Cybercriminal/ Hacker

Cyber – Refers to a computer or a computer network, the electronic medium in which

online communication takes places.
Email Fraud – is the second – costliest cybercrime, according to the FBI.
Cybercrime, or computer – oriented, is a crime involving a network and a computer,
in the commission of crime, the machine may have been used, or it may be the target.
Cybercrime may threaten the security and financial health of an individual, company or
a country.
Cyber crime is not an old sort of crime to the world. It is defined as any criminal activity
which takes place on or over the medium of computers or intent or other technology
recognized by the information technology act.

Email Through social media may be one of the most popular ways to use the internet
these days, email is still the most prevalent delivery method for cybercrime. Not only
that. Email fraud is the second – costliest cybercrime, according to the FBI, Email fraud
encompasses phishing attempts, malware in the form of sketchy attachments or links,
as well as some forms of digital extortion, ransomware, and exploit kits.

Dark Web – Refers to all parts of the internet (sites, e-shops, forums, etc.) that are not
accessible by a regular search engine like Google or Bling, A subset of the deep web is
the dark web, or darknet, which requires a special browse, such as Tor, to access it,
although the dark web is not itself illegal, the anonymity it affords make it a hotbed for
criminal activity.

On the dark web, cybercriminals can exchange the most dangerous and odious
commodities our society has to other: malware, drugs, weapons, child pornography, and
even contract killing. The Dark web is also where information, like stolen passwords or
credit card numbers, get bought and sold. That’s why if you’re victim of a data breach, it
can sometimes take a few days (or even longer) until someone purchases the stolen
data and tries to access your account.

Who’s most at risk? As mentioned, cybercriminals can target individuals, businesses,

and government. And at the risk of sounding alarmist, none of the groups are any more
or less safe from threats than the others. Cyber fraudsters are pretty indiscriminate
when it come to choosing their victims.
WEEK 4

Dateline Cybercrime
1834 — French Telegraph System — A pair of thieves hack the French Telegraph
System and steal financial market information, effectively conducting the world’s first
cyberattack.
1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to
disconnect and redirect calls and use the line for personal usage.
1878 — Early Telephone Calls — Two years after Alexander Graham Bell invents the
telephone, the Bell Telephone Company kicks a group of teenage boys off the
telephone system in New York for repeatedly and intentionally misdirecting and
disconnecting customer calls.
1903 — Wireless Telegraphy — During John Ambrose Fleming’s first public
demonstration of Marconi’s “secure” wireless telegraphy technology, Nevil Maskelyne
disrupts it by sending insulting Morse code messages discrediting the invention.
1939 — Military Codebreaking — Alan Turing and Gordon Welchman develop BOMBE,
an electro-mechanical machine, during WWII while working as codebreakers at
Bletchley Park. It helps to break the German Enigma codes.
1940 — First Ethical Hacker — Rene Carmille, a member of the Resistance in Nazi-
occupied France and a punch-card computer expert who owns the machines that the
Vichy government of France uses to process information, finds out that the Nazis are
using punch-card machines to process and track down Jews, volunteers to let them use
his, and then hacks them to thwart their plan.
1955 — Phone Hacker — David Condon whistles his “Davy Crockett Cat” and “Canary
Bird Call Flute” into his phone, testing a theory on how phone systems work. The
system recognizes the secret code, assumes he is an employee, and connects him to a
long-distance operator. She connects him to any phone number he requests for free.
1957 — Joybubbles — Joe Engressia (Joybubbles), a blind, 7-year-old boy with perfect
pitch, hears a high-pitched tone on a phone line and begins whistling along to it at a
frequency of 2600Hz, enabling him to communicate with phone lines and become the
U.S.’s first phone hacker or “phone phreak.”

1962 — Allan Scherr — MIT sets up the first computer passwords, for student privacy
and time limits. Student Allan Scherr makes a punch card to trick the computer into
printing off all passwords and uses them to log in as other people after his time runs out.
He also shares passwords with his friends, leading to the first computer “troll.” They
hack into their teacher’s account and leave messages making fun of him.

1969 — RABBITS Virus — An anonymous person installs a program on a computer at

the University of Washington Computer Center. The inconspicuous program makes
copies of itself (breeding like a rabbit) until the computer overloads and stops working. It
is thought to be the first computer virus.
1970-1995 — Kevin Mitnick — Beginning in 1970, Kevin Mitnick penetrates some of the
most highly-guarded networks in the world, including Nokia and Motorola, using
elaborate social engineering schemes, tricking insiders into handing over codes and
passwords, and using the codes to access internal computer systems. He becomes the
most-wanted cybercriminal of the time.
1971 — Steve Wozniak and Steve Jobs — When Steve Wozniak reads an article about
Joybubbles and other phone phreaks, he becomes acquainted with John “Captain
Crunch” Draper and learns how to hack into phone systems. He builds a blue box
designed to hack into phone systems, even pretending to be Henry Kissinger and
prank-calling the Pope. He starts mass-producing the device with friend Steve Jobs and
selling it to classmates.
1973 – Embezzlement — A teller at a local New York bank uses a computer to
embezzle over $2 million dollars.
1981 – Cybercrime Conviction — Ian Murphy, aka “Captain Zap,” hacks into the AT&T
network and changes the internal clock to charge off-hour rates at peak times. The first
person convicted of a cybercrime, and the inspiration for the movie “Sneakers,” he does
1,000 hours of community service and 2.5 years of probation.
1982 — The Logic Bomb — The CIA blows up a Siberian Gas pipeline without the use
of a bomb or a missile by inserting a code into the network and the computer system in
control of the gas pipeline. The code was embedded into equipment purchased by the
Soviet Union from a company in Canada.
1984 — US Secret Service — The U.S. Comprehensive Crime Control Act gives Secret
Service jurisdiction over computer fraud.
1988 — The Morris Worm — Robert Morris creates what would be known as the first
worm on the Internet. The worm is released from a computer at MIT to suggest that the
creator is a student there. The potentially harmless exercise quickly became a vicious
denial of service attack when a bug in the worm’s spreading mechanism leads to
computers being infected and reinfected at a rate much faster than he anticipates.
1988-1991 — Kevin Poulsen — In 1988, an unpaid bill on a storage locker leads to the
discovery of blank birth certificates, false IDs, and a photo of hacker Kevin Poulsen, aka
“Dark Dante,” breaking into a telephone company trailer. The subject of a nationwide
manhunt, he continues hacking, including rigging the phone lines of a Los Angeles radio
station to guarantee he is the correct caller in a giveaway contest. He is captured in
1991.

1989 — Trojan Horse Software — A diskette claiming to be a database of AIDS

information is mailed to thousands of AIDS researchers and subscribers to a UK
computer magazine. It contains a Trojan (after the Trojan Horse of Greek mythology), or
destructive program masquerading as a benign application.

1994 — Datastream Cowboy and Kuji — Administrators at the Rome Air Development
Center, a U.S. Air Force research facility, discover a password “sniffer” has been
installed onto their network, compromising more than 100 user accounts. Investigators
determined that two hackers, known as Datastream Cowboy and Kuji, are behind the
attack.

1995 — Vladmir Levin — Russian software engineer Vladimir Levin hacks into
Citibank’s New York IT system from his apartment in Saint Petersburg and authorizes a
series of fraudulent transactions, eventually wiring an estimated $10 million to accounts
worldwide.

1998-2007 — Max Butler — Max Butler hacks U.S. government websites in 1998 and is
sentenced to 18 months in prison in 2001. After being released in 2003, he uses WiFi to
commit attacks, program malware and steal credit card information. In 2007, he is
arrested and eventually pleads guilty to wire fraud, stealing millions of credit card
numbers and around $86 million of fraudulent purchases.
1999 — NASA and Defense Department Hack — Jonathan James, 15, manages to
penetrate U.S. Department of Defense division computers and install a backdoor on its
servers, allowing him to intercept thousands of internal emails from different
government organizations, including ones containing usernames and passwords for
various military computers. Using the info, he steals a piece of NASA software. Systems
are shut down for three weeks.

1999 — The Melissa Virus — A virus infects Microsoft Word documents, automatically
disseminating itself as an attachment via email. It mails out to the first 50 names listed
in an infected computer’s Outlook email address box. The creator, David Smith, says he
didn’t intend for the virus, which caused $80 million in damages, to harm computers. He
is arrested and sentenced to 20 months in prison.
2000 — Lou Cipher — Barry Schlossberg, aka Lou Cipher, successfully extorts $1.4
million from CD Universe for services rendered in attempting to catch the Russian
hacker.
2000 — Mafiaboy — 15-year-old Michael Calce, aka MafiaBoy, a Canadian high school
student, unleashes a DDoS attack on several high-profile commercial websites
including Amazon, CNN, eBay and Yahoo! An industry expert estimates the attacks
resulted in $1.2 billion dollars in damages.
2002 – Internet Attack — By targeting the thirteen Domain Name System (DNS) root
servers, a DDoS attack assaults the entire Internet for an hour. Most users are
unaffected.
2003 — Operation CyberSweep — The U.S. Justice Department announces more than
70 indictments and 125 convictions or arrests for phishing, hacking, spamming and
other Internet fraud as part of Operation CyberSweep.
2003-2008 — Albert Gonzalez — Albert Gonzales is arrested in 2003 for being part of
ShadowCrew, a group that stole and then sold card numbers online, and works with
authorities in exchange for his freedom. Gonzales is later involved in a string of hacking
crimes, again stealing credit and debit card details, from around 2006 until he is
arresting in 2008. He stole millions of dollars, targeted companies including TJX,
Heartland Payment Systems and Citibank.
2004 — Lowe’s — Brian Salcedo is sentenced to 9 years for hacking into Lowe’s home
improvement stores and attempting to steal customer credit card information.
2004 — ChoicePoint — A 41-year-old Nigerian citizen compromises customer data of
ChoicePoint, but the company only informs 35,000 people of the breach. Media scrutiny
eventually leads the consumer data broker, which has since been purchased by
LexisNexis, to reveal another 128,000 people had information compromised.
2005 — PhoneBusters — PhoneBusters reports 11K+ identity theft complaints in
Canada, and total losses of $8.5M, making this the fastest growing form of consumer
fraud in North America.
2005 — Polo Ralph Lauren/HSBC – HSBC Bank sends letters to more than 180,000
credit card customers, warning that their card information may have been stolen during
a security breach at a U.S. retailer (Polo Ralph Lauren). A DSW data breach also
exposes transaction information from 1.4 million credit cards.
2006 — TJX — A cybercriminal gang steals 45 million credit and debit card numbers
from TJX, a Massachusetts-based retailing company, and uses a number of the stolen
cards to fund an electronic shopping spree at Wal-Mart. While initial estimates of
damages came up to around $25 million, later reports add up the total cost of damages
to over $250 million.
2008 — Heartland Payment Systems — 134 million credit cards are exposed through
SQL injection to install spyware on Heartland’s data systems. A federal grand jury
indicts Albert Gonzalez and two Russian accomplices in 2009. Gonzalez, alleged to
have masterminded the international operation that stole the credit and debit cards, is
later sentenced to 20 years in federal prison.
2008 – The Church of Scientology — A hacker group known as Anonymous targets the
Church of Scientology website. The DDoS attack is part of a political activist movement
against the church called “Project Chanology.” In one week, the Scientology website is
hit with 500 DDoS attacks.
2010 — The Stuxnet Worm — A malicious computer virus called the world’s first digital
weapon is able to target control systems used to monitor industrial facilities. It is
discovered in nuclear power plants in Iran, where it knocks out approximately one-fifth
of the enrichment centrifuges used in the country’s nuclear program.
2010 — Zeus Trojan Virus — An Eastern European cybercrime ring steals $70 million
from U.S. banks using the Zeus Trojan virus to crack open bank accounts and divert
money to Eastern Europe. Dozens of individuals are charged.
2011 — Sony Pictures — A hack of Sony’s data storage exposes the records of over
100 million customers using their PlayStation’s online services. Hackers gain access to
all the credit card information of users. The breach costs Sony more than $171 million.
2011 — Epsilon — A cyberattack on Epsilon, which provides email-handling and
marketing services to clients including Best Buy and JPMorgan Chase, results in the
compromise of millions of email addresses.
2011 — RSA SAFETY — Sophisticated hackers steal information about RSA’s SecurID
authentication tokens, used by millions of people, including government and bank
employees. This puts customers relying on them to secure their networks at risk.
2011 — ESTsoft — Hackers expose the personal information of 35 million South
Koreans. Attackers with Chinese IP addresses accomplish this by uploading malware to
a server used to update ESTsoft’s ALZip compression application and steal the names,
user IDs, hashed passwords, birthdates, genders, telephone numbers, and street and
email addresses contained in a database connected to the same network.
2011-2012 — LulzSec — Lulz Security, or LulzSec, a break-off group from hacking
collective Anonymous, attacks Fox.com and then targets more than 250 public and
private entities, including an attack on Sony’s PlayStation Network. They then publicize
their hacks though Twitter to embarrass website owners and make fun of insufficient
security measures.
2009-2013 — Roman Seleznev — Roman Seleznev hacks into more than 500
businesses and 3,700 financial institutions in the U.S., stealing card details and selling
them online, making tens of millions of dollars. He is eventually caught and convicted for
38 charges, including hacking and wire fraud.
2013-2015 — Global Bank Hack — A group of Russian-based hackers gains access to
secure information from more than 100 institutions around the world. The hackers use
malware to infiltrate banks’ computer systems and gather personal data, stealing £650
million from global banks.
2013 — Credit Card Fraud Spree — In the biggest cybercrime case filed in U.S. history,
Federal prosecutors charge 5 men responsible for a hacking and credit card fraud spree
that cost companies more $300 million.
2014-2018 — Marriott International — A breach occurs on systems supporting
Starwood hotel brands beginning in 2014. Attackers remain in the system after Marriott
acquires Starwood in 2016 and aren’t discovered until September 2018. The thieves
steal data on approximately 500 million customers. Marriott announces it in late 2018.
2014 — eBay — A cyberattack exposes names, addresses, dates of birth, and
encrypted passwords of all of eBay’s 145 million users.
2014 — CryptoWall — CryptoWall ransomware, the predecessor of CryptoDefense, is
heavily distributed, producing an estimated revenue of $325 million.
2014 — JPMorgan — Hackers hijack one of JPMorgan Chase’s servers and steal data
about millions of bank accounts, which they use in fraud schemes yielding close to $100
million.
2015 — Anthem — Anthem reports theft of personal information on up to 78.8 million
current and former customers.
2015 — LockerPin — LockerPin resets the pin code on Android phones and demands
$500 from victims to unlock the device.
2015 — Prepaid Debit Cards — A worldwide gang of criminals steals a total of $45
million in a matter of hours by hacking a database of prepaid debit cards and then
draining cash machines around the globe.
2016 — DNC Email Leaks — Democratic National Committee emails are leaked to and
published by WikiLeaks prior to the 2016 U.S. presidential election.
2017 — Equifax — Equifax, one of the largest U.S. credit bureaus, is hacked, exposing
143 million user accounts. The sensitive leaked data includes Social Security numbers,
birth dates, addresses, driver’s license numbers, and some credit card numbers.
2017 — Chipotle — An Eastern European criminal gang that is targeting restaurants
uses phishing to steal credit card information of millions of Chipotle customers.
2017 — WannaCry — WannaCry, the first known example of ransomware operating via
a worm (viral software that replicates and distributes itself), targets a vulnerability in
older versions of Windows OS. Within days, tens of thousands of businesses and
organizations across 150 countries are locked out of their own systems by WannaCry’s
encryption. The attackers demand $300 per computer to unlock the code.
2019 — Facebook — 74 Facebook groups devoted to the sale of stolen credit card
data, identity info, spam lists, hacking tools, and other cybercrime commodities are
uncovered.

WEEK 4
CHARACTERISTIC OF CYBERCRIME

The concept of cyber crime is very different from traditional crime. Also due to the growth of
Internet Technology, this crime has gained serious and unfettered attention as compared to the
traditional crime, so it is necessary to examine the peculiar characteristics of Cybercrime.

1. People with Specialized knowledge – Cybercrimes can only be committed through

technology, thus, to commit this kind of crime one has to be very skilled in the internet and
computers and internet to commit such a crime. The people who have committed cyber crime are
well educated and have a deep understanding of the usability of the internet, and that’s made the
work of police machinery difficult to tackle the perpetrators of Cyber Crime.

2. Geographical Challenges – In cybercrime the Geographical boundaries are reduced to zero, A

Cyber Criminal in no time sitting in any part of the world commits crime in another corner of the
world. For example, a hacker sitting India hack into a system in the United States.

3. Virtual World – The Act of Cyber Crime takes place in cyber space and the criminal who is
committing this act is physically outside the cyber space. Every activity of the criminal while
committing that crime is done over the virtual world.

4. Collecting of Evidence – It is very difficult to collect evidence of Cyber Crime and prove
them in court of law due to the nature of cybercrime. The Criminal in cyber crime invokes
jurisdiction of several countries while committing the cyber crime and at the same time he is
sitting somewhere safe where he is not traceable.
5. Magnitude of Crime Unimaginable – Cybercrime has the potential to cause injury loss of
life to an extent which cannot be imagined. The Offenses like Cyber Terrorism, Cyber
Pornography etc has wide reach and it can destroy the websites, steal data of the companies in no
time.

6. Classification of Cyber Crime – The Researcher in this chapter examines the acts wherein
computer or technology is a tool for an unlawful act. This kind of activity usually involves a
modification of conventional crime by using information technology, Here is the list of prevalent
cyber crimes. Some of them are widely spread and some are not prevalent on a larger scale. The
Cyber crimes are discussed below –

6.1 Cyber Pornography

The word “Pornography” derived from Greek words ‘Porne’ and ‘Graphen’ means writing about
prostitutes or referred to any work of art or literature dealing with sex and sexual themes.
Defining the term pornography is very difficult and it does not have any specific definition in the
eyes of law as every country has their own customs and tradition. The Act of Pornography in
some countries is legal but in some it is illegal and punishable.

Cyber Pornography is in simple words defined as the act of using cyberspace to create, display,
distribute, import, or publish pornography or absence materials. With the advent of cyberspace,
traditional pornographic content has now been largely replaced by online/digital pornographic
content. Pornography has no legal or consistent definition. The Definition of Pornography
depends how the society, norms and their values are reacting to the pornographic content.

6.1.1 Test of Obscenity and Pornography

To understand the gravity and effect of pornography and obscenity on society, we need to
understand these terms in their widest possible amplitude. The Word Pornography has not been
defined as legally in any part of the world. The basic reason behind this is very simple; Neither
do we have any uniform standard of Moral Culture, Values, Ethics and Nor do we have any
uniform standard of law.

The Term Obscene means relating to materials that can regulated or criminalized because their
depiction of nudity, sex, or excretion is patiently offensive and without artistic or scientific value.

The test of obscenity was first laid down in the case of Regina V. Hicklin as the Tendency “To
deprave and corrupt those whose minds are open to such influences and into whose hands a
publication of this sort may fall”. And it was understood that this test would apply only to the
isolated passage of the work.
6.2 Cyber Stalking

Stalking in General means behavior of harassing or threatening the other person. Cyber Stalking
is an extension of the Physical form of stalking. Which is committed over the online medium
with use of information technology. In cyber stalking the internet, E- mail, Chat room etc. are
used to stalk another person. Wikipedia defines cyber stalking, where the Internet or other
electronic means to stalk or harass an individual, a group of individuals, or an organization. It
includes the making of false accusations or statements of facts (as in defamation), monitoring,
making threats, identity theft, damage to data or equipment, the solicitation of minors for sex, or
gathering information that may used to harass.
Stalking is a continuous process is not universally acceptable as it varies from place to place.
According to Professor Lamber Royakkers.
“Cyber Stalking is the repeated harassing or threatening of an individual via the internet or
electronic means of communication. A Cyber Stalker is someone with amorous and/or sexual
motives who constantly harasses some else electronically: via the bulletin board, chat box, e –
mail, spam, tax, buzzer or voice e – mail, stalking generally involves constant harassment or
threatening of someone else: following a person, appearing at someone’s house or workplace,
making harassing phone calls, leaving written messages or objects seen in their connection it is
difficult to give a precise description of stalking.”
Cyber Stalking doesn’t involve any physical contact yet stalking through the intern has found
favor among the offenders for certain advantages like, ease of communication, access to personal
information and anonymity.

There are three ways in which Cyber Stalking is conducted i.e

1. Stalking by E-Mail - where the offender directly sends e-mail to the victim to threaten her or
to harass her. It is the most common form of stalking in the modern world. The most common is
send hate, obscene, pornographic material, and threatening mail to the victim.
2. Stalking through the Internet - This is a Global form of Cyber Stalking. In this the offender
doesn’t the Private Space of the Victim but Harasses her through the Global Medium Publicly.
The offender through the internet medium posts the phone numbers and email address of the
victim on porn sites and put morphed photos of the victim on cyber space and threaten the. This
is the serious nature of Cyber Stalking where the stalker chases all the activity of the Victim on
the net and post false information about her on the websites.
3. Stalking through Computer – In this form of the offender is technocrat and he cant take
control of the computer of the victim as soon as the computers starts operating, In this stalker
gets control of the victim’s computer address and gets control over it. this form of cyber stalking
requires a high degree of computer knowledge to get access to the target’s computer and the
option available to the victim is the disconnect the computer and abandon the current internet
address.

WEEK 5: COMMON EXAMPLES OF CYBERCRIME

As mentioned, Cybercriminals range from individuals to criminal organizations to state –

sponsored actors. Just as the type of criminals varies, so do their crimes and the method they use
to break the law.
From a single hacker who managed to hack into the US stock market to North Korean State-
Sponsored Actors that propagated ransomware on a massive scale, there are a staggering amount
of cybercriminals active every day. Moreover, Expert skills are no longer required to become a
cybercrook.

Malware
Computer viruses are the grandaddy of Cybercrime; probably the first kind of it you become
aware of, Viruses other devices and systems.
Viruses are actually a form of malware, which encompasses all kinds of malicious software: any
code or programs written and distributed to do damage, steal data, make money for their owner,
and generally ruin your day. This includes ransomware, which can lock up your files until you
pay a ransom to decrypt them, and adware, which spams you with ads.
Identity Theft and Other Fraud
While identity theft is not exclusively a cybercrime, these days it’s much more likely to happen
through technology. In fact, identity fraud happens every two seconds in America Today. If a
hacker wants to commit identity theft or credit card fraud, they first need to access enough of
their victim’s personal data to fuel the crime. Here are several ways they can get that access:

 Phishing: Cybercrooks use “bait” in the form of fraudulent messages to lure victims to
fake sites where they unwittingly enter personal information like usernames, passwords,
or bank details.

 Pharming: Taking it one step deeper than phishing. Pharming uses malware to reroute
unsuspecting internet surfers to fake version of websites, where they unknowingly enter
their personal details.

 Keylogging: This type of malware (or to be more specific, spyware) secretly logs
everything you type, capturing your account information and other personal details.

 Sniffing: If you’re connected to an unsecured, unencrypted public WI-FI network,

hackers can steal your data by “sniffing” your internet traffic with special tools (unless
you have a VPN, of course).

While hackers have many ways to steal personal data, there are also some good ways you can
prevent identity theft. Avoid accessing your personal accounts (especially online banking) on
public WI-FI and consider setting up a monitoring service to make sure your online accounts
haven’t breached.

Cyber bullying: Refers to all kinds of online harassment, including stalking, sexual harassment,
doxing (exposing someone’s personal information, like their physical address, online without
their consent), and fraping (breaking into someone’s social media and making fake post on their
behalf).
Crypto jacking: Is when hackers break into your device and use it to mine cryptocurrency
without your knowledge or consent. Crypto miners do this by using JavaScript to inflect your
device after you visit an infected website. This can cause performance issues and high electric
bills for you – and earn big profits for the crypto jackers.
Cyber Extortion: Is just what it sounds like – a digital version of the nightmare that is extorsion.
One of the most common forms is ransomware, when hackers infect your computer with
malware that encrypts all your files until you pay them a ransom to unlock them, cyber extorsion
can also refer to blackmailing victims using their personal info, photos, and video; or threatening
businesses using methods like to botnet – driven DDoS Attacks.
Cyber Espionage: As mentioned, many cybercriminals these days are state – sponsored groups.
Whether it’s the North Koreans, The Iranians, or even the US’ s own NSA – Affiliated Equation
Group, world powers use hackers’ group as one weapon in the complicated matrix of Global
Conflicts. Stealing classified intelligence and using malware to attack nuclear plants are just two
ways which state – sponsored groups can do some frightening things on the world stage.

WEEK 5: CLASSIFICATION OF TOOLS USED IN

CYBERCRIME INVESTIGATION & PRESERVATION

The Internet as an Instrument for Crime

Internet – this is global array of computers connected by a high-speed reliable network.
It connects millions of computers, allowing for the rapid exchange of information,
education, military, criminal justice system and business professional as well as
researchers uses the system to send and retrieve information. It also refers to the
technologies that facilitate the transmission of data across the network.

The US Military claimed establishment claimed to have designed the intricacies of the
internet against the threat of nuclear attack. Today, Internet access has flooded the
global landscape and continues to overflow the social market forces in disbelief.
But what is unexplained is the reason why the internet is not owned nor regulated by
any single entity. If the original concept of the internet is resistance to nuclear attack.
Can it also be used as an instrument to counter government regulations or censorship?
Cyber, Crim of the Millennium

Grave concerns over the internet.

A. The Internet is not owned or regulated by a single agency. Growth is phenomenal
and could incite a rebellious behavioral tendency from innocent internet users.
B. The State are trying to block the entry of indecent or subversive materials that can
pollute the virgin minds of the youth, but regrettably, the invasion to the private bedroom
is unstoppable. Is the internet a modern monster in the making?
C. The Fear Factor of the Public Access to Cyberspace through this communication
medium is viewed as political hazards, to the stability of the state. The Internet can now
be the medium of Espionage and in desecrating state’s secret files undetected and
unchecked.
D. It is the considered view of many civilized countries, that cyberpornography is a mere
dreaded disease to moral values, than the printed versions. How true is it the powerful
photo lens can now be installed in the internet under the guise of monitoring or for the
benefit of photo intruders, which can conversely, vividly view the bedroom’s romantic
liaison of innocent victims. Originally, installed as a means of security protection, it can
be manipulated to satiate the appetite of cyberpunks lust.
E. The Nature of the Internet as a new medium, has now invaded the Global Village,
Unmolested and unhampered either by accident or by design. Is the internet the new
tickling time bomb of the future? Is the internet a modern predator lurking on the
information highway, looking for victims?

These concerns become now the dilemma of many states/countries’ governance, In

their obstinate quest to control or regulate the internet, they lost the war, before it was
fought. The world is waiting on the boarder zone of what is next.

Internet Crime – The second form of Cybercrime has now become routine. While it is
impossible to list and discuss every element of this newly emerging problem, a few of
the most important areas are described below.

A. Distributing Illegal Sexual Material – The internet is deal venue for selling and
distributing obscene material, One reason is that is difficult to identify perpetrators and
even if they can be detected, even harder to prosecute, For example, In one well known
case, Landslide Production Incorporated of Forth Worth, Texas, Operated by a highly
profitable internet based pornography ring taking in as much as 1.4million in one month.
Landslide Charge it customer 29.95per month for a gateway to child pornography
website. However, The Site originated in Russia and Indonesia and therefore was off
limits to control by US authorities; they had a fee sharing agreement with Landslide
Owners.
B. Denial of Service Attack – Some internet Criminal Threated to or actually flood an
internet site with millions of bogus messages and/or orders so that the site services will
be tied up and unable to perform as promised. Unless the site operator pays extortion,
The attackers threatened to keep up the interference until real; Consumers become
frustrated and abandon the site. The online Gambling Casino is particularly vulnerable
to attack, especially when the attacks coincide with big sporting events suck as the
Super Bowl.

C. Illegal Copyright Infringement – In the past decades, groups of individuals have

been working together to illegally obtain software and then “Crack” or “rip” its copyright
protections before posting it on the internet. This is referred to as “warez”. Another Term
of Illegal Copyright Infringement involves file sharing programs that allow internet users
to download music and other copyrighted material without paying the artist and records
producers their rightful royalties.

D. Internet Securities Fraud – Some criminals used the internet to intentionally

manipulate the securities marketplace for profit.

D.1 Market Manipulation – An individual either post erroneous and Deceptive

information’s online to artificially inflate the price of a stock (So they can sell previously
purchased shares) Or they post negative rumors, driving down the price of a stock so
they can buy it at lower levels.
D.2 Fraudulent offering of Securities – Some Cybercriminal creates website specially
designed to fraudulently sell securities. To make the offering look more attractive than
they are, assets may be inflated, expected return overstated, and/ or risk understated.
D.3 Illegal Touting - This Crime occurs when individuals make securities
recommendations and fail to disclose that they are being paid to disseminate their
favorable opinions
E. Identity Theft - occurs when a person uses the internet to steal someone's identity
and/or impersonate them to open a new credit card account or conduct some financial
transactions. Identity information can be gathered easily from confederates because
people routinely share their names, address, phone numbers, personal information's,
credit card account numbers, and social security number when making routine
purchases over the internet or in stores. And identity thief can fill out change of address
cards at the post office and have someone else's mail sent their own PO Box. When
peoples credit cards bill arrive, they call the issuer and pretend to be the victim, ask for
a change in address on the account, and, purchase items over the internet and have the
merchandise sent to a new address. Some identity thieves engage in "phishing" by
sending fraudulent e-mails or web-site pop-ups, to get victims divulge sensitive financial
information's such as credit card numbers or social security numbers.

F. Ponzi/Pyramid Schemes - these are investment schemes in which investors are

promised abnormally high profits on their investments. No investments are actually
made. Early investors are paid returns with the investment money received from the
later investors. The system usually collapses, and the later investors do not. receive
dividends and loss their initial investments.

G. Non-delivery of goods this involves the non-delivery of goods and services that
were purchased or contracted remotely through the internet. Online-auction sites are a
fertile ground for fraud. Goods may never be sent or if they are, they may be damaged,
counterfeit or stolen.

Cyber as the Highway of Modern Crimes

cyberspace a term coined by sci-fi novelist William Gibson who said in 1999
cyberspace has a nice buzz to it, it's something that an advertising man might have
thought up, and when I got it I knew that it was slick and essentially hollow and then I'd
have to fill it up with meaning. Since then the words meaning has rapidly expanded.
Generally it is used to refer to the spaces within computers ana the spaces between
computers across networks where people interact with information and with each other.

Cybercrime - it is evident around us and still very much in flux the cyber revolution has
permitted virtually every facet of our lives and fortunately that the revolution has entered
the criminal arena as well. Millions of people around the globe have incorporated the
Internet and advanced information technology into their daily and divorce so have
criminals terrorists and adversarial foreign nations. whether we like it or not cybercrime
presents the most fundamental challenge for law enforcement in the 21st century by its
very nature the cyber environment is borderless affords EC anonymity and methods of
concealment to bad actors and provided new tools to engage in criminal activities a
criminal sitting at the other side of the planet is now capable of stealing infiltrating a
computer network in this country to steal money abscond with propriety information or
shut down ecommerce sites. To deal with this problem law enforcement must retool its
workforce its equipment and its own information infrastructure for law enforcement in
the 21st century. By its very nature, the cyber environment is borderless, affords easy
anonymity and methods of concealment to bad actors, and provides new tools to
engage in criminal activity. A criminal sitting at the other side of the planet is now
capable of stealthy infiltrating a computer network in this country to still money, abscond
with proprietary information, or shut down e-commerce sites. To deal with this problem,
law enforcement must retool its workforce, its equipment's, and its own information
infrastructure.

Cyberterrorism - we must now be on guard against attacks that integrate terrorist goals
with cyber capabilities. While the term maybe difficult to define, Cyberterrorism can be
seen as an effort by covert forces to disrupt the intersection where the virtual electronic
reality of computers intersects with the physical world. Mark Pollitt, FBI expert defines
Cyberterrorism as "the premeditated, politically motivated attack against information,
computer system, computer programs, and data which results in violence against non-
combatant targets by sub national groups or clandestine agents. Terrorist organizations
are now beginning to understand the power that Cybercrime can inflict on their enemies
even though, ironically, they come from a region where computer data bases and the
internet are not widely used. Terrorist organizations are now adapting IT into their
arsenal of terror and agencies of the justice system must be ready for a sustained
attack on the nation's electronic infrastructures.

Possible Future Scenarios of Cyber Attacks:,

These scenarios are so inevitable that there is a need for preventive actions not only
from the law enforcement agencies but to everybody; we are all concern to protect the
public interest.

A. Viruses called "logic bombs" are implanted in an enemy's computer. They can go
undetected for years until they are instructed through the internet to overwhelm a
computer system.
B. Programs are used to allow terrorist to enter "secure" systems and destroy or
disrupts the system.

C. Using conventional weapons, terrorist overload a network's electrical system thereby

threatening computer security.

D. Computers allow terrorist to remain connected and communicate covertly with agents
around the world. Networks are a cost effective for planning and striking.

E. The computer system of a corporation whose welfare is vital to national security is

breached and disrupted.

F. Internet-based system used to manage basic infrastructure needs such as an oil

pipeline flow or water levels in dams are attacked and disrupted, posing a danger of
loss of life and interruption of services.

G. Cyberterrorist may directly attack the financial system. In ever-increasing numbers

people are spending and investing their money electronically, using on- line banking,
credit card payments, and on-line brokerage services. The banking/financial system
transacts billions of dollars each day through a complex network of institutions and
systems. Efficient and secure electronic functioning required if people are willing to
conduct credit and debit purchases, money transfers, and stock trading. A cyber-attack
can disrupt these transactions and interfere with the nation's economic well-being.

H. Terrorist can use the internet to recruit new members and disseminate information.
For example, Islamic militant organizations use the internet to broadcast anti-western
slogans and information. Organizations charter and political philosophy can be
displayed on website, which can also be used to solicit funds.
Controlling Cybercrime the investigative measures established to control
Cybercrime includes:

A. Software Piracy - Computer Fraud and Abuse Act (CFAA) criminalizes accessing
computer systems without authorization to obtain information. The Digital Millennium
Copyright Act (DMCA) makes it a crime to circumvent any piracy measures built into
most commercial software and also outlaws the manufacture, sal Page dist7bution &
code- crace deces used to illegally copy software.
B. Illegal Copyright Infringement - the United States Criminal Code provides penalties
for first-time illegal copyright offender of five years' incarceration and
a fine of $250,000. Other provisions provide for the forfeiture and destruction of
infringing copies and all equipment used to make the copies.

C. Identity Theft in the US, Congress passed the Identity Theft and Assumption
Deterrence Act of 1998 (Identity Theft Act) making it a Federal Crime to anyone: who
knowingly transfer of uses, without lawful authority, a means of identification of another
person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a
violation of Federal Law, or that constitutes a felony under any State or Local Law. In
the Philippines, the congress has still to come up with a related law.

D. Internet Pornography - in the US, the Child Online Protection Act (H.R. 3783, bans
web posting of material deemed harmful to minors. On May 2002, the supreme court
partly upheld the law when it ruled that the law's used of what it calls "community
standards" to define what is harmful to children does not by itself make the law
unconstitutional. However, there may be future challenges to COPA on the grounds that
it controls free speech.

E. Computer crime in the US, congress has treated computer related crimes as distinct
federal offenses since the passage of the Counterfeit Access Devices and Computer
Fraud and Abuse Laws in 1984. The 1984 Act protected classified United States
Defense and Foreign Relations Information, financial institution and consumer reporting
agency files, and access to computers operated for the government. The Act was
supplemented in 1996 by the National Information Infrastructure Protection Act (NIIPA),
Which significantly broadens the scope of the law.
WEEK 6: REPUBLIC ACT NO.10175 OR
CYBER PREVENTION ACT OF 2012
The Philippine Congress enacted Republic Act No. 10175 or "Cybercrime Prevention
Act of 2012" which addresses crimes committed against and through computer
systems on 12 September 2012. It includes penal substantive rules, procedural rules
and also rules on international cooperation.

CYBERCRIME PREVENTION ACT OF PHILIPPINES

The Fundamentals of the Act

Cybercrime also called computer crime is the use of a computer as an
instrument to further illegal ends such as committing fraud trafficking child pornography,
intellectual property violations, stealing identities or violation of privacy. The difference
between traditional criminal offences from cybercrime is the use of the computer in
committing such offences. Majorly cybercrime is an attack on the information of
Individuals, governments or corporations.
To combat and prevent cybercrime, the government of the Philippines introduced the
Republic Act No.101175 or Cyber Prevention Act of 2012. This Act was signed by the
President of the Philippines Mr. Benigno Aquino on September 12 of 2012. The original
goal of this Act was to penalize acts like cybersex, child pornography, identity theft etc.
The key provisions of the Cybercrime Prevention Act of 2012
There are sixteen types of cybercrime covered under the Cybercrime Prevention Act of
2012. They are:

Illegal Access: Access to a computer or any application without permission.

Illegal Interception: Interception of any Page put1ic dom4unication of computer data

to, from, or within a computer system by an unauthorized person
Data Inference: Unauthorized tampering with, destroying, deleting, or deteriorating
computer data, electronic documents, or electronic data messages, as well as the
introduction or transmission of viruses. This provision can also cover authorized activity
if the person's behavior went beyond the agreed-upon scope and resulted in the
damages listed in this provision.

System Interference: Unauthorized interference with the operation of a computer or

computer network, including the introduction or transmission of viruses, by inputting,
transmitting, damaging, deleting, deteriorating, altering, or suppressing computer data
or programs, electronic data messages, or by deleting, deteriorating, altering, or
suppressing them. This provision can also cover authorized activity if the person's
behavior went beyond the agreed-upon scope and resulted in the damages listed in this
provision.

Misuse of devices: Unauthorized use, possession, production, sale, procurement,

importation, distribution, or otherwise making available of gadgets, computer programs,
or other materials developed or adapted for committing any of the acts listed in Republic
Act 10175. Unauthorized use of a computer password, access code, or similar data that
allows the entire or a portion of a computer system to be accessed with the intent of
using it to perpetrate any of the offences listed in Republic Act 10175.

Cybersquatting: Acquisition of a domain name in bad faith on the internet to profit,

deceive, harm reputation, and prevent others from registering it. This includes
trademarks that were already registered at the time of registration, names of people
other than the registrant, and trademarks that were purchased with intellectual property
interests in them. Those who get domain names of prominent brands and individuals
who in Page 2 di donage their reutation can be sued under this provision. Note that
freedom of expression and infringement on trademarks or names of persons are usually
treated separately. A party can exercise freedom of expression without necessarily
violating the trademarks of a brand or the names or persons.

Computer related Forgery: Unauthorized input, alteration, or deletion of computer data

that results in inauthentic data with the intent that it be considered or acted on for legal
purposes as if it were authentic, regardless of whether the data is directly readable and
intelligible; or the act of knowingly using computer data that is the product of computer-
related forgery as defined here to perpetuate.

Computer-related Fraud: Unauthorized access to, alteration of, or deletion of

computer data or programs, or interference with the operation of a computer system,
with the purpose to cause damage.

Computer-related Identity Theft:

Unauthorized acquisition, use, abuse, transfer, possession, change, or deletion of an
individual's identifying information, whether natural or legal.
Cybersex: For favor or consideration, willful engagement, maintenance, control, or
operation, directly or indirectly, of any lascivious presentation of sexual organs or sexual
activity via a computer system. Child Pornography: Unlawful or banned activities
conducted through a computer system, as defined, and punished by Republic Act No.
9775 or the Anti-Child Pornography Act of 2009.
Libel: Acts of libel that are illegal or forbidden under Article 355 of the Revised Penal
Code, as amended, and are committed using a computer system or any other similar
means that may be created in the future. Penal Code Revision According to Article 355
Libel is defined as defamation of character by writings or other means. Libel committed
by writing, printing, lithography, engraving, radio, phonograph, painting, theatrical
exhibition, cinematographic exhibition, or any other similar means is punishable by
prison correctional for the minimum and medium periods, or a fine ranging from 200 to
6,000 pesos, or both, in addition to any civil action that the offended party may bring.
Aiding or Abetting in the commission of cybercrime: Anyone who knowingly assists
or abets the conduct of any of the offences listed in this Act will be held accountable.
Attempt in the commission of cybercrime: Any person who willfully attempts to
commit any of the offences enumerated in this Act shall be held liable. All crimes
defined and penalized by the Revised Penal Code, as amended, and special laws, if
committed by, through and with the use of information and communications
technologies shall be covered by the relevant provisions of this Act.
Advantages and Disadvantages of the Cybercrime Prevention Act of 2012
Advantages

 Cybersex, Cyberbullying, Child pornography are now offences, and such

offenders can be punished. The children's rights are protected by this Act.
 All kinds of businesses using the internet as a medium are protected by this Act.
 Provisions of this act now define the offence of cybersquatting, and this deters
people from the act of cybersquatting.
 Provisions that penalize online identity theft. This provision protects the
individual's privacy and its protection.
Disadvantages
• Ambiguity in the terms given in the Act such as the term online libel is not defined
anywhere which can lead to different interpretations. Ambiguity can be seen in
the provision of real-time data collection.
.
• The ambiguity in the Act may lead to freedom of speech. The ambiguities like the
absence of a proper definition of online libel may lead to confusion. Sometimes
the expression of some truth may be misinterpreted as Libel. People may be
restrained from expressing themselves.

• The implementation and execution of this Act yearly cost a huge cost to the
government.
WEEK 7: OTHER LAWS RELATED TO
CYBERCRIME R.A. 8792 THE E-COMMERCE
LAW

• Republic Act No. 8792 or the E-commerce Law, approved on June 14, 2000 and
was signed into law which punishes certain crimes such as computer hacking
and intrusion of viruses and worms to computer networks.

• Hacking or cracking, which refers to unauthorized access including the

introduction of computer viruses, is punishable by a fine from 100 thousand to
maximum commensurate to damage. With imprisonment from 6 months to 3
years. (section 33)

• It was legislated because of the I love you virus.

R.A. 8484

THE ACCESS DEVICE REGULATION ACT OF 1998.

Upon its passing into law, RA 8484's coverage was expanded. No longer was it
limited to credit cards or credit card fraud. On the contrary, the law made use of
the term "access devices", which is an even larger genera or class that includes
credit cards. As a matter of act, credit cards are considered as access devices
under RA 8484. Specifically, Section 3 of RA 8484 provides, to wit:
 "Section 3. Definition of terms. - For purposes of this Act, the terms:

(a) Access Device - means any card, plate, code, account number, electronic serial
number, personal identification number, or other telecommunications service,
equipment, or instrumental identifier, or other means of account access that can be
used to obtain money, good, services, or any other thing of value or to initiate a transfer
of funds (other than a transfer originated solely by paper instrument)...

(f) Credit Card - means any card, plate, coupon book, or other credit device
existing for the purpose of obtaining money, goods, property, labor or services or
any thing of value on credit," [Emphasis and underscoring supplied]
Thus, the unauthorized use of any access device, which includes a credit card, is
prohibited under Section 9 of the same Act:

"Section 9. Prohibited Acts. - The following acts shall constitute access device
fraud and are hereby declared to be unlawful:
obtaining money or anything of value through the use of an access device, with
intent to defraud or with intent to gain and fleeing thereafter;

Section 14. Presumption and prima facie evidence of intent to defraud. -

The mere possession, control or custody of:
(a) an access device, without permission of the owner or without any lawful
authority,” [Emphasis and Underscoring supplied.]
Thus, where a person uses and obtains money by swiping and charging against
a credit card belonging to another, and without the consent of the credit card
owner, a crime is committed, Stated otherwise, the use of a credit card for owner,
a crime is committed, Stated otherwise, the use of a credit card for unauthorized
transactions gives rise to a violation under Section 9(j) of RA 8484

RA. 8293 INTELLECTUAL PROPERTY THEFT

Intellectual property theft is used interchangeably with intellectual property piracy

which is the unauthorized copying of goods, or works such as software, for resale
by way of profit or trade; the production and sale by way of trade of copies of
goods which have been made without the authority of the owner of the
intellectual property; the facilitation of their production, and the distribution of
such goods including importation and retailing; counterfeiting or pirating of goods
facilitated by use of the Internet or satellite technologies, or piracy or theft of
information or broadcasts, or unauthorized photocopying of books for education
 purposes, or of unauthorized end-user piracy of software beyond the purchaser's
license, or piracy of domain names or company names, or counterfeiting of
currency; the unauthorized manufacture and distribution of copies of such goods
and works which are intended to appear to be so similar to the original as to be
passed off as genuine examples.

This includes use of famous brands on clothing not manufactured by or on behalf

of the owner of the trademark, and exact copies of CDs containing any material
or software, which are traded in a form intended to be indistinguishable to
ordinary consumers from the genuine product. Intellectual property right is "the
legal ownership by a person or business of a copyright, design, and patent,
trademark attached to a particular product or process which protects the owner
against unauthorized copying or imitation. Such property right are important
elements of product differentiation and confer temporary monopoly advantages
to suppliers" (Pass, Lowes and Davies 1993: 265).
The term intellectual property rights include copyright and related rights,
trademarks and service marks, geographic indications, industrial designs,
patents, layout-designs.

FOUR CATEGORIES OF INTELLECTUAL PROPERTY ACCORDING TO

NICOLE LEEPER PIQUERO

- PATENTS
- TRADEMARKS
- TRADE SECRETS
- COPYRIGHT

R.A. 9995 ANTI-PHOTO AND VIDEO VOYEURISM ACT OF 2009

Under Sec. 3 of RA 9995, photo or video voyeurism means the act of taking photo or
video coverage of a person or group of persons performing sexual act or any similar
activity or of capturing an image of the private area of a person or persons without the
latter's consent, under circumstances in which such person/s has/have a reasonable
expectation of privacy. It also includes the act of selling, copying, reproducing,
broadcasting, sharing, showing or exhibiting the photo or video coverage or recordings
of such sexual act or similar activity through VCD/DVD, internet, cellular phones and
similar means or device without the written consent of the person/s involved,
notwithstanding that consent to record or take photo or video coverage of same was
given by such persons.
RA 9995 punishes the taking of a photo or video of others engaged in sexual
activity or with the image of the private area of the person without their consent.

What is Cam cording law?

Republic Act (RA) 10088 also known as the "Anti-Camcording Act of 2010", prohibits
and penalizes the unauthorized use, possession, and or control of audiovisual recording
devices for the unauthorized recording of cinematographic films and other audio-visual
works and or their soundtracks in an exhibition facility.
Why is there a need for an Anti-Camcording Law?

"The Anti-Camcording Law has helped to revive the film industry and improve the
confidence of local and international filmmakers and studios alike," Du said. When was
the anti-camcording Act ratified?
3529 and House Bill No. 5699 was finally passed by the Senate and the House of
Representatives on January 18, 2010 and January 27, 2010, respectively. What
Philippine law is being violated by piracy?

Under the Cybercrime Law, acquiring any digital copy of any copyrighted material is
now punishable by a fine between Php 200,000 (US$4,470) to Php 500,000
(US$11,175) and six to 20 years in prison. The Intellectual Property Code and the Anti-
Camcording Law were previously in place to combat piracy in the Philippines.
WEEK8: PNP AND NBI CYBERCRIME
DIVISION FUNCTION
Definitions of Terms:

LEGAL ENFORCEMENT FOR CYBERSECURITY

Law enforcement authorities - refers to the National Bureau of Investigation

(NBI) and the Philippine National Police (PNP) under Section 10 of the RA
10175.
Central Authority - refers to the DOJ - Office of Cybercrime.
Competent Authority - refers to either the Cybercrime Investigation and
Coordinating Center or the DOJ - Office of Cybercrime, as the case may be. NBI
National Bureau of Investigation
PNP - Philippine National Police
CICC - Cybercrime Investigation and Coordinating Center
CERT - Computer Emergency Response Team

LAW ENFORCEMENT AUTHORITIES.

The NBI and the PNP shall be responsible for the efficient and effective law
enforcement of the provisions of RA 10175. The NBI and the PNP shall organize
a cybercrime unit or center manned by special investigators to exclusively handle
cases involving violations of this Act.

The NBI shall create a cybercrime division to be headed by at least a Head

Agent. The PNP shall create an anti-cybercrime unit headed by at least a Police
Director.

The DOJ – Office of Cybercrime (OOC) created under the Act shall coordinate
the efforts of the NBI and the NBI and the PNP in Enforcing the provisions of the
Act.
POWERS AND FUNCTIONS OF LAW ENFORCEMENT AUTHORITIES:

The NBI and PNP cybercrime unit or division shall have the following powers and
functions:

1) Investigate all cybercrimes where computer systems are involved.

2) Conduct data recovery and forensic analysis on computer systems and other
electronic evidence seized.

3) Formulate guidelines in investigation, forensic evidence recovery, and

forensic data analysis consistent with industry standard practices.

4) Provide technological support to investigating units within the PNP and NBI
including the search, seizure, evidence preservation and forensic recovery of
data from crime scenes and systems used in crimes and provide testimonies. 5)

5) Develop public, private sector, and law enforcement agency relations in

addressing cybercrimes.

6) Maintain necessary and relevant databases for statistical and/or monitoring

purposes.

7) Develop capacity within their organizations in order to perform such duties

necessary for the enforcement of the Act.

8) Support the formulation and enforcement of the national cybersecurity plan;

and

9) Perform other functions as may be required by the Act.

DUTIES OF LAW ENFORCEMENT AUTHORITIES:

To ensure that the technical nature of cybercrime and its prevention is given
focus and considering the procedures involved for international cooperation, law
enforcement authorities specifically the computer or technology crime divisions or
units responsible for the investigation of cybercrimes are required to submit
timely and regular reports including pre-operation, post-operation and
investigation results and such other documents as may be required to the
Department of Justice (DOJ) for review and monitoring.
Law enforcement authorities shall act in accordance with
the guidelines, advisories and procedures ISSUED and promulgated by the
competent authority in all matters related to cybercrime, and utilize the
prescribed forms and templates, including, but not limited to, preservation orders,
chain of custody, consent to search, consent to assume account/online identity
and request for computer forensic examination.

DEPARTMENT OF JUSTICE (DOJ) – OFFICE OF CYBERCRIME (OCC)

Established as the Central Authority on Cybercrime Matters pursuant to Republic
Act (R.A) No.10175 or the Cybercrime Prevention Act of 2021

DEPARTMENT OF JUSTICE (DOJ); FUNCTIONS AND DUTIES

The DOJ-Office or Cybercrime (OCC), designated as the Central authority In all
matters related to international mutual assistance and extradition, and the
Cybercrime Operation Center of the CICC, shall have the following functions and
duties:

1) Act as competent authority for all request for assistance for investigation or
proceedings concerning cybercrimes, facilitate the provisions of legal or technical
advice, preservation and production of data, collection of evidence, giving legal
information and location of suspects.

2) Act on complaints/referrals and cause the investigation and prosecution of

cybercrimes and other violations of the Act.

3) Issue preservation orders addressed to service providers.

4) Administer oaths, issue subpoena and summon witnesses to appear in an

investigation or proceedings for cybercrime.

5) Require the submission of timely and regular reports including pre-

operation, post-operation and investigation results, and such other documents
from the PNP and NBI for monitoring and review;
6) Monitor the compliance of the service providers with the provisions of Chapter
IV of the Act, and Rules 7 and 8 hereof;

7) Facilitate international cooperation with other law enforcement agencies on

intelligence, investigations, training and capacity-building related to cybercrime
prevention, suppression and prosecution;

8) Issue and promulgate guidelines, advisories, and procedures in all matters

related to cybercrime investigation, forensic evidence recovery, and forensic data
analysis consistent with industry standard practices;

9) Prescribe forms and templates, including, but not limited to, those for
preservation orders, chain of custody, consent to search, consent to assume
account/online identity, and request for computer forensic examination;

10) Undertake the specific roles and responsibilities of the DOJ related to
cybercrime under the Implementing Rules and Regulation of Republic Act No.
9775 or the "Anti-Child Pornography Act of 2009"; and

11) Perform such other acts necessary for the implementation of the Act.

COMPETENT AUTHORITIES

Cybercrime Investigation and Coordinating Center; Composition.

The inter-agency body known as the Cybercrime Investigation and Coordinating

Center (CICC), under the administrative supervision of the Office of the
President, established for policy coordination among concerned agencies and for
the formulation and enforcement of the national cyber security plan, is headed by
the Executive Director of the Information and Communications Technology Office
under the Department of Science and Technology (ICTO-DOST) as
Chairperson; the Director of the NBI as Vice- Chairperson; and the Chief of the
PNP, the Head of the DOJ Office of Cybercrime, and one (1) representative
each from the private sector, non- governmental organizations, and the academe
as members.

The CICC members shall be constituted as an Executive Committee and shall be

supported by Secretariats, specifically for Cybercrime, Administration, and
Cybersecurity. The Secretariats shall be manned from existing personnel or
representatives of the participating agencies of the CICC.

The CICC may enlist the assistance of any other agency of the government
including government-owned and -controlled corporations, and the following:

1) Bureau of Immigration.
2) Philippine Drug Enforcement Agency.
3) Bureau of Customs.
4) National Prosecution Service.
5) Anti-Money Laundering Council.
6) Securities and Exchange Commission.
7) National Telecommunications Commission; and
8) Such other offices, agencies and/or units, as may be necessary.

The DOJ Office of Cybercrime shall serve as the Cybercrime Operations Center
of the CICC and shall submit periodic reports to CICC.

Participation and representation in the Secretariat as the Cybercrime Operations

Center does not require physical presence but may be done through electronic
modes such as email, audio-visual conference calls, and the like.

POWER AND FUNCTIONS:

The CICC shall have the following powers and functions:

1) Formulate a national cybersecurity plan and extend immediate assistance

for the suppression of real-time commission of cybercrime offenses through a
computer emergency response team (CERT);

2) Coordinate the preparation of appropriate and effective measures to

prevent and suppress cybercrime activities as provided for in the Act;

3) Monitor cybercrime cases being handled by participating law enforcement

and prosecution agencies;

4) Facilitate international cooperation on intelligence, investigations, training

and capacity-building related to cybercrime prevention, suppression and
prosecution through the DOJ-Office of Cybercrime;

5) Coordinate the support and participation of the business sector, local

government units and NGOs in cybercrime prevention programs and other
related projects;

6) Recommend the enactment of appropriate laws, issuances, measures and

policies;

7) Call upon any government agency to render assistance in the accomplishment

of the CICC's mandated tasks and functions;

8) Establish and perform community awareness program on cybercrime

prevention in coordination with law enforcement authorities and stakeholders;
and

9) Perform all other matters related to cybercrime prevention and suppression,

including capacity-building and such other functions and duties as may be
necessary for the proper implementation of the Act.

COMPUTER EMERGENCY RESPONSE TEAM (CERT)

The DOST-ICT Office shall establish and operate the Computer Emergency
Response Team (CERT) that shall serve as coordinator for cybersecurity
related activities, including but not limited to the following functions and duties:

a) Extend immediate assistance to the CICC to fulfil its mandate under the Act
with respect to matters related to cybersecurity and the national cybersecurity
plan;

b) Issue and promulgate guidelines, advisories, and procedures in all matters

related to cybersecurity and the national cybersecurity plan;

c) Facilitate international cooperation with other security agencies on intelligence,

training, and capacity-building related to cybersecurity; and d) Serve as the focal
point for all instances of cybersecurity incidents by:

1) Providing technical analysis of computer security incidents;

2) Assisting users in escalating abuse reports to relevant parties;

3) Conducting research and development on emerging threats to computer

security.
4) Issuing relevant alerts and advisories on emerging threats to computer
security.

5) Coordinating cyber security incident responses with trusted third parties

a) the national and

b) international levels; and

6) Conducting technical training on cyber security and related topics.

The Philippine National Police and the National Bureau of Investigation shall
serve as the field operations arm of the CERT. The CERT may also enlist other
government agencies to perform CERT functions.

PHILIPPINE NATIONAL POLICE ANTI-CYBERCRIME GROUP (PNP-ACG)

The mission of the PNP Anti-Cybercrime Group is to implement and enforce

pertinent laws on cybercrime and other cyber related crimes and pursue an
effective anti-cybercrime campaign. The Anti-Cybercrime Group investigates all
cybercrimes and other crimes in which Information and Communications
Technology (ICT) was used in the commission of criminal acts or the object of
attack.

Knowing the dangers of cybercrimes and the security threats pose in our
cyberspace, the
Philippine National Police (PNP) through the leadership of police Director
General Allan La Madrid Purisima Chief, PNP, pushed for the activation of the
PNP Anti-Cybercrime Group (ACG) on March 20, 2013 as strategic response to
all cyber security challenges.

The creation of ACG also highlights the Organizational Development

component of the PNP Strategic Focus "CODE-P" having a centralized body
that is dedicated in handling cybercrimes to enhance the overall efficiency of the
PNP to solve and prevent criminality. According to the Anti-Cyber Crime Law, the
PNP-ACG will also be a part of the Cybercrime Investigation and Coordinating
Center (CICC), an inter-agency body under the administrative

supervision of the Office of the President, for policy coordination among

concerned agencies and for the formulation and enforcement of the national
cyber security plan.
The Philippine National Police (PNP) Through The PNP Anti Cybercrime Group
will be the frontrunner in raising awareness of cyber security at all levels of
government especially the PNP, and has the following goals to help in raising
public awareness to the Philippine cyberspace users:

1) The creation of a website designed to inform home and leisure users, small
business owners and those who have limited knowledge and skills about
cybercrime and cyber security, the dangers of unprotected internet access and
possible ways to avoid known threats. The website will contain alerts and
advisories and will be written in plain language to appeal to even the most
unaccustomed to using the internet. It will also include information on new cyber
security risks and give suggestions on how to address them.

2) The Publication of Cyber Security Bulletins will ensure the Internet community
has access to information on cyber security threats, vulnerabilities in their
systems and information on how to better protect their information technology
environment.

3) Cyber security lectures and seminars for primary and secondary schools
should be conducted. This promotes cyber security awareness, culminating in an
annual Cyber Security Awareness Week, conducted in partnership with business,
consumer groups and community organizations.