Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sri Lankan perspective in meeting the Cyber crime challenge

Published byClarence Barnett Modified over 9 years ago

Similar presentations

Presentation on theme: "Sri Lankan perspective in meeting the Cyber crime challenge"— Presentation transcript:

1 Sri Lankan perspective in meeting the Cyber crime challenge
by Lal Dias Chief Operating Officer, Sri Lanka CERT

2 Role of Cyber systems in Sri Lanka
e-Sri Lanka Development Initiative Multi-faceted program Objectives Bridge digital divide Improve delivery of public services Increase competitiveness of private sector Accelerate social development Poverty reduction

3 e-Sri Lanka Development Initiative
Major Programs of e-Sri Lanka ICT Policy, Leadership & Institutional Development Information Infrastructure Re-engineering government ICT Human Resources Capacity Building ICT Investment & Private sector Development E-Society ICT Agency of Sri Lanka established to spearhead the e-Sri Lanka Development Initiative

4 e-Sri Lanka Development Initiative
ICT Policy, Leadership & Institutional Development Program e-Laws Project Electronic Transactions Act No. 19 Sri Lanka Computer Crimes Act No. 24 e-Leadership Development Project Information Infrastructure Sri Lanka CERT Project

5 e-Sri Lanka Projects e-Laws Project Electronic Transactions Act No. 19
Law to enable validation of e-Commerce, e-Signature and e-Contracting Sri Lanka Computer Crimes Act No. 24 Identification, Investigation and Enforcement of computer crimes

6 e-Sri Lanka Projects e-Leadership Development Project
Develop a pool of champions to enforce security policies, monitor fraudulent activities and promote best practices Sri Lanka CERT Project National CERT mandated to protect Sri Lanka’s ICT infrastructure from attacks, be the single, trusted source for information on cyber crime techniques and coordinate efforts to handle Cyber crime incidents

7 Conflict of Systems e-Sri Lanka introduces new challenges in fighting cyber crime: New (due to e-Sri Lanka) Traditional SLCERT Forensics Team SLCERT Incident Handling Computer Crimes Act E-Transactions Act New reporting mechanisms Police Investigation Team CID NIB Existing Penal Code Traditional Reporting mechanisms

8 Cyber crime in Sri Lanka: 2007

9 Cyber crime in Sri Lanka
Prosecution of Cyber crime cases Total Cases: 17 Total Cases: 9 Total Cases: 4

10 Computer Crimes Act Timeline
1995: Work started by CINTEC Law Committee 1997: Working paper on Computer crime Act submitted Decision to be made: Develop provisions for prosecution of cyber crimes under existing penal code OR develop a Subject specific law? 2000: decision to develop Subject specific legislation 2005: Bill finalized and presented in Parliament 2006: Further review by Parliamentary committee 2007: Passing of bill in parliament Computer Crime Act currently not enforced fully

11 Computer Crimes Act Features
Provides clear structure for conducting of investigations and jurisdictions Provides distinct cyber crime categories and the corresponding parameters under which a case may be prosecuted, including maximum or minimum applicable penalties Use of Generic terms, so that even if technology changes, the nature of the crime will remain the same (example: phishing, vishing & phaxing) Provision of Cross Extradition arrangement with Council of Europe signatories. Increased ability to prosecute cases beyond Sri Lanka’s borders Clear statement of Resources that would be brought to bear on the case, including, among others, “experts”.

12 Computer Crimes Act Cyber crime Categories Computer-related offenses
Computers used as tools for criminal activity (Theft, fraud) Hacking Activities which affect CIA of computer system or network (includes viruses and other malware) Content related offenses Computers with Internet access used to distribute illegal data (copyright infringement, pornography)

13 Computer Crimes Act Parameters Unauthorized Access
Unauthorized Access in order to commit an offence Causing a computer to perform functions without lawful authority Offenses committed against national security Dealing with unlawfully obtained data Illegal interception of data Use of an illegal device Unauthorized disclosure of information

14 Computer Crimes Act: Penalties
Parameter Jail Term (Years) Fine (Rupees) Or Both? Unauthorized Access ≤5 ≤100K Unauthorized Access to commit offense ≤200K Function without Lawful authority ≤300K Offenses Against National Security - × Unlawfully obtained data 0.5≤ ≤3 100K≤ ≤300K Illegal interception Use of illegal devices Unauthorized disclosure

15 Identification of Cyber Crimes
CHALLENGES Identification of Cyber Crimes Limited reporting of crime Lack of trust in reporting methods No guarantee of confidentiality Verifying reports/Authenticity of Reports Genuine report or prank? Due diligence Reporting of crimes found at workplace. Professional obligation vs. Personal inconvenience

16 Investigation of Cyber Crimes
CHALLENGES Investigation of Cyber Crimes Gathering of evidence Maintaining admissibility of evidence Lack of proper structure for cooperation between investigating organizations Poor system for maintenance of chain of custody Weight of Digital evidence in court Lack of understanding of importance of digital evidence Lack of Legal professionals conversant with CCA Jurisdiction NIB, CID, other organizations (SLCERT, TechCERT, etc)

17 Enforcement of Cyber Laws
CHALLENGES Enforcement of Cyber Laws Tendency to prosecute under existing penal code; more lenient penalties (Case studies) Lack of IT Savvy lawyers Lack of ICT Knowledge of judges, making obtaining warrants more time consuming Lack of provisions for prosecuting Cross border crime, such as cross-extradition arrangements, cooperative investigation of cases, etc

18 Case study 1: A Foreign National published false information regarding the sale of DVD players online Online payments credited to Standard Chartered Bank Account Funds withdrawn by offender who left country DVD Players not delivered Suspect arrested upon return to Sri Lanka, fined and deported Problem: Waiting for suspect to return to Sri Lanka. Lack of extradition arrangements.

19 Case study 2: Superimposing nude images on a picture of a Buddha Statue (causing offense) Investigated by CID Cyber Crimes Unit NGO employee arrested Convicted and sentenced to 3 Years imprisonment, suspended for 3 years Problem: Leniency in sentence and enforcement of sentence. Much stronger penalties allowed for under CCA

20 Future plans for cyber crime fighting
Build a defined structure and working relationship between organizations concerned with cyber crime International Judicial Community AG’s Department Inter-Governmental Relationships Police Force NIB CID International Police Community Sri Lanka CERT International CERT Community Cyber crime Reporting Centres

21 Future Plans Identification
Building and maintenance of Cyber Crime Reporting Centres Additional “secured” reporting channels ( , Web) Protection of Confidentiality through Information Security Measures Raises trust Expected Outcome: Reporting of more cases

22 Future Plans Investigation
Develop a Digital Forensics Lab, Larger Forensics team to handle increase in cases Develop clear Chain of Custody procedures Build contacts with Foreign Police forces to increase skills available in investigating complex, cross-border cases and forensics knowledge Expected Outcome: Increased number of successfully prosecuted cases

23 Future Plans Prosecution
Run Awareness Programs for the local judiciary to raise awareness of Computer crimes (attack techniques, potential damage, etc) and the provisions of the Computer Crimes Act (CCA) Build a pool of IT Savvy Legal professionals able to prosecute cases under the CCA Increase number of countries with which Sri Lanka has Extradition Treaties through Government intervention Expected Outcome: Increased number of successfully prosecuted cases

24 THANK YOU

Download ppt "Sri Lankan perspective in meeting the Cyber crime challenge"

Similar presentations

UN Comprehensive Study on Cybercrime

UN Comprehensive Study on Cybercrime
Rohas Nagpal, Asian School of Cyber Laws.  Information Technology Act, 2000  Imprisonment upto 10 years  Compensation upto Rs 1 crore  Indian Penal.

Rohas Nagpal, Asian School of Cyber Laws.  Information Technology Act, 2000  Imprisonment upto 10 years  Compensation upto Rs 1 crore  Indian Penal.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry.

International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry.
ITA 2008: Law Enforcement & Incident Response -The way forward- By Talwant Singh Addl. Distt. & Sessions Judge Delhi

ITA 2008: Law Enforcement & Incident Response -The way forward- By Talwant Singh Addl. Distt. & Sessions Judge Delhi
The Area of Liberty, Security and Justice. Objectives Free movement for EU citizens Security and safety in a Europe without borders Figth against international.

The Area of Liberty, Security and Justice. Objectives Free movement for EU citizens Security and safety in a Europe without borders Figth against international.
BlueCare Tennessee and BlueCare, Independent Licensees of BlueCross BlueShield Association How the Deficit Reduction Act of 2005 Impacts BlueCare Tennessee.

BlueCare Tennessee and BlueCare, Independent Licensees of BlueCross BlueShield Association How the Deficit Reduction Act of 2005 Impacts BlueCare Tennessee.
Mobile Technology & Cyber Threats Promoting E-Commerce in Ghana Ruby Saakor Tetteh Ministry of Trade & Industry, Ghana Sixth Annual African Dialogue Consumer.

Mobile Technology & Cyber Threats Promoting E-Commerce in Ghana Ruby Saakor Tetteh Ministry of Trade & Industry, Ghana Sixth Annual African Dialogue Consumer.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL.

Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.

Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.
Page 1 Presented Insp. Amos Sylvester Trinidad and Tobago Police Service.

Page 1 Presented Insp. Amos Sylvester Trinidad and Tobago Police Service.
AN INTERNATIONAL SOLUTION TO A GLOBAL PROBLEM. A Global Problem What is cybercrime? How does it affect us ? The solution.

AN INTERNATIONAL SOLUTION TO A GLOBAL PROBLEM. A Global Problem What is cybercrime? How does it affect us ? The solution.
STATE OF CYBER SECURITY IN JAMAICA Hon. Julian Robinson Chairman Joint Select Committee on the Cybercrimes Act January 24, 2013.

STATE OF CYBER SECURITY IN JAMAICA Hon. Julian Robinson Chairman Joint Select Committee on the Cybercrimes Act January 24, 2013.
Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Dr. Pradnya Saravade Dy.

Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Dr. Pradnya Saravade Dy.
Eurojust The European Union’s Judicial Cooperation Unit.

Eurojust The European Union’s Judicial Cooperation Unit.
Legal, Ethical, and Professional Issues in Information Security

Legal, Ethical, and Professional Issues in Information Security
MINISTRY OF FINANCE 4-7.11.2003Counsellor, docent, Dr Tuomas Pöysti1 The Constitutionalisation and Evolution of Penal Law and Control Policy in the European.

MINISTRY OF FINANCE Counsellor, docent, Dr Tuomas Pöysti1 The Constitutionalisation and Evolution of Penal Law and Control Policy in the European.
Geneva, Switzerland, 15-16 September 2014 Challenges and Successes in the Zambian ICT Security Sector Mainza Siamubayi Handongwe, Student Research Fellow,

Geneva, Switzerland, September 2014 Challenges and Successes in the Zambian ICT Security Sector Mainza Siamubayi Handongwe, Student Research Fellow,
GROUP 7 RAHUL JIMMY RONEY GEORGE SHABNAM EKKA SHEETHAL JOSEPH Cyber Laws in India- IT Act, 2000; 2004.

GROUP 7 RAHUL JIMMY RONEY GEORGE SHABNAM EKKA SHEETHAL JOSEPH Cyber Laws in India- IT Act, 2000; 2004.
CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.

CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.
What have you known about cybercrime? What do you want to know about cybercrime?

What have you known about cybercrime? What do you want to know about cybercrime?

Similar presentations

Ads by Google