The Strategy of Independent Criminalization of Cybercrime in Iranian Criminal Law
Research/Original Article (دارای رتبه معتبر)
A cyber attack is a criminal act that may cause loss of life or damage to computer systems. In Iranian criminal law, especially the law on computer crimes, the term “cyber attack” is not used. Therefore, in the current situation, cyber attack is inspected as cybercrime. The present study considered that the computer crimes law’s primary purpose is to protect citizens’ data and computer systems and is by nature a normal, national, and unorganized crime. Thus, the present study did not put the cyber attack on the agenda of cybercrime. This exclusion is because the purpose of criminalizing a cyber attack is to protect data and computer systems related to national security. Moreover, given that a cyber attack is often committed by one country against another, it is transnational and organizational, which harms a country’s security. Therefore, the present study descriptively-analytically considered the concept of cyber attack different from the concept of cybercrime in three aspects: nature, the purpose of criminology, and descriptions of the subject. Furthermore, theoretically and based on the principles of criminology (i.e. the principle of harm, public interest, necessity, the proportionality of crime, and punishment), cyber attack is independently criminalized. As a result, it is required to consider strategies, approaches, and international cooperation to, in addition to current cybercrime, independently criminalize cyber attacks and guarantee executions according to the type and severity of the attacks and the possible or inflicted damage.