Introduction to Cybercrime Notes PDF

Preview

Summary

NOTES...

Description

Introduction to Cybercrime Introduction The Internet has become the foremost of the technologies. It is one of the fastest-growing areas of technical infrastructure development. Today, information and communication technologies (ICTs) are omnipresent. Digitisation continues to permeate different areas of lives. The demand for Internet and computer connectivity has led to the integration of computer technology into products that have usually functioned without it, such as cars and buildings. Electricity supply, transportation infrastructure, military services and logistics – virtually all modern services depend on the use of ICTs. The COVID19 pandemic has further underscored the role and contribution of the Internet and ICTs generally in daily activities. The pandemic which hit the world in December 2019 and dominated the entire 2020 made many activities to be transposed online. Most organisations required their employees to work remotely courtesy of internet technology. COVID-19 has also become a catalyst bringing many more older people online, organisations can now use digital to reach a wider variety of audiences than ever before. This represents a clear and immediate opportunity for marketers, especially when it comes to ecommerce. However, this broadening of online audiences may also trigger a new wave of digital innovation. At its inception, the development of new technologies is focused mainly on meeting consumer demands in western countries. However, the penetration of the Internet and its utilisation of have also been embraced by developing countries. Arguably, developing countries tend to have more internet users despite low penetration of internet that characterised these countries. The Internet and Society: The Transformation Internet and Communication: The influence of ICTs on society goes far beyond establishing basic information infrastructure. The availability of ICTs is a foundation for development in the creation, availability and use of network-based services. E-mails have displaced traditional letters; online web representation is nowadays more important for businesses than printed publicity materials; and Internet-based communication and phone services have overshadowed landline communications. Internet and Development: The availability of ICTs and new network-based services offer a number of advantages for society in general, especially for developing countries. ICT applications, such as e-government, e-commerce, e-education, e-health and e-environment, are seen as enablers for development, as they provide an efficient channel to deliver a wide range of basic services in remote and rural areas. ICT applications can facilitate the achievement of millennium development targets, reducing poverty and improving health and environmental conditions in developing countries. Given the right approach, context and implementation processes, investments in ICT applications and tools can result in productivity and quality improvements. In turn, ICT applications may release technical and human capacity and enable greater access to basic services. In this regard, online identity theft and the act of capturing another person’s credentials and/or personal information via the Internet with the intent to fraudulently reuse it for criminal purposes is now one of the main threats to further deployment of e-government

and e-business services. The costs of Internet services are often also much lower than comparable services outside the network. E-mail services are often available free of charge or cost very little compared to traditional postal services. The online encyclopaedia, Wikipedia can be used free of charge, as can hundreds of online hosting services. Lower costs are important, as they enable services to be used by many more users, including people with only limited income. Given the limited financial resources of many people in developing countries, the Internet enables them to use services they may not otherwise have access to outside the network.

Internet and Society: Advantage and Risks The introduction of ICTs into many aspects of everyday life has led to the development of the modern concept of the information society. This development of the information society offers great opportunities. Access to information can support democracy, as the flow of information is taken out of the control of state authorities (as has happened, for example, in Arab Spring, BlackLivesMatter protests among others). Technical developments have improved daily life – for example, online banking and shopping, the use of mobile data services and voice over Internet protocol (VoIP) telephony are just some examples of how far the integration of ICTs into our daily lives has advanced. Social Media: The impact of social media cannot be ignored or overemphasised. Social media have radicalised dissemination of information. They serve economic, commercial, social, religious purposes. There are purely commercial platforms like Amazon, Ebay, Alibaba, Jumia and Konga which host goods and services meant for sale and supply. They are also commercialsocial platform like Facebook, YouTube, Instagram, Tiktok where users are able to engage and make friends with people further afield. An average social media user has become a content ‘creator’. Many user-generated contents are shared with family, friends and peers. Open access has removed barrier entry for emerging entrepreneurs. However, the growth of the information society is accompanied by new and serious threats. Essential services such as water and electricity supply now rely on ICTs. Cars, traffic control, elevators, air conditioning and telephones also depend on the smooth functioning of ICTs. Attacks against information infrastructure and Internet services now have the potential to harm society in new and critical ways. Attacks against information infrastructure and Internet services have already taken place. Online fraud and hacking attacks are just some examples of computer-related crimes that are committed on a large scale every day. The financial damage caused by cybercrime could be very enormous. For example, in 2003 alone, malicious software caused damages of up to USD 17 billion. By some estimates, revenues from cybercrime exceeded USD 100 billion in 2007, outstripping the illegal trade in drugs for the first time. Nearly 60 per cent of businesses in the United States believe that cybercrime is more costly to them than physical crime. These estimates clearly demonstrate the importance of protecting information infrastructures. Most of the abovementioned attacks against computer infrastructure are not necessarily targeting critical infrastructure. However, the malicious software “Stuxnet” that was discovered in 2010 underlines the threat of attacks focusing on critical infrastructure. The software, with more

than 4 000 functions, focused on computer systems running software that is typically used to control critical infrastructure. The Challenges of Tackling Cybercrime Scale Unlike more traditional forms of communication, the internet allows users to communicate with many people, cheaply easily. The estimated 3 billion people with access to the internet, approximately 40 percent of the world’s population provide unprecedented pool of potential offenders and victims. This acts as a ‘force multiplier’ allowing offending to be committed on scale that could not be achieved in the offline environment. The ability to automate certain processes further amplifies this effect. For example, the Bredoblab, botnet was estimated to have infected 30milions computer at its peak, generating 3 billons emails per day. Accessibility Only a few decades ago, computers were large, cumbersome devises utilised primarily by the government, research and financial institutions. The ability to commit computer crimes was largely limited to those with access and expertise. Today, the technology is ubiquitous and increasingly easy to use ensuring its availability both offenders and victims. For those criminal activities that may be beyond the skills of the individual, the internet provides easy access to those who will do it for you or tell you how. Online marketplaces provide everything from hacking techniques and botnets to financial and identify information. Offenders who might otherwise be isolated in their offending, can now find like minds, anywhere in the world, forming virtual communities to further their offending. In 2012-13, just over 80 percent of adults in Australia, Canada and United Kingdom had accessed the internet, with more than half accessing from mobile phones or other handheld devices. In the United States, the percentage of households with access to the internet increased from 18% in 1997 to 74.4 in 2013. Although internet access is highest in developed countries, the actual number internet users in developing countries far outnumbers that in developed countries. In 2015, the International Telecommunication Union estimated about 3.2 billion people, or almost half of the world's population, would be online by the end of the year. Of them, about 2 billion would be from developing countries, including 89 million from least developed countries. According to Hootsuite, the number of Global Internet users has already reached almost 4.66 billion, or about 53% of the global population. The number of people using social media around the world has grown to 4.14 billion in October 2020, with that figure passing the momentous 4 billion user milestone for the first time this quarter. Anonymity Anonymity is an obvious advantage for an offender, and digital technology facilitates this in a number of ways. Offenders may deliberately conceal their identity online by the use of proxy servers, spoofed email or internet protocol (IP) addresses or anonymous emails. Simply opening an email account which does not require identity verification provides a false identity. Confidentiality may be protected by the use of readily available encryption technology, while traces of digital evidence may be removed using commercially available software.

Furthermore, the networked nature of modern communications in itself means that data will routinely be routed through a number of jurisdictions before reaching its destination, making tracing of communications extremely difficult and time sensitive. Accessing wireless network, with or without authorisation, may conceal identity of the actual user even if the location can be identified.

Portability and Transferability Central to the power of digital technology is the ability to store enormous amount of data in a small space, and to replicate that data with no appreciable diminution of quality. Storage and processing power which would once have occupied rooms, will now fit into a pocket. Copies of images or sound may be transmitted simply and at negligible cost to potentially millions of recipients. The Convergence of computing and communication technologies has made this process a seamless one, with the ability to take digital image with a mobile phone and then upload to a website within seconds.

Global Reach Criminal law is traditionally regarded as local in nature, being restricted to the territorial jurisdiction in which the offence occurred. Modern computer networks have challenged that paradigm. As individuals may now communicate overseas easily as next door, offenders may be present, and cause harm, anywhere there is an internet connection. In recent study, over half of responding countries reported that ‘between 50 and 100 percent of cybercrime acts encountered by police involved a “transnational element” Not only does this provide, literally a world of opportunity for offenders, it represents enormous challenges to law enforcement and harmonisation.

Absence of capable guardians An important factor that may affect offending behaviour is the perceived risk of detection and prosecution. In this respect, digital technology presents law enforcing with a range of challenges. The volatile nature of electronic data requires sophisticated forensic techniques to ensure its retrieval, preservation and validity for use in a criminal trial. Apart from the sheer volume of users , the networked nature of modern communications makes surveillance extremely difficult. Much of the infrastructure is privately owned, meaning that law enforcement agencies must deal with a number of different entities. Communications will routinely be routed through multiple jurisdictions, necessitating the assistance of local law enforcement agencies.

History and Development of the Internet The history of the Internet can be traced back to a military research network established in 1968 called the ARPANET which was sponsored by the Advanced Research Projects Agency (ARPA) of the US Department of Defense. On 4 October 1957 the Soviet Union launched the first man-made satellite, Sputnik I, beating the United States into space. This event, which had not been predicted in the West, caused immense shock and surprise to the US scientific

establishment. President Eisenhower was determined to ensure that the US would never again be taken by surprise on the technological frontier. In an immediate response to this event he created a new research agency tied directly to the Office of the President and funded from the Department of Defense budget. The new agency was to be called the Advanced Research Projects Agency or ARPA. The original purpose of ARPA was to connect government computers across the country to exchange information during wartime without interruption. In 1962, JCR Licklider wrote about his Intergalatic Network concept, where everyone on the globe is interconnected and can access programs and data at any site from anywhere. Licklider became the first head of the computer research programme at ARPA, which he called the Information Processing Techniques Office (IPTO). ARPANET may have been the first successful computer network, and it may also have been the forerunner of the modern internet, but it was quite dissimilar to the internet as it is known today. The Internet was later used by the private sector for exchanging research between universities. Now the internet is complex series of interconnected computer networks that communicate via telephone lines, fibre optics, copper wires, satellite transmissions, and other dedicated data connections. Internet and World Wide Web The internet is the physical infrastructure consisting of servers, computers, fibre-optic cables and routers through which data is shared. The great genius of the Internet is the simple process of joining computers or computerised databases and allowing them to talk to each other. The internet is a framework that allows users to exchange information at a distance, work carry out research, discuss, transfer files as well as a range of other activities. The world wide web (www) is the data, an immense collection of documents, texts, visual images, audio clips etc. Servers store this data and make it available through the TCP/IP software protocol. Each document, image or clip has a unique Universal Resource Locator (URL) that identifies their physical location in the internet’s infrastructure, and users access them by sending request messages, containing the URL, to the servers that store the documents. When the server receives a user’s request, it prepares the documents and transmits the information back to the user. (In re DoubleClick).

Cybersecurity and cybercrime Cybercrime and cybersecurity are issues that can hardly be separated in an interconnected environment. Cybersecurity plays an important role in the ongoing development of information technology, as well as Internet services. Enhancing cybersecurity and protecting critical information infrastructures are essential to each nation’s security and economic well-being. Making the Internet safer (and protecting Internet users) has become integral to the development of new services as well as government policy.

Cybersecurity Strategy Deterring cybercrime is an integral component of a national cybersecurity and critical information infrastructure protection strategy. In particular, this includes the adoption of appropriate legislation against the misuse of ICTs for criminal or other purposes and activities intended to affect the integrity of national critical infrastructures. At the national level, this is a shared responsibility requiring coordinated action related to prevention, preparation, response and recovery from incidents on the part of government authorities, the private sector and citizens. At the regional and international level, this entails cooperation and coordination with relevant partners. The formulation and implementation of a national framework and strategy for cybersecurity thus requires a comprehensive approach. Cybersecurity strategies – for example, the development of technical protection systems or the education of users to prevent them from becoming victims of cybercrime – can help to reduce the risk of cybercrime. The development and support of cybersecurity strategies are a vital element in the fight against cybercrime. The legal, technical and institutional challenges posed by the issue of cybersecurity are global and far-reaching and can only be addressed through a coherent strategy taking into account the role of different stakeholders and existing initiatives, within a framework of international cooperation. The development of adequate legislation and cybercrime related legal framework is an essential part of a cybersecurity strategy. This requires first of all the necessary substantive criminal law provisions to criminalize acts such as computer fraud, illegal access, data interference, copyright violations and child pornography. The fact that provisions exist in the criminal code that are applicable to similar acts committed outside the network does not mean that they can be applied to acts committed over the Internet as well. Therefore, a thorough analysis of current national laws is vital to identify any possible gaps. Apart from substantive criminal law provisions, the law-enforcement agencies need the necessary tools and instruments to investigate cybercrime. Such investigations themselves present a number of challenges. Perpetrators can act from nearly any location in the world and take measures to mask their identity. The tools and instruments needed to investigate cybercrime can be quite different from those used to investigate ordinary crimes.

Defining Cybercrime The term “cybercrime” is used to cover a wide variety of criminal conducts. It broadly describes the crimes that take place within the cyberspace and the term has come to symbolise insecurity and risk online. Beyond this, it is difficult to provide an encompassing and widely accepted definition for cybercrime. David Wall noted that “By itself, cybercrime is fairly meaningless because it tends to be used metaphorically and emotively rather than scientifically or legally, usually to signify the occurrence of harmful behaviour that is somehow reacted to the misuse of a networked computer system. Approaches under national law: Many national legislations do not attempt to define ‘cybercrime’. Many of these pieces of legislation created criminal offences that are included in the concept of cybercrime, such as unauthorized access to a computer system, or interference with a computer system or data. Where national legislation did specifically use cybercrime in

the title of an act or section (such as ‘Cybercrime Act’), the definitional section of the legislation rarely included a definition for the word ‘cybercrime.’ When the term ‘cybercrime’ was included as a legal definition, a common approach was to define it simply as ‘the crimes referred to in this law.’ See Oman, Royal Decree No 12/2011 issuing the Cybercrime Law; Philippines, Cybercrime Prevention Act 2012

Proliferation of terms and confusion - Early description included ‘computer crime’, ‘computer related’ or crime by computer. As digital technology became more pervasive terms such as ‘high technology’ crime was added to the lexicon. The advent of the internet brought us ‘cybercrime’ and’ internet’ or ‘net crime’. Other ...