RELATED LEGAL BASIS

High-Tech Crime
High-tech crimes targeting computer networks are becoming an increasing law
enforcement and national security problem because of the growing reliance in the
United States of government entities, public utilities, industries, businesses, and
financial institutions on electronic data and information storage, retrieval, and
transmission. Increasingly, other countries around the world face the same vulnerability.
The creation of complex computer networks on which many government, public, private,
and financial services depend has created opportunities for illicit access, disruption, and
destruction of information by a wide range of hackers. Although most computer attacks
are conducted by disgruntled employees and independent hackers, according to US law
enforcement information, the threat from foreign intelligence services and foreign
corporate competitors is significant for US national security interests. Moreover,
international terrorist and criminal organizations have increasing capability to penetrate
and exploit computer-based information and data systems.

Illegal penetration of computer systems provides criminals the ability to access

and manipulate personal, financial, commercial, and government data. The
introduction of computer viruses can compromise data system integrity. Hostile
hackers-- whether individuals, industrial spies, foreign governments, terrorist or
criminal organizations--could potentially disrupt critical public-sector assets.

The greater dependence on computer systems for daily business and administrative
functions--and the increasing interconnections between computer networks--has
increased both the vulnerability and potential costs of systems penetration. US
communications and information industries have developed the most technologically
advanced systems and networks in the world. Many critical public infrastructure
industries--including power and energy, telecommunications, and transportation
systems--are operated or managed by computer networks. According to the US
Customs Service, all major international industries, businesses, and financial institutions
rely on interconnected computer systems for commercial and financial transactions to
remain competitive.

Attacks on computer and information systems of US corporations, financial

institutions, universities, and government agencies through unauthorized access
by employees and external system penetration ranged from denial of service and
sabotage to financial fraud and theft of proprietary information, according to
surveys jointly conducted by the FBI and Computer Security Institute.

Illegal intrusion and exploitation of computer networks in the United States have sizably
increased over the last several years, causing millions of dollars in losses to US
businesses and potentially threatening the reliability of public services.

According to the joint 2000 FBI-Computer Security Institute survey of security

practitioners in US corporations, financial institutions, universities, and
government agencies, 273 of the respondents cited financial losses of $265.5
million from computer crime--almost double the reported losses of $136.8 million
in 1998.

The number of US businesses reporting computer intrusions through Internet

connections rose from 37 percent in 1996 to 70 percent in 1998, according to the
joint survey.

A significant percentage of the information needed to carry out essential

government functions is processed at some point by information systems in the
nonfederal sector of the national information infrastructure.

Criminals Exploiting High Technology

As worldwide dependence on technology increases, high-tech crime is becoming an
increasingly attractive source of revenue for organized crime groups, as well as an
attractive option for them to make commercial and financial transactions that support
their criminal activities. With little of the risks and penalties associated with more
traditional criminal activity, high-tech crime allows criminals to operate in the relative
security of computer networks, often beyond the reach of law enforcement where the
crime was committed.
International criminals, including members of traditional organized crime groups, are
increasingly computer-literate, enabling them to use cutting-edge technologies for illicit
gain. International criminals rely on publicly available sources to obtain information on
system vulnerabilities. E-mail mailing lists routinely distribute vulnerability information
and software that can be used to exploit computer systems. In addition, vulnerabilities
are publicly exposed in books, magazine and newspaper articles, electronic bulletin
board messages, and a growing list of Web sites that are targeted at informing a wideranging global network of potential hackers about the latest methodology for staging
computer attacks.

Criminal groups may also exploit businesses and government agencies using
programmers, many of whom are lesser paid foreigners, to make software fixes
or write new programs to gain access to computer systems and the information

they contain. Press reports indicate that a Russian-speaking crime group in the
United States recruited unemployed programmers in Russia to hack into other
syndicates' computer systems, embezzle funds, and create programs to protect
its funds in US banks.

International criminals are using computers to support a wide range of criminal activity,
including as an innovative alternative means to commit many traditional crimes. The use
of computer networks allows criminals to more securely and efficiently orchestrate and
implement crimes without regard to national borders. Drug traffickers, for example, are
using encrypted e-mail and the Internet to avoid detection and monitoring of their
communications over normal telephone and communications channels.
The Internet has also become the primary means used by international child
pornography rings to disseminate their material worldwide. International child
pornography rings are operating in dozens of countries, peddling their illicit wares
through the Internet and other global distribution networks. Modern technology allows
these child pornographers to store vast quantities of digital images on small portable
computers easily smuggled into the United States and elsewhere.
Moreover, criminal commercial and financial transactions through computers occur
amidst countless legitimate public, business, and personal uses of computer networks,
making them especially difficult to identify. Transactions involving technology or
components for weapons of mass destruction or embargoed items under US or
international sanctions are being done through computers. Virtually any commodity,
including weapons of mass destruction and their component parts and delivery systems,
is being offered for international sale on Internet sites.

US Customs investigations show that many Internet sellers of contraband

materials openly advertise that they have been in operation for many years
without being caught by law enforcement. In December 1999, there were about
100 ongoing US Customs investigations involving the sale of counterfeit goods
over the Internet.

Computers are also exploited by international criminals to facilitate a wide range of

economic crime-- particularly targeting US commercial interests. High-tech financial
fraud through illicit access to credit card numbers and commercial accounts has the
potential to cause serious losses for US businesses conducting electronic commerce
over the Internet.

According to a joint FBI-Computer Security Institute survey in 1998, 241 US

business respondents reported $11.2 million in losses caused by computer

financial frauds. Telecommunications fraud from computer attacks cost these

companies an additional $17.2 million in losses.

In March 1999, hackers pleaded guilty to breaking into US phone companies for
calling card numbers that eventually made their way to organized crime
syndicates in Italy. US law enforcement information indicates that this high-tech
theft cost the US phone companies an estimated $2 million.

Intellectual property rights violations through the penetration of computer networks are
also an increasing threat to US businesses. US businesses responding in the 1998
survey reported losses of $33.5 million in theft of proprietary information from computer
attacks.
International criminals may be using computer hacking and related methods for financial
gain. Industry and law enforcement reporting indicates that high-tech criminals are using
advances in technology to target banks and other financial institutions. The anonymity
and speed of electronic transactions may encourage criminal exploitation of these
technologies. While US and many Western and Asian banks and financial institutions
maintain adequate security safeguards to prevent outside penetration of computerbased data financial transaction systems, some have outdated or lax security practices
that high-tech criminals are able to exploit.

In October 2000, according to press reports, Italian authorities dismantled a

Sicilian Mafia-led crime group that was planning to steal as much as $900 million
in European Union aid earmarked for Sicily. Employing corrupt officials from the
targeted bank and a telecommunications firm, the crime syndicate broke into the
bank's computer network, created a virtual banking site linked to the interbank
payments network, and was able to divert $115 million of the EU aid to Mafiacontrolled bank accounts in Italy and abroad before they were discovered.

In China, a computer hacker was convicted in November 1999 of breaking into

the Shanghai Securities Exchange, where he changed transaction records that
cost two Chinese companies more than $300,000, according to Chinese press
reports.

In South Africa in November 1999, an unidentified crime syndicate stole

hundreds of thousands of dollars from local banks by using the Internet and
bank-by-telephone services to hack into financial institutions, according to press
reports.

In 1994, individuals in St. Petersburg, Russia-- aided by insider access-attempted to steal more than $10 million from a US bank by making

approximately 40 wire transfers to accounts around the world. Members of the

gang have since been arrested in several countries, and most of the stolen funds
have been recovered.