Cybercrime in Ecuador, an Exploration, which allows
to define National Cybersecurity Policies
Mario Ron1, Walter Fuertes1, Marco Bonilla1 , Theofilos Toulkeridis1 and Javier Díaz2
1
Computer Sciences Department, Universidad de las Fuerzas Armadas ESPE, Sangolquí, Ecuador
2
Faculty of Informatics, Universidad Nacional de La Plata, La Plata, Argentina
Email:{mbron, wmfuertes, ttoulkeridis}@espe.edu.ec; jdiaz@unlp.edu.ar, marcounidad4@gmail.com
Abstract — The widespread use of the Internet and cyberspace has
allowed the development of new criminal forms of transnational
nature that harm patrimonial as well as personal interests of users.
Even more, these crimes could affect collective interests if they are
based on attacks with a background of cyber racism or
cyberterrorism. The current study provides a variety of topics
such as the phenomenological characterization of cybercrime in
Ecuador, the analysis of information related to the country
obtained from national and international organizations, the
determination of its growth and incidence. These results have been
organized in order to be compatible and interrelated also with
other demographic and economic data. One of the main targets of
the outcome of this study has been to consider the analysis in the
combat of the corresponding scourge in a systematic and
structured way, so that legislators and planners of the national
cybersecurity policy may be provided with a powerful database
and tool for activities in a higher, strategic level. Furthermore, this
analysis may be applied to other countries in the region that
experience similar realities.
Keywords - Cybersecurity; cybercrime; politics; organisms;
security.
I. INTRODUCTION
The Internet and cyberspace have become the medium and
place where a high amount of people's interests and activities
converge. A variety of economic, social, educational as well as
entertainment, and other activities that have been developed
through computer networks, often without the necessary
assurances, have allowed the appearance of new forms of crime
against ethics and morals. Such criminal activities damage the
patrimony of people, whole communities and even nations, as
occurred with the cybernetic attack, which perpetrated Estonia
in 2007 [1]. Based on the aforementioned scenario, some
significant efforts have been realized in order to combat such
scourge. These counteractivities have been regularly in an
unstructured manner, while others with a systematic application
of mitigation measures stipulated in national and business
policies as well as related regulations [2]. Nonetheless, such
affords have not been able to hinder the continuous misuse and
abuse of technology.
The creation of laws and standards of good practice has been
slower than the evolving development of cybercrime and the
training of justice operators still remains a challenge. The judge
of a case related to cybercrime need to accept a test "beyond
reasonable doubt" to issue a conviction. Therefore, the evidence
and the process to determine such verdict should not have the
slightest discrepancy.
The aim of this study has been to conduct field research on
the current situation of cybercrime in Ecuador, in order to raise
awareness among those responsible for the national
cybersecurity policy and justice operators about the projection
and importance of such social scourge. In order to achieve this
purpose, data and information have been extracted from public
institutes related to cybercrime, as well as research results from
international organizations related to cybersecurity.
In Ecuador, as well as in other countries in the region,
cybercrime has been analyzed both from the normative
(qualitative) and pragmatic (qualitative) point of view. In other
words, the conduct to the construction of laws with the
delineation of crime as well as the result of its application with
specific data of the occurrence of cybercrime. The current study
contributes to a phenomenological characterization of
cybercrime. We analyzed the information related to the country,
which has been obtained from national and international
organizations, in order to determine its growth and incidence,
correlating it with other demographic and economic data. The
sum of such results may allow the legislators and planners of the
national cybersecurity policy, to consider the performed analysis
in order to combat this scourge in a systematic and organized
way. The outcome will be of a certain interest for other countries
in the region that experience similar realities.
Among the guiding questions that have been discussed in
this research, include the following ones: Which are the crimes
defined in the Penitentiary Integral Organic Code of Ecuador
(PIOC)? Which is the occurrence of the typified crimes? Which
may be the corresponding actions that would be able to mitigate
this social scourge? Which would be the contribution to a
national cybersecurity policy? Considering that the statistical
data present a spectrum of the current state of cybercrime in the
country, the hypothesis of this study argues that crimes related
to cyberspace need to be treated in accordance with the national
reality of the states, which often differ in their social, economic,
political and cultural conditions.
The residual part of the article has been organized as follows.
Section 2 performs a phenomenological characterization of
cybercrime. Section 3 explains the data obtained from national
and international organizations associated to cybercrime and
cybersecurity, regarding the situation in Ecuador. Section 4
presents the analysis of the obtained results and their projection
as well as importance in the national cybersecurity policy.
Section 5 describes the Related Work. Finally in section 6, the
conclusions and the future work lines are presented.
 II. PHENOMENOLOGICAL CHARACTERIZATION
In this section, cybercrime has been described as a crime
defined in the law, with its own characteristics that require
special attention for its processing and treatment by society in
general and justice in particular.
Despite the fact that crime related to Information and
Communication Technologies (ICT) still remains to be a
novelty, it has been part of criminology for several years. This
has been evidenced in some cases in the form of exaggerating
the threat, while in others in the lack of awareness of the inherent
risk. In any case, it is a broad, open and dynamic concept that
implies the inadequate use in the treatment, storage and
exchange of information in the society [3].
The cyberspace described by William Gibson that configures
a communicative and interactive space parallel to the physical
world, has significantly modified economic, political, social and
personal relations [4]. Nowadays, the Internet or mobile
telephony are the most common forms of communication
between people and organizations, in all existing areas. The flow
of money is increasing for both, small and large businesses, the
"digital natives" use computer media as a form of work and fun,
social networks serve to interact socially and mobile
technologies keeps users always connected and with information
in the palm of your hand. As cyberspace grows as a meeting
place, the novelty of cybercrime will disappear. What will
change, will be its concrete manifestation, based on a new
protected social order and new technologies that will modify the
way in which crime may be committed.
The evolution of cybercrime, recognised as a criminological
phenomenon, has been parallel to the evolution of the social
interests related to ICT, the importance of its use and the
personal information it processes. As a consequence, new ways
of affecting personal privacy and damaging patrimonial interests
take advantage of the transnationality of the Internet and
cyberspace. In many cases such malicious activities based on
cyber racism or cyberterrorism affect collective interests [5].
The prominence acquired by social networks, in which
privacy spaces are voluntarily delivered and personal
relationships are raised, while economic activity on the Internet
increases, has fostered a growth in criminality in cyberspace,
from the so-called lonely hacker, up to organized groups of
cybercriminals, who use cyberspace to increase their illicit
activities and economic gains.
The appearance of social cybercrimes, converts any person
to a victim of cyber-attacks, affecting their honour, privacy,
sexual freedom or any other of their legal rights. The
supranational institutions have also been disturbed by political
or ideological cybercrimes, cyberwar, hacktivism and
cyberterrorism. Such conducts have been used in order to
destabilize a state or in order to spread political messages taking
advantage of the massive communication offered by the
cyberspace. Denial of service attacks, malware infections or
other similar actions continue to paralyse the activity of
important institutions in a country, causing multiple damages,
including the loss of profits.
The vision of a very specific type of crime related to ICT,
has become very broad, varied and changing, which is
committed in a new space, the area and its corresponding
character what converts it into a perpetual novelty. This forces
the need to adapt all political, legal and social structures towards
the protection of people according to the social environment in
which they are developed [6].
The crime committed in cyberspace has been able to be
visualized from a technical perspective by experts in computer
security and from the essentially legal point of view when
defending the rights of citizens. It has been the obligation of the
State to protect its people, when analysing crime as a social
event realized between people, either individually or as a group,
in a new area of social intercommunication that affects the
behaviour of those who perform them and those who suffer their
related effects.
In order to prevent cybercrime in real form, it has been
necessary to recognize its origin, its causes, who and why such
felony has been committed. Similarly, it becomes a big
advantage to know the victim's behaviour, knowing the
techniques used by the cybercriminals. All this transcribe
national, business and personal policies, as well as the creation
of methods and technological tools that allow the user to
exercise pragmatically the right to protect themselves [3].
A. Classification and definition of computer crimes
The classifications of cybercrimes identify criminal behavior
in its majority without sufficient amplitude. Nevertheless, the
proposal by David Bolívar Narváez [6], considers in his research
and analysis a wide variety of cybercrime events with enough
detail of commitment. This has been useful for States to include
in their legislation, as being offenses that have not been
expressly included in their criminal law. This classification
serves as a reference in order to determine patterns of behavior
and alert those who fight cybercrime, allowing a common
reference language.
The PIOC of Ecuador [7], which has been created in 2014
with a modern conception, includes several crimes defined in
several articles of that law. Table I lists and describes the defined
crimes, being used as a reference in the data analysis of the
following sections III and IV.
TABLE I. TYPIFICATION OF COMPUTER CRIMES PIOC-ECUADOR
Art. 173 Contact through electronic means with the sexual
purpose with minors under eighteen years of age
Art. 174 Offer through electronic means of sexual services with
minors under eighteen years of age
Art. 186 Scam-incised.
Art. 190 Fraudulent appropriation through electronic means
Art. 229 Illegal disclosure of database
Art. 230 Illegal data interception
Art. 231 Electronic transfer of assets
Art. 232 Attack on the integrity of computer systems
Art. 233 Crimes against legally reserved public information
Art. 234 Non-consensual access to computer, telematic or
telecommunications system
The legal codification of some countries, has shortcomings
such as those described below [6]:
  In the case of improper access, computer damage and
data interception, no penalties have been established
related to the caused damage.
 Attacks which cause the suspension of service (DoS)
have not been considered.
 In the violation of privacy and honor, it has not been
dealt with in sufficient detail, neither does it consider the
circumstances in which it has been committed.
 Crimes which affect social groups, it is necessary to
differentiate those related to individuals and others
directed towards society as a whole. This includes those
that may cause panic by spreading false expressions or
fake news, paralyzing public services or the mass
publication of images of extreme violence through the
web as well as those that incite behaviors contrary to the
law.
 Within child pornography it does not consider the
creation, edition, publication and download of images or
drawings that suggest sexual practices of individuals
who have not yet reached adult age.
 Identity theft in social networks is almost untreated.
Their concurrence with other crimes has not been
considered, such as the improper seizure of bank
accounts or the improper use of images and / or
photographs.
 The classification of computer crimes lacks to recognize
the psychological harassment, including cyberbullying
and harassment.
 Intentional instruction in the use of computer systems to
commit crimes has not been considered yet.
Based on the listed facts, there is a need to renovate the
classification and definition of cybercrime, to offer legislation
and an effective national policy, fostered by the State and civil
society, with the ethical collaboration of IT solution providers.
B. Solutions to combat cybercrime [5]
It has been a challenge to impede the activities of
cyberterrorism and cybercrime. However, it has been necessary
to identify the vulnerabilities and hazards of the systems as well
as present risks, through Cyber intelligence. Therefore, as the
Internet has no borders and its speed is amazing, it eases the
anonymous illicit activities due to the little regulations in its
access. In addition, it has been possible to navigate through a
virtual station without being detected or to use communication
caches machines that guarantee the anonymity of users who
commit a crime.
Legislation would be a potential solution, although it does
not cover all cases. Despite the fact that many cybercrimes have
been typified, most legislations only try to protect the use of the
network or create organisms to protect citizen´s rights.
International agreements on cybercrime have been arranged,
which consider coordinated policies to combat cybercrime and
certain transnational crimes in a specific way.
It has been also possible to install security systems to
monitor criminal acts, with tools and surveillance methods such
as Echelon, Enfopol, Carnivore, and others, which are currently
used to locate terrorist and drug trafficking activities, through
political and diplomatic intelligence.
Another applied solution has been the communication
control systems of fixed and mobile telephony operators, so that
the police or other specialized agencies such as the FBI have
access to their clients' communications without a court order.
Cryptography regulated from a "trusted third party" has been
used initially. However, this has given rise to other forms of
crime such as Ransomware.
Another innovative system has been developed by the
Artificial Intelligence Laboratory of the University of Arizona,
which uses link analysis, content, authorship, opinions and
multimedia to find, catalog and analyze extremist activities in
the network.
Armies of cyber soldiers have been created to guarantee the
security of computer systems. However, this type of
organization has also served to attack systems in other countries.
The US has set up a team known as the Joint Functional
Command for Network Warfare (JFCCNW), in which personnel
participates from the CIA, FBI, National Security Agency
(NSA), members of the armed forces, civilians and military as
well as countries allied with the USA. China has a specialized
reserve structure with the capacity to use electronic and
computer weapons to reach an adversary, incorporating tactics
of cyber warfare, with specialized schools in computer warfare.
North-Korea has created a military academy specializing in
computer warfare that instructs cyber soldiers in techniques of
virus creation, system penetration, weapons systems
programming, and similar others.
Government agencies have been established to combat
cybercrime and cyberterrorism and to act in cyberwar, such as
the Computer Security Offices and the Computer Security
Incidents Response Team CSIRT.
The cybersecurity approach oriented to the protection of
information has been changed by the risk management of
cyberspace, where an analysis process related to the use,
processing, storage and transmission of information has been
applied, based on international standards that receives great
importance day by day.
III. PRESENTATION OF DATA RELATED TO COMPUTER
CRIME IN ECUADOR
In order to determine the current situation of cybercrimes in
Ecuador, a field exploration has leveraged on a conceptual
framework represented in Fig. 1. Considering the classification
described by Hernández Sampieri Fernández Collado, &
Baptista Lucio [8], two national agencies have been selected,
being the Criminal Policy Directorate (CPD) of the State
Attorney General's Office (SAGO) and the Technological
Crimes Investigation Unit of the Judicial Police. As an
international organization, the Observatory of Cybersecurity in
Latin America and the Caribbean (OCLAC) [9] has been also
selected.
 Fig. 1. Conceptual framework of this research

The developed research has been a descriptive study in TABLE II. CYBERCRIMES BY PROVINCE, YEAR 2016
which data obtained by the mentioned institutions in a single
systematic non-experimental research process have been

Art. 173

Art. 174

Art. 190

Art. 229

Art. 230

Art. 231

Art. 232

Art. 233

Art. 234
collected. The independent variable that refers to the status of Province
the crimes typified in the Ecuadorian PIOC and the situation of
Ecuador's cybersecurity from the international point of view has Azuay 2 40 2 1 6 18
not been deliberately manipulated. The data collected from the Bolívar 13 1
national agencies correspond to the information obtained from Cañar 3 1
the complaints reported to these organizations, by the victims or Carchi 2 1 5 1 3
affected persons. Non-reported crimes have not been Chimborazo 3 2 2 2 1 1
considered. Cotopaxi 1 15 2
El Oro 4 1 67 1 1 1 2
A. Data collected from local agencies Esmeraldas 1 45 1 1 1 2 1
The SAGO uses the Integrated System of Fiscal Proceedings Galápagos 1 2 1
(ISFP) [1], in which the data corresponding to the offenses Guayas 31 2 364 10 13 12 24 1 56
established in the PIOC denounced in Ecuador have been Imbabura 1 21 1 1 1
Loja 5 7 1 1 4
recorded. Of these, computer crimes were obtained by province
Los Rios 1 2 37 6 3 6
during the years 2015 and 2016 (see Table II), referring to the Manabí 12 1 59 2 2 13 1 2
classification established in Table 1. Details of 2017 have not Morona
yet been processed. 4 1 2
Santiago
Napo 1 14 1 1
Table III describes the variation in number and percentage
Orellana 3 6 1 1
of cybercrimes typified by province between 2015 and 2016.
Pastaza 2 4 1 1
Table IV establishes the relationship of cybercrimes Pichincha 21 246 4 48 9 23 7 54
considering the population by province and the number of Santa Elena 14 4
people with digital access. Sto. Domingo
5 28 1 1 2 5
los Tsáchilas
B. Technological Crimes Investigation Unit of the Judicial Sucumbíos 2 10 1 1
Police (UIDT) Tungurahua 3 7 2 1 1
Zamora
From the files of the UIDT of the Judicial Police of Ecuador, Chinchipe
3 1
the data corresponding to Table 5 have been obtained, which Total general 110 9 1009 26 81 43 82 10 141
describe the cybercrimes investigated during the years 2013 to
2017. There, the information has not been classified according
to the current PIOC, due to the fact that such information has Source: ISFP V1.0 – CPD
been registered prior the date of issuance of the Code, which
resulted to the compatibility with the addition of the current
Code.
 TABLE III. VARIATION OF CYBERCRIMES, YEARS 2015 AND 2016 In order to contribute to the fight of cybercrime in the states
PIOC 2015 2016 Variation Variation % of the region, with the auspices of the Organization of American
States (OAS) and the Inter-American Development Bank (IDB),
Art. 173 81 110 29 35,80 the Observatory of Cybersecurity in Latin America and the
Art. 174 5 9 4 80,00
Art. 186-2 31 24 -7 (22,58)
Caribbean has developed a Maturity Cybersecurity Capability
Art. 190 1233 1009 -224 (18,17) Model, which has been published in the 2016 Cybersecurity
Art. 229 24 26 2 8,33 Report [10]. In this document, an analysis has been performed
Art. 230 52 81 29 55,77 with 49 indicators of the current situation in the countries of the
Art. 231 58 43 -15 (25,86) region, qualifying them in five levels being initial, formative,
Art. 232 78 82 4 5,13 established, strategic and dynamic, within five domains that
Art. 233 5 10 5 100,00 encompass the indicators. In the case of Ecuador, its situation
Art. 234 144 141 -3 (2,08) regarding Politics and Strategy generally reaches a statistical
Total general 1711 1535 -176 (10,29) mode at the initial level, while in Culture and Society it reaches
Source: ISFP V1.0 – CPD a formative level, in terms of Education it also reaches a
formative level, at Legacy frames it reaches the educational level
TABLE IV. DEMOGRAPHIC RELATIONSHIP OF CYBERCRIMES and finally in terms of technologies it only reaches the initial
level.
Cybercrime 2016

Population x

Penetration of

suscritor o/ooo
o/ooo
population-%
Cybercrime -
cybercrime –

cybercrime-
TABLE V. CYBERCRIMES REGISTERED BY THE UIDT.
penetration
subscribers
Internet %
cell phone
1000 hab.

Province
Internet

PIOC
ART.
Year

TOTAL
Type of Cybercrime
2013 2014 2015 2016 2017
Illegal appropriation 190,
Azuay 69 712,1 61,1 57,5 9,7 15,9 16,9 (skimming / online 123 300 296 280 340 1339 231,
Bolívar 14 183,6 42,4 46,2 7,6 18,0 16,5 payments / phishing) 186
Cañar 4 225,2 51,8 55,9 1,8 3,4 3,2 Publication, use or 229,
Carchi 12 164,5 48,9 56,8 7,3 14,9 12,8 unauthorized transfer of 196 73 68 68 56 461 230,
personal data 233
Chimborazo 11 458,6 43,4 44,0 2,4 5,5 5,5
Hacking / virus / spam,
Cotopaxi 18 409,2 49,2 50,9 4,4 8,9 8,6
disappearance through 35 75 74 85 37 306 232
El Oro 77 600,7 59,7 57,8 12,8 21,5 22,2 electronic means
Esmeraldas 52 534,1 40,2 44,6 9,7 24,2 21,8 Dissemination of false
Galápagos 4 25,1 78,7 70,2 15,9 20,2 22,7 information / Sexual 38 56 65 57 159 375 173
Guayas 513 3645,5 59,3 57,2 14,1 23,7 24,6 harassment / Intimidation
Imbabura 25 398,2 55,4 59,5 6,3 11,3 10,6 Production, distribution of
9 14 35 65 65 188 174
Loja 18 449,0 55,0 57,4 4,0 7,3 7,0 child pornography
Los Rios 55 778,1 41,5 54,3 7,1 17,0 13,0 Violation of systems to
Manabí 92 1369,8 47,2 56,6 6,7 14,2 11,9 access or obtain protected 32 83 76 67 47 305 234
Morona information
7 147,9 47,7 38,6 4,7 9,9 12,3 Grand Total 433 601 614 622 704 2974 20,4
Santiago
Napo 17 103,7 47,7 38,6 16,4 34,4 42,5
Source: UIDT, Ecuador
Orellana 11 136,4 47,7 38,6 8,1 16,9 20,9
Pastaza 8 83,9 47,7 38,6 9,5 20,0 24,7 IV. ANALYSIS AND DISCUSSION OF RESULTS
Pichincha 412 2576,3 67,1 64,6 16,0 23,8 24,7
Santa Elena 18 308,7 49,3 49,4 5,8 11,8 11,8 Based on the data provided in Table I, which details the
Sto. Domingo computer crimes typified in the PIOC and considering that this
42 368,0 58,3 57,1 11,4 19,6 20,0
los Tsáchilas has been a set of legal provisions correlated with other issued
Sucumbíos 14 176,5 47,7 38,6 7,9 16,6 20,6 laws, we have been able to note that in some cases there is an
Tungurahua 14 504,6 55,9 56,3 2,8 5,0 4,9 overlap in coverage of the actions. Specifically, these have been
Zamora part of the commission of the offense or also a certain action
4 91,4 47,7 38,6 4,4 9,2 11,3
Chinchipe
such as improper access gives rise to other subsequent crimes,
Total general 1511 14451,1 52,1 51,7 10,5 20,1 20,4
as indicated in the flaws detailed in section II of the current
Source: UIDT, Ecuador study.
C. Observatory of Cybersecurity in Latin America and the Within the offenses by province as listed in Table II,
Caribbean determined that the most common crimes refer to "Fraudulent
appropriation through electronic means". This criminal behavior
Cybercrime has a global cost of US $ 575,000 million per
has been followed by the "Access not consented to a computer,
year [1], which represents 0.5% of the global GDP. In Latin
telematics or telecommunications system". This suggests the
America and the Caribbean, the cost has been around US $
deficiency of the controls of financial institutions or the lack of
90,000 million per year [10]. Although in this region, new
education of users regarding the use of technological systems.
technologies have been adopted with enthusiasm, they have
The crime that leads the third place corresponds to the "Contact
fallen short in the fight against criminal or malicious activity in
with sexual purpose with minors of 18 years through electronic
cyberspace.
means", as a result of the increase of the use of technological
means on the part of adolescents. We noted as well, that the
greatest number of crimes occurred in the provinces of Guayas
and Pichincha, being Ecuador´s most populated provinces,
having simultaneously the greatest technological development.
The detail by province of the crimes of fraud (Art.186) does not
appear in the database, but in the annual comparison of the totals.
Table III documents a decrease in the occurrence of
cybercrimes in general and in particular those referred to article
190, 186 and 231, which refer to financial crimes. This
demonstrates the greater care that has been given to the
management of money through electronic means, which has
been corroborated in the appreciation of the Observatory for
Cybersecurity in Latin America and the Caribbean, which
qualifies Ecuador better in average in such aspects.
Table IV contains information that relates population
demographics, Internet access and telephony, in order to
determine the social incidence of crime in the population. There
appears a high correlation, not only in the more developed
provinces such as Pichincha, Guayas and Azuay, but also in the
coastal zone and in the Amazonian region, as they have received
a special growth in their technological infrastructure.
Based on the information obtained in the UIDT, it has been
observed, that the registered data have not been classified
according to the current PIOC classification. This study
contributed by performing the classification used by the UIDT
compatible with that of the PIOC, in order to correlate the
information obtained from both sources. This leads to the
conclusion, that approximately 36-41% of the reported crimes
have been investigated. In addition, a growth of 13% of the
crimes has been able to be determined during the year 2017,
compared to the previous year. Furthermore, most of the crimes
refer to those related to financial and patrimonial management,
which agrees with the previously performed analysis.
The qualification in the Cybersecurity Capacity Maturity
Model for Ecuador (CCMM) [10], presents a significantly
realistic information of the current situation of the country
related to its ability to fight cybercrime. This needs to be
considered in order to define the objectives of the national
cybersecurity policy. Therefore, it is necessary to carefully
analyze the specific qualification of each of the 49 indicators.
V. RELATED WORK
Cybercrime is affecting not only Ecuador, but also Latin
America as well as worldwide. Therefore, concerned industry
and governments have been implementing situational diagnoses,
which serve to implement national policies in this area. Some of
these studies are discussed below:
The study proposed by [11] analyses the existence of a large
number of criminal networks in the region, which have effected
institutions. This has been exacerbated given the lack,
inefficiency and congestion in the system of law enforcement in
Latin America. In [12] authors analyze how social or physical
vulnerabilities and experiences of victimization are related to the
fear of online crime using data from a survey in Europe.
Additionally, it has been realized that a low social level and low
confidence reflects a significant interaction effect with previous
experiences of victimization in relation to the fear of cyber-
crime. In [13] analyzed different cybercrime cases. The results
included all described cases by the Criminal Investigation
Bureau of cybercrime within the Iraqi authorities. In [14] there
are certain social, political, and economic implications being
observed globally either in the form of spying websites like
hacking activities or cybercrimes against women in India. In
[15], the author observed individuals and groups, who migrated
predominantly from Eastern Europe, evaluating their activities
such as organized phishing and related cybercrime. In [16],
assessed the efforts being made by African countries in fighting
cybercrime which requires coordinated effort among all stake
holders such as government bodies, educational institutions,
business organizations and law enforcement authorities. In [17],
cybersecurity has been analyzed in the global south, status,
drivers and trends in the former Soviet Union states, Eastern
Europe, China, India, Africa as well as Latin American and
Caribbean economies. In [18] authors presented the low rates of
prosecution and conviction of suspected cybercriminals in the
countries of the former Soviet Union as well as Central and
Eastern Europe. The data indicate that cybercrime cases are
more likely to be prosecuted and sanctions are more probable to
be imposed in economies that have been characterized by a
higher degree of cooperation and integration, as reflected in
western countries.
When all previously mentioned studies are compared with
our research, it appears, that we have provided a variety of topics
such as the phenomenological characterization of cybercrime in
Ecuador, the analysis of information related to the country
obtained from national [19] and intercontinental [20]
organizations, the determination of their growth and incidence.
These results have been organized in a certain form in order to
remain compatible and interrelated with the combat of the
corresponding scourge in a systematic and structured way.
Therefore, legislators of the national cybersecurity policy may
be provided with a powerful database and tool for activities in a
strategic level.
VI. CONCLUSIONS AND FUTURE WORK
A phenomenological characterization of computer crime and
the current situation in Ecuador has been presented, based on
data obtained from national and international organizations
related to this topic. An analysis of the data has been performed,
in order to obtain conclusions, which allow to guide those
responsible for national cybersecurity and to raise awareness
among user companies and / or providers of technological
systems and citizenship to participate actively in the
development of the National Cybersecurity Policy. This will
additionally allow to define specific actions to provide
protection to critical information and therefore to business
operations that affect the national economy.
As future studies we have planned the development of a
methodology to create and operate a cybercrime observatory,
which collects, processes and disseminates related information
and serves to alert and raise awareness among citizens and others
about the methods and techniques, which support to mitigate
computer crime.
ACKNOWLEDGMENT
The authors would like to express a special recognition to the
State Attorney General's Office and the Technological Crimes
Investigation Unit of the Judicial Police of Ecuador, for their
collaboration in this research. This study has been partially
funded by the Universidad de las Fuerzas Armadas ESPE in
Sangolquí, Ecuador within the research project entitled
“Training Computational Platforms, Experimentation,
Management and Mitigation of Cybersecurity Attacks”, Code
ESPE-2015-PIC-019.
REFERENCES
[1] N. Ganuza, “Situación de la ciberseguridad en el ámbito internacional y
en la OTAN,” Cent. Nac. Intel., pp. 167–214, 2010.
[2] Symantec, “Internet Security Threat Report,” 2016.
[3] F. M. Llinares, “El CiberCrimen”, 1st ed. Madrid, España, 2012.
[4] W. Gibson, “Neuromancer”. 1984.
[5] Grupo de trabajo C-24: Derecho & cibercrimen, “Internet: Un espacio
para el cibercrimen y el ciberterrorismo,” in IV Congreso de la
Cibersociedad, 2009, p. 5.
[6] D. B. Narváez, “El delito informático y su clasificación,” UNIANDES
EPISTEME Rev. Ciencia, Tecnol. e Innovación., vol. Vol. (2), no. Núm.
(2), p. 17, 2015.
[7] Asamblea Nacional del Ecuador, “Código Orgánico Integral Penal”.
2014, p. 144.
[8] R. Hernández Sampieri, C. Fernández Collado, and M. del P. Baptista
Lucio, “METODOLOGÍA de la investigación”, 5ta. Mexico:
McGRAW-HILL, 2010.
[9] OEA-BID, “Observatorio de la Ciberseguridad en América Latina y el
Caribe.” [Online]. Available: http://observatoriociberseguridad.com/.
[Accessed: 12-Feb-2018].
[10] OEA, “Informe Ciberseguridad 2016,” 2016.
[11] Kshetri N. “Cybercrime and Cybersecurity in Latin American and
Caribbean Economies”. In: Cybercrime and Cybersecurity in the Global
South. International Political Economy. Palgrave Macmillan, London,
2013.
[12] Suvi M. Virtanen. “Fear of Cybercrime in Europe: Examining the
Effects of Victimization and Vulnerabilities, Psychiatry, Psychology and
Law”, 24:3, 323-338, DOI: 10.1080/13218719.2017.1315785. 2017.
[13] Aboud, S. J. “Cybercrime in Iraq. International Journal of Scientific &
Engineering Research”, International Journal of Scientific &
Engineering Research, 5. 2015.
[14] Jeet, S. (2012). “Cyber-crimes against women in India”: Information
Technology Act, 2000. Elixir International Journal Elixir Criminal Law,
47, 8891-8895.
[15] McCombie, S., Pieprzyk, J., & Watters, P. “Cybercrime attribution: An
eastern european case study”. (2009).
[16] Quarshie, H. O., & Martin-Odoom, A. (2012). “Fighting cybercrime in
Africa”. Computer Science and Engineering, 2(6), 98-100.
[17] Kshetri, N. (2013). “Cybercrime and cybersecurity in the global south”.
Springer.
[18] Kshetri, N. (2013). “Cybercrimes in the Former Soviet Union and
Central and Eastern Europe: current status and key drivers”. Crime, law
and social change, 60(1), 39-65.
[19] M. Ron, M. Bonilla, W. Fuertes, J. Díaz, and T. Toulqueridis,
"Applicability of Cybersecurity Standards in Ecuador - A Field
Exploration”, The 2018 Multidisciplinary International Conference of
Research Applied to Defense and Security MICRADS-2018, Salinas,
Ecuador. April 2018. In Press.
[20] F. Bustamante, W. Fuertes, M. Ron, and T. Toulkeridis, “Situational
Status of Global Cybersecurity and Cyber defense according to global
indicators. Adaptation of a model for Ecuador”. The 2018
Multidisciplinary International Conference of Research Applied to
Defense and Security MICRADS-2018, Salinas, Ecuador. April 2018. In
Press.