Cyber-crime: Its History, Types, Methods and the Effects on Networks and Users - Research Paper Example

? Cyber-Crimes: Types, Methods, and the Effects to Networks and Users Since the Internet began in 1989, it has enabled the advancement of commerce, communication, convenience, and has improved the quality of life for millions of people. With all the great things that have evolved there has also been an unfortunate opportunity for criminal activity (“Internet Governance”). In the cyber security world, there are only two kinds of computers: “those that have been hacked and those that will be hacked” (Schaeffer et al.). Moreover, it has been estimated that the cost of the aggregate damage caused by cyber-crimes to companies have amounted up to $36.5M just in the United States (“Second Annual Cost”). In fact, this information does not take into account the cost of damage to the lives of thousands of people who were conned using malicious information on the Internet. Such very discouraging statements only tell us one thing: that cyber-crimes are real and rampant, and that they need to be dealt with. With such an overwhelming issue of fraud, there needs to be insight on the nature of these cyber-crimes – their history, their various types, the methods of preventing them, and their effects on Internet users. The purpose of such exposition is not merely to increase the people’s awareness of the nature of these crimes but also to open up their minds to the various ways that they can cooperate with the proper authorities in eradicating these crimes as well as to protect themselves from potential cyber-criminals. Cybercrime is a national issue. The cost to the economy and one’s personal life is significant and growing. The ease of access to the World Wide Web and relative anonymity of the perpetrators lowers the risk of them being caught while making crimes fairly simple and straightforward to conduct. The impact of cybercrime is not felt equally. [2] The goal of this paper is to raise awareness of the threats we all face when using computing devices with online access, the types of cybercrimes and some ideas to protect ourselves so we can all continue to enjoy the many benefits of the digital age. Types Basically, cyber-crimes are classified into three categories. According to the Ecommerce website, the first category includes those in which “the computer comprises the ‘object’ of a crime,” and where the object of the perpetrator’s attack is the computer itself (“Computer Crime – Definitions”). This category includes the stealing of computer processor time as well as that of computerized services. For the purposes of convenience, this type of cyber-crime is not discussed in detail in this paper because of its relatively low occurrence. The second category of cyber-crimes includes the category where the computer is the “subject” of the crime, such as in the case of viruses and similar attacks whose purpose is to destroy the computer or a network of computers (“Computer Crime – Definitions”). Moreover, this is the category of cyber-crimes that includes crimes related to hacking and similar technology. The so-called hacking technology was the one employed by Nicholas Webber in the huge credit card theft that brought down Ghostmarket.net in 2009, resulting in around ?16.2M or ?25.3M in mysterious losses from around 8,000 Ghostmarket.net members all over the world. Ghostmarket.net is a cyber-crime forum where members traded credit card information with the company in exchange for tutorial services, but where these members did not know that their own credit card details were compromised by an 18-year-old cyber-criminal in the name of Nicholas Webber, with a 17-year-old accomplice named Ryan Thomas. It was also discovered by the British police that both Webber and Thomas used a Costa Rican offshore bank account to which they channeled the credit card funds (Malik). The practice of hacking is facilitated through the use of anonymous programs that try to shield the Internet user’s identity, in order for example not to disclose the identity of people buying sex toys online. However, the same type of technology may be maliciously used to breach the security system of certain websites no matter how seemingly strong this security system is. According to Guardian News and Media Limited, “Extremely experienced computer [hackers]” can always find a way to breach even the toughest of website security systems (Malik). Moreover, evidence for committing such crimes can easily be destroyed by the perpetrators (Morningstar). While some cyber criminals would invoke their right to privacy when forced to admit what they are doing online, others would simply remain acquitted or at most sentenced to a few years in prison regardless of how serious the damage their crimes have brought (Grimes). The root cause of this is the unclear laws against cyber-crimes, considering that 33 countries do not even have updated cyber-crime laws. Some of these countries include France, Norway, Italy, New Zealand and Egypt (“Cyber Crime”). If their laws on cyber-crimes are vague, then they are easily defied and challenged. Another incidence of hacking where the reason was most likely the unclear law was that of 20-year-old David Kennell, a college student who was arrested for hacking into the Yahoo account of former U. S. Vice Presidential candidate Sarah Palin. Nevertheless, Kennell pleaded not guilty to the crime and was immediately acquitted on the grounds that what he had done was simply a “prank that spun out of control” (Watters). This simply shows that cyber-crimes are not taken seriously by governments and authorities and much more by young cyber-criminals who know that there are still no laws strong enough to undermine their right to free speech. It is not only government officials like Sarah Palin whose accounts and databases get hacked but also government institutions like the National Aeronautics and Space Administration, or NASA, and the U. S. Military. In fact, in 1999, the Pentagon was hacked by some suspected cyber-criminals allegedly working for the Russian secret service. Three years later, in 2002, the NASA and the U. S. Military had their databases hacked with the cost of damage reaching $1M. Aside from these, there is the growing apprehension of the Federal Bureau of Investigation, or FBI, on the rumored invention and operation of Cray super-computers, which are capable of “cracking complex encrypted passwords” (Darlington). This will therefore prove as a challenge to the use of the protocol called Secure Sockets Layer, or SSL, in the prevention of making public the transmission of private data from users and consumers (Darlington). Yet, despite the ever-increasing incidence of hacking and other cyber-crimes on the Internet, the FBI is believed to remain very choosy when it comes to determining which cyber-crimes have to be investigated first (Montalbano). Some crimes that belong to the second category happened because of carelessness due to the lack of installation of SSL in the website. This is what happened to Yahoo, CNN, Motorola, Amazon, eBay, ZDNet and Buy.com in February 2000 when these sites were hacked by “Mafiaboy,” a 15-year-old Canadian teenager (Darlington). The stealing of information from around 15,000 credit card and debit cards in Western Union in 2003 was also believed to be due to the carelessness of the companies involved and their lack of preparedness by not setting up SSL protocol (Darlington). Aside from hacking, the second type of cyber-crimes also involves viruses. In March 1999, the Melissa virus damaged several online businesses at the cost of an estimated $385M worth of damage to systems. However, this is nothing compared to the Love Bug virus in 2000, which caused a much greater damage to several computers amounting to $8.75B. The SirCam virus only comes second with around $1.15 worth of damaged databases and computer systems (Darlington). Finally, the third category of cyber-crimes is one where the computer is used as an “instrument” in committing traditional crimes online (“Computer Crime – Definitions”). These traditional crimes would include online harassment, child pornography and cyber-fraud. One such example is illegal download sites from which the latest movies can be downloaded for only a cheap amount that ignores property rights (Darlington). Such illegal movie download sites used to include TVShack.net, ThePirateCity.org, Planetoviez.com, and Movies-Links.TV, which have all been raided by the U. S. Department of Homeland Security (“U. S. Officials”). Aside from illegal movie downloading, there is also the case of illegal trading, where items are sold at a much lower price than the competitive markets. However, the problem with these items, such as drugs, is that there are horrible side effects and many have not been tested nor approved. Since the pharmaceutical companies overproduce the drug and since they sometimes fail to monitor the distribution of these drugs to legal wholesalers and retailers, the illegal seller sites then act as fake online retailers (Darlington). According to Forbes.com, examples of such sites include The Farmer’s Market and Silk Road. Although The Farmer’s Market has already been shut down by American authorities and its operators indicted, the Silk Road has been constantly operating despite a formal directive from one American senator to have the illegal drug company and website shut down. In fact, Silk Road continually makes around $22M annually from its sales of cocaine, ecstasy and other illegal drugs while using a crypto currency known as Bitcoin, which is hard to trace and detect because its movement cannot be tracked by central banks and other financial institutions (Greenberg). Another type of cyber-crime that belongs to the third category is the Nigerian 419 scams, so-called because of the number of the criminal code in Nigeria that deals with this particular crime. The operation of the Nigerian 419 scam usually begins with an e-mail that falsely represents a rich individual, a representative or the government of a particular country like China, Russia or several African countries like Benin, Congo or Nigeria. The perpetrators usually commit the crime by promising a large amount that is considered secret and whose processing should be carried out by the recipient of the email – who is actually the victim despite his newly assigned role as beneficiary of a large fund. The victim would then carry out all the financial obligations that would require the transfer of such fake amount of money, which could reach up to $100M, from the country of origin to his own country. The promise made is usually 20% of the total amount of money transferred. While the victim is constantly advised by the perpetrators to keep everything secret, the situation becomes more and more complicated as more and more fees come up, and the victim ends up sending more and more cash to spend for fake fees, perhaps until he gives up in the end (Darlington). Another way where the computer is used as an instrument in carrying out a traditional crime is kidnapping through the use of Internet scam. An example of this is one American who was abducted by two Nigerians upon flying to Benin in June 2012 for the promise of “lucrative business opportunities,” which he was offered on the Internet (“Benin”). The American was rescued by the FBI and the two captives were arrested by the Benin police (Benin). In fact, the same thing happened in 2011 to a Dutch national who was kidnapped by six South Africans after the former came to South Africa for the promise of a “lucrative scrap metal deal” from his perpetrators (Cornish). The ransom was 10,000 euros, which was paid into a British bank account. Although the Dutchman’s life was spared, those of a Canadian national kidnapped in Johannesburg and a Norwegian millionaire in another part of South Africa were not spared at all (Cornish). Aside from illegal fraud, another type of cyber-crime that belongs to the third category includes online harassment. As previously mentioned, this was done by Nicholas Webber in his scam site known as Ghostmarket.net. When Webber was arrested by the police, he “threatened on a forum to blow up the head of the police e-crimes unit in retaliation [and] trace police officers’ addresses” (Malik). Although such grave threats were not realized, the mere fact that so many people were able to know about it must have at least caused temporary paranoia among those who heard. This case of oral defamation and threat was also what British woman Tracy Williams did in March 2006 when she “[posted] false sexual allegations” on an online social networking site about a candidate of the Parliament (Darlington). Still, online harassment is considered to be responsible for several acts of suicide, especially those committed by young people. It is believed that when someone harasses another through the Internet or if someone encourages another to commit suicide and even teaches him how to kill himself, it is most likely that that person will do so, especially if he is depressed. In fact, Psychology Professor Mafumi Usui of Niigata Seiryo University in Japan said, “Depressed, young people and the Internet – it’s a very dangerous mix” (Associated Press). Internet suicide sites in Japan have been shut down by politicians with the help of the police, thus saving about 14 lives. However, the record of 91 people who died in 34 internet-related suicide cases in Japan in 2005 alone, from a record of 55 from the previous year, is somehow telling us that the suicide fever have not dwindled yet (Associated Press). Similar cases in the United States include that of 14-year-old middle school student Eden Wormer, who suffered years of bullying both online and offline, and who finally hanged herself in March 2012 (Crees). Lastly, the third category of cyber-crimes includes child pornography. As one of the aspects of “child sexual exploitation,” child pornography is classified as a crime similar to “luring, child-sex tourism [and] child prostitution” (Saytarly). Child pornography refers to posting a minor’s pictures and movies on the Internet for the purpose of sexual pleasure. However, the case of child abuse is also a clause which is included under child pornography because “1 in 5 children are contacted for sex while being online” (Saytarly). In fact, according to data from the international Russian-based Computer Crime Research Center, this “6 billion dollar a year industry” is estimated to have approximately 400,000 sex offenders in the United States alone, with two-thirds of their victims below 18 and 58% of were aged 12 or below, and most unfortunately – where “8 out of 10 rapists…released prior to trial” (Saytarly). Such alarming information must naturally serve as a wakeup call to authorities in order for them to crack down cyber-criminals responsible for child pornography and for using the Internet as a means for the perpetrator to lure the victim. Somehow the problem lies once more with vague national laws, and, in fact, the International Center for Missing and Exploited Children has found out that “child pornography [is] not a crime in most countries” (“New Study Reveals”). Another cyber-crime worth mentioning is the attack of a worm, or programs that are similar to viruses but spread through “Internet hitch-hiking on mail” (“Computer Crime Law”). One of the most special worms in the history of cyber-crimes is the Wank Worm, which was allegedly created by hackers based in Australia but who were protesting the use of plutonium used as fuel fo the power modules in the Galileo spacecraft by the NASA. The WANK worm was detected n October 16, 1989 at the NASA. The WANK worm creates new accounts, modifies passwords, carries out procedures, automatically rings the phone, and damages files (“WANK Worm”). WANK stands for “Worms Against Nuclear Killers” (Assange). From the United States, the worm attacked the world in a matter of weeks. It also infected the Fermi National Accelerator Laboratory of the U. S. Department of Energy in Illinois, the European Center for Nuclear Research in Switzerland, and the Japan-based Riken Accelerator. Fortunately, anti-WANK vaccines were developed in order to track and destroy the worm (“Hack to the Future”) Methods of Prevention The solution to these cyber-crimes is twofold – personal responsibility and cooperation with the authorities. When it comes to personal responsibility, one should try to make sure that the computer that he is using as well as the websites that he deals with are using advanced security measures. Security measures are usually employed and installed in computer drives or in websites in order to protect various Internet-related activities such as “electronic funds transfers, proprietary information, computer programs” as well as the prevention of the invasion of computer viruses (“Computer Crime Law”). Aside from this, personal responsibility entails knowledge of how to classify information according to its importance and assigning security clearances. One should also try to ensure that anti-virus programs are installed in the computer, and that these anti-virus programs must be able to scan any hardware or software that is being installed. The anti-virus programs must also automatically destroy the virus (“Computer Crime Law”). When it comes to cooperation, an employee should comply with standard company procedures as to the monitoring of all the activities and Internet connection of all the computers in the company. Moreover, confidential passwords must never be disclosed unless permitted (“Computer Crime Law”). The real challenge is actually cooperation on the national level. The call for cooperation in the United States is reflected on the website of FBI at FBI.gov: “We are building our lives around wired and wireless networks [but] the question is, are we ready to work together to defend them?” (“Internet Fraud”). This message simply implies that every citizen has the duty to cooperate with the authorities when it comes to dealing with cyber-crimes. The FBI recommends that when dealing with credit card transactions online, one should at least avoid giving his credit card number online unless the website is “secure and reputable” (“Internet Fraud”). Moreover, one should also try to do research on the company that one is dealing with, and that he should call the seller in order to check whether the telephone number is real and not just made up (“Internet Fraud”). When it comes to protecting one’s own personal computer, the FBI recommends that should keep his firewall turned on so that the computer may be protected from hackers. One should also update his antispyware software as well as his operating system. Moreover, one should try to be careful with what he downloads and to turn off the computer whenever he is not using it (“How to Protect Your Computer”). Effects to Networks and Users Based on the aforementioned information, cyber-crimes cause a lot of damage, first and foremost, to the finances of an individual, a company and even a government institution. Individuals suffered from the financial losses from credit card theft, from various scams such as the Nigerian 419 scam, and a few people lost money and even their lives from kidnapping (Malik; Darlington; “Benin”; Cornish). The loss of lives was also the result of suicide websites (Associated Press; Crees). Aside from the loss of lives, there was also damage to one’s reputation as well as the loss of dignity and the abuse of morality in the case of child abuse and child pornography (Darlington; Saytarly). Government institutions and private companies also suffered an incredible financial loss during a virus attack and after being hacked. The Melissa virus, the Love Bug virus and the SirCam virus all caused a total of around $10.285B worth of damage to the computer systems of all computers attacked (Darlington). Conclusion There will always be new and unexpected challenges to stay ahead of cyber criminals and cyber terrorists but we can win only through partnership and collaboration of both individuals and government. There is much we can do to ensure a safe, secure and trustworthy computing environment. It is crucial not only to our sense of well-being, but also to our national security and economy. Top of Form Bottom of Form Works Cited Assange, Julian. “The Curious Origins of Political Hacktivism.” 2006. Counter Punch. 23 Sept. 2012. Associated Press. “Internet Suicides Alarm Japan.” 2006. WIRED. 23 Sept. 2012. “Benin: US Internet Scam Victim Freed by Police.” 2012. BBC News Africa. 23 Sept. 2012. Cornish, Jean-Jacques. “Dutchman kidnapped in South African on internet scam.” 2011. RFI English. 27 Sept. 2012. Crees, Alex. “14-year-old’s suicide puts spotlight on online bullying dangers.” 2012. Fox News. 24 Sept. 2012. “Cyber Crime…and Punishment? 2000. McConnell International. 6 Mar 2012. Darlington, Roger. “Crime on the Net.” 2010. Roger Darlington’s World. 7 Mar 2012. Greenberg, Andy. “Black Market Drug Site ‘Silk Road’ Booming: $22 Million in Annual Sales.” 2012. Forbes.com. 23 Sept. 2012. Grimes, Roger A. “Why Internet crime goes unpunished: Until we make the Internet secure, cyber criminals will continue to pull off high-value, low-risk offenses.” 2012. Infoworld.com. 8 Mar 2012. “Hack to the Future.” 2003. The Age. 24 Sept. 2012. “How to Protect Your Computer.” 2012. The Federal Bureau of Investigation. 24 Sept. 2012. “Internet Fraud.” 2012. The Federal Bureau of Investigation. 24 Sept. 2012. Malik, Shiv. “Teenagers jailed for running ?16M internet crime forum.” 2012. Guardian News and Media Limited. 24 Sept. 2012. Montalbano, Elizabeth. “The FBI’s Internet Crime Complaint Center received more than 300,000 reports of Internet crime in 2010, according to its annual report.” 2011. Information Week. 23 Sept. 2012. Morningstar, Steve. “Internet Crimes and Criminal Procedures.” 1998. University of Cincinnati Blue Ash. 24 Sept. 2012. Saytarly, Timofey. “Fighting Child Porn0graphy.” 2004. Computer Crime Research Center. 23 Sept. 2012. Schaeffer, Bruce S., Chan, Henfree, Chan, Henry & Ogulnick, Susan. “Cyber Crime and Cyber Security: A White Paper for Franchisors, Licensors, and Others.” 2009. Wolters Kluwer Law & Business. 23 Sept. 2012. “U. S. Officials Seize Illegal Download Sites.” 2010. NBCNews.com. 24 Sept. 2012. “WANK Worm.” 1996. University of Hamburg. 23 Sept. 2012. Watters, Audrey. “Internet Pranks or Internet Crimes?” 2010. ReadWriteWeb. 27 Sept. 2012. Read More