ICT 3203 CYBER SECURITY 

 
ICTU1020561 - NGALE NGAKO EMMANUELLE CYNTHIA 
ICTU1020563 - DZENE SIMO LESLEY NORA 
 
Question 1: The enormity of cyberspace is stretching the boundaries of the possibility of attacks 
worldwide. How is international law intersecting with national law in this realm? Are the relevant 
laws among member states to the Cybercrime Convention essentially the same or does each 
country gets to tailor those rules? Finally, what is universal jurisdiction and what are its potential 
benefits and pitfalls?  
 
Due to the continuous expansion of cyberspace, national laws are being created in various 
countries. A great example of that comes out of the Council of Europe’s Cybercrime 
Convention. The Council of Europe has some 40-plus countries, plus a number of observer 
countries, that got together and basically made a big list of bad things that can happen on or 
through the Internet. Then, the countries said they were going to take the list of bad things 
and turn it into national law in each country that will prohibit the bad things, provide 
punishments for violation of these rules that meet that society’s traditions and standards, as 
well as respecting certain important societal interests. 
 
Each country takes this list from the convention and passes its own laws to enforce with 
national law what the countries have agreed is a list of bad things. All countries include the 
same aspects, but apply it nationally. There will be some differences from country to country 
because each country will apply their own rules in a slightly different way. This respects 
national sovereignty, but also allows for international cooperation. 
One of the biggest things that it changes, though, is that it sets up a mechanism for the 
countries to pass their own rules that would allow for the exchange of information between 
countries more easily than would have happened without the convention. For instance, one 
country can ask another country for information about an intrusion and if the providing 
country has passed a law saying they can collect the data by a court order from their own 
companies, then they could get the data and turn it over to the requesting country. 

Universal jurisdiction allows states or international organizations to claim criminal 

jurisdiction over an accused person regardless of where the alleged crime was committed, 
and regardless of the accused's nationality, country of residence, or any other relation with 
the prosecuting entity. Crimes prosecuted under universal jurisdiction are considered crimes 
against all too serious to tolerate jurisdictional arbitrage. 

In other words the term “universal jurisdiction” refers to the idea that a national court may 
prosecute individuals for serious crimes against international law such as crimes against 
humanity, war crimes, genocide, and torture based on the principle that such crimes harm 
the international community or international order itself, which individual States may act to 
protect. 

Benefits of Universal Jurisdiction include: 

● Universal jurisdiction can play a crucial role in the international legal system and in 
the pursuit of international justice. It ensures that those who have committed the 
most heinous offences such as war crimes, crimes against humanity, genocide, 
torture and many others are not safe anywhere and can find a harbor nowhere. The 
objective is to guarantee the apprehension and prosecution of those who have 
committed “offences against all mankind”. 

Pitfalls of Universal Jurisdiction 

● It poses a burden to the home state by both civil and criminal trials that are instituted 
on the basis of universal jurisdiction. This burden can be measured in terms of the 
financial and legal resources that are used up on these high-profile trials and which 
therefore postpone, or hinder the realization of local justice in lower-profile matters.  
● Universal jurisdiction, by its very nature, violates sovereign equality of states by 
allowing one state to judge the actions of the officials of another state. The principle 
therefore disregards one of the precepts of modern international law. 
● Also, it allows the possibility, if remote, of judicial chaos arising out of the 
implementation of universal jurisdiction. If many courts, in various countries, where 
to pursue the principle of universal jurisdiction, the result would not be justice, but 
disarray. 
● In addition, having one’s courts judge the officials of another state may significantly 
impede one’s involvement in international peace initiatives.  
● To add to, hand-picking those cases that are to be subjected to universal jurisdiction 
status can be both sanctimonious and disingenuous. 

Question 2: What crimes did Henry commit? What do you think happened to Henry? What 
issues do you believe authorities may have had in the investigation, search & seizure, 
collection of evidence, prosecution and sentencing of the case? 

Cybercrime, or computer-oriented crime, is a crime that involves a computer and a network. 

Crimes committed by Henry include: 

● Cyberstalking (Online harassment): This is ​the use of the Internet or other electronic 
means to stalk or harass an individual, group, or organization.​ This was performed by 
Henry when he sent a bomb threat to the school using his computer. Also, when he 
arranged with his associates to place a bomb threat to a school in massachusetts and 
when he threatened the telephone service provider. 
 ● Cyber terrorism:​ It refers to the use of the Internet to conduct violent acts that result 
in, or threaten, loss of life or significant bodily harm, in order to achieve political or 
ideological gains through threat or intimidation.​ ​ This was performed by Henry when 
he sent a bomb threat to the school using his computer and when he arranged with 
his associates to place a bomb threat to a school in massachusetts. 
● Phishing: This ​is a fraudulent attempt to obtain sensitive information such as 
usernames, passwords and credit card details by disguising oneself as a trustworthy 
entity in an electronic communication.​ Phishing occurs when Henry set up accounts 
for an associate allowing him to look at the identity information of numerous 
individuals. Again, it occurs when he gained access to the internal computer system 
of a major telephone service provider that allowed him to lookup account information 
of the company’s customers. 
● Computer Hacking:​ This refers to the practice of modifying or altering computer 
software and hardware to accomplish a goal that is considered to be outside of the 
creator's original objective. ​Computer hacking was performed by Henry when he used 
a program he had installed on a computer of one of the ISP’s employees to log into 
the computer system of the ISP. To add to, when he gained access to the internal 
computer system of a major telephone service provider. 
● Denial of Service (DoS) Attack: ​DoS attack is an attack meant to shut down a 
machine or network, making it inaccessible to its intended users by flooding it with 
traffic.​Henry launched a DOS attack that successfully shut down a significant ​portion 
of the telephone service provider operations  
● Internet time thefts:​ Internet time theft. It refers to the theft in a manner where the 
unauthorized person uses internet hours paid by another person​.​ This occurred when 
Henry used his access to the telephone company’s computer system to set-up 
numerous telephone accounts for himself and his friends, without having to pay for 
the accounts. 
● Identity theft and invasion of privacy: ​Identity theft is the deliberate use of someone 
else's identity, usually as a method to gain a financial advantage or obtain credit and 
other benefits in the other person's name and perhaps to the other person's 
disadvantage or loss.​ On the other hand, Invasion of privacy is the unjustifiable 
intrusion into the personal life of another without consent.​ ​ Both were performed by 
Henry when he used the telephone computer systems to discover key information 
about an individual who had an account with the telephone service. Again, he 
accessed the information stored on the individual’s mobile phone and posted the 
information on the internet. 

What do you think happened to Henry? 

Every country or state has its cybersecurity regulations and laws. 

 

According to the cybersecurity laws of the United States, the following will happen to henry 
all depending on the various crimes he committed: 

● Hacking 
1. Gaining unauthorised access to national security information leads to 
imprisonment for up to 10 years. 
2. Obtaining information leads to imprisonment for up to 1 year 
3. Obtaining information from government computers lead to imprisonment for 
up to 1 year 
4. Finally accessing information to defraud leads to imprisonment for up to 5 
years 
● DOS Attack 

Intentionally damaging through knowing transmission leads to i,prisonment up 

to 10 years. 

● Phishing 

This carries a potential sentence of up to 10 years of imprisonment . 

What issues do you believe authorities may have had in the investigation, search & seizure, 
collection of evidence, prosecution and sentencing of the case?  

When a cyberattack occurs, ethical hackers are called in to be digital detectives. In a certain 
sense, they are like regular police detectives on TV. They have to search computer systems 
to find ways an intruder might have come in. They look for evidence an attacker left of entry, 
like an electronic footprint in the dirt. And they try to determine what might have been 
copied or taken. 

Methods the authorities might have used in tracking Henry are - 

Tracerouting - This technique shows all the computers within the range of a user and the 
target machine. Often the hostname address listed in the last machine belongs to the 
hacker's ISP Company. This way of resolving the ISP enables to find out its location and the 
areas where the hacker operates. This gives the clue of the geographical location that eases 
investigations. 
Reverse DNS Query - This technique is the most effective way of tracing a hacker. It helps to 
locate the country where the hacker resides though the exact geographical location cannot 
be determined without breaking into the ISP's Head Office. 
DNS - The 'Domain Name Server' are machines connected to the Internet that keeps track of 
the IP Addresses and Domain Names of other PCs. A DNS search takes the 'ASCII Domain 
Name' or simply the 'hostname' and converts it into a numeric IP Address. 

Resources 

https://ijrcenter.org/cases-before-national-courts/domestic-exercise-of-universal-jurisdiction/ 

http://jcpa.org/wp-content/uploads/2009/08/universal-jurisdiction.pdf 

https://en.wikipedia.org/wiki/Universal_jurisdiction 

https://en.wikipedia.org/wiki/Cyberstalking 

https://en.wikipedia.org/wiki/Cyberterrorism 

https://en.wikipedia.org/wiki/Phishing 

https://privacyrights.org/topics/personal 

http://www.nsci-va.org/CyberPro/NSCI%20-%20Cyber%20Pro%20Newsletter-Vol%202%20Edit%2012 

https://en.wikipedia.org/wiki/Cybercrime

https://cyber.laws.com/hacking 

https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos 

https://en.wikipedia.org/wiki/Security_hacker 

https://injury.findlaw.com/torts-and-personal-injuries/what-is-invasion-of-privacy-.html 

https://en.wikipedia.org/wiki/Identity_theft

https://www.lexology.com/library/detail.aspx?g=4af6c044-dc77-4b1a-9288-986395eff8d1