Sie sind auf Seite 1von 26

Insight to Cybercrime

Nadia Khadam*

70)

<

>

. INTRODUCTION

. COMMONLY DONE CYBER CRIMES

. WHAT IS CYBER CRIME?

. IMPACT OF CYBER CRIMES ON TODAYS

. ORIGIN AND DEVELOPMENT OF CYBER


CRIME

WORLD
. CONCLUSION

. LEGISLATIVE DEVELOPMENT IN THE


RELEVANT AREA

. INTRODUCTION
Computer emerged as a reason for the birth of Internet. But as always every good thing
comes with some drawback and so does computer. Computer was invented when there was
telephone technology and phone phreaks1) were in field. The intelligent phone phreakers put
their hands on computers and another kind of crime was emerged which is popularly
known as cybercrime. Cybercrime is identified with different names depending on its
nature.
Federal Bureau of Investigations 2010 statistics2) shows the increase of cybercrime all
* P.hD student at Hanyang University Seoul, South Korea.
1) The term phreak is a portmanteau of the words phone and freak, and may also refer to the
use of various
audio frequencies to manipulate a phone system.Phreak, phreaker, or phone phreak are names
used for and by individuals who participate in phreaking. (source www.Wikipedia.com)
2) Federal Bureau of Investigations. Cyber Investigations defined the four catagories falling

56

29 1

over the world. Before looking into the details of cybercrime, one must know about the
evolution of cybercrime. It is important to know that when, where and how the traditional
crime shaped into cybercrime.
There are different kinds of approaches reflected through the research in the area of
cybercrime. For instance, some wrote about the definition of the cybercrime, other focused
on history, few contain information about history. Another number explained implications of
cybercrime. During this work, it was observed that an attempt to combine all these aspects
on one paper is the requirement of the time. This work attempts to gather the basic
information about the cybercrime in one paper for better understanding of this area. The
related topics were covered in this paper for the convenience of researchers in this field.
The main purpose of this paper is to analyze the infield definitions of cyber crime
and to determine characteristics of cybercrime to understand in a better way.
Part I of the paper will sort out the characteristics of cybercrime with reasoning and
illustrations in light of predefined definitions in this field.
After that, this work will help to know about the origin, history and development of the
cybercrime, which is discussed in Part II of the paper. That part is further divided into
two parts comprising history before advent of Internet and after advent of Internet, as it
was admitted that cybercrime took the shape of more skilled and advanced crime after the
emergence of internet technology. So, its history and development must be discussed for
both eras.
Part III of the paper is focused on legislative history taking it as important thinkabout
point for the nations to work on it to be safe from cybercrimes. As legislation is foremost
tool to be adopted to handle and minimize the number of any crime. Legislative history
part also contains brief account of legal implications of cybercrime. This part is followed
under the cybercrime, which are
1. Cyber crimes against children (usually involving child pornography or child rape)
2. Theft of intellectual property
3. Publication and intentional dissemination of malware
4. National and international Internet fraud

Insight to Cybercrime

57

by the explanation of commonly done cybercrimes. These are the likely variations of the
cybercrimes. In broader sense this paper will examine cybercrime in general not in
comparative way.
The last part of this work will examine the impact of cybercrime on social, political and
cultural sectors of the society. That is how these areas are affected in special, with the
exercise of cybercrimes and how it is affecting the nations in general.

. WHAT IS CYBER CRIME?


Ever since creations peaceful dawn was startled by the death cry of the murdered Abel
and Jehovah placed his mark upon Cain and set him forth a fugitive and a vagabond,
cursed from the earth that had opened its mouth to receive his brothers blood from his
hand, there has been a never-ending conflict between those who make the laws and those
who break them. (1926)3)
This was the never ending conflict aroused from the time human came into existence
and its continuing to date. Criminals are found in every society who are breaking the laws
and committing illegal acts for their satisfaction whatever the kind is. History showed that
crime changed over decades and shaped through different mediums. Crime took many
forms depending on the medium of crime used by the offender. Especially when technology
was developed, it increased the ease in humans life but unknowingly it created medium for
the criminal activities by the use of the latest technology of the computer and the internet
as a way towards crime.
Crimes target harming individuals (murder, rape), property (arson, theft), government
(obstructing justice, treason), and morality (obscenity, gambling). After emergence of these
crimes societies developed standardized definitions of real world crimes.
After emergence of computer the society faced too much developed and advanced kind of
crimes, like computer and telecommunication crime. And later the development of internet
3) Quotation by Guy H. Thompson, reproduced by F. Gregory Lastowka and Dan Hunter, Virtual Crime,
New York Law School Review. July 2004, also available at http://ssrn.com/abstract=564801

58

29 1

showed a highrise in these types of crimes. Hence, along with other few, the latest
challenged faced by the world is in the form of cyber crimes.
When we examine the term cybercrime we analyze the cyber is such a perfect prefix.
Because nobody has any idea what it means, it can be grafted onto any old word to make
it seem new, cool and therefore strange, spooky.4) The term cyber is derived from word
cybernetic taken from the Greek word kybernetes. From Ancient Greek
from possibly based on 1830s French cyberntique the art of governing.

5)The

term was introduced by U.S mathematician Norbert Wiener in 1948 in his book
Cybernetics to elaborate on the existing theory of the transmission of messages by
incorporating his idea that people send messages within a system in effort to control their
surrounding environment.6) Later in 1982, the word cyberspace was used by science fiction
writer William Gibson (best known for Neuromancer) in his short published story,
Burning Chrome about the hacker group Cyberspace Seven.
Cyber means computer or computer network, commonly used as cyberspace, cyber
culture, cyberpunk, the electronic medium in which online communication takes place.
Anything related to computer is also termed as cyber. Now more than hundred words are
constructed using the prefix of cyber.
Commonly used word for these crimes is Cybercrime. Mostly it is used to denote
insecurity in cyberspace although in itself it appears to be a meaningless word. Usually it
also signifies the occurrence of harmful behavior done through the misuse of computers or
through networked computers.

7)

From time to time, cybercrime was defined at different forums with different
perspectives.
Pavan Duggal, an advocate of Supreme Court and Cyber law expert, says
Any criminal activity that uses a computer either as an instrumentality, target or a
means for perpetuating further crimes comes within the ambit of Cyber crime.8) Meaning
4)
5)
6)
7)

New York magazine, Dec. 23, 1996.


http://en.wiktionary.org/wiki/cybernetics accessed on 15th February 2012.
Wiener, 1954, p.15.
National Criminal Intelligence Service [NCIS], 1999.

Insight to Cybercrime

59

that Duggal is explaining the nature of crime, where it is using computer as a tool or a
target, it is termed as cybercrime.
At the other hand there is a definition proposed by Thomas and Loader9) which includes
the computermediated activities within cybercrimes, which are considered as illegal or
illicit by certain parties and conducted through global electronic networks. Hence this
definition needs further explanation to define the crime more accurately.
At some forums cybercrime is defined as crime committed through illegal use of
computer systems. At the 10th United Nations Congress on the prevention of crime and
treatment of offenders, in a workshop devoted to the issues of crimes related to computer
networks, cybercrime was broadly defined as;
Any illegal behavior committed by means of, or in relation to, a computer system or
network, including such crimes as illegal possession, offering or distributing information
by means of a computer system or network.10)
Similarly, the department of justice, USA (DOJ) defines computer crimes as any
violation of criminal law that involve a knowledge of computer technology for their
perpetration, investigation and prosecution.11) The U.S. department of justice also expands
the definition of cybercrime to include any illegal activity that uses a computer for the
storage of evidence.
Cybercrime is variedly defined on basis of its medium that in what ways computer is
used to classify the act as cybercrime. Later with the emergence of internet, the use of
internet in these acts also broadens the ambit of cybercrimes. The phrases criminal activity
related to technology or using a computer or internet for illicit means such as stealing
persons identity is used while defining cybercrimes.
8) http://www.rediff.com/netguide/index.html
9) Douglas Thomas and Brian Loader (eds.), Cybercrime: law enforcement, security and
surveillance in the information age, 2000, Routledge, London.
10) United Nations, 2000: 5.
11) Sheri A. Dillon et al., Note, Computer Crimes, 35 Am. Crim.L.Rev.503, 505(1998)(defining
computer crime)(quoting national institute of justice, U.S. Dept of Justice, Computer Crime:
Criminal Justice Resource Manual 2(1989)).

60

29 1

Another division was made to understand the cybercrime more easily, which explains in
four forms;
1. Cyber Trespass-crossing boundaries into other peoples property and/or causing
damage, e.g. hacking, defacement, viruses.
2. Cyberdeceptions and theftsstealing (money, property), e.g. credit card fraud,
intellectual property violations.
3. Cyberpornography breaching laws on obscenity and decency.
4. Cyberviolencedoing psychological harm to, or inciting physical harm against
others, thereby breaching laws relating to the protection of the person, e.g.
hate speech, stalking.12)

This division is classifying the cybercrimes according to object or target of the crime.
The first two categories comprise crime against property, the third covers crime against
morality and the fourth relates to crimes against the person. The crimes against the
State, may also be added defining those activities that breach laws protecting the integrity
of the nation and its infrastructure (e.g. terrorism, espionage and disclosure of official
secrets).13)
On the other hand, Council of Europes Convention on cybercrime stipulates the
cybercrime in four categories according to its nature.
1. Offences against the confidentiality, integrity and availability of computer data and
systems. Articles 2 to 6 of the convention are dealing with this sort of crimes.
2. Computer related offences, which includes computer related forgery and fraud. Articles
7 and 8 are relevant.
3. Content related offences; this contains certain provisions for offences related to child
pornography. Article 9 is applicable to it.
4. Offences related to infringements of copyrights and related rights, this is explained in
article 10 of the convention.
In above definitions I feel lack in one way or the other, I believe that cyber crime is
12) Wall (2001 a: 37).
13) Majid Yar, Cybercrime and Society, SAGE publications 2006, pg 10-11.

Insight to Cybercrime

61

also about the electronic devices not only computer. Apart from computer other electronic
devices are used to commit certain crimes such as data theft from ATM(automatic
transaction machine), mobile used for storage of data to be used for illicit means, So, the
definition of cybercrime should be broad to the extent that it includes the other forms of
related crimes. Because I believe that crime using computer or other electronic devices
needs similar kind of human and mechanical resources to be dealt with.
From all these definitions, we can extract the different characteristics of cyber crimes.
That we can broadly divide cyber crime in three categories, which are as follows;
1. COMPUTERS AS A TOOL

Computer could be used as tool for cyber crimes. For instance, the crimes done in real
physical world are now done by using computer as a medium, like, theft, fraud and so on.
In addition of using computer as a medium, offenders also use internet with its recent
development while executing their crimes. Here crime is facilitated by the computer or
through its related electronic devices.
In a prominent case of Citibank in 1994, in a period of few months almost $ 10million
was siphoned from the Citibanks accounts through wire transfers. The federal investigators
located the computer from where this act is committed, that was a location of a software
company at AO Saturn in St. Petersburg. A 29 years old boy named Levin was operating
this crime who allegedly used laptop computer at the AO Saturn offices to carry out the
Citibank fund transfers. Here Levin used laptop computer as a tool to access the bank
systems and for commission of crime.14)
In 2000, there emerged a very strange kind of use of the computer and internet for the
execution of crime. There comes a concept of Internet suicide pact that people with
intention to commit suicide get together and do these act collectively. This is normally
done by the young people who want to die but dont have the courage to die without any
motivation and support. Most of the cases occurred in Japan, Germany, USA, South Korea,
China etc.15)
14) See, Susan W. Burner, Cyber crime And How to catch a Hacker, USA Today, September
19, 1997, 12A and David Gow and Richard Norton Taylor, Surfing Superhighwaymen:
Guardian, December 7, 1996, 29.

62

29 1

2. COMPUTERS AS A VICTIM

In other cases computer may be targeted as victim, for instance criminals attacks the
computer system

16)to

get the computer data17) from any bank, organization or company

which often result in information and monetary loss to the owner of the victim computer.
Hence information is accessed to take undue advantage or to cause damage to the
information or to a computer system. Hacking is the prominent example where theft of
information is done maliciously and wrongfully. Apart from stealing or affecting the
targeted computer this category has very interesting kind of crime like technotrespass
that is, walking through a computer just to explore. In such cases, the intruder only
looks at a file, but even this violates the owners privacy. This would be the technological
equivalent of a criminal trespass.
The example given in earlier section also contains instance of the cybercrime where
computer is used as target. In that case Citibanks computers were used as target devices.
Another renowned case happened in 1999, the BBC reported on a 14yearold boy named
Nir Zigdon, who claimed to have taken down a Web site that was run by the Iraqi
government of that time. Although he allegedly used a computer virus to take down the
site (the U.S.based sites operator claimed otherwise), the report explained how the boy
was being hailed as a hero for destroying a site that contained antiU.S. and antiIsraeli
propaganda.18)
Many scholars divided the cyber crime into above two categories only, but on deep
scrutiny of the cases in this field, it is observed that one other form of cybercrime exists
that is where computer is used as storage device leaving behind the fact that whatever is
the medium for crime. This is discussed as follows;

15) http://www.espacoacademico.com.br/044/44eueno_ing.htm accessed on 15th March 2012.


16) Article 1(a) of The Convention of Cyber Crimes defined computer system as; any device or
group of inter-connecter or related devices, one or more of which, pursuant to a program,
performs automatic processing of data.
17) Article 1(b) of The Convention of Cyber Crimes defined computer data as; any
representation of facts , information or concepts in a form suitable for processing in a
computer system, including a program suitable to cause a computer system to perform a
function
18) http://news.bbc.co.uk/2/hi/middle_east/269399.stm. accessed on 1st february 2012.

Insight to Cybercrime

63

3. COMPUTER AS A STORAGE DEVICE

Computer may be used as a storage device while committing any crime, like an offender
may store its wrong plans and data in its personal computer. In these situations crime
occurs without the computers; the system merely facilitate the offences. The reason to
include these crimes within the ambit of cybercrime is already discussed before as the
similarity to the other cybercrimes. The differentiation of this characteristic to others can
easily be understood with the case example. In 2007, Melanie McGuire was convicted of
killing her husband William. According to Prosecutors, Ms. McGuire shot Mr. William three
or four times after sedating him with chloral hydrate, and then dismembered his body and
dumped the remains in the Chesapeake Bay. During investigation Police found that Lady
purchased a gun soon before the murder and that was not recovered. Police computer
forensic investigators examined the home computer of the couple and found that a week
before the murder someone presumably Ms. McGuire researched the topic on the computer,
with how to commit murder, how to illegally purchase guns, and undetectable poisons.
Romantic emails were also found between Ms. McGuire and her boss. Prosecutors used
this computer evidence at trial stage to establish the motive of Ms McGuire to kill her
husband, based on this evidence she was sentenced to life in prison for the crime.19)
Here computer played an incidental role in the crime and thus as a source of evidence

. ORIGIN AND DEVELOPMENT OF CYBER CRIME


Origin of the cyber crime was from the origin of the computer, which we can say from
the era of mainframe computers. Professor Susan W. Brenner in his book Cyber Crime20)
divided the origin of cybercrime in two phases, first from the era of mainframe computers
to 1990, when the internet and personal computers were becoming more sophisticated and
more pervasive. And the other phase is from 1990 to present. More easily we can divide
the origin of cybercrime in two periods, one, before the internet and the other after
emergence of Internet, because 1990 was the time when internet was spreading very fast
around the globe.
19) Brenner. Susan W., Cybercrime:Criminal threats from cyber crime, PRAEGER 2010, pg 46.
20) Bernner, Susan W., Cyber Crime, Criminal threats from cyber crime, PRAEGER 2010, pg 23.

64

29 1

1. CYBERCRIME BEFORE INTERNET

The first report about the use of computer to commit crime was made public in 1960s
when computers were large mainframe computers. After World War II mainframe business
computers were developed to recent computers. In 1946, several companies began working
on a commercial mainframe, and by 1951, the UNIVAC (UNIVersal automatic computer),
created by the company of the same name, and were being used by the census bureau.21)
In 1956 transistor Computer systems were introduced with a name of second generation
computers. Later in 1960s third generation was introduced with multiprocessing and
operating systems. After development of computer in 1960, there emerged an issue of
computer crime more prominently. But Computer crime in 1960s and 1970s differed from
the cybercrime we deal with today. There was no internet, mainframe were not networked
to other computers. In 1960, a typical IBM mainframe chose several million dollars, needed
as an entire room to house it, and needed a special airconditioning system to ensure that
its vacuum tubes would not overheat and fry the data in the computer.22) Only selected
researchers were allowed to use a mainframe. Due to limited use and nonconnectivity
with other computers, the chances were less to commit a computer crime and if so, by
selected people only. They must be the employees for these systems. The crime was
mostly limited to finance.23)
This was continued till the emergence and frequent use of internet. Thus, opening new
avenue for criminals.
2. CYBERCRIME AFTER EMERGENCE OF INTERNET

The other phase was distinguished since the commercialization of the Internet in the mid
1990s, this was the period when internet growth was tremendously fast. This was the time
when the Personal computers and Internet were becoming increasingly sophisticated.24) In
December 1995 there was an estimated 16 million Internet users worldwide, by May 2002,
this figure had risen to over 580 million, almost 10 percent of the worlds total
population.(NUA, 2003). But this was also the fact that this rise is unequal for the worlds,
21) See Cammbell-Kelly and Aspray, Computer: A History of the Information Machine, 1996, pg
100-121.
22) See Steven Levy, Hackers:heroes of the Computer Revolution (New York:Doubleday,1984), pg 19.
23) Bernner, Susan W., Cyber Crime: Criminal threats from cyber crime, PRAEGER 2010, pg 11.
24) Ibid.

Insight to Cybercrime

65

for example, over 95 percent of the worldwide total internet connections are located in the
USA, Canada, Europe, Australia and Japan.25) And this was the time when the new type of
crime was introduced in the history of crime which sensitized the utilities of the internet.
In the initial phase of the computer technology and cybercrimes, the more often used
word was Hacking, at that time it was common to use the word hacking more frequently
than cyber crime, although later hacking was established as one of the crimes comes
within the ambit of cybercrimes.
The most notorious hacker was Kevin Mitnick back in 1990s, he was the member of the
gang who usually indulge their selves in phone phreaking but later at the advent of
computer, Kevin made himself familiar to computer technology and got fame as a hacker.
For his mischievous activities, he even faced the trail and got convicted when he was only
17. Later on violation of probation period, he was arrested and confined for 6months. After
release he did few jobs and learned more about computers and hacking. In 1987 he was
held for the unauthorized access to a computer and again put on probation. And his
journey went to 2005, often arrested and confined. Kevin was like a fear for everyone even
after his arrest.26)
During this time many individuals and groups were arrested and discovered having same
activities as Kevin did and other developed wrongful things. In 2006, for example, federal
agents arrested two men who were accused of hacking to steal phone service and resell it
for a profit. One of them Edwin Pena, created two companies to sell discounted telephone
service. He hired Robert Moore to hack the networks of 15 communications providers and
hundreds of businesses and steal the phone service Pena sold.27) Prominent cyber crimes
done in its history through various methods like in 2000, computers users received email
with the subject line I LOVE YOU and with the attachment entitles LOVELETTER
FORYOU.txt.vbs. On opening of this attachment the computer automatically send this
virus to the addresses to the people in address book of the recipient and thus creating
trouble for many individuals and corporations.28)

25) Furnell, 2002: 6.


26) Kevin Mitnick history is taken from these sources, Cyberpunks, Katie Hafner and John
Markoff and Cybercrime, Burner, Susan W.
27) Brenner, Susan W. Cyber Crime: Criminal threats from cyber crime, PRAEGER 2010, pg 30.
28) Brenner, Susan W Cyber Crime: Criminal threats from cyber crime, PRAEGER 2010. pg 33.

66

29 1

And that was the time many countries found the problem while investigating this LOVE
BUG virus, and the problem was nonavailability of laws for these kind of crimes. Even
many states of USA do not have the laws.
After passing every day cybercrime is taking different forms and shapes. Today, world
is so dependent on the electronic devices that from school studies to big business
transactions individuals and the corporations are using computer and electronic devices to
manage their affairs. People can handle being at their homes, from their accounts to their
companies under one click. This kind of technology development is leaving a large area for
the protection of the individuals and the group of people. The security of the people is only
possible through protected mediums and in case of any criminal act, laws should be so
strict to punish any criminal to avoid any other similar happening. Next part of this work
will examine the legislative development in the cybercrime area.

. LEGISLATIVE DEVELOPMENT IN THE RELEVANT AREA


With the passage of time and emergence of computer related crimes, nations felt the
need to legislate on this issue and this process is still in progress. Initially many of the
countries seek to adapt existing laws to the new environment of cyberspace. But at many
occasion it was witnessed that the application of existing laws and these computer crimes
could slip through the net, resulting in failure to prosecute offenders. Thus in 1988, for
example, in the case of Gold and Schifreen, the UK House of Lords ruled that unauthorized
access to a computer system did not constitute an offence under existing criminal law.29)
In the United States, the Senate Governmental Affairs Committee held hearings on the
need for computer crime legislation in 1976 and first proposal was introduced by the
Senator Abrahim Ribicoff with the name of Federal Computer systems protection Act in
this emerging area. The bill, revised and reintroduced in 1979, 139 declared any knowing,
willful manipulation or attempted manipulation: of any computer owned or operated by the
United States, certain financial institutions, and entities affecting interstate commerce, for
the purpose of devising or executing any scheme or artifice to defraud, or of obtaining
29) Yar Majid, Cybercrime and Society, pg 39.

Insight to Cybercrime

67

money, property, or services...by means of false or fraudulent pretenses, representations, or


promises to be a crime and could have a jail sentence of up to 15 years.30) The bill
completed its life in 1979, but it served as foundations for many later legislative actions. In
1984 another Act was formulated by USA that was Computer Fraud and Abuse Act
(CFFA) of 1984. Later in UK Computer Misuse Act was introduced which governed the
unauthorized access and damage to computer systems.
With the passage of time, countries tried to cover cybercrimes in their legislation. While
doing it at national level, the major problem faced was the defining of cybercrime at one
hand and the fixing of punishment at other hand. For example, while US law allows for
custodial sentences of up to 20 years, the laws of Greece and Ireland only allow for a
maximum custodial sentence of three months.31)
The need for International treaty and agreements was due to this inconsistent and so
varied kind of laws. Here Council of Europe stepped into and worked for policy and
procedure regarding cybercrimes and introduced A Convention on Cybercrime which came
into force in 2004. According to Coleman, the aim of the convention is to harmonize laws
on cybercrime, to establish criminal laws and sanctions, and to establish a regime for
international cooperation (2003). Despite the fact that convention contained detail framework
for the legislative measures of cybercrimes but its still in the phase of implementation and
many countries are still hesitant to sign this treaty and follow.
1. Legal Implications

At this point it is necessary to discuss about the legal implications of the cybercrime.
No doubt it is the requirement of the time to regulate cybercrime in a better way but it is
uncontroversial that there are many legal implications while regulating it, like cybercrime is
not boundary bounded crime and always the question of jurisdiction pops up while dealing
with it, for instance one can do cybercrime in USA while sitting in Australia, so it needs
vast kind of rules and regulations so that any lacuna must not facilitate any criminal to
escape out of the hands of the law.
30) Goodman and Brenner, Emerging Consensus on Criminal Conduct on Cyberspace, pg 32-33.
available at http://law.scu.edu/international/File/goodmanbrenner.pdf
31) Yar MAjid, Cybercrime and society, SAGE 2006, pg 41.

68

29 1

. COMMONLY DONE CYBER CRIMES


Research and investigations show that throughout the world these are the kinds of crime
explored yet;
1. Hacking

Hacking is a term with multiple meanings. It can refer to testing and exploring
computer systems, highly skilled computer programming or the practice of accessing and
altering other peoples computers. Hacking may be carried out with honest aims or with
criminal intent.32)(see Figure 1)

Source: www.gamedeception.net accessed on 12 January 2012

<Figure 1>

32) G Urbas and KR Choo, Resource materials on technology-enabled crime, AIC, Canberra, 2008,
p.83; AIC, High tech crime brief: Hacking offences, AIC, 2005, p.1.

Insight to Cybercrime

69

2. Computer Virus

A computer virus is a computer program that piggybacks or attaches itself to application


programs or other executable system software; the virus subsequently activates, sometimes
causing severe damage to computer systems or files.33)
3. Malicious Software (Malware)

Malware (for malicious software) is any program or file that is harmful to a computer
user. Thus, malware includes computer viruses, worms, Trojan horses, backdoors and also
spyware, programming that gathers information about a computer user without permissio
n.34) (see Figure 2)

Source: www.blogs.tecgnet.com, accessed on 21 January, 2012

<Figure 2>

4. Botnets

backdoors are a category of malware that enable a cyber criminal to remotely control an
infected computer over a network. Such an infected computer is often called a robot or
33) JJohn Baiden, Cybercrimes, Electronic copy available at: http://ssrn.com/abstract=1873271
34) http://searchmidmarketsecurity.techtarget.com/definition/malware accessed on 21 January, 2012.

70

29 1

bot computer. When several computers are infected with a backdoor and become bots,
they can be simultaneously controlled from a single remote command and control (C&C)
mechanism. These remotely controlled networks of bot computers are known as botnets.(
Chapter: HACKERS, FRAUDSTERS AND BOTNETS: TACKLING THE PROBLEM OF
CYBER CRIME)
5. Spam

Spam refers to unsolicited emails, or the electronic equivalent of junk mail. Spam is
often disseminated in large amounts by sending out generic emails to large lists of email
addresses.35)
6. DNS Based Attacks

The Domain Name System (DNS) is one of the underpinning aspects of the Internet.
The DNS converts userfriendly text commands (in the form of web addresses) into IP
addresses (complex numbers which identify each individual computer connected to the
Internet). Thus the DNS enables users to easily access computers that host web pages,
without the need for complicated codes. Cyber criminals subvert the DNS in a number of
ways, like, domain hijacking is where a cyber criminal takes control of a domain name by
stealing the identity of a domain name owner, then uses this domain name to host a
malicious website and DNS hijacking which employs a trojan that changes the settings on
a users computer to access the DNS through a rogue DNS server instead of a legitimate
ISP server, thus enabling users to be diverted to false websites.36) (See Figure 3)

35) AIC, High Tech Crime Brief: More malware-adware, spyware, spam and spim, AIC, Canberra,
2006, p.1.
36) F Hacquebord and C Lu, Rogue Domain Name System Servers, blog post, TrendLabs Malware
Blog, Trend Micro, 27 March 2007, viewed 26 February 2010 <http://blog.trendmicro.com/roguedomain-name-system-servers-5breposted5d>

Insight to Cybercrime

71

Source: www.bustathief.com accessed on 25 January 2012

<Figure 3>

7. Phishing

An unwitting user may be directed to phishing website by clicking on the link in a fake
spam email or through subversion of the DNS. The users may then fall for the confidence
trick of the phishing website and may divulge personal details. In turn, the user may
become a victim of identity theft or identity fraud.37) (See Figure 4)
8. Identity Theft and Identity Fraud

Through the use of keystroke loggers, spyware, and phishing websites cyber criminals
may obtain a wide range of personal details. This is known as identity theft. These stolen
details may then be used to commit identity fraud (such as illegally accessing a victims
bank or credit card account, or taking out loans under a victims name), sold online to
other cyber criminals or used to fabricate fake official documents such as passports.38)
37) Dr Russel Smith, AIC, Transcript of Evidence, 19 August 2009, p.6.
38) See for example: Symantec Corporation, Symantec Report on the Underground Economy July
07-June 08, Symantec Corporation, November, 2009, pp.19, 24; Australian Bureau of Statistics,
2007 Personal Fraud Survey, ABS, Cat. No. 4528.0, 2007, p.8; Australian Government, Dealing
with identity theft: Protecting your identity, Attorney Generals Department (AGD), 2009, p. 4;
AusCERT, Computer Crime and Security Survey, AusCERT, 2006, p.28.

72

29 1

Example of Phishing website

Below is the original website of Facebook.

<Figure 4>

9. Scams

Victim could be attacked through scams these could be emails and which can result in
monetary loss. Like through fake lottery, huge money returns, ticketing or online shopping
scams, where victims are deceived by payment for non existing merchandise.
10. Extortion

Cyber criminals carry out online extortion via DDoS attacks and specially designed
malware. Cyber criminals may threaten to carry out a DDoS attack on a business website
if they dont pay a fee. This is particularly the case with businesses that are wholly reliant
on their website, such as online gambling companies. For example, in 2006 three Russian
nationals were found guilty of, among other offences, carrying out a DDoS attack on an
Australian gambling website when the company refused to pay $10,000 in extortion money.

Insight to Cybercrime

73

The DDoS attack shut down access to the gambling website and was said to have cost
the gambling company $200,000 in lost revenue.39) Additionally, a virus, worm or Trojan
may be designed to automatically encrypt the data on an infected computer. The cyber
criminal will then demand money from the victim in return for the key with which to
unencrypt the data.40)
11. Spoofing

The word spoof means to hoax, trick, or deceive. Therefore, in the IT world, spoofing
refers tricking or deceiving computer systems or other computer users. This is typically
done by hiding ones identity or faking the identity of another user on the Internet.41)
12. Software Piracy

Software piracy is the theft of intellectual assets associated with computer programs.42)
13. Cyber Terrorism

Security expert Dorothy Denning defines cyber terrorism as the politically motivated
hacking operations intended to cause grave harm such as loss of life or severe economic
damage.43)Cyber terrorism could be called when it is done by terrorist for execution of
their activities or it could be termed when to express the extreme kind of fear for
everyone
Apart from these some hidden cyber crime forums and websites are also working to
facilitate the cyber crimes.

39) KR Choo, Trends and issues in crime and criminal justice: Zombies and Botnets, AIC,
Canberra, 2007, p.4.
40) OECD, Malicious Software (Malware): A Security Threat to the Internet Economy, OECD,
June 2008, p.16.
41) spoofing, http://www.techterms.com/definition/spoofing accessed on 20 January, 2012
42) John Baiden, Cybercrimes, Electronic copy available at: http://ssrn.com/abstract=1873271
43) Dorothy Denning, Activism, Hactivism, and Cyberterrorism: The Internet as a tool for
Influencing Foreign Policy, in John Arquilla and David Ronfeldt, ed., Networks and Netwars,
(Rand, 2001), p. 241.

74

29 1

. IMPACT OF CYBER CRIMES ON TODAYS WORLD


Every crime has its divergent effects on the respective society and on the world at
large. By the observation of cyber crime and its phenomenon it is revealed that like other
crimes it has affected social life of humans at large. To understand the impact of cyber
crime, one must see into the impact of the computer technology and internet on people,
because cyber crime is no doubt originating from computer technology and is closely
related to internet too. As Mr. Peter Watson, Microsoft Pty Ltd, tell the Committee that
the Internet, by its very design, is an inherently vulnerable network which has enabled
cyber crime to flourish in a new virtual Wild West environment.44)
Socially, people are now more open to communicate and interact with others as compare
to past. This communication and interaction broadens the objectives from the personal
relations to the professional ones, from the medical knowledge to the news about the
world. Now, there is not a one reason for the people to interact through internet but
thousands. The advantage behind this medium is its fast, rapid and interactive
communication which is lacked in other medium of communications.
<Table 1> Following Table shows Global statistics illustrating the high incidence of cyber crime
Hacking
Malware

In 2008, Verizon observed the compromise of over 180 million business


records due to hacking.
Symantec has detected a total of approximately 2.6 million different
malware programs,60 per cent of which were detected in 2008

Malware infections via A 2007 study of 4.5 million web pages by Google found that one out of
legitimate websites

every ten websites contains malware


McAfee estimates that nearly 40 million computers were recruited to
botnets in the first three quarters of 2009.

Botnets

The Internet Society of Australia submitted that estimates of the


number of bot computers range from five percent of all computers
connected to the Internet (over 20 million) to twenty five per cent of
all computers connected to the Internet (over 250 million).

44) Mr Peter Watson, Microsoft Pty Ltd, Transcript of Evidence, 9 October 2009, p.18.

Insight to Cybercrime

75

Telstra submitted that the size of the largest DDoS attacks increased a
DDoS attacks

hundredfold between 2001 and 2007, from 0.4 gigabits per second to 40
gigabits per second

Cyber crime industry

Verizon reports that 91 per cent of the data breaches it observed in 2008
were linked to organised criminal networks.
In the year 2008, Symantec observed 349.6 billion spam messages
across the Internet.
Symantec claim that in 2008 approximately 90 per cent of spam was

Phishing and spam

sent via botnets.


The AntiPhishing Working Group, an international consortium of
organizations against Phishing identified over 210 thousand unique
phishing websites in the first half of 2009.45)

1. Economic Impact

Economic impact of cybercrimes is twofold, first is due to the attacks by cyber criminal
thus damaging the repute of public and private sector companies or individuals. For
example, when data of any finance company is hacked and breach case emerged between
client and the company, then it will be near to impossible for a company to regain its
trust. A British Newspaper, The Guardian, 5 December 2006 reported that banks and other
financial institutions are deliberately failing to report incidents of online fraud to the police,
possibly because they are worried about the potential damage to their reputations. And
companies facing cybercrimes face difficulty in progress of the business which may be
affecting the individuals by decrease in job vacancies.
Another debate takes the place in commercial sector that they suggest that most breaches
should be dealt by the victim instead of the prosecution and the police, the reason behind
this intention is the apprehension of the defamation of the respective company if one
discloses its security problems in public and exposed to their commercial competitors.

46)

45) Source Verizon Business, 2009 Data Breach Investigations Report, Verizon Business, 2009, p.2;
Australian Communication and Media Authority, Submission 56, pp.4,7; Symantec Corporation,
Symantec Global Internet Security Threat Report: Trends for 2008, Symantec Corporation,
April 2009, pp.10,16,90 ; McAfee Inc, McAfee Threats Report Third Quarter 2009, McAfee Inc,
2009, p.3; Internet Society of Australia, Submission 45, pp.3-4; Telstra, Submission 43.1, p.2;
Anti-Phishing Working Group, Phishing Activity Trends Report: 1st Half 2009, APWG, 2009,
p.3; BBC News, Google searches webs darkside, online news article, 11 may 2007, viewed 19
January 2009, <http://news.bbc.co.uk/2/hi/technology/6645895.stm>. Global statistics.

76

29 1

While combating with these issues, the major hurdle in regularizing and controlling the
cybercrime is the expensive technology and human resource required for this matter. As
this is technology based so, the cure should also based on technology and resultantly it
will bear more cost then other crime prevention strategies do.
2. Social Impact

Cybercrimes implicates socially predominantly on poor and developing countries. As


stated before that handling, prosecuting and investigation cyber crime is not a cheap
process and developing and underdeveloped countries being target of most of these crimes
have to budget this area by ignoring other important social projects for the benefit of the
society. So, nations and individuals suffers in two ways; One being target of the cyber
crime and secondly, allocation of national funds for its prevention ignoring any other
national problem or program.
Another social impact of cybercrime is due to the threat and insecurity felt by the
masses and at some level they are avoiding to use the technology just to be safe from the
criminal actions. This could affect the social networking among people and hence closes the
doors of fortune for many people in such a era of globalization.
One other social impact is explained by Elgie McFayden Jr. in his paper Implications of
White Collar Crimes that in some regions of the world young people see white collar
crimes as a means of good life for them and their families and this is the stage they are
failed to realize the implications of these acts. So, in this way cybercrime which is also
taken as white collar crime is affecting the youth of the nations and more importantly the
intellectual and sophisticated ones as cybercrime requires high intellect. Resultantly, nations
have to adopt the measures but faces limitation in their resources.
3. Political Impact

Politically motivated computer crimes have been growing steadily since 1980s.47)
Government computer networks are often the target of attacks. This decreases the ability
of international organizations investing resources in smaller countries. An increase in white
46) Wall, David, CyberCrime: The transformation of crime in the information age, pg 25-26.
47) http://www.computerweekly.com/opinion/How-do-we-tackle-political-cyber-crime accessed on
20 January 2012.

Insight to Cybercrime

77

collar criminal activity can lead to an increase in funding for warlords and anti government
regimes. This makes it possible for criminal organizations to be better equipped than police
and government forces.48) Hacking of governmental organizations websites and political
party websites are more commonly done throughout the world, which definitely adversely
affects the political scenario of any country.

. CONCLUSION
Despite the fact that there is no agreed definition of the cybercrime, cyber crime is
unavoidable. Few classifications of the cybercrimes may resemble the traditional crime but
many of them are recognized as different kinds of crime and to be dealt separately.
Technology based crimes have been developing with the passage of every day. And they
must be handle with utmost priority. These crimes are not limited to computers but other
electronic

devices

are

made

its

means

such

as

financial

transaction

machines,

telecommunication equipments and so on.


The legislative reforms will be more effective if they would be done according to nature
of cybercrime done, so that maximum convictions are possible and no one escapes from the
hands of law and courts just due to unavailability of specific law.
Developing countries are fighting against cybercrime according to their means but
developed countries must feel their responsibility being advanced in technology, and must
share the burden of developing countries and facilitate them as much as possible because if
these crimes are not controlled now it will affect the whole world with a single click.
Countries should adopt the corresponding technology measures to regulate the investigation
of these crimes to gather the evidence of any crime as much as possible.
The Government should adopt the measure within its resources. It does not mean that
the responsibility to take the steps towards the reduction of the cybercrimes is only on the
Government of any country; rather it is on the international community, national
48) Elgie McFayden Jr., Global Implications of White CollarCrime, Kentucky State University,
January3, 2010, pg 11.

78

29 1

corporations and individuals too. So, the cybercrimes are addressed effectively.
The consensual crossborder mechanism to deal with these crimes with reference to
legislation and investigative process will helps in this regard.
(: 2012. 3. 9 / : 2012. 3. 13 / : 2012. 3. 19)

Insight to Cybercrime

79

<BIBLIOGRAPHY>
Baiden, J. Cybercrimes. Electronic copy available at: http://ssrn.com/abstract=1873271
Brenner, S. W. Cybercrime: criminal threats from cyber space. USA: Praeger, DOI:
www.abc-clio.com, 2010.
Brown, I., Edwards, L. and Marsden, C., Information Security and Cybercrime, Law and the Internet,
3rd Ed., Oxford: Hart, 2009.
Chowbe, Vijaykumar Shrikrushna, The Concept of Cyber-Crime: Nature & Scope, Available at
SSRN: http://ssrn.com/abstract=1766238 or http://dx.doi.org/10.2139/ssrn.1766238, February 21,
2011.
Goodman and Brenner, Emerging Consensus on Criminal Conduct on Cyberspace, International
Journal of Law and information technology, Vol 10 No 2, Oxford University press 2002.
Indira Carr, Computer crime, UK: University of Surrey. Ashgate(July 1, 2009).
Kerr, S. Orin, Digital evidence and New Criminal Procedure, Columbia Law Review, 2005, Available
at http://ssrn.com/abstract=594101
Levy Steven, Hackers: Heroes of the Computer Revolution, New York, 1984.
Hafner, K. Cyberpunk outlaws and hackers on the computer frontier, New York: Simon & Schuster,
1995.
Hollinger, R. C., Crime, deviance and the computer, England, USA: Dartmouth, 1997.
Campbell-Kelly, Martin and Garcia-Swartz, Daniel, D., The History of the Internet: The Missing
Narratives, Available at SSRN: http://ssrn.com/abstract=867087, December 2, 2005.
McFayden, E., Global Implications of White Collar Crime, Kentucky State University, 2010.
Wall, D., Cyber criime, India: Replika Press Pvt Ltd. 2001.
Watson. P., Transcript of Evidence. Microsoft Pty Ltd. 2009.
Yar Majid. Cyber crime and society. New Delhi, London: Sage Publications, 2006.

80

29 1

<Abstract>

Insight to Cybercrime
Nadia Khadam
Crime is an everdeveloping phenomenon. With the passage of time criminals have
adopted various mediums to support their illicit aims. The advent of computer technology
provided many opportunities for business and communication and also many opportunities
for the traditional crimes to be carried out digitally. These crimes are often termed as
cybercrimes. However, Cybercrime as of yet has no clear definition or description. Many
people have drafted definitions of cybercrime gradually with the development of technology,
but there is no definition which is globally accepted. This article is organized to combine
the most relevant information about cybercrimes in one body of work and to help those,
new to this area of study. To achieve this purpose, major definitions of cybercrime from
different sources have been gathered and attempted to characterize cybercrime in the light
of these definitions, depending on its nature. This work examines the history, origin and
development of cybercrime. This is followed by the analysis of legislative growth in this
sphere, and how cybercrime is becoming a challenge for legislative bodies around the
world. This work also contains a brief account of commonly done cybercrimes with
examples. Finally, this work will examine the impact of cybercrime on the world at large
considering economic, social and cultural aspects of the society.

Key Words: cybercrime, cybercrime definition, cybercrime legislation, cybercrime


history, cybercrime cases