CYBERCRIME PRESENTATION AMOS TAVAZIVA SUPT.
A crime in which a computer/Cellphoneis the object of the crime or is used as a tool to commit an offence. • Any criminal act in which the perpetrator hacks or breaks into a computer or computer network in order to illegally obtain sensitive information or disseminate destructive computer software.
Cybercrime is generally divided into three categories generally known as the three Ts: • COMPUTER AS A TOOL – where the computer is used as a tool to commit an offence • COMPUTER AS A TARGET – where the computer is the subject of the attack. • COMPUTER AS A TANGENTIAL – The computer is used as a secondary tool.
Computer as a tool • Fraud • Identity theft • Cyber-bullying, cyber- stalking • Online Money laundering • Phishing Computer as a target • Malware • Denial of service attacks
Computer Malwares These are malicious computer softwares or programs that illegally latches on a computer for a number of reasons. These softwares may steal disk space, access personal information, ruin data on the computer.
There are several reasons why people would create a malware and send it out to another computer(s):-
to steal information • to sabotage the system or • to demonstrate the flaws that the other computer system has.
CCD (Cyber Crime Unit) • CID Commercial Crimes Division (Northern Region) (Cyber Crime Unit) is a section within the Zimbabwe Republic Police`s Criminal Investigation Department mandated with the duty to fight all computer related offences (Cyber Crime). It was formed in the year 2015 in response to the notable increase in cyber related cases as shown below.
STATISTICS ON CYBER CRIME • YEAR 2016 2017 2018 • CASES 25 38 618
The rise in Cyber Crime in Zimbabwe is probably due to bank related crimes. The Ordinary Zimbabwean in the remote rural areas, be it young or old is now a potential victim/ perpetrator of Cyber crime
through their farming activities and use of cell phones in mobile banking.
Adoption of the multi currency system in the country has attracted sophisticated international criminals who seek the United States Dollar from the vulnerable locals. Besides the financial attraction, cyber crime is on the increase as all other forms of traditional crimes such as murder now contain elements of cyber either during the planning phase or actual perpetration.
LEGAL FRAMEWORK CYBER CRIME LAWS
Cyber Criminal law in Zimbabwe is provided for mainly in the Criminal Law (Codification and Reform) Act [Chapter 9:23] (hereinafter referred to as the Code) enacted in 2004.
In the Act the main sections which are used in combating Cyber Crimes are sections 136, 162- 168 of the Code which are for fraud and computer related crimes (often collectively described as ‘cybercrime’).
Other statutes providing for cybercrime related offences are the Interception of Communications Act [Chapter 11:20], Postal and Telecommunications Act [Chapter 12:05]. CENSORSHIP AND ENTERTAINMENTS CONTROL ACT CHAPTER 10:04 CHILDREN’S ACT Chapt 5:06
CYBER CRIME BILLThe Bill is reportedly at drafting stage by the Attorney General and will be passed back to the Minister for tabling before parliament…it is envisaged that the passing of this law will enhance cyber crime investigations.
Common Reported Crimes FRAUD -On line banking Fraud (Eco-Cash) Social media…facebook, google and watsapp platforms • CYBER STALKING • PHISHING • IDENTITY THEFT • OTP • CARD CLONING
Cyber Stalking • Cyber stalking is the use of the Internet or electronic devices to stalk or harass an individual or an organisation. Cyber stalking can include monitoring someone’s activities while on the computer. Cyber stalking becomes a crime because of the repeated threatening, harassing or monitoring of someone with whom the stalker has, or no longer has, a relationship.
Cyber stalking can include harassment of the victim, the obtaining of financial information of the victim or threatening the victim in order to frighten him. An example of cyber stalking would be to put a recording or monitoring device on a victim’s computer or Smartphone in order to save every keystroke they make, so that the stalker can obtain information.
Phishing • Phishing is a form of social engineering used to obtain sensitive information from a victim, such as usernames and passwords, by pretending to be a trustworthy entity in an electronic communication. • These communications look like they are from a real entity, such as bank or online payment processor. • Usually via email, although they can be a phone call.
The email will inform the victim that there have been issues with their account or the company itself, and that the victim needs to reset/change their details via a link • The link will look legitimate, but will go to a third party website unrelated to the company, then personal data sent directly to the hacker
Identity Theft Is stealing someone’s personal information and pretends to be that person, in order to obtain financial resources or other benefits in that person’s name without his consent. The personal information stolen can include the person’s name, social security number, birth date or credit card numbers. The stolen information is then used to obtain new credit cards, access bank accounts or obtain other benefits, such as a drivers licence.
OTP One Time Password, also known as One Time Pin is a password that is valid for only one login session or transaction, on a computer system or other digital devices
Card Clonning Card Skimming or card cloning uses a skimming device to fraudulently copy bank customer details stored on the magnetic strip (brown/black strip at the back) on a debit or credit card.
Tips to avoid becoming a victim of card cloning/skimming • Never give your card to someone at an ATM for any reasons, • Never let anyone assist you at an ATM, even if they appear to be a bank official or security personel, • Beware of people standing close to you when you are concluding transactions at an ATM,
Ensure you hide your PIN when keying it into an ATM, • If possible use an ATM that is monitored by a CCTV camera. • Ensure your card never leaves your sight when shopping. If the person needs to use a different machine always accompany that person • Monitor your bank statement for unusual balance enquiries.
Strength of Cyber Crime Unit • Trained personnel….diplomas, degrees in IT, attachments in India, France and China. • Now have a cyber lab to aid in Forensic investigations.
Challenges in Cyber Crime Investigations • Lack of tools, i.e hardware and software for retrieval of digital evidence and tracking of suspects. We have to rely on service providers such as Zimbabwe on Line (ZOL), Powertel, Africom, Tel One, ECONET, Telecel and Net One who can only provide such information through court orders. • Our main stakeholder, PORTRAZ who usually supply us the with infor such as IP addresses are sometimes overwhelmed.
Cyber crime is trans National hence has no boundaries such that resources to traverse the whole area are stretched. • Some countries do not have effective legislation for cyber crime hence it becomes difficult to get cooperation even if Mutual Legal Assistance is sought. • Currently the Judicial system in Zimbabwe has a bias towards traditional crimes and are yet to appreciate cyber crime.
Since we still have the Cyber Crime Bill as opposed to a law to cover the felon, extraction and presentation of digital evidence is challengeable at the courts. • Some daring and sophisticated criminals would rather use foreign internet service providers such as g-mail and yahoo as well as dynamic internet protocol addresses which makes it difficult to trace.