Cyber-attacks detection and prevention

Efforts to regulate law and punish criminal activity committed by means of information and communication technologies can be virtually observed from the very beginning of these negative activities. Cybercrime is very different from other types of crime, and this difference lies mainly in the possibility of its dynamic development and immediate change (according to the success or failure of any type of attack), which can bring certain problems in relation to legislation.

In substantive criminal law, the principle applies that it is not possible to use analogy to the detriment of an offender (in malam partem).Nevertheless, cyberattacks can often be subsumed under a legal provision of a specific objective element, although this factual nature originally aimed at “more traditional ways” of committing a crime (typically attacks such as copyright infringement, child abuse for pornography, etc.). However, there are a number of new attacks for which this possibility is out of the question. In such cases, national legislators have so far primarily sought to respond on an ad hoc basis to these new types of crime, thus filling in the gaps in national legislation.

Before the actual analysis of the current valid and effective legislation in the field of cybercrime, it should be noted that there is a clear effort to implement more effective legal instruments, and not only within the European Union, that would be able to respond in a timely and adequate manner to cybercrime. This gradually eliminates inconsistencies and shortcomings in the legal norms of EU Member States and other states that have decided to become actively involved in the fight against cybercrime.

One of the first documents on cybercrime adopted at the international level is the United Nations Manual on the prevention and control of computer-related crime (Havana, 1990).[1]

“Methods of protection of data and information systems are the subject of many scientific studies today. However, without a legal basis, the technical protection of these systems and data may be ineffective due to the unclear definition of how far it is possible to go with such protection. In this context, the inconsistency of the legal regulations of individual states with the legal regulations of other states is fully manifested. Thanks to the development of computer and information technologies, which indicate the international character of cybercrime, effective protection of computer systems and data is unthinkable without the existence of an international or transnational legal framework, not only between EU Member States, but worldwide."