Over the past 10 years, criminals have been actively moving online, using the information benefits of humanity for personal gain at someone else's expense. Despite the fact that the Internet appeared back in 1969, and the debut crime in the information environment occurred 20 years later, but in no less distant 1989, it is still not always possible to identify cybercrime. So far, there is no classification of IT crimes in the legal field.
Every year, there are more and more ways and areas of crimes committed in the information space. Cybercrime is not only the banal hacking of devices or the introduction of malicious software, but also the dissemination of certain illegal information, as well as, for example, extortion committed using a computer program. But at the same time, as amended by the Criminal Code of the Russian Federation, the code does not contain a separate article and penalties for theft of personal information.
The consequences of cybercrime can be quite different from a short-term failure of the site, to inciting ethnic hatred or losing a fortune.
In this article, we will tell you how the legislation on IT crimes works today, what cybercrimes that at first glance are not related to IT, and why there are so many names for illegal actions in the field of information technology.
Cybercrime statistics for 2022 show that in 95% of cases, an attacker manages to achieve his goal due to the human factor, carelessness and gullibility of people.
In May of this year, Temirlan Salikhov, a representative of the criminalistics center of the Investigative Committee of Russia (TFR), reported that 510 thousand crimes involving information technology occurred in 2022, which is 50 times more than in 2014, when their number was 10 thousand.
Chapter 28 of the Criminal Code of the Russian Federation "Crimes in the field of computer information", contains four elements of crimes:
In addition to these articles, there are others related to cybercrime. For example, such articles as fraud with the use of communications (Article 159.6 of the Criminal Code), unauthorized access to computer information (Article 272 of the Criminal Code) or sabotage using information technologies (Article 281 of the Criminal Code).
Today, cybercriminals are most often held under Article 28 of the Criminal Code of the Russian Federation together with other articles, depending on what kind of crime was committed. Their main purpose is to make a profit, so the first place among the types of such crimes are criminal acts of economic orientation:
In the second place in terms of prevalence are crimes aimed at obtaining information of value, as well as personal data of citizens.
In the third place, it is worth noting crimes aimed at disrupting the normal operation of computer networks, servers, and computer programs, both as a result of external influences (hacking, attacks, etc.), and intentional violation of the rules for operating computer programs and equipment in order to create vulnerabilities.
Speaking about the main economic crimes (Articles 159, 160, 163 of the Criminal Code of the Russian Federation) committed using Internet technologies or equipment, today they make up every fourth crime that comes to court, which is more than 120 thousand cases.
It turns out that far from 100% of cybercrimes reach the court. The main reason is the difficulty of identifying criminals in cyberspace. However, some types of cybercrime are still subject to prosecution, especially if they have caused serious damage or violated the law.
According to the Russian Interior Ministry, fraud accounts for about half of all cybercrimes. At the same time, the number of crimes related to bank cards continues to decrease, but those related to electronic money continue to grow. Experts explain this by the fact that the number of services that use electronic payment methods continues to increase, as does the involvement of citizens in the use of these very services.
The following terms can be used by IT market players themselves, lawyers, and other analysts:
And this is not a complete list of epithets that can be used to describe cybercrime. Even if you take two professional specialists in the field of information security, it is highly likely that each of them will name the same crime differently.
Cybercrime can be divided into two broad types. In the first case, the object is the device itself that was attacked, and in the second, the attacked device acts as a springboard for committing the main crime:
Today, according to experts, phishing attacks, DDoS attacks and social engineering are the most common, as they were a few years ago.
According to experts, examples of crimes that may not seem to be related to cyberspace at first glance, but in fact be them, can be the following:
Another example is cyberflashing. This is the distribution of obscene materials using electronic means of communication, such as mobile messaging applications or social networks. For example, a person can send an obscene photo or video to a stranger via a messaging app without their consent. This is a violation of the personal intimate sphere and can be classified as a cybercrime.
Cybercrimes are improving, integrating and developing as rapidly as information technologies themselves. This does not fully and transparently reflect the criminal situation in the IT market. The Russian Interior Ministry has already concluded this year that a quarter of all crimes are somehow committed using IT. But this is not surprising, because the information environment has become an integral part of almost every person's life. Criminals call, write using a network device, search for information on the Internet and, in any case, as in ordinary life, resort to using IT, even if the crime does not concern this area at all.
Every year, there are more and more ways and areas of crimes committed in the information space. Cybercrime is not only the banal hacking of devices or the introduction of malicious software, but also the dissemination of certain illegal information, as well as, for example, extortion committed using a computer program. But at the same time, as amended by the Criminal Code of the Russian Federation, the code does not contain a separate article and penalties for theft of personal information.
The consequences of cybercrime can be quite different from a short-term failure of the site, to inciting ethnic hatred or losing a fortune.
In this article, we will tell you how the legislation on IT crimes works today, what cybercrimes that at first glance are not related to IT, and why there are so many names for illegal actions in the field of information technology.
Statistics
Cybercrime statistics are growing every year, because information technologies are constantly developing. New types of cybercrime and cyber fraud are striking in their ingenuity and force peaceful people to think ahead about protecting their personal data and the company.Cybercrime statistics for 2022 show that in 95% of cases, an attacker manages to achieve his goal due to the human factor, carelessness and gullibility of people.
In May of this year, Temirlan Salikhov, a representative of the criminalistics center of the Investigative Committee of Russia (TFR), reported that 510 thousand crimes involving information technology occurred in 2022, which is 50 times more than in 2014, when their number was 10 thousand.
Criminal Code and cybercrime
At the moment, the Criminal Code of the Russian Federation uses a single wording "crimes in the field of computer information", which covers all offenses related to high technologies. This sector is regulated by Chapter 28 of the Criminal Code of the Russian Federation, which is included in the structure of title IX "Crimes against public safety and public order".Chapter 28 of the Criminal Code of the Russian Federation "Crimes in the field of computer information", contains four elements of crimes:
- Article 272 of the Criminal Code of the Russian Federation. Unauthorized access to computer information;
- Article 273 of the Criminal Code of the Russian Federation. Creating, using, and distributing malicious computer programs;
- Article 274 of the Criminal Code of the Russian Federation. Violation of the rules of operation of means of storing, processing or transmitting computer information and information and telecommunication networks;
- Article 274.1 of the Criminal Code of the Russian Federation. Undue influence on the critical information infrastructure of the Russian Federation.
In addition to these articles, there are others related to cybercrime. For example, such articles as fraud with the use of communications (Article 159.6 of the Criminal Code), unauthorized access to computer information (Article 272 of the Criminal Code) or sabotage using information technologies (Article 281 of the Criminal Code).
Today, cybercriminals are most often held under Article 28 of the Criminal Code of the Russian Federation together with other articles, depending on what kind of crime was committed. Their main purpose is to make a profit, so the first place among the types of such crimes are criminal acts of economic orientation:
- Article 159 of the RF Criminal Code "Fraud";
- Article 163 of the RF Criminal Code "Extortion";
- 183 of the Criminal Code of the Russian Federation "Illegal receipt and disclosure of information constituting a commercial, tax or bank secret".
In the second place in terms of prevalence are crimes aimed at obtaining information of value, as well as personal data of citizens.
In the third place, it is worth noting crimes aimed at disrupting the normal operation of computer networks, servers, and computer programs, both as a result of external influences (hacking, attacks, etc.), and intentional violation of the rules for operating computer programs and equipment in order to create vulnerabilities.
Speaking about the main economic crimes (Articles 159, 160, 163 of the Criminal Code of the Russian Federation) committed using Internet technologies or equipment, today they make up every fourth crime that comes to court, which is more than 120 thousand cases.
It turns out that far from 100% of cybercrimes reach the court. The main reason is the difficulty of identifying criminals in cyberspace. However, some types of cybercrime are still subject to prosecution, especially if they have caused serious damage or violated the law.
According to the Russian Interior Ministry, fraud accounts for about half of all cybercrimes. At the same time, the number of crimes related to bank cards continues to decrease, but those related to electronic money continue to grow. Experts explain this by the fact that the number of services that use electronic payment methods continues to increase, as does the involvement of citizens in the use of these very services.
Multi-faceted cybercrime
Today, the information space uses an endless number of terms related to IT crimes, and many even try to classify them and find the difference between them, but in the science of criminal law, criminology and criminology, there is no single term.The following terms can be used by IT market players themselves, lawyers, and other analysts:
- cybercrime;
- crimes committed using information and communication technologies;
- information crimes;
- IT crimes;
- computer crimes;
- computer-related crimes;
- high-tech crimes;
- information technology crime;
- crimes in the digital space;
- digital crimes;
- digital crime;
- electronic crime.
And this is not a complete list of epithets that can be used to describe cybercrime. Even if you take two professional specialists in the field of information security, it is highly likely that each of them will name the same crime differently.
Cybercrime can be divided into two broad types. In the first case, the object is the device itself that was attacked, and in the second, the attacked device acts as a springboard for committing the main crime:
- Attackers actions are directed at the devices themselves – they introduce viruses, malware, or perform DoS attacks.
- Criminals use the devices to conduct cyber stalking, steal information or online identity, and carry out phishing attacks.
Today, according to experts, phishing attacks, DDoS attacks and social engineering are the most common, as they were a few years ago.
Not obvious cybercrimes
Known to all, traditional cybercrime is just the tip of the iceberg. Given that crimes committed with the use of information technologies include absolutely all violations of the law that were committed using electronic devices and the Internet, as well as other networks, it is difficult to present the entire list of possible crimes.According to experts, examples of crimes that may not seem to be related to cyberspace at first glance, but in fact be them, can be the following:
- "Sexual fraud" or "webcam nightmares". In this case, the attacker fraudulently convinces the victim to undress in front of a webcam, and then blackmails her by threatening to post the video on the Internet.;
- online stalking or cyber stalking, harassment or intimidation carried out through email, social media or other forms of digital communication;
- online distribution of fake news or misinformation. This can include everything from false news that can influence an election, to intentionally spreading false medical information that can lead to public harm.
Another example is cyberflashing. This is the distribution of obscene materials using electronic means of communication, such as mobile messaging applications or social networks. For example, a person can send an obscene photo or video to a stranger via a messaging app without their consent. This is a violation of the personal intimate sphere and can be classified as a cybercrime.
Conclusions
Based on judicial practice and articles on the Internet, both on professional resources and in the general media, it becomes clear that nothing can be accurately stated regarding the classification of cybercrime, cyber fraud, and crimes committed using information technologies. Since all these definitions in the legislative field relate to the same thing. Even if we do not take the legal field into account, then each expert identifies and names certain types of IT crimes in his own way.Cybercrimes are improving, integrating and developing as rapidly as information technologies themselves. This does not fully and transparently reflect the criminal situation in the IT market. The Russian Interior Ministry has already concluded this year that a quarter of all crimes are somehow committed using IT. But this is not surprising, because the information environment has become an integral part of almost every person's life. Criminals call, write using a network device, search for information on the Internet and, in any case, as in ordinary life, resort to using IT, even if the crime does not concern this area at all.
