Scene of the Cybercrime: Inside Today's Cybercrime World

The world of global connectivity has spawned a vast new network of criminal enterprise.
(Page 1 of 5)

Book excerpt: "Scene of the Cybercrime"

Printed with permission from Syngress, a division of Elsevier. Copyright 2008. “Scene of the Cybercrime, 2e” by Debra Littlejohn Shinder and Michael Cross. For more information about this title and other similar books, please visit www.elsevierdirect.com.

Cybercrime: Introduction

Today we live and work in a world of global connectivity. We can exchange casual conversation or conduct multimillion-dollar monetary transactions with people on the other side of the planet quickly and inexpensively. The proliferation of personal computers, easy access to the Internet, and a booming market for related new communications devices have changed the way we spend our leisure time and the way we do business.

The ways in which criminals commit crimes is also changing. Universal digital accessibility opens up new opportunities for the unscrupulous. Millions of dollars are lost by both businesses and consumers to computer-savvy criminals. Worse, computers and networks can be used to harass victims or set them up for violent attacks—even to coordinate and carry out terrorist activities that threaten us all. Unfortunately, in many cases law enforcement agencies have lagged behind these criminals, lacking the technology and the trained personnel to address this new and growing threat, which has been aptly termed cybercrime.

Even though interest and awareness of the cybercrime phenomenon has grown in recent years, many Information Technology (IT) professionals and law enforcement officers have lacked the tools and expertise needed to tackle the problem. To make matters worse, old laws didn’t quite fit the crimes being committed, new laws hadn’t quite caught up to the reality of what was happening, and there were few court precedents to look to for guidance. Furthermore, debates over privacy issues hampered the ability of enforcement agents to gather the evidence needed to prosecute these new cases. Finally, there was a certain amount of antipathy—or at the least, distrust—between the two most important players in any effective fight against cybercrime: law enforcement agents and computer professionals. Yet close cooperation between the two is crucial if we are to control the cybercrime problem and make the Internet a safe “place” for its users.

Law enforcement personnel understand the criminal mindset and know the basics of gathering evidence and bringing offenders to justice. IT personnel understand computers and networks, how they work, and how to track down information on them. Each has half of the key to defeating the cybercriminal. This book’s goal is to bring the two elements together, to show how they both can and must work together in defending against, detecting, and prosecuting people who use modern technology to harm individuals, organizations, businesses, and society.

Defining Cybercrime

Scene of the Cybercrime Software
Cybercrime is broad and generic term that refers to crimes committed using computers and the Internet, and can generally be defined as a subcategory of computer crime. If this sounds strange, consider that whether someone commits Internet fraud or mail fraud, both fall under a larger category of fraud. The difference between the two is the mechanism that was used to victimize people. Cybercrime refers to criminal offenses committed using the Internet or another computer network as a component of the crime. Computers and networks can be involved in crimes in several different ways:

• The computer or network can be the tool of the crime (used to commit the crime)

• The computer or network can be the target of the crime (the “victim”)

• The computer or network can be used for incidental purposes related to the crime (for example, to keep records of illegal drug sales)

While it is useful to provide a general definition to be used in discussion, criminal offenses consist of specific acts or omissions, together with a specified culpable mental state. To be enforceable, laws must also be specific. In many instances, pieces of legislation contain definitions of terms. This is necessary to avoid confusion, argument, and litigation over the applicability of a law or regulation. These definitions should be as narrow as possible, but legislators don’t always do a good job of defining terms (and sometimes don’t define them at all, leaving it up to law enforcement agencies to guess, until the courts ultimately make a decision).

To illustrate this, we can look at the Council of Europe’s Convention on Cybercrime treaty, which can be viewed at http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm. The treaty attempts to standardize European laws concerning crime on the Internet, but one of the biggest criticisms of the treaty is its use of overly broad definitions. For example, the definition of the term service provider is so vague that it could be applied to someone who sets up a two-computer home network, and the definition of computer data, because it refers to any representation of facts, information, or concepts in any form suitable for processing in a computer system, would include almost every possible form of communication, including handwritten documents and the spoken word (which can be processed by handwriting and speech recognition software). Likewise, the U.S. Department of Justice (DoJ) has been criticized for a definition of computer crime that specifies “any violation of criminal law that involved the knowledge of computer technology for its perpetration, investigation, or prosecution” (reported in the August 2002 FBI Law Enforcement Bulletin). Under such a definition, virtually any crime could be classified as a computer crime, simply because a detective might have searched a computer database as part of conducting an investigation.


Page 1 of 5

 
1 2 3 4 5
Next Page



Tags: software, IT, privacy, technology, DOJ


0 Comments (click to add your comment)
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.