267 Cybercrimes, Cyber Law and Computer Programs for Security Antonina Farion1, Valentyna Panasyuk2 1. Department of Economical Security and Financial Investigation, Ternopil National Economic University, UKRAINE, Ternopil, 46 A Mykulynetska str., email: secretmail_antonina@ukr.net 2. Department of accounting in the industrial sphere, Ternopil National Economic University, UKRAINE, Ternopil, Peremohy Square 3, email: Tina.panasjuk@gmail.com Abstract: In this document we describe the situation that that cybercrime will cost the world $6 trillion annually by was formed at the information market colligates with the 2021. This increasing are based on hundreds of major media increasing the level of cybercrimes. Law regulation of this outlets, universities and colleges, senior government officials, sphere can’t follow the development of information associations, industry experts, the largest technology and technology that exacerbates the problems of cybercrime. cybersecurity companies, and cybercrime fighters globally At the individuals’ level cybercrime is associated with the (Fig.1). using of pirated software: malicious people can access the 7 user’s personal date. 6 6 Keywords: information technology, cyberspace, 5 intellectual property, cyber security, antivirus and 4 3 protection. 3 I. INTRODUCTION 2 1 Law and Information Technology are parallel objects and 0 many scientists prove that they complement each other. A lot trillion, 2015 trillion annually up by, 2021 of lawyers complain that law is always running behind the process of developing information technology. Fig. 1. Prediction for increasing of cybercrimes cost from II. THEORETICAL BASIS 2015 annually by 2021 R. M. Kamble underlines that information technology It is direct connection of changing amount of internet deals with information system, data storage, access, retrieval, users: 100000 in 1990 and 500 million people in 2013. These analysis and intelligent decision making. Information date rapidly changed (Fig. 2). technology refers to the creation, gathering, processing, 4 storage, presentation and dissemination of information and 3,8 3,5 also the processes and devices that enable all this to be done 1. 3 And computers become inalienable part of our life. 2,5 Cybercrime is defined as crimes committed on the internet 2 2 Billions of using the computer as either a tool or a targeted victim. 1,5 internet users Cybercrimes involve both the computer and the person 1 behind it as victims; it just depends on which of the two is the 0,5 main target 2. So cyberspace spreads and become more 0 dangerous because many people can be involved in it. 2015 2017 Criminals roam freely in cyberspace than in other environment. Fig. 2. Quantity of internet users changing (2015-2017) III. PRACTICE Cybercrimes have unique structure that is connected with information technologies (Fig.3). Cybercriminal activity is one of the biggest challenges that Many crimes that involve the use of cyber-technology are humanity will face in the next two decades 3. It is predicted not genuine cybercrimes. Cyber-related crimes could be further divided into two sub-categories: 1 R. M. Kamble. Cyber law and information technology. International − cyber-exacerbated crimes; Journal of Scientific & Engineering Research, Volume 4, Issue 5, May-2013 − cyber-assisted crimes. 2 Computer Crime Research Center. Cybercrime definition. Electronic access: Crimes involving cybertechnology could be http://www.crime-research.org/articles/joseph06 3 Steve Morgan, Editor-in-Chief Cybersecurity Ventures. 2017 Cybercrime classified in one of three ways: cyber-specific crimes genuine Report. Herjavec group. Electronic access: cybercrimes); cyber-exacerbated crimes; cyber-assisted https://cybersecurityventures.com/2015-wp/wp- crimes. content/uploads/2017/10/2017-Cybercrime-Report.pdf ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic 268 Cybercrimes Stolen Theft Lost productivity Date Money Intellectual Personal and Fraud property financial date Software Fig. 3. Cybercrimes that connect with information technologies. Like other kinds of crime, which historically grew in relation to population growth, cybercrimes grow in Copyright law Telecommunications Criminal law proportion to digital targets. And cybercrimes are more Contract law Patent law dangerous than the others because criminals can operate anonymously over the computer networks. law The difference between crimes is the hackers steal intellectual property. Law that connects with cybercrimes must cover IT area (Fig. 4). Elements of various Trade Cybercrimes area branches of the law mark that connect with IT law Freedom of Communication Information Information Banking technology Communications expression Intellectual technology law law property law Privacy and Labour Tax Consumer data law law protection electronic format protection law communications Software law Paper or Electronic The law of Protocols evidence Fig. 5. Elements of various branches of the law that connect with IT for creation the unique law for protection internet users’ property. Hardware and electronics munications Broadcasting Software and Telecom- But can legislation stop cyber crime. Research shows that the hardware costs of cyber crime for companies in financial services and utilities and energy have the highest annualized cost. The most expensive attacks are malicious insiders, denial of service and Web-based attacks [7]. In last 2017 year in the world the new Fig. 4. Definition of cybercrimes area. kinds of cybercrimes appeared – machine learning accelerates During last 20 years many security software were invited social engineering attacks or cloud computing providers’ for electronic date protection because in the world’s practice infection. But the necessary sections in the law that provide there is not the single law that can regulate all IT relations. security from cybercrimes are not adopted so quickly. So, There is a field of law that comprises elements of various cybersecurity is the main instrument in securing date from threats branches of the law 4 (Fig. 5). (Fig.7). Many computer criminals have been company employees, who But even these parts of law are not enough to control were formerly loyal and trustworthy and who did not necessarily cyberspace. Cybercrimes develop more quickly than others possess great computer expertise. To prevent increasing in crimes (Fig. 6) [1]-[6]. Many countries have very few laws cybercrimes activity it is important to identify career criminals, addressing cybercrime. including those involved in organized crime, who are now − Love Bug Virus; using cyberspace to conduct many of their criminal activities. − VB script that spread via email and corrupted many Some cyber-related crimes can be carried out by different file types; professional’s offenders and might be undetected because − FBI traced the virus to the Philippines. professional criminals do not typically make the same kinds of mistakes as hackers, who often tend to be amateurs. 4 What is IT law, ICT law or Cyber law? Michalsons. Electronic access: https://www.michalsons.com/blog/what-is-it-law-ict-law-or-cyber-law/286 ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic 269 Cyber stalking is a crime in which the attacker harasses a victim using electronic communication, such as e- mail or instant messaging, or messages posted to a Web site or a discussion group. Computer files and records Information system Intellectual Property Cybersquatting is registering, trafficking in, or using a domain name with bad-faith intent to profit from the goodwill of a trademark belonging to someone else. Publishing of information, which is obscene in electronic form Destroy property and stolen Date diddling is the changing of date before or during entry into the computer system or altering the raw date just before it is processed by a computer and then changing it back after the processing is completed. A Trojan horse is a coded program which masks the existence of a virus or malware by making its appearance look normal while containing malicious utilities transparent to the user; utilities that execute unnoticed in the background until it is too late. Internet time theft. It is the use by an unauthorized person of the Internet hours paid for by another person. Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source An email bomb is a form of Internet abuse which is perpetrated through the sending of massive volumes of Who can email to a specific email address with the goal of overflowing the mailbox and overwhelming the mail suffer server hosting the address, making it into some form of denial of service attack. from cybercri A salami attack is when small attacks add up to one major attack that can go undetected due to the nature of mes? this type of cyber crime. Web-jacking - the hacker gains access and control over the web site of another. Owners of Mobile phones and gadgets Bank accounts Files on their computers Fig. 6. Classification of Cyber Crimes and people who are affected by them. Information age is so called because our life is codified by phishing, or aid in identity theft. But the real opportunity is date: almost everything we do or buy, and everything we these devices linking to your smartphone, where phone depend on, involves data and the technology that uses it. numbers, more personally identifiable information, emails, Cyber criminals are building so called “an army of things” web logins etc. could theoretically be compromised [10]. that has the potential to impact the future of the digital Cybercrime activity is spreading around the world. For economy [9]. Impact of a cyber attack could include decreasing the cybercrimes in Europe, Cooperation Group, substantial loss of revenue and margin, of valuable data, and the Commission, the European Union Agency for Network of other company assets. Quantity of cybercriminals and Information Security should be established to support increases quickly around the world. Now cybercrimes are information security within the EU countries [12]. According connected international serious organized crime groups, to Directive (EU) 2016/1148 the certain sectors of the smaller-scale, domestic criminals and hacktivists. economy are already regulated or may be regulated in the Although the most serious threat comes, directly or future by sector-specific Union legal acts that include rules indirectly, from international crime groups, the majority of related to the security of network and information systems. cyber criminals have relatively low technical capability. Each Member State shall designate one or more national Their attacks are increasingly enabled by the growing online competent authorities on the security of network and criminal marketplace, which provides easy access to information systems. sophisticated and bespoke tools and expertise, allowing these Member States shall ensure that digital service providers less cyber criminals to exploit a wide range of vulnerabilities identify and take appropriate and proportionate technical and [10]. There is also situation when companies’ websites were organizational measures to manage the risks posed to the subject to the criminal access of a customer records database, security of network and information systems which they use followed by a ransom demand asking for payment in in the context of offering services referred to in Annex III exchange for the return of stolen data. The wearables are within the Union. Having regard to the state of the art, those rapidly gaining popularity with smartwatches. Wearables are measures shall ensure a level of security of network and tracking all sorts of personal information including GPS information systems appropriate to the risk posed, and shall location, blood pressure, heart rate, and anything else you take into account the following elements: the security of feed them such as weight or diet. Such personally identifiable systems and facilities, incident handling, business continuity information could be used as a base to target you for spear- management, monitoring, auditing and testing [12]. ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic 270 CA Microsoft Security Essentials Passwords Viruses and worms Hackers’ PC tools Bit defender attacks Viper Trend Mc Firewalls micro Quick heal G date Afee Personal control Firewalls F-secure Webroot Kaspersky Malware Norton Panda Antivirus Trojan horses Security Avast suites Cyber Strong passwords and never monitoring Password cracking used the same password for State control two different sites Network security Fig. 7. Types of security in the network space. The top industries at the greatest risk of cyber attack (Fig. [5] Aj. Maurya. What is a salami attack? Available at: 8) [11]. https://ajmaurya.wordpress.com/2014/03/27/what-is-a- salami-attack/ II Place IV Place [6] Email Bomb. Electronic access: • Healthcare • Manufacturing • Financial • Government https://www.techopedia.com/definition/1655/email- Services bomb I Place III Place [7] Cost of cyber crime study. Insights on the security investments that make a difference. Independently conducted by Ponemon Institute LLCand jointly developed by Accenture. Available at: Fig. 8. The top 4 industries at the greatest risk of cyber attack. https://www.accenture.com/t20170926T072837Z__w__/ us-en/_acnmedia/PDF-61/Accenture-2017- IV. CONCLUSION CostCyberCrimeStudy.pdf Cyber crimes are intrinsically challenging for business [8] Cyber security. Available at: companies and governments. Security has to be developed https://www.slideshare.net/Siblu28/cyber-security- quicker then types of cyber crimes because solutions that may 36922359 have worked last year may not necessarily work this year or [9] Cyber criminals a growing threat to digital economy. next. Available at: https://www.gtnews.com/2017/03/29/cyber-criminals-a- REFERENCES growing-threat-to-digital-economy/ [10] NCA Strategic Cyber Industry Group. Cyber Crime [1] Cyber stalking. Available at: Assessment 2016. Need for a stronger law enforcement http://searchsecurity.techtarget.com/definition/cyberstalk and business partnership to fight cyber crime. Available ing at: [2] Cybersquatting. Available at: http://www.nationalcrimeagency.gov.uk/publications/70 http://searchmicroservices.techtarget.com/definition/cybe 9-cyber-crime-assessment-2016/file rsquatting [11] 5 industries that top the hit list of cyber criminals in [3] E-mail spoofing. Available at: 2017. Available at: http://www.infoguardsecurity.com/5- http://searchsecurity.techtarget.com/definition/email- industries-top-hit-list-cyber-criminals-2017/ spoofing [12] EUR-lex. Directive (EU) 2016/1148 of the [4] What is a Trojan Horse Virus? - Definition, Examples & European Parliament and of the Council. Available at: Removal Options. Available at: https://eur-lex.europa.eu/legal- https://study.com/academy/lesson/what-is-a-trojan- content/EN/TXT/?toc=OJ%3AL%3A2016%3A194%3A horse-virus-definition-examples-removal-options.html TOC&uri=uriserv%3AOJ.L_.2016.194.01.0001.01.ENG ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic