Cybercrime

Cybercrime is with us on a daily basis (24 hours a day and 7 days a week) because there will always be criminals. Furthermore, cybercrime will continue on as long as we use computers, networks, phones, videos, webcams, emails, and the Internet.

What is Cybercrime? Online activities are as vulnerable to common everyday crimes and can just as effectively compromise personal safety. Legislators, police, and citizens need to know how to protect themselves as well as those for which they are responsible. The cybercrimes listed below represent crimes that have existed long before the advent of the computer and Internet. The only difference is the tools used to commit those crimes (Roddel, 2009a):

• Assault by threat through emails, videos, or phones
• Child pornography over the Internet using computers
• Cyber contraband where illegal items are transferred through the Internet
• Cyberlaundering where illegal funds are transferred over the Internet
• Cyberstalking using emails, phones, text messaging, webcams, websites, and/or videos to stalk and harass someone
• Cyberterrorism using computer technology to commit violence against civilians
• Cybertheft through using the computer to steal through activities related to breaking and entering, cache poisoning, embezzlement and unlawful appropriation, espionage, identity theft, fraud, malicious hacking, plagiarism, and piracy
• Cybertresspassing, which is hacking for the purpose of entering an electronic network without permission
• Cybervandalism where computer technology is used to damage and/or destroy data

Are Cybercrime Laws Uniform? Victoria Roddel (2009b) said, “You may think the penalties for breaking into a home or car (personal property) and breaking into a home computer or laptop (personal property) would be the same at the same geographic location. Not necessarily.” Cybercrime either requires a computer to complete the crime or a computer is the target of a crime. However, not all countries recognize cybercrimes as crimes. Therefore, all governments should review current laws to assure that they are updated to include cybercrime to protect citizens.

Cybercrime Laws Vary. Many countries still do not effectively deter, stop, limit, or punish cybercrime. The partial list below shows examples of a few countries with laws related to particular cybercrimes (Roddel, 2009c):

• Australia – theft related to a computer system
• Belgium – sabotage
• Canada – forgery, intrusion, and theft
• Chile – child pornography
• Czech Republic – hacking may not be a cybercrime but illegal use of the accessed information is
• Ireland – theft and fraud
• Japan – forgery and intrusion
• Peru – forgery
• Spain – fraud and theft
• United Arab Emirates – using electronics to insult any religion
• USA – robot-networks (or botnets) and identity theft are now federal offenses

PCs Next in Cyber Attacks. North Korea was a prime suspect for launching recent cyber attacks. However, that isolated rogue state was not on a list of websites from the five countries the South Korean Communications Commission (KCC) said the cyber attacks may have originated. The KCC stated that the host websites believed to be behind the original attacks were based in Germany, Georgia, Austria, South Korea, and the United States. The location of the hackers behind the attacks is still unknown. Some analysts question North Korea’s involvement, saying that it may be the work of industrial spies or pranksters (Anonymous, 2009).

The cyber attacks saturated target websites with access requests generated by malicious software planted on PCs. These requests overwhelmed some target websites and slowed server response to legitimate traffic. Experts said that the distributed denial of service (DDoS) hacking attack spreads viruses on PCs, which turned them into zombies that, unbeknownst to the owners, simultaneously connect to specific websites. United States officials would not speculate on who may be responsible for the attacks. However, they noted that U.S. government websites face attacks or scams “millions of times” per day (Anonymous, 2009).

Ahnlab, a leading South Korean web security firm, has closely examined the recent attacks and said that the new phase of attacks would target data on tens of thousands of infected PCs. Lee Byung-cheol of Ahnlab said, “The affected computers will not be able to boot and their storage files will be disabled” (Anonymous, 2009).  About a year ago, this is exactly what happened to my PC. The computer locked up, and I could not get the computer to reboot. My hard drive was totally trashed. The computer manufacturer had to replace my hard drive, and I lost about two months worth of unsaved data.

Phishing Meet Vishing. The terms voice and phishing merge to form the term vishing. Phishing uses social engineering to obtain personal identifying information such as credit card numbers, bank-account numbers, personal identification numbers (PINs), social security numbers, and such kinds of information. Normally, criminals perform phishing through the Web and email. Criminals perform vishing over the phone. Caller identification (ID) spoofing is at the core of vishing. Criminals, crackpots, scammers, and bored teenagers easily feed misleading information into the caller ID system. According to the Federal Bureau of Investigation (FBI) vishing attacks are on the rise. Instead of just stealing money, vishers are making mischief … potentially deadly mischief (Gewirtz, 2009).

Potentially, vishing presents a huge cyberterrorism threat. Fake calls and social engineering that send our emergency responders to the incorrect location provide terrifying implications. As with most cyber-security and cyberterrorism issues, awareness, vigilance, and a tab of paranoia may well provide the best defense (Gewirtz, 2009).

Cyberwar is a wildly asymmetrical battle. Our enemies use weapons that are the same products bought by teenagers in Wal-Mart. The enemy’s cost to arm is inexpensive, yet our cost to defend is beyond our imagination. Every iPod, phone, and camera represents a potential threat to our national security. Instead of paranoia, that’s just a fact of life today. That’s something to keep you awake at night (Gewirtz, 2009).

European Cyber-gangs Target Small U.S. Firms.Organized cyber-gangs in Eastern Europe increasingly prey on small and mid-size companies in the United States. They have set off a multimillion-dollar online crime wave that worries the nation’s largest financial institutions. A task force that represents the financial industry sent out an alert in August 2009, which outlines the problem and urges its members to implement numerous precautions now used to detect consumer bank and credit card fraud. The confidential alert says, “In the past six months, financial institutions, security companies, the media and law enforcement agencies are all reporting a significant increase in funds transfer fraud involving the exploitation of valid banking credentials belonging to small and medium sized businesses” (Krebs, 2009).

Because the targets tend to be smaller, the attacks have attracted little of the notoriety that follows larger-scale breaches at big retailers and government agencies. Yet, the industry group said that some companies have suffered hundreds of thousands of dollars or more in losses. Many firms have come forward to tell their tales. In July 2009, a school district near Pittsburgh sued to recover $700,000 that cyber-gangs took from it. In May 2009, a Texas company was robbed of $1.2 million. An electronics testing firm in Baton Rouge, Louisiana, was bilked for nearly $100,000. The FBI is working to stem the problem. Steven Chabinsky, deputy assistant director for the Bureau’s Cyber Division, said, “We share a mutual concern with respect to criminals’ unrelenting intent to target our nation’s financial sector and customers, whether through computer hacking or by other schemes to steal customer account information and make unauthorized withdrawals” (Krebs, 2009).

Reference

Anonymous (2009, July 10). Newsfront: PCs next in cyberattacks, says South Korea. Newsmax.com. Retrieved from www.newsmax.com//newsfront/new_cyber_attacks/2009/07/10/234062.html.

Gewirtz, D. (2009, Spring). Digital defense: When your phone turns against you. Counter Terrorism: The Journal of Counterterrorism and Homeland Security International, 15(1), pp. 60-65.

Krebs, B. (2009, August 25). European cyber-gangs target small U.S. firms, group says. The Washington Post. Retrieved from www.washingtonpost.com/wp-dyn/content/article/2009/08/24/AR2009082402272_pf.html.

Roddel, V. (2009a, April 13). Cybercrime defined. Part 1 of 3 in the series: What is cybercrime? BrightHub.com. Retrieved from www.brighthub.com/internet/security-privacy/articles/3435.aspx.

Roddel, V. (2009b, May 4). Are cybercrime laws uniform? Part 2 of 3 in the series: What is cybercrime? BrightHub.com. Retrieved from www.brighthub.com/internet/security-privacy/articles/8821.aspx.

Roddel, V. (2009c, May 4). Cybercrime laws vary. Part 3 of 3 in the series: What is cybercrime? BrightHub.com. Retrieved from www.brighthub.com/internet/security-privacy/articles/8822.aspx. 

###