Cybercrime: Problems and Prospects

AuthorR. Raghavan
Pages30-36

Page 30

A formidable challenge to policing in the twenty-first century is the growing menace of cybercrime. While it may not match traditional crime in volume, cybercrime outclasses the former in terms of its ingenuity, the ease with which it is committed, the quantum of economic loss it causes to society, and its mind-boggling international ramifications. However, as in the case of conventional crime, cybercrime is facilitated basically by what Peter Grabowsky calls the conjunction of three factors: "motivation, opportunity, and the absence of capable guardianship" (Grabowsky 2000). Naturally, because of its global reach and its glamour and complexity, cybercrime has received considerable attention from criminal justice academics and practitioners. In this process, it has spawned abundant literature that throws light on a wide spectrum of issues, including how to investigate such crime and bring to justice offenders who exploit cyberspace for their personal profit.

BACKGROUND

Although computers came into existence as early as the 1940s, the fact that they could be used for unethical ends became clear only in the 1960s (Goodman and Brenner 2002). Around this time, many instances of manipulation, sabotage, espionage, and illegal use of computers were reported. Since the number of available computers was modest at the time, and they were found mainly on educational campuses and in research institutions, access to computers was extremely limited and the opportunity to put them to nonacademic and dishonest use was confined to researchers and students. Detection of unauthorized and unlawful use of systems was therefore easy. By the end of the twentieth century, however, computer systems had transcended geographic frontiers and had moved from being mere official tools to household gadgets. While there is no credible estimate of their numbers, it is believed that there are millions of them being used globally, both in offices and homes. The advent in the early 1990s of the World Wide Web, part of the Internet, has also ushered in an entirely new dimension, rendering abuse of cyberspace even easier.

Most instances of cybercrime reported by a country originate from across its border. According to a United Nations estimate from 2000, losses suffered by businesses and governments from cybercrime during the preceding four years reached $600 million. A Computer Security Institute (CSI) annual survey for 2002 conducted in the United States revealed that 90 percent of respondents (primarily large corporations and government agencies) had suffered security breaches, and 80 percent sustained financial losses due to such breaches. The losses were mainly from theft of proprietary information and financial fraud. As many as 40 percent of the respondents complained of system penetration from the outside, and the same percentage experienced denial-of-service (DOS) attacks. As many as 85 percent found their systems affected by viruses. The CSI's 2004 survey revealed a drop in reports of the unauthorized use of computer systems, but DOS attacks continued to be a cause of concern because losses—$26 million during 2003–to business came mainly from this form of computer abuse. Total losses to business from the twelve top kinds of security breaches reached $141.4 million.

Page 31

DEFINITION

Cybercrime has been defined in a variety of ways. There are some who look upon it as nothing but traditional crime committed through a modern medium, cyberspace. The crimes of theft, fraud, and forgery, which have been known for ages, are cited in support. This definition is only partially correct because it does not take into account the many novel forms of crime arising from the new economic activity peculiar to the twentieth and twenty-first centuries. Money laundering is one such activity that has acquired notoriety since the last decades of the twentieth century, especially in the context of terrorism, which has been fueled by easy transfers of money from one country to another. Such transfers occurred in the conspiracy that led to the al Qaeda attacks against the World Trade Center in New York and the Pentagon in Arlington, Virginia, on September 11, 2001.

Yet another simple way of describing cybercrime is that it is a crime flowing either from an unlawful attack against computer systems or one committed with the assistance of such systems. This is of course an expansive definition that brings into its fold a huge number of day-to-day occurrences, one that unfortunately contributes to the dilution of attention that cybercrime otherwise deserves at the hands of modern law enforcement agencies. There is, therefore, a practical suggestion that only crimes that are not possible to commit without the medium of computers should be classified as cybercrime (Jewkes 2003). This solves the problem of volume and helps to lend focus to the study and analysis of cybercrime. This definition does not, however, take into account the problem that what is considered criminal in one country may not be so in another, a feature of cybercrime that poses great difficulties to modern police investigators.

THE NATURE OF CYBERCRIME

Broadly speaking, there are eleven varieties of computer-related crime (Grabowsky 2000). These are: (1) theft of services; (2) communications in furtherance of criminal conspiracies; (3) information piracy and forgery; (4) the dissemination of offensive materials; (5) cyberstalking; (6) extortion; (7) electronic money laundering; (8) electronic vandalism and terrorism; (9) telemarketing fraud; (10) illegal interception; and (11) electronic funds-transfer fraud.

Hacking

Hacking, the most widely known cybercrime, makes inroads into a protected computer system. One of the simplest definitions of hacking is found in section 66 of India's Information Technology Act 2000. It reads: "Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means commits hacking."

The objectives of a hacker are twofold: one, to prove to the world that a system owned by a large corporation or government department, such as a country's defense services, is vulnerable to external attack; and, two, to steal valuable information contained in that system that is normally available to only authorized individuals. Both are unethical intrusions prohibited by law in many countries. Interestingly, such hacking, which is not always done for profit or from a political motive, is often perpetrated by young computer engineers for the sheer thrill of the adventure that a successful penetration into a system provides them.

There is another form of attack that is sponsored by an organization itself in order to check how vulnerable its own systems are. This authorized intrusion is often called ethical hacking. Many at-risk organizations are known to employ a team of individuals with the required technical knowledge to resort to such hacking at frequent intervals so as to identify any holes in security and take follow-up action to plug them. As a result of recommendations from the multinational Organisation for Economic Co-operation and Development and the Council of Europe Convention on Cybercrime (2001), many countries have made the unauthorized access to data or information liable for punishment. This is in response to the lax laws in some countries, which do not take a serious view of such transgressions.

Introduction of Viruses

Users of computers all over the world are often plagued by "viruses" that result in a crash of their systems. A virus is...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT