Cyber Laws in Saudi Arabia

What is a Cybercrime?

🖥️ Definition

A crime that involves a computer and a network. As technology grows, criminals find new and unethical ways to invade privacy, steal, and cause harm — driving governments worldwide to create cyber laws.

Crime Categories

KSA Law Articles

2007

Law Enacted (Royal Decree M/17)

Max Fine (SAR) — Art. 7

3 Categories of Cybercrime

Mnemonic

I · P · G

"I Protect Governments" — Individual, Property, Government

Individual

Property

Government

👤 1. Cyber Against Individual

Crimes targeting a specific person's privacy, reputation, or safety.

Mnemonic — 6 Individual Crimes

ES · SP · PH · CS · CD · CP

"Every Spammer Phishes, Causing Cyber-Damage & Cyber-Pain"

ES Email Spoofing

SP Spamming

PH Phishing

CS Cyber Stalking

CD Cyber Defamation

CP Cyber Pornography

📧

Email Spoofing

Forging an email header so it looks like it came from someone else.

📩

Spamming

Sending unsolicited bulk emails (usually ads) to people who never asked.

🎣

Phishing

Disguising as a trusted entity to steal usernames, passwords, or credit card info.

👁️

Cyber Stalking

Using the internet to harass or frighten someone — e.g. threatening emails.

🗣️

Cyber Defamation

Publishing false, damaging statements about a person or business online.

🔞

Cyber Pornography

Illegal production or distribution of pornographic content online.

🏠 2. Cyber Against Property

Crimes that steal, damage, or exploit digital or financial assets.

Mnemonic — Property Crimes

CC · IP · SP · IT · DH · SC

"Clever Criminals Steal & Illegally Trade — Don't Hack, Stay Clean"

CC Credit Card Skimming

IP Intellectual Property Crimes

SP Software Piracy

IT Identity Theft

DH DDoS / Hacking / Viruses

SC Cybersquatting / Copyright / IPR

🏛️ 3. Cyber Against Government

Crimes targeting state infrastructure, security, or national interests.

Mnemonic — Government Crimes

DoS · EB · LB · DD · SI · CT · PS · CI

"Dangerous Enemies Launch Digital Strikes — Cyber Threats, Piracy & Confidential Info"

DoS Denial of Service

EB Email Bombing

LB Logic Bombing

DD Data Diddling

SI Sale of Illegal Articles

CT Cyber Terrorism

PS Pirated Software

CI Accessing Confidential Info

Key Attack Types — Deep Dive

These attacks come up in exams. Know their definitions, analogies, and real examples.

✏️

Data Diddling

Secretly altering data before or during entry into a system, then changing it back after processing. Hard to detect. One of the simplest computer crimes.

📌 Example 1: Keyboard operator changes delivery addresses → diverts store goods to accomplices.
📌 Example 2: Ticket clerk sells full-price tickets but logs them as half-price.

🥩

Salami Attack

Stealing tiny amounts repeatedly — so small no single victim notices, but the criminal profits enormously. Like slicing salami — thin cuts add up.

📌 Example: Bank employee programs the system to deduct SAR 2/month from every customer's account. Multiplied by thousands of accounts = large monthly income.

⌨️

Trojans / Keyloggers

Records every keystroke the victim types. Extremely dangerous on computers used for online banking — captures passwords and financial info silently.

✈️

Web Jacking

Forcefully taking control of a website (crack the password, change it, lock out the real owner). Motives: ransom, political leverage. Analogous to hijacking an airplane.

📌 The real owner loses all control over what appears on their own site.

💣

Email Bombing

Sending massive volumes of email to one address to crash the mailbox or overwhelm the server — a form of Denial of Service attack.

⏱️

Logic Bombing

Malicious code inserted into a system that triggers only when specific conditions are met (e.g. a date, a login, a deleted record). Dormant until activated.

💳

Credit Card Skimming

A small device attached to a legitimate card reader secretly steals card data during a normal transaction — the victim has no idea.

🚫

DoS / DDoS

Denial-of-Service attack: flooding a server with requests so legitimate users can't access it. DDoS = distributed (many machines attacking simultaneously).

Quick Memory — Distinguish the Two "Slicers"

Diddling vs Salami

Data Diddling = alter then restore. Hides in the process. (Think: "fiddle with it then put it back")

Salami = take a tiny slice from many. Hides in the size. (Think: "so thin you can't see it")

KSA Anti-Cybercrime Law

📜 Background

Saudi Arabia's first set of cyber laws
Issued by Royal Decree No. M/17, dated 26 March 2007
Consists of 16 articles: definitions, scope, objectives, sentences, and fines

🎯 4 Objectives of the Law

Mnemonic — 4 Objectives

IS · RU · PM · NE

"I Secure Rights — Protecting Morals & National Economy"

IS Information Security (enhance)

RU Rights of Users (legitimate use)

PM Public Interest, Morals & Values

NE National Economy (protect)

📱

Amendment: Social Media

The law was amended to allow legal proceedings against social networking sites (e.g. Twitter/X) for accounts that post content violating Saudi public morals and values.

Articles & Penalties

Penalties escalate with severity. Use the colour scale: Mild → Moderate → Serious → Severe → Maximum

Mnemonic — Remember Penalties by Article

½ · 1 · 3 · 4 · 5 · 10

Each article number roughly signals its maximum prison years — Art. 3 = 1 yr, Art. 4 = 3 yrs, Art. 5 = 4 yrs, Art. 6 = 5 yrs, Art. 7 = 10 yrs. Think: "Articles get heavier as the number goes up."

Article	Crimes Covered	Max Prison	Max Fine (SAR)
Art. 3	Spying / interception without auth Unlawful access to threaten/blackmail Hacking websites / changing design Invasion of privacy (camera phones) Defamation via IT tools	1 Year	500,000
Art. 4	Fraud / false identity to obtain property Illegally accessing bank / credit data	3 Years	2,000,000
Art. 5	Deleting / leaking / altering private data Causing network halt or breakdown Obstructing / distorting services	4 Years	3,000,000
Art. 6	Content violating public order / morals / religion Pornographic or gambling websites Human trafficking facilitation Drug / narcotics trade online	5 Years	3,000,000
Art. 7	Websites for terrorist organizations Access to data threatening national security / economy	10 Years	5,000,000
Art. 9	Inciting, assisting, or collaborating in any cybercrime	If crime committed → up to max penalty. If not committed → up to half the max penalty.

🔑 Article 9 — The Accomplice Rule

You don't have to commit the crime yourself. Inciting, assisting, or collaborating is also punishable:

Crime was committed → punishment up to the full maximum
Crime was not committed → punishment up to half the maximum

Master Cheat Sheet

🔴 Against Individual (6)

Email Spoofing — fake sender
Spamming — unsolicited bulk email
Phishing — fake entity, steal info
Cyber Stalking — harass/frighten
Cyber Defamation — false bad statements
Cyber Pornography — illegal content

🟠 Against Property (6)

Credit Card Skimming — skimmer device
Intellectual Property Crimes
Software Piracy — copy/sell software
Identity Theft — steal personal info
DDoS / Hacking / Viruses
Cybersquatting / IPR violations

🔵 Against Government (8)

DoS — block legitimate access
Email Bombing — flood mailbox
Logic Bombing — triggered code
Data Diddling — alter then restore
Sale of Illegal Articles online
Cyber Terrorism
Pirated Software
Accessing Confidential Info

💬 Analogy Bank — for the Exam

Salami Attack → slicing salami (so thin each slice is invisible)
Web Jacking → airplane hijacking (take control, demand ransom)
Logic Bomb → a landmine (dormant until triggered)
Keylogger → a spy watching over your shoulder while you type
Phishing → a fisherman casting fake bait to catch your credentials
DoS → blocking the door so no real customer can enter a shop

Quick Self-Quiz

Click to reveal answers.

What are the 3 categories of cybercrime? (Use the mnemonic)

I · P · G — "I Protect Governments": Individual, Property, Government.

What is Data Diddling and how is it different from a Salami Attack?

Data Diddling = alter data before/during entry, then restore it after processing. Hides in the process.

Salami Attack = steal microscopically small amounts from many people repeatedly. Hides in the size. (Like slicing salami — each slice is unnoticeable.)

What is Web Jacking? What real-world crime is it analogous to?

Forcefully taking control of a website by cracking and changing the password, locking out the real owner. Analogous to airplane hijacking — take control and demand ransom (monetary or political).

What are the 4 objectives of the KSA Anti-Cybercrime Law?

IS · RU · PM · NE: Enhance Information Security, protect Rights of Users, protect Public morals & values, protect the National Economy.

Which article carries the harshest penalty and what does it cover?

Article 7 — up to 10 years prison and SAR 5 million fine. Covers: websites for terrorist organizations, and accessing data that threatens national security or the national economy.

What is the Accomplice Rule under Article 9?

Inciting, assisting, or collaborating in a cybercrime is punishable. If the crime was committed → up to the full maximum penalty. If the crime was not committed → up to half the maximum penalty.

What is a Logic Bomb? How does it differ from a regular virus?

A Logic Bomb is code intentionally inserted into a system that only activates when specific conditions are met (a date, a user action, etc.). It is dormant until triggered — unlike a virus which spreads immediately.

What is Phishing, and what makes it different from Email Spoofing?

Phishing = disguising as a trusted entity to trick the victim into giving sensitive info (passwords, credit card numbers). It targets the victim's response.

Email Spoofing = forging the email header to make it look like it came from someone else. It's about hiding the sender's identity.