by CyJurII Scholar

Lika CHIMCHIURI[1]

1 August 2025

PDF available

Abstract

This paper explores the historical development and legal regulation of cybercrime, from early forms like phreaking and hacking to modern threats such as ransomware, cyberespionage, and cryptojacking. It highlights key international conventions, state responses, and institutional efforts, emphasizing the urgent need for global cooperation and harmonized legal frameworks.

Keywords: Cybercrime, Legal Regulation, International Cooperation, Technological Advancement, Cybersecurity.

Introduction

Cybercrime has evolved from isolated incidents of digital mischief into a complex, transnational threat affecting individuals, corporations, and nation-states alike. As society has become increasingly reliant on digital infrastructure, malicious actors have simultaneously adapted, exploiting emerging technologies in ways that outpace legal and regulatory developments. The urgency to understand the origin and progression of cybercrime is not merely academic; it is foundational to shaping effective legal norms and global cooperative mechanisms to combat it.

This study employs historical research methods. Using the historical legal research method, I examined the emergence of cybercrime and the process of developing norms against it. This approach enables a structured analysis of how legal systems have responded to technological disruptions over time, and how key institutions have evolved to address digital threats. By tracing the early forms of cybercrime from phreaking and software piracy to more recent phenomena such as ransomware, cyberespionage, and cryptojacking, this blog post aims to illustrate how global responses to cybercrime have developed in tandem with, yet often behind, technological advancement.

1. The Emergence of Cybercrime and Mechanisms of Combat in the 20th Century

  The invention of computer devices began in the 20th century, laying the groundwork for cyberspace. At the early stage of computer invention, the concept of cybercrime practically did not exist; however, as computer technology rapidly advanced, cybercrimes began to emerge in the second half of the same century. The first half of the 20th century was characterized primarily by technologies such as the telegraph, telephone, and the first generations of computers. Accordingly, the main focus was on traditional crimes, and the legal frameworks of that time did not account for the digital landscape. Early-generation computers were initially capable only of performing calculations.

  In 1958, the United States established a new Advanced Research Projects Agency (ARPA), whose main task was to develop and create superior military technologies to counter potential adversaries. After extensive work, on October 29, 1969, the first so-called "server" was connected between the University of California and the Stanford Research Institute, forming what is now known as the network. ARPANET became one of the “parents” of today’s Internet.[2] 

  Today, nearly the entire world uses the Internet. Alongside its development, new generations of mobile phones have emerged, making the Internet an easily accessible consumer market for everyone. The growth of all these factors has created fertile ground for cybercrime. This new challenge threatens all individuals, legal entities, states, and others. The law has not supported the development of cybercrime regulation and has been unable to regulate such offenses adequately. In this regard, states continue to face significant challenges to this day.    

According to the Routine Activity Theory (RAT), which is a criminological theory, three elements are necessary for a crime to occur: a motivated offender an individual who wants and is able to commit a crime; a suitable target a person, object, or place that is appropriate and vulnerable to criminal acts; and the absence of a capable guardian lack of effective deterrents such as police presence and other protective measures. If we apply this theory to the online environment, we see that all three factors are present, creating opportunities for crimes to be committed.

Accordingly, by the end of the 20th century, we encountered the first form of cybercrime, “phreaking.” Hackers first appeared in the 1950s when a group of so-called “phreaks” began hacking parts of the world’s telephone networks, making unauthorized remote calls and creating special “party lines” for their colleagues. Towards the late 1970s, with the spread of Bulletin Board Systems (BBS), this informal subculture started to unite into organized groups of individuals who connected to telephone networks with the aim of “breaking into” corporate and government computer network systems.[3]

“Phreaking” is referred to as the first form of cybercrime. It is a jargon term meaning unauthorized access to a telecommunications network. This term was used to describe actions such as manipulating telephone networks by simulating call tones. The simulation was done using whistles or specially designed devices called “blue boxes,” which activated the automatic switches inside telephones.[4]

Free calls were also made on expensive telephone lines. For this purpose, so-called “phreakers” illegally hacked telephone networks. Such actions negatively impacted corporations. Remote calls lasting several days cost corporations thousands of dollars.

    One of the first “phreakers” was John Draper, nicknamed Cap'n Crunch, who is considered the first person to whom we can attribute the term “hacker.” In the 1970s, Draper discovered a toy whistle inside Cap'n Crunch cereal, which he used to hack telephone lines and make calls. Draper knew that the whistle emitted a tone needed to imitate the active call disconnect signal on telephone lines. In fact, this tone allowed him to extend a call even after the conversation had ended. By exploiting telephone systems, he was able to make free long-distance and international calls.[5]

Phreakers used special techniques that allowed them to bypass billing systems of telephone networks, resulting in financial losses for telephone companies. Naturally, this practice was illegal because it involved service theft, that is, using telephone networks without payment. It also included damaging and disrupting telecommunications infrastructure, which caused significant financial harm. Draper was exposed in 1972 when the telephone company detected unusual billing activity linked to him.[6]

    The term “hacker” has been in use since the 1950s, initially describing enthusiasts fascinated with electrical devices as a hobby. However, it later became associated with computer programmers when, in 1963, an article in the Massachusetts Institute of Technology (MIT) student newspaper referred to and defined a “hacker” as a person who gains unauthorized access to computer networks.[7]

    One such criminal was Kevin Mitnick, a hacker who appeared on the FBI’s "Most Wanted" list. In 1981, at the age of 17, Mitnick breached the North American Aerospace Defense Command (NORAD) system. This act was enough to bring to the forefront the seriousness of threats caused by such security breaches..[8]

    Another type of computer crime that emerged at the end of the 20th century is computer malware viruses.[9] One such malicious virus is the “Brain Virus.”

  The “Brain Virus” was the first computer virus to spread outside of a test laboratory in the United States. It was reported to the University of Delaware’s computer center on October 22, 1987, but it had already been detected in other locations several days before the notification on campus. The virus then spread to other universities worldwide.

The virus was named “Brain” because it would overwrite any disk with the word “Brain.” It is also referred to as the “Pakistani Virus” because, when it was first studied on an infected disk, it displayed two names, Basit and Amjad, along with their address in Lahore, Pakistan.

  This virus infected the computer's boot sector, which is a part of the disk.[10] It significantly slowed down the performance of computers without deleting important files, but some data became inaccessible, rendering the infected devices unusable. It was more of an inconvenience than a destructive threat.

  Later, a new form of cybercrime emerged - software piracy. This offense can be defined as the illegal copying, downloading, sharing, selling, or installation of software that is protected by copyright. Most software today is purchased under a single-user license, which means it is intended to be used by one authorized user only. Making multiple copies of the software and sharing it with friends or relatives is considered a violation of the license agreement.[11]

One of the first prominent cases related to this type of crime is “The Apple Case.” In the early 1980s, the manufacturer Franklin Computer began selling computers that were capable of running software specifically designed for Apple’s Apple II model. This led to legal action by Apple, as Franklin had copied Apple’s copyrighted operating system without authorization, marking one of the earliest and most influential legal battles over software piracy and intellectual property rights in the digital age. Franklin copied parts of Apple’s operating system software, which led Apple to sue the company for copyright infringement. Apple aimed to stop Franklin from selling its “Apple-compatible” computers, arguing that Franklin was using Apple’s software without permission.[12]

Another form of cybercrime from this era is fraud (online fraud). Fraud is a category of crime that encompasses a very wide range of actions. This offense involves the deceptive appropriation of the victim’s money or other material assets and represents a specific type of crime directed against property. Such crimes may be committed not for financial gain, but to gain access to specific information or documents that are valuable to the offender in other ways (for example, intellectual property).[13]

  The first known case of fraud like this appeared in West Africa in the 1980s. This crime became widely known as the “Nigerian prince” scam. The letter became a well-recognized trope in popular culture and appeared in the inboxes of internet users everywhere. The “Nigerian prince” was a message sent via email to users, where scammers impersonated a wealthy Nigerian prince who needed help transferring a large sum of money out of the country. In return for assistance, they promised a substantial reward to the victim. Through this scheme, victims were tricked into giving away personal information, and money was subsequently stolen from their accounts.[14]

A form of fraud is identity theft. Although it has existed since ancient times, it became more prominent and relevant from the 1950s onward, with the emergence of credit cards and the internet. Identity theft occurs when a person acquires, transfers, possesses, or uses another individual’s or legal entity’s personal information without authorization, typically to commit fraud or other crimes. During this period, cybercrimes of this nature increased significantly, especially in the United States, leading to the enactment of the U.S. Identity Theft Assumption and Deterrence Act in 1998.[15]

  Another form of fraud is phishing. Phishing is defined as a "criminal technique that uses both social engineering and technological tricks to obtain sensitive, personal information from the victim." This definition comes from the Anti-Phishing Working Group (APWG), which was established in 2003 to combat phishing attacks.[16] It is difficult to determine the exact date of phishing’s emergence. It was first described in a scientific article in 1987, although the term "phishing" was not used. The first recorded attempt took place in 1990, when a group of hackers created a tool to generate random credit card numbers. They used these fake numbers to create accounts and send spam messages.

At the end of this era, in recent years, a new type of malicious software has come under the attention of law enforcement agencies - ransomware. Although it first appeared in late 1989, it remained largely unnoticed by both criminals and law enforcement until around 2005. Ransomware can be defined as a type of malicious software that blocks or hides computer files, rendering them inaccessible until a ransom is paid to restore access. This type of crime is still frequently used today to extort money from victims.[17]

  Later, another form of cybercrime emerged: cyberespionage. Cyberespionage involves unauthorized access to computer systems and networks to obtain sensitive government or corporate information. Like other forms of espionage, its goal is to better understand the capabilities and intentions of competing countries. In the case of industrial espionage, a subtype of cyberespionage, the focus is on accessing corporate information to acquire competitors’ business strategies or to steal intellectual property.[18]

The first case related to this crime occurred in the United States and is known as “The Cuckoo’s Egg.” American author and computer security expert Clifford Stoll wrote a book by the same name, which details this incident from the 1980s. A German hacker named Karl Koch exploited weaknesses in the U.S. government and military networks to gain unauthorized access. Stoll described the hacker as a "cuckoo’s egg," a bird that lays its eggs in other birds’ nests, symbolizing Koch’s unauthorized intrusion into laboratory computer systems, including sensitive data. Stoll’s pursuit of the hacker took him through various networks and required collaboration with multiple government agencies. His investigation was successful, and Karl Koch was arrested in 1986. This incident highlighted the vulnerabilities in computer systems and led to increased awareness and improvements in cybersecurity.[19]

  All of the above-mentioned events compelled states to take appropriate measures and implement relevant legal reforms. One such legal reform first appeared in the United States in 1986, with the enactment of the Computer Fraud and Abuse Act (CFAA).

  This law prohibited unauthorized access to computers for the purpose of: 1. Obtaining information related to national security; 2. Acquiring financial information; 3. Intruding into government networks and deliberately altering, destroying, or disclosing information contained within those networks.

  Although the CFAA was the first federal anti-hacking law, the term “hacking” itself does not appear in the text. Instead, the act refers to actions that cover many behaviors commonly associated with computer hacking. In general, the CFAA prohibits conduct where (1) an individual “without authorization” or by “exceeding authorized access” engages in certain activities; and (2) such conduct must be carried out through the use of a computer.[20]

  Shortly after, Stanford University’s Hoover Institution in California held a conference on December 6-7, 1999, focused on international cooperation to combat cybercrime and terrorism. At this conference, Stanford University proposed, in 2000, the creation of an international convention addressing cybercrime and terrorism.[21]

  The first law addressing cybercrime in Europe was enacted in the United Kingdom in 1990 and is known as the UK Computer Misuse Act (CMA). Under the CMA, unauthorized access to computer systems and data, as well as their damage or destruction, are considered criminal offenses. The purpose of the act is to protect computer systems, data integrity, and security.[22] This act became an important tool for prosecuting cybercriminals in the United Kingdom. It also influenced other Commonwealth countries, which later adopted similar legislation.

  Regarding international organizations that have taken initiatives in regulating cybercrime, one of them is Interpol. In 1979, at a conference held in Paris, Interpol raised the issue of computer crime and criminal legislation.

  This was followed by Interpol’s first training seminar for investigators working on computer crimes, held in Paris from December 7 to 11, 1981. The seminar covered criminal legislation topics such as data alteration and deletion, or other destructive interference with data processing, among others. Overall, this marked the first step toward developing criminal laws related to computer crimes worldwide.[23]

  The second international organization involved in this matter was the G-8 Group of States. The Group of Eight represented an intergovernmental forum comprising the world’s eight dominant industrialized countries: Canada, France, Germany, Italy, Japan, Russia, the United Kingdom, and the United States. The European Union also participated in G-8 meetings as a non-member observer (non-enumerated).

  In 1998, the G-8’s high-technology subgroup, which specialized in transnational organized crime, established and developed a 24/7 expert network to assist relevant authorities in investigating high-tech crimes. The goal was to ensure that all cybercriminals were held accountable and that law enforcement agencies had the technical capabilities to identify criminals who misuse technology and bring them to justice. Other countries also joined and collaborated within this network on similar issues.[24]

       Additionally, campaigns to raise cybersecurity awareness among the public were launched and strengthened. Governments and organizations placed significant emphasis on educating society about these issues to prevent devastating consequences in the future. Specialized training programs were also developed for law enforcement agencies to ensure proper preparation of officers. These programs included studying emerging technologies used during investigations, training in digital forensic analysis, and more.

However, the legal reforms, mechanisms, and awareness campaigns implemented in this century have proven neither sufficient nor fully effective against cybercrime. The 21st century ushered in a new era of technologies, which provided cybercriminals with even greater opportunities. Existing conventions and laws remain incomplete, making it easier for offenders to evade detection. Next, we will examine these challenges in greater detail.

2 Issues of Cooperation Against Cybercrime in the 21st Century

The new century began with new types of cybercrime. Let’s consider one of the most global cases of the 21st century, the ILOVEYOU virus, which spread via email in May 2000 by Filipino hacker Onel de Guzman. Disguised as an innocent love letter, the virus rapidly propagated through email systems and damaged files. Its global impact on networks sparked significant cybersecurity awareness campaigns and led to the implementation of stronger email security measures.[25] Despite the scale of the attack, de Guzman was never held accountable because, at that time, the Philippines lacked appropriate cybercrime laws. The incident highlighted the vulnerabilities of early internet systems and underscored the urgent need for strengthened cybersecurity measures.[26]

With the advancement of technology, cybercrimes continue to increase. One particularly significant case occurred in October 2014, when Sergei Tsurikov, a citizen of Estonia, was arrested and sentenced to eleven years in prison in the United States for his role in a conspiracy that caused $9.4 million in damages. The crime took place in 2008, when Tsurikov and his accomplices successfully hacked into the computer network of RBS WorldPay. Authorities described the incident as “one of the most sophisticated and organized computer fraud attacks ever conducted.” The criminals were able to compromise the encryption used by RBS and then increased the withdrawal limits on payroll debit cards. They provided a network of "cashers" with 44 counterfeit payroll debit cards, which were used in less than 12 hours to withdraw over $9 million from more than 2,100 ATMs in at least 280 cities around the world, including in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan, and Canada.[27] This crime underscored the transnational nature of cybercrime, highlighting the difficulty of regulating such offenses by a single state alone. It demonstrated the urgent need for cooperation among states and international organizations, which is essential for effectively tracking and prosecuting cybercriminals across borders.

  Around the same period, a new form of cybercrime emerged - cyber warfare. While there is no universally accepted definition, the most frequently cited and widely acknowledged explanation comes from the book “Cyber War: The Next Threat to National Security and What to Do About It” by Richard Clarke and Robert Knake. Clarke and Knake define cyber warfare as: “Actions by a nation-state to penetrate another nation's computers or networks to cause damage or disruption.” However, this definition is quite narrow, as it excludes non-state actors such as hacktivists and corporate espionage. Furthermore, there is an ongoing debate about whether cyber warfare can truly be considered “real warfare” since it lacks a physical front line.[28]

  One of the first recognized instances of cyber warfare is considered to be the 2007 spring cyberattacks on Estonia. Estonia came under a sustained cyberattack campaign that lasted for 22 days. The attacks were part of a broader political conflict between Estonia and Russia, triggered by the relocation of a Soviet-era monument in Tallinn.[29] Based on this case, we can conclude that cyberspace holds immense potential that is still evolving alongside technological advancements. It offers vast opportunities, but at the same time, it also presents significant threats both to individuals and to states.

  With the advancement of technology, especially the Internet, the Internet of Things (IoT) has emerged and rapidly evolved. The term was coined by Kevin Ashton in 1999 to describe a network that connects physical objects to the internet. IoT can be defined as a network of distinctly identifiable embedded computing devices. Some IoT devices are standard objects enhanced with internet connectivity, while others are sensor-based technologies designed specifically for IoT applications. The IoT ecosystem includes technologies such as: Autonomous cyber-physical and cyber-biological systems, RFID sensors,  Unmanned Aerial Vehicles (UAVs), Smart grids, Smart buildings, and more. IoT technology has created numerous opportunities for advancement in various academic research fields, including healthcare and transportation. However, the emergence of these new technologies within the IoT landscape has also opened up new avenues for cybercriminals to exploit.[30]

  This is closely linked to Distributed Denial of Service (DDoS) attacks, another form of cyberattack. In a DDoS attack, multiple computers or devices flood a server, website, or network with excessive traffic. The goal is to overload or slow down the system, making it inaccessible to legitimate users.[31] Currently, there are several methods through which DDoS attacks can be carried out. These include, for example: Sending malformed requests to a computer system to exploit its vulnerabilities, Exceeding capacity limits by overwhelming a service with more users or requests than it can handle, Flooding email servers with more emails than the system is capable of receiving and processing, Each of these methods is designed to disrupt normal operations and deny access to legitimate users.[32] As we can see, over the decades, cyberspace has become increasingly sophisticated, giving cybercriminals more opportunities to exploit its vulnerabilities, while making regulation more difficult.

  For example, one of the most notorious malware programs of the last decade, created by cybercriminals, is the Mirai Botnet. This malware infects network devices running Linux, especially IoT devices such as routers, cameras, and other smart gadgets, turning them into remotely controlled bots. These bots can be harnessed to carry out large-scale cyberattacks, primarily DDoS attacks. Mirai Botnet specifically leverages compromised IoT devices to launch these attacks. A notable incident occurred in late 2016, when Mirai Botnet effectively took the internet by storm by launching DDoS attacks against several high-profile targets, including companies like Netflix.[33]

  Technology has advanced to the point where electronic money now exists within cyberspace. For example, there are thousands of cryptocurrencies worldwide, each with different purposes. Some, like Bitcoin and Monero, serve as digital currencies while also maintaining significant monetary value. Naturally, cybercriminals also target these currencies for illicit activities.[34] Building on this, a new challenge emerges in the fight against cybercrime: Cryptojacking. This crime occurs when someone secretly uses another person’s computer or device to mine cryptocurrency without their permission. This unauthorized use slows down the victim’s device and causes a significant increase in electricity consumption.[35]

  The aforementioned developments have given rise to a new field within legal systems — cyber law, internet law, and related disciplines. Alongside this, international conventions and cooperations were established, and organizations began studying these challenges and taking appropriate regulatory measures.

The first major convention on cybercrime is the Budapest Convention on Cybercrime, adopted by the Council of Europe. The convention draft was ready by 1999, and it was formally signed by member states in 2001. Over 70 countries have since joined, including the United States, Canada, Japan, Argentina, Australia, and others. However, many countries, notably Russia, China, and several Arab states, have not joined. The Budapest Convention provides a comprehensive legislative framework that has had significant influence on global cybercrime legislation and facilitated cross-border cooperation in fighting cybercrime. In 2003, a first additional protocol was added, criminalizing racist and xenophobic acts committed via computer systems. In 2022, a second additional protocol was adopted, focusing on enhanced cooperation and electronic evidence collection. Based on these treaties, countries began cooperating to harmonize national laws with international standards, launched awareness campaigns, and more. In the fight against cybercrime, a key global player is Interpol, which developed the INTERPOL Global Cybercrime Strategy. This strategy assists investigators in the secure collection, exchange, and rapid response to cybercrime-related information worldwide.[36]

  Europol did not fall behind Interpol. In January 2013, Europol established the European Cybercrime Centre (EC3). This simple and sophisticated organizational structure was created to ensure the effective delivery of the tasks assigned to EC3, to provide strong unity and communication within the center, and to assist EU member and partner countries in combating cybercrime, to promote cooperation between countries, and to facilitate the criminal prosecution of cybercriminals.[37]

Outside the European Union, especially in developing countries that lack the proper equipment and legislation to defend against cyberattacks, are assisted by the United Nations Office on Drugs and Crime (UNODC), which is part of the UN Secretariat. UNODC is a global leader in combating transnational crimes. It operates in all regions of the world through its wide network of field offices. In recent years, UNODC has received expanding mandates from the General Assembly, the Economic and Social Council, and the Commission on Crime Prevention and Criminal Justice to provide technical assistance and training to states for improving national legislation and strengthening the capacity of local authorities. Its goal is to prevent, detect, investigate, and prosecute all forms of cybercrime.[38]

  In addition to the United Nations Office on Drugs and Crime, there is the International Telecommunication Union (ITU), which is the United Nations specialized agency for information and communication technologies. It was established based on the principle of international cooperation between member states and the private sector, and today it has 193 member countries and over 700 sectors, ranging from private sector research institutes to academic institutions. The ITU assists countries in improving their legislative frameworks related to cybercrime and develops capacities in regions such as Asia, the Caribbean, and the Pacific to combat cybercrime. The organization has also developed programs, including specialized training courses against cybercrime and related educational materials for police, judges, lawyers, and civil society.[39]

On April 16, 2015, the Global Forum on Cyber Expertise (GFCE) was established.[40] This platform promotes international cooperation on cybersecurity issues. Its goals include sharing knowledge in the fight against cybercrime and fostering collaboration between more advanced and less advanced partner countries.[41]

  It is also noteworthy that on December 24, 2024, at the 79th session of the United Nations General Assembly, the United Nations Convention against Cybercrime was adopted. Compared to the Budapest Convention, this UN convention stands out with several advantages: it has a global scope encompassing the interests of a larger number of countries (including Russia, China, and others), covers a broader spectrum of crimes, is more comprehensive, and establishes better mechanisms for international cooperation.

  In today’s world, cybercrime remains an unresolved problem. The absence of a universal definition of the crime creates gaps in international law and legislation, hindering the proper protection of human rights. To address these challenges, there is a growing need for international cooperation and collaboration to enable an effective fight against cybercrime. Countries need to establish common legislative frameworks, such as data protection laws, to allow for unhindered information sharing among investigative bodies and to enhance the capacities of law enforcement agencies to effectively counter cyber threats. Governments and organizations can also conduct awareness campaigns about cyber risks to promote greater public understanding and vigilance against cybercrime.

Conclusion

In today’s world, cybercrime remains an unresolved problem. The absence of a universal definition of the crime creates gaps in international law and legislation, hindering the proper protection of human rights. To address these challenges, there is a growing need for international cooperation and collaboration to enable an effective fight against cybercrime. Countries need to establish common legislative frameworks, such as data protection laws, to allow for unhindered information sharing among investigative bodies and to enhance the capacities of law enforcement agencies to effectively counter cyber threats. Governments and organizations can also conduct awareness campaigns about cyber risks to promote greater public understanding and vigilance against cybercrime.

References

1.     Gabisonia, Z. (2022). Internet law and artificial intelligence. Jurists’ World, Tbilisi, p. 112, (In Gerogian: გაბისონია ზვიად, ინტერნეტ სამართალი და ხელოვნური ინტელექტი, იურისტების სამყარო, თბილისი, 2022, გვ. 112)

2. Cernomoreț, S., & Nastas, A. (2023). Comparative analysis of cybercrime in the criminal law system. Bucharest, Paris, Calgary, pp. 17–19.

3. Kumar, S. (2022, May). An analysis of phreaking as a form of cybercrime. International Research Journal of Modernization in Engineering Technology and Science, 4(5), 2–3. Retrieved September 10, 2024, from http://www.irjmets.com

4. Encyclopaedia Britannica. (2024, August 9). Hacking. Encyclopaedia Britannica, Inc. Retrieved September 10, 2024, from https://www.britannica.com/topic/cybercrime/Hacking

5. Highland, H. J. (1997). A history of computer viruses: The famous ‘Trio’. Computers & Security, 16(5), 416–429.

6. Khadka, I. (2015). Software piracy: A study of causes, effects, and preventive measures (Bachelor’s thesis). Helsinki Metropolia University of Applied Sciences, p. 6.

7. Nussbaum, J. L. (1984). Apple Computer, Inc. v. Franklin Computer Corporation puts the byte back into copyright protection for computer programs. Golden Gate University Law Review, 14(2), Article 3, p. 13.

8. Skidmore, M. (2024, April). The anatomy of online fraud. Perspectives on Policing: Paper 10. The Police Foundation, p. 2. Retrieved September 3, 2024, from https://www.police-foundation.org.uk/wp-content/uploads/2010/10/perspectives_online_fraud.pdf

9. Beek, J. (2016). Cybercrime, police work, and storytelling in West Africa. Africa, 86(2), 305–323. https://doi.org/10.1017/S0001972016000061

10.  OECD. (2009). Online identity theft. OECD Publishing, pp. 15–16. Retrieved September 3, 2024, from https://www.oecd.org/publishing/corrigenda

11.  Sonowal, G. (2022). Phishing and communication channels: A guide to identifying and mitigating phishing attacks. Apress, p. 5. https://doi.org/10.1007/978-1-4842-7744-7

12.  Britz, M. T. (2023). Computer forensics and cyber crime: An introduction (3rd ed.). Pearson, p. 84.

13.  Morag, N. (2014, October). Cybercrime, cyberespionage, and cybersabotage: Understanding emerging threats. Colorado Technical University, p. 3. https://www.coloradotech.edu/media/default/CTU/documents/resources/cybercrime-white-paper.pdf

14.  Loevinger, L. (1991). Review of The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Clifford Stoll. Jurimetrics, 31(2), 259–263. https://www.jstor.org/stable/29762216

15.  Congressional Research Service. (2020, September 21). Cybercrime and the law: Computer Fraud and Abuse Act (CFAA) and the 116th Congress (CRS Report R46536), pp. 5–6. https://crsreports.congress.gov

16.  Schjolberg, S. (2008, December). The history of global harmonization on cybercrime legislation: The road to Geneva, pp. 2–8.

17.  Home Office. (2023, November 14). Review of the Computer Misuse Act 1990: Analysis of consultation responses, p. 3.

18.  Katyal, N. K. (2001). Criminal law in cyberspace. University of Pennsylvania Law Review, 149(4), 1003–1114. https://www.jstor.org/stable/3312990

19.  Clough, J. (2015). Principles of cybercrime (2nd ed.). Cambridge University Press, pp. 4, 44.

20.  oiip. (2020). The use of cyberspace in the context of hybrid warfare: Means, challenges and trends (oiip Working Paper 107), pp. 15–20. https://www.jstor.org/stable/resrep25102.7

21.  Ottis, R. (2007). Analysis of the 2007 cyber attacks against Estonia from the information warfare perspective. Cooperative Cyber Defence Centre of Excellence, p. 5.

22.  Montasari, R. (2023). Countering cyberterrorism: The confluence of artificial intelligence, cyber forensics, and digital policing in the US and UK national cybersecurity. Advances in Information Security, 101, 84–85. https://doi.org/10.1007/978-3-031-21920-7

23.  Council of Europe. (2023, January). Convention on Cybercrime: Protocol on xenophobia and racism, second protocol on enhanced co-operation and disclosure of electronic evidence: Explanatory reports and guidance notes. Council of Europe, p. 289. www.coe.int/cybercrime

24.  Antonakakis, M., et al. (2017). Understanding the Mirai Botnet. Proceedings of the 26th USENIX Security Symposium, 1093–1094. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis

25.  Marsh Ltd. (2018, August). Mining for virtual gold: Understanding the threat of cryptojacking, pp. 1–2. www.marsh.com

26.  Babenko, T., et al. (2023, December). Definition of cryptojacking indicators. In DTESI 2023: Proceedings of the 8th International Conference on Digital Technologies in Education, Science and Industry, CEUR Workshop Proceedings, pp. 1–2.

27.  Cross, S., Hirrle, S., & Lim, M.-A. (2021, April). National cybercrime strategy guidebook. INTERPOL, pp. 1–3. www.interpol.int

28.  Europol. (2013). European Cybercrime Centre (EC3) first year report, p. 1. www.europol.europa.eu

29.  United Nations Office on Drugs and Crime (UNODC). (2010, January 5). Guidance note: Cybercrime. Organized Crime and Criminal Justice Section, pp. 4–5.

30.  United Nations Office on Drugs and Crime (UNODC). (n.d.). Cybercrime: The global challenge, pp. 4–5. www.unodc.org

31.  Global Forum on Cyber Expertise (GFCE). (2023, April). Contribution from the Global Forum on Cyber Expertise (GFCE), p. 1.

32.  Global Forum on Cyber Expertise Foundation Board. (2023, December 12). Contribution by the Global Forum on Cyber Expertise (GFCE) Foundation Board, p. 2.

[1] Young researcher, LL.B, LL.M, Assistant to the Rector of Sokhumi State University. Young researcher, United Nations Representative & Delegate for CIRID – ECOSOC NGO Accredited to: UNOG (Geneva), UNOV (Vienna) and UNHQ (New York)

[2] Gabisonia, Z. (2022). Internet law and artificial intelligence. Jurists’ World, Tbilisi, p. 112 (In Gerogian: გაბისონია ზვიად, ინტერნეტ სამართალი და ხელოვნური ინტელექტი, იურისტების სამყარო, თბილისი, 2022, გვ. 112)

[3]Sergiu Cernomoreț, Andrei Nastas, Comparative Analysis of Cybercrime in the Criminal Law System, Bucharest, Paris, Calgary 2023, pp. 17-18

[4]Kumar, Sanjeev. "An Analysis of Phreaking as a Sight of Cybercrime." International Research Journal of Modernization in Engineering Technology and Science, vol. 4, no. 5, May 2022, p. 2,  www.irjmets.com, Accessed Date 10 September 2024

[5]"Hacking." Encyclopaedia Britannica, Encyclopaedia Britannica, Inc., 9 Aug. 2024, www.britannica.com/topic/cybercrime/Hacking. Accessed Date 10 September 2024

[6]Kumar, Sanjeev. "An Analysis of Phreaking as a Sight of Cybercrime." International Research Journal of Modernization in Engineering Technology and Science, vol. 4, no. 5, May 2022, p. 3,  www.irjmets.com, Accessed Date 10 September 2024

[7]"Hacking." Encyclopaedia Britannica, Encyclopaedia Britannica, Inc., 9 Aug. 2024, www.britannica.com/topic/cybercrime/Hacking. Accessed Date 10 September 2024

[8]Ibid.

[9] Sergiu Cernomoreț, Andrei Nastas, Comparative Analysis of Cybercrime in the Criminal Law System, Bucharest, Paris, Calgary 2023, p. 19

[10] Highland, Harold Joseph. "A History of Computer Viruses: The Famous ‘Trio’." Computers & Security, vol. 16, no. 5, 1997, pp. 416-429

[11] Khadka, Ishwor. Software Piracy: A Study of Causes, Effects and Preventive Measures. Bachelor’s thesis, Helsinki Metropolia University of Applied Sciences, 2015, p. 6

[12] Nussbaum, Jan L. "Apple Computer, Inc. v. Franklin Computer Corporation Puts the Byte Back into Copyright Protection for Computer Programs." Golden Gate University Law Review, vol. 14, no. 2, 1984, article 3, p. 13

[13] Skidmore, Michael. Perspectives on Policing: Paper 10: The Anatomy of Online Fraud. The Police Foundation, April 2024, p. 2, www.policefoundation.org.uk, https://www.police-foundation.org.uk/wp-content/uploads/2010/10/perspectives_online_fraud.pdf, Accessed Date 3 September 2024

[14] Beek, Jan. "Cybercrime, Police Work, and Storytelling in West Africa." Africa, vol. 86, no. 2, 2016, pp. 305-323. Cambridge University Press, https://doi.org/10.1017/S0001972016000061, Accessed Date 3 September 2024

[15] OECD. Online Identity Theft. OECD Publishing, 2009, www.oecd.org/publishing/corrigenda, Accessed Date 10 September 2024  pp. 15-16

[16] Sonowal, Gunikhan. Phishing and Communication Channels: A Guide to Identifying and Mitigating Phishing Attacks. Apress, 2022, p. 5, https://doi.org/10.1007/978-1-4842-7744-7, Accessed Date 3 September 2024

[17] Britz, Marjie T. Computer Forensics and Cyber Crime: An Introduction. 3rd ed., Pearson, 2023, p. 84

[18] Morag, Nadav. Cybercrime, Cyberespionage, and Cybersabotage: Understanding Emerging Threats. Colorado Technical University, October 2014, p. 3, 

https://www.coloradotech.edu/media/default/CTU/documents/resources/cybercrime-white-paper.pdf, Accessed Date 3 September 2024

[19] Loevinger, Lee. "Review of The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Clifford Stoll." Jurimetrics, vol. 31, no. 2, Winter 1991, pp. 259-263. JSTOR, https://www.jstor.org/stable/29762216, Accessed Date 3 September 2024

[20] Cybercrime and the Law: Computer Fraud and Abuse Act (CFAA) and the 116th Congress. Congressional Research Service, CRS Report R46536, 21 Sept. 2020, pp. 5 – 6, https://crsreports.congress.gov, Accessed Date 3 September 2024

[21] Schjolberg, Stein. The History of Global Harmonization on Cybercrime Legislation: The Road to Geneva. December 2008, pp. 2-8

[22] Review of the Computer Misuse Act 1990: Analysis of Consultation Responses. Home Office, 14 Nov. 2023, p. 3, Computer Misuse Act 1990 - 2.pdf, Accessed Date 3 September 2024

[23] Schjolberg, Stein. The History of Global Harmonization on Cybercrime Legislation: The Road to Geneva. December 2008, pp. 2-8

[24] Schjolberg, Stein. The History of Global Harmonization on Cybercrime Legislation: The Road to Geneva. December 2008, p. 4

[25] Katyal, Neal Kumar. "Criminal Law in Cyberspace." University of Pennsylvania Law Review, vol. 149, no. 4, Apr. 2001, pp. 1003-1114. JSTOR, p. 1004, https://www.jstor.org/stable/3312990, Accessed Date 17 September 2024

[26] Katyal, Neal Kumar. "Criminal Law in Cyberspace." University of Pennsylvania Law Review, vol. 149, no. 4, Apr. 2001, pp. 1003-1114. JSTOR, p. 1006, https://www.jstor.org/stable/3312990, Accessed Date 17 September 2024

[27] Clough, Jonatan. Principles of Cybercrime. 2nd ed., Cambridge University Press, 2015, p. 4

[28] The Use of Cyberspace in the Context of Hybrid Warfare: Means, Challenges and Trends. oiip Working Paper 107, 2020, pp. 15-20. JSTOR, p. 16-17, https://www.jstor.org/stable/resrep25102.7, Accessed Date 17 September 2024

[29] Ottis, Rain. Analysis of the 2007 Cyber Attacks Against Estonia from the Information Warfare Perspective. Cooperative Cyber Defence Centre of Excellence, 2007, p. 5

[30] Montasari, Reza. Countering Cyberterrorism: The Confluence of Artificial Intelligence, Cyber Forensics, and Digital Policing in US and UK National Cybersecurity. Advances in Information Security, vol. 101, Springer, 2023, pp. 84 – 85, https://doi.org/10.1007/978-3-031-21920-7, Accessed Date 17 September 2024

[31] Clough, Jonathan. Principles of Cybercrime. 2nd ed., Cambridge University Press, 2015, p. 44

[32] Council of Europe. Convention on Cybercrime: Protocol on Xenophobia and Racism, Second Protocol on Enhanced Co-operation and Disclosure of Electronic Evidence: Explanatory Reports and Guidance Notes. Council of Europe, Jan. 2023, p. 289, www.coe.int/cybercrime, Accessed Date 17 September 2024

[33] Antonakakis, Manos, et al. "Understanding the Mirai Botnet." Proceedings of the 26th USENIX Security Symposium, USENIX, 2017, pp. 1093-1094, https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis, Accessed Date 17 September 2024

[34] Marsh. Mining for Virtual Gold: Understanding the Threat of Cryptojacking. Marsh Ltd., Aug. 2018, pp. 1 -2, www.marsh.com, Accessed Date 17 September 2024

[35] Babenko, Tetiana, et al. "Definition of Cryptojacking Indicators." DTESI 2023: Proceedings of the 8th International Conference on Digital Technologies in Education, Science and Industry, CEUR Workshop Proceedings, Dec. 2023, ceur-ws.org, pp. 1-2

[36] Cross, Shane, Simon Hirrle, and მაისი-Ann Lim. National Cybercrime Strategy Guidebook. INTERPOL, Apr. 2021, pp. 1-3, www.interpol.int, Accessed Date 17 September 2024

[37] Europol. European Cybercrime Centre (EC3) First Year Report, p. 1, ec3_first_year_report.pdf, www.europol.europa.eu, Accessed Date 17 September 2024

[38] United Nations Office on Drugs and Crime (UNODC). Guidance Note: Cybercrime. Organized Crime and Criminal Justice Section, 5 Jan. 2010, p. 4-5

[39] United Nations Office on Drugs and Crime (UNODC). Cybercrime: The Global Challenge, p. 4-5, UNODC and ITU.pdf, www.unodc.org, Accessed Date 17 September 2024

[40] Global Forum on Cyber Expertise. Contribution from the Global Forum on Cyber Expertise (GFCE), April 2023, p. 1, GDC-submission_Global_Forum_on_Cyber_Expertise_GFCE.pdf, Accessed Date 17 September 2024

[41] Global Forum on Cyber Expertise Foundation Board. Contribution by the Global Forum on Cyber Expertise (GFCE) Foundation Board. 12 Dec. 2023, p. 2,

GFCE_submission_to_the_sixth_substantive_session_of_the_OEWG.pdf, Accessed Date 17 September 2024