Professional Documents
Culture Documents
College of Criminology
Perez Blvd. Dagupan City
Paper Report On
Cyber Crime
Introduction
Any discussion of cybercrime in the Philippines starts with reference to the "I
Love You" virus unleashed globally in 2000. It placed the country on the global
cyber-map and pushed Congress to pass the first 'cybercrime law, Republic Act
No. 8792 or the Electronic Commerce (E-Commerce) Act of 2000.
Hence, the concept of cybercrime which has long been recognized as a scourge
in other parts of the world formally became a crime in the country.
Not long after, the Department of Justice (DOJ) and the primary law
enforcement agencies, the National Bureau of Investigation (NBI) and the
Philippine National Police (PNP) Criminal Investigation and Detection Group
(CIDG) - established the first cybercrime forensic laboratories in 2001 - one for
each agency given the need to build capacity and to spur development of cyber
investigations.
The Supreme Court, on the other hand, recognized the emerging crime set and
issued the Rules on Electronic Evidence on 17 July 2001. This was initially
applicable only to all civil actions and proceedings, as well as quasi- judicial
and administrative cases. The Rules were subsequently amended on 24
September 2002 to include criminal cases.¹
With the budding cybercrime fighting capability, two convictions stemmed out
of the several cases investigated by the DOJ under the E- Commerce law. The
first conviction arose in September 2005 when the respondent, an employee of
a leading university in the south, pleaded guilty to hacking the governmental
portal "gov.ph" and other government websites in Criminal Case No419672-CR
filed before Branch 14 of the Metropolitan Trial Court of Manila.He was
sentenced to serve one to two years of imprisonment and to pay a fine of
Php100,000.00
The second conviction was obtained in May 2006 against a 22-year old former
call center agent who broke into the computer system of a credit card company
and a client of his multi-national employer in the firm in the Philippines,
thereby gaining access to a database maintained by a sister firm in the United
StatesUsing an internal IP address, he proceeded to purchase goods online
using various credit cards. He was sentenced by the Quezon City Metropolitan
Court to serve a minimum imprisonment term of one to two years plus a fine of
Php100,000.00, as provided under Section 33 of the E-Commerce Law.2
Meanwhile, in 2008, the DOJ created the Task Force on E-Government, Cyber-
security and Cybercrime to address cyber-security issues and to pursue an e-
government agenda.3 The Task Force assessed the state of cybercrime
legislation not only in the country but also in the global arena. It was to train
law enforcers and prosecutors in dealing with cybercrime and to create e-
courts to handle high-tech cases such as hacking and other crimes committed
using internet technology.
The Task Force began collaborating with the Council of Europe (COE), the
organization which drafted and pushed for the adoption of the first
international Convention on Cybercrime (CoC), popularly known as the
Budapest Convention.4
The Convention is divided into three principal partsThe first part identifies the
substantive cybercrime offenses which each ratifying State is obliged to adopt
in its domestic law. The second part deals with investigative procedures that
States must implement. Lastly, the third part relates to mechanisms that will
enhance international cooperation.
The author was invited in the annual conference held in Strasbourg, France as
an observer, panel speaker, and moderator in 2007 and subsequently,
thereafter.
The Cybercrime Prevention Act (CPA) of 2012 is the first piece of legislation
comprehensively dealing with cybercrimes. Divided into 31 sections split across
eight chapters, the Act criminalizes several types of offenses such as illegal
access, data interference, device misuse, cybersquatting, computer fraud,
cybersex, among othersIt also reaffirms existing laws against child
pornography punishable under RA 9775 (Anti-Child Pornography Act of 2009)
and libel punishable under Article 355 of the Revised Penal Code.
This paper thus traces the history and development of the CPA - one of the
country's most critical and highly debated legislative measuresThrough the
years, netizens have been victims of numerous cybercrimes committed by
criminals with impunityThe CPA's eventual passage into law and the recent 50-
page decision of the Supreme Court confirming its constitutionality, save for
some provisions, finally opens a new period for law enforcement in cyberspace.
The actual work on the Cybercrime Bill started in 2001 under the Legal and
Regulatory Committee of the former Information Technology and e- Commerce
Council's (ITECC) which later became the Commission on Information and
Communication Technology (CICT)It was headed by former Secretary Virgilio
"Ver" Peña and the Committee was chaired by Atty. Claro Parlade. It was an
initiative of the Information Security and Privacy Sub- committee chaired by
Albert P. Dela Cruz who was the president of PHCERT10 together with then
NBI Anti-Computer Crime and Fraud Division Chief, Atty. Elfren Meneses,
JrThe documentation was handled by the Presidential Management Staff (PMS)
acting as the CICT secretariat
Numerous public sector consultations were held. In January 2004, the first
local Cybercrime Conference was organized by Atty. Gigo A. Alampay with
representatives from the Department of Justice of both the US and Canada
These activities were held cognizant of the limited scope of the cybercrime
provisions in the E-Commerce Act.
Meanwhile, during the interim years of 2006 and 2007, the prototype
Cybercrime Prevention Act was substantially crafted and was later finalized
after the first International Cybercrime Conference on 25-26 October 2007,
conducted by the DOJ in partnership with the COE. During the first quarter of
2008, legislative strategy on information and communication was created by
the government focused mainly in adopting a three-tiered approach in crafting
related laws to underline the primacy of three virtual subjects, namely: data
privacy, cybercrime, and cybersecurity.
Types of Cybercrime
What is cybercrime?
Cybercrime that uses computers to commit other crimes may involve using
computers or networks to spread malware, illegal information or illegal images.
Cybercriminals are often doing both at once. They may target computers with
viruses first and then use them to spread malware to other machines or
throughout a network. Some jurisdictions recognize a third category of
cybercrime which is where a computer is used as an accessory to crime. An
example of this is using a computer to store stolen data.
Examples of cybercrime
Here are some famous examples of different types of cybercrime attack used by
cybercriminals:
Malware attacks
A malware attack is where a computer system or network is infected with a
computer virus or other type of malware. A computer compromised by malware
could be used by cybercriminals for several purposes. These include stealing
confidential data, using the computer to carry out other criminal acts, or
causing damage to data.
When the WannaCry ransomware attack hit, 230,000 computers were affected
across 150 countries. Users were locked out of their files and sent a message
demanding that they pay a Bitcoin ransom to regain access.
A famous example of a phishing scam took place during the World Cup in
2018. According to our report, 2018 Fraud World Cup , the World Cup
phishing scam involved emails that were sent to football fans. These spam
emails tried to entice fans with fake free trips to Moscow, where the World Cup
was being hosted. People who opened and clicked on the links contained in
these emails had their personal data stolen.
Unlike mass phishing campaigns, which are very general in style, spear-
phishing messages are typically crafted to look like messages from a trusted
source. For example, they are made to look like they have come from the CEO
or the IT manager. They may not contain any visual clues that they are fake.
A famous example of this type of attack is the 2017 DDoS attack on the UK
National Lottery website. This brought the lottery’s website and mobile app
offline, preventing UK citizens from playing. The reason behind the attack
remains unknown, however, it is suspected that the attack was an attempt to
blackmail the National Lottery.
COMPUTER SYSTEM AND ITS FUNCTION
COMPUTER SYSTEM
a) COMPUTER HARDWARE
Hardware refers to the physical, tangible computer equipment and devices,
which provide support for major functions such as input, processing (internal
storage, computation and control), output, secondary storage (for data and
programs), and communication.
1. INPUT DEVICES
Are devices used for entering data or instructions to the central processing
unit. Are classifie according to the method they use to enter data.
a) KEYING DEVICES
Are devices used to enter data into the computer using a set of Keys eg
Keyboard, key-to- storage and keypad.
i) The keyboard
Keyboard (similar to a typewriter) is the main input device of a computer . It
contains three types of keys-- alphanumeric keys, special keys and function
keys. Alphanumeric keys are used to type all alphabets, numbers and special
symbols like $, %, @, A etc. Special keys such as <Shift>, <Ctrl>, <Alt>,
<Home>, <Scroll Lock> etc. are used for special functions. Function keys such
as <Fl>, <F2>, <F3> etc. are used to give special commands depending upon
the software used e.g.F5 reloads a page of an internet browser. The function of
each and every key can be well understood only after working on a PC. When
any key is pressed, an electronic signal is produced. This signal is detected by
a keyboard encoder that sends a binary code corresponding to the key pressed
to the CPU. There are many types of keyboards but 101 keys keyboard is the
most popular one.
The keys on your keyboard can be divided into several groups based on
function:
Typing (alphanumeric) keys. These keys include the same letter, number,
punctuation, and symbol keys found on a traditional typewriter.
Special (Control) keys. These keys are used alone or in combination with
other keys to perform certain actions. The most frequently used control keys
are CTRL, ALT, the Windows key, and ESC.
Function keys. The function keys are used to perform specific tasks. They are
labelled as F1, F2, F3, and so on, up to F12. The functionality of these keys
differs from program to program.
Cursor Movement (Navigation) keys. These keys are used for moving around
in documents or WebPages and editing text. They include the arrow keys,
HOME, END, PAGE UP, PAGE DOWN, DELETE, and INSERT and ARROW
KEYS.
Numeric keypad. The numeric keypad is handy for entering numbers quickly.
The keys are grouped together in a block like a conventional calculator or
adding machine.Related image
B. POINTING DEVICES
Are devices that enter data and instructions into the computer using a pointer
that appears on the screen. The items to be entered are selected by either
pointing to or clicking on them.e.g mice, joystick, touch sensitive screen,
trackballs
i) THE MOUSE
A mouse is a small device used to point to and select items on your computer
screen. Although mice come in many shapes, the typical mouse does look a bit
like an actual mouse. It's small, oblong, and connected to the system unit by a
long wire that resembles a tail and the connector which can either be PS/2 or
USB. Some newer mice are wireless.
A mouse usually has two buttons: a primary button (usually the left button)
and a secondary button. Many mice also have a wheel between the two
buttons, which allows you to scroll smoothly through screens of information.
When you move the mouse with your hand, a pointer on your screen moves in
the same direction. (The pointer's appearance might change depending on
where it's positioned on your screen.) When you want to select an item, you
point to the item and then click (press and release) the primary button.
Pointing and clicking with your mouse is the main way to interact with your
computer. There are several types of mice: Mechanical mouse, optical mouse,
optical-mechanical mouse and laser mouse.
Basic parts
A mouse typically has two buttons: a primary button (usually the left button)
and a secondary button (usually the right button). The primary button is the
one you will use most often. Most mice also include a scroll wheel between the
buttons to help you scroll through documents and WebPages more easily. On
some mice, the scroll wheel can be pressed to act as a third button. Advanced
mice might have additional buttons that can perform other functions.
Place your mouse beside your keyboard on a clean, smooth surface, such as a
mouse pad. Hold the mouse gently with your index finger resting on the
primary button and you thumb resting on the side. To move the mouse, slide it
slowly in any direction. Don't twist it—keep the front of the mouse aimed away
from you. As you move the mouse, a pointer (see picture) on your screen moves
in the same direction. If you run out of room to move your mouse on your desk
or mouse pad, just pick up the mouse and bring it back closer to you.
Image result for how to hold a mousePointing to an object often reveals a
descriptive message about it.The pointer can change depending on what you're
pointing at. For example, when you point to a link in your web browser, the
pointer changes from an arrow to a hand with a pointing finger .
Most mouse actions combine pointing with pressing one of the mouse buttons.
There are four basic ways to use your mouse buttons: clicking, double-clicking,
right-clicking, and dragging.
Clicking (single-clicking)
To click an item, point to the item on the screen, and then press and release
the primary button (usually the left button).
Clicking is most often used to select (mark) an item or open a menu. This is
sometimes called single-clicking or left-clicking.
Double-clicking
To double-click an item, point to the item on the screen, and then click twice
quickly. If the two clicks are spaced too far apart, they might be interpreted as
two individual clicks rather than as one double-click.
Right-clicking
To right-click an item, point to the item on the screen, and then press and
release the secondary button (usually the right button).
Right-clicking an item usually displays a list of things you can do with the
item. For example, when you right-click the Recycle Bin on your desktop,
Windows displays a menu allowing you to open it, empty it, delete it, or see its
properties. If you are unsure of what to do with something, right-click it.
C) SCANNING DEVICES
Are devices that capture an object or a document directly from the source.
They are classifie according to the technology used to capture data e.g.
Scanners and Document readers.
i) Scanners
Used to capture a source document and converts it into an electronic form.
Example are - FlatBed and HandHeld scanners.
b) Magnetic Readers
Reads data using magnetic ink.t uses principle of magnetism to sense data
which have been written using magnetised ink.
Is the brain or the heart of a computer. Is also known as processor and consist
of three units namely -
i) Control Unit ( C U)
ii) Arithmetic logic Unit ( A L U)
iii) Main Memory unit ( M M U)
The system unit is the core of a computer system. Usually it's a rectangular
box placed on or underneath your desk. Inside this box are many electronic
components that process data. The most important of these components is the
central processing unit (CPU), or microprocessor, which acts as the "brain" of
your computer. Another component is random access memory (RAM), which
temporarily stores information that the CPU uses while the computer is on. The
information stored in RAM is erased when the computer is turned off.
Almost every other part of your computer connects to the system unit using
cables. The cables plug into specific ports (openings), typically on the back of
the system unit. Hardware that is not part of the system unit is sometimes
called a peripheral device. Peripheral devices can be external such as a mouse,
keyboard, printer, monitor, external Zip drive or scanner or internal, such as a
CD-ROM drive, CD-R drive or internal modem. Internal peripheral devices are
often referred to as integrated peripherals. There are two types according to
shape: tower and desktop.
Motherboard
TYPES OF PROCESSORS
I) Comples Instruction Set Computers (CISC)
ii) Reduced Instruction Set Computers (RISC)