Cybercrime
Criminal law |
---|
Elements |
Scope of criminal liability |
Severity of offense |
|
Inchoate offenses |
Offense against the person |
|
Sexual offenses |
Crimes against property |
Crimes against justice |
Crimes against the public |
Crimes against animals |
Crimes against the state |
Defenses to liability |
Other common-law areas |
Portals |
It has been suggested that Cybercrime be merged into this article. (Discuss) Proposed since February 2008. |
Computer crime, cybercrime, e-crime, hi-tech crime or electronic crime generally refers to criminal activity where a computer or network is the source, tool, target, or place of a crime. These categories are not exclusive and many activities can be characterized as falling in one or more category. Additionally, although the terms computer crime or cybercrime are more properly restricted to describing criminal activity in which the computer or network is a necessary part of the crime, these terms are also sometimes used to include traditional crimes, such as fraud, theft, blackmail, forgery, and embezzlement, in which computers or networks are used to facilitate the illicit activity. Cyber crime is also a major issue these days in the world as many people are hacking into the computer systems.
Computer crime can broadly be defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud.
Discussion
A common example is when a person starts to steal information from sites, or cause damage to, a computer or computer network. This can be entirely virtual in that the information only exists in digital form, and the damage, while real, has no physical consequence other than the machine ceases to function. In some legal systems, intangible property cannot be stolen and the damage must be visible, e.g. as resulting from a blow from a hammer. Yet denial of service attacks for the purposes of extortion may result in significant damage both to the system and the profitability of the site targeted. A further problem is that many definitions have not kept pace with the technology. For example, where the offense requires proof of a trick or deception as the operative cause of the theft, this may require the mind of a human being to change and so do or refrain from doing something that causes the loss. Increasingly, computer systems control access to goods and services. If a criminal manipulates the system into releasing the goods or authorizing the services, has there been a "trick", has there been a "deception", does the machine act because it "believes" payment to have been made, does the machine have "knowledge", does the machine "do" or "refrain from doing" something it has been programmed to do (or not). Where human-centric terminology is used for crimes relying on natural language skills and innate gullibility, definitions have to be modified to ensure that fraudulent behavior remains criminal no matter how it is committed.
Issues surrounding hacking, copyright infringement through warez, child pornography, and child grooming, have become high-profile. But this emphasis fails to consider the equally real but less spectacular issues of obscenity, graffiti appearing on websites and "cyberstalking" or harassment that can affect everyday life. There are also problems of privacy when confidential information is lost, say, when an e-mail is intercepted whether through illegal hacking, legitimate monitoring (increasingly common in the workplace) or when it is simply read by an unauthorized or unintended person.
E-mail and Short Message Service SMS messages are regarded as casual communication including many things that would never be put in a letter. But unlike spoken communication, there is no intonation and accenting, so the message can be more easily distorted or interpreted as offensive. Secondly, a computer can be the tool, used, for example, to plan or commit an offense such as larceny or the distribution of child pornography. The growth of international data communications and in particular the Internet has made these crimes both more common and more difficult to police. And using encryption techniques, criminals may [conspire] or exchange data with fewer opportunities for the police to monitor and intercept. This requires modification to the standard warrants for search, telephone tapping, etc.
Thirdly, a computer can be a source of evidence Even though the computer is not directly used for criminal purposes, it is an excellent device for record keeping, particularly given the power to encrypt the data. If this evidence can be obtained and decrypted, it can be of great value to criminal investigators.
Definition of Fraud
Computer fraud is any dishonest misrepresentation of fact intended to induce another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:
- altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
- altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect;
- altering or deleting stored data; or
- altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes. This requires real programming skills and is not common.
Manipulating banking systems to make unauthorized identity theft with reference to ATM fraud.
Offensive Content
The content of websites and other electronic communications may be harmful, distasteful or offensive for a variety of reasons. Most countries have enacted law that place some limits on the freedom of speech and ban racist, blasphemous, politically subversive, seditious or inflammatory material that tends to incite hate crimes. This is a sensitive area in which the courts can become involved in arbitrating between groups with entrenched beliefs, each convinced that their point of view has been unreasonably attacked. Therefore, it is equally an offense to show hostility to a person who practices a particular faith as to a person who has no religious belief or faith.
Harassment
Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments at specific individuals focusing for example on gender, race, religion, nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties (see cyber bullying, harassment by computer, stalking, and cyberstalking).
Drug Trafficking
Drug traffickers are increasingly taking advantage of the Internet to sell their illegal substances through encrypted e-mail and other Internet Technology. Some drug traffickers arrange deals at internet cafes, use courier Web sites to track illegal packages of pills, and swap recipes for amphetamines in restricted-access chat rooms. The rise in Internet drug trades could also be attributed to the lack of face-to-face communication. These virtual exchanges allow more intimidated individuals to more comfortably purchase illegal drugs. The sketchy effects that are often associated with drug trades are severely minimized and the filtering process that comes with physical interaction fades away. Furthermore, traditional drug recipes were carefully kept secrets. But with modern computer technology, this information is now being made available to anyone with computer access. Boob
Government officials and IT security specialists have documented a significant increase in Internet probes and server scans since early 2001. There is a growing concern among federal officials [who?] that such intrusions are part of an organized effort by cyberterrorists, foreign intelligence services, or other groups to map potential security holes in critical systems. A cyberterrorist is someone who intimidates or coerces a government or organization to advance his or her political or social objectives by launching computer-based attack against computers, network, and the information stored on them.
Cyberterrorism in general, can be defined as an act of terrorism committed through the use of cyberspace or computer resources. As such, a simple propaganda in the Internet, that there will be bomb attacks during the holidays can be considered cyberterrorism. At worst, cyberterrorist may use the Internet or computer resources to carry out an actual attack.
As well there are also hacking activities directed towards individuals, families, organised by groups within networks, tending to cause fear among people, demonstrate power, collecting information relevant for ruining people lives, robberies, blackmailing etc
Documented Cases of Computer Crimes
- The Yahoo! website was attacked at 10:30 PST on Monday, 7 February 2000. The attack lasted three hours. Yahoo was pinged at the rate of one gigabyte/second.
- On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks on Amazon.com, eBay, Dell Computer, Outlaw.net, and Yahoo. MafiaBoy had also attacked other websites, but prosecutors decided that a total of 66 counts was enough. MafiaBoy pled not guilty.
- About fifty computers at Stanford University, and also computers at the University of California at Santa Barbara, were amongst the zombie computers sending pings in DoS attacks.
- In 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically sent that document and copy of the virus via e-mail to other people.
Types Of Computer Crimes
-Cyber Crime
-Malware/Malicious Code
-Denial-Of-Service Attack
-Hacker/Hacking
-Computing Virus
-Cyber Terrorism
-Information Warfare
-Cyber Stalking
-Fraud and Identity Theft
-Phishing
-Virtual Crime
Applicable laws
United States
- ACCESS DEVICE FRAUD. 18 U.S.C. § 1029. Fraud and related activity in connection with access devices.
- COMPUTER FRAUD AND ABUSE ACT. 18 U.S.C. § 1030. Fraud and related activity in connection with computers.
- CAN-SPAM ACT. 15 U.S.C. § 7704. Controlling The Assault of Non-Solicited Pornography and Marketing Act of 2003.
- EXTORTION AND THREATS. 18 U.S.C. § 875. EXTORTION and THREATS. Interstate communications.
- IDENTITY THEFT AND ASSUMPTION DETERRENCE ACT of 1998. 18 U.S.C. § 1028. Fraud and related activity in connection with identification documents, authentication features, and information.
- WIRE FRAUD. 18 U.S.C. § 1343. Fraud by wire, radio, or television.
- No Electronic Theft ("NET") Act. 17 U.S.C. § 506. Criminal Offenses. (criminal copyright infringement)
- Digital Millennium Copyright Act of 1998 (DMCA) . 17 U.S.C. § 1201. Circumvention of copyright protection systems.
- Electronic Communications Privacy Act, 18 U.S.C. § 2701, et seq. (STORED WIRE AND ELECTRONIC COMMUNICATIONS AND TRANSACTIONAL RECORDS ACCESS)
- Trade Secrets Act. 18 U.S.C. § 1832. Theft of trade secrets.
- Economic Espionage Act. 18 U.S.C. § 1831. Economic Espionage.
- Criminal Code of Canada, Section 342. Unauthorized Use of Computer.
- Criminal Code of Canada, Section 184. Interception of Communications
- The Computer Misuse Act 1990 (chapter 18.)
- The Regulation of Investigatory Powers Act 2000 (chapter 23.)
- The Anti-terrorism, Crime and Security Act 2001 (chapter 24.)
- The Data Protection Act 1998 (chapter 29.)
- The Fraud Act 2006 (chapter 35.)
- Potentially the Forgery and Counterfeiting Act 1981 (chapter 45) may also apply in relation to forgery of electronic payment instruments accepted within the United Kingdom.
- The CMA was recently amended by the Police and Justice Act 2006 (chapter 48)
- The Privacy and Electronic Communications (EC Directive) Regulations 2003 (Statutory Instrument 2003 No. 2426.)
- See also the UK Internet Rights web site and the All Party Internet Group report on recommended amendments to the CMA.
- Cybercrime Act 2001 (Commonwealth)
- Crimes Act 1900 (NSW): Part 6, ss 308-308I.
- Criminal Code (WA): Section 440a, Unlawful Operation of a Computer System
Others
- Council of Europe Convention on Cybercrime
- Global Survey of Cybercrime Law
- Unauthorized Access Penal Laws in 44 Countries
Academic resources
- Cybercrimes.net and Cyb3rCrim3.org Susan W. Brenner
- Cybercrime - High Tech crime JISC Legal Information Service
- A Guide to Computer Crime Practitioner.Com
- Criminal Justice Resources - Cybercrime
- Cybercrime NYLS
- Cybertelecom :: Crime
Government resources
- Cybercrime.gov US Department of Justice CCIPS
- US CERT United States Computer Emergency Readiness Team (US-CERT)
- FBI Cyber Investigations Home Page
- US Secret Service Computer Fraud
- On Guard OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.
- ID Theft one-stop national resource to learn about the crime of identity theft
- FindLaw Computer Crime
- RCMP Computer Crime Prevention Royal Canadian Mounted Police
Other external links
- Australian High Tech Crime Centre
- Australian Computer Abuse Research Bureau (ACARB) introduction to computer abuse concepts
- European Convention on Cybercrime [1]
- Computer Crime Research Center - Daily news about computer crime, Internet fraud and cyber terrorism
- Cyber Crime Law - News and commentary on preventing, detecting, and prosecuting computer crimes
- Information Security Investigations - Real-life stories of hunting down computer criminals and cyber terrorists
- http://www.cybercrime.gov - U.S. Department of Justice cybercrime web site
- http://www.e-crimecongress.org - Annual e-Crime Conference Serving Europe & International corporations
- http://www.ecce-conference.com/ - e-crime and computer evidence conference (first held in 2005 - now an annual event)
- U.S. Department of Justice National Institute of Justice Electronic Crime Program
- http://www.mosstingrett.no/info/legal.html#28 - The Legal Framework - Unauthorized Access to Computer Systems
- http://www.cybercrimelaw.org/index.cfm - Cybercrime Law
- http://www.rbs2.com/ccrime.htm#anchor666666 - Computer Crimes, Ronald B. Standler
- Politically Motivated Computer Crime News and analysis
References