(www.dailynk.com) A recently published journal article in North Korea suggests that the country is analyzing different forms of cybercrime and researching the need to implement anti-cybercrime measures from both technological and legal standpoints.
Recently, the Journal of Kim Il Sung University (No. 1, Vol. 68, 2022) published a paper entitled “Legal Analysis of Major Forms of Cybercrime” on the university’s homepage.
The paper called for “thorough technical and legal measures to prevent cybercrime such as hacking and interception with a view to firmly ensure the security of and trust in telecommunications.”
In particular, the paper stated that its objective is the “establishment of technical and legal measures to prevent crimes occurring in cyberspace,” and that “defining illegal access activity as a crime is an important way to suppress other cybercrimes.”
DEFINING WHAT IS, AND ISN’T, A CRIME
In its thesis, the paper classified cybercrimes into illegal access, illegal interception, illegal interference, computer misuse tools, and computer-related fraud and forgery.
“Illegal access” refers to a user entering a system or network with no access authority or using authority beyond the access authority a user has been granted. Most cyber attacks occur when an attacker infiltrates a system, acquires authorization and illegally copies, transfers, alters or deletes data.
In the paper, North Korean researchers appear to be pointing to “illegal access” as the starting point of cyber attacks, defining it as a crime.
In fact, the article says even the simple act of illegal access “must be seen as a cybercrime” because “illegal access violates the integrity of information systems.”
The paper claims that the simple act of illegal access “must be legally punished” as it enables both the preparation and execution of crimes, including “goal setting, analysis of security systems, intrusion and authorization acquisition.”
Other countries do not always criminalize accessing a network without altering, copying or destroying data, but the recent North Korean article is basically calling for this act to be treated as a cybercrime.
In North Korea, committing or engaging in cybercrime tends to be regarded as simple deviant behavior because the perpetrators are usually information and technology specialists.
Based on the statements made in the paper, however, North Korea may be moving toward full recognition of cybercrime as a social problem and crafting laws and systems to punish it.
PLUGGING LOOPHOLES
In fact, the paper emphasizes the need to enact new laws since the current legal code lacks provisions to punish cybercrime.
The article also stresses the imperative for research into crafting a cybercrime law, arguing that the authorities cannot appropriately respond to crimes in cyberspace with existing laws.
The paper further states that if the authorities try applying existing laws to illegal interception in cyberspace, information stored in transmission systems will not fall under the control of these laws.
“We need to conduct research on a new cybercrime law [to combat] illegal interception in cyberspace,” the article said.
The paper also said that with traditional systems transitioning to digital systems, there is an imperative to guard against cyber attacks that are focused on stealing people’s identities. This suggests that as the country pushes digitalization in industries, the economy and across society, the government is concerned about cyberattacks involving stolen identities.
North Korea is not particularly at risk for cyberattacks from the outside world because the country’s citizens are only allowed to use a closed intranet.
However, there have been reports that North Korean hackers have been targeting their fellow citizens, including stealing their account information and other data.