Supplement to the 2012/3 South African Cyber Threat Barometer
China Case Study Report
Foreword Africa is considered to be the cradle of mankind. There is evidence that some of the earliest people lived in southern Africa. The hunter-gatherer San roamed widely over the area and the pastoral KhoiKhoi wandered in the wellwatered parts where grazing was available. Tribes from central Africa moved southwards into the eastern and central parts of the area known today as South Africa. Milestones in South African history: 1652 - Dutch Settlers arrive under the leadership of Jan van Riebeeck 1795 - British occupation of the Cape 1800 onwards - the Zulu kingdom under King Shaka rises to power 1835 - The Great Trek - Dutch and other settlers leave the Cape colony 1879 - Anglo-Zulu war 1880 - First Anglo-Boer war 1899 - Second Anglo-Boer War I am referring to the scourge of 1912 - The African National Congress (ANC) is founded cybercriminal activity that is rapidly 1961 - South Africa becomes a republic becoming a global concern and one 1990 - Mandela is freed after 27 years in prison and that we as Africans need to prioritise. opposition groups are unbanned We hope this project and proposed 1994 - South Africa's first democratic election initiatives will go a long way towards "rallying the troops" to urgently address the growing cyber threat facing South Africa has journeyed through many great obstacles our country. to become a nation whose dream of unity and common purpose is within grasp of all its people. We must not I wish to offer my sincere appreciation lose sight of this dream. As proud stakeholders of this to the British High Commission for great country we are now called upon to join hands in their funding and support to complete the fight against a new threat that is targeting all areas this vital research project. of our society - no organisation, community or child is immune to its impact. I also wish to convey my warmest thanks to all participating companies and teams for their input and For a copy of the full 2012/3 South African independent review of this report. Your Cyber Threat Barometer report and other country passion to make a positive impact in supplements please visit the research section this country has been amazing to of our website. witness. I would finally like to acknowledge the Wolfpack team for their dedication shown in the research, analysis, layout and distribution of this report. I am very proud of what we have achieved.
Corporate contact details: Building 1 Prism Office Park Ruby Close, Fourways Johannesburg, 2055 Telephone: +27 11 367 0613 Email: info@wolfpackrisk.com Website: www.wolfpackrisk.com
Craig Rosewarne Managing Director Wolfpack Information Risk (Pty) Ltd
1
China In China many cybercrime issues are covered in laws and regulations that refer to Internet related crimes and Criminal Law highlights cybercrime activities.
History of Cyber Laws, Acts and organisations to combat cyber crime in China Bill / Act
Description
1994
First law on computer crime
• Issued by State Council which is an ordinance on protecting the safety of computer system.
1997
Computer Information Network and Internet Security, Protection and Management Regulations
• The Public Security Bureau (PSB), responsible for the internal security and approved and published by the State Council in December.
Ministry State Security (MSS)
• Handles external security - responsibility for maintaining Internet security lies with the ISPs, and violations by users will result in the cancellation of the ISP’s business license and its network registration, fines and possible criminal prosecution of both the company staff and the users.
China Penal Code
• Amended to add Article 285, 286 and 287, which stipulated two CIA Cybercrimes (Illegal Access and Sabotaging a computer system) and in which computer systems are used as the tools of crime.
Criminal Law of the People's Republic of China
• Article 285 - Whoever violates state regulations and intrudes into computer systems with information concerning state affairs, construction of defence facilities, and sophisticated science and technology is be sentenced to not more than three years of fixed-term imprisonment or criminal detention; • Article 286 - Whoever violates states regulations and deletes, alters, adds, and interferes in computer information systems, causing abnormal operations of the systems and grave consequences, is to be sentenced to not more than five years of fixed-term imprisonment or criminal detention; • Article 287. Whoever uses a computer for financial fraud, theft, corruption, misappropriation of public funds, stealing state secrets, or other crimes is to be convicted and punished according to relevant regulations of this law.
1998
CAST (China Anti-Spam Team),
• Established a team is to carry out research and operation on anti-spam.
2000
Decision on Protecting Security of Network
• Passed by National Council to combat 21 types Cybercrime.
Decision on Internet Security
• Standing Committee of the NPC was passed.
Internet Rules
• China issued a series of Internet rules that prohibit anyone to propagate pornography, virus and scams.
China signed the ASEANChina Free Trade Area (ACFTA)
• China Coordination Framework for Network and Information Security Emergency Responses and an agreement among the governments of the SCO Member States on Cooperation in the Field of Ensuring International Information Security with the ASEAN and SCO member states, respectively.
Year
2003
2
Bill / Act
Description
UN General Assembly Resolution 57/239
• China signed Creation of a global culture of cybersecurity.
7th Amendment of China Penal Code
• Stipulates amendment to combat new types of cybercrime in the China networked economy.
China Criminal Law
• China incorporated computer crimes into its criminal law legislation.
ASEAN-China framework
• Agreement on network and information security emergency response was adopted.
Shanghai Cooperation Organization
• Agreement regarding information security was made
2010
Guarding State Secrets law
• In an effort to protect confidential information China tightened its Guarding State Secrets law, by holding internet and mobile phone operators responsible for customers who try to leak confidential information.
2011
China Criminal Procedure Law
• China Supreme People’s Court and Supreme People’s Procuratorate issued the judicial interpretation on Cybercrime. However the Chinese Criminal Procedure Law response to Cybercrime is slow, with minimal rules on collecting electronic evidence or admissibility rules relating to electronic evidence. Until 2011 the Draft of amendments to China’s Criminal Procedure Law began to stipulate technical detection measures that include electronic surveillance. China’s judicial practice already supercedes criminal procedure law, China Supreme People’s Court and Supreme People’s Procuratorate has issued several judicial interpretations on electronic evidence. • Criminals transfer, purchase or help to sell illegal acquired information or control of computer system, in order to seek illegal interests. In order to control the new kind of crimes, the aforementioned judicial interpretation prescribed that the criminals shall be convicted and punished according to provisions in Article 312 of China’s Penal Code, which prescribes the crime of concealing illegally acquired goods. If the ISP or advertising company provided any assistance to cybercriminals in the way of technical support or financial help, they shall be convicted and punished as an accomplice. • In addition to the above provisions, there is a kind of Cybercrime in the field of China network economy, the criminals transfer, purchase or help to sell illegal acquired information or control of computer system, in order to seek illegal interests. In order to control the new kind of crimes, the aforementioned judicial interpretation prescribed that the criminals shall be convicted and punished according to provision in Article 312 of China Penal Code, which prescribes the crime of concealing illegally acquired goods. If the ISP or advertising company wilfully provide for criminals of Cybercrimes the technical support or financial help, they shall be convicted and punished as the accomplice.
Year
3
Industry Collaboration, Partnership Developments and Initiatives in Cybersecurity Organisation / initiative
Description
Council of European Union Framework Decision (CoEU) and Council of Europe Convention on Cybercrime
• IIn comparative research of criminal legislation between China and the European community, the provisions reaches and goes beyond the standard set by Council of European Union Framework decisions on attacks against information systems, and reaches most of the requirements of the Council of Europe Convention on Cybercrime.
Jurisdiction and International Cooperation
• China did not reach any agreement with foreign countries on judicial cooperation of combating cybercrime and did not join the related international treaty, which make Chinese criminal judicial authorities face difficulties when handling any transnational cybercrime cases. • China stands outside of the international judicial cooperation system on combating Cybercrime, it leads to a lot of transnational Cybercrimes move from other countries into China. • The situation will not only do harm to safety of China network society but also make China the springboard to attack computer systems of foreign countries.
Criminal Procedure Law
• In recent years China has been developing legislation on collecting and adopting electronic evidence. Aside from the measure of expedited preservation of stored electronic information, the legislation of other measures on collecting electronic evidence will soon reach the requirement of the Convention on Cybercrime.
CCERT (China Education and Research Network Computer Emergency Response Team)
• First CSIRT (Computer Security Incident Response Team) in China is a nonprofit organisation who provides computer security related incident response service for people and organisations all over China. CCERT was funded and supervised by CERNET (China Education and Research Network).They provide incident related services, research and development. Apart from the coordination incident response services they also helped to establish another CSIRT for CERNET.
Internet Society of China
• The group behind China's anti-spam effort — is working on standards and better ways of cooperating to fight cybercrime • ISPs have become better at working with customers to cut down on the spam problem • In 2005, China signed up for the London Action Plan on spam, an international effort to curb the problem. • In January 2011, the United States and China committed for the first time at head of state level to work together on a bilateral basis on issues of cybersecurity. "Fighting Spam to Build Trust" will be the first effort to help overcome the trust deficit between China and the United States on cybersecurity.
4