NALP Exchange

Discussion of the Law

Month: September 2018

The Danger of the New Egyptian Cyber Crime Legislation

No-one wants to get ripped off online, there’s no doubt that both the incidence and risk of digital crime are growing exponentially.  So you would think that any legislation designed to protect the innocent web user and punish the cyber criminal would be broadly welcomed by most.

In theory, this is true, but in reality legislation designed to ‘protect’ people online rarely does this.   One of the main issues with policing the internet is that most crimes take place across international borders.  This causes a very obvious problem in trying to catch the culprit or protect the innocent from them,

For example there’s a huge number of cyber criminal gangs based in Brazil who steal and attack targets all across the world.  If your bank account or credit card is abused from a sophisticated hacker based in a flat in Rio de Janerio you can imagine how the investigation will go when you report it to PC 413 from the Salford Constabulary.   It’s not the polices fault entirely, laws and legislation simply don’t support the easy investigation or arrest of cyber crime unless there stupid enough to do it from the same country.

So when we hear about Egypt introducing a huge raft of legislation, designed to combat cyber crime you think we’d all be pleased?    Unfortunately not, and it’s generating a huge level of protest within the country itself and across the world among human rights groups.  the problem though is not that it’s likely to be ineffective, which it is. It’s mainly because the legislation allows carte blanche for the Government and it’s agencies to use the laws, powers and penalties against pretty much anybody they want including both religious and political opponents.

Take for example this – Article 27, a web administrator who creates, manages, or uses a website or a private account with the aim of committing or facilitating a crime can face imprisonment of not less than two years and/or a fine of between 100,000 and 300,000 Egyptian pounds.

As per usual in countries like Egypt, the laws are strict but in many aspects very vague meaning it’s a simple task for police or state security to invent some reason to pick up anyone who puts anything online. The target is supposedly crime but in reality it’s an attempt to control the flow of information and opinions online. Closing areas of debate such as social media and discussion forums is a classic attempt to do this. Even if people are brave enough to continue to speak online, the webmasters will be extremely wary of letting anyone do so.

It’s not cyber criminals who are worried about the Egyptian Cybercrime and Media Regulation Laws it’s anyone who wants to preserve freedom of speech in Egypt. The Egyptian government has of course got previous form for this behaviour, they are frequently accused of blocking and closing websites based on political or religious reasons. Although the real reason is difficult to ascertain as it’s often simply not published or released.

The steps go further however, as the Cybercrime Law also seems to authorize the mass surveillance of all forms of communication online in Egypt. It forces the ISPs to keep customer usage data for 180 days. This includes things like web browsing, phone calls, text messages and emails. In order to complete the spying it covers application on smartphones and computers to cover the various messaging applications available on these platforms too.

Many Egyptians already are careful online and indeed lots use VPNs to protect themselves as a matter of course. They also use things like this Smart DNS system to access the BBC iPlayer abroad, there’s a free trial here if you want to test it. The laws around mass surveillance are especially restrictive though, allowing rights of access to all sorts of organisations. The Egyptian government doesn;t seem to mind that the law is already being criticised as it violates many of Egypt’s existing constitution including Article 57 which states that nothing should impinge on the rights to privacy of Egyptian citizens.

Additional:

VPNs, Proxies and Smart DNS solutions to access Netflix – http://www.proxyusa.com/unblock-us-netflix-free-trial

The Many Types Of Cyber Crime

The phrase cyber crime is often used in a generic sense with little thought other than computers and the internet are involved.  Yet there are literally hundreds of different ways that crimes are committed online and some of them are very surprising.   Europol has recently issued a warning of some of the common ones which we’ve included below.

The report is entitled the Fifth Annual Internet Organised Crime Threat Assessment and was presented at a cyber conference in Singapore.  It ‘s a list of crimes from a law enforcement perspective and is designed to highlight emerging threats and key developments.   Their main goal is to stop people becoming victims.

 

One of the most common cyber crimes of recent years is that of ransom ware, which relies basically on installing malicious software on your computer and then demands a ransom to fix it.  Commonly this is achieved by encrypting files or data and making them inaccessible until the ransom is paid.   Individuals are not the only target for these attacks indeed the most common victim are companies and organisations who can potentially pay larger ransoms.  Using a proper antivirus program and making sure your computer is kept up to date is the best protection.

Computers and servers are not the only targets for cyber criminals. An emerging target is that of mobile devices and instances of mobile based malware are beginning to grow.    Again you should consider installing antivirus software on your phone if you use it for secure sites.   However the main source of malware on these devices is by installing applications which are used to infect them.

Most of the threats involving malware, can be reasonably protected against with a reasonable level of vigilance.  Installing Antivirus and security software is the first step, even simple free programs usually offer a decent level of protection.    Buying a decent system and paying for it to be updated though is a much better option and will protect against the majority of malware programs.  The second step is to ensure your operating system and core programs are kept up to date.  Most computer companies like Microsoft routinely release patches and updates to cover any security risks that have been discovered.

These updates can be annoying but they’re crucial to protecting your device and privacy. Malware is typically installed using weaknesses that these security updates close off, don’t leave your computer to be on the potential target list.  Most software especially the core operating system will attempt to install these updates automatically, you’d be advised to leave this setting on.

There is another major risk and unfortunately it’s one you have limited input into.  That’s the risk to your data stored by other companies who you may do business with or have accounts with.    It’s only recently that legislation has come into effect forcing businesses to protect and take care of your data.  The EU’s new General Data Protection Regulation (GDPR) introduces severe financial sanctions, up to 4% of global turnover, for companies that fail to protect users’ privacy.

These offer numerous protections to the consumer, including procedures that must be followed in the event of a data security breach.    There is little of course that you can do to protect your data when it’s on the server of a third party company.  You should be careful about who you do business with online,  be cautious about releasing your details to smaller companies who may not have adequate security in place.

Your data and personal details are in danger in all sorts of places including when they’re being transmitted.  Again this is one area where you have to take steps to protect yourself or you’ll be at risk.  For example when travelling and using unknown wifi and access points you are particularly at risk.  You have no idea how secure these systems are and how safe your data is while being transmitted. Indeed many hotel Wifi systems are extremely tempting targets for hackers and cyber criminals who know that they can harvest lots of account details if they compromise the access points.

The safest way to secure your connection in these circumstance is to use a VPN or something that encrypts your data.  Many people use these systems for unlocking geo-locked channels like the BBC iPlayer and Hulu, but they are equally useful in protecting your data when using unfamiliar access points too.  Always ensure that your connection is encrypted, this program for example allows people to watch the BBC iPlayer from abroad but it doesn’t enable encryption rather using a DNS based system to hide your location.

The encryption is crucial, it means that even if an access point is insecure or even worse has been compromised by criminals your data should be safe.  Everything between your device and the VPN server will be encrypted which means that it would be impossible to access or read anything at the point of transmission and beyond.

These systems and services offer an essential tool especially if you travel a lot, the right VPN can unlock entertainment and protect your internet connection.  Many of the Smart DNS services though are useful purely for unlocking restricted content and have no security impact at all.  The most successful though including the methods mentioned in this page about watching Netflix abroad, usually offer a Smart DNS service plus a VPN which you can use too.

 

 

 

 

© 2018 NALP Exchange

Theme by Anders NorenUp ↑