The Internet has connected us to people all over the four corners of the word in ways we may never have thought possible. This has helped to reduce barriers to communication and promoting cooperation in every area of our personal and professional lives. This Cyberspace has become a dynamic and integral part of our society that boosts economic growth, creates innovation and enriches our lives in more ways than we can even imagine..

Although, the rewards are innumerable, there are risks, too. Since cyberspace has no boundaries and no borders per say, it can also provide people who want to harm us with opportunities to damage individuals and businesses.

Let's talk more about cyber crimes, what they are, how Qatar is dealing with them, what kind of laws we have to deal with cyber crimes and, at the end, how we can report such crimes.

What is a cyber crime

According to the Qatar National Cyber Security Strategy, a cyber crime can be described as a:

"Misconduct or crime committed using technology. Examples of cyber crime may include illegal access to systems or information, fraud, identity theft, or content-related offenses such as spam."

Some examples of cyber crimes

1. Cyber blackmail

The BBC, in an article written by Emma Brant and Amelia Butterly, has described cyber blackmail as:

"the act of threatening to share information about a person to the public, their friends or family, unless a demand is met or money is paid."

Chat rooms, mobile phones, blogs and email are to be tackled carefully to escape from the clutches of cyber-criminals. Blackmailing has various intentions like threats, harassment, hacking accounts, stealing and sharing confidential and sensitive information and emotional manipulation.

For your safety, you should avoid uploading private information, photos and videos online, and opening suspicious messages and emails and should ensure our privacy settings are secure on social networking websites and never share your password.

Children should be monitored and made aware of the dangers hidden behind internet use whereas the teenagers are highly targeted by e-criminals and are victimized largely for cyber-blackmail. Educate them to not use their real photos as profile pictures on social networking sites, to make complex passwords and change their passwords regularly and ask about their activities online, who they talk to and what they talk about.

According to Lieutenant-Colonel Ali Hassan Al Kubaisi, Head of the Economic Crimes Combatting Section at the Criminal Investigation Department (CID) of the Ministry of Interior, one of the common tricks used by cyber criminals is to blackmail people by developing an online friendship with the victim through fake identity to get them involved in an online video call, which is recorded without the victim's knowledge. The cyber criminals then start blackmailing their victims by threatening to send the videos to their friends or families or publish it online.

Another way to blackmail is to reach the victim's contents such as photos on social media by getting illegal access to the personal computer or mobile phone of the victim.

2. Identity theft

Identity theft is another common form of cyber crime. A cyber criminal will find a way, often through phishing (see below), spam emails, website or even an online pop-up survey to get access to your credit card or banking account information and may use that information to make purchases in your name.

3. Hacking

Hacking is defined as the access of a computer system without authorisation. Hacking is probably one of the most broadly used forms of cybercrime, but not all hackers are criminals.

4. Phishing

Phishing is a way to extract confidential information from account holders in banks or financial institutional using illegal methods.

5. Cyber bullying / online harrassment

Cyberbullying (bullying through electronic means) is another form of cyber crime that is much more prevalent today. Cyberbullying refers to the use of online services to bully or harass a person with the intent to affect them socially, psychologically or even physically. Examples of this behavior include sending abusive or threatening texts and emails, online stalking, or sending inappropriate images and videos, etc. Cyberbullying affects the victim’s mental state and confidence adversely.

How to avoid being scammed by a cyber criminal?

• Always protect your identity by closely monitoring your accounts.
  
• If you notice any kind of suspicious activity with respect to your bank account/s or debit/credit card/s report it to the proper authorities immediately.
  
• Under no circumstances should a user reveal the personal identification number (PIN) to another person.
• Never disclose your card number (embossed on the credit or debit card) to a third party.
• Don’t disclose personal information to anyone unreliable on internet, such as passport or personal ID number or date of birth, phone number, unless recognized sites require these.
• Never click on suspicious links within a message.
• Look closely at the spelling of the web address and check for any minor inconsistencies that may indicate a phishing website.
• If there are spelling mistakes or grammatical errors this usually means it's a scam message.
• Parents must observe and educate their children when they use computers and smart devices, because they are the targeted group, and tell them to be vigilant while engaging in social media.
  
• Never use a common password across all platforms.
• Your password should be about 12-14 character in length with a combination of numbers, symbols, lower-case letters, and capital letters.
• Make sure your password doesn’t contain a part of your name, your city or country’s name.
• Change your email password periodically, preferably consist of letters, numbers and symbols, to make the access difficult by hackers.
• Don’t share passwords of email and social media accounts with anyone.
• Use different e-mail addresses for registration in different accounts, to avoid access to other accounts in the case of email theft.
• Activate verification tool in access to email, which lets you put your mobile phone number and alternative email for security options and retrieve your password. Most of the recent email saving companies have enabled this facility on their security options, so that they do not modify any data in the security options of your account without entering the confirmation code sent to your mobile phone.
• Don’t download or open any unknown attachment because it might contain viruses or spy software unless it is from a trusted source. Ensure it is free from viruses; there are a number of websites that provide scanning programmes for such attachments.
• Never use any kind of piracy software, since a lot of the time, these can contain viruses and spyware.
• Avoid posting personal information on your computer or email to avoid others accessing to it in your computer if exposed to hacking and using them for their personal gain.

Cyber security Issues in Qatar

Qatar is one of the very few countries in this region to have a cyber crime legislation. This shows just how seriously it takes cyber crimes and cyber security, especially after falling prey to a number of sophisticated, high profile cyber attacks on its media and government websites, along with the country's energy industry networks.

Just before the blockade against Qatar by Saudi Arabia, United Arab Emirates, Bahrain and Egypt in June 2017, the Qatar News Agency (QNA) website was hacked by a hacker that posted fake news that His Highness The Amir Sheikh Tamim bin Hamad Al Thani had called Iran a "superpower", praised Hams, and speculated that US President Donald Trump wouldn't last in power for long. As a result, QNA website shut down, and , as of today, still remains shut down, according to OSAC

A number of US citizens also reported some internet scams in Qatar to the Ministry of Interior in Qatar and the Regional Security Office in 2018. In the scam, the US Embassy's logo and phone numbers were used to scam people and solicit payments from the for services that included job offers, US universities enrollment fees and industrial equipment purchases.

The above are just some of the cyber crimes that have been committed in Qatar. For more information on the types of cyber crimes and scams that have been committed in Qatar, please visit the following links:

1. Beware of digital scams in Qatar
2. Watch out for phishing scam in Qatar
3. Scams in Qatar and how to avoid them
4. Beware of Ramadan scammers in Qatar
5. How to deal with scam calls

The Ministry of Transport and Communications has a dedicated computer emergency response team (Q-CERT), which identifies and resolves major threats and maintains a reporting and analysis coordination effort. Q-CERT works to address cybersecurity threats to minimize the risks from malware, malicious actors (e.g. hackers, terrorists, organized criminal networks, industrial, and foreign government espionage) and cyber warfare. Companies and members of the public can report cyber incidents by phone, by email, and through an incident reporting form. Q-CERT’s website includes a daily threat alert dashboard, statistics, and access to technical services assessment and testing. In addition to Q-CERT, MOI established E-SHIELD and a Cyber Security Center (CSC) in 2018 to protect the country’s digital infrastructure and respond to cyber-attacks. CSC and E-SHIELD use the MITRE ATT&CK framework.

How is Qatar addressing cyber crimes and cyber security

To address those challenges, Qatar is ramping up its cyber security efforts as well as working with counterparts across the globe to ensure an open and secure cyberspace. To accomplish this, the Ministry (formerly known as the Ministry of Information and Communications Technology) formed the Qatar Computer Emergency Response Team (Q-CERT) in 2005, as a partnership with Carnegie Melon University.

The Cyber Security Division works, through its two departments, Q-CERT and Critical Information Infrastructure Protection (CIIP), with government agencies, private and public sector organizations and Qatar’s citizens to ensure that online threats are monitored and risks are contained. The Division aims to protect sensitive information and ensure safety on the Internet.

Since information security issues are not limited by national boundaries, Cyber Security Division is a member of FIRST, the global forum of incident response and security teams. FIRST fosters regional ties between security teams and partners around the world in order to share up-to-date information about threats and vulnerabilities. The Division is also a member of the international Meridian Process for critical information infrastructure protection issues.

Cyber crime laws in Qatar

To combat cyber crimes in Qatar, on 16 September 2014 the Qatari government promulgated a Cyber Crime Prevention Law No.14 of 2014 in an effort to increase the tools for combatting online and cyber crimes. The Law imposes many sanctions and several penalties for offences committed through the Internet, IT networks, computers and other related crimes. The legislation is aimed at safeguarding the country’s technological infrastructure and strengthening cyber security within Qatar. The Law has provisions to fight most forms of online crimes and provide for strict penalties for each category of such criminal action.

Qatari Law No. 14 of 2014 On Combatitng Cyber Crime provides a basis for prosecuting cyber crimes. It also criminalises acts that constitute offences under any other law committed using the means of an information network, an information system, a website, or any information technology (Article 45).

Based on information from Al Tamimi and Co. website, the law contains the following provisions, amongst others:

1. The law stipulates a 10 year jail term and a fine of up to QR 200,000 for forging any official e-document, or a three year jail term or a fine of a maximum of QR 100,000 if the document forged is unofficial. Similar punishments await those who impersonate individuals or entities, or are involved in identity theft or steal movable property using the Internet.
2. Provisions on so-called “content crimes” that make it illegal to publish “false news”. These terms are not defined, making it unclear what content would land local journalists and social media users in trouble. Therefore news agencies, social media users and journalists must be careful to verify the source of the news before broadcasting it to the public in order to avoid contravening the law.
3. A jail term of up to three years and a fine of up to QR 200,000 for unauthorized possession or use of e-card, whether it is an ATM or credit card, or stealing numbers or forging e-cards.
4. A jail term of up to three years and a fine of up to 500,000 Qatari riyals for the breach of intellectual property rights by using the internet article 13), be it copyrights, patents, trade secrets, trademarks, trade names, geographical indications and industrial designs, or designs of integrated circuits.
5. Article 8 of Law on Combating CyberCrimes (Law No 14 of 2014) stipulates that a sentence of not more than three years in prison and a fine of not more than QR100,000, or either of these penalties, shall be imposed on any person who, through an information network or information technology technique, violates social values or principles, publishes news, photos or video or audio recordings related to the sanctity of people’s private or family life, even if the same is true, or insults or slanders others (Gulf Times).

Qatar’s law has addressed all cyber crimes including blackmailing and fraud and covers aspects like international cooperation because cyber crimes are cross-border in nature

As per the Cyber Crime Law, people using the internet to threaten or blackmail victims may be jailed for up to three years and a fine up to QR 100,000. Production, sale, import, display, transfer, exchange, distribution, broadcast of child pornography material through the use of information technology will attract a higher imprisonment term of up to five years and a fine of up to QR 500,000.

Other relevant laws

Qatari Law No 13 of 2016 addresses protection of electronic personal data. The law includes provisions on direct marketing messages; basic data protection responsibilities in the handling of data and prevention of loss, damage, modification, disclosure or illegal access; consent from individuals in some cases; and provisions relating to the personal information of children.

How to report a cyber crime in Qatar?

The MOI in Qatar investigates and prosecutes all kinds of cyber crimes, that fall under its criminal investigation jurisdiction. Under the Qatari law, these include, but are not limited to, defamation and use of the Internet for a wide range of criminal purposes.

To report a cyber crimes in Qatar, contact the MOI's Cyber Crime Investigation Centre on:

Address: CID headquarters, Duhail, Doha - Qatar
Online: Metrash2 (CID/reports)
Tel: +974 2347444
Hotline: +974 66815757
E-mail: [email protected]

Follow us on our social media channels: @ILQlive @ILQlive @ILoveQtr ILoveQatar

Nabeela

Content Writer

Start a discussion