Foreword I Introduction iii Part 1 1 I. Criminal Laws and Policies of Korea for Promoting International Cooperation in Cybercrime Control (Kim, Han-Kyun) 3 1. Challenges of Cybercrime and the Necessity of International Cooperation 4 2. Legal Challenges in the Matters of Cybercrime 5 3. Legal Aspects of International Cooperation in Cybercrime Control 6 4. Cybercrime and Criminal Laws in Korea 8 5. Korean Criminal Justice Policies for Cybercrime Control 13 6. European Council Convention on Cybercrime and Korea 15 7. Concluding Remarks 21 II. Recent Trend of Cybercrime in the Republic of Korea (Soung, Jea Hyun) 23 1. Introduction 23 2. Recent Trend of Korea's Cybercrime 24 (1) Trend of General Crime Using the Cyber Space 24 1) Infringement of Personal Information 24 2) Cyber Defamation 25 3) Cyber Stalking 26 4) Cyber Sexual Abuse 27 5) Cyber Fraud 29 (2) Trends of Cybercrime in SNS 29 1) Hacking and Spreading Malicious Code 30 2) Infringement of Privacy and Personal Information 30 (3) Form and Trend of Hacking and DDoS Attack 31 1) Concept and Trend of Hacking 31 2) DDoS Attack 33 (4) Smart Phone Related Area 35 1) Hacking 35 2) Infringement of Personal Information and Privacy Right 36 3) Illegal Payment with Smart Phones 37 (5) Game Area 37 1) Meaning of MMORPG 38 2) Item Trade 39 3) Item Theft 40 III. Institutions and Agencies for Cybercrime in the Republic of Korea (Choi, Joo-young) 41 1. Introduction 41 2. National Cyber Security Management System 41 (1) Cyberspace Defense Command within MND 43 (2) National Cyber Security Center 43 (3) Korea Internet and Security Agency 45 3. Central Administrative Agencies 47 (1) Korea Communications Commission 47 (2) National Computing and Information Agency 48 4. Research Organizations 48 (1) Electronics and Telecommunications Research Institute 48 (2) Korean Institute of Criminology 50 5. Security Monitoring and Control Centers 52 6. Investigative Agencies 54 (1) Korean National Police Agency 54 (2) Supreme Prosecutor’s Office 55 IV. Overview of the Personal Information Protection Act (Chun, Hyun-wook) 57 1. Legislation of the Personal Information Protection Act 57 2. Main Content of the Personal Information Protection Act 59 (1) Expansion of the Subject and Scope of the Act 59 (2) Reinforcement of the Criteria for Processing of Personal Information 61 (3) Modification and Improvement of Related Systems 63 3. Confusion and Limitation from Practical Aspect 66 (1) Civil Society’s Lack of Competence of Following Regulations 66 (2) The Degree of Criminal Injustice and Discordance of the Law System 68 (3) Issues of Precluding Illegality through Agreement of Personal Information Utilization 73 (4) Liability Issues of Compensation 74 4. Countermeasures 78 V. Recent Criminal Justice Programs on Cybercrime in the Republic of Korea (Lee, Angela Changjin) 81 1. Introduction 81 2. Efforts by the National Intelligence Service 83 (1) The National Intelligence Service and the National Cyber Security Center 83 (2) The National Cyber Threat Management Standards 85 (3) Implications 86 3. Efforts by the National Police Agency 87 (1) Overview 87 (2) Major Programs and Activities 88 (3) Implications 91 4. Efforts by the Korean Institute of Criminology and the United Nations Office on Drugs and Crime 92 (1) Background 92 (2) The Virtual Forum Against Cybercrime 96 (3) Towards AsiaJust 99 5. Concluding Remarks 101   Part 2 103 I. Recent Discussions on Hacking in the Republic of Korea (Lee, Won Sang) 105 1. Introduction 105 2. Trends and Types of Hacking 108 3. Areas of Hacking 110 4. Discussions on Punishment for Hacking in the Republic of Korea 114 (1) Direction of Discussions on Punishment for Hacking in the Republic of Korea 114 (2) Important Penal Provisions against Hacking in the Republic of Korea 116 5. Requests for Criminalization of Hacking at a Preliminary Stage 118 (1) Disrupting an Information and Communications Network 118 1) Concept of DDoS Attacks 118 2) Damages in the Republic of Korea 119 3) Possible Punishment for Attempted Hacking 121 (2) Intruding on an Information and Communications Network 123 1) Hacking into PCs or Servers 123 2) Hacking into Smart Phones 125 3) Scope of Attempted Hacking 126 6. Need for Criminalizing Preparations for Hacking 128 7. Conclusion 131 1 II. State and Preventive Measures of Evolving Voice Phishing Criminal Fraud (Yoon, Hae-Sung) 133 1. Introduction 133 2. Characteristic and Response Condition of Voice Phishing 134 (1) Derivation and Concept of Voice Phishing 134 (2) Characteristics of Voice Phishing Crime 135 (3) Status of Counteractions Taken against Voice Phishing 137 3. Investigation Trend of Recent Voice Phishing Crimes 141 (1) Voice Phishing Trend 141 (2) Types of Voice Phishing Cases 143 (3) Characteristics of Recent Voice Phishing Techniques 148 4. Prevention against Voice Phishing Damage 150 (1) Preventive Measures against Voice Phishing Damage 150 (2) Countermeasures against Voice Phishing Damage 152 5. Conclusion 155 III. Game-crime in the Republic of Korea (Sohn, Hee-jun Jenifer) 157 1. Introduction 157 2. General Trend and Statistics 158 3. Legislation 164 4. Recommendation 168 5. Conclusion 171 Bibliography 173

Cybercrime Research Unit (CRU) at the Korean Institute of Criminology (KIC) consists of research staff specialized in the issues of cybercrime. It aims to conduct comprehensive research on the theory and practice of cybercrime and thus to support government policies on cybercrime. The Unit has built network with both academic and governmental institutions in the field of cybercrime control, including National Cyber Security Center, Cyber-terror Response Center and Cybercrime Investigation Corps.   Since 1999, KIC has published research reports on cybercrime, such as New Trends in Cybercrimes and Criminal Justice Policies (2010), Cybercrime in the US (2010), Study on the Cyber-Security System (2010), Study on Cybercrimes by Youth (2008), Human Rights Violation in Cyberspace (2006), Legal Policy on Illegal information in Cyberspace (2006), International Cooperation in Cybercrime Prevention (2002), Juvenile Delinquency in Cyberspace (2003), Criminal Responsibility of ISP on Cybercrime (2003), Convention on Cybercrime (2001), Study on Cyber-terrorism (2001), Criminal Victims in Cyberspace (2000), Policing Cyberspace (2000), and Study on Cybercrime (1999). CRU will conduct much more focused research on cybercrime law and policy to strengthen national capacity in cybercrime control.   This report is the first volume of the Research Report Series designed by CRU, which aims to provide both theoretical and practical information on the legislation, institution, and investigation cases regarding the issues of cybercrimes in Korea, and the efforts of the Korean government in promoting regional and international cooperation in the fight against cybercrimes.   The first part of the report has five chapters which sketch the trends of cybercrimes and its related policies in Korea.   Its first chapter, “Criminal Law and Policies of Korea for Promoting International Cooperation on Cybercrime Control” introduces cybercrimes and criminal laws in Korea. The author also focuses on the challenges of cybercrime and the necessity of international cooperation. He points out four elements which are necessary to address cybercrime: statutory definition of cybercrimes, established legal investigative powers, mechanism to promote regional and international cooperation in cybercrime control, and safeguards for protecting fundamental human rights and freedoms.   The second chapter, “Recent Trends of Cybercrimes in Korea” focuses on recent trends of crime in cyberspace, such as cyber defamation, cyber stalking, cyber sex abuse and cyber fraud.   The third chapter, “Institutions and Agencies for Cybercrime in Korea” deals with the Korean national cyber security management system, governmental agencies, research organizations and investigative agencies. In particular, the author sketches the works of KIC in promoting international cooperation in cybercrime, such as the Workshop on “Measures to combat Computer-related Crime” at the 11th UN Congress in Crime Prevention and Criminal Justice in 2005, and the Virtual Forum against Cybercrime (VFAC)   The fourth chapter, “Overview of the Personal Information Protection Act” deals with the Personal Information Act of 2011, which was enacted to protect personal privacy. By reviewing main content of the Act and its practical limitation, the author concludes that strengthening personal information by means of criminal sanction may not produce actual effect. When there exist other effective countermeasures against infringement of personal information, criminal law should be reserved as ultima ratio.   Last chapter, “Recent Criminal Justice Programs on Cybercrime in the Republic of Korea” introduces training programs of cybercrime for law enforcement personnel in by the National Intelligence Service, the National Police Agency and the KIC with UNODC. The Current programs place much importance on the practical part of cybercrime investigation.   The second part of the report consists of studies on various types and forms of cybercrimes, such as hacking, phishing scam and on-line game.   In “Recent Discussions on Hacking in Korea”, trends and types of hacking in Korea are studied. It also discusses criminal sanction on hacking and the criminalization of hacking at a preliminary stage. As a conclusion, the author emphasizes a more effective and practical response to hacking. That would be punishing the preparatory actions rather than an attempt of the crime.   The following chapter on “State and Preventive Measures of Evolving Voice Phishing Criminal Fraud” deals with the issue of phishing scams. Its threats are ever more growing in Korea, and thus the author proposes immediate and systematic countermeasure on the such tele-financial fraud.   The last chapter, “Game-crime in Korea” provides statistical data on crimes of on-line game in Korea. With the emergence of online game market in Korea, there are needs for effective research along with social efforts on the issue of game-crime. The author also suggests that government should promote the positive nature of online games rather than unwarranted restrictions.