ICT (Information Technology)

  Preamble

Cybercrime, or computer-oriented crime, is a crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Cybercrime may threaten a person, company or a nation's security and financial health.

There are many privacy concerns surrounding cybercrime when confidential information is intercepted or disclosed, lawfully or otherwise. Internationally, both governmental and non-state actors engage in cybercrimes, including espionage, financial theft, and other cross-border crimes. Cybercrimes crossing international borders and involving the actions of at least one nation-state is sometimes referred to as cyberwarfare.

A report (sponsored by McAfee), published in 2014, estimated that the annual damage to the global economy was $445 billion. 

Approximately $1.5 billion was lost in 2012 to online credit and debit card fraud in the US. In 2018, a study by Center for Strategic and International Studies (CSIS), in partnership with McAfee, concludes that close to $600 billion, nearly one percent of global GDP, is lost to cybercrime each year.

Combating Cybercrime

It is difficult to find and combat cyber crime's perpetrators due to their use of the internet in support of cross-border attacks. Not only does the internet allow people to be targeted from various locations, but the scale of the harm done can be magnified. Cyber criminals can target more than one person at a time. The availability of virtual spaces to public and private sectors has allowed cybercrime to become an everyday occurrence. In 2018, The Internet Crime Complaint Center received 351,937 complaints of cybercrime, which lead to $2.7 billion lost.

Investigation

A computer can be a source of evidence (see digital forensics for more info). Even where a computer is not directly used for criminal purposes, it may contain records of value to criminal investigators in the form of a logfile. In most countries Internet Service Providers are required, by law, to keep their logfiles for a predetermined amount of time. For example; a European wide Data Retention Directive (applicable to all EU member states) states that all e-mail traffic should be retained for a minimum of 12 months.

There are many ways for cybercrime to take place, and investigations tend to start with an IP Address trace, however, that is not necessarily a factual basis upon which detectives can solve a case. Different types of high-tech crime may also include elements of low-tech crime, and vice versa, making cybercrime investigators an indispensable part of modern law enforcement. Methods of cybercrime detective work are dynamic and constantly improving, whether in closed police units or in international cooperation framework.

In the United States, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) are government agencies that combat cybercrime. The FBI has trained agents and analysts in cybercrime placed in their field offices and headquarters. Under the DHS, the Secret Service has a Cyber Intelligence Section that works to target financial cyber crimes. They use their intelligence to protect against international cybercrime. Their efforts work to protect institutions, such as banks, from intrusions and information breaches. Based in Alabama, the Secret Service and the Alabama Office of Prosecution Services work together to train professionals in law enforcement through the creation of The National Computer Forensic Institute. This institute works to provide "state and local members of the law enforcement community with training in cyber incident response, investigation, and forensic examination in cyber incident response, investigation, and forensic examination.

Due to the common use of encryption and other techniques to hide their identity and location by cybercriminals, it can be difficult to trace a perpetrator after the crime is committed, so prevention measures are crucial.

Prevention

The Department of Homeland Security also instituted the Continuous Diagnostics and Mitigation (CDM) Program. The CDM Program monitors and secures government networks by tracking and prioritizing network risks, and informing system personnel so that they can take action.  In an attempt to catch intrusions before the damage is done, the DHS created the Enhanced Cybersecurity Services (ECS) to protect public and private sectors in the United States. The Cyber Security and Infrastructure Security Agency approves private partners that provide intrusion detection and prevention services through the ECS. An example of one of these services offered is DNS sinkholing.

Legislation

Due to easily exploitable laws, cybercriminals use developing countries in order to evade detection and prosecution from law enforcement. In developing countries, such as the Philippines, laws against cybercrime are weak or sometimes nonexistent. These weak laws allow cybercriminals to strike from international borders and remain undetected. Even when identified, these criminals avoid being punished or extradited to a country, such as the United States, that has developed laws that allow for prosecution. While this proves difficult in some cases, agencies, such as the FBI, have used deception and subterfuge to catch criminals. For example, two Russian hackers had been evading the FBI for some time. The FBI set up a fake computing company based in Seattle, Washington. They proceeded to lure the two Russian men into the United States by offering them work with this company. Upon completion of the interview, the suspects were arrested outside of the building. Clever tricks like this are sometimes a necessary part of catching cybercriminals when weak legislation makes it impossible otherwise.

Then-President Barack Obama released in an executive order in April 2015 to combat cybercrime. The executive order allows the United States to freeze assets of convicted cybercriminals and block their economic activity within the United States. This is some of the first solid legislation that combats cybercrime in this way.

The European Union adopted directive 2013/40/EU. All offences of the directive, and other definitions and procedural institutions are also in the Council of Europe's Convention on Cybercrime.

It is not only the US and the European Union who are introducing new measures against cybercrime. On 31 May 2017 China announced that its new cybersecurity law takes effect on this date.

Penalties

Penalties for computer-related crimes in New York State can range from a fine and a short period of jail time for a Class A misdemeanor such as unauthorized use of a computer up to computer tampering in the first degree which is a Class C felony and can carry 3 to 15 years in prison.

However, some hackers have been hired as information security experts by private companies due to their inside knowledge of computer crime, a phenomenon which theoretically could create perverse incentives. A possible counter to this is for courts to ban convicted hackers from using the Internet or computers, even after they have been released from prison – though as computers and the Internet become more and more central to everyday life, this type of punishment may be viewed as more and more harsh and draconian. However, nuanced approaches have been developed that manage cyber offenders' behavior without resorting to total computer or Internet bans. These approaches involve restricting individuals to specific devices which are subject to computer monitoring or computer searches by probation or parole officers

Awareness

As technology advances and more people rely on the internet to store sensitive information such as banking or credit card information, criminals increasingly attempt to steal that information. Cybercrime is becoming more of a threat to people across the world. Raising awareness about how information is being protected and the tactics criminals use to steal that information continues to grow in importance. According to the FBI's Internet Crime Complaint Center in 2014, there were 269,422 complaints filed. With all the claims combined there was a reported total loss of $800,492,073. But cybercrime does yet seem to be on the average person's radar. There are 1.5 million cyber-attacks annually, that means that there are over 4,000 attacks a day, 170 attacks every hour, or nearly three attacks every minute, with studies showing us that only 16% of victims had asked the people who were carrying out the attacks to stop. Anybody who uses the internet for any reason can be a victim, which is why it is important to be aware of how one is being protected while online.

Intelligence

As cybercrime has proliferated, a professional ecosystem has evolved to support individuals and groups seeking to profit from cybercriminal activities. The ecosystem has become quite specialized, including malware developers, botnet operators, professional cybercrime groups, groups specializing in the sale of stolen content, and so forth. A few of the leading cybersecurity companies have the skills, resources and visibility to follow the activities of these individuals and group. A wide variety of information is available from these sources which can be used for defensive purposes, including technical indicators such as hashes of infected files or  malicious IPs/URLs, as well as strategic information profiling the goals, techniques and campaigns of the profiled groups. Some of it is freely published, but consistent, on-going access typically requires subscribing to an adversary intelligence subscription service. At the level of an individual threat actor, threat intelligence is often referred to that actor's "TTP", or "tactics, techniques, and procedures," as the infrastructure, tools, and other technical indicators are often trivial for attackers to change. Corporate sectors are considering crucial role of artificial intelligence cybersecurity.

Diffusion of cybercrime

The broad diffusion of cybercriminal activities is an issue in computer crimes detection and prosecution.

Hacking has become less complex as hacking communities have greatly diffused their knowledge through the Internet. Blogs and communities have hugely contributed to information sharing: beginners could benefit from older hackers' knowledge and advice. Furthermore, hacking is cheaper than ever: before the cloud computing era, in order to spam or scam one needed a dedicated server, skills in server management, network configuration, and maintenance, knowledge of Internet service provider standards, etc. By comparison, a mail software-as-a-service is a scalable, inexpensive, bulk, and transactional e-mail-sending service for marketing purposes and could be easily set up for spam. Cloud computing could be helpful for a cybercriminal as a way to leverage his or her attack, in terms of brute-forcing a password, improving the reach of a botnet, or facilitating a spamming campaign.

Agencies

• ASEAN
• Australian High Tech Crime Centre
• Cyber Crime Investigation Cell, a wing of Mumbai Police, India
• Cyber Crime Unit (Hellenic Police), formed in Greece in 1995
• National White Collar Crime Center, in the United States
• National Cyber Crime Unit, in the Unit

References

1. ^ Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing.
2. ^ Warren G. Kruse, Jay G. Heiser (2002). Computer forensics: incident response essentials. Addison-Wesley. p. 392. ISBN 978-0-201-70719-9.
3. ^ Bossler, Adam M.; Berenblum, Tamar (20 October 2019). "Introduction: new directions in cybercrime research". Journal of Crime and Justice. 42 (5): 495–499. doi:10.1080/0735648X.2019.1692426. ISSN 0735-648X.
4. ^ "Cyber crime costs global economy $445 billion a year: report". Reuters. 9 June 2014. Retrieved 17 June 2014.
5. ^ "#Cybercrime— what are the costs to victims - North Denver News". North Denver News. 17 January 2015. Retrieved 16 May 2015.
6. ^ Lewis, James (February 2018). "Economic Impact of Cybercrime - No Slowing Down"(PDF).
7. ^ Gordon, Sarah (25 July 2006). "On the definition and classification of cybercrime". Journal in Computer Virology. 2: 13–20. doi:10.1007/s11416-006-0015-z. S2CID 3334277.
8. ^ "Computer and Internet Fraud". LII / Legal Information Institute. Retrieved 1 November2020.
9. ^ Laqueur, Walter; C., Smith; Spector, Michael (2002). Cyberterrorism. Facts on File. pp. 52–53. ISBN 9781438110196.
10. ^ "Cybercriminals Need Shopping Money in 2017, too! - SentinelOne". sentinelone.com. 28 December 2016. Retrieved 24 March 2017.
11. ^ Lepofsky, Ron. "Cyberextortion by Denial-of-Service Attack" (PDF). Archived from the original (PDF) on 6 July 2011.
12. ^ Mohanta, Abhijit (6 December 2014). "Latest Sony Pictures Breach : A Deadly Cyber Extortion". Archived from the original on 25 September 2015. Retrieved 20 September2015.
13. ^ Carback, Joshua T. (2018). "Cybersex Trafficking: Toward a More Effective Prosecutorial Response". Criminal Law Bulletin. 54 (1): 64–183. p. 64.
14. ^ "IJM Seeks to End Cybersex Trafficking of Children and #RestartFreedom this Cyber Monday and Giving Tuesday". PR Newswire. 28 November 2016.
15. ^ "Cybersex Trafficking". IJM. 2020.
16. ^ "Cyber-sex trafficking: A 21st century scourge". CNN. 18 July 2013.
17. ^ "Senator warns of possible surge in child cybersex traffic". The Philippine Star. 13 April 2020.
18. ^ "Duterte's drug war and child cybersex trafficking". The ASEAN Post. 18 October 2019.
19. ^ "Norwegian national, partner nabbed; 4 rescued from cybersex den". Manila Bulletin. 1 May 2020.
20. ^ "Cybersex Trafficking". IJM. 2020.
21. ^ "Cheap tech and widespread internet access fuel rise in cybersex trafficking". NBC News. 30 June 2018.
22. ^ "Senate to probe rise in child cybersex trafficking". The Philippine Star. 11 November 2019.
23. ^ "Cheap tech and widespread internet access fuel rise in cybersex trafficking". NBC News. 30 June 2018.
24. ^ "Global taskforce tackles cybersex child trafficking in the Philippines". Reuters. 15 April 2019.
25. ^ "Webcam slavery: tech turns Filipino families into cybersex child traffickers". Reuters. 17 June 2018.
26. ^ "How the internet fuels sexual exploitation and forced labour in Asia". South China Morning Post. 2 May 2019.
27. ^ "1st Session, 42nd Parliament, Volume 150, Issue 194". Senate of Canada. 18 April 2018.
28. ^ "Cybersex trafficking spreads across Southeast Asia, fuelled by internet boom. And the law lags behind". South China Morning Post. 11 September 2019.
29. ^ "What is 'Nth Room' case and why it matters". Korea Herald. 24 April 2020.
30. ^ Dennis Murphy (February 2010). "War is War? The utility of cyberspace operations in the contemporary operational environment"(PDF). Center for Strategic Leadership. Archived from the original (PDF) on 20 March 2012.
31. ^ "Cybercrime definition". www.crime-research.org. Retrieved 3 August 2019.
32. ^ "Save browsing". google.
33. ^ * Halder, D., & Jaishankar, K. (2011) Cyber crime and the Victimization of Women: Laws, Rights, and Regulations. Hershey, PA, USA: IGI Global. ISBN 978-1-60960-830-9
34. ^ "Federal CyberStalking Bill Info". www.haltabuse.org. Retrieved 4 December2019.
35. ^ "China has more internet users than any other country, according to Mary Meeker's Internet Trends Report". World Economic Forum. Retrieved 4 December 2019.
36. ^ Solutions, Madison Web. "Chinese Authorities Address Online Bullying – Cybersmile". Retrieved 2 November 2019.
37. ^ Solutions, Madison Web. "Legal Perspective – Cybersmile". Retrieved 2 November 2019.
38. ^ Participation, Expert. "Malicious Communications Act 1988". www.legislation.gov.uk. Retrieved 2 November2019.
39. ^ AG. "Criminal Code Act 1995". www.legislation.gov.au. Retrieved 2 November2019.
40. ^ "U.S. internet users who have experienced online harassment 2020". Statista. Retrieved 5 April 2021.
41. ^ "All the Latest Cyber Bullying Statistics and What They Mean In 2021". BroadbandSearch.net. Retrieved 5 April 2021.
42. ^ "We talked to the opportunist imitator behind Silk Road 3.0". 7 November 2014. Retrieved 4 October 2016.
43. ^ Arora, Beenu. "Council Post: Five Key Reasons Dark Web Markets Are Booming". Forbes. Retrieved 23 June 2020.
44. ^ "Guide: What is Bitcoin and how does Bitcoin work? - CBBC Newsround". Retrieved 23 June 2020.
45. ^ Christian, Jon (4 February 2015). "The 'Exit Scam' Is the Darknet's Perfect Crime". Vice. Retrieved 23 June 2020.
46. ^ "The 'Exit Scam' Is the Darknet's Perfect Crime". www.vice.com. Retrieved 14 July2020.
47. ^ Brandom, Russell (17 February 2019). "The golden age of dark web drug markets is over". The Verge. Retrieved 23 June 2020.
48. ^ ^a b "7 Ways the Cops Will Bust You on the Dark Web". www.vice.com. Retrieved 14 July2020.
49. ^ CDC (24 March 2020). "America's Drug Overdose Epidemic: Data to Action". Centers for Disease Control and Prevention. Retrieved 14 July 2020.
50. ^ "The Consequences of Mailing Drugs and Other Banned Substances". www.cottenfirm.com. Retrieved 23 June 2020.
51. ^ "Darknet drug vendor sentenced to 10 years prison". www.dea.gov. Retrieved 23 June2020.
52. ^ "Feds Crack Down on Darknet Vendors of Illicit Goods". www.bankinfosecurity.com. Retrieved 14 July 2020.
53. ^ ^a b c Weitzer, Ronald (2003). Current Controversies in Criminology. Upper Saddle River, New Jersey: Pearson Education Press. p. 150.
54. ^ David Mann And Mike Sutton (6 November 2011). ">>Netcrime". British Journal of Criminology. 38 (2): 201–229. CiteSeerX 10.1.1.133.3861. doi:10.1093/oxfordjournals.bjc.a014232. Retrieved 10 November 2011.
55. ^ Aaron Gershwin (26 June 2019). "Flame: The Most Sophisticated Cyber Espionage Tool Ever Made". hackernoon.com. Retrieved 1 July 2019.
56. ^ "A walk on the dark side". The Economist. 30 September 2007. Archived from the original on 10 November 2007. Retrieved 11 May 2011.
57. ^ "Spanish police crack massive 'zombie computer' network". France 24. 3 March 2010.
58. ^ "DHS: Secretary Napolitano and Attorney General Holder Announce Largest U.S. Prosecution of International Criminal Network Organized to Sexually Exploit Children". Dhs.gov. 3 August 2011. Retrieved 10 November 2011.
59. ^ DAVID K. LI (17 January 2012). "Zappos cyber attack". New York Post.
60. ^ Salvador Rodriguez (6 June 2012). "Like LinkedIn, eHarmony is hacked; 1.5 million passwords stolen". Los Angeles Times.
61. ^ Rick Rothacker (12 October 2012). "Cyber attacks against Wells Fargo "significant," handled well: CFO". Reuters.
62. ^ "AP Twitter Hack Falsely Claims Explosions at White House". Samantha Murphy. 23 April 2013. Retrieved 23 April 2013.
63. ^ "Fake Tweet Erasing $136 Billion Shows Markets Need Humans". Bloomberg. 23 April 2013. Retrieved 23 April 2013.
64. ^ "Unprecedented cyber attacks wreak global havoc". Straits Times. 13 May 2017.
65. ^ "Israeli spyware found on phones in 45 countries, U.S. Included".
66. ^https://www.sfgate.com/business/technology/article/Researchers-find-hints-of-Israeli-spyware-around-13237819.php
67. ^ "Your Smartphone could be running Israeli Spyware!". September 2018.
68. ^ "Phone hackers for hire: A peek into the discreet, lucrative business tapped by the FBI". 29 April 2016.
69. ^ Beaumont, Peter (26 August 2016). "Israeli firm accused of creating iPhone spyware". The Guardian.
70. ^ "Chat App ToTok Is Spy Tool For UAE – Report". Silicon UK Tech News. Retrieved 27 December 2019.
71. ^ Barnard-Wills, David; Ashenden, Debi (21 March 2012). "Securing Virtual Space: Cyber War, Cyber Terror, and Risk". Space and Culture. doi:10.1177/1206331211430016. S2CID 146501914.
72. ^ ^a b Brenner, Susan W., 1947- (2010). Cybercrime : criminal threats from cyberspace. Santa Barbara, Calif.: Praeger. ISBN 9780313365461. OCLC 464583250.
73. ^ "Facts + Statistics: Identity theft and cybercrime". Retrieved 2 December 2019.
74. ^ Zehra Ali (21 January 2018). "Mandatory Data Retention Worldwide". Retrieved 17 December 2018.
75. ^ "Archived copy" (PDF). Archived from the original (PDF) on 19 March 2015. Retrieved 23 July 2017.
76. ^ ^a b "Cyber Crime". Federal Bureau of Investigation. Retrieved 4 December 2019.
77. ^ ^a b "Combating Cyber Crime". Department of Homeland Security. 19 June 2012. Retrieved 1 November 2019.
78. ^ "NCFI - About". www.ncfi.usss.gov. Retrieved 4 December 2019.
79. ^ ^a b "Investigation". www.secretservice.gov. Retrieved 3 December 2019.
80. ^ "The Importance of Understanding Encryption in Cybersecurity". Florida Tech Online. 18 August 2016. Retrieved 4 December2019.
81. ^ ^a b "Detection and Prevention | CISA". www.cisa.gov. Retrieved 1 November 2019.
82. ^ Kshetri, Nir. "Diffusion and Effects of Cyber Crime in Developing Countries". Archived from the original on 18 October 2015. Retrieved 29 April 2015.
83. ^ Northam, Jackie. "U.S. Creates First Sanctions Program Against Cybercriminals".
84. ^ Adrian Cristian MOISE (2015). "Analysis of Directive 2013/40/EU on attacks against information systems in the context of approximation of law at the European level"(PDF). Journal of Law and Administrative Sciences. Archived from the original (PDF)on 8 December 2015.
85. ^ "China's new cybersecurity law takes effect today". June 2017.
86. ^ OMH. "Criminal Justice System for Adults in NYS". Retrieved 17 December 2018.
87. ^ "Managing the Risks Posed by Offender Computer Use - Perspectives" (PDF). December 2011. Archived from the original(PDF) on 5 November 2013. Retrieved 25 January 2015.