Cybercrime Law Flashcards
Global domain of information systems that include the internet, telecommunications networks, computer systems, etc.
Cyberspace
Practice of defending devices and data from malicious attacks; a shared responsibility between society and individuals
Cybersecurity
Criminal activities that involve computers, networks, or both at the same time (e.g. viruses and malware)
Cybercrime
T or F: The primary effect of cybercrime is FINANCIAL
True
What organization defines cybercrime as a wide range of malicious activities that compromise network integrity and availability, and copyright infringements
Council of Europe Convention on Cybercrime
What organization defines cybercrime as a wide range of malicious activities that compromise network integrity and availability, and copyright infringements
Council of Europe Convention on Cybercrime
3 Categories of Cybercrime
- computing device as the TARGET
- computing device as a WEAPON
- computing device as an ACCESSORY TO CRIME
Type of cybercrime that wants to gain network access
Computing device as the target
Type of cybercrime that launches a denial of service attack (shuts down a machine or network)
Computer is used as a weapon
Type of cybercrime that stores illegal data in a computer
Computer is used as an accessory to crime
The 3 Pillars of Cybersecurity
- People
- Process
- Data and Information
3 Types of Data Sources
- Information Technology
- Operational Data
- Personal Data
The CIA Triad
- Confidentiality
- Integrity
- Availability
Refers to when data is only available to authorized parties
Confidentiality
Refers to when data is not tampered and unadulterated
Integrity
Refers to data accessibility to authorized users
Availability
UNODC stands for?
United Nations Office on Drugs and Crime
→ intentional input, alteration, deletion, or suppression of computer data resulting in illegitimate data with the intent to pass it off as authentic
→ e.g. impersonation for fraudulent purposes
Fraud or Forgery
→ criminal unlawfully assumes the identity of the victim and the information related to it for illicit purposes
→ can be bank, email, and/or card fraud
Identity Offenses and Spam
Scammed practice of misdirecting users to a fraudulent website
Pharming
→ can be literary, artistic, and/or technological-based works (books, music, film, software, patents, logos, inventions, etc.)
Copyright or Trademark Offenses
→ harassment, bullying, threatening, stalking, or to cause fear or intimidation
→ e.g. cyberstalking, cyber harassment, or cyberbullying
Personal Harm
→ process of fostering rapport and trust through the development of an emotional relationship with the victim
→ manipulates the victim using a variety of power and control tactics: gifts, isolation, intimidation, threats, etc.
Grooming of Children
RA 10175
Cybercrime Prevention Act of 2012
RA 10175 Chapter 2
Punishable Acts
RA 10175 Section 4
Cybercrime Offenses
Refers to the plan to profit from the company for just registering to the domain name
Cyber Squatting
RA 10175 Chapter 3
Penalties
RA 10175 Section 8
Penalties
Maximum imprisonment sentence for cybercrimes
14 years
Maximum fine for individuals involved in cybercrimes
1 million pesos
Maximum fine for corporations involved in cybercrimes
10 million pesos
RA 10175 Chapter 4
Enforcement and Implementation
RA 10175 Section 10
Law Enforcement; under the NBI and PNP
RA 10175 Sections 12 to 17
Collection, Preservation, Storage, Disclosure, Seizure, Custody, and Destruction of Data
RA 10175 Chapter 6
Competent Authorities
RA 10175 Section 23
Department of Justice (DOJ) - focal agency in implementing law enforcement investigation to curb cybercrime offenses nationwide
RA 10175 Section 24
Cybercrime Investigation and Coordination Center (CICC) - responsible for all functions related to cybersecurity
CERT stands for?
Computer Emergency Response Team
→ targets are contacted by email or by text message to trick them into providing sensitive data
→ can result to identity theft and financial loss
Phishing
What is the safest file type to click on?
.txt file
SSL stands for?
Security Socket Layer; certificates beginning with “https”
→ confidential information has been accessed by unauthorized people in an illegitimate fashion
→ may involve personal health info (PHI), personally identifiable info (PII), and trade secrets or intellectual property
Data Breach
Taking something without permission during a data breach
Exfiltration
Holes in a network where malicious entities may enter
Rogue Peers
Software capable of fixing pieces of programming designed to resolve functionality issues
Patches
Most popular browser but has many hidden agendas for data gathering
Google Chrome
A closed-source browser (has hidden agendas)
Microsoft Internet Explorer/Edge
Not the best browser for privacy, but can be customized and hardened (standard, strict, or custom)
Firefox
Good browser option for anyone wanting a browser that supports Chrome extensions for Windows, Mac, OS, and Linux (none for iOS and Android)
Iridium Browser
Browser that is a work of Firefox from the GNU free software project
GNU IceCat Browser
Browser that is the hardened version of Firefox
Tor Browser
