Cyber Protection Team

Cyber Protection Team

Duties and Powers

Section 62

  • In operations in accordance with section 61, for the benefit of analyzing the situation and evaluating the effects from Cyber Threats, the Secretary-General shall order the Competent Officials to:
    (1) issue a letter requesting cooperation from the relevant persons to provide information within an appropriate period and at the prescribed place, or provide information in writing related to the Cyber Threat;
    (2) issue a letter requesting for information, documents, or copy of the information or documents in the possession of other person which is beneficial to the operation;
    (3) inquire the persons who has knowledge and understanding of the facts and situations which are related to the Cyber Threat;
    (4) enter into a property or place of business which is or may be related to the Cyber Threat of a related person or organization, with consent from the person in possession of such place.
    Any person providing information in accordance with paragraph one, which acts in good faith, shall receive protection and shall not be deemed a wrongful act or a breach of a contract.

Section 66

  • In preventing, coping with, or mitigating the risks from Cyber Threats in a critical level, the CRC has the power to order a Competent Official, only to the extent that it is necessary to prevent the Cyber Threat, to do the following:
    (1) enter into a place to examine, with a letter informing the appropriate reason to the owner or the occupier to examine such place. If there is a cause to believe that there is a computer or computer system related to the Cyber Threat or is affected from the Cyber Threat;
    (2) access the computer data, computer system, or other data related to the computer system, copy, or filter/screen information data or computer program which has a reason to believe that is related to or affected by the Cyber Threat;
    (3) test the operation of the computer or computer system which has a reason to believe that is related to or affected by the Cyber Threat or has been used to search any information from the inside or taking advantage of the computer or computer system;
    (4) seize or freeze a computer, a computer system, or any equipment, only to the extent it is necessary, which has a reason to suspect that is related to the Cyber Threat for the examination or analysis, for not more than thirty days. Once such period is over, computer or any equipment shall be returned to the owner or the person possessing the computer immediately after the examination or analysis is finished.
    In operating in accordance with (2), (3), and (4), the CRC may submit a motion to the Competent Court to order the officers to comply with the motion. The motion submitted to the Court shall specify the cause to believe that a person is performing or will perform an act that will cause a Cyber Threat at a critical level. The motion shall be submitted as emergency hearing motion and shall be considered by the Court without delay.