한국청소년정책연구원 도서관

로그인

한국청소년정책연구원 도서관

자료검색

  1. 메인
  2. 자료검색
  3. 통합검색

통합검색

단행본

형사정책

판사항
11판
발행사항
서울: 한국형사정책연구원, 2015
형태사항
574 p: 삽도, 26cm
서지주기
참고문헌과 색인을 포함하고 있음
소장정보
위치등록번호청구기호 / 출력상태반납예정일
이용 가능 (1)
한국청소년정책연구원00025715대출가능-
이용 가능 (1)
  • 등록번호
    00025715
    상태/반납예정일
    대출가능
    -
    위치/청구기호(출력)
    한국청소년정책연구원
책 소개
The Information Society

According to a recent document by the United Nations Office on Drugs and Crime, in 2011, at least 2.3 billion people, the equivalent of more than one third of the world’s total population, had access to the Internet. Over 60 percent of all Internet users are in developing countries, with 45 percent of all Internet users below the age of 25 years. By the year 2017, it is estimated that mobile broadband subscriptions will approach 70 percent of the world’s total population. By the year 2020, the number of networked devices will outnumber people by six to one, transforming current conceptions of the Internet. In the hyper-connected world of tomorrow, it will become hard to imagine a ‘computer crime’, and perhaps any crime, that does not involve some element of electronic evidence linked with Internet protocol (IP) connectivity. http://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf

The “information society” is definitely upon us. There is no question that the Internet and the electronic information technology that accompany it have profoundly affected every aspect of life, especially communications and information. The most common definition of information society emphasizes technological innovation. Information processing, storage and transmission have expanded the use of information and communication technology (ICT), and related biotechnology and nanotechnology everywhere worldwide. In our postindustrial society, information and knowledge are key-resources.
Information society is not defined only by technology. It is a multidimensional phenomenon. It is also an economic structure, a pattern of social relations, and impacts many aspects of social organization. The importance and impact of social media are well known and definitely affecting all aspects of our life in society today. So, it is essential to cover also the social impact of the information revolution on social organizations, including the criminal justice system.
Moreover, the postmodern age of information technology has changed some of the content, and especially the accessibility and utilization of information and knowledge by social organizations, including the criminal justice system.
The relationship between knowledge and order has fundamentally changed. Key social structures and activities are organized now through electronically processed information networks and the so-called social media. Some political scientists see even deeper change: the birth of the network state, contrasted to the national state, undermining and replacing traditional authority and social control. Consequently, the function, structure and content of the criminal justice system are also impacted.

Cyber Crime

The term “cyber crime” refers to criminal conduct that impacts interests associated with the use of information and communication technology (ICT), such as the proper functioning of computer systems and the Internet, the privacy and integrity of data stored or transferred in or through ICT, or the virtual identity of internet users. The common denominator and characteristic feature of all cyber crime offenses and cyber crime investigation can be found in their relation to computer systems, computer networks and computer data on the one hand and to cyber systems, cyber networks and cyber data on the other hand. Cyber crime covers offenses concerning traditional computers as well as cloud cyber space and cyber databases.
The common denominator and characteristic features of all cybercrime offenses and cybercrime investigations are their relationship to computer systems-computer networks- computer data on one hand but also to cyber systems-cyber networks-cyber data on the other. It also includes the use of the cloud and cyber databases.
The Deloitte’s reporthttps://www.deloitte.com/assets/Dcom-UnitedStates/Local%20Assets/Documents/AERS/us_aers_nascio%20 Cybersecurity%20Study_10192012.pdf
on cyber security trends states that emerging technologies, coupled with a shifting threat profile, are challenging organizations to deal more and more with sophisticated “bad actors” that are motivated, skilled and adaptable. The threat has shifted from the traditional hacker exploiting a target of opportunity to:
• Targets of choice and not chance. Attackers are increasingly targeting specific companies, products, services and individuals. The recent hacking of the New York Times website and that of Mark Zuckerberg of Facebook fame, are examples of this trend.
• Involvement by organized crime. Low risks and high rewards are luring organized crime to cyber crime. The Internet facilitates its international operations, all types of trafficking and the movement of monies.
• State-sponsored cyber threats. Financial, political, and strategic objectives are motivating state sponsored actors to compromise systems, steal intellectual property or cause economic damage. Some countries are accused of already investing considerable resources in developing and engaging in cyber war and cyber attacks. The conflict in the Middle East involving Syria may demonstrate more clearly the reach of malware and hacking to conduct a remote war. The 2013 hacking of the New York Times website was done by the Syrian Electronic Army.
• Growing insider threats. Insider threats have risen due to economic conditions, layoffs and increasing ‘privileged accesses’ accorded to third-party vendors. The recent scandals originating in sensitive and secret electronic materials leaked to the press by Wikileaks, Julian Assange, Bradley Manning and Edward Snowden, to mention just the most famous whistleblowers, show how weak and disregarded privacy protections and guarantees are.
• Legislative initiatives and global implications. New cyber legislation and penalties for non-compliance are being developed, and global business models are being reconsidered since in their present form they may facilitate the commission and cover-up of international crimes.

Cyber warfare in particular is a growing concern among national security establishments and is one of the most serious national security challenges as it threatens critical economic and defense infrastructure (e.g. power grid, financial systems). For example, President Obama has identified cyber security as a key national security challenge that the U.S. government is not adequately prepared to counter. He established a Comprehensive National Cyber Security Initiative to conduct a thorough review of federal efforts to defend the US information and communications infrastructure and the development of a comprehensive approach to securing the digital infrastructure. In July 2011, the Defense Department unveiled its long-awaited strategy for cyber security. The plan is aimed at defending its own computer networks and those of its partners, and developing “robust cyberspace capabilities”.

The Role of Criminologists

This is a very broad area. As criminologists, we must focus on the most interesting and promising new areas of cyber-crime like the integrity and functionality of the cyber system; and the protection:
-of the digital personality (identity theft etc.);
-of property (including intellectual property rights);
-of the enforcement system (non-compliance offenses).
The response of penal law and of the criminal justice system is also an important element to be covered. (Based on materials by John A.E. Vervaele, Daniel Bell, Manuel Castells, S. Sassen, Thomas Weigend and U. Sieber)

Research and practical applications by criminologists should focus principally on the following subject matters:
1. The integrity and functionality of the cyber-ICT system
2. Protection of privacy
3. Protection of digital personality
4. Protection against illegal content
5. Protection of property (including intellectual property rights)
6. Protection against acts committed exclusively in the virtual world
7. Protection of enforcement system (non-compliance offences)
How Can Criminology Contribute?

The role and the contributions of criminology will be especially important at the international level for providing the analysis, research findings, and policy recommendations for:

(a) Protecting Information and Communications Technology (ICT) against Crime
There are many problems when it comes to criminalization like defining the criminal act, avoiding overreach and having a chilling effect on legitimate conduct, and keeping up with technological progress. For example, is it necessary to protect “virtual identities” against theft and forgery? If yes, how can we do it properly? Also, how can penal law keep up with the rapid pace of change in information technology and also with the content and character of the worldwide web? How do we correctly define the criminal act when it is performed by an automatic computer system? Also, is criminal law the appropriate tool for the protection and preservation of the ICT systems (ultima ratio principle)? What about the measures taken by the ICT itself like encryption, anti-virus and anti-hacking protection systems? Should the user be under the obligation to install these protections, often at a considerable cost, in order to avoid contributory negligence liability? Is this another example of transferring the cost of crime prevention to the potential victim, instead of the state taking responsibility?
Also, normally criminal law does not punish actions that can be considered mere preparation for the eventual commission of Internet crimes. When it comes to ICT, should criminal law punish the selling or purchasing of software that cracks passwords or bypasses software that protects copyrighted materials from being downloaded or facilitates computer fraud?

(b) Protecting against Crime Committed through ICT
(i) Limiting anonymity with the danger of violating the legitimate privacy interests of the users
(ii) Controlling content

(c) Addressing the Differences among National Interests and Systems
Legal system may have substantial differences in defining what is harmful or dangerous content and how to distinguish between materials protected by freedom of speech and expression and materials whose proliferation or even possession can be criminally prosecuted. These differences also constitute substantial obstacles to international cooperation in police and prosecutorial work. There is also the danger of substantially violating freedom of expression by regulating speech too tightly. Related to this is the issue of the responsibility of access and/or service providers for maintaining and making accessible illegal content. Are these service providers obligated to be the “internet police” and take pro-active steps to identify and eliminate objectionable materials? Under what criteria and circumstances? With what type of constraints and supervision? (Based on materials by John A.E. Vervaele, Daniel Bell, Manuel Castells, S. Sassen, Thomas Weigend and U. Sieber)


International Law

Measures thus far adopted by the private and public sectors have not provided an adequate level of security. While new methods of attack have been accurately predicted by experts and some large attacks have been detected in early stages, efforts to prevent or deter them have been largely unsuccessful, with increasingly damaging consequences. Information necessary to combat attacks has not been timely shared. Investigations have been slow and difficult to coordinate because of different legal systems and procedural obstacles. Some attacks are from States that lack adequate laws governing deliberate destructive conduct. The international cooperation that takes place is voluntary and inadequate. Some significant enhancement of defensive capabilities seems essential. Cyber crime is by nature transnational, and will often involve jurisdictional assertions of multiple States. Agreements on jurisdiction and enforcement must be developed to avoid conflicting claims.
Internationally, the key legal instrument in the fight against cyber crime is still the Council of Europe’s Convention on Cybercrime (Budapest Convention) adopted in 2001. It entered into force in 2004. An Additional Protocol was added in 2006. While the Budapest Convention is a fundamental document in the fight against cybercrime, it is not a complete and fail-proof solution. The Budapest Convention rightly addresses cybercrime in its international dimension. However, the international fight against cyber crime is hampered by a number of factors, including a dissonance in national approaches to cyber-security; by policy and implementation incoherence among countries, including those in regional organizations; and by outdated legal systems that do not fit cyberspace well, compounded by a variable interpretation and implementation of the Budapest Convention in different countries. In addition, some doubt whether the Budapest Convention is sufficiently “future proof”, having been drafted in the last century and whether it adequately addresses the new realities of the technology, its use, and consequent cyber crimes.
Other international agreements are being prepared and proposed for approval by the international community. Many actors are joining in this effort like the United Nations, the Arab League, the Commonwealth of Independent States, ECOWAS, the Organization of American States and private organizations like those in the United States that wrote the Stanford Draft International Convention to Enhance Security from Cyber Crime and Terrorism.
Some countries want the existing European convention to be adopted worldwide, while others want a completely new agreement to be created. At the UN Congress on Crime Prevention and Criminal Justice in Salvador da Bahia, Brazil in 2010, member nations debated how to address what everyone agreed was a major and growing problem. National delegations discussed what they saw as the main problems like computer-based fraud and forgery, illegal interception of private communications, interference with data and misuse of electronic devices. But countries could not decide how best to tackle the problems. There were those who maintained that an international agreement should be an extension of the existing Budapest Convention. Others, like Brazil, disagreed and called for a new convention with the flexibility of taking regional conditions into account. We may have to wait until the next U.N. Crime Congress in Doha in 2015 to see if progress has been made in the international understanding of cyber crime and the correct response to it.

The World Crime Forum on Cybercrime

The International Society of Criminology welcomes the important initiative by the Korean Institute of Criminology to organize the First World Crime Forum for Asia on the topic of cyber crime. It addresses a very serious, novel, and developing challenge for criminology and for the countries and people in the region and no doubt will greatly assist in assessing the current situation on this complex issue and in developing appropriate responses, especially tailored to the Asian region. The excellent international representation at this event will make it possible to have a worthwhile and useful international dialogue among experts and to outline approaches and solutions that will then be developed with subsequent collaboration and cooperation. It is particularly useful and positive to establish a Working Group on Cyber Crime for Asia under the aegis and the sponsorship of the Korean Institute of Criminology to continue studying the issue and refining the solutions. Among the deliverables that will be most useful are:
1. International surveys of the extent, forms and impact of this type of expanding criminality.
2. Position papers on the need for new laws, conventions, and international cooperation and practice.
3. Recommendations for international reforms of laws and applications of the law; and for convergence and uniformity of laws, enforcement, and penalties.
4. Development of appropriate legislative measure and programs to provide compensation, victim assistance and preventive measures.
5. Careful assessment of treaties and laws to balance financial and other interests and the protection of human rights, privacy, creativity, due process, proportionality and demonstrated need to intervene.
6. Training modules to prepare specialists in combating cybercrime.

Special attention should be paid to how cybercrime impacts developing countries, especially in view of the widespread use of electronics in those regions for financial and other transactions.
목차

Foreword 5
Prof. em Dr. jur. Il-Su Kim (President, Korean Institute of Criminology)

Acknowledgement 7
Prof. Emilio Viano (President, International Society for Criminology Scientific Commission)

Introduction

The Information Society and Cyber Crime: Criminologists Facing this Growing Challenge 11
Emilio Viano (International Society for Criminology)


Part 1. Challenges to Criminology and Criminal Justice

Organized Cybercrime and National Security 19
Peter Grabosky (Australian National University)

Cyber Victimization: New Typology and Novel Trends of Interpersonal Attacks on the Internet 31
Jaishankar Karuppannan (Manonmaniam Sundaranar University, India)

The Current State of Cybercrime in the Republic of Korea 49
Hyun-Wook Chun (Korean Institute of Criminology)

Development and Prospect of China’s Legislations on Cyber-Security 69
Yong Pi (Xinjiang University, China)

Justice Online: Issues and Solutions 77
Geronimo L. Sy (Department of Justice, Philippines)

“A Cloudy Future?” – Meeting the Challenge of Cloud Computing 81
Christopher SJ Ong (Attorney-General’s Chambers, Singapore)


Part 2. Responses of Criminology and Criminal Justice

Online Child Exploitation and Responses 89
Gregor Urbas (University of Canberra, Australia)

Investigation against BotNet Infected Computer 99
Frank Law (University of Hong Kong)

Cloud Computing and Digital Forensics 111
Kim-Kwang (Raymond) Choo (University of South Australia)

An Assessment Model for Cybercrime Investigation Capacity 127
Yunsik Jang (Korean National Police University)
Joshua Isaac James (Soon Chun Hyang University, Korea)

Criminal Justice Response to Cybercrime in the World and Capacity Building Effort by UNAFEI 135
Kenichi Kiyono (United Nations Asia and Far East Institute for the Prevention of Crime and the Treatment of Offenders, Japan)

The Necessity of Establishing Cybersecurity Control Tower-Focusing on Cases in Korea 149
Won Sang Lee (Chosun University, Korea)