Computer crime, or cybercrime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Netcrime refers to criminal exploitation of the Internet. Such crimes may threaten a nation’s security and financial health. Issues surrounding this type of crime have become high-profile, particularly those surrounding cracking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.
Internationally, both governmental and non-state actors engage in cybercrimes, including espionage, financial theft, and other cross-border crimes. Activity crossing international borders and involving the interests of at least one nationstate is sometimes referred to as cyber warfare. The international legal system is attempting to hold actors accountable for their actions through the International Criminal Court.
Computer crime encompasses a broad range of activities. Generally, however, it may be divided into two categories: (1) crimes that target computers and directly; (2) crimes facilitated by computer networks or devices, the primary target of which is independent of the computer network or device.
Crimes that primarily target computer networks or devices include:
Crimes that use computer networks or devices to advance other ends include:
Spam, or the unsolicited sending of bulk email for commercial purposes, is unlawful in some jurisdictions. While anti-spam laws are relatively new, limits on unsolicited electronic communications have existed for some time.
Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:
- Altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
- Altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect;
- Altering or deleting stored data;
- Altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes.
A variety of Internet scams target consumers direct.
Obscene or offensive content
The content of websites and other electronic communications may be distasteful, obscene or offensive for a variety of reasons. In some instances these communications may be illegal.
The extent to which these communications are unlawful varies greatly between countries, and even within nations. It is a sensitive area in which the courts can become involved in arbitrating between groups with strong beliefs.
Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments at specific individuals focusing for example on gender, race, religion, nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties (see cyber bullying, cyber stalking, harassment by computer, hate crime, Online predator, and stalking). Any comment that may be found derogatory or offensive is considered harassment.
Drug traffickers are increasingly taking advantage of the Internet to sell their illegal substances through encrypted e-mail and other Internet Technology.Some drug traffickers arrange deals at internet cafes, use courier Web sites to track illegal packages of pills, and swap recipes for amphetamines in restricted-access chat rooms.
The rise in Internet drug trades could also be attributed to the lack of face-to-face communication. These virtual exchanges allow more intimidated individuals to more comfortably purchase illegal drugs. The sketchy effects that are often associated with drug trades are severely minimized and the filtering process that comes with physical interaction fades away.
Government officials and Information Technology security specialists have documented a significant increase in Internet problems and server scans since early 2001. But there is a growing concern among federal officials[who?] that such intrusions are part of an organized effort by cyberterrorists, foreign intelligence services, or other groups to map potential security holes in critical systems. A cyberterrorist is someone who intimidates or coerces a government or organization to advance his or her political or social objectives by launching computer-based attack against computers, network, and the information stored on them.
Cyber terrorism in general, can be defined as an act of terrorism committed through the use of cyberspace or computer resources (Parker 1983). As such, a simple propaganda in the Internet, that there will be bomb attacks during the holidays can be considered cyberterrorism. As well there are also hacking activities directed towards individuals, families, organized by groups within networks, tending to cause fear among people, demonstrate power, collecting information relevant for ruining peoples' lives, robberies, blackmailing etc.
Cyberextortion is a form of cyberterrorism in which a website, e-mail server, or computer system is subjected to repeated denial of service or other attacks by malicious hackers, who demand money in return for promising to stop the attacks. According to the Federal Bureau of Investigation, cyberextortionists are increasingly attacking corporate websites and networks, crippling their ability to operate and demanding payments to restore their service. More than 20 cases are reported each month to the FBI and many go unreported in order to keep the victim's name out of the domain. Perpetrators typically use a distributed denial-of-service attack.
The U.S. Department of Defense (DoD) notes that cyberspace has emerged as a national-level concern through several recent events of geo-strategic significance. Among those are included the attack on Estonia's infrastructure in 2007, allegedly by Russian hackers. "In August 2008, Russia again allegedly conducted cyber attacks, this time in a coordinated and synchronized kinetic and non-kinetic campaign against the country of Georgia. Fearing that such attacks may become the norm in future warfare among nation-states, the concept of cyberspace operations impacts and will be adapted by warfighting military commanders in the future.
One of the highest profiled banking computer crime occurred during a course of three years beginning in 1970. The chief teller at the Park Avenue branch of New York's Union Dime Savings Bank embezzled over $1.5 million from hundreds of accounts.
A hacking group called the MOD (Masters of Deception), allegedly stole passwords and technical data from Pacific Bell, Nynex, and other telephone companies as well as several big credit agencies and two major universities. The damage caused was extensive, one company, Southwestern Bell suffered losses of $370,000 alone.
In 1983, a nineteen year old UCLA student used his PC to break into a Defense Department international communications system.
Between 1995 and 1998 the Newscorp satellite pay to view encrypted SKY-TV service was hacked several times during an on-going technological arms race between a pan-European hacking group and Newscorp. The original motivation of the hackers was to watch Star Trek re-runs in Germany; which was something which Newscorp did not have the copyright to allow.
On 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically sent that document and copy of the virus via e-mail to other people.
In February 2000 a individual going by the alias of MafiaBoy began a series denial-of-service attacks against high profile websites, including Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN. About fifty computers at Stanford University, and also computers at the University of California at Santa Barbara, were amongst the zombie computers sending pings in DDoS attacks. On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks.
The Russian Business Network (RBN) was registered as an internet site in 2006. Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals. The RBN has been described by VeriSign as "the baddest of the bad". It offers web hosting services and internet access to all kinds of criminal and objectionable activities, with an individual activities earning up to $150 million in one year. It specialized in and in some cases monopolized personal identity theft for resale. It is the originator of MPack and an alleged operator of the Storm botnet.
On 2 March 2010, Spanish investigators busted 3[clarification needed] in infection of over 13 million computers around the world. The "botnet" of infected computers included PCs inside more than half of the Fortune 1000 companies and more than 40 major banks, according to investigators.
In August 2010 the international investigation Operation Delego, operating under the aegis of the Department of Homeland Security, shut down the international pedophile ring Dreamboard. The website had approximately 600 members, and may have distributed up to 123 terabytes of child pornography (roughly equivalent to 16,000 DVDs). To date this is the single largest U.S. prosecution of an international child pornography ring; 52 arrests were made worldwide.
Combatting Computer Crime
A computer can be a source of evidence. Even when a computer is not directly used for criminal purposes, may contain records of value to criminal investigators.
- Computer trespass
- Cyber bullying
- Cyber defamation law
- Cyber terrorism
- Economic and Industrial Espionage
- Federal Bureau of Investigation (FBI)
- High Technology Crime Investigation Association
- Immigration and Customs Enforcement (ICE)
- Internet homicide
- Internet stalking
- Internet suicide
- Internet War
- Legal aspects of computing
- List of convicted computer criminals
- Metasploit Project
- Online predator
- Organized crime
- Penetration test
- Personal jurisdiction over international defendants in the United States
- Police National E-Crime Unit
- United States Secret Service
- White collar crime
- Digital Crimes and the Law
- Moore, R. (2005) "Cybercrime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing.
- Warren G. Kruse, Jay G. Heiser (2002). Computer forensics: incident response essentials. Addison-Wesley. p. 392. ISBN 0201707195.
- Mann and Sutton 1998: >>Netcrime: More change in the Organization of Thieving. British Journal of Criminology; 38: 201-229. Oxfordjournals.org
- Internet Security Systems. March-2005.
- Ophardt, Jonathan A. "Cyber warfare and the crime of aggression: the need for individual accountability on tomorrow's battlefield" Duke Law and Technology Review, February 23, 2010.
- See, e.g., Telephone Consumer Protection Act of 1991, Do-Not-Call Implementation Act of 2003, CAN-SPAM Act of 2003.
- Lepofsky, J. (2006, June). Cyberextortion by denial-of-service attack. Risk, Retrieved from http://www.ere-security.ca/PDF/Cyberextortion%20by%20DoS,%20Risk%20Magazine%20June%202006.pdf
- "War is War? The utility of cyberspace operations in the contemporary operational environment" U.S. Army War College, February 2010.
- Weitzer, Ronald (2003). Current Controversies in Criminology. Upper Saddle River, New Jersey: Pearson Education Press. p. 150.
- Mann, D. and Sutton, M. (1998) >>Netcrime: More Change in the Organization of Thieving. British Journal of Criminology. 38:PP. 201-229 Oxfordjournals.org
- "A walk on the dark side". The Economist. 2007-09-30.
- Balkin, J., Grimmelmann, J., Katz, E., Kozlovski, N., Wagman, S. & Zarsky, T. (2006) (eds) Cybercrime: Digital Cops in a Networked Environment, New York University Press, New York.
- Brenner, S. (2007) Law in an Era of Smart Technology, Oxford: Oxford University Press
- Csonka P. (2000) Internet Crime; the Draft council of Europe convention on cyber-crime: A response to the challenge of crime in the age of the internet? Computer Law & Security Report Vol.16 no.5.
- Easttom C. (2010) Computer Crime Investigation and the Law
- Fafinski, S. (2009) Computer Misuse: Response, regulation and the law Cullompton: Willan
- Grabosky, P. (2006) Electronic Crime, New Jersey: Prentice Hall
- McQuade, S. (2006) Understanding and Managing Cybercrime, Boston: Allyn & Bacon.
- McQuade, S. (ed) (2009) The Encyclopedia of Cybercrime, Westport, CT: Greenwood Press.
- Parker D (1983) Fighting Computer Crime, U.S.: Charles Scribner’s Sons.
- Pattavina, A. (ed) Information Technology and the Criminal Justice System, Thousand Oaks, CA: Sage.
- Paul Taylor. Hackers: Crime in the Digital Sublime (November 3, 1999 ed.). Routledge; 1 edition. p. 200. ISBN 0415180724.
- Robertson, J. (2010, March 2). Authorities bust 3 in infection of 13m computers. Retrieved March 26, 2010, from Boston News: Boston.com
- Walden, I. (2007) Computer Crimes and Digital Investigations, Oxford: Oxford University Press.
- Wall, D.S. (2007) Cybercrimes: The transformation of crime in the information age, Cambridge: Polity.
- Williams, M. (2006) Virtually Criminal: Crime, Deviance and Regulation Online, Routledge, London.
- Yar, M. (2006) Cybercrime and Society, London: Sage.
This article's use of external links may not follow Wikipedia's policies or guidelines. (August 2010) (Learn how and when to remove this template message)
- High Technology Crime Investigation Association
- A Guide to Computer Crime from legal.practitioner.com
- Computer Crime Research Center
- CyberCrime Asia Research Center - Information about computer crime, Internet fraud and CyberTerrorism in Asia
- Cyber Crime Portal India - Cyber Crime Portal in India
- Cyber Crime Blog - Cyber Crime Blog