EXPRESSIONS OF CYBERCRIME

Cybercrime has long entered the public attention, due to the special circumstances that create it, especially in well developed countries, where the computers have entered in every field of work. Thus, since 1989, the Council of Europe adopted a resolution (no. 9) which lists the key behaviors that represent new types of crimes, computer generated activities, and what should be the subject to separate criminality in laws national. Unfortunately, crimes committed using computers began to be taken seriously only recently in Romania, this explains in part why the judiciary system is not familiar with how computers are used to commit crimes. This situation is favored by relatively poor legislation in this area. At a first glance, one might say that when they commit fraud via computer in our country, there is no law to punish the deed; it would just be categorized as a crime. While this may seem a paradox, however, this is not really the case. Even if our country has a lot of specific laws to combat computer crime, much of the facts may still be legally indicted. On the other hand, we cannot neglect the world's most developed countries that have specific laws in this area, well-tuned, and sooner or later we will have ours. Therefore, computer crime problem must be known, it might become the last time a truly global scourge, with tentacles and sufficiently dangerous to our country.
In connection with the extent of cybercrime there are different opinions and evaluations. Except in the cases of illegal copying of computer programs, the number of

computer crime is not very high, but computer crime discovered could significantly increase the number of such categories of facts of a criminal law nature.
The Council of Europe adopted a recommendation in connection with computer crime and has also published a report that contains a minimum list and a list of optional computer crimes. Thus, the minimum list includes acts such as computer fraud,

computer forgery, damage to data or computer programs, computer sabotage, unauthorized access, unauthorized interception or unauthorized reproduction of protected computer programs, and the optional list includes acts such as: alteration of data or computer programs, computer espionage, unauthorized use of a computer or unauthorized use of a protected computer program.
1

Computer fraud Computer fraud refers to the act of causing damage to property to a person by the introduction, modification or deletion of computer data by restricting access to computer data or by preventing, in any manner the operation of a computer system in order to obtain a benefit for oneself or for another. In Romania, this offense is punishable by imprisonment from 3 to 12 years. In the IT environment, fraud can take many forms and can often be confused with traditional deception, means of achievement computer. Given the information environment in which they are initiated and run, I found it necessary to remind in this context, as follows1: Bait and switch; Nigerian letters or Fraud 419; Billing false; Fraud salami; Establishment of companies ghost. Bait and switch This is a form of fraud where the perpetrator lures potential customers by advertising (the price is very small, the profitability of the business, etc.) of products, which either do not exist in reality or are subsequently exchanged with seemingly similar products, but with significantly lower qualities. In essence, the customer presents the opportunity to buy a certain product at a very low price, but when the fees order, he shall communicate that the product "is no longer in stock" and is offered another possibility, another product (fake) as a "consolation" for the "no" to the original presented in the add. Characteristic of this fraud is that the author has no time for thought (no plans) to sell product-bait. The deed is done mostly through computer systems and Internet networking. Luring customers can be made by e-mail messages (email) or through a (well made up) Web page. Fraud with advance They are often known as Nigerian transfers or Nigerian letter or simply 419 scams (after the article number of the Nigerian Criminal Code that criminalizes such acts).
1

Katsh, ME, Law in a Digital World (Oxford University Press, Oxford, 1995)

In this case, the victims are rich people or investors from Europe, North America, Austral Asia and the means of committing crime includes letters sent by mail or faxes to email or web pages, especially after 19902. Operating scheme is relatively simple. A person (investor, businessman etc.) is contacted using the following pattern: "... high-ranking official in Nigeria, I intend to major expatriate funds and will ask to use your accounts using bank transfer, for a fee of 10-20 per cent of the amount transferred ...". Alleged affair is the carefully presented as a minor offense (like white collar crime - white collar criminality), which, however, offers the possibility of "significant gains". Induction, almost subliminally, the idea of small underground in connection with Operation is intended to discourage the victim from reporting the case when the authorities realize that giving their account details to strangers was actually stripped of all liquidity or savings. These scams originate in Nigeria and, usually, are prepared so that email addresses, Web sites, telephone or fax numbers, etc. appear to be those of business centers, local businesses and even government institutions. False deposits Another method of fraud in computer systems is that the author, after winning an auction on a website specialized products (like eBay and AltaVista), ask the victim to use a site (or service) Escrow "safe" " neutral "to" store "goods (goods - mostly electronics) drawing up the financial arrangements. Of course, the escrow site is created and controlled by the offender and the receipt of the goods "in the pledge" that Web page is closed (deactivated) and the account deleted. Thefts of information are increasingly concerned about companies, firms and companies from various industries. Commercial information, such as lists of products, pricing, customers, suppliers, methods of product promotion or marketing studies are the most "hunted". Fraudulent product orders on the Internet with false credit cards are already in the past, or have remained only in the care" of the beginners in the field of electronic crime. Since most virtual stores with big names have stopped sending Romanian ordered products in our country, because many shoppers with credit cards were deceived, Romanian "experts in Internet fraud have found ways much safer and more profitable to steal from others. This happened
2

VALETK, Harry A. (2004), Mastering the Dark Arts of Cyberspace: A Quest for Sound Internet Safety Policies, 2004 Stan. Tech. L. Rev. 2.

with the opening of a new era for Internet advertising. For example, there are advertising companies that pay the site owners what they attached to their sites on a banner of a company or its affiliates the personal site of one of the companies specializing in promoting the Internet (" affiliate "). Regarding the latter method, it should be noted that these companies pay the holder to an affiliate site and attached an advertisement for an amount of money proportional to the number of clicks on banner advertisements on its website installed. Such activity is beneficial to all parties and at the same time, perfectly legal. But Romanian criminals on the Internet have found this method as being a new opportunity to acquire some money with the help of credit card fraud. The offender is affiliated to several sites, typically commercial sites, which gives a percentage of sales to buyers who have brought the products displayed. The Computer Fraud and Abuse Act in the United States of America (CFAA) was introduced in 1986. The law punishes anyone who intentionally accesses without authorization a computer category known as "federal interest computers" and damages or prevents authorized use of information in such computers, causing loss of $ 1,000 or more. The issues raised are whether the government must prove that defendant intended to access a federal interest computer, but that the defendant tried to prevent authorized use of information from your computer and causing losses and to meet the legal obligation access without authorization. In the U.S. there are no fewer than six government agencies that deal with Internet fraud and are designed to investigate and prosecute the matter. American Financial Insights believes that fraud has reached 45 percent of all computer crimes. A microprocessor factory costs about $ 6 billion, its construction and operation takes about three years, after which they can reuse almost anything.
The law on computer misuse in the UK was introduced in 19903. It covers

unauthorized access (hacking) and unauthorized modification or destruction (eg by viruses, Trojans, logic bombs, etc.). Unauthorized includes an authority increasingly higher. It is therefore essential that all users are aware of the detailed scope of access allowed. Any use of
information processing facilities for non-commercial unauthorized without management approval should be regarded as improper use of them. This law protects all systems on a large scale.
3

Walker, C., and Akdeniz, Y., "Virtual democracy" [1998] Public Law 489

One of the oldest methods of protection technique is based on a password entry using the system in an application, or simply for viewing important information. Password, the method of limited access to files and applications, is often used for information security. Another instrument of protection, used in some special cases of applications and access to information is to encrypt communications on the network. There is no perfect encryption method, for which there is no solution to the decryption, so ingenious. This was demonstrated mathematically decades ago by several scientists. False information In Romania, according to article 445 of the Criminal Code, the false information provided by the act constitutes the offense to enter, modify or remove, without right to restrict computer data without right, access to such data, if the act resulting in inauthentic data obtained in to be used in the production of legal consequences. Today we hardly have a false document significant achievement with a simple image processing applications and a printer with the possibility to falsify (or simulate) a person's identity, bank accounts, financial transactions, electronic communications. In a more complex technical approach, the false information will take the following forms: simulated electronic mail; hyper links simulation, simulation Web.
A. Simulation (SPOOFING)

Services Transport Control Protocol (TCP) and the Uniform Datagram Protocol (UDP) assume that Internet Protocol address (IP) address of a host is valid and, therefore, is credible. However, a hacker can use the host IP source routing to pose as a customer or a credible host. A hacker can use IP source routing to specify a direct route to a destination and a way to return back to origin. The route may include routers or hosts that normally are not used to send a ackage to the destination. Thus, the hacker can intercept and modify transmissions without meeting's host packages for real. A simpler method is to wait until the client closes and then to take his place. In many companies, staff members use personal computers and software for TCP / IP to connect to Unix hosts, that is to be used as LAN server. Personal computers often use Unix file system for the NSF network to gain access to catalogs and file server (NFS uses IP addresses to authenticate customers
5

only). A hacker can configure the switch as a client and a personal computer with the same name and the IP address of another computer, and then it can initiate connections to the Unix host. The attacker can easily build this operation. Also, the attack will be "inside", as only an insider knows that computers are enclosed in a protected network. B. The attack by concealing Under attack by concealment (masquerade attack) hacker initiates the session by sending a SYN (synchronization) to the server using the client's IP address as source address. Address submitted by the hacker is that of a credible host. The server will comply with a SYN SYN ACK. The hacker will comply with SYN / ACK of the server with its own package. The hacker does not need to intercept client packets, it can predict the sequence "SEQ SVR 0" and, as such, it can confirm. The hacker can send and receive data on behalf of the client. Of course, the hacker must pass the identification barrier. If using an identification system based on reliable hosts, such as network file system (Network File System - NFS) or Unix rlogin command, the hacker will get full access to the host's services. Although diversion of the post-synchronization is easier to detect when a system administrator for his hacker attack directed against a local network, this type of attack is effective for long-distance network (such as a corporate WAN). C. Simulation of the Email Internet electronic mail is very simple to simulate, which is why, in general, email messages can not be credible in the absence of facilities such as digital signatures. As an example, consider the message exchange between two Internet hosts. Exchange is produced using a simple protocol that uses ASCII character commands. An intruder can easily enter these commands manually by connecting directly to the port Telnet Simple Mail Transfer Protocol (SMTP). Host your receiver has confidence in the identity's host broadcaster, so that the hacker can easily simulate the origin of the message by entering an address different from the real transmitter address of the hacker. Accordingly, any user without privileges can forge or simulate email. D. Simulation of Hyperlinks
6

Hackers can build attacks on authentication protocol Secured Socket Layer server used to create secure Web browsers and servers, such as those of companies Microsoft and Netscape. A hacker can convince the browser to connect to a fake server, this time showing the browsers usual appearance of a safe. Then it persuades the user to disclose information (like credit card numbers, personal identification numbers for mobile phones, etc.) to a fake server. The attack by simulating the hyper connection operates a drawback in the way that most browsers use digital certificates for secure Web sessions. E. Web Simulation The simulation web, hacker recorded content of the pages visited by the victim. When the victim fills out a form on an HTML page, the browser sends its input to the Web server. Because it is interposed between the client and server, the hacker can record all data entered by the customer. Also, the hacker can record the content sent from the server to the client response. Because most businesses online use the form, the hacker can read the account numbers, passwords or other confidential information knowingly place the victim in simulated forms. The simulation takes place naturally as the basic Web protocols to integrate extensive facilities. Coded transmission browser HTTP requests form the Internet and a Web server responds to requests for forms using regular HTTP. For the same reasons underlying the simulation of any URL, hackers can simulate any form. As Web pages get requests to server hacker, and get the data sent by the victim. As such, hackers may change this data before transmitting them to the real server. Server hackers can modify the data returned in response to sending the form. It states that the only way to prevent an attack by simulating the Web is locating and punishing hackers. Due to the nature of the attack, it is important to locate the hacker's server . If the victim detects the attack, the location server will almost certainly be revealed. Unfortunately, hackers attacks carried out by simulating the Web will act mostly on stolen computers. The offense is considered consummated when the perpetrator has introduced or modified in any way that data erased from a computer system or restricted access to these data if this occurred other data or legal situation really poor initial value. The punishment provided is imprisonment from 2 to 7 years4.
4

Under Article 45 of the Romanian Penal Code

The regulation seeks to protect the security of legal actions through the criminalization of all those who can, through the modification of the data on electronic media, entail the legal consequences of unwanted and/or for people who have conceived, designed, implemented or on which information as their effects are felt. Damage to computer data or programs Acts detrimental to data or computer programs accumulate in their constituent content removal actions, bringing the loss, damage or deletion, without right of data or computer programs. Programmers can boast, quite rightly, that they have on hand various methods and techniques to protect their own programs danger from "breaking" them by hackers. Software protection is very important to cover weaknesses in an application. This means that items such as those used in the validation function name registration, licensing etc location data, to be covered well enough for detection tools used by hackers to "break" existing protection may not be able to detect them easily. As a method of protection, it is advisable not to use suggestive names of functions for the serial number or license file. Before the operations of authentication is better to use some short breaks and also to avoid using strings for authentication resources. Many programmers use a consistency check executable files, using known amounts of control and everything for them, apply AutoCorrect where they are. It is not appropriate to rely on the various executable compression systems. Computer sabotage The computer sabotage means entry, alteration, erasure or suppression of computer data or programs, or interference with computer systems intended to prevent the operation of a computer system or telecommunications system.5 Computer sabotage can be achieved by causing damage to any type of computer, interruption of electric current that powers a computer system without authorization or hindering or interruption of a computer system, illegitimate use of a computer system - all of which are committed with intent to prevent a software system. Computers control the information about national security, the transfer of hundreds of billions of dollars daily in the networks, medical
5

I. Vasiu, Cybercrime, Nemira Publishing House, Bucharest 2001, p. 86

procedures, navigation systems of planes and almost any field. Prevent operation of computers or computer networks may not only have serious economic consequences, but may cause disasters. Illegal access to a computer system Access can be accomplished through several types of actions, such as:
authentication (authenticate) - presenting someone else's identity to a program and, if

necessary, check this identity, in order to get access to the target system;
avoidance (bypass) - avoiding a process or program using an alternative method to access

the target;
reading (read) - to obtain the contents of a given environment; copy (copy) - reproduction without changing target; theft (steal) taking possession of a target, without keeping a copy in the original location.

Romania is trying to protect against illegal access to computer networks. Using equipment costing several thousand dollars, they will hopefully lock computer spies and protect interests of millions of dollars. Because, until recently, in our country have not been developed sufficiently large computer networks and interesting to potential wrongdoers, there were no cases of fraud (so large that they become famous) like those in the rest of the world.6 As said in an interview, Stan Dragos, president of the company Net Consulting, one of the firms in our country without protective equipment for computer networks, the secret information is already a serious problem in our country, not only for banks but also for other institutions or commercial companies with subsidiaries in the territory and with computer networks.7 Who managed to enter unauthorized into a network can cause more inconvenience: to destroy valuable information to plant computer viruses, etc. According to experts, the greatest damage may be caused when offenders are confined to the intercept, read and use data that are spread in a network. Such unauthorized access to a computer network leaves no trace, making it even more dangerous (in this case the classic search for all, applied homicide prosecutor, does not bear fruit, it means so very well what the U.S. delegation group of experts in cryptography - a question which is detailed
6

See, for example, a "computer break" from a Russian bank: 375 billion rubles and $ 80 million - see Planet Internet, no. 2 / 1997, p. 46: "On the eastern front." 7 See M. Caster, "Lock the network of spies", Capital, no. 49/12 December 1996, p. 10.

in other sections - the OECD is not led by a member of the Department of Commerce, but the head of the forensic unit of the Department of Justice, supported closely by specialists from the NSA (National Security Agency). The European Committee on Crime Problems referred, in particular, security systems and prevents cybercrime. First, this introduction shows us not only how to use criminal law as a preventive measure, but especially to know well the concept of security. For specialist lawyer, the problem seems to be technical in nature and may pass over it as an issue that is of interest over his mission. But it is the first emergency computer security issues to be considered and taken seriously at all levels, even though information security is, above all, a specialized concept in the general area of public or private security. At European level, the Committee consisted of experts in computer criminals HEALTH stressed that security relative to the computer is a much broader concept called "information security". Practice has shown that the vast majority of cases without access law, the perpetrator acts in order to obtain computer data, can mean:

visual capture of data on the screen;

taking possession of a printed alphanumeric (printed sheet of paper);

running programs or applications that manage computer data (e.g. programs for the administration of databases in an institution, email etc.). One of the most popular method of protection against computer attacks, called firewall in

the literature, is based on the implementation of security policies. It consists of hardware solutions and / or software specifically designed for safely connecting to the shared data networks, which includes the Internet. The method takes into account the first level of protection against unauthorized access and use, as a rule, techniques or blocking of access permissions based on predetermined rules, following the events always occur at the interface with the public. There are many other methods of protection against unauthorized access: opening connection based on the caller's number or user authentication when a call comes after that proceed to close the channel of communication and caller ring back; the use of special identification protocols by combining user / password validation and user communication sessions using a
10

database, using special protection solutions in the network permanently connected to the Internet using encrypted sessions to remote systems administration, etc.

Unlawful interception of an electronic data transmission The interception (in the technical sense) indicates the action to capture with the help of an electronic device specially manufactured for this purpose or a computer, electrical impulses, variations in voltage or electromagnetic emissions in transit within a computer system or the effect is manifested times of its operation is on the route of the connection between two or more systems to communicate. Packet interception represents one of the actions of the most difficult and is also a serious threat to communications through networks (Internet, Intranet). Each packet of data sent across a network can flow as a large number of computers and networks before arriving at the destination. Through a packet interceptor hackers can intercept data packets (including those log messages, transmission of numerical identifiers of credit cards, mail packages, etc.) moving between different locations on the Internet. After intercepts a package, the hacker can open and steal the hostname, user, and password associated with the package. Hackers can use one of the most common types of attacks before the interception of IP packets. Security experts have called intercepting packages as espionage network (network snooping) or hidden surveillance (monitoring promiscuous). Interception of computer science can be done directly, by interacting with the perpetrator of the computer system external components (cables, switches, routers, computers, etc.). In the most trivial example, the communication between two computers in a local area network LAN (Local Area Network), an institution may be intercepted by an intruder after he physically connects the cable route network covered by cutting the wires and connecting them (parallel) to your computer where the computer will receive data stream. Indirectly, or remotely, interception may take the form of the use of specialized applications (so called sniffers-smell) which are able to monitor the traffic packets in a network and you save the data of interest within the framework of the type of log files.
11

In general, sniffers are used by network administrators or by the Internet Service Providers (ISP) for the completion of the analysis of traffic within a network for technical maintenance. Also, they are used by network administrators of institutions for monitoring (authorized) communications (internal or external) of employees, often feature to prevent leakage of information, carrying out illegal activities in the system (e.g. downloading programs subject protection copyright statement of material containing child pornography, etc.) or even for management to have a more accurate representation of the time spent by subordinates in the network or the Internet. To find out what was in a computer system available to interested persons and another method, which does not hold any firewall, is antivirus or other computer security program. In essence, it can decode the sounds produced by keyboard buttons. Till this moment in Romania was not investigated such a case. Another method of interception indirect or remote is the use of such programs, keylogger, adware, spyware. Programs of type Adware and Spyware are automatically upload to PC when visit a certain Web pages. Their aim is to record "online route" and send back those who sent them (usually about companies that make Internet commerce, marketing and advertising firms) data and information about user preferences in Web pages content, theme, etc. A Keylogger program is a specialized application that records every key that a user clicked and send it to the person who installed the program. This software can extract very useful information to hackers, such as credit card number, company reports, intelligence institution or a financial or personal data. In paragraph 2 of article 43 of Law no. 161/2003 it is provided a method of committing the crime, named the interception, without right, of electromagnetic emissions from a computer system computer data that are not public. This involves capturing unwanted emissions of electromagnetic fields that are present (on a certain distance determined scientific) around all the impulses of an electromagnetical device. Today, it is well known modern methods by which interested persons can capture with the help of special devices, electromagnetic radiation in the vicinity of the target computer monitor, they translate the code, turning them into electrical impulses and, later, in alphanumeric characters.
12

(Technology computer systems protection against emissions abstraction called TEMPEST Transient Electromagnetic Pulse Emanation Standardizing has been implemented in the civil or military institutions classified information circulated national or EU / NATO). The crime of interception without right, of a computerized data transmission that is not for the public is provided in article 43 of Romanian cybercrime law. It is provided that the Interception without right, of a computerized data transmission that is not public and which is intended for a computer system, it comes from such a system or is being made within a computer system, is an offence and shall be punished with imprisonment from 2 to 7 year. The same punishment is for the interception without right, of an electromagnetic emission, coming from a computer system containing computer data that are not public. Legal regulation protects computer data transmissions within or between computer systems, regardless of how they are carried out. Computer data are defined as any representation of facts, information or concepts in a form that can be processed by a computer system, in the same category are included, any software which may result in the achievement of a function by a computer system. Special legal subject is the social relations that protects the confidentiality of communications. Secrecy of correspondence is a constitutional right, article 28 of the Romanian Constitution, providing that the secrecy of letters, telegrams and other postal, telephone conversations and other legal means of communication is inviolable. Communications in electronic form may, however, refer to more than a simple mail, protected by virtue of the right to privacy. A growing number of activities are computerized, so the business environment and public sector. Title II Transparency in managing information and electronic public services of the Law 161/2003 creates the National Electronic System (SEN) and seeks to promote the use of Internet and high technology in public institutions. The unauthorized reproduction of protected computer programs Unauthorized reproduction is an offense that covers practically a wide range of crimes on computer piracy and espionage. When we speak about illegal reproduction, several forms of it are more or less serious, such as:
13

Softlifting site is that form of reproduction that occurs especially when there is a degree program initially, but within the same firms, associations, etc. In such a framework where more kids are depending on the number of existing users, as a single product with an irregular, it appears as a crime of unauthorized reproduction. The situation of exchange programs between friends, associates, colleagues fit here. Hard Disk Loading is another form of unauthorized reproduction, is committed by those who distribute computers. Counterfeiting is the worst variant forms of the underlying offense of unauthorized reproduction. It includes both selling as well as illegal copying of a software protected by copyright law. Intelligence information It is understood that intelligence information obtained through illegitimate means, or disclosure, transfer or use of a trade secret without right or industrial intent to cause economic harm to the person who has the right to secrecy or obtain for himself or for other illicit economic advantages. In addition to data theft and imitation material or its components have evolved stealing software and technical data and organizational intelligence, product policy, raw materials, markets, etc. Intelligence information on: industrial and technical aspect (data on research and development, forms of production, manufacturing processes, test results);
commercial aspects (results of company balance sheets, the calculation of benefits and

costs, rotating stock, organizing data on sales, marketing studies, industry forecasts).
One of the most important areas where there is computer crime is the theft of commercial information.

Unauthorized use of a computer Unauthorized use of a computer is no right to use a computer system or network or accepting a notable risk of causing harm or intent to cause injury to a person with the right to use

14

the system or to affect system or functioning, causing the resultant injury to the person who is entitled to use the system or adversely affecting the system or its operation. For protection against access from outside a local network can pick up a "wall", unable pierced by persons other than those authorized. Such a "wall" is PyroWall, sophisticated equipment that connects to your network before leaving the public data network. Thus, any access from outside the local network can be made only passing through this device, which is programmed to authenticate and those who have the right to pass. It is therefore a "wall" with a gate which is open only to persons authorized, recognized. Furthermore, the device makes a "picture" of all access related data: who, when and why to network. The equipment can be used inside local networks, to protect certain databases to which access must not just any person (the cost of this equipment is several thousand dollars less than the cost of a computer). PyroWall not solve the problem of interception of data are transmitted from the local network to other networks, for this is called CryptoWall equipment, a device that works like PyroWall, fixing additional messages. It is obvious that a coded message will be read only after decoding to the recipient, if it has a similar device. In the U.S. there is a valid throughout the federal law that such equipment may not be up to the "key" encryption above 40 bits. Alteration of computer data integrity Acts through which the material element of the crime involve negative effects on the state data, especially regarding their ability to function in the manner provided by the person who has them. Change consist in action of perpetrator that introduce new sequences or delete certain portions of computer data, having as a result of computer data, different from the original and inconsistent with the value of truth that they represent them. By deleting we understand the action that eliminate all or part of a binary representation of the target computer data storage media hard drive type, CD, floppy-disk, memory-stick etc., default leading to the disappearance of such data. Deleting data somehow equates the destruction of material objects. But it can be destroyed and data support, the overprint on the tapes, turntables, magnetic, optical disks (CD-RW), flash
15

memory, etc. Delete binary representation means cancellation of the values of "0" and "1", and production changes to the tensions and the corresponding magnetic areas. It should be noted, however, erase computer data that does not always mean their elimination final. Most often, deleting data is the result of the DELETE type software commands or FORMAT. At that point, the data - which are organized in the form of computer files - will continue to exist in physical storage media but the system will threat these locations as "free" for future overprint. Thus, until the system will handle those locations with other information, data, initial (presumed deleted) may be recovered. Although it is believed that following the command FORMAT is a magnetic disk "formatted" printed, and the data are automatically destroyed, technically this happens only after the execution of seven such operations. Damage means altering the contents of binary computer data, or controlled by random sequence inserts 0 and 1 (bytes) so that the resulting new sequence will no longer have a logical counterpart in reality. In a more serious destruction of data may be the result of concrete harm to computer systems through acts of terrorism, specific acts of sabotage, prepared or very simple, and deleting data or by inserting the magnet programs incidents, bombs logic etc. Restricting access to computer data is the result of one or more actions performed by the offender on their computer systems or storage media, so that as the user cannot find them in their original form, or by standard operating procedures of computer systems. When restricting the physical, the perpetrator acts directly to block access to the resources of a system by scrapping peripheral components like keyboard or mouse. If restricting logical, for example, the perpetrator can change the file allocation table FAT - File Allocation Table - a component of the operating system that allocates each file one or more portions of the storage medium by mentioning addresses corresponding retrieval. A current example of restricting it to computer attacks represent Web pages, resulting in the impossibility of displaying the page or even blocking the entire Web site, so depriving the owners or holders of law, and especially visitors, informational content.

16

The unauthorized transfer is understood as moving without the binary representation of information in the current storage environment (authorized) to another external storage medium or even within the same system, but in another location. Migrating data from one computer system with a specific hardware or software configuration to another system with a different configuration may cause malfunctions and no longer to retrieve information in a format that the user was used. However, most times, such incidents are random and professionalism have more to those who run an operation than any criminal intent. Relocation of the data may have an impact on the integrity of computer data. It is the case of relational databases, in which final data are structured by certain sequence logic, and at the physical level raw data can be found after good algorithms selected depending on their positioning in the storage environment. A possible relocation of some of these data may result in failure of the program (or main application) to identify them, which will take effect on final data integrity, in terms of the format expected by the user. Existing legal practice reveals that the most dangerous tools are computer programs that alter data type virus, worm or Trojan Horse, which reproduce and / or run other programs or data files that destruction programs. Crime of altering computer data is done with intent directly or indirectly. In most cases, the author seeks to harm. Intention to remove from such an act an illicit profit is not necessary and it is not typical of this form of criminal behavior. It is, however, may be an indirect motivation workers, for example the desire to harm a competitor. Practice has shown that, most often, the damage information are motivated by a desire for revenge of an employee whose employment contract has been terminated or is about to be. Political or ideological motivations are also characteristic, for example, terrorist acts. Finally, the desire to attract public attention or to other organizations is not uncommon. Legal regulation aims to protect the computer data stored within computer systems, in order to prevent the alteration, deletion or corruption of data, restricting access to them, their unauthorized transfer of a computer system or from one means of computer data storage.
17

There is a complete catalog of cybercrime, they are very different. In addition, the field itself is in a continual effervescence, permanent nurturing new types of crimes. Even in this context, however, can speak a list of major crimes, including fraud, forgery, computer sabotage or espionage, damage to data and / or software, unauthorized access or interception, unauthorized reproduction of protected programs , altering data and / or software, unauthorized use of a computer or a computer program, etc. Many computer crimes are not, at this time, in the Romanian legislation. For example, infestation, intentional or not, computers or networks of computers, computer viruses, which are known to cause huge damage sometimes. Removing or altering data or computer software, computer systems intrusion of unauthorized persons, since such acts are not covered by legislation. These criminal acts of nature can bring serious damage to natural or legal persons, public or private institutions, representing a real threat to society. Some crimes that characterize the computer crime can go up to military threats, terrorist acts and even destruction on a planetary scale. To convince us that there can be such a danger is enough to remind about Y2K - the year 2000 problem, which has consumed much ink and energy for the world to take concrete threats seriously. Of course, many things were then exaggerated to speak of a coming apocalypse supposedly inevitable end of the millennium. But the hazards referred to then, if it was computerassisted crimes, he could really become real. As is well known, they have been successfully overcome, because humanity has long understood the need for action, strive to spend significant amounts for the threats is not a reality.

18