Supplement to the 2012/3
South African
Cyber Threat Barometer
China Case Study
Report
Foreword
Africa is considered to be the cradle of mankind. There is evidence that some of the earliest people lived
in southern Africa.
The hunter-gatherer San roamed widely over the area and the pastoral KhoiKhoi wandered in the wellwatered parts where grazing was available. Tribes from central Africa moved southwards into the eastern
and central parts of the area known today as South Africa.
Milestones in South African history:
1652 - Dutch Settlers arrive under the leadership of Jan van Riebeeck
1795 - British occupation of the Cape
1800 onwards - the Zulu kingdom under King Shaka rises to power
1835 - The Great Trek - Dutch and other settlers leave the Cape colony
1879 - Anglo-Zulu war
1880 - First Anglo-Boer war
1899 - Second Anglo-Boer War
I am referring to the scourge of
1912 - The African National Congress (ANC) is founded
cybercriminal activity that is rapidly
1961 - South Africa becomes a republic
becoming a global concern and one
1990 - Mandela is freed after 27 years in prison and
that we as Africans need to prioritise.
opposition groups are unbanned
We hope this project and proposed
1994 - South Africa's first democratic election
initiatives will go a long way towards
"rallying the troops" to urgently
address the growing cyber threat facing
South Africa has journeyed through many great obstacles
our country.
to become a nation whose dream of unity and common
purpose is within grasp of all its people. We must not
I wish to offer my sincere appreciation
lose sight of this dream. As proud stakeholders of this
to the British High Commission for
great country we are now called upon to join hands in
their funding and support to complete
the fight against a new threat that is targeting all areas
this vital research project.
of our society - no organisation, community or child is
immune to its impact.
I also wish to convey my warmest
thanks to all participating companies
and teams for their input and
For a copy of the full 2012/3 South African
independent review of this report. Your
Cyber Threat Barometer report and other country
passion to make a positive impact in
supplements please visit the research section
this country has been amazing to
of our website.
witness.
I would finally like to acknowledge the
Wolfpack team for their dedication
shown in the research, analysis, layout
and distribution of this report. I am
very proud of what we have achieved.
Corporate contact details:
Building 1 Prism Office Park
Ruby Close, Fourways
Johannesburg, 2055
Telephone: +27 11 367 0613
Email: [email protected]
Website: www.wolfpackrisk.com
Craig Rosewarne
Managing Director
Wolfpack Information Risk (Pty) Ltd
1
China
In China many cybercrime issues are covered in laws and regulations that refer to Internet related crimes and
Criminal Law highlights cybercrime activities.
History of Cyber Laws, Acts and organisations to combat cyber
crime in China
Bill / Act
Description
1994
First law on computer
crime
• Issued by State Council which is an ordinance on protecting
the safety of computer system.
1997
Computer Information
Network and Internet
Security, Protection and
Management Regulations
• The Public Security Bureau (PSB), responsible for the internal
security and approved and published by the State Council in
December.
Ministry State Security
(MSS)
• Handles external security - responsibility for maintaining
Internet security lies with the ISPs, and violations by users will
result in the cancellation of the ISP’s business license and its
network registration, fines and possible criminal prosecution
of both the company staff and the users.
China Penal Code
• Amended to add Article 285, 286 and 287, which stipulated
two CIA Cybercrimes (Illegal Access and Sabotaging a computer
system) and in which computer systems are used as the tools
of crime.
Criminal Law of the
People's Republic of China
• Article 285 - Whoever violates state regulations and intrudes
into computer systems with information concerning state
affairs, construction of defence facilities, and sophisticated
science and technology is be sentenced to not more than three
years of fixed-term imprisonment or criminal detention;
• Article 286 - Whoever violates states regulations and deletes,
alters, adds, and interferes in computer information systems,
causing abnormal operations of the systems and grave
consequences, is to be sentenced to not more than five years
of fixed-term imprisonment or criminal detention;
• Article 287. Whoever uses a computer for financial fraud, theft,
corruption, misappropriation of public funds, stealing state
secrets, or other crimes is to be convicted and punished
according to relevant regulations of this law.
1998
CAST (China Anti-Spam
Team),
• Established a team is to carry out research and operation on
anti-spam.
2000
Decision on Protecting
Security of Network
• Passed by National Council to combat 21 types Cybercrime.
Decision on Internet
Security
• Standing Committee of the NPC was passed.
Internet Rules
• China issued a series of Internet rules that prohibit anyone to
propagate pornography, virus and scams.
China signed the ASEANChina Free Trade Area
(ACFTA)
• China Coordination Framework for Network and Information
Security Emergency Responses and an agreement among the
governments of the SCO Member States on Cooperation in the
Field of Ensuring International Information Security with the
ASEAN and SCO member states, respectively.
Year
2003
2
Bill / Act
Description
UN General Assembly
Resolution 57/239
• China signed Creation of a global culture of cybersecurity.
7th Amendment of China
Penal Code
• Stipulates amendment to combat new types of cybercrime in
the China networked economy.
China Criminal Law
• China incorporated computer crimes into its criminal law
legislation.
ASEAN-China framework
• Agreement on network and information security emergency
response was adopted.
Shanghai Cooperation
Organization
• Agreement regarding information security was made
2010
Guarding State Secrets law
• In an effort to protect confidential information China tightened
its Guarding State Secrets law, by holding internet and mobile
phone operators responsible for customers who try to leak
confidential information.
2011
China Criminal Procedure
Law
• China Supreme People’s Court and Supreme People’s
Procuratorate issued the judicial interpretation on Cybercrime.
However the Chinese Criminal Procedure Law response to
Cybercrime is slow, with minimal rules on collecting electronic
evidence or admissibility rules relating to electronic evidence.
Until 2011 the Draft of amendments to China’s Criminal
Procedure Law began to stipulate technical detection measures
that include electronic surveillance. China’s judicial practice
already supercedes criminal procedure law, China Supreme
People’s Court and Supreme People’s Procuratorate has issued
several judicial interpretations on electronic evidence.
• Criminals transfer, purchase or help to sell illegal acquired
information or control of computer system, in order to seek
illegal interests. In order to control the new kind of crimes, the
aforementioned judicial interpretation prescribed that the
criminals shall be convicted and punished according to provisions
in Article 312 of China’s Penal Code, which prescribes the crime
of concealing illegally acquired goods. If the ISP or advertising
company provided any assistance to cybercriminals in the way
of technical support or financial help, they shall be convicted
and punished as an accomplice.
• In addition to the above provisions, there is a kind of Cybercrime
in the field of China network economy, the criminals transfer,
purchase or help to sell illegal acquired information or control
of computer system, in order to seek illegal interests. In order
to control the new kind of crimes, the aforementioned judicial
interpretation prescribed that the criminals shall be convicted
and punished according to provision in Article 312 of China
Penal Code, which prescribes the crime of concealing illegally
acquired goods. If the ISP or advertising company wilfully
provide for criminals of Cybercrimes the technical support or
financial help, they shall be convicted and punished as the
accomplice.
Year
3
Industry Collaboration, Partnership Developments and Initiatives
in Cybersecurity
Organisation / initiative
Description
Council of European Union
Framework Decision
(CoEU) and Council of
Europe Convention on
Cybercrime
• IIn comparative research of criminal legislation between China and the
European community, the provisions reaches and goes beyond the standard
set by Council of European Union Framework decisions on attacks against
information systems, and reaches most of the requirements of the Council
of Europe Convention on Cybercrime.
Jurisdiction and
International Cooperation
• China did not reach any agreement with foreign countries on judicial
cooperation of combating cybercrime and did not join the related
international treaty, which make Chinese criminal judicial authorities face
difficulties when handling any transnational cybercrime cases.
• China stands outside of the international judicial cooperation system on
combating Cybercrime, it leads to a lot of transnational Cybercrimes move
from other countries into China.
• The situation will not only do harm to safety of China network society but
also make China the springboard to attack computer systems of foreign
countries.
Criminal Procedure Law
• In recent years China has been developing legislation on collecting and
adopting electronic evidence. Aside from the measure of expedited
preservation of stored electronic information, the legislation of other
measures on collecting electronic evidence will soon reach the requirement
of the Convention on Cybercrime.
CCERT (China Education
and Research Network
Computer Emergency
Response Team)
• First CSIRT (Computer Security Incident Response Team) in China is a nonprofit organisation who provides computer security related incident
response service for people and organisations all over China. CCERT was
funded and supervised by CERNET (China Education and Research
Network).They provide incident related services, research and development.
Apart from the coordination incident response services they also helped
to establish another CSIRT for CERNET.
Internet Society of China
• The group behind China's anti-spam effort — is working on standards
and better ways of cooperating to fight cybercrime
• ISPs have become better at working with customers to cut down on the
spam problem
• In 2005, China signed up for the London Action Plan on spam, an
international effort to curb the problem.
• In January 2011, the United States and China committed for the first time
at head of state level to work together on a bilateral basis on issues of
cybersecurity. "Fighting Spam to Build Trust" will be the first effort to help
overcome the trust deficit between China and the United States on
cybersecurity.
4