Concept
Everyone, deep down, understands what the crime of unauthorized access to information is, but we need to know the clear wording for sure.
Thus, unlawful access is understood as an act that is, of course, characterized by its social danger and encroaches on the security of computer information as a whole.
Of course, as a result of this act, harm is caused , and it does not matter what - reputation or material, the main thing is that an act committed in this way is truly illegal.
The provisions on this crime are, of course, regulated by the criminal code of our country, and specifically, Art. 272 of the Criminal Code of the Russian Federation .
However, in addition to the criminal code, the regulatory framework for this crime includes various laws and regulations applied in organizations .
Article 272 of the Criminal Code of the Russian Federation – “Illegal access to computer information”
The first article, which is contained in Chapter 28 “Crimes in the field of computer information,” is Article 272 “Illegal access to computer information,” if this act entailed the destruction, blocking, modification or copying of information (Part 1).
Unlawful access to computer information - illegal access to information in violation of established rights and rules.
This article protects the owner’s right to privacy, confidentiality and integrity of information in the information system. The owner of information is a person who fully exercises the powers of ownership, use and disposal of information and lawfully uses information processing services (object of a crime).
An act for which liability is provided for in Art. 272 of the Criminal Code of the Russian Federation, must consist of unlawful access to legally protected computer information (the objective side of the crime), which implies the commission of a sequence of actions committed for selfish reasons or if they entailed the destruction, blocking, modification or copying of information, disruption of the operation of a computer or system computers or their networks (part 2).
A mandatory feature of this crime is the occurrence of harmful consequences for the owner or information and computing system - destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network. In this case, we are talking not only about difficulties associated with manipulations in computer memory, but also about interference that appears on the monitor screen, when printing computer information, as well as in peripheral devices. It should be noted that viewing information stored in computer memory does not constitute a crime.
Harmful effects:
- Destruction of information is the cessation of the existence of information in which its recovery is impossible or difficult.
- Blocking information is the inability to access information or part of it.
- Modification of information – any change in information, for example, distortion of source data, addition of new information content, partial destruction of original (initial) information.
- Copying information is the creation of an analogue of information on tangible and virtual media by transferring data from the original information, but preserving its original content.
It should be noted that the subjective side of the crime “Illegal access to computer information” (the internal attitude of the criminal towards the crime) is characterized by guilt in the form of direct intent, that is, the attacker is fully aware of the social danger of his act, foresees the possibility or inevitability of harmful consequences that will occur after committing crime and desires, or consciously allows these consequences to occur, or is indifferent to them.
Commentary to Art. 272 of the Criminal Code of the Russian Federation
1. The subject of the crime is computer information protected by law. The specified information must be located on computer media, in a computer, computer system or their network.
A computer is an electronic technical device that ensures the receipt, storage, processing of information and the achievement of a given result in a certain form based on it.
A computer network is a connection of computers, as well as means and communication channels, which allows the use of information and computing resources of each individual computer.
A computer system is a network of interconnected computers that interact as a whole and perform a single task, for example, the state automated system (GAS) “Elections”.
Information is located in a database, which is understood as an objective form of presentation and organization of a set of systematized data (for example, articles, calculations).
Machine media of computer information include devices directly from the computer, its peripheral devices, computer and other communication devices, network devices and telecommunication networks.
Information is understood as information (messages, data) regardless of the form of their presentation (Clause 1, Article 2 of the Federal Law of July 27, 2006 N 149-FZ “On Information, Information Technologies and Information Protection”).
Computer information is information, knowledge or a set of commands (program) intended for use in or control of a computer, located in a computer, a computer system, their network or on computer media, representing an identifiable element of an information system that has an owner who has established its rules use.
Computer information protected by law includes any information specified in the law in connection with the protection of proprietary and liability rights to computers and computer equipment, as well as in connection with the protection of communications secrecy.
2. Unauthorized access should be understood as familiarization with data contained on computer media or in a computer that has a level of protection in accordance with the law, not authorized by the owner or possessor of information.
The destruction of information should be understood as such a change in its original state that prevents its receipt from the corresponding site.
Blocking information is its actual closure and the impossibility of use by the owner while it is intact. When a program is modified, the content changes significantly, making it difficult to perceive in its original form.
Copying information in the sense of the article being commented on should create the possibility of unauthorized access to it.
A disruption in the operation of a computer, a computer system or their network should be understood as failures in its operation that prevent the normal receipt of information while maintaining physical integrity.
3. The crime is considered completed from the moment at least one of those specified in Part 1 of Art. 272 of the Criminal Code of consequences.
4. The subjective side of the crime is characterized by an intentional form of guilt.
5. The subject of the crime is a person who has reached the age of 16 years.
6. Persons with access to computers, etc., should be considered not only users of the corresponding computer resources, but also workers authorized to maintain computers (computer repair specialists).
Crimes in the field of computer information (Articles 272-274 of the Criminal Code of the Russian Federation)
Unlawful access to computer information (Article 272).
The main object of this crime is the state of security of computer information from threats of unauthorized access to it by persons who do not have the right to do so.
The subject of this crime is computer information documented on computer media or contained in an electronic computer (computer), computer system or their network.
Information means information about persons, objects, facts, events, phenomena and processes, regardless of the form of their recording or presentation. Documented information is considered to be information recorded on a tangible medium with details that allow its identification. Computer information is information processed on a computer.
An electronic computer (computer) is understood as a device in which the main functional elements (logical, storage, identification, etc.) are made on electronic devices.
From the objective side, the crime in question is expressed in unlawful access to legally protected computer information, i.e. information on computer media, in a computer, computer system or their network.
Illegal access to computer information is recognized as a criminal offense if it entails the destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network.
The destruction of information means bringing it into a state in which it cannot be restored or used in accordance with its intended purpose.
The crime in question refers to the material elements of crimes and is considered completed from the moment of occurrence of those specified in Art. 272 consequences.
From the subjective side, the crime in question is committed only intentionally in the presence of both direct and indirect intent. The motives for this crime may be selfish motives, revenge and other considerations.
The subject of unlawful access to computer information (Part 1 of Article 272) can be any sane person who has reached the age of 16 and has the knowledge and skills to work on a computer.
This crime, in the absence of qualifying features, is classified as an act of minor gravity.
The qualifying features of this crime (Part 2 of Article 272) are its commission by a group of persons by prior conspiracy or by an organized group or by a person using his official position.
Creation, use and distribution of malicious computer programs (Article 273).
The main object of this crime is the protection of computer information from threats in connection with the creation, use and distribution of malicious computer programs.
The subject of this crime is copyrighted computer programs protected by law, as well as computer storage media for such programs. Computer programs are understood as objective forms of representing a set of data and commands intended for the operation of computers and other computer devices in order to obtain a certain result.
From the objective side, the crime in question is expressed in the creation of malicious programs for computers or in making changes to existing programs, which obviously lead to unauthorized destruction, blocking, modification or copying of information, disruption of the operation of the computer.
The crime in question is a formal crime and is considered completed from the moment of creation or distribution of a malicious program for a computer, computer system or their network.
From the subjective side, the crime in question is committed with direct intent. The motives for this act may be hooligan motives, revenge, selfish or other considerations.
The subject of this crime can be any sane person who has reached the age of 16 and has knowledge in the field of programming and using computers.
Violation of the rules for operating computers, computer systems or their networks (Article 274).
The object of the crime in question is the state of security of a computer, computer system or their network from threats associated with violation of the rules of their operation.
The subject of this crime is electronic computers (computers), computer systems or their networks.
From the objective side, this crime is expressed in violation of the rules of operation of a computer, computer system or their network.
The crime in question relates to material crimes and is considered completed from the moment the consequences specified in the law occur.
From the subjective side, this crime can be committed either intentionally or through negligence.
The subject of this crime can be any sane person who has reached the age of 16 and has access to a computer, computer system or their network.
This act, in the absence of qualifying criteria (Part 1 of Article 274), belongs to the category of crimes of minor gravity.
The qualifying feature of this crime is the occurrence of grave consequences through negligence as a result of violation of the rules of operation of a computer, computer system or their network (Part 2 of Article 274).
Computer crimes are a new type of socially dangerous acts in Russian criminal law. These are intentional or careless acts that cause harm to public relations in the use of computers, computer systems and their networks, as well as computer information.
Unlawful access to computer information (Article 272).
The main object of this crime is the state of security of computer information from threats of unauthorized access to it by persons who do not have the right to do so.
The subject of this crime is computer information documented on computer media or contained in an electronic computer (computer), computer system or their network.
Information means information about persons, objects, facts, events, phenomena and processes, regardless of the form of their recording or presentation. Documented information is considered to be information recorded on a tangible medium with details that allow its identification. Computer information is information processed on a computer.
An electronic computer (computer) is understood as a device in which the main functional elements (logical, storage, identification, etc.) are made on electronic devices.
From the objective side, the crime in question is expressed in unlawful access to legally protected computer information, i.e. information on computer media, in a computer, computer system or their network.
Illegal access to computer information is recognized as a criminal offense if it entails the destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network.
The destruction of information means bringing it into a state in which it cannot be restored or used in accordance with its intended purpose.
The crime in question refers to the material elements of crimes and is considered completed from the moment of occurrence of those specified in Art. 272 consequences.
From the subjective side, the crime in question is committed only intentionally in the presence of both direct and indirect intent. The motives for this crime may be selfish motives, revenge and other considerations.
The subject of unlawful access to computer information (Part 1 of Article 272) can be any sane person who has reached the age of 16 and has the knowledge and skills to work on a computer.
This crime, in the absence of qualifying features, is classified as an act of minor gravity.
The qualifying features of this crime (Part 2 of Article 272) are its commission by a group of persons by prior conspiracy or by an organized group or by a person using his official position.
Creation, use and distribution of malicious computer programs (Article 273).
The main object of this crime is the protection of computer information from threats in connection with the creation, use and distribution of malicious computer programs.
The subject of this crime is copyrighted computer programs protected by law, as well as computer storage media for such programs. Computer programs are understood as objective forms of representing a set of data and commands intended for the operation of computers and other computer devices in order to obtain a certain result.
From the objective side, the crime in question is expressed in the creation of malicious programs for computers or in making changes to existing programs, which obviously lead to unauthorized destruction, blocking, modification or copying of information, disruption of the operation of the computer.
The crime in question is a formal crime and is considered completed from the moment of creation or distribution of a malicious program for a computer, computer system or their network.
From the subjective side, the crime in question is committed with direct intent. The motives for this act may be hooligan motives, revenge, selfish or other considerations.
The subject of this crime can be any sane person who has reached the age of 16 and has knowledge in the field of programming and using computers.
Violation of the rules for operating computers, computer systems or their networks (Article 274).
The object of the crime in question is the state of security of a computer, computer system or their network from threats associated with violation of the rules of their operation.
The subject of this crime is electronic computers (computers), computer systems or their networks.
From the objective side, this crime is expressed in violation of the rules of operation of a computer, computer system or their network.
The crime in question relates to material crimes and is considered completed from the moment the consequences specified in the law occur.
From the subjective side, this crime can be committed either intentionally or through negligence.
The subject of this crime can be any sane person who has reached the age of 16 and has access to a computer, computer system or their network.
This act, in the absence of qualifying criteria (Part 1 of Article 274), belongs to the category of crimes of minor gravity.
The qualifying feature of this crime is the occurrence of grave consequences through negligence as a result of violation of the rules of operation of a computer, computer system or their network (Part 2 of Article 274).
Computer crimes are a new type of socially dangerous acts in Russian criminal law. These are intentional or careless acts that cause harm to public relations in the use of computers, computer systems and their networks, as well as computer information.
Methods
There are many ways to access information, especially illegal ones. It is almost impossible to list everything. With the development of high technologies and methods there are more and more.
- using someone else's code obtained through deception or fraud for personal purposes;
- by rearranging the addresses of any devices;
- through the banal theft of information.
Also, you can highlight hacking of any system by changing any programs and so on.
These actions entail not the most rosy consequences. This could be deleting important information from all media, changing information , thereby rendering it unusable.
Information can be copied and distributed, which significantly violates the copyrights of its creators.
general characteristics
This crime is serious and entails the most incredible and not always pleasant consequences.
People lose profits , have lost profits, their reputation and good name .
This crime is, without exception, an illegal act that must be punished by law.
The Criminal Code provides for severe punishment for crimes of this type, which is good news.
Corpus delicti
Perhaps it is best to start considering the corpus delicti of this crime from the object.
Of course, the main object is the right to information , which was grossly and cruelly violated .
In this case, by object we do not mean any information, because it can be contained both in oral speech and in the press, namely about computer information.
The objective side of this crime is characterized by several acts that are worth considering in more detail.
For example, this includes access to information that is carefully protected by law .
Access can be achieved either manually or using various technical means .
The subjective side is characterized, of course, by motive.
In any case, the criminal understands what act he is carrying out, and he also understands the entire social danger, but he wants these consequences to occur and take place.
The subject is, of course, a person who has reached the age of sixteen and has legal capacity
Unauthorized access to computer information
Introduction
In Russia, according to the State Information Center of the Ministry of Internal Affairs of the Russian Federation, in 2010, under Art. 272 of the Criminal Code of the Russian Federation “Illegal access to computer information”, 55 criminal cases were initiated, 47 were completed with investigation. This is more than 10 times higher than the same figure in 2009. In 2011, 135 criminal cases were initiated, of which 114 were sent to court with an indictment Budakovsky D.S. Methods of committing crimes in the field of computer information // Russian investigator. - 2011. - No. 4. - P. 2..
The criminal law (Article 272 of the Criminal Code of the Russian Federation) does not define unlawful access to computer information protected by law; it reveals only its consequences: destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network.
The immediate object of the crime being analyzed is social relations to ensure the security of computer information and the normal operation of computers, computer systems or their networks.
The additional subject of unauthorized access to computer information is optional. Its presence depends on the type of harm caused to the rights and legitimate interests of the victim. An additional object may be, for example, property rights, copyright, the right to privacy, personal and family secrets, public relations for environmental protection, external security of the Russian Federation, etc.
The subject of a criminal attack in case of unlawful access to computer information is computer information protected by law, which from a criminal legal point of view is characterized by the following mandatory features: firstly, it is always intellectual property; secondly, it does not have natural physical parameters (material properties); thirdly, it is protected by law; fourthly, it is contained on a computer medium, in an electronic computer (computer), a computer system or their network.
1. Characteristics and features of crimes related to unlawful access to computer information
The object of this crime is social relations that ensure lawful access, creation, processing, transformation, use of computer information by the creator himself, its consumption by other users, as well as the correct functioning of a computer, computer system or their network. This crime, committed by a person using his official position, provided for in Part 2 of Art. 272 of the Criminal Code of the Russian Federation, also encroaches on the second direct object - social relations that ensure the interests of the service (Part 2 of Article 272 of the Criminal Code of the Russian Federation).
The norm of the criminal law under consideration protects computer information wherever it is contained and circulated: in computer memory, computer systems, telecommunication networks, and computer media.
The subject of the crime is information of limited access, i.e. information (messages, data), regardless of the form of their presentation, contained on computer media, in a computer, computer system or their network.
The objective side of the crime includes: actions consisting of unlawful access to computer information protected by law (restricted information); consequence - alternatively - in the form of destruction, blocking, modification, copying of information; disruption of the operation of a computer, computer system or their network; a cause-and-effect relationship between the specified action and any of the named consequences.
Restricted information includes computer information for which the law has established a special legal regime. Based on the meaning of Art. 272 of the Criminal Code of the Russian Federation and Art. 2 of the Federal Law of July 27, 2006 No. 149-FZ “On Information, Information Technologies and Information Protection” Federal Law of July 27, 2006 No. 149-FZ “On Information, Information Technologies and Information Protection” (as amended on 06.04 .2011, as amended on July 21, 2011) // SZ RF. - 2006. - No. 31 (1 part). — St. 3448. Only information recorded on a tangible medium with details that allow it to be identified is subject to protection, i.e. documented information. According to the terms of its legal regime, restricted access information is divided into:
1) classified as a state secret (Article 2 of the Federal Law of July 21, 1993 No. 5485-1 “On State Secrets” Law of the Russian Federation of July 21, 1993 No. 5485-1 “On State Secrets” (as amended on July 18, 2011) // SZ RF. - 1997. - No. 41. - Article 8220 - 8235.);
2) confidential, i.e. documented information, access to which is limited in accordance with the legislation of the Russian Federation. The mode of access to confidential information can be established either by its owner or directly in accordance with current legislation.
With respect to such information, the owner or other authorized person must take special protection measures for machine information (for example, introducing a system of access passwords or a certain discipline for working with information) limiting access to it.
Access to confidential information or information constituting a state secret by a person who does not have the necessary powers (without the consent of the owner or his legal representative) is considered unlawful, subject to special means of protecting it.
Unauthorized access to computer information is the illegal or unauthorized use of the ability to obtain information contained on computer media, a computer, a computer system or their network. At the same time, access to computer information means any form of penetration into the source of information using computer means (material and intellectual), allowing to manipulate the received information (copy, modify, block or destroy it) Commentary on the Criminal Code of the Russian Federation (article-by-article) / A. IN. Brilliantov, G.D. Dolzhenkova, Ya.E. Ivanova and others; edited by A.V. Brilliantova. - M.: Prospekt, 2010. - P. 230..
At the same time, taking possession of a personal computer or a computer storage medium (floppy disk, disk) as property cannot be qualified as access to computer information and entails liability for a crime against property or arbitrariness. Likewise, the fact of destruction or distortion of computer information contained on a computer carrier through external influence on it with heat, magnetic waves, or causing mechanical damage in any other way does not form an objective side of the crime in question. Unlawful access to computer information is charged to the relevant person in conjunction with the crimes for the commission of which such access was carried out. For example, in cases where fraudulent actions involve unlawful entry into someone else’s information system or other unlawful access to legally protected computer information of credit institutions, or the creation of deliberately malicious computer programs, modifications to existing programs, the use or distribution of malicious computer programs , the act is subject to qualification under Art. 159 of the Criminal Code of the Russian Federation, and also, depending on the circumstances of the case, under Art. 272 or art. 273 of the Criminal Code of the Russian Federation, if as a result of unlawful access to computer information, destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network occurred.
The corpus delicti of this crime is material in nature and presupposes the mandatory occurrence of one of the consequences:
1) destruction of information is rendering information or part of it unusable, regardless of the possibility of its recovery. The transfer of information to another computer medium is not considered in the context of criminal law to be the destruction of computer information only if, as a result of these actions, the access of legitimate users to the information was not significantly hampered or excluded. Destruction of information does not mean renaming the file where it is contained, nor does it automatically “supplant” old versions of files with the latest ones;
2) blocking of information - the result of an impact on a computer, computer system or their network, the consequence of which is the inability for some time or constantly to carry out the required operations on computer information completely or in the required mode. In other words, information blocking is the performance of actions leading to restriction or closure of access to a computer system and the information resources it provides, artificially impeding access of legitimate users to computer information, not related to its destruction.
3) modification of information - making changes to computer information (including changing its parameters). Current legislation allows the following types of legal modification of programs and databases by persons lawfully possessing this information: a) modification in the form of correcting obvious errors; b) modification in the form of changes to programs, databases for their operation on the user’s technical means; c) modification in the form of private decompilation of the program to achieve the ability to interact with other programs.
4) copying information - creating a copy of existing information on another medium, i.e. transfer of information to another medium separate from the computer while maintaining unchanged original information, reproduction of information in any material form: by hand, by photographing text from the display screen, as well as reading information by intercepting computer radiation, etc.
5) disruption of the operation of a computer, computer system and their network - disruption of the operation of the program, leading to the impossibility of obtaining the required result from it in full or obtaining it with distortions of any kind, as well as the receipt of side results resulting from violation of the established rules of its operation . Computer disruption may result from: a) damage to computer information in the proper sense of the term; b) software failure; c) violation of the integrity of the hardware on which this software is implemented; d) damage to communication systems. In this case, we are talking not only about difficulties directly related to manipulations in the computer memory, but also about interference appearing on the display screen when printing and copying computer information, as well as on all kinds of peripheral devices and equipment control sensors Commentary on the Criminal Code of the Russian Federation Federation (item-by-item) / A.A. Ashin, A.P. Voitovich, B.V. Volzhenkin and others; edited by A.I. Chuchaeva. — 2nd ed., revised, revised. and additional - M.: CONTRACT, INFRA-M, 2010. - P. 534..
The crime is completed from the moment any of these consequences occur. When establishing a causal relationship between unauthorized access and the onset of harmful consequences, it should be borne in mind that in computer systems destruction, blocking and other disruptions to the operation of the computer are possible as a result of technical malfunctions or errors in the functioning of hardware and software. In these cases, the person who has committed unlawful access to computer information is not subject to liability under this article due to the absence of a causal connection between his actions and the consequences.
The subjective side of the crime in question is characterized by guilt in the form of intent or negligence.
The general subject of the crime is a sane person who has reached the age of sixteen.
Thus, the basic concept in this norm is the term “access”. It is taken from professional terminology; from the point of view of semantic characteristics, it would be more accurate to talk about “penetration”. This refers to unlawful penetration (intrusion) into legally protected information located in computer memory, in computer media, or circulating through communication channels in a computer system or network. When determining the direct object and subject of the attack, it is important to remember that a computer (computer) is a computing machine in which mathematical, logical and other operations are carried out at very high speed by automatic devices using the interaction of elementary electrical charges - electrons. It follows that an attack on information (schemes, records, printouts, etc.) intended for the formation of computer information, but not yet transferred in machine language to a medium, is not a crime in the sense of Art. 272 of the Criminal Code of the Russian Federation. Another thing is that, depending on specific circumstances, these attacks can be qualified, for example, as a violation of privacy (Article 137 of the Criminal Code of the Russian Federation), violation of copyright, invention, patent rights (Articles 146, 147 of the Criminal Code of the Russian Federation), illegal obtaining of information , constituting commercial, tax or banking secrets (Article 183 of the Criminal Code of the Russian Federation), etc.
unauthorized access computer crime
2. Features of the investigation and judicial practice
When investigating illegal access to computer information, the circumstances of the offense are established in the following order:
1) fact of illegal access to information in a computer system or network;
2) the location of unauthorized entry into this system or network;
3) time of commission of the crime;
4) method of unauthorized access;
5) degree of reliability of computer information protection means;
6) persons who committed unlawful access, their guilt and motives for the crime;
7) harmful consequences of the crime.
The following situations of starting an investigation are typical for the crimes under consideration:
1) the owner of the computer system discovered a violation of its integrity and (or) confidentiality, identified the culprit and reported the incident to law enforcement agencies;
2) the owner independently identified the violations mentioned, but was unable to identify the intruder and reported the incident;
3) information about a violation of the integrity and (or) confidentiality of information and the guilty party became known or was directly discovered by the competent authority, the owner of the computer system hides this fact;
4) a law enforcement agency has detected signs of an illegal intrusion into a computer system, the culprit and the owner of the information are unknown.
The fact of illegal access to information is usually discovered by users of a computer system or network. Such facts are sometimes established during the operational investigative activities of internal affairs bodies, the FSB of Russia, and the Federal Drug Control Service of Russia. They can also be identified during prosecutorial checks, audits, forensic examinations, and investigative actions in cases under investigation.
Signs of unauthorized access or preparation for it may include:
1) the appearance of distorted data on the computer;
2) long-term failure to update codes, passwords and other security measures of the computer system;
3) an increase in the number of computer failures;
4) increased complaints from users of a computer system or network.
Such facts may be preceded or accompanied by:
1) carrying out overtime work without the need;
2) unmotivated refusals of individual employees servicing a computer system or network to take their next vacation;
3) acquisition by an employee of an expensive computer for personal use;
4) flash cards or disks brought to work by one of the computer system employees under the pretext of copying programs for computer games;
5) increasing cases of overwriting individual data without serious reasons;
6) the unreasonable interest of some employees in the contents of other people's printer printouts;
7) repeated entry of the same information into the computer, etc.
It is also necessary to find out the signs of unauthorized access, expressed in deviations from the established procedure for processing documents. This means: violations of the accepted rules for drawing up documents and producing machine diagrams; extra documents prepared for computer processing; discrepancy between the information contained in the primary documents and the machine data; deliberate loss or destruction of primary documents and computer storage media, distortion of their registration data. It should, however, be remembered that the listed signs can be the result not only of abuse, but also of other reasons, such as staff negligence, accidental errors and computer failures Kozubenko Yu.V. Copyright protection of computer programs in criminal, administrative and civil proceedings: Monograph. - M.: Wolters Kluwer, 2009. - P. 53..
It is difficult to establish the location of unauthorized entry into a computer system or network, since there may be several such locations. In practice, the location of illegal access to computer information for the purpose of stealing funds is more often discovered, but for this it is also necessary to identify all places of operation of computers that have a single telecommunications connection.
It is much easier to establish this location when unauthorized access to a single computer is being investigated. But even here it is necessary to take into account that information on computer media can be stored in other premises. It is many times more difficult to determine the place of direct use of technical means of remote unauthorized access that are not part of a given computer system or network. It is necessary to involve appropriate specialists in its establishment. It is also necessary to find out the location of storage of information on computer media obtained by the criminal as a result of unauthorized access to a computer system or network.
The time of unauthorized access can be determined using system-wide programs. When the computer is running, they usually record the current time. If this program is functioning, then in the event of an unauthorized login to a system or network, the time spent on the computer of any user and the execution of a specific operation is automatically recorded in RAM. Then the time of unauthorized access can be determined during an investigative examination of the computer, its printouts or floppy disks, carried out with the participation of a specialist, so that the information located in the computer’s RAM or on the disk is not accidentally erased. For example, employees of the information and analytical centers of the Ministry of Internal Affairs of Russia, the Main Internal Affairs Directorate, and the Department of Internal Affairs of the constituent entities of the Russian Federation can act as specialists. Budakovsky D.S. Methods of committing crimes in the field of computer information // Russian investigator. - 2011. - No. 4. - P. 3..
The time of unauthorized access is also established by questioning witnesses from among the employees of this computer system. It is found out exactly when each of them worked on the computer, if this was not recorded automatically.
It is more reliable to establish the method of unauthorized access by performing a forensic information and technical examination. The expert is asked the question: “How was unauthorized access to this computer system achieved?” To do this, the expert needs to provide all the design documentation for the hacked computer system, as well as information about its certification. When carrying out such an examination, it is impossible to do without using computer equipment from the same system that the criminal hacked, or special hardware and software.
In some cases, an investigative experiment is advisable to test the possibility of overcoming the security measures of a computer system using one of the proposed methods. At the same time, the possibility of confidential information appearing on the display screen or being printed due to erroneous, unintentional actions of the operator or an accidental technical failure in the operation of electronic equipment can be checked.
Investigative practice shows that the more technically complex the method of penetration into a computer system or network, the easier it is to identify a suspect, since the circle of specialists with the appropriate abilities is very limited.
Proving the guilt of a particular subject in unauthorized access to computer information is facilitated by the use of various traces detected during inspection of the computer and its components. These are, for example, fingerprints, notes on the outer packaging of floppy disks, etc. For their examination, forensic examinations are assigned: fingerprinting, handwriting, etc.
To identify the persons responsible for ensuring proper access to a computer system or network, you should first familiarize yourself with the job descriptions that define the powers of employees responsible for protecting confidential information. They need to be interrogated to find out who launched the abnormal program and whether this was recorded in any way. It is also necessary to find out who is particularly interested in programming, is studying or has studied in programming courses, and is interested in information security systems Begishev I.R. Crimes in the sphere of circulation of digital information // Information law. - 2010. - No. 2. - P. 19..
At the final stage of the investigation, a holistic understanding of the circumstances that facilitated unauthorized access to computer information is formed. What is important here is a consistent study of various documents, especially those related to information security. The materials of the departmental (office) investigation are very significant.
These circumstances include:
1) ineffectiveness of methods for protecting computer information from unauthorized access;
2) combining the functions of software development and operation within one structural unit;
3) non-use in the technological process of all available means and procedures for recording operations, program actions and maintenance personnel;
4) violation of the terms for changing user passwords, as well as the terms for storing copies of programs and computer information.
In investigative practice, mistakes are often made when qualifying an illegal connection to the Internet. Investigators often unreasonably refuse to initiate a criminal case or terminate the proceedings due to the fact that information on the Internet is publicly available, does not have a specific owner, and therefore is not protected by law, i.e. cannot be the subject of a criminal attack.
Thus, Z. carried out illegal penetration into the Internet computer network using a server under a name and password and copied files, on the basis of which the investigator justifiably opened a criminal case under Part 1 of Art. 272.
During the investigation, Z.’s actions did not establish any signs of a crime under Art. 272 of the Criminal Code of the Russian Federation, since the information contained in unprotected files of the Internet computer network, accessed by Z., is not computer information protected by law and does not have a specific owner. In this regard, the proceedings in this case were terminated for lack of evidence of a crime.
It seems that the proceedings in this case were terminated unreasonably, since the investigator did not fully work out the version of unlawful access to legally protected computer information located on the server, which led to its blocking, which also falls under the elements of a criminal offense.
The information located on the server that provides access to the Internet contains lists of registered users who gain access through this server and their passwords. Such information is based on clause 5 of the Decree of the President of the Russian Federation “On approval of the list of confidential information”, clause 1 of Art. 139 of the Civil Code of the Russian Federation is a trade secret and is protected by law.
Unauthorized access to information that provides access to the Internet leads to blocking - the creation of inaccessibility, the impossibility of using it while preserving the information itself, since the officially registered user was deprived of the opportunity to use it to access the Internet.
The above indicates the presence of sufficient data indicating that Z. committed actions containing signs of a crime under Part 1 of Art. 272 of the Criminal Code of the Russian Federation - unlawful access to information protected by law, resulting in its blocking.
In November 2008, the Regional Department of Internal Affairs of the Moscow Region opened a criminal case into unlawful access to legally protected computer information in the cash registers of a private enterprise in Pavlovsky Posad.
The investigation carried out in the case established that in the period from July to November 2008, the head of the private enterprise of the city of Pavlovsky Posad, Moscow region, T., by prior conspiracy in a group with K., acting with her with the same intent in order to conceal income from taxation, every day from 17 until 19 o'clock in the trading tents of the state of emergency they connected a specially made homemade device in the form of a microcomputer into the sockets of two cash registers, which are a type of electronic computer, providing access to computer information about financial transactions carried out through the cash registers during the current shift. After connecting the device to cash registers and unlawful access to legally protected computer information in the buffer memory of cash registers, all information about previous financial transactions performed during the current shift was destroyed, including information about the purchase number and the total amount of revenue for current shift. Having destroyed and modified the information in the buffer memory of the cash registers during the specified time, both retail outlets continued their work, accumulating information in the buffer memory about the financial transactions performed until the end of the current shift, that is, until 21 o'clock, after which it was controlled into the fiscal memory - cash registers entered changed, underestimated data on the amount of revenue per shift.
Thus, T. and K. committed unlawful access to legally protected computer information, i.e. information on computer media, in an electronic computer (in accordance with the technical passport, a cash register is considered a computer), and this act, committed by a group of persons by prior conspiracy, resulted in the destruction and modification of information.
Concluding our consideration of the features of the investigation of computer crimes, we note that in addition to the relatively general problems identified, the investigation often faces numerous rather complex particular issues (procedural, technological, etc.). However, it is not possible to discuss them here. Let us only add that the effective resolution of a number of problems in the investigation of these crimes is facilitated by the reasonable use of operational investigative methods and means in the information space of global networks. In addition, increasing the efficiency of investigation of computer crimes and criminal prosecution in cases of this category increasingly depends on the appropriate professional training of investigators, operatives, prosecutors, and judges.
Conclusion
The public danger of crimes in the field of computer information is that unlawful access to information, resulting in its destruction, blocking, modification, copying, disruption of the operation of computers, their systems and networks, can disrupt the activities of various systems for automated control and management of life support facilities, energy, defense, transport, entail not only significant material damage, but also harm to human health and death.
Crime in the sphere of high technologies (cybercrime) is a serious threat to the national security of the Russian Federation. It has acquired the character of transnational organized crime, as noted in the Bangkok Declaration following the results of the XI UN Congress in 2005.
Access to information means the ability to obtain information and use it (acquiring and using the ability to view, receive, enter, change or destroy information or influence the process of its processing, dispose of information). Methods of access are not defined by the legislator, and they can be different - theft of a storage medium, penetration into someone else's information system, reading, scanning, interception, hacking of a security system using special hardware or software, entering false information, a false password, illegal use of a valid password , code, etc.
A generalization of the experience of law enforcement agencies gives grounds to believe that the tactics for solving and investigating the crimes under analysis should be based on the characteristics of emerging investigative situations. Among these features we highlight:
1) the need to attract special knowledge when conducting a significant part of investigative actions and operational investigative activities;
2) significant “intellectual” resistance to the investigation on the part of the criminal;
3) a significant amount of data (discovered primarily in electronic form) that needs to be studied during the investigation;
4) lack of time and dynamic situation in the network environment, which are determined by the short-term existence and high variability of certain types of evidence located in electronic form.
These features lead to the need to immediately collect all information related to the crime and stored in computer systems. Of course, the tactics of the investigation are largely determined by the type of computer crime. However, for most of these crimes, the tasks of the initial stage of the investigation come down to obtaining data confirming the fact of the commission of a crime, seizing and attaching relevant evidence to the case, and determining the prospects for obtaining additional information from employees of the facility. It is also important to examine the object for the reliability of computer information protection and identify the circumstances that contributed to the commission of the crime. Of particular importance are measures to determine the source (network address) of illegal actions and identify the suspects. The successful implementation of these activities is facilitated by the study of evidence indicating the target orientation and alleged motives of illegal actions, the level of qualification of the criminal, his use of special tools, and knowledge of the peculiarities of organizing information security at a network facility. Based on the data received, the investigator forms his own opinion about the direction of further investigation and develops an action plan for prompt verification of the information received. Of course, the proposed sequence of actions should not be considered as a strictly defined algorithm.
List of used literature
1. Criminal Code of the Russian Federation dated June 13, 1996 No. 63-FZ (as amended on July 21, 2011) (as amended and supplemented, coming into force on August 7, 2011) // SZ RF. - 1996. - No. 25. - Art. 2954.
2. Federal Law of July 27, 2006 No. 149-FZ “On Information, Information Technologies and Information Protection” (as amended on April 6, 2011, as amended on July 21, 2011) // SZ RF. - 2006. - No. 31 (1 part). — St. 3448.
3. Law of the Russian Federation of July 21, 1993 No. 5485-1 “On State Secrets” (as amended on July 18, 2011) // SZ RF. - 1997. - No. 41. - Art. 8220 - 8235.
4. Begishev I.R. Crimes in the sphere of circulation of digital information // Information law. - 2010. - No. 2. - P. 18 - 21.
5. Budakovsky D.S. Methods of committing crimes in the field of computer information // Russian investigator. - 2011. - No. 4. - P. 2 - 4.
6. Kozubenko Yu.V. Copyright protection of computer programs in criminal, administrative and civil proceedings: Monograph. - M.: Wolters Kluwer, 2009. - 344 p.
7. Commentary on the Criminal Code of the Russian Federation (article-by-article) / A.A. Ashin, A.P. Voitovich, B.V. Volzhenkin and others; edited by A.I. Chuchaeva. — 2nd ed., revised, revised. and additional - M.: CONTRACT, INFRA-M, 2010. - 1032 p.
8. Commentary on the Criminal Code of the Russian Federation (article-by-article) / Yu.V. Gracheva, G.A. Esakov, A.K. Knyazkina and others; edited by G.A. Esakova. - M.: Prospekt, 2010. - 480 p.
9. Commentary on the Criminal Code of the Russian Federation (article-by-article) / A.V. Brilliantov, G.D. Dolzhenkova, Ya.E. Ivanova and others; edited by A.V. Brilliantova. - M.: Prospekt, 2010. - 1392 p.
10. Kochoi S.M. Criminal law. General and Special parts: short course. - M.: CONTRACT, Wolters Kluwer, 2010. - 416 p.
11. Magomedov A.A., Minkovsky G.M., Revin V.P. Criminal law of Russia. Special part: textbook / ed. V.P. Revina. — 2nd ed., rev. and additional - M.: Justitsinform, 2009. - 392 p.
12. Rassolov I.M. Law and the Internet. Theoretical problems. — 2nd ed., add. - M.: Norma, 2009. - 384 p.
Qualifying features
The first and most important qualifying feature is that this crime was not committed alone. That is, as a rule, a group of people .
In this case, liability will apply to each participant in the crime.
Preliminary conspiracy is also a sign that makes the punishment more severe.
Committing a crime not chaotically, but by an organized group will increase the punishment even more.
If you committed a crime using your official position , take the trouble to part with it for many years and not be able to occupy it in the future .
Unauthorized access to legally protected computer information
Unfortunately, not only private , but also government information . Its distribution poses greater problems than the distribution of private materials.
In the case of such an act, the punishment will be the same as in Article 272 of the Criminal Code of the Russian Federation , however, due to the violation of state secrets, the fine will most likely be replaced by a longer detention of the offender in custody.
Unfortunately, the information protection systems of various countries fail , so the leaders of countries should probably think about the fact that a computer is not the safest place to store vital data.
Unlawful access to computer information (Article 272 of the Criminal Code of the Russian Federation)
generic object
is public safety.
Species object -
Information Security.
Direct object
stands for information security of specific computer information.
Item -
computer information.
Computer information refers to information (messages, data) presented in the form of electrical signals, regardless of the means of their storage, processing and transmission.
Objective side
is expressed in three mandatory characteristics: the act is unlawful access to legally protected computer information, etc. information on computer media, in an electronic computer (computer), a computer system or their network, consequences in the form of destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network and the causal relationship between the act and the resulting consequences.
A computer (electronic computer) is a complex of electronic devices that allows you to perform operations prescribed by the program and/or user (sequence of actions for processing information and controlling devices) on symbolic and figurative information, including its input/output, destruction, copying, modification, transfer of information to computer networks and other information processes.
Computer system - complexes in which at least one computer is an element of the system or several computers make up the system2.
A computer network is a set of interconnected and distributed over any territory of computer centers and/or computers, computer systems, oriented toward the collective use of network-wide resources, in which computer centers and/or computers are interconnected by external communication lines that ensure the exchange of information between them.
Information protected by law is information of any kind (information, knowledge or set of commands) for using or managing a computer, presented in a special (machine) form, intended and suitable for its automated processing, storage and transmission, located on computer media, the procedure for handling which is established by its owner (owner).
Unlawful access to computer information - unauthorized access by the owner of the information to a person with data contained on computer media or in a computer.
Destruction of information involves the commission of actions as a result of which it is lost without the possibility of its recovery.
Blocking information is an artificial difficulty (creating obstacles) for users to access computer information, not related to its destruction3.
Modification of information is the introduction of any changes into it that cause it to differ from that which was entered into the system and owned by the owner of the information resource4.
Copying information is the repetition and stable imprinting of it by any means on a computer medium other than the original, while simultaneously preserving the characteristics that identify it5.
The composition is material by design and is considered complete from the moment the consequences occur.
The subjective side is characterized by an intentional form of guilt and is expressed in a direct or indirect form of intent.
Subject is a natural, sane person over 16 years of age. Qualified type , Part 2, Art. 272 of the Criminal Code of the Russian Federation provides for criminal liability for unlawful access to computer information that caused major damage or was committed out of selfish interest.
Particularly qualified type , Part 3, Art. 272 of the Criminal Code of the Russian Federation provides for criminal liability for unlawful access to computer information committed by a group of persons by prior conspiracy or by an organized group or by a person using his official position, as well as having access to a computer, a computer system or their network.
Type of exceptional severity, part 4 art. 272 provides for criminal liability for acts provided for in parts 1, 2, 3 of this article if they entailed grave consequences or created the threat of their occurrence.
use and distribution of malicious computer programs
(Article 273 of the Criminal Code of the Russian Federation)
The generic object is public safety.
The type object is information security.
The immediate object is the information security of specific computer information.
The subject is a malicious computer program.
A malicious program for a computer is a program that leads to unauthorized destruction, blocking, modification or copying of information, disruption of the operation of computers, their systems or networks.
The objective side is expressed in an act in the form of active actions: the creation, distribution or use of computer programs or other computer information, obviously intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of computer information protection means.
Creation involves the development of computer programs or other computer information knowingly intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of computer information protection measures.
Use - the use of computer programs or other computer information knowingly intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of computer information security measures.
Distribution means alienating them in any way.
Compound
by design
it is formal
and is considered completed from the moment the act is committed. Some scientists consider this composition to be truncated1.
The subjective side
is characterized by a deliberate form of guilt and is expressed in the direct form of intent.
Subject
- a natural, sane person who has reached 16 years of age.
Qualified View
Part 2 Art. 273 of the Criminal Code of the Russian Federation provides for criminal liability for acts provided for in Part 1 of this article, committed by a group of persons by prior conspiracy or by an organized group or by a person using his official position, as well as those that caused major damage or were committed out of selfish interest.
Major damage—over 1 million rubles.
Particularly qualified species
Part 3 of the Criminal Code of the Russian Federation provides for criminal liability for acts provided for in Part 1 or Part 2 of this article if they entailed grave consequences or created a threat of their occurrence.
Violation of the rules for operating means of storing, processing or transmitting computer information and information and telecommunication networks (Article 274 of the Criminal Code of the Russian Federation)
generic object
is public safety.
The type object
is information security.
The immediate object
is the information security of specific computer information.
Subject:
computer information.
Objective side
is expressed in three mandatory characteristics: the act is a violation of the rules for operating means of storing, processing or transmitting protected computer information or information and telecommunication networks and terminal equipment, as well as the rules of access to information and telecommunication networks, consequences in the form of destruction, blocking, modification or copying of computer information that caused major damage, and the causal connection between the act and the consequences that occurred. Major damage—an amount exceeding 1 million rubles.
Compound
material
by design and is considered completed from the moment the consequences occur.
Subjective side
characterized by a deliberate form of guilt and expressed in direct or indirect form of intent.
Subject
- a natural, sane person who has reached 16 years of age.
Qualified View
Part 2 Art. 274 of the Criminal Code of the Russian Federation provides for criminal liability for the act provided for in Part 1 of this article if it entailed grave consequences or created a threat of their occurrence.
generic object
is public safety.
Species object -
Information Security.
Direct object
stands for information security of specific computer information.
Item -
computer information.
Computer information refers to information (messages, data) presented in the form of electrical signals, regardless of the means of their storage, processing and transmission.
Objective side
is expressed in three mandatory characteristics: the act is unlawful access to legally protected computer information, etc. information on computer media, in an electronic computer (computer), a computer system or their network, consequences in the form of destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network and the causal relationship between the act and the resulting consequences.
A computer (electronic computer) is a complex of electronic devices that allows you to perform operations prescribed by the program and/or user (sequence of actions for processing information and controlling devices) on symbolic and figurative information, including its input/output, destruction, copying, modification, transfer of information to computer networks and other information processes.
Computer system - complexes in which at least one computer is an element of the system or several computers make up the system2.
A computer network is a set of interconnected and distributed over any territory of computer centers and/or computers, computer systems, oriented toward the collective use of network-wide resources, in which computer centers and/or computers are interconnected by external communication lines that ensure the exchange of information between them.
Information protected by law is information of any kind (information, knowledge or set of commands) for using or managing a computer, presented in a special (machine) form, intended and suitable for its automated processing, storage and transmission, located on computer media, the procedure for handling which is established by its owner (owner).
Unlawful access to computer information - unauthorized access by the owner of the information to a person with data contained on computer media or in a computer.
Destruction of information involves the commission of actions as a result of which it is lost without the possibility of its recovery.
Blocking information is an artificial difficulty (creating obstacles) for users to access computer information, not related to its destruction3.
Modification of information is the introduction of any changes into it that cause it to differ from that which was entered into the system and owned by the owner of the information resource4.
Copying information is the repetition and stable imprinting of it by any means on a computer medium other than the original, while simultaneously preserving the characteristics that identify it5.
The composition is material by design and is considered complete from the moment the consequences occur.
The subjective side is characterized by an intentional form of guilt and is expressed in a direct or indirect form of intent.
Subject is a natural, sane person over 16 years of age. Qualified type , Part 2, Art. 272 of the Criminal Code of the Russian Federation provides for criminal liability for unlawful access to computer information that caused major damage or was committed out of selfish interest.
Particularly qualified type , Part 3, Art. 272 of the Criminal Code of the Russian Federation provides for criminal liability for unlawful access to computer information committed by a group of persons by prior conspiracy or by an organized group or by a person using his official position, as well as having access to a computer, a computer system or their network.
Type of exceptional severity, part 4 art. 272 provides for criminal liability for acts provided for in parts 1, 2, 3 of this article if they entailed grave consequences or created the threat of their occurrence.
use and distribution of malicious computer programs
(Article 273 of the Criminal Code of the Russian Federation)
The generic object is public safety.
The type object is information security.
The immediate object is the information security of specific computer information.
The subject is a malicious computer program.
A malicious program for a computer is a program that leads to unauthorized destruction, blocking, modification or copying of information, disruption of the operation of computers, their systems or networks.
The objective side is expressed in an act in the form of active actions: the creation, distribution or use of computer programs or other computer information, obviously intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of computer information protection means.
Creation involves the development of computer programs or other computer information knowingly intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of computer information protection measures.
Use - the use of computer programs or other computer information knowingly intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of computer information security measures.
Distribution means alienating them in any way.
Compound
by design
it is formal
and is considered completed from the moment the act is committed. Some scientists consider this composition to be truncated1.
The subjective side
is characterized by a deliberate form of guilt and is expressed in the direct form of intent.
Subject
- a natural, sane person who has reached 16 years of age.
Qualified View
Part 2 Art. 273 of the Criminal Code of the Russian Federation provides for criminal liability for acts provided for in Part 1 of this article, committed by a group of persons by prior conspiracy or by an organized group or by a person using his official position, as well as those that caused major damage or were committed out of selfish interest.
Major damage—over 1 million rubles.
Particularly qualified species
Part 3 of the Criminal Code of the Russian Federation provides for criminal liability for acts provided for in Part 1 or Part 2 of this article if they entailed grave consequences or created a threat of their occurrence.
Violation of the rules for operating means of storing, processing or transmitting computer information and information and telecommunication networks (Article 274 of the Criminal Code of the Russian Federation)
generic object
is public safety.
The type object
is information security.
The immediate object
is the information security of specific computer information.
Subject:
computer information.
Objective side
is expressed in three mandatory characteristics: the act is a violation of the rules for operating means of storing, processing or transmitting protected computer information or information and telecommunication networks and terminal equipment, as well as the rules of access to information and telecommunication networks, consequences in the form of destruction, blocking, modification or copying of computer information that caused major damage, and the causal connection between the act and the consequences that occurred. Major damage—an amount exceeding 1 million rubles.
Compound
material
by design and is considered completed from the moment the consequences occur.
Subjective side
characterized by a deliberate form of guilt and expressed in direct or indirect form of intent.
Subject
- a natural, sane person who has reached 16 years of age.
Qualified View
Part 2 Art. 274 of the Criminal Code of the Russian Federation provides for criminal liability for the act provided for in Part 1 of this article if it entailed grave consequences or created a threat of their occurrence.
What punishment and responsibility are provided?
If the crime does not have qualifying features, then things are simple. Most likely, the court will issue a verdict to impose a penalty equal to a fine in the amount, as a rule, of up to 200 thousand rubles or in the amount of one or even several payments for your labor .
Imprisonment for a short period of time may also be used , rather for educational purposes and correctional work . In the case of crimes that include qualifying acts, the punishment increases in proportion to the harm caused.
Judicial practice under Article 272 of the Criminal Code of the Russian Federation:
- Decision of the Supreme Court: Determination N 78-O10-129SP, Judicial Collegium for Criminal Cases, cassation. The court's conclusions in this part are sufficiently motivated in the verdict and are correct. Therefore, the grounds for reclassifying Ganzhuly’s actions under Art. 272 part 2 of the Criminal Code of the Russian Federation, as the question is raised in the cassation appeal of his lawyer, is not available...
- Decision of the Supreme Court: Determination N 89-O08-88, Judicial Collegium for Criminal Cases, Cassation Believes that the information about administrative offenses in the AIPS did not fall into the category protected by law, therefore he was unreasonably convicted under Art. 272 of the Criminal Code of the Russian Federation; • similar arguments and requests are contained in the cassation appeal of lawyer V.I. Kokorina. in defense of Slepchukov’s interests. In objections to the cassation appeals of the convicts and their lawyers, state prosecutor Pike L.S. asks them to leave them unsatisfied...
- Decision of the Supreme Court: Determination N VAS-3933/12, Collegium for Civil Legal Relations, supervision Objecting to the satisfaction of the claim, the entrepreneur referred to the verdict of the Novokubansky District Court of the Krasnodar Territory dated 02/09/2011, which entered into legal force, by which citizen A.E. Volynsky was found guilty of Part 1 of Article 272 of the Criminal Code of the Russian Federation (illegal access to computer information during the disputed period through the use of an entrepreneur’s login and password obtained illegally, and illegal consumption of Internet traffic in the amount of 225,086 rubles 89 kopecks...
Example 1
In 2013, a representative of the Kashlin Regional Office of Federal Postal Services (RUFPS) contacted the police department with a statement. The essence of the statement was the suspicion of a computer virus being introduced into the system of the Kashlinsky RUFPS.
During the inspection, it was established that citizen F., working as an employee of the IT department at the Kashli Meat Processing Plant, copied a Trojan horse malicious program from the Internet on his office computer. Citizen F. sent this program in the form of a text message to the email address of the RUFPS and when opening the message, the Trojan horse program worked and the suspect took possession of information protected by law, namely the login and password for connecting to the Internet.
Thus, by his deliberate actions, citizen F. committed a crime under Art. 272 part 2 of the Criminal Code of the Russian Federation - unlawful access to computer information, as well as part 1 of Art. 165 of the Criminal Code of the Russian Federation – causing property damage by deception or abuse of trust.
Based on the results of the investigation, taking into account all the circumstances, the case was sent to the district court, which sentenced the accused to one year and six months of imprisonment to be served in a general regime colony, as well as a fine of 50 thousand rubles.
Example 2
In 2022, citizen I. addressed the police department with a statement; the essence of the statement was the impossibility of accessing the personal page of the VKontakte social network. Contacting the technical support of the VKontakte website had no result.
During the inspection, it was established that the password was deliberately changed by citizen A., a close friend of the injured citizen I. Due to jealousy, she wanted to know about the personal correspondence of citizen I. and in the process of communication she spied the password from the VKontakte social network account registered on him. After which, citizen A. logged into this social network at night through an account registered to citizen I., changed the login password for the page, got acquainted with the personal correspondence of citizen I., deleted all the photos on the page of citizen I., except the one shared with citizen A., making sure In honor of citizen I., citizen A. left the account of citizen I.
Since deliberately changing someone else's access password contains the crime of Article 272, a criminal case was initiated.
The criminal case was dropped due to the fact that the victim and the defendant reached a reconciliation.
If citizen I. refused reconciliation, the court could sentence citizen A. to a fine of up to 200 thousand rubles, or to imprisonment for one year.
Example 3
In the proceedings of the Investigative Committee of the Investigative Directorate of the Ministry of Internal Affairs of Russia for the Lipetsk Region there was criminal case No. 1, initiated on June 1, 2022 in relation to the elements of a crime under Part 1 of Art. 272 of the Criminal Code of the Russian Federation.
During the preliminary investigation, it was established that unknown persons on March 1, 2022, using the social network Odnoklassniki, illegally accessed a page belonging to gr. Ivanov N.G., living at the address: Birobidzhan region, r.p. Alarm, st. Pushkina, 3, apt. 2, after which, on behalf of this citizen, they sent spam to the list of “friends” from IP addresses that were assigned to the address: Ryazan region, Perelet, st. Nedolet, 78, apt. 124, that is, through their actions, unknown persons gained unlawful access to legally protected computer information, which resulted in the blocking and modification of said computer information.
Based on the results of the investigation, taking into account all the circumstances, the case was sent to the Lipetsk District Court, which sentenced the accused to one year and three months of suspended imprisonment.
Theft of information.Theft of information on the Internet is any unauthorized acquisition of confidential user information on the World Wide Web.
Confidential means any closed official and personal information: bank account numbers, credit cards, access codes for documents and payment programs, personal (addresses, telephone numbers...) and account (logins, passwords...) data.
As a rule, data theft occurs when a user’s computer is “hacked” by attackers or it is infected with Trojan programs introduced when receiving mail and visiting Internet resources. Since this happens unnoticed by the user, data loss is usually noticed after some time, and even then by chance - without discovering a significant amount in your account. Any computer owner should remember: protecting information on the Internet is the user’s primary task when working on the network.
How to protect your information? To do this, it is enough to comply with several requirements:
- install an antivirus program on your computer
- protect your network (set a security key or password)
- use a firewall when working
- do not click on suspicious links, do not open spam
- do not save accounts (logins, passwords) in the browser
- do not share your personal information with anyone
We list the most common types of information theft:
Phishing.
Phishing (from the English phishing - fishing) is a type of Internet fraud, the purpose of which is to gain access to confidential user data: logins, passwords, PIN codes, account numbers...
Phishing is a special type of computer fraud. The phishing attacks used in this case are organized by criminals as follows. First, scammers create a fake website that copies the real website of a bank or organization that makes financial payments over the Internet. The attackers then try to trick the user into visiting the fake website and entering their information. For example: registration name, password, PIN code... Using them, attackers steal money from the accounts of gullible users who have fallen for their bait.
To attract users to a fake site, cybercriminals usually use mass mailings of emails that look like they were sent by a bank or other real-life institution. Clicking on the link in the message takes you to a fake website that asks you to enter your credentials. Phishing messages often use the same logos and design as letters from a real bank, as well as links similar to the bank’s real address on the Internet. In addition, the message may contain your name, as if it were actually addressed to you personally. Scammers' letters usually provide a plausible reason, requiring you to enter your information on the bank's website. For example: there was a computer failure in the account storage system or the structure of working with the database changed, and therefore all clients need to re-enter their personal data.
Vishing.
Vishing (vishing = voice + phishing – voice fishing) is a type of Internet fraud, the purpose of which is to gain access to confidential user data using a telephone.
By and large, this is a type of phishing and differs from it in that vishing involves a phone in one way or another. Vishing technology consists of using “war diallers” (auto dialers) and Internet telephony (VoIP) capabilities to steal confidential data for personal gain. Potential victims receive service messages to their email address on behalf of “well-known organizations”, which ask them to call a specific city number. When you call, you are asked to provide them with your confidential data using touch tone. By entering his credit card number, password or PIN code through a mobile phone, the victim gets rid of the amount on it forever.
Spoofing.
Spoofing or IP spoofing (from the English spoof - deception, imitation) is a type of network attack in which a hacker inside or outside an organization impersonates an authorized user. Used to bypass access control systems based on IP addresses, as well as to disguise false sites as their legitimate counterparts.
It is known that any protection system such as Firewall allows only certain IP addresses to “live” in the connection. Today this is one of the serious obstacles to network penetration. Cyber criminals have found a method to overcome the barrier that is stopping them. To do this, hackers first figure out which IP addresses pass through the firewall, and then use one of the addresses they calculated as their own and thus gain access to the system. Take my word for it that by penetrating a closed network, you can often collect so much confidential data that its use for fraudulent purposes is limited only by your imagination.
Pharming.
Pharming (from the English pharming = phishing + farming) is a type of Internet fraud that allows you to change DNS records or entries in the HOSTS file to carry out a hidden attack.
This is done as follows. The attacker distributes special malicious programs to users’ computers, which, once launched, redirect requests to specified sites to fake sites. When a user visits a page that is legitimate from their point of view, they are redirected to a fake page created to collect confidential information. Most often, such pages replace the pages of financial institutions and banks, both offline and online.
Thus, with the help of pharming, high secrecy of the attack is ensured, and user participation is minimized - it is enough to wait until he decides to visit the resources of interest to the attacker. Malware that implements a pharming attack uses two main techniques for redirection: manipulating the HOSTS file and changing DNS information.
return