Points Of Interest: Fraud, Offensive Content, Harassment, Drugs, Cyberterrorism, E-Crime Cases,
DoS attacks, Phishing, What's Being Done,
Personal Experience
E-Crime, Computer Crime, Cybercrime, E-Crime, Hi-Tech Crime and Electronic Crime all generally refers to criminal activity where a computer or network is the tool, target, or place of a crime. There are many types of different crimes which all surround the term “e-crime”. These include Identity theft, Credit card details, Phishing, Fraud, Skimming, Spam, False-front websites and Hacking (black hat/white hat).
A common example of e-crime is when a person intends to steal information from or cause damage to a computer or computer network. This can be entirely done virtually, i.e. the information only exists in digital form and the damage.
In some legal systems, intangible property cannot be stolen and the damage must be visible, e.g. as resulting from a blow from a hammer. Yet denial of service attacks for the purposes of extortion may result in significant damage both to the system and the profitability of the site targeted. A further problem is that many definitions have not kept pace with the technology. For example, where the offence requires proof of a trick or deception as the operative cause of the theft, this may require the mind of a human being to change and do so or refrain from doing something that causes the loss. Increasingly, computer systems control access to goods and services.
Where human-centric terminology is used for crimes relying on natural language skills and innate gullibility, definitions have to be modified to ensure that fraudulent behaviour remains criminal no matter how it is committed (consider the definition of wire fraud).
Issues surrounding hacking, copyright infringement through warez, child pornography, and paedophilia have become high-profile. However, this emphasis fails to consider the equally real but less spectacular issues of obscene graffiti appearing on websites and "cyberstalking" or harassment that can affect everyday life. There are also problems of privacy when confidential information is lost, say, when an e-mail is intercepted whether through illegal hacking, legitimate monitoring (increasingly common in the workplace) or when it is simply read by an unauthorized or unintended person
Examples of internet fraud may include:
- Altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
- Altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect;
- Altering or deleting stored data
- Misusing existing system tools or software packages, or altering or writing code for
- Fraudulent purposes. This requires real programming skills and is not common.
- Manipulating banking systems to make unauthorized electronic fund transfers or to divert the whole or part of the retail prices collected by a portal would be serious thefts (see salami slicing). An increasing problem is the unauthorized use of credit card numbers and other data collected as part of identity theft.
The content of websites and other electronic communications may be harmful, distasteful or offensive for a variety of reasons. Most states in America have enacted law that place some limits on the freedom of speech and ban racist, blasphemous, politically subversive, seditious or inflammatory material that tends to incite hate crimes. This is a sensitive area in which the courts can become involved in arbitrating between groups with entrenched beliefs, each convinced that their point of view has been unreasonably attacked.
Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments at specific individuals focusing on gender, race, religion, nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties.
In March 2006, Michael Keith-Smith became the first person to win damages from an individual internet user after she accused him of being a 'sex offender' and 'racist blogger' on a Yahoo! discussion site. She also claimed that his wife was a prostitute. The High Court judge decided that Tracy Williams, of Oldham, was "particularly abusive" and "her statements demonstrated that ... she had no intention of stopping her libellous and defamatory behaviour". She was ordered to pay £10,000 in damages, plus £7,200 costs. In general, libel is not treated as a criminal matter except when it may provoke the person defamed into retaliatory. All forms of unsolicited e-mail and advertisements can also be considered to be forms of Internet harassment where the content is offensive or of an explicit sexual nature. Now termed spam, it has been criminalized in various countries.
Drug traffickers are increasingly taking advantage of the Internet to sell their illegal substances through encrypted e-mail and other Internet Technology. Some drug traffickers arrange deals at internet cafes, use courier Web sites to track illegal packages of pills, and swap recipes for amphetamines in restricted-access chat rooms.
Government officials and IS security specialist have documented a significant increase in Internet probes and server scans since early 2001. There is a growing concern among federal officials that such intrusions are part of an organized effort by cyberterrorists, foreign intelligence services, or other groups to map potential security holes in critical systems. A cyberterrorist is someone who intimidates or coerces a government or organization to advance his or her political or social objectives by launching computer-based attack against computers, network, and the information stored on them. Cyberterrorism in general, can be defined as an act of terrorism committed through the use of cyberspace or computer resources. As such, a simple propaganda in the Internet, that there will be bomb attacks during the holidays can be considered cyberterrorism. At worst, cyberterrorist may use the Internet or computer resources to carry out an actual attack.
Documented Cases of Computer Crimes:
- The Yahoo website was attacked at 10:30 PST on Monday, 7th Feb 2000. The attack lasted three hours. Yahoo was pinged at the rate of one gigabyte/second.
- On 3rd August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks on Amazon.com, eBay, Dell Computer, Outlaw.net, and Yahoo. MafiaBoy had also attacked other websites, but prosecutors decided that a total of 66 counts was enough. MafiaBoy pled not guilty.
- About fifty computers at Stanford University, and also computers at the University of California at Santa Barbara, were amongst the zombie computers sending pings in DoS attacks.
- In 1999, the Melissa virus infected a document on a victim's computer then automatically sent that document and copy of the virus via e-mail to other people.
A hacker is often someone who creates and modifies computer software and computer hardware, including computer programming, administration, and security-related items. A hacker is also someone who modifies electronics, for example, ham radio transceivers, printers or even home sprinkler systems to get extra functionality or performance. The term usually bears strong connotations, but may be either favourable or denigrating depending on cultural context (see the Hacker definition controversy).
- In computer programming, a hacker is a software designer and programmer who builds elegant, beautiful programs and systems. A hacker can also be a programmer who hacks or reaches a goal by employing a series of modifications to exploit or extend existing code or resources. For some, "hacker" has a negative connotation and refers to a person who "hacks" or uses kludges to accomplish programming tasks that are ugly, inelegant, and inefficient. This pejorative form of the noun "hack" is even used incorrectly among users of the positive sense of "hacker".
- In computer security, a hacker is a person who specializes in work with the security mechanisms for computer and network systems. While including those who endeavour to strengthen such mechanisms, it more often is used incorrectly, especially in the mass media, to refer to those who seek access despite them.
- In other technical fields, hacker is extended to mean a person who makes things work beyond perceived limits through their own technical skill, such as a hardware hacker, or reality hacker.
- In hacker culture, a hacker is a person who has attained a certain social status and is recognized among members of the culture for commitment to the culture's values and a certain amount of technical knowledge.
In computer security, a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. Typically the targets are high-profile web servers, and the attack attempts to make the hosted web pages unavailable on the Internet. It is a computer crime that violates the Internet proper use policy as indicated by the Internet Architecture Board (IAB).
DoS attacks have two general forms:
- Force the victim computer(s) to reset or consume its resources such that it can no longer provide its intended service.
- Obstruct the communication media between the intended users and the victim so that they can no longer communicate adequately.
In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using or an instant message although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.
In an example (PayPal phishing e-mail, right), spelling mistakes in the email and the presence of an IP
address in the link (visible in the tooltip under the yellow box) are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details is not a guarantee of legitimacy.
Another form of e-crime damage is what it is actually to people. Fears of e-crime attacks are growing vastly and subsequently causing people to have fears such as loss of identity, credit card being misused, computer being hacked, online banks not being secure. Many may now argue that a computer is great but if this is happening then they may stay away from computers to help prevent this from happening to them.
So what’s being done about e-crime?
As I mentioned before, government involvement in this has become a huge thing as e-crime is threatening so many peoples from around the world. In the UK alone there are two many acts that exists to protect citizens against e-crime. The Data Protection Act of 1984 (later updated in 1998) allows for the privacy and protection of data. The Computer Misuse Act of 1990 protects the misuse of computers such as gaining un-authorised access to the machine (hacking).Also the UK government has helped set up e-crime units through the police for people to reports cases of crime to.
As well as government and police involvement many software developers are trying to offer people products to help minimise the risks of e-crime. Types of software may include anti-virus software, firewall, anti-spam filters, phising warnings and identity protection.
These are clear signs that e-crime is something that people should be aware of however they should not be scared at the same time. As e-crime grows bigger so does forms of protection and people’s awareness to the problem.
E-Crime at the best of times tends to be more of a pest to me. Everyday I received loads of phising e-mails trying to convince me to visit phoney sites and for me to give them my details. Also, with the fear of e-crime I have to make sure that my computer is secured and I have to regularly run virus and spyware checks to ensure by computer is not “infected”. Although this can be annoying, it is better safe than sorry.