Criminal liability for CLI spoofing

• Autorzy: Gryszczyńska Agnieszka

Identyfikatory

DOI

10.57599/gisoj.2023.3.2.37

• Języki publikacji: EN

Abstrakty

EN

Spoofing involves masking the identity of a person, group or organisation, by manipulating addresses, identifiers or other data used to identify a user or system. This can range from falsifying IP addresses, phone numbers and email addresses to generating persuasive, fake signals capable of disrupting the reception of legitimate GPS signals by receivers. The article aims to analyse the criminal liability of spoofing attacks, with a focus on CLI spoofing. Additionally, the article will identify the most common methods used by perpetrators of spoofing attacks. This will be followed by an examination of the statutory measures implemented in Poland to mitigate the effects of spoofing attacks, which are considered as reasons for criminal responsibility. The article confirms the research hypothesis that effective reduction of CLI spoofing requires not only legislation that introduces criminal liability for spoofing, but also appropriate legal regulations that impose certain obligations on telecommunications entrepreneurs, efficient international cooperation, and comprehensive education in the fields of cybersecurity and cyber hygiene.

Słowa kluczowe

EN

spoofing; cybercrime; smishing; abuse of electronic communication; hacking; cybersecurity

PL

spoofing; cyberprzestępczość; smishing; nadużycia komunikacji elektronicznej; hacking; cyberbezpieczeństwo

• Wydawca: SILGIS Association ; Croatian-Polish Scientific Network
• Czasopismo: GIS Odyssey Journal
• Rocznik: 2023
• Tom: Vol. 3, no. 2
• Strony: 37--49
• Opis fizyczny: Bibliogr. 15 poz.

Twórcy

autor

Gryszczyńska Agnieszka

• Cardinal Stefan Wyszyński University, Faculty of Law and Administration, Department of Informatics Law, Warsaw, Poland

• https://orcid.org/0000-0003-3004-5253

Bibliografia

• 1. ACAEC (2023). Act of 28 July 2023 on Combating Abuse in Electronic Communications. Journal of Laws 2023, item 170.
• 2. Arntz P. (2023). Swatting-as-a-Service is a growing and complicated problem to solve. https://www.malwarebytes.com/blog/news/2023/04/swatting-as-a-service-is-a-growing-and-complicated-problem-to-solve [access: 25.11.2023].
• 3. C661:2022. Reducing Scam Calls and Scam SMS. Industry Code. Communications Alliance LTD. https://www.commsalliance.com.au/__data/assets/pdf_file/0015/72150/C661_2022.pdf [access: 25.11.2023].
• 4. DataReportal (2023 a). Digital 2023 October Global Statshot Report. https://datareportal.com/reports/digital-2023-july-global-statshot [access: 17.11.2023].
• 5. DataReportal (2023 b). Digital 2023 Global Overview Report. https://datareportal.com/reports/digital-2023-global-overview-report [access: 17.11.2023].
• 6. Gryszczyńska A. (2020). Identity theft in cybercrime cases. In: Yearbook of Maritime Security, Teleinformation Crime 2019, J. Kosiński, G. Krasnodębski (ed.). Gdynia, pp. 207–227.
• 7. i3Forum (2020). International Interconnection Forum for Services over IP (i3 FORUM). Technical Report Calling Line Identification (CLI) spoofing (Release 1.0) October. https://i3forum.org/blog/2020/11/04/i3forum-calling-line-identification-cli-spoofing-report/[access: 17.11.2023].
• 8. M.3362. 2020. Recommendation M.3362 (06/20). Requirements for telecommunication anti-fraud management in the telecommunication management network. International Telecommunication Union. https://www.itu.int/rec/T-REC-M.3362-202006-I/en [access: 25.11.2023].
• 9. PCC (1997). Criminal Code of June 6, 1997. Journal of Laws of 2022, item 1138, as amended. Scott L. (2003). Anti-Spoofing & Authenticated Signal Architectures for Civil Navigation Systems, Conference Paper. ION GPS/GNSS 2003. Portland, OR.
• 10. Supreme Court of the Republic of Poland (2023). Opinion on the government draft law on combating abuse of electronic communications. Sejm print no. 3069. Supreme Court of the Republic of Poland.
• 11. Telecommunications Law (2004). Telecommunications Law of 16 July 2004. Journal of Laws 2022 items 1648, 1933 and 2581 and 2023 items 1394 and 1703.
• 12. Telephone Robocall Abuse (2020). Telephone Robocall Abuse Criminal Enforcement and Deterrence Act 2020. Report to Congress. U.S. Department of Justice. https://www.justice.gov/opa/press-release/file/1331576/download [access: 25.11.2023].
• 13. The Convention on Cybercrime of the Council of Europe (CETS No. 185) (2001). https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185 [access: 25.11.2023].
• 14. U.S. Dept. of Justice (2020). The Department of Justice Files Actions to Stop Telecom Carriers Who Facilitated Hundreds of Millions of Fraudulent Robocalls to American Consumers. https://www.justice.gov/opa/pr/department-justice-files-actions-stop-telecom-carriers-who-facilitated-hundreds-millions [access: 25.11.2023].
• 15. US TRACED Act (2019). Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (Public Law 116–105). https://www.govinfo.gov/content/pkg/PLAW-116publ105/pdf/PLAW-116publ105.pdf [access: 25.11.2023].

Uwagi

PL

Opracowanie rekordu ze środków MNiSW, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2024).