Presentation is loading. Please wait.

Presentation is loading. Please wait.

3rd ANTI-CYBERCRIME FORUM

Published byLoren Davidson Modified over 6 years ago

Similar presentations

Presentation on theme: "3rd ANTI-CYBERCRIME FORUM"— Presentation transcript:

1 3rd ANTI-CYBERCRIME FORUM
Engaging in international cooperation on cybercrime and electronic evidence: CyberSouth to reinforce the capacities Phoenicia Hotel, Beirut, Lebanon, 29 November 2017 Marie Agha-Wevelsiep, Project manager, Council of Europe

2 Project CyberSouth Title
CyberSouth – Cooperation on cybercrime in the Southern Neighbourhood Region Priority countries Algeria, Jordan, Lebanon, Morocco and Tunisia Duration 36 months (mid-2017 / mid-2020) Budget EUR 3.3 million Funding European Union and Council of Europe Implementation C-PROC ( Council of Europe Programme Office on cybercrime)

3 Project CyberSouth Challenges
The scale and quantity of cybercrime, devices, users and victim The issue of electronic evidence Availability of data Technical challenges Cloud computing, territoriality and jurisdiction Mutual legal assistance

4 Project CyberSouth 1 - Standards: Budapest Convention on Cybercrime and other instruments “Protecting you and your rights in cyberspace” 2 Follow up and assessments Cybercrime Convention Committee (T-CY) 3 Capacity building : C-PROC

5 + + Budapest Convention Criminalising conduct Procedural tools
Illegal access Illegal interception Data interference System interference Misuse of devices Fraud and forgery Child pornography IPR-offences Procedural tools Expedited preservation Search and seizure Interception of computer data International cooperation Extradition MLA Spontaneous information Expedited preservation MLA for accessing computer data MLA for interception 24/7 points of contact Harmonisation 5

6 130+ Reach of the Budapest Convention as a guideline
Indicative map only Budapest Convention Ratified/acceded: 56 Other States with laws/draft laws largely in line with Budapest Convention = 20 Signed: 4 Further States drawing on Budapest Convention for legislation = 45+ Invited to accede: 10 = 70

7 C-PROC In practice, how does the Budapest Convention work? 10
Case 1: Earthquake case (Romania) App X on their Android or iOS smartphones received false alerts indicating an earthquake of 10 Richter Magnitude. Offences committed: illegal access to a computer system – art. 360 of the Criminal Code alteration of computer data integrity – art.362 of the Criminal Code perturbation of the functioning a computer system (system interference) – art.363 of the Criminal Code dissemination of false information – art.404 of the Criminal Code Object of the request: Preservation of data through the 24/7 point of contact to the responsible authorities of USA, using 24/7 Contact Point Dta preservation + use of MLAT all the data preserved and identification and prosecution of the suspect who committed the offences

8 C-PROC In practice, how does the Budapest Convention work? 10
Case 2: ”Phishing” Case (Romania) Unidentified perpetrators succeeded onto gaining access and transferring different sums from customers accounts of two banks in Norway and Finland to bank accounts from Romania, using the phishing method. Romanian citizens that redraw the fraudulently transferred sums were using, at the time, the following addresses, that were created, probably by the same person, from the same computer system: Offences committed: illegal access to a computer system - art. 360 of the Criminal Code fraudulent financial operations- art.250 of the Criminal Code computer related forgery – art. 325 of the Criminal Code

9 C-PROC In practice, how does the Budapest Convention work? 10
Case 2: ”Phishing” Case (Romania) Object of the request, data preservation for : addresses’ logs and associated accounts Content of any communication stored by these addresses IP address/addresses of the computer system/systems that created the addresses mentioned above Preservation of data through the 24/7 point of contact to the responsible authorities of USA, using 24/7 Contact Point Data preservation + use of MLAT all the data preserved regarding accounts used by the suspects and to identify and prosecute a large money mule group who caused significant financial losses (more that 3 million Euro)

10 C-PROC In practice, how does the Budapest Convention work? 10
Case 3: “ONLINE SCAM” CASE (Romania) Advertisement for a car on Victim in Miami, expressed interest in the vehicle, the unknown user of the address asked for payment with a stolen gift card. account is linked by back up contact information to several other accounts. One of these accounts was accessed with an Android device. The IP address associated with the Android device was xxx. The internet service provider for this IP address is RCS-RDS. Data associated with this IP address will assist in identifying the unknown user of the address.

11 C-PROC In practice, how does the Budapest Convention work? 10
Case 3: “ONLINE SCAM” CASE (Romania) Offences committed: Wire fraud - Title 18, United States Code, Section 1343 Identity theft - Title 18, United States Code, Sections 1028 Object of the request: The contents of any communication or file stored by or for the account and any associated accounts, and any information associated with those communications or files (source and destination addresses or IP addresses) All records and other information relating to the Account and any associated accounts including: names, addresses, records of session times and durations, length of service

12 C-PROC In practice, how does the Budapest Convention work? 10
Case 3: “ONLINE SCAM” CASE (Romania) Request sent by US Department of Justice on September 21, 2015 to the responsible authorities of Romania, using 24/7 Contact Point. Response received on September 30, 2015, confirming that all the data has been preserved by RCS-RDS (ISP). Based on the data preservation, US authorities were able to receive through MLAT all the data preserved and to identify and extradite 7 Romanian suspects, involved in online scams.

13 C-PROC Functions: Cybercrime Convention Committee (T-CY) 10
Established under Article 46 Budapest Convention Members (statut November 2017): 56 Members (State Parties) 14 Observer States 10 International organisations (African Union Commission, ENISA, European Union, Europol, INTERPOL, ITU, OAS, OECD, OSCE, UNODC) Functions: Assessments of the implementation of the Convention by the Parties Guidance Notes Draft legal instruments Etc.

14 Joining the Budapest Convention
Treaty open for accession (article 37) Phase 1: A country with legislation in place or advanced stage Letter from Government to CoE expressing interest in accession Consultations (CoE/Parties) in view of decision to invite Invitation to accede Phase 2: Domestic procedure (e.g. decision by national Parliament) Deposit of the instrument of accession 14

15 Capacity building Cybercrime strategies and policies
Reporting system mechanism Legislation Specialised services LEA training Training for the judiciary Public-private cooperation International cooperation

16 CyberSouth offers capacity building to Lebanon
C-PROC Project CyberSouth 10 CyberSouth offers capacity building to Lebanon

17 Project CyberSouth: Benefits for Lebanon?
Legal framework on cybercrime strengthened international cooperation facilitated Specialised units on cybercrime strengthened: set up of standard operating procedure for electronic evidence, good practice for information exchange with service providers, access to training materials Number of investigation on cybercrime and involving electronic evidence increased Judicial training on cybercrime and electronic evidence mainstreamed reinforcement of judges and prosecutors Reinforcement of the role of 24/7 contact point and international cooperation Strategies on cybercrime and electronic evidence strengthened or enhanced

18 Project CyberSouth: For Lebanon For international community
Benefits on international cooperation For Lebanon Become a member of the international community Use of the international instrument Benefit from the network of the other criminal justice players specialised on cybercrime Cooperate with countries sharing common standards Increase in the number of investigations on cybercrime and electronic evidence For international community Increase the Parties of the Budapest Convention Influence of Lebanon in the region Contribution to increase the capacities in the fight against cybercrime worldwide

19 Project CyberSouth: which actions for which results? Expected results
Actions to be taken Deliverables for Lebanon Result 1 Strengthened legislation Assessment visit 1 regional workshop on cybercrime and data protection legislation as well as on criminal justice statistics to determine the effectiveness of legislation. A guide on the application of data protection and rule of law safeguards in investigations on e-evidence and cybercrime. 2 in-country workshops for judges, prosecutors and law enforcement on the application of cybercrime legislation, including rule of law safeguards and data protection requirements + best practice booklets

20 Project CyberSouth: which actions for which results? Expected result
Actions to be taken Deliverables for Lebanon Result 2 Specialised police services and interagency as well public/private cooperation strengthened Assessment visit 1 regional workshop on specialised cybercrime and computer forensic units and specialised prosecutors to share experience 1 regional workshop on law enforcement/service provider cooperation with the participation of multi-national service provider 1 in-country workshop on law enforcement/service provider cooperation with the participation of multi-national service provider E-evidence Guide and the Standard Operating Procedures Guide available in Arabic. Recommendations on the development of domestic SOPs for e-evidence and on the strengthening of cybercrime units. 1 in-country training on Darknet and virtual currency investigations. Sharing of experience Good practice compilation on the cooperation with multi-national service providers Facilitate access to ECTEG training material and in the delivery of first training

21 European Cybercrime Training and Education Group - ECTEG

22 Project CyberSouth: which actions for which results? Expected result
Actions to be taken Deliverables for Lebanon Result 3 Judicial training on cybercrime and electronic evidence mainstreamed Assessment visit Regional workshop for representatives of judicial training institutions to reach agreement on the approach to follow. In-country training of trainers workshops Regional conference on the progress made Recommendations on mainstreaming judicial training on cybercrime and electronic evidence and assistance in the elaboration of a long term strategy. Availability and adaptation of training material 2 train to train training for basic and advanced training

23 Project CyberSouth: which actions for which results? Expected result
Actions to be taken Deliverables for Lebanon Result 4 24/7 points of contact strengthened and enhanced international cooperation on cybercrime and electronic evidence Assessment on competent authorities and on the functioning of international cooperation 1 regional/international conference on roles and responsibilities in international police-to-police and judicial cooperation on cybercrime and e-evidence. Recommendations on strengthening of 24/7 contact followed up by a mission of expert Funding of Lebanese representatives to participate in conferences and training sessions on international cooperation (Interpol, Europol, Octopus Conference,…) Regional training on international cooperation and the role of 24/7 contact point

24 Project CyberSouth: which actions for which results? Expected result
Actions to be taken Deliverables for Lebanon Result 5 Strategic priorities on cybercrime and electronic evidence identified. Assessment visit 1 in-country workshop 1 international conference 1 annual report on cybercrime and e-evidence situation in Lebanon Study on progress made with respect to legislation and institutional capacities since the start of the project in the Southern Neighbourhood region. Recommendations on cybercrime strategy

25 GLACY EU/COE Joint Project on Global Action on Cybercrime
Project CyberSouth: Implemented by the Council of Europe, recognised know-how GLACY EU/COE Joint Project on Global Action on Cybercrime GLACY+ EU/COE Joint Project on Global Action on Cybercrime II EU/COE Eastern Partnership III EU/COE Eastern Partnership iPROCEEDS Cooperation on Cybercrime: targeting crime proceeds on the Internet (voluntary contribution funded) CyberSouth EU/CoE Joint Project 25

26 Project CyberSouth: Assessment report
next steps Assessment report Fact checking with Lebanese institutions National project team nominated (Ministry of Justice, Prosecution, Law enforcement authorities, Training institution for magistrates, Training institution for law enforcement) Agreement on a first draft work plan of activities Launching conference in February 2018 in Tunisia

27 Project CyberSouth: Thank you! www.coe.int/cybersouth
Cooperation on cybercrime in the Southern Neighbourhood Region Thank you!

Download ppt "3rd ANTI-CYBERCRIME FORUM"

Similar presentations

Thematic Discussion on Human Rights & Resolution 1373 Counter-Terrorism Committee Executive Directorate (CTED) United Nations New York, 7 October 2010.

Thematic Discussion on Human Rights & Resolution 1373 Counter-Terrorism Committee Executive Directorate (CTED) United Nations New York, 7 October 2010.
UN Comprehensive Study on Cybercrime

UN Comprehensive Study on Cybercrime
UNODC & the Global Response to Cybercrime

UNODC & the Global Response to Cybercrime
EUFJE BRUSSELS CONFERENCE 19 Octobre 2010 Joint meeting EUFJE – public prosecutors,

EUFJE BRUSSELS CONFERENCE 19 Octobre 2010 Joint meeting EUFJE – public prosecutors,
Council of Europe Eastern Partnership Facility 16 May 2013, Brussels.

Council of Europe Eastern Partnership Facility 16 May 2013, Brussels.
State of play and activities in 2014 March 2014

State of play and activities in 2014 March 2014
The European Public Prosecutor: Coming soon to a country near you? An EPP working with UK authorities Practical issues Mike Kennedy President of Eurojust.

The European Public Prosecutor: Coming soon to a country near you? An EPP working with UK authorities Practical issues Mike Kennedy President of Eurojust.
Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.

Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.
AN INTERNATIONAL SOLUTION TO A GLOBAL PROBLEM. A Global Problem What is cybercrime? How does it affect us ? The solution.

AN INTERNATIONAL SOLUTION TO A GLOBAL PROBLEM. A Global Problem What is cybercrime? How does it affect us ? The solution.
EPOC: Empowering Judicial Cooperation through Eurojust Matthias Ruckdäschel, ICT Project Officer, Eurojust (ICT4Justice, Thessaloniki, 24 October 2008)

EPOC: Empowering Judicial Cooperation through Eurojust Matthias Ruckdäschel, ICT Project Officer, Eurojust (ICT4Justice, Thessaloniki, 24 October 2008)
SECI Center: An Efficient Regional Tool for Combating Organized Crime Developments in Justice and Home Affairs in Romania - Panel Discussion - - Panel.

SECI Center: An Efficient Regional Tool for Combating Organized Crime Developments in Justice and Home Affairs in Romania - Panel Discussion - - Panel.
EU responses to hate crimes and support to the victims Linda Maria Ravo DG Justice – European Commission Unit C1.

EU responses to hate crimes and support to the victims Linda Maria Ravo DG Justice – European Commission Unit C1.
6 August 2015 Rule of law: implementing a comprehensive and integrated approach in prevention and fight against corruption in the Danube region, 21-22.

6 August 2015 Rule of law: implementing a comprehensive and integrated approach in prevention and fight against corruption in the Danube region,
In-depth look at ISACS 05.60 Border controls and law enforcement cooperation.

In-depth look at ISACS Border controls and law enforcement cooperation.
Rule of Law: Implementing a comprehensive and integrated approach in prevention and fight against corruption in the Danube region”, 04-05 November 2013.

Rule of Law: Implementing a comprehensive and integrated approach in prevention and fight against corruption in the Danube region”, November 2013.
Bratislava 15 -16 October 2007 PAR - AC CoP Meeting Anti Corruption Regional Programme Regional Programme.

Bratislava October 2007 PAR - AC CoP Meeting Anti Corruption Regional Programme Regional Programme.
Texas House of Representatives Committee on Criminal Jurisprudence Testimony of Randall S. James Banking Commissioner Texas Department of Banking August.

Texas House of Representatives Committee on Criminal Jurisprudence Testimony of Randall S. James Banking Commissioner Texas Department of Banking August.
Tackling IT crime in a global context: the Convention on Cybercrime 3 years after Julio Pérez Gil University of Burgos, Spain.

Tackling IT crime in a global context: the Convention on Cybercrime 3 years after Julio Pérez Gil University of Burgos, Spain.
Regional Conference Intellectual Property Crime Bahrain 13 - 14 April 2008.

Regional Conference Intellectual Property Crime Bahrain April 2008.
CAR PROJECT SERBIA FITZ-ROY DRAYTON CRIMINAL ASSET RECOVERY PROJECT IN SERBIA.

CAR PROJECT SERBIA FITZ-ROY DRAYTON CRIMINAL ASSET RECOVERY PROJECT IN SERBIA.

Similar presentations

Ads by Google