This document discusses various types of cybercrimes against society including internet pornography, online gambling, cyber warfare, cyber-extortion, cyber terrorism, internet time theft, distributed denial of service attacks, and threats to computer privacy and cybersecurity. It also outlines Philippine laws related to cybercrimes such as the Anti-Wiretapping Law, Electronic Commerce Act, Anti-Cable Television and Cable Internet Tapping Act, Data Privacy Act, Cybercrime Prevention Act, and defines key terms used in discussing cybercrimes and related laws.
This document discusses various types of cybercrimes against society including internet pornography, online gambling, cyber warfare, cyber-extortion, cyber terrorism, internet time theft, distributed denial of service attacks, and threats to computer privacy and cybersecurity. It also outlines Philippine laws related to cybercrimes such as the Anti-Wiretapping Law, Electronic Commerce Act, Anti-Cable Television and Cable Internet Tapping Act, Data Privacy Act, Cybercrime Prevention Act, and defines key terms used in discussing cybercrimes and related laws.
This document discusses various types of cybercrimes against society including internet pornography, online gambling, cyber warfare, cyber-extortion, cyber terrorism, internet time theft, distributed denial of service attacks, and threats to computer privacy and cybersecurity. It also outlines Philippine laws related to cybercrimes such as the Anti-Wiretapping Law, Electronic Commerce Act, Anti-Cable Television and Cable Internet Tapping Act, Data Privacy Act, Cybercrime Prevention Act, and defines key terms used in discussing cybercrimes and related laws.
and dissemination of obscene material including children’s nude pictures, indecent exposure, and child sex slavery posted into the internet. Online Gambling • Playing games of chance or betting in the hope of winning money through the internet. Other Cybercrimes Cyber Warfare
• Involves crossing international borders and involving the actions of at
least one nation state.
Cyber-Extortion
• It occurs when a website, e-mail server, or computer system is
subjected to or threatened with repeated denial of service or other attacks by malicious hackers.
Cyber Terrorism
• An act of terrorism committed using cyberspace or computer resources
(Parker, 1983). Internet Time Theft • Using of internet surfing time belonging to another user Domain Name System (DNS) Attack
This involves flooding a computer
resource with more requests than it can handle, causing the resource to crash thereby denying authorized users the service offered by the resource. Distributed Denial of Service Attacks (DDoS) • Another variation of DNS attack wherein the perpetrators are many and are geographically widespread. Computer Privacy and Cybersecurity Cybersecurity awareness encourages basic knowledge of cyber vulnerabilities and risks, as well as cyber hygiene and effective solution options. When people are faced with cyber threats, it educates them on best practices and preventive steps.
The following are the most pressing concerns:
1. Digital Date: What are the risk to our privacy, and how do we safeguard our identities? 2. Security: How do we keep track of who has access to confidential data and protected hardware and software? PRIVACY • Technology makes it possible to collect and use data of ALL KINDS, including information about people. The technologies that have impacts on Privacy 1. Large databases: Large corporation are continually collecting data on their employees. Every day, information about the person is collected and held in huge databases. Credit card providers, for example, keep track of cardholder transactions, transfers, and credit card histories in customer directories. People almost definitely have an electronic profile with their name, address, phone number, Social Security number, bank account details, and other information. These electronic profiles are sold by information seller to targeted advertisers, fund-raisers, and others. Many website provide these services for free or at a low discount. This presents a number of critical questions, including: 1. Collecting public, but personally identifying information 2. Spreading information without personal consent 3. Spreading inaccurate information 2. Private Networks • Private networks are commonly used in businesses, government organizations, and other institutions that require secure and dedicated communication channels. • Private networks can be set up using various technologies such as LAN (local area network), WAN (wide area network), VPN (virtual private network) or cloud-based services. The purpose of a private network is to protect sensitive data, applications, and resources from unauthorized access and external threats. 3. Internet and the Web • IP addresses are used to identify any device on the Internet. IP addresses can be used to track Internet activity back to the source, encouraging information security professionals and law enforcement agents to look at violations like illegal network access and exchanging copyright data without authorization. • IP address is a critical component of the modern internet ecosystem, as it serves as a unique identifier for each device that is connected to the internet. 1. Device identification 2. Location information 3. Network troubleshooting 4. Firewall and security 5. Internet routing HOW TO PROTECT ONESELF AGAINST CYBERCRIME 1. Keep software and operating system UPDATED When upgrading the software and operating system, the device also gains the access to the latest up-to-date security patches.
2. Use anti-virus software and keep it updated
Anti-virus protection or a strong internet security strategy are also effective ways to keep the system secure from attacks. 3. Using strong passwords Combinations of small and capital letters, numbers, special characters.
For example: @sogo5POqwzX
4. Be mindful of which websites URLs
URL stands for UNIFORM RESOURCE LOCATOR. It is the address of a webpage or file on the internet For example, the URL for the homepage of Google would be: https://www.google.com, where "https" is the protocol, "www.google.com" is the domain name, and there is no path or query parameters specified. The URL for a specific search on Google might be: https://www.google.com/search?q=url, where "q" is a query parameter that specifies the search term "url". Philippine Laws on the Cyberspace Republic Act No. 4200
• Anti-Wiretapping Law of 1965
• Prohibits and penalizes wire-tapping and other related violations of the privacy of communication. Republic Act No. 8792 • Electronic Commerce Act of 2000 • The first Philippine E-Commerce Law which serves as the basic framework in any discussion of e-laws. • Previously, a local case involving the “I Love You” virus had to be dismissed on the ground that there was no law which penalized the same. • This law gives legal recognition to electronic writings, documents, and data messages, including electronic signatures and contracts. • It mandates electronic transactions for the government and penalizes hacking, the introduction of viruses, as well as piracy. Republic Act No. 10515 • Anti-Cable Television and Cable Internet Tapping Act of 2013 • Approved on April 17, 2013, this Act aims to protect Cable Television and Cable Internet Industries from cable pilferage as it is the State’s declared policy to recognize the indispensable role of the private sector, encourage private enterprise, and provide incentives to needed investments. Republic Act No. 10173 • Data Privacy Act of 2012 • Approved on August 15, 2012, and took effect fifteen (15) days after its publication. • It declared the policy of the state to protect the fundamental human right of privacy, of communication while ensuring flee flow of information to promote innovation and growth. National Privacy Commission • is an independent body mandated to administer and implement the Act, and to monitor and ensure compliance of the country with international standards set for personal data protection. Definition of Terms under Republic Act No. 10173 Personal Information • Any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify and individual Processing • Any operation or any set of operations performed upon personal information. • collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure, or destruction of data. Personal Information Controller
• A person or organization who controls the
collection, holding, processing, or use of personal information, or instructs another to collect, hold, process, use, transfer, or disclose personal information on his or her behalf. Personal Information Processor • Any natural or juridical person qualified to act as such under this Act to whom a personal information controller may outsource the processing of personal data pertaining to a data subject. Sensitive Personal Information • Race, ethnic origin, marital status, age, color, religious or political affiliations • Other personal information specifically established by an executive order or an Act of Congress to be kept classified. • Health, education, genetic or sexual life of a person, or any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings. • Social security numbers, previous or current health records, licenses or its denials, suspension or revocation, tax returns Republic Act No. 10175 • Cybercrime Prevention Act of 2012 • The State recognizes the vital role of information and communications industries such as content production, telecommunications, broadcasting electronic commerce, and data processing, in the nation's overall social and economic development. Definition of terms under Republic Act No. 10175 Access • The instruction, communication with, storing data in, retrieving data from, or otherwise making use of any resources of a computer system or communication network. Alteration • The modification or change, in form or substance, of an existing computer data or program Communication • The transmission of information through ICT media, including voice, video, and other forms of data. Computer Data
• Any representation of facts, information, or concepts in a form
suitable for processing in a computer system
Computer Program
• A set of instructions executed by the computer to achieve
intended results.
Computer System
• Any device or group of interconnected or related devices, one or
more of which, pursuant to a program, performs automated processing of data. Interception • Listening to, recording, monitoring, or surveillance of content of communication, either directly or indirectly Database • A representation of information, knowledge, facts, concepts, or instructions which are being prepared, processed or stored, or have been prepared, processed or stored in a formalized manner and which are intended for use in a computer system. Service Provider 1. Any public or private entity that provides to users of its service the ability to communicate by means of a computer system. 2. Any other entity that processes or store computer data on behalf of such communication service or users of such service.