Teacher
Professional
- Messages
- 2,669
- Reaction score
- 819
- Points
- 113
How the development of digital technologies affects judicial practice, whether there are acquittals in cases of hacker attacks, what are the nuances of qualifying crimes committed using the Internet, whether there is a portrait of a typical victim of cybercriminals, and what new virtual fraud schemes have emerged — in an interview with RAPSI Editor-in-chief Irina Novikova, the chairman of the Trans-Baikal Regional Court Maxim Nesterov told.
"Good afternoon." The topic of digitalization is very relevant now, but, unfortunately, modern technologies are used not only for good purposes,but also by criminals. Please tell me, judging by the judicial practice, can we say that the number of cybercrimes has increased recently? And how often do the courts receive cases where there is a qualifying sign "using the Internet"?
"Good afternoon." I would like to say that yes, indeed, cybercrime has been increasing recently, especially since the 20s of this century.
We have recently introduced new compositions, in particular, "using the Internet" and now, in general, judicial practice on them has been developed. We are working, and the Plenum of the Supreme Court is working to guide the lower courts.
There are 272 articles of the Criminal Code of the Russian Federation (illegal access to legally protected computer information) and 274 articles of the Criminal Code of the Russian Federation (violation of the rules of operation of means of storing, processing or transmitting computer information and information and telecommunications networks). Whenever we have cases with such qualifications, we have to look at the code, we have to look at the Plenum of the Supreme Court, judicial practice, and have an understanding of what is meant by computer information, what modifications it is subjected to, and what other processes with this computer information are carried out by criminals and intruders.
However, the term "using the Internet" also appeared in common criminal articles, such as selling drugs, driving people to suicide, extremism, slander, and distributing pornographic materials. Oddly enough, article 132 of the Criminal Code-crimes against sexual integrity-is also now often committed using the Internet.
The absolute majority of cases where we classify a crime on this basis is the sale of narcotic drugs. Indeed, because there is a contactless sale of drugs. Previously, they were passed from hand to hand, but now, as a rule, this is no longer the case.
- You have already said that not all articles have this qualifying attribute, or rather, it does not matter everywhere. In some cases, the use of the Internet is taken into account when assigning a sentence, but in others it simply acts as a method. Do you think it matters that the crime was committed using the Internet? Do I need to introduce legislative changes in this regard?
- In my opinion, crimes committed via the Internet cover a larger circle of victims. As you all know, these are phone scams now: people are being influenced, psychologically influenced, people open their bank account, transfer money to scammers.
Yes, this is also the use of the Internet, but how relevant is it to introduce a qualifying feature? I can't even say. Somehow this question is somewhat unexpected…
- What criminal case from digital practice do you remember most of all?
- There was an acquittal, not in full, but in the digital part they were acquitted. You remember these events related to the COVID-19 epidemic, right? We all stayed at home, we only had to go to work, we all wore masks, and then we all started actively vaccinating so that we could have access everywhere.
And these malefactors got into this state database of vaccinated persons and put down marks about vaccination for those who were not vaccinated. In fact, it was a forgery of documents, but they were charged with Article 274.1. of the Criminal Code of the Russian Federation (illegal influence on the critical information infrastructure of the Criminal Code note). This is also a new article. They considered that by accessing this state portal, where information about covid-infected and covid-vaccinated people is provided, they interfered with this work of the critical infrastructure. But the court came to the conclusion, and quite reasonably - the verdict in all instances stood - that this is only Article 325 and nothing more.
- And who, as a rule, becomes victims of cyber fraud?
- There is no single portrait of a victim of such crimes. If we take the example of phone fraud, then there is also a digital element - victims go to an online bank to transfer funds. Retired judges were also victims of such crimes, as well as employees of the judicial apparatus, and the police themselves. That is, even the profession does not matter.
Recently, there has been such a trend that scammers begin to introduce themselves on behalf of the manager. They create a profile in Telegram — a duplicate of my page. And somehow they get information about who works in our court, and they start writing to them on my behalf that the money needs to be transferred. This is motivated by a special FSB operation. Of course, we have more experienced employees here and I'm open to them on any call, so no one got caught. But this trend is happening all over Russia.
We met with police officers who are engaged in cybercrime and they claim that now scammers do not even need to steal personal information, since people tell everything about themselves — in social networks, on marketplaces, and so on.
- We touched upon the topic of personal data, but there is not much practice on it. Will the situation change?
- I think that everything will be fine. All life is gradually moving into the digital space and partly into virtuality. But so far there have been no such cases on the territory of the Trans-Baikal Territory.
- I already have a more philosophical question for you, as a forensic expert: many students in the course of training, if they are studying in technological specialties, they are even given the task to create malicious programs. And if he is caught, how can such actions be considered at all, if the malware is created not for the purpose of committing a crime, but for the purpose of training?
"They don't qualify here. I assume so, because the malware was developed specifically for this purpose. And how else will we deal with this, with these malicious programs, without knowing how they are created?
Yes, here you need to have experience, fill your hand, know how the "enemy" works and what methods to use against it. And what it uses to create this program. In other words, the security services should also know. I think that these students who do this are doing it on the instructions of their teachers, and they should continue to work in law enforcement agencies. So I suppose.
But this should not and will not, for sure, be considered a criminal offense. Because this is such a "light hacker".
It all depends on the intent. We have such a practice of criminal law that a crime must be caused by fault, and guilt is intent, first of all.
• Video: https://rutube.ru/video/7c5a2942bd509695bd8f26c86ab53d88/
"Good afternoon." The topic of digitalization is very relevant now, but, unfortunately, modern technologies are used not only for good purposes,but also by criminals. Please tell me, judging by the judicial practice, can we say that the number of cybercrimes has increased recently? And how often do the courts receive cases where there is a qualifying sign "using the Internet"?
"Good afternoon." I would like to say that yes, indeed, cybercrime has been increasing recently, especially since the 20s of this century.
We have recently introduced new compositions, in particular, "using the Internet" and now, in general, judicial practice on them has been developed. We are working, and the Plenum of the Supreme Court is working to guide the lower courts.
There are 272 articles of the Criminal Code of the Russian Federation (illegal access to legally protected computer information) and 274 articles of the Criminal Code of the Russian Federation (violation of the rules of operation of means of storing, processing or transmitting computer information and information and telecommunications networks). Whenever we have cases with such qualifications, we have to look at the code, we have to look at the Plenum of the Supreme Court, judicial practice, and have an understanding of what is meant by computer information, what modifications it is subjected to, and what other processes with this computer information are carried out by criminals and intruders.
However, the term "using the Internet" also appeared in common criminal articles, such as selling drugs, driving people to suicide, extremism, slander, and distributing pornographic materials. Oddly enough, article 132 of the Criminal Code-crimes against sexual integrity-is also now often committed using the Internet.
The absolute majority of cases where we classify a crime on this basis is the sale of narcotic drugs. Indeed, because there is a contactless sale of drugs. Previously, they were passed from hand to hand, but now, as a rule, this is no longer the case.
- You have already said that not all articles have this qualifying attribute, or rather, it does not matter everywhere. In some cases, the use of the Internet is taken into account when assigning a sentence, but in others it simply acts as a method. Do you think it matters that the crime was committed using the Internet? Do I need to introduce legislative changes in this regard?
- In my opinion, crimes committed via the Internet cover a larger circle of victims. As you all know, these are phone scams now: people are being influenced, psychologically influenced, people open their bank account, transfer money to scammers.
Yes, this is also the use of the Internet, but how relevant is it to introduce a qualifying feature? I can't even say. Somehow this question is somewhat unexpected…
- What criminal case from digital practice do you remember most of all?
- There was an acquittal, not in full, but in the digital part they were acquitted. You remember these events related to the COVID-19 epidemic, right? We all stayed at home, we only had to go to work, we all wore masks, and then we all started actively vaccinating so that we could have access everywhere.
And these malefactors got into this state database of vaccinated persons and put down marks about vaccination for those who were not vaccinated. In fact, it was a forgery of documents, but they were charged with Article 274.1. of the Criminal Code of the Russian Federation (illegal influence on the critical information infrastructure of the Criminal Code note). This is also a new article. They considered that by accessing this state portal, where information about covid-infected and covid-vaccinated people is provided, they interfered with this work of the critical infrastructure. But the court came to the conclusion, and quite reasonably - the verdict in all instances stood - that this is only Article 325 and nothing more.
- And who, as a rule, becomes victims of cyber fraud?
- There is no single portrait of a victim of such crimes. If we take the example of phone fraud, then there is also a digital element - victims go to an online bank to transfer funds. Retired judges were also victims of such crimes, as well as employees of the judicial apparatus, and the police themselves. That is, even the profession does not matter.
Recently, there has been such a trend that scammers begin to introduce themselves on behalf of the manager. They create a profile in Telegram — a duplicate of my page. And somehow they get information about who works in our court, and they start writing to them on my behalf that the money needs to be transferred. This is motivated by a special FSB operation. Of course, we have more experienced employees here and I'm open to them on any call, so no one got caught. But this trend is happening all over Russia.
We met with police officers who are engaged in cybercrime and they claim that now scammers do not even need to steal personal information, since people tell everything about themselves — in social networks, on marketplaces, and so on.
- We touched upon the topic of personal data, but there is not much practice on it. Will the situation change?
- I think that everything will be fine. All life is gradually moving into the digital space and partly into virtuality. But so far there have been no such cases on the territory of the Trans-Baikal Territory.
- I already have a more philosophical question for you, as a forensic expert: many students in the course of training, if they are studying in technological specialties, they are even given the task to create malicious programs. And if he is caught, how can such actions be considered at all, if the malware is created not for the purpose of committing a crime, but for the purpose of training?
"They don't qualify here. I assume so, because the malware was developed specifically for this purpose. And how else will we deal with this, with these malicious programs, without knowing how they are created?
Yes, here you need to have experience, fill your hand, know how the "enemy" works and what methods to use against it. And what it uses to create this program. In other words, the security services should also know. I think that these students who do this are doing it on the instructions of their teachers, and they should continue to work in law enforcement agencies. So I suppose.
But this should not and will not, for sure, be considered a criminal offense. Because this is such a "light hacker".
It all depends on the intent. We have such a practice of criminal law that a crime must be caused by fault, and guilt is intent, first of all.
• Video: https://rutube.ru/video/7c5a2942bd509695bd8f26c86ab53d88/
