Tracing Cybercrime

In Armenia very few people are aware of the definition of cyber security. As a term it is more often used as information security. However the importance of the latter is not so much realized among the society of Armenia as it is done in the West. The same concerns the term “cybercrime”. While in the recent years the number of cybercrimes in the world grows every day.

According to the Norton Cybercrime Report’s annual survey conducted in 24 countries, 18 adult users of the Internet become victims of cybercrime every second. For example, according to the data of 2012, individuals suffered losses of $113 billion USD from the cybercrimes in the world, and losses of $110 billion USD in 2011.

In cyberspace (е-environment where online communication and electronic data exchange is implemented) harms were caused by financial fraud and theft from online systems, disappearance of data and their usage for other purposes (usually from the accounts of social networks or e-mails), etc. According to the same source, the average loss caused by cyber attacks was $300 USD per user in 2013.

Cybercrime is a type of crime against computer information security which is committed via computer devices to plunder information, disseminate viruses, as well as to spread and save children’s pornography through a computer.

It is calculated that more than 80 percent of cybercrimes is implemented as a result of well organized activities which include creation of computer viruses, penetration and systemization of the work of networks, collection of personal and financial data and their sale at black markets.

The studies show that especially in the developed countries a new culture of financial fraud via computer is formed among the youth, as there is no need of sophisticated skills or knowledge to commit a cybercrime.

In case of Armenia, according to official statistics, cybercrime is not so much disseminated, though here, too, the numbers grow year after year.

In Armenia the criminal investigations of the crimes against computer security are implemented by the criminal investigation units of the RA Police. And the judicial management towards them is implemented by the Department for Investigation by National Security Agencies on Cyber Crimes of the RA General Prosecutor’s Office.

According to the data of 2013 provided by the Department 130 criminal cases examined in the National Security Service were overseen with the cybercrime cases. At the same period, proceedings of 39 criminal cases were completed. 31 cases brought against 38 people were sent to the court.

“The investigation peculiarity of the criminal cases on cybercrimes is that every second criminal case needs mediation of the bodies in charge of foreign countries for legal help, and implementation of their demands takes a protracted period of time,” says Bagrat Ghazinyan, prosecutor of the Department for Investigation by the RA National Security Agencies and on Cybercrimes.

According to him, it is not less important also the fact that cybercrimes of public danger and geographical involvement do not recognize state boundaries and the chain of crimes can run to areas of many states with sovereignty, legal system and appropriate legal regulation mandatory for the state bodies in charge which often cannot match with the domestic legal regulation of Armenia.

During the first semester of 2013 the Department implemented judicial management and prosecutorial supervision by 19 materials (in 2012 against 9 cases), criminal cases brought against by 17 out of them and rejected by 2. 15 out of 17 cases (in 2012 against 4 cases) were cybercrimes against computer security.

In 2013, 3 people were sentenced to incriminatory verdict according to 3 criminal cases. To compare, for example, in Russia, during the first semester of 2013 only, 126 people were condemned for cybercrime. Persons that committed the above mentioned crimes basically belong to 18-35 age group.

In Armenia the first scandalous criminal case on the grounds of cybercrime was in 2013 against Russian citizen Georgi Avanesov, 31, who was sentenced to 4 years in prison. According to this case, being in Armenia in 2009-2010, Avanesov succeeded to break the Kaspersky anti-virus system and to infect 29 million computers worldwide having a chance to illegally dispose the stored data in them by disseminating malicious programs through special bugs. It was possible to prevent infection of also 26 million computers. Avanesov was arrested in October, 2010 at the airport attempting to leave Armenia, when he was already on international wanted list.

Until now Gegham Hakobyan, Avanesov’s defender, lawyer specialized in cyber crime cases, considers Avanesov’s case to be a special one, as it was the first case in the legal practice of Armenia.

“Generally, my client was ascribed with unprecedented deeds, and the lack of experience was the reason that he was charged under 4 different articles of the 24 chapter of Criminal Code of RA,” the lawyer says JNews.

As a result of the trial Avanesov was found guilty under only one article, which according to the lawyer, was unfair again.

Articles envisaging criminal responsibility on cyber crimes are included in Chapter 24 of the Criminal Code of the Republic of Armenia, entitled “Crimes against computer information security” (Articles 251-257).

Moreover, crimes envisaged by Article 181, “Theft committed by means of computer”, as well as by Article 263, part 2, “presenting children’s pornography through computer network or saving children’s pornography in computer network or in computer data storage system”, of the Criminal Code of RA are also categorized as cyber crimes by nature.

However lawyer Hakobyan considers that there are specific norms in the articles on cybercrime which do not meet the standard of legal certainty creating ambiguity and confusion in the legal practice and leading to wrong criminal descriptions in specific cases.

“There is no norm pointing out the meaning of the concept “serious consequences”. For example, in the case of property crimes there are options: considerable, large, in particularly large amount, and in the case of health damage – light, medium and heavy damages. But in this case there is no such kind of certainty and the term “serious consequence” is strictly evaluative and discretionary in some norms of the Criminal Code,” the lawyer says.

In this field the law enforcement bodies give a significant role also to the Convention on Cybercrime adopted by the Council of Europe in 2001.

“It is very important the proper consistency in the storage of computer data, which is displayed with both the insertion of a licensed operating software and the usage of appropriate anti-virus programs,” Ghazinyan says.

The prosecutor greatly evaluates also the access limitation to computer information among certain individuals, who are authorized to administer, possess or use it to avoid undue interference towards it.

The experts conclude: there is no country ready to struggle against cybercrime alone, and the joint efforts of the states, society and business sector are necessary to achieve success.

This article was prepared within the framework of the “Internet and Rights” newsletter published by “Journalists for the Future” NGO with the financial support of the OSCE Office in Yerevan. Content, views and opinions expressed in this article belong to the author and it is possible that they do not match with the views of the OSCE Office in Yerevan. Find all of the materials of the newsletter “Internet and Rights” here.

Source: JNews.am