File000167

Module LIV - Law and Computer
Forensics

EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Scenario

EC-Council
News: Computer Forensics:
Beyond the Magnifying Glass
Source: http://www.technewsworld.com/story/63972.html?wlc=1222229169

EC-Council
Module Objective
• Introduction of Laws in Forensics
• Security Policies
• Sample Banner
• Privacy Issues Involved in Investigations
• Legal Issues Involved in Seizure of Computer Equipments
• How the FBI Investigates Computer Crime
• Crime Investigating Organizations
• G8 Countries: Action Plan to Combat High-Tech Crime
• The USA Patriot Act of 2001
• Gramm-Leach Bliley Act
• Federal Records Act
• Laws of Different Countries
• Internet Crime Prevention Tips
• Reporting Computer-Related Crimes
• Federal Local Agents Contact
This module will familiarize you with:

EC-Council
Module Flow
Computer Forensics Laws
Privacy Issues Involved
in Investigations
Sample Banner
G8 Countries: Action
Plan to Combat
High-Tech Crime
Crime Investigating
Organizations
How the FBI Investigates
Computer Crime
Legal Issues Involved in
Seizure of Computer
Equipments
Security Policies
The USA Patriot Act
of 2001
Gramm-Leach Bliley Act
Laws of Different
Countries
Federal Records Act
Reporting Computer-
Related Crimes
Internet Crime Prevention
Tips
Federal Local Agents
Contact

EC-Council

EC-Council
Computer forensics laws and legal precedents regulate the practices associated
with computer forensics
It aids the investigation officer to get search warrant for searching and seizing the
computer involved in a crime

EC-Council
Role of Law Enforcement Agencies in
Forensics Investigation
• Improve the likelihood of conducting a successful investigation by helping to
establish a trusted relationship with victim, thereby improving the quality of
cooperation provided by victim
• Safeguard victims by reducing the likelihood that an investigation will
exacerbate the damage already suffered by the victim
• Establish procedures for obtaining efficient and timely assistance for victim
Law enforcement helps to:

EC-Council
Guidelines for Law Enforcement
Agencies
Minimize the disruption to a victim-company’s normal business operations
Coordinate the release of any information to the news media about the investigation
Work closely with victim on issues that will have an impact on sentencing
To the extent possible, regularly update the victim on the progress of the
investigation
Consult with the victim-company’s information technology staff about network
architecture before implementing investigative measures on the network
Be aware that you may need to consult with a victim-company’s senior management
before undertaking intrusive investigative measures on the company’s network
Encourage ongoing relationships with businesses before an incident occurs

EC-Council
Law Enforcement Policies
Law enforcement policies protect resources and people, prevent crime, and
help in carrying out investigation and apprehend criminals
These policies are designed to provide organization security officers with
clear definitions, direction, and guidelines for providing and promoting a
reliable, efficient response to organizational crime in order to achieve the
following goals:
• Reduce the risk of civil liability for security officers and administrators
• Make an arrest for any abuse of an Emergency Protective Order (EPO), Domestic
Violence Order (DVO), and Foreign Protective Order (FPO)
It helps in drafting mission statement, objective statements, rules of
conduct, and ethics for organizational behavior

EC-Council
Internet Laws and Statutes

EC-Council
Internet Laws and Statutes
California Business and Professions Code SECTION 17538
Anti cyber squatting Consumer Protection Act (ACPA), 15 USC §1125(D)
Unsolicited E-mail
• Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003
(CAN-SPAM) 15 U.S.C. §§7701-7713
• Nevada Senate Bill No. 13
• Washington House Bill 2752 (1998) (AS ENACTED)
• Connecticut House Bill 6558
Communications Decency Act
• 47 U.S.C. Section 230
• §230. Protection for private blocking and screening of offensive material

EC-Council
Federal Laws (Computer Crime)
• Person willfully injures or destroys any of the works,
property, or material of any means of communication
• Maliciously obstructs, hinders, or delays the
transmission of any communication
Law is applicable if:
• A fine or imprisonment for not more than 10 years, or
both
Penalty:
18 U.S.C. § 1362. Communication Lines, Stations, or
Systems

EC-Council
Intellectual Property Rights
17 U.S.C. § 506, Criminal Offenses
• Criminal Infringement
• Forfeiture and Destruction
• Fraudulent Copyright Notice
• Fraudulent Removal of Copyright Notice
• False Representation
• Rights of Attribution and Integrity
Copyright Offenses

EC-Council
(cont’d)
• Producers and sellers of legitimate works
• Holders of intellectual property rights
• The legal representatives of such producers, sellers, and
holders
Person applicable to submit victim impact
statement include:
• Imprisoned not more than 5 years, or fined for
reproducing and distributing atleast 10 copies or phone
records, of 1 or more copyrighted works
• Imprisoned not more than 3 years, or fined for
reproducing and distributing more than 10 copies or
phone records, of 1 or more copyrighted works
Penalty:
18 U.S.C. § 2319, Criminal Infringement of a Copyright

EC-Council
(cont’d)
• Person knowingly traffics in a counterfeit label affixed
or designed to be affixed
• Intentionally traffics in counterfeit documentation or
packaging for a computer program
Law is applicable if :
• Fined or imprisoned for not more than five years, or
both
Penalty:
18 U.S.C. § 2318, Trafficking in counterfeit label for phone
records, copies of computer programs or computer program
documentation or packaging, and copies of motion pictures
or other audio visual works, and trafficking in counterfeit
computer program documentation or packaging

EC-Council
(cont’d)
• Person knowingly and for purposes of
commercial advantage fixes the sounds and
images or reproduces copies or phone records
• Transmits the sound and images to the public
without the consent of the performer
Law is
applicable if:
• Imprisoned for not more than 5 years or fined or
both
Penalty:
Bootlegging Offenses
18 U.S.C. § 2319A, Unauthorized fixation of and trafficking in sound recordings
and music videos of live musical performances

EC-Council
(cont’d)
• Person intentionally traffics or attempts to
traffic in goods or services
• Knowingly uses a counterfeit mark
Penalty:
• Fined not more than $2,000,000 or
imprisoned not more than 10 years, or both
Trademark Offenses
18 U.S.C. § 2320, Trafficking in counterfeit goods or
services

EC-Council
(cont’d)
• Person knowingly steals or without authorization
obtains a trade secret
• Without authorization copies or transmits a trade
secret
• Receives, buys, or possesses a trade secret
• Fined not more than $10,000,000
Penalty:
Trade Secret Offenses
18 U.S.C. § 1831, Economic espionage

EC-Council
(cont’d)
18 U.S.C. § 1832, Theft of trade secrets
• Person with a intent to covert trade secret knowingly
steals or without authorization obtains information
• Without authorization copies or transmits such
information
• Receives, buys, or possesses such information
Penalty:
• Fined not more than $5,000,000

EC-Council
(cont’d)
• Exceptions:
• Lawful activity conducted by a governmental entity of the
United States, a State, or a political subdivision of a State
• Reporting of a suspected violation of law to any
governmental entity of the United States, a State, or a
political subdivision of a State
18 U.S.C. § 1833, Exceptions to prohibitions
• Any property constituting, or derived from, any proceeds
the person obtained, directly or indirectly, as the result
of violation
• Any of the person's property used, or intended to be used
to commit or facilitate violation
18 U.S.C. § 1834, Criminal forfeiture

EC-Council
(cont’d)
• Person with malicious intent places a notice bearing
copyright or words with false representation
• Removes or alters any notice of copyright appearing on
a copy of a copyrighted work
Offense if:
• Fined not more than $2,500
Penalty:
Offenses Relating to the Integrity of IP Systems
17 U.S.C. § 506(c-d), Fraudulent Copyright Notice;
Fraudulent Removal of Copyright Notice

EC-Council
(cont’d)
• Receiving, assisting in receiving, transmitting, or assisting
in transmitting, any interstate or foreign communication
by wire or radio
• Intercepting any radio communication and divulging or
publishing the existence, contents, substance, purport,
effect, or meaning of such intercepted communication to
any person
• Scrambling of Public Broadcasting Service programming
Practices prohibited
• Fined not more than $2,000 or imprisoned for not more
than 6 months, or both
Penalty:
47 U.S.C. § 605, Unauthorized publication or use of
communications

EC-Council
Cyber Stalking
18 U.S.C. § 875, Interstate communications
• Offense:
• Transmitting any communication containing any demand or
request for a ransom
• Transmitting any communication containing any threat to
kidnap any person or to injure the person
18 U.S.C. § 2261A, Interstate stalking
• Offense:
• Person travels in interstate or foreign commerce with an intent
to kill or injure, harass, or intimidate a person in another State
or tribal jurisdiction

EC-Council
Information Security Acts

EC-Council
The USA PATRIOT Act of 2001
Congress passed the USA PATRIOT Act (the Act) in response to
the terrorists’ attacks of September 11, 2001
The Act gives federal officials greater authority to track and
intercept communications, both for law enforcement and foreign
intelligence gathering purposes

EC-Council
Federal Information Security
Management Act
 Title III- Information Security of the E-Government Act, entitled the
Federal Information Security Management Act (FISMA) requires each
federal agency to develop, document, and implement an agency-wide
program to provide information security for the information and
information systems that support the operations and assets of the agency,
including those provided or managed by another agency, contractor, or
other source
 § 3541. Purposes: The purposes of this act are to
• (1) Provide a comprehensive framework for ensuring the effectiveness of
information security controls over information resources that support Federal
operations and assets
• (2) Recognize the highly networked nature of the current Federal computing
environment and provide effective government wide management and
oversight of the related information security risks, including coordination of
information security efforts throughout the civilian, national security, and law
enforcement communities
• (3) Provide for development and maintenance of minimum controls required to
protect Federal information and information systems

EC-Council
Federal Information Security
Management Act (cont’d)
• (4) provide a mechanism for improved oversight of Federal agency information
security programs
 ‘‘§ 3543. Authority and functions of the Director
• (a) IN GENERAL - The Director shall oversee agency information security
policies and practices, including -
– (1) developing and overseeing the implementation of policies, principles,
standards, and guidelines on information security, including through
ensuring timely agency adoption of and compliance with standards
promulgated under section 11331 of title 40
– (2) requiring agencies, consistent with the standards promulgated under
such section 11331 and the requirements of this subchapter, to identify and
provide information security protections commensurate with the risk and
magnitude of the harm resulting from the unauthorized access, use,
disclosure, disruption, modification, or destruction of—
– (A) information collected or maintained by or on behalf of an agency; or
– (B) information systems used or operated by an agency or by a contractor
of an agency or other organization on behalf of an agency

EC-Council
Gramm-Leach Bliley Act
• The Financial Privacy Rule governs the collection and disclosure of customers'
personal financial information by financial institutions
Financial Privacy Rule
• The Safeguards Rule requires all financial institutions to design, implement, and
maintain safeguards to protect the customer’s information
Safeguards Rule
• The Pretexting provisions of the GLB Act protect consumers from individuals and
companies that obtain their personal financial information under false pretenses
Pretexting provisions
The Financial Modernization Act of 1999, also known as the "Gramm-Leach-Bliley Act"
or GLB Act, includes provisions to protect the consumers’ personal financial information
held by financial institutions
There are three principal parts to the privacy requirements:

EC-Council
CAN-SPAM Act
Main provisions of the CAN-SPAM law are:
• It bans false or misleading header information
• It prohibits deceptive subject lines
• It requires that your email gives recipients an opt-
out method
• It requires that commercial email be identified as
an advertisement and include the sender's valid
physical postal address
The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited
Pornography and Marketing Act) establishes requirements for those who
send commercial email, spells out penalties for spammers and companies
whose products are advertised in spam if they violate the law, and gives
consumers the right to ask emailers to stop spamming them

EC-Council
CAN-SPAM Act (cont’d)
• Each violation of the above provisions is subject to fines of up to
$11,000. Deceptive commercial email also is subject to laws
banning false or misleading advertising
• Additional fines are provided for commercial emailers who not
only violate the rules described above, but also:
• “Harvest" email addresses from web sites or web services that have
published a notice prohibiting the transfer of email addresses for the
purpose of sending email
• Generate email addresses using a "dictionary attack" – combining
names, letters, or numbers into multiple permutations
• Use scripts or other automated ways to register for multiple email or
user accounts to send commercial email
• Relay emails through a computer or network without permission – for
example, by taking advantage of open relays or open proxies without
authorization
Penalties:

EC-Council
Personal Information Protection and
Electronic Documents Act (PIPEDA)
 The Personal Information Protection and Electronic Documents Act
(PIPEDA) is federal legislation passed in 2001 and fully implemented on
January 1, 2004
 The purpose of the Act is “to establish, in an era in which technology
increasingly facilitates the circulation and exchange of information, rules
to govern the collection, use and disclosure of personal information in a
manner that recognizes the right of privacy of individuals with respect to
their personal information and the need of organizations to collect, use or
disclose personal information for purposes that a reasonable person would
consider appropriate in the circumstances”
 The Act aims to protect information about an individual, including
information such as:
• Age, name, income, ethnic origin, religion or blood type
• Opinions, evaluation, comments, social status or disciplinary actions
• Credit records, employment history and medical records

EC-Council
Data Protection Act 1998
 Section 55: Unlawful obtaining etc. of personal data
• (1) A person must not knowingly or recklessly, without the
consent of the data controller -
– (a) Obtain or disclose personal data or the information
contained in personal data, or
– (b) Procure the disclosure to another person of the
information contained in personal data
• (2) Subsection (1) does not apply to a person who shows -
– (a) That the obtaining, disclosing, or procuring -
– (i) was necessary for the purpose of preventing or detecting
crime
– (ii) was required or authorized by or under any enactment, by
any rule of law or by the order of a court

EC-Council
Data Protection Act 1998
(cont’d)
• (3) A person who contravenes subsection (1) is guilty of an
offence
• (4) A person who sells personal data is guilty of an offense if he
has obtained the data in contravention of subsection (1)
• (5) A person who offers to sell personal data is guilty of an
offense if—
– (a) He has obtained the data in contravention of subsection (1), or
– (b) He subsequently obtains the data in contravention of that subsection
• (6) For the purposes of subsection (5), an advertisement
indicating that personal data are or may be for sale is an offer to
sell the data
• (7) Section 1(2) does not apply for the purposes of this section;
and for the purposes of subsections (4) to (6), “personal data”
includes information extracted from personal data

EC-Council
Criminal Damage Act 1991
(1) A person who without lawful excuse operates a computer—
• ( a ) Within the State with intent to access any data kept either within or outside the
State, or
• ( b ) Outside the State with intent to access any data kept within the State, shall,
whether or not he accesses any data, be guilty of an offence and shall be liable on
summary conviction to a fine not exceeding £500 or imprisonment for a term not
exceeding 3 months or both
(2) Subsection (1) applies whether or not the person intended to access any
particular data or any particular category of data or data kept by any particular
person
Section 5: Unauthorized accessing of data

EC-Council
Cyber Terrorism Preparedness
Act of 2002
The purpose of this act is to provide protection for the information
infrastructure of the United States against terrorist or other
disruption or attack or other unwarranted intrusion
It supports the development of appropriate cyber security best
practices as well as long-term cyber security research and
development, and performs functions relating to such activities
The term "cybersecurity" means information assurance, including
information security, information technology disaster recovery, and
information privacy

EC-Council
Laws Related to Information
Assurance and Security

EC-Council
Federal Records Act
• The head of each Federal agency shall make and preserve records containing
adequate and proper documentation of the organization, functions, policies,
decisions, procedures, and essential transactions of the agency and designed
to furnish the information necessary to protect the legal and financial rights
of the Government and of persons directly affected by the agency’s activities
§ 3101: Records management by agency heads; general duties:
• The head of each Federal agency shall establish and maintain an active,
continuing program for the economical and efficient management of the
records of the agency. The program, among other things, shall provide for
• Effective controls over the creation and over the maintenance and use of records in the
conduct of current business
• Cooperation with the Administrator of General Services and the Archivist in applying
standards, procedures, and techniques designed to improve the management of
records, promote the maintenance and security of records deemed appropriate for
preservation, and facilitate the segregation and disposal of records of temporary value
§ 3102: Establishment of program of management

EC-Council
Federal Records Act (cont’d)
• The head of each Federal agency shall establish safeguards
against the removal or loss of records he determines to be
necessary and required by regulations of the Archivist.
Safeguards shall include making it known to officials and
employees of the agency
• that records in the custody of the agency are not to be alienated or
destroyed except in accordance with sections 3301-3314 of this title,
and
• the penalties provided by law for the unlawful removal or destruction
of records
§ 3105: Safeguards:

EC-Council
Federal Managers Financial
Integrity Act of 1982
The Federal Managers’ Financial Integrity Act of 1982 (Integrity Act or
FMFIA) provides the statutory basis for management’s responsibility
for and assessment of accounting and administrative internal controls
• Such controls include program, operational, and administrative areas, as
well as accounting and financial management
The Integrity Act requires federal agencies to establish controls that
reasonably ensure:
• Obligations and costs are in compliance with applicable law
• Funds, property, and other assets are safeguarded against waste, loss,
unauthorized use, or misappropriation
• Revenues and expenditures are properly recorded and accounted for to
maintain accountability over the assets

EC-Council
Federal Property and
Administration Service Act
The Federal Property and Administrative Services Act of 1949 is a United
States federal law that established the general services administration (GSA)
Sec. 101. [40 U.S.C. 751] General Services Administration
• There is hereby established an agency in the executive branch of the
Government which shall be known as the general services administration
• There shall be at the head of the general services administration an
administrator of general services who shall be appointed by the president by and
with the advice and consent of the senate, and perform his functions subject to
the direction and control of the president
• There shall be in the general services administration a deputy administrator of
general services who shall be appointed by the administrator of general services
• The Deputy Administrator shall perform such functions as the Administrator shall
designate and shall be Acting Administrator of General Services during the absence
or disability of the Administrator and, unless the President shall designate another
officer of the Government, in the event of a vacancy in the office of Administrator

EC-Council
Government Paperwork
Elimination Act
• Maintain compatibility with standards and technology for electronic signatures
generally used in commerce and industry and by State governments
• Ensure that electronic signatures are as reliable as appropriate for the purpose in
question
• Maximize the benefits and minimize the risks and other costs
• Protect the privacy of transaction partners and third parties that have information
contained in the transaction
GPEA policies for agencies:
Government Paperwork Elimination Act (GPEA) states that electronic records and their
related electronic signatures are not to be denied legal effect, validity, or enforceability
merely because they are in electronic form
GPEA seeks to preclude agencies or courts from systematically treating electronic
documents and signatures less favorably than their paper counterparts, so that citizens
can interact with the Federal government electronically

EC-Council
Paperwork Reduction Act
• Minimize the paperwork burden for individuals, small businesses,
educational and nonprofit institutions, Federal contractors, State,
local and tribal governments
• Ensure the greatest possible public benefit from and maximize
the utility of information created, collected, maintained, used,
shared and disseminated by or for the Federal Government
• Improve the quality and use of Federal information to strengthen
decision making, accountability, and openness in Government
and society
• Minimize the cost to the Federal Government of the creation,
collection, maintenance, use, dissemination, and disposition of
information
• Ensure the integrity, quality, and utility of the Federal statistical
system
The purposes of this act is to:

EC-Council
Computer Fraud and Abuse Act
Sec. 1030. Fraud and related activity in connection with computers
• Knowingly accessed a computer without authorization or exceeding authorized
access
• Intentionally accesses a computer without authorization or exceeds authorized
access
• Intentionally, without authorization to access any nonpublic computer of a
department or agency of the United States
• Knowingly and with intent to defraud, accesses a protected computer without
authorization, or exceeds authorized access
• Knowingly and with intent to defraud traffics in any password or similar
information through which a computer may be accessed without authorization
Penalty:
• Fine under particular title or imprisonment for not more than ten years, or both

EC-Council
Freedom of Information Act
The Freedom of Information Act deals with access to official information and gives
individuals or organizations the right to request information from any public authority
It gives you the right to request information held by public authorities, companies wholly
owned by public authorities
§ 552. Public information; agency rules, opinions, orders, records, and proceedings
• Each agency shall make available to the public information as follows:
• Each agency shall separately state and currently publish in the Federal Register for the guidance
of the public
• Each agency, in accordance with published rules, shall make available for public inspection and
copying
• Each agency shall promulgate regulations, pursuant to notice and receipt of public comment,
specifying the schedule of fees applicable to the processing of requests
• Each agency having more than one member shall maintain and make available for public
inspection a record of the final votes of each member in every agency proceeding

EC-Council
E-Government Act 0f 2002
/Public Law 107-347
• To provide effective leadership of Federal Government efforts to
develop and promote electronic Government services and
processes by establishing an administrator of a new office of
electronic Government within the office of management and
budget
• To promote use of the Internet and other information
technologies to provide increased opportunities for citizen
participation in Government
• To improve the ability of the Government to achieve agency
missions and program performance goals
• To reduce costs and burdens for businesses and other
Government entities
• To promote better informed decision making by policy makers
The purposes of this Act are:

EC-Council
E-Government Act 0f 2002
/Public Law 107-347 (cont’d)
• § 3541: Purposes:
• Provide a comprehensive framework for ensuring the
effectiveness of information security controls over information
resources that support Federal operations and assets
• Provide for development and maintenance of minimum controls
required to protect Federal information and information
systems
• Provide a mechanism for improved oversight of Federal agency
information security programs
• Recognize that the selection of specific technical hardware and
software information security solutions should be left to
individual agencies from among commercially developed
products
Title III: Section 301: Information security

EC-Council
Implications of Public Law 107-347
Regarding Certification and Accreditation
Certification and Accreditation is a process which ensures that computer systems and major
applications stick to recognized and established security requirements that are well documented and
authorized
Title III of the E-Government Act (Public Law 107-347) titled Federal Information Security
Management Act (FISMA) moderates that all federal agencies develop and implement an agency wide
information security program that give detailed about its security requirement, policies, control and risk
to the agency
Information security program explains formally in a collection of documentation and reports which
consist of:
• Periodic risk assessments
• Information security policies and procedures
• Security policies and procedures for detecting the vulnerability
• An inventory of software and hardware assets
• Security awareness training and probable rules of behavior for end users
• An evaluation of security controls
• Processes for reporting and replying to security incidents

EC-Council
Information Privacy Act 2000
• Establish a regime for the responsible collection and handling
of personal information in the public sector
• Provide individuals with rights of access to information about
them held by organizations, including information held by
contracted service providers
• Provide individuals with the right to require an organization
to correct information about them held by the organization,
including information held by contracted service providers
• Provide remedies for interferences with the information
privacy of an individual
• Provide for the appointment of a privacy commissioner
The main purpose of this act is to:

EC-Council
Computer Crime Acts

EC-Council
Australia: The Cybercrime
Act 2001
• (a) The person causes any unauthorized modification of data held in a
computer
• (b) The person knows the modification is unauthorized
• (c) The person is reckless as to whether the modification impairs or will
impair:
• (i) access to that or any other data held in any computer; or
• (ii) the reliability, security, or operation of any such data
A person is guilty of an offence if:
• 10 years imprisonment
Penalty:
An Act to amend the law relating to computer offences and for other
purposes
477.2 Unauthorized modification of data to cause impairment

EC-Council
Australia: The Cybercrime
Act 2001 (cont’d)
• (a) The person causes any unauthorized access to, or modification
of, restricted data
• (b) The person intends to cause the access or modification
• (c) The person knows that the access or modification is
unauthorized
• (d) One or more of the following applies:
• (i) The restricted data is held in a Commonwealth computer
• (ii) The restricted data is held on behalf of the Commonwealth
• (iii) The access to, or modification of, the restricted data is caused by
means of a telecommunications service
A person is guilty of an offence if:
• 2 years imprisonment
Penalty:
478.1 Unauthorized access to, or modification of, restricted data

EC-Council
Austrian Laws
• (1) Provided that the offence does not meet the statutory definition
of a punishable action within the relevant jurisdiction of the court
nor is threatened by a more severe punishment under a different
administrative penalty clause, a minor administrative offence shall
be pronounced with a fine of up to S260.000. Parties who;
• Willfully obtain unlawful access to a data application or willfully
maintain discernable, unlawful, and deliberate access or
• Intentionally transmit data in violation of the Data Secrecy Clause
(§15), especially data that were entrusted to him/her according to §46
and §47, for intentional use for other purposes or
• Use data contrary to a legal judgment or decision, withhold data, fail
to correct false data, fail to delete data or
• Intentionally delete data contrary to §26, Section 7
§ 52. Administrative Penalty Clause
Privacy Act 2000: Section 10

EC-Council
Belgium Laws
• §1. Any person who, aware that he is not authorized, accesses or
maintains his access to a computer system, may be sentenced to a
term of imprisonment of 3 months to 1 year and to a fine of (BFr
5,200-5m) or to one of these sentences
• If the offence specified in §1 above is committed with intention to
defraud, the term of imprisonment may be from 6 months to 2 years
• §2. Any person who, with the intention to defraud or with the
intention to cause harm, exceeds his power of access to a computer
system, may be sentenced to a term of imprisonment of 6 months to 2
years and to a fine of (BFr 5,200-20m) or to one of these sentences
Article 550(b) of the Criminal Code:
The Belgian Parliament has in November 2000 adopted new articles in the
Criminal Code on computer crime, in effect from February 13, 2001. The four
main problems of computer forgery, computer fraud, hacking and sabotage are
made criminal offences

EC-Council
Brazilian Laws
ENTRY OF FALSE DATA INTO THE INFORMATION SYSTEM
• Art. 313-A. Entry, or facilitation on the part of an authorized employee of the
entry, of false data, improper alteration or exclusion of correct data with
respect to the information system or the data bank of the Public
Management for purposes of achieving an improper advantage for himself or
for some other person, or of causing damages
• Penalty-imprisonment for 2 to 12 years, and fines
UNAUTHORIZED MODIFICATION OR ALTERATION OF THE
INFORMATION SYSTEM
• Art. 313-B. Modification or alteration of the information system or computer
program by an employee, without authorization by or at the request of a
competent authority
• Penalty-detention for 3 months to 2 years, and fines

EC-Council
Canadian Laws
Canadian Criminal Code Section 342.1 states:
(1) Every one who, fraudulently and without color of right:
• (a) obtains, directly or indirectly, any computer service,
• (b) by means of an electro-magnetic, acoustic, mechanical or other device, intercepts
or causes to be intercepted, directly or indirectly , any function of a computer system
• (c) uses or causes to be used, directly or indirectly, a computer system with intent to
commit an offence under paragraph (a) or (b) or an offence under section 430 in
relation to data or a computer system
Person to commit an offence under paragraph (a), (b) or (c) is guilty of an
indictable offence and liable to imprisonment for a term not exceeding ten
years

EC-Council
Denmark Laws
Penal Code Section 263:
• (2) Any person who, in an unlawful manner, obtains
access to another persons information or programs
which are meant to be used in a data processing system,
shall be liable to a fine, to simple detention or to
imprisonment for a term not exceeding 6 months
• (3) If an act of the kind described in subsection 1 or 2 is
committed with the intent to procure or make oneself
acquainted with information concerning trade secrets of
a company or under other extraordinary aggravating
circumstances, the punishment shall be increased to
imprisonment for a term not exceeding 2 years

EC-Council
European Laws
 SECTION 1 - SUBSTANTIVE CRIMINAL LAW
 According to this law following considered as the offenses:
• Title 1 - Offenses against the confidentiality, integrity, and availability of
computer data and systems
• Article 2 - Illegal Access
– Each party shall adopt such legislative and other measures as may be necessary
to establish as criminal offenses under its domestic law, when committed
intentionally, the access to the whole or any part of a computer system without
right
• Article 3 - Illegal Interception
• Article 4 - Data Interference
– Each party shall adopt such legislative and other measures as may be necessary
to establish as criminal offenses under its domestic law, when committed
intentionally, the damaging, deletion, determination, alteration or suppression
of computer data without right

EC-Council
France Laws
• The act of fraudulently gaining access to, or maintaining, in all or
part of an automated data processing system is punishable by
imprisonment not exceeding one year and a fine of up to
100.000 F
Article 323-1:
• The act of hindering or of distorting the functioning of an
automated data processing system is punishable by
imprisonment not exceeding three years and a fine up to
300.000 FF
Article 323-2:
Chapter III: ATTACKS ON SYSTEMS FOR AUTOMATED DATA
PROCESSING

EC-Council
German Laws
• (1) Any person who obtains without authorization, for himself or
for another, data which are not meant for him and which are
specially protected against unauthorized access, shall be liable to
imprisonment for a term not exceeding three years or to a fine
• (2) Data within the meaning of subsection 1 are only such as are
stored or transmitted electronically or magnetically or in any form
not directly visible
Penal Code Section 202a. Data Espionage:
• (1) Any person who unlawfully erases, suppresses, renders useless,
or alters data (section 202a(2)) shall be liable to imprisonment for
a term not exceeding two years or to a fine
• (2) The attempt shall be punishable
Penal Code Section 303a: Alteration of Data

EC-Council
Greece Laws
Criminal Code Article 370C§2:
• Every one who obtains access to data recorded in
a computer or in the external memory of a
computer or transmitted by telecommunication
systems shall be punished by imprisonment for up
to three months or by a pecuniary penalty not less
than ten thousands drachmas
• If the act concerns the international relations or
the security of the State, he shall be punished
according to Art. 148

EC-Council
Hong Kong Laws
 Section 27A: Unauthorized access to computer by telecommunication
• (1) Any person who, by telecommunication, knowingly causes a computer
to perform any function to obtain unauthorized access to any program or
data held in a computer commits an offence and is liable on conviction to a
fine of $ 20000
• (2) For the purposes of subsection (1)-
– (a) The intent of the person need not be directed at-
– (i) Any particular program or data
(ii) A program or data of a particular kind
(iii) A program or data held in a particular computer
– (b) Access of any kind by a person to any program or data held in a
computer is unauthorized if he is not entitled to control access of the kind
in question to the program or data held in the computer and-
– (i) He has not been authorized to obtain access of the kind in question to the
program or data held in the computer by any person who is so entitled
(ii) He does not believe that he has been so authorized
(iii) He does not believe that he would have been so authorized if he had applied
for the appropriate authority

EC-Council
Indian Laws
• (1) Whoever with the intent to cause or knowing that he is likely to
cause wrongful loss or damage to the public or any person destroys
or deletes or alters any information residing in a computer resource
or dimishes its value or utility or affects it injuriously by any means,
commits hack
• (2) Whoever commits hacking shall be punished with imprisonment
up to three years, or with fine which may extend up to two lakh
rupees, or with both
The Offences: 66.Hacking with computer system
THE INFORMATION TECHNOLOGY ACT, 2000 (No. 21 of
2000),CHAPTER XI

EC-Council
Italian Laws
Penal Code Article 615 : Unauthorized access into a computer or
telecommunication systems:
• Anyone who enters unauthorized into a computer or telecommunication
system protected by security measures, or remains in it against the
expressed or implied will of the one who has the right to exclude him, shall
be sentenced to imprisonment not exceeding three years
• The imprisonment is from one until five years
• If the crime is committed by a public official or by an officer of a public
service, through abuse of power or through violation of the duties
concerning the function or the service, or by a person who practices - even
without a license - the profession of a private investigator, or with abuse of
the capacity of a system operator

EC-Council
Japanese Laws
 Unauthorized Computer Access Law (Law No. 128 of 1999)
• The purpose of this Law is, by prohibiting acts of unauthorized
computer access as well as by stipulating penal provisions for such acts
and assistance measures to be taken by the Metropolitan or
Prefectural Public Safety Commissions for preventing a recurrence of
such acts, to prevent computer-related crimes that are committed
through telecommunication lines and to maintain the
telecommunications-related order that is realized by access control
functions, and, thereby, to contribute to the sound development of the
advanced information and telecommunications society
 Prohibition of acts of unauthorized computer access
• Article 3. No person shall conduct an act of unauthorized computer
access
• 2. The act of unauthorized computer access mentioned in the
preceding paragraph means an act that falls under one of the following
items

EC-Council
Japanese Laws (cont’d)
• (1) An act of making available a specific use which is restricted by an access
control function by making in operation a specific computer having that access
control function through inputting into that specific computer, via
telecommunication line, another person’s identification code for that access control
function (to exclude such acts conducted by the access administrator who has added
the access control function concerned, or conducted with the approval of the access
administrator concerned or of the authorized user for that identification code)
• (2) An act of making available a restricted specific use by making in operation a
specific computer having that access control function through inputting into it, via
telecommunication line, any information (excluding an identification code) or
command that can evade the restrictions placed by that access control function on
that specific use (to exclude such acts conducted by the access administrator who
has added the access control function concerned, or conducted with the approval of
the access administrator concerned; the same shall apply in the following item)
• (3) An act of making available a restricted specific use by making in operation a
specific computer, whose specific use is restricted by an access control function
installed into another specific computer which is connected, via a
telecommunication line, to that specific computer, through inputting into it, via a
telecommunication line, any information or command that can evade the
restrictions concerned

EC-Council
Japanese Laws (cont’d)
 Prohibition of acts of facilitating unauthorized computer access
• Article 4. No person shall provide another person's identification code
relating to an access control function to a person other than the access
administrator for that access control function or the authorized user
for that identification code, in indicating that it is the identification
code for which specific computer's specific use, or at the request of a
person who has such knowledge, excepting the case where such acts
are conducted by that access administrator, or with the approval of
that access administrator or of that authorized user
 Penal provisions
• Article 8. A person who falls under one of the following items shall be
punished with penal servitude for not more than one year or a fine of
not more than 500,000 yen:
– (1) A person who has infringed the provision of Article 3, paragraph 1
• Article 9. A person who has infringed the provision of Article 4 shall be
punished with a fine of not more than 300,000 yen

EC-Council
Latvian Laws
• If a person commits arbitrarily accessing an automated computer
system
• Penalty: Custodial arrest, or a fine not exceeding eighty times the
minimum monthly wage
Section 241: Arbitrarily accessing computer
systems
• If a person commits unauthorized copying of computer software,
files or databases stored in the memory of a computer system
• Penalty: Custodial arrest, or a fine not exceeding eighty times the
minimum monthly wage
Section 242: Unauthorised acquisition of
computer software

EC-Council
Malaysian Laws
• (1) A person shall be guilty of an offence if -
• (a) He causes a computer to perform any function with intent to secure
access to any program or data held in any computer
• (b) The access he intends to secure is unauthorized
• (c) He knows at the time when he causes the computer to perform the
function that that is the case
• (2) The intent a person has to have to commit an offence under
this section need not be directed at -
• (a) Any particular program or data
• (b) A program or data of any particular kind
• (c) A program or data held in any particular computer
• (3) A person guilty of an offence under this section shall on
conviction be liable to a fine not exceeding fifty thousand ringgit
or to imprisonment for a term not exceeding five years or to both
Offences: Unauthorized access to the computer material
An Act to provide for offences relating to the misuse of computers

EC-Council
Malta Laws
Computer Misuse: Unlawful access to, or use of information
337 (C) (1) A person who without authorization does any of the
following acts shall be guilty of an offence–
• Uses a computer or any other device or equipment to access any data
• Copies any data, software, or supporting documentation to any storage
medium
• Impairs the operation of any system, software, or the integrity or
reliability of any data
• Uses another person's access code, password, user name, electronic mail
address, or other means of access or identification information in a
computer
Penalties:
• Ten thousand liri or imprisonment not exceeding four years, or both

EC-Council
Netherlands Laws
Criminal Code Article 138a:
• Any person who intentionally and unlawfully accesses
an automated system for the storage or processing of
data, or part of such a system, shall be liable, as guilty
of breach of computer peace, to term of imprisonment
not exceeding six months or a fine of 10.000 guilders if
he:
• (a) Breaks through a security system, or
• (b) Obtains access by a technical intervention, with the help
of false signals or a false key or by acting in a false capacity

EC-Council
Norwegian Laws
Penal Code § 145:
• Any person who unlawfully opens a letter or other closed
document or in a similar manner gains access to its contents,
or who breaks into another persons locked depository shall
be liable to fines or to imprisonment for a term not
exceeding 6 months
• The same penalty shall apply to any person who by breaking
a protective device or in a similar manner, unlawfully
obtains access to data or programs which are stored or
transferred by electronic or other technical means
• If damage is caused by the acquisition or use of such
unauthorized knowledge, or if the felony is committed for
the purpose of obtaining for any person an unlawful gain,
imprisonment for a term not exceeding 2 years may be
imposed
• Accomplices shall be liable to the same penalty

EC-Council
Philippines Laws: Electronic
Commerce Act of 2000
• (a) Hacking or cracking which refers to unauthorized access into or
interference in a computer system/server or information and
communication system; or any access in order to corrupt, alter,
steal, or destroy using a computer or other similar information and
communication devices, without the knowledge and consent of the
owner of the computer or information and communications system,
including the introduction of computer viruses and the like,
resulting in the corruption, destruction, alteration, theft or loss of
electronic data messages or electronic document shall be punished
by a minimum fine of one hundred thousand pesos (P100,000.00)
and a maximum commensurate to the damage incurred and a
mandatory imprisonment of six (6) months to three (3) years
SEC 33 –Penalties:
An act providing for the recognition and use of electronic commercial
and non-commercial transactions and documents, penalties for
unlawful use thereof and for other purposes

EC-Council
Singapore Laws:
Computer Misuse Act
• (1) Any person who knowingly causes a computer to
perform any function for the purpose of securing access
without authority to any program or data held in any
computer shall be guilty of an offence and shall be liable
on conviction to a fine not exceeding $5,000 or to
imprisonment for a term not exceeding 2 years or to both
and, in the case of a second or subsequent conviction, to a
fine not exceeding $10,000 or to imprisonment for a term
not exceeding 3 years or to both
• (2) If any damage is caused as a result of an offence under
this section, a person convicted of the offence shall be
liable to a fine not exceeding $50,000 or to imprisonment
for a term not exceeding 7 years or to both
Section 3: Unauthorized access to
computer material

EC-Council
Singapore Laws: Computer
Misuse Act (cont’d)
• (1) Any person who causes a computer to perform any
function for the purpose of securing access to any program
or data held in any computer with intent to commit an
offence to which this section applies shall be guilty of an
offence
• (2) This section shall apply to an offence involving property,
fraud, dishonesty or which causes bodily harm and which is
punishable on conviction with imprisonment for a term of
not less than 2 years
• (3) Any person guilty of an offence under this section shall
be liable on conviction to a fine not exceeding $50,000 or to
imprisonment for a term not exceeding 10 years or to both
Section 4: Access with intent to commit or
facilitate commission of offence

EC-Council
United Kingdom: Police and
Justice Act 2006
Chapter 48 amend the Computer Misuse Act. Part 5, Section
35 to 38
• 35 - Unauthorized access to computer material
• 36 - Unauthorized acts with intent to impair operation of
computer, etc
• 37 - Making, supplying or obtaining articles for use in computer
misuse offences
• 38 - Transitional and saving provision
Chapter 48 amend the Forfeiture of indecent photographs of
children Act. Part 5, Section 39 to 40
• 39 - Forfeiture of indecent photographs of children: England and
Wales
• 40 - Forfeiture of indecent photographs of children: Northern
Ireland

EC-Council
United States Laws
• Intentionally accesses a computer without authorization or
exceeds authorized access, and thereby obtains
• Intentionally, without authorization to access any nonpublic
computer of a department or agency of the United States
• Knowingly and with intent to defraud, accesses a protected
computer without authorization, or exceeds authorized access
Law is applicable if any person:
• Fine or imprisonment for not more than ten years, or both
Penalty:
Title 18. Crimes and criminal procedure: Part I –Crimes: Chapter 47-
Fraud and false statements: Section 1030. Fraud and related activity
in connection with computers

EC-Council
Internet Crime Schemes and
Prevention Tips

EC-Council
Internet Crime Schemes
Current and ongoing Internet trends and schemes identified by the Internet
Crime Complaint Center along with its description:
Auction Fraud
Auction Fraud - Romania
Counterfeit Cashier's Check
Credit Card Fraud
Debt Elimination
Parcel Courier Email Scheme
Employment/Business Opportunities
Escrow Services Fraud
Identity Theft
Internet Extortion
Investment Fraud
Lotteries
Nigerian Letter or "419"
Phishing/Spoofing
Ponzi/Pyramid
Reshipping
Spam
Third Party Receiver of Funds

EC-Council
Internet Crime Prevention Tips
• Ask question, if you have any, to the seller before you buy
• Examine the feedback of the seller regarding your questions
• Be aware of refund and warranty policies of the seller
Auction fraud
• Inspect the cashier's check and ensures that the account
number, amount, and signature is correct
• Obtain the phone number of bank from the dependable source
Counterfeit cashier's check
• Make sure that the website is reputed and secure
• Do not give the credit card information
Credit card fraud

EC-Council
(cont’d)
• Do not give the personal information to any impulsive email
requests
Phishing/Spoofing
• Beware when dealing with other country’s company
• Do not accept the package that you did not order
Reshipping
• Delete the spam mail without opening
• Do not reply the spam mail
• Do not purchase any advertisement through spam mail
Spam

EC-Council
(cont’d)
• Get the complete information about the company and ensure they are
real
• If company has any agreement, make sure that you understand each and
every terms and conditions
Debt elimination
• Do not click on the given website link, always type website address
manually
• Be careful while filling the personal information, check the spelling and
grammar mistakes
Escrow services fraud
• Beware of promises to make fast profits
• Understand the complete deal before investing
• Beware of investment that gives high return on no risk
Investment fraud

EC-Council
Reporting a Cyber Crime

EC-Council
Why You Should Report Cybercrime
Companies might be reluctant to share information regarding the impact to their business
and the sensitivity of the data involved
Only by sharing information with law enforcement and appropriate industry groups, cyber
criminals will be identified and prosecuted, new cyber security threats will be identified,
and successful attacks on critical infrastructures and economy will be prevented
Law enforcement’s ability to identify coordinated threats is directly tied to the volume of
reporting

EC-Council
Reporting Computer-Related Crimes
Internet-related crime, like any other crime, should be
reported to appropriate law enforcement investigative
authorities at the local, state, federal, or international levels,
depending on the scope of the crime
The primary federal law enforcement agencies that investigate
domestic crime on the Internet include:
• Federal Bureau of Investigation (FBI)
• United States Secret Service
• United States Immigration and Customs Enforcement (ICE)
• United States Postal Inspection Service
• Bureau of Alcohol, Tobacco and Firearms (ATF)

EC-Council
Reporting Computer-Related
Crimes (cont’d)
• Department of Homeland Security's National
Infrastructure Coordinating Center: (202) 282-9201
(report incidents relating to national security and
infrastructure issues)
• U.S. Computer Emergency Readiness Team (U.S.
CERT) (online reporting for technicians)
• Internet Fraud Complaint Center (IFCC) (online
reporting for Internet related crime)
• National Association of Attorney General's Computer
Crime Point of Contact List (all state related cyber
questions)
Other Government Initiatives to Combat
Cyber Crime:

EC-Council
Person Assigned to Report the
Crime
Have a single contact to whom employees should report suspicious events and
who will track changes in contacts or procedures
Have a single contact who will report incidents to outside agencies, including
law enforcement, regulatory bodies and information sharing organizations
such as InfraGard and the industry Information Sharing and Analysis Centers
(ISACs)
Keep a list of the incident response team members’ names, titles and 24/7
contact information, along with their role in a security breach
Have contact information for vendors contracted to help during a security
emergency, as well as ISPs and other relevant technology providers

EC-Council
Person Assigned to Report the
Crime (cont’d)
Keep contact information for major customers and clients who
might be affected
In advance, establish contacts at the relevant law enforcement
agencies: typically, the national infrastructure protection and
computer intrusion squad at the local FBI field office; the
electronic crimes investigator at the local Secret Service field
office; and the electronic crimes investigator at your local police
Keep their contact information easily accessible

EC-Council
When and How to Report an
Incident?
If an attack is under way, pick up the phone and call the previously established
law enforcement contact immediately and communicate the basic information
that is included in the CIO Cyber threat Response Form
Additional information that will help law enforcement agents in their
investigation:
• What are the primary systems involved?
• How was the attack carried out?
• What steps have you taken to mitigate or remediate?
• Does a suspect exist? If so, is it a current or former employee/contractor?
• What evidence is available to assist in the investigation (e.g., log files, physical
evidence, etc.?)
To track the status of your case once you have filed a report, contact the field
office that is conducting the investigation

EC-Council
Who to Contact at the Law
Enforcement
There is no single answer for which law enforcement agency to contact in the
event of a cyber-security breach
The FBI and U.S. Secret Service share jurisdiction for computer crimes that
cross state lines
However, most law enforcement agencies, including the FBI and USSS,
encourage people to a) pre-establish contact with someone in law enforcement
who is trained in and responsible for dealing with computer crime, and b) work
with the person or people you have the best relationship with

EC-Council
Federal Local Agents Contact
FBI Field Office Call the national infrastructure protection and
computer intrusion squad at the local field office
U.S. Secret Service Field Office Contact the electronic crimes
investigator at the local field office
FEDERAL AGENCIES, WASHINGTON
FBI/National Infrastructure Protection Center (NIPC)
Federal Bureau of Investigation
J. Edgar Hoover Building
935 Pennsylvania Avenue, NW
Washington, DC 20535-0001
phone: (202) 323-3205; 888-585-9078
fax: (202) 323-2079
e-mail: nipc.watch@fbi.gov
website: www.fbi.gov

EC-Council
(cont’d)
• Headquarters: 950 H Street, NW, Washington, DC 20223
• phone: (202) 406-5850
• fax: (202) 406-5031
• website and reporting: www.treas.gov/usss
Electronic Crimes Branch of the U.S. Secret Service
• State Attorney General’s Office The website for the National Attorney
Generals’ Association provides a list with contact information by state
• www.naag.org/issues/20010724-cc_list.cfm
State and Local Agencies
• The CrisNet website offers a list of local law enforcement agencies
organized by state
• www.crisnet.com/locallaw/locallaw.html
Local Police:

EC-Council
(cont’d)
• Public/private information-sharing effort led by the FBI and the NIPC.
Local chapters across the United States
• Great place to develop appropriate contacts with law enforcement:
www.infragard.net
InfraGard
• Public/private info-sharing effort led by the U.S. Secret Service. Regional
task forces located across the United States, and a great place to develop
computer-crime law-enforcement contacts:
• www.ectaskforce.org/Regional_Locations.htm
Electronic Crimes Task Force
• Industry specific information sharing for critical infrastructure sectors
• For general information on the ISACs, visit: https://www.it-
isac.org/isacinfowhtppr.php
Information Sharing and Analysis Centers (ISACs)

EC-Council
(cont’d)
Department of Justice Computer Crime & Intellectual
Property Section
• Legal analysis and resources related to computer crime, a how-
to-report section and a comprehensive list of cybercrime cases
pending and resolved
• www.cybercrime.gov
CERT Coordination Center at Carnegie Mellon
• Federally funded research center provides training, incident
handling, R&D, advisories
• www.cert.org

EC-Council
More Contacts
FBI Local Office
• http://www.fbi.gov/contact/fo/fo.htm
Internet Fraud Complaint Center
• http://www.ic3.gov/complaint/default.aspx
U.S. Secret Service
• http://www.treas.gov/usss/contact.shtml
Federal Trade Commission (online complaint)
• https://rn.ftc.gov/pls/dod/wsolcq$.startup?Z_ORG_CODE=PU01
Securities and Exchange Commission (online complaint)
• http://www.sec.gov/complaint/selectconduct.shtml
ATF local office
• http://www.atf.gov/contact/field.htm

EC-Council
CIO Cyberthreat Report Form

EC-Council
Crime Investigating Organizations

EC-Council
Crime Investigating Organizations
Interpol
FBI: Federal
Bureau Of
Investigation
NW3C:
National White
Collar Crime
Center
IC3: Internet
Crime
Complaint
Center
Homeland
Security
Certain organizations provide crime investigation services, while others
support the investigating agencies:

EC-Council
Interpol - Information
Technology Crime Center
Interpol is the world’s largest international police organization,
with 186 member countries
It exists to help create a safer world by supporting law enforcement
agencies worldwide to combat crime
Interpol investigates financial and high-tech crimes – currency
counterfeiting, money laundering, intellectual property crime,
payment card fraud, computer virus attacks, and cyber-terrorism

EC-Council
www.interpol.int

EC-Council
Federal Bureau of Investigation
www.fbi.gov

EC-Council
Computer Crime
FBI legal attaché stationed in 45 countries uses sophisticated methods to investigate
and coordinate cyber incidents around the world
In the United States, the Internet Crime Complaint Center (IC3) is a partnership
between the FBI and the National White Collar Crime Center (NW3C)
The FBI trains and certifies computer forensic examiners who work in FBI field offices
to recover and preserve digital evidence
It maintains a computer forensic laboratory in Washington, DC for advanced data
recovery and for research and development
It uses a number of federal statutes to investigate computer crimes

EC-Council
Computer Crime (cont’d)
The FBI investigates incidents when the following conditions are
present:
• A violation of the federal criminal code has occurred within the
jurisdiction of the FBI
• The United States Attorney's Office supports the investigation and
agrees to prosecute the subject if the elements of the federal violation
can be substantiated
Federal law enforcement can only gather proprietary
information concerning an incident in the following ways:
• Request for voluntary disclosure of information
• Court order
• Federal grand jury subpoena
• Search warrant

EC-Council
Federal Statutes Investigated by
the FBI
FBI frequently uses statutes to investigate computer-related crimes:
• 18 U.S.C. 875 Interstate Communications: Including Threats,
Kidnapping, Ransom, Extortion
• 18 U.S.C. 1029 Possession of Access Devices
• 18 U.S.C. 1030 Fraud and related activity in connection with
computers
• 18 U.S.C. 1343 Fraud by wire, radio or television
• 18 U.S.C. 1361 Injury to Government Property
• 18 U.S.C. 1362 Government communication systems
• 18 U.S.C. 1831 Economic Espionage Act
• 18 U.S.C. 1832 Trade Secrets Act
• Local Laws
United States Codes (U.S.C.)

EC-Council
Contact FBI Form
https://tips.fbi.gov
To inform FBI regarding any suspect of
Criminal activity, fill the form available at:
https://tips.fbi.gov/
“While the FBI continues to encourage the
public to submit information regarding
the September 11, 2001, terrorist
attacks, this form may also be used to
report any suspected criminal activity to
the FBI”

EC-Council
National White Collar Crime Center (NW3C)
http://www.nw3c.org/

EC-Council
Internet Crime Complaint Center (IC3)
http://www.ic3.gov

EC-Council
Department of Homeland Security
http://www.dhs.gov

EC-Council
National Infrastructure Protection
Center
National Infrastructure Protection Center (NIPC) was fully integrated into the Information
Analysis and Infrastructure Protection Directorate of the Department of Homeland Security (DHS); as
such, the responsibilities of fulfilling the mission of physical and cyber critical infrastructure assessment
and protection of the former NIPC are now being addressed by two new divisions
As a key component of the Infrastructure Coordination Division (ICD), the National
Infrastructure Coordinating Center (NICC), serving as an extension of the Homeland Security
Operations Center, provides the mission and capabilities to assess the operational status of the nation’s
Critical Infrastructures and Key Resources
Email nicc@dhs.gov to report issues of a physical nature that may affect or have an impact on our Nation’s
Critical Infrastructures and Key Resources

EC-Council
The G8 Countries: Principles to
Combat High-tech Crime
I. There must be no safe havens for those who abuse information technologies
II. Investigation and prosecution of international high-tech crimes must be coordinated
among all the concerned States, regardless of where harm has occurred
III. Law enforcement personnel must be trained and equipped to address high-tech crimes
IV. Legal systems must protect the confidentiality, integrity, and availability of data and
systems from unauthorized impairment and ensure that serious abuse is penalized
V. Legal systems should permit the preservation of and quick access to electronic data,
which are often critical to the successful investigation of crime
U.S. Department of Justice
Computer Crime and Intellectual Property Section (CCIPS)

EC-Council
The G8 Countries: Principles to
Combat High-tech Crime (cont’d)
VI. Mutual assistance regimes must ensure the timely gathering and exchange of evidence in
cases involving international high-tech crime
VII. Transborder electronic access by law enforcement to publicly available (open source)
information does not require authorization from the State where the data resides
VIII. Forensic standards for retrieving and authenticating electronic data for use in criminal
investigations and prosecutions must be developed and employed
IX. To the extent practicable, information and telecommunications systems should be
designed to help prevent and detect network abuse, and should facilitate the tracing of
criminals and the collection of evidence
X. Work in this area should be coordinated with the work of other relevant international for
to ensure against duplication of efforts

EC-Council
The G8 Countries: Action Plan to Combat
High-Tech Crime (International Aspects of
Computer Crime)
In support of the PRINCIPLES, direct officials to:
• Use established network of knowledgeable personnel to ensure a timely, effective
response to transnational high-tech cases, and designate a point-of-contact who is
available on a twenty-four hour basis
• Take appropriate steps to ensure that a sufficient number of trained and equipped law
enforcement personnel are allocated to the task of combating high-tech crime and
assisting law enforcement agencies of other States
• Review legal systems to ensure that they appropriately criminalize abuses of
telecommunications and computer systems and promote the investigation of high-
tech crimes
• Consider issues raised by high-tech crimes, where relevant and when negotiating
mutual assistance agreements or arrangements
• Continue to examine and develop workable solutions regarding: the preservation of
evidence prior to the execution of a request for mutual assistance; transborder
searches; and computer searches of data where the location of that data is unknown

EC-Council
The G8 Countries: Action Plan to Combat
High-Tech Crime (International Aspects
of Computer Crime) (cont’d)
In support of the PRINCIPLES, direct officials to:
• Develop expedited procedures for obtaining traffic data from all communications
carriers in the chain of a communication and to study ways to expedite the passing of
this data internationally
• Work jointly with industry to ensure that new technologies facilitate effort to combat
high-tech crime by preserving and collecting critical evidence
• Ensure that in emergency and appropriate cases, accept and respond to mutual
assistance requests relating to high-tech crime by expedited but reliable means of
communications, including voice, fax, or e-mail, with written confirmation to follow
where required
• Encourage internationally recognized standards-making bodies in the fields of
telecommunications and information technologies to continue providing the public
and private sectors with standards for reliable and secure telecommunications and
data processing technologies
• Develop and employ compatible forensic standards for retrieving and authenticating
electronic data for use in criminal investigations and prosecutions

EC-Council
Crime Legislation of EU

EC-Council
Law Enforcement Interfaces
Law enforcement interfaces include law enforcement agencies, and automated
crime monitoring and reporting systems that work in coordination to enforce
laws
• Law enforcement agency
• Intelligence agencies
• Police
• Secret police
• Military police
• Cyber crime reporting agencies such as Internet Crime Complaint Center
(IC3)
Law enforcement interfaces include:

EC-Council
Summary
Cyber crime has originated from the growing dependence on computers in modern life
Federal laws related to computer crime, cyber stalking, search and seizure of computer, and intellectual property rights are
discussed
Various law enforcement agencies such as FBI and NIPC investigate computer facilitated crimes and help in tracking cyber
criminals
Building a cyber crime case and initiating investigation are crucial areas
The FBI trains and certifies computer forensic examiners who work in FBI field offices to recover and preserve digital evidence
Internet-related crime, like any other crime, should be reported to appropriate law enforcement investigative authorities at the
local, state, federal, or international levels, depending on the scope of the crime

EC-Council

File000167

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Destacado

Destacado (14)

Similar a File000167

Similar a File000167 (20)

Más de Desmond Devendran

Más de Desmond Devendran (19)

Último

Último (20)

File000167