Identity

provided, however, that no telecommunications company or Internet access provider shall violate this Code section solely as a result of carrying or transmitting such data for its customers. Crime is a misdemeanor.

Anonymity and the Internet Court Challenge

A court case challenged this Georgia law. In ACLU v. Miller, 977 F. Supp. 1228 (1997), the ACLU alleged that the misappropriation of identity portion of this law was overbroad and, thus, unconstitutional.

Anonymity and the Internet

ACLU V. Miller
Plaintiffs were a group of individuals and organization members who communicate over the internet, interpret it as imposing unconstitutional content-based restrictions on their right to communicate anonymously and pseudonymous over the internet, as well as on their right to use trade names, logos, and other graphics in a manner held to be constitutional in other contexts.

Anonymity and the Internet ACLU v. Miller

Plaintiffs argue that the act has tremendous implications for internet users, many of whom "falsely identify" themselves on a regular basis for the purpose of Angellica? communicating about sensitive topics without subjecting themselves to ostracism or embarrassment.

Anonymity and the Internet

ACLU V. Miller

The State had four primary arguments....

Anonymity and the Internet

ACLU V. Miller
Defendants contend that the act prohibits a much narrower class of communications. They interpret it as forbidding only fraudulent transmissions or the appropriation of the identity of another person or entity for some improper purpose. Defendants ask the Court to abstain from exercising jurisdiction in this case in order to give the Georgia Supreme Court an opportunity to definitively interpret the act.

Anonymity and the Internet

ACLU V. Miller
The State of Georgia: ...also ask the Court to abstain from exercising jurisdiction over this case on the grounds that the law is ambiguous and in need of state court interpretation.

Anonymity and the Internet

ACLU V. Miller
Defendants allege that the statute's purpose is fraud prevention, which the Court agrees is a compelling state interest. However, the statute is not narrowly tailored to achieve that end and instead sweeps innocent, protected speech within its scope. Specifically, by its plain language the criminal prohibition applies regardless of whether a speaker has any intent to deceive or whether deception actually occurs.

Anonymity and the Internet

ACLU V. Miller
Defendants respond that the act does not mean what it says and that, instead, a variety of limiting concepts should be engrafted onto it. First, defendants propose to add an element of fraud, or a specific intent requirement of "intent to defraud" or "intent to deceive" to the act. None of these terms or phrases appears in the statute, however, although they are expressly included in other Georgia criminal statutes which require proof of specific intent.

Anonymity and the Internet

ACLU V. Miller
In construing a statute, the Court must "follow the literal language of the statute 'unless it produces contradiction, absurdity or such an inconvenience as to insure that the legislature meant something else.'" Hellooooo.... Isnt that what the Legislature does regularly???

Anonymity and the Internet

ACLU V. Miller
The Court concludes that the statute was not drafted with the precision necessary for laws regulating speech.

Anonymity and the Internet

ACLU V. Miller
On its face, the act prohibits such protected speech as the use of false identification to avoid social ostracism, to prevent discrimination and harassment, and to protect privacy, as well as the use of trade names or logos in non-commercial educational speech, news, and commentary--a prohibition with well-recognized first amendment problems.

Computer Crimes - Venue

For the purpose of venue under this article, any violation of this article shall be considered to have been committed: (1) In the county of the principal place of business in this state of the owner of a computer, computer network, or any part thereof;

Computer Crimes - Venue

(2) In any county in which any person alleged to have violated any provision of this article had control or possession of any proceeds of the violation or of any books, records, documents, or property which were used in furtherance of the violation;

Computer Crimes - Venue

(3) In any county in which any act was performed in furtherance of any transaction which violated this article; and (4) In any county from which, to which, or through which any use of a computer or computer network was made, whether by wires, electromagnetic waves, microwaves, or any other means of communication.

More Georgia Computer Crimes

Remaining Georgia computer crimes are crime specific, such as Sexual Offenses, Stalking Offenses and Theft Offenses Well cover later after the break.

Federal Laws on Cybercrime

Computer Fraud and Abuse Act of 1986
Three

goals (page 309 in your textbook)

Confidentiality

of data communications Integrity of data communications Availability of data communications

CFAA is a general purpose cybercrime law

Forensic Issues Computer Seizures

Who will do seizure? Who has the best forensic capability? What will be seized? Computers, disks, tapes, books, etc. Education of officers executing search. Power issues, movement issues, backup issues

Forensic Issues Computer Seizures

Backlogs in computer labs result in searches that take months to get done. Therefore, we tend to limit search to specific issues. If youre looking for child porn, and you find it, dont make lab look for every picture on the system. It simply doesnt matter to the jury. Get ten most gruesome pictures and call it a day.

Forensic Issues Computer Seizures

E-mail, or ICQ searches are more problematic. Cost may force limiting search to known conversations, however, you want to search through the files far enough to determine if other victims can be located.

Forensic Issues Computer Seizures

GBI and FBI are generally the only agencies with qualified forensic scientists. Even there, pay is an issue. Its a new paradigm. How do you start a computer nerd at twice or three times the salary of a toxicologist???

Forensic Issues Computer Seizures

Local law enforcement officer can learn basic forensics, and probably appear educated before a jury.... until the defense brings in a real expert who blows the officer out of the water. Its a fact and its life in the computer age.

Terroristic Threats and Acts

A person commits the offense of a terroristic threat when he threatens to commit any crime of violence ... with the purpose of terrorizing another or of causing the evacuation of a building... or in reckless disregard of the risk of causing such terror or inconvenience. No person shall be convicted under this subsection on the uncorroborated testimony of the party to whom the threat is communicated.

Terroristic Threats and Acts

Statute requires corroboration, which was generally difficult to do on a telephone conversation. Hence, Im going to kill you... communicated during a telephone conversation may not be actionable, at least as a terroristic threat.

Terroristic Threats and Acts

However, that same threat, communicated via e- mail or ICQ or Instant Messenger or whatever, if a written record is available, could very well be prosecuted.

Intercepting Communications
O.C.G.A. Sec. 16-11-62 It shall be unlawful for (4) Any person intentionally and secretly to intercept by the use of any device, instrument, or apparatus the contents of a message sent by telephone, telegraph, letter, or by any other means of private communication;

Intercepting Communications
But, what if the police seize a computer and discover a conversation where a crime is discussed. That conversation, if by telephone or telegraph, would have been protected. Not the case with a computer. Courts have ruled that you should know that a computer makes a printed record, so its okay for police to use it.

Intercepting Communications
Okay, but what was a telegraph anyway?

Case Studies Cyber Crime Comes To Life

Officer sets up a meeting with a suspected cybersex perpetrator. Perp drives to Houston County, thinking hes meeting the 13 year old girl he met on-line. Instead hes meeting a 35 year old, 225 pound, detective. Whoops, wrong move. But is it a crime?

Case Studies Cyber Crime Comes To Life

Recent Court of Appeals case of State vs. Dennard ruled that, so long as the State can prove that a substantial step was taken toward the commission of the crime, the State can proceed to trial. The case was affirmed on certiorari to the Georgia Supreme Court.

Undercover Officer Participation

OCGA 16-12-100.2 (f) The sole fact that an undercover operative or law enforcement officer was involved in the detection and investigation of an offense under this Code section shall not constitute a defense to prosecution under this Code section.

Case Studies Cyber Crime Comes To Life

So mere speech can get someone in trouble? Sure, its been that way for years. The only thing different is the computer is the means of communicating the offense.

Computer Assisted Sexual Exploitation

However, Legislature has recently enacted a misdemeanor statute that makes the use of a computer in the communication itself illegal. It is directly on point, but is it binding?

Computer Assisted Sexual Exploitation

This legislation is entirely new, recognizing the uniqueness of computer assisted child exploitation which was not possible even ten years ago.

Computer Assisted Sexual Exploitation

O.C.G.A. Sec 16-12-100.2 (d) (1) Effective 7/1/99 It shall be unlawful for any person intentionally or willfully to utilize a computer on-line service, Internet service, or local bulletin board service to seduce, solicit, lure, or entice, or attempt to seduce, solicit, lure, or entice a child or another person believed by such person to be a child,

Computer Assisted Sexual Exploitation

(d) (1) .. to commit any illegal act ... relating to the offense of sodomy or aggravated sodomy; ... relating to the offense of child molestation or aggravated child molestation; ... relating to the offense of enticing a child for indecent purposes; ... relating to the offense of public indecency; or to engage in any conduct that by its nature is an unlawful sexual offense against a child.

Computer Assisted Sexual Exploitation

(d) (2) Any person who violates paragraph (1) of this subsection shall be guilty of a misdemeanor of a high and aggravated nature.

Case Studies Cyber Crime Comes To Life

Back to the scenario where the perp comes to Houston County. Can the perp be charged with Attempted Child Molestation, or is the State bound to stick with the newly enacted Sexual Exploitation statute?

Case Studies Cyber Crime Comes To Life

In Dennard, the Court of Appeals ruled that the State can proceed on Criminal Attempt, even though the crime of Sexual Exploitation has arguably been committed. The State commonly goes after the highest crime committed. Nothing different here, just because computer is involved.

ISP Operators Beware

OCGA 16-12-100.2 (e) (1) It shall be unlawful for any owner or operator of a computer on-line service, Internet service, or local bulletin board service intentionally or willfully to permit a subscriber to utilize the service to commit a violation of this Code section, knowing that such person intended to utilize such service to violate this Code section.

ISP Operators Beware

(2) Any person who violates paragraph (1) of this subsection shall be guilty of a misdemeanor of a high and aggravated nature.

Anonymity Opportunity
In the old days, sexual perversion was certainly present, but the desire to not be caught diminished the opportunities to accomplish the crime. Hanging around the neighbor park was too risky, especially for bank presidents, stockbrokers, management types, and such.

Anonymity Opportunity
Today, a sexual pervert can hang around in teenage chat rooms and find suitable victims with little risk of detection. Kids are naturally curious anyway, but teenagers are looking for someone who listens to them, a need which chat rooms seem to fill.

Anonymity Opportunity
After awhile, the friendship will develop to the point that the predator can talk about sex. Again, teenagers are naturally curious, so this is not seen as dangerous to the teenager.

Anonymity Opportunity
Once the predator has established a trusting relationship, he/she will seek to make a physical encounter. Usually, this encounter will be solely about sex for the predator. There is too much danger in these encounters to make friendly contacts.

Anonymity Opportunity
The child usually seeks to get out of the situation once she/he realizes that this friend is not what was portrayed on the Internet. However, in many instances, it is too late to back out or stop the assault. If the child will tell about it, capture is not difficult as the paper trail is fairly easy to follow.

Georgia Law - Issue

Last point on child sexual crimes. My office will not release videotapes of interviews of child molestation victims to the defense. We are obligated by law to allow the defendant and his attorney see the tape. Those tapes contain descriptions of sexual abuse to children that would continually victimize the child should it be uploaded onto the Internet.

Winding Down

Hang On. Almost Done.

Cyber Stalking
A different twist on an old crime, Cyber Stalking. Stalking has been going on for centuries, having grown more sophisticated as technology has advanced. What is stalking?

Cyber Stalking
OCGA 16-5-90. (a) A person commits the offense of stalking when he or she follows, places under surveillance, or contacts another person at or about a place or places without the consent of the other person for the purpose of harassing and intimidating the other person.

Cyber Stalking
For the purposes of this article, the term "harassing and intimidating" means a knowing and willful course of conduct directed at a specific person which causes emotional distress by placing such person in reasonable fear for such person's safety or a family members safety

Cyber Stalking
by establishing a pattern of harassing and intimidating behavior, and which serves no legitimate purpose. This Code section shall not be construed to require that an overt threat of death or bodily injury has been made.

Cyber Stalking
So, pretty obvious how someone could commit cyber stalking. Identity and jurisdiction becomes an issue, however.

Cyber Stalking
Where in the World is Carmen Sandiego is a popular game. Finding a Cyber Stalker is no game, however.

Cyber Theft is Theft

Theft is nothing new, computers have simply changed the way the crime is committed.

Case Study Cyber Theft

Houston County: Saturday a.m. - Intruder breaks into local ISP, steals account names and passwords.

Case Study Cyber Theft

Houston County: Saturday p.m. - Intruder attempts to sell passwords to another surfer on- line.

Case Study Cyber Theft

Houston County: Saturday p.m. - Unknown to intruder, he was selling the stolen data to the ISPs security manager.

Case Study Cyber Theft

Houston County: Saturday p.m. - Police notified. Search warrant issued. Computer seized. Case solved.

Case Study Cyber Theft

Proving the old adage: If criminals werent stupid, we wouldnt catch many of them.

Protecting Children (& networks)

Keep Computer In Public Access Room Install Child Safe Software (NetNanny, CyberPatrol, etc.) Know How To Track History Watch Your Child At The Computer, Regardless of Age Use a FIREWALL #1 network protection

Final points
You may see this material on an exam!

Number one fraud on the internet?

Auctions!! Ebay users, pay with a credit card!

Most common computer attack?

Viruses- malicious logic vs. worms Worms are self-replicating, death by expansion, filling harddrive or bandwidth

Denial of Service Attacks- its cybercrime

Floods the server with data, prevents access Makes a copy of email for law enforcement

Carnivore FBI tool for internet wiretaps

Money laundering transfer of money from illegal operations to legal ones - $1M weighs 30- 50 lbs!

In Closing
Cyber Crime Is Still Crime Computers Offer Widespread Havoc Computers Have Detection Issues, Good and Bad Forensic Computer Specialists Are Vital To Crime Fighting Efforts

Thank You for Coming!

Kelly R. Burke District Attorney Houston County, Georgia 478.987.2450 or distatty@houstonda.org Website: www.houstonda.org