As a young boy growing up on a small island in a tiny school with less equipments, using a computer was both a scary and exciting experience. It was scary because it was new technology that seemed difficult to understand. The many buttons on the keyboard and the different options to choose from on the screen, tend to cause feelings of unsure and afraid that a wrong key pressed could immediately shutdown everything. It was exciting because of the introduction to new different ways of writing papers on the computer, playing games online, checking emails where letters were exchanged with loved ones, and reading about current events happening around the world. All of these adventurous things were done and happening right before this writer's eyes on a small screen on a student desk. It gave a school boy the confidence to do almost anything in the world in an easier and faster way. Imagine a world functioning in your ways, in your own privacy, all on the tips of your small fingers. You get to control everything or even everyone and do as you please with their lives, all on the computer, as long as they don't know that you're the one behind that other screen. This is basically how computer crimes are committed by criminals all over the world today.
What are computer crimes? Computer crimes or cyber crimes are defined as “any legal actions where the data on a computer are accessed without permission.” The computer or network is the device, foundation, or location of where criminal activity exists. These crimes occur when criminals log on to their computer and simply enter obtain information about others, without their knowledge, and steal them or use the information against the victims. The gateway to such information is the computer.
According to Harry Henderson, the growth of cyber crime has roughly paralleled the growth of the internet growth. In 2003, the estimated value of online retail sales in the United States reached $114 billion. It is the fastest-growing sectors of the economy. Meanwhile, the cost of cyber crime in the United States alone is estimated to about $5 billion annually. This does not include the non-economic cost of stress to victims of cyber crimes (Henderson, 2005).
According to J. A. Hitchcock, statistics from the FBI and victim advocate organizations show that computer crimes are committed against more that 60,000 people a year, and the number is growing every day. NUA Internet Surveys estimates there are more than 500 million people online worldwide. If only one percent become online victims that is still over five million people (Hitchcock, 2002). As more people log on to the computer each day with their personal information, they are easily exposed to others, including criminals who commit computer crimes. As computer crimes continue to rise, more victims of these types of crimes continue to increase as well. As crimes and victims continue to increase, the effort to prevent and control computer crimes by law enforcement should be stronger too. In order for those efforts to be successful and effective, law enforcement and victims together should be equipped with the knowledge of the different methods of computer crimes that exist in this world today.
According to Henderson, computer criminals have the same motives as conventional criminals. They want to get money or other valuable things with a minimum effort and risk. Using the computer, these criminals carry out their crimes through different methods.
Computers are committed using various methods and techniques. According to Boni and Kovacich, the first basic approach that computer criminals use is they research their targets. They find out who, what, when where and how about the particular individual, business, organization or group that they plan to victimize. The second approach that computer criminals use is they gather information. They obtain as much good and bad data and resources that they can get their hands on to help them accomplish their crime. The third technique is that the computer criminals attack the system. Once they've gained access to get inside the system, the fourth procedure is for the computer criminals to set up a secure foothold. They have to make sure that they are on a secure network where they are invisible to the victims, law enforcement officials and the system. The fifth method that these types of criminals use is they attack the internal system. They use all the information and data they've compiled to gain access to the victims' lives and use it against them. The sixth procedure is to erase evidence of intrusion. The computer criminals will delete any evidence that might link them to their crime, making them invisible as they continue to victimize others. The last approach that computer criminals use to commit their crimes is to search for another target system (Boni and Kovacich, 1999). They've outstandingly gained access to the first victim's data without getting noticed, so the chances of repeating it against another victim are good for these criminals. They roam as white ghosts online so as long as they have no identities and they are getting what they want and they are not getting caught, these criminals will continue to commit computer crimes.
There are many different types of computer crimes, but this writer will focus on some of the major ones that badly affect society today. The computer crimes that will be covered in this paper are hacking, worms and viruses, compromising internet banking and unauthorized access to files, phishing scams, and network intrusions.
According to Newman, hackers have been breaking into computers for years. A hacker is a skilled programmer who breaks into computer networks. Some people do it for fun or to test how secure their systems are. Hackers are people who invade computer systems with good or bad motives (Newman, 2008). Some hackers may seek to get into a computer system to obtain valuable information like credit card numbers or to get bragging rights. Hackers are likely to be educated, more intelligent and flexible. They are less predictable than the common run of robbers or burglars. They may more or less fit the stereotype of the computer nerd, although some hackers combine technical expertise with the manipulative social skills of the traditional con artist (Henderson, 2005). Some examples of hacker include the following: In the 1960s, the first self-identified hackers appear at the Massachusetts Institute of Technology. Their focus was on obsessive exploration of computer systems and software, not on criminal activity. In 1993, fugitive hacker Kevin Poulsen hacks his way into the phone systems for radio contests, winning two Porsches, $20,000, and various other prizes (Littman, 1997). In 1995, Kevin Mitnick was arrested and sent to prison for five years for hacking into corporate computer systems and stealing their secrets. Today, he's showing companies how to protect themselves from people like who he was before (Newman, 2008). In 1995, Russian hacker Vladimir Levin was charged with heading a hacker gang that broke into Citibank computers, stole customer account information, then diverted at least several million dollars in electronic funds transfers (Henderson, 2005). There are criminals who are considered as super hackers, or crackers. They are the highly skilled computer criminals who like to show off their programming skills by breaking into computer networks. Most of these people spend a lot of time online and their life is all about computers. Because they do not like internet rules, they break them by hacking into computer networks to show that they can outsmart the software designers at companies like Microsoft. The super hackers can seriously damage any computers they infect with worms and viruses (Newman, 2008).
A worm is a program that slows or shuts down computers. It spreads quickly through networks by copying itself again (Newman, 2008). A worm can invade computers directly from the internet and it enters computers on its own. As it roams through the internet, a worm constantly looks for computers to infect. It is programmed to attack computers with operating systems that have flaws in them. When a worm finds a computer with a flawed operating system, it makes a copy of itself then it wriggles into its new home (Newman, 2008).
In 1988, Robert Morris, a graduate student in computer science at Cornell University, launched an internet worm program that spread far faster than expected. It caused computers around the nation to crash. He was eventually arrested, tried and convicted and sentenced to a $10,000 fine and community service. Today, Morris is teaching at MIT. This case revealed both the growing importance of the internet and its vulnerability (Henderson, 2005). In 2004, Sven Jaschan created a worm that crashed Coast Guard from using its electronic mapping service, caused a news agency in France to suddenly loose communication with its satellite, closed 130 offices of a bank in Finland when its computers shut down, and all across the world, computers crashed or continuously restarted. Companies couldn't do business and some hospitals had equipment failure putting people's lives in danger (Newman, 2008).
A virus is a destructive program that infects people's computers without their knowledge (Newman, 2008). It can modify other programs or files by copying instructions into them. When the target program or operating system is run, the virus code is executed instead of or in addition to the original code (Henderson, 2005). It spreads by attaching it self to e-mails or files that are sent from one computer to another. People can loose a lot of important data if a virus gets into their computers. In 1982, one of the first viruses was created by a teenager who put it in a computer game. When the game was played for the fiftieth time, the virus infected the computer. Today, newer worms and viruses do not shut computers down. They hide inside hard drives and do their work in secret (Newman, 2008).
Phishing is a computer scam that involves sending out spam that looks real. Criminals who commit phishing trick computer users into giving them their personal information (Newman, 2008). The criminal thinking behind the acts of these people is that they shouldn't work hard to uncover credit card and account numbers because they can actually get people to give them such information voluntarily. In his book called The Art of Deception, Kevin Mitnick indicated that hackers have long used social engineering tricks to deceive or intimidate people into giving them the means to access systems. Phishing consists of two elements, which are a spam email with the hook that persuades the victim to provide information and an authentic-looking website that the victim thinks belongs to the bank or other institution in question. The most common type of hook tries to get the victim to fix some sort of problem in order to prevent loss of a valuable service such as PayPal, Citibank, eBay, and other banks. Some hooks can cause the victims to panic and provide information to cancel or make orders. When the victim clicks on the link included in the email, the continuing success of the deception depends on the fake web site (Henderson, 2005). Henderson indicated that according to the Federal Trade Commission (FTC), phishers send an email or pop-up message that claims to be from a business or organization that people deal with like the bank, online payment services, or even a government agency. The message usually says that people need to “update” or “validate” their account information. The message then directs people to a website that looks like a legitimate organization's site, but it isn't. This will trick people to divulge their personal information so that the criminal can steal their identity and run up bills or commit crimes in the victim's names.
Hacking, phishing and using worms and viruses are some of the methods that computer criminals utilize to easily gain access to the files of their victims, intrude into network systems, compromise internet banking and cause harm to other people. Other computer crimes include investment scams, online gambling, and gray markets and make merchandise, fake charities, education scams, employment scams, tax scams, and child pornography.
Law Enforcement Challenges
Computer crimes are already having a serious impact on millions of Americans and the problem is growing worse every year. As these criminals use new technology to commit their crimes, one can assume that the law officials also have better technology and ways to prevent these crimes from increasing each year. So what are some challenges that the law enforcement agencies go through regarding computer crimes?
According to Boni and Kovacich, the internet is global in scope so physical borders and geographical distance are almost meaningless in cyberspace. Boni and Kovanick indicated that computer rimes have increased and are successful for several reasons. With a more distributed computing environment, the distance, borders, time or season are unlimited for computer criminals and creating more opportunities for them. There are no traditional rules and constraints. For example, the way of crime for theft has changed. Before the computer era, the ability to steal information or damage property was to some extent determined by physical limitations. A burglar could only break so many windows and burglarize so many homes in a week. During each intrusion, he could take away only what he could carry. The amount of property he could steal or the amount of damage he could cause was restricted by physical limitations. Today, with the information age, these limitations no longer apply. Criminals seeking information stored anywhere in the world. The quantity of information that can be stolen, or the amount of damage that can be caused by malicious programming code, may be limited only by the speed of the network and the criminal's equipment (www.crime-research.org). This crime can happen both nationally and internationally, and this can be a problem for the law enforcement because they would have to deal with the laws of not only the different states but with the international countries. This can complicate investigations. Again, the computer criminals have the opportunity for criminal gain, but little international recourse by law enforcement agencies.
The cheaper hardware and software can also contribute to opening more opportunities for the computer criminals. With these in hand, the computer criminals will find the systems generally easier to use. They can use such cheap hardware to launch the different worms, viruses, or other scams. The computer system is more open to everyone around the world so access is easier than ever. As everyone enters these systems, the law officials find it hard to track down the different users, criminal and non-criminal. Another factor that can make computer crimes sophisticated is the poor information system security due to low priority. According to Newman, many experts believe that a major cyber attack is highly unlikely because terrorist groups do not have the expertise to pull it off. This is the attitude given to these less priority crimes that are committed every single day on the computers to the millions of victims. Another reason why computer crimes are successful is because more individuals growing up with computers have turned into computer vandals (Boni and Kovacich, 1999). Why breaking a business store window and rob a bank, when computer criminals can do the same thing from the comfort of their home? People have learned the many methods of committing crimes online where they are less exposed to the outside world. They can steal money in their pajamas in less than an hour online compared to taking the bigger risk of going to a bank or a home to rob a bank or person.
Law enforcement will also find it challenging to tackle computer crimes as more hackers continue to enter this field of criminal activity. Although most of these hackers are much less technically competent than in the past, the crime still exists and victims continue to increase in numbers. There are still a few smart, very sophisticated hackers with a great deal of technical competency (Boni and Kovacich, 1999).
According to crime-research.org, another significant issue is created by commingling, which is the ability of an individual to use one computer to (1) conduct both legal and criminal activities and /or (2) store both contraband and legally possessed material. One computer can be used simultaneously as a storage device, a communications device, and a publishing device. That same computer can be used for both lawful and criminal ventures. For example, individuals who distribute child pornography or copyrighted software over computer bulletin board services (BBSs) may also be publishing a legitimate newsletter on stamp collecting or offering an electronic mail service. By seizing the BBS, the illegal distribution of contraband is stopped. At the same time, law officials may interfere with the publication of the newsletter and the delivery of electronic mail, some of which may affect BBS users with no connection to the illegal activity.
According to criminal-research.org, data show that law enforcement officers often do not understand how to investigate computer crimes and how to prove them in the court. The evidence of these crimes sometimes can be neither physical nor human, and if they exist, officials usually have to work with programming codes. Another difficult is that computer crime is sometimes difficult for police officials to accept as a major problem with a local impact, regardless of the size or location of their communities. The other problem is how to establish a fact of a committed crime. It is concerned with “cyber space” where crimes are usually committed not leaving the place with help of a personal computer, it has no frontiers. Besides illegal copying of information often remains undetected, virus infection is often regarded as usual user's mistake who couldn't detect it. Victims' attitude to infringement of their property is not always adequate. Instead of immediately informing police of illegal infringement of computer system victims do not hurry to do it, being afraid of loosing reputation.
Another difficulty can be attributed to the lack of reporting efforts by the victims of computer crimes. Unfortunately, many victims remain unwilling to report cases of computer abuse, and this makes it more difficult to determine the amount of damage perpetrated by computer criminals. The reasons for such non reporting vary. In some cases, it is a simple business decision. The damage may be too minimal to justify the expenditure of time and staff necessary to pursue a criminal prosecution. Sometimes, the business may decide to handle the matter administratively or internally, especially if it can be made whole by some administrative settlement. Some firms are simply embarrassed and are concerned that bad publicity may be generated by a public airing of the incident. Others fear that exposing their system's vulnerabilities will merely encourage additional hacker attacks.
According to Henderson, there are a number of difficulties involved in prosecuting computer criminals. These criminal can disguise their identity by sending emails through anonymous emailing services that strip away their original return addresses. Even if the suspect's service provider is identified, there is still the issue of obtaining a subpoena or search warrant based on law and circumstances. If the suspect is identified, another issue will be jurisdiction. If the crime occurs across the state lines, prosecutors in the alleged victim's state must decide whether to invest the resources involved in extraditing the suspect. Another difficulty will be determining how to charge the criminal. Sometimes it can be difficult to prove that a specific series of actions amount to a certain computer crime (Henderson, 2005).
Henderson indicated that while anyone can be targeted as a victim of computer crimes, the most vulnerable are people who have little experience with the internet and other modern communications technologies. This means that college-educated you and middle-aged adults are more likely to be good with the internet, while a greater proportion of older people and minorities who have had less opportunity to develop computer skills are more vulnerable. For example, these victims might not be able to easily identify the source of an email or know how to evaluate the credibility of a website. Younger children are inexperienced both in computer skills and in dealing with possibly deceptive or dangerous behavior by adults. Older teenagers may actually be more computer-savvy than their parents, but they are still learning to use good judgment and how to manage risks in social situations. Whatever a person's age and computer experience, they should be more alert once they're on the computers because the computer criminals are constantly developing new methods to commit their crimes online.
Computer Crimes And The Future
Based on the research done for this paper, this writer firmly believes that the key to helping prevent computer crimes is to educate society about what these crimes are, how they can affect people, and measures that the public can take to protect themselves from these types of crimes. It is the lack of education that makes more people vulnerable to these crimes. As the years change, society will change with it. Today's society and its new generation continue to advance in all aspects of life including its technology. As long as technology advances each day, more computer crimes will surface. If people are equipped with the knowledge and tools to help them stamp away computer crimes, maybe this can help slowly help flush out the criminals behind the computer screens and give society back its privacy.
According to Winkler, common sense is knowing that your information and other resources have value to you and to people who do you harm or just want money. Common sense is realizing that there are many spies, great and small, and natural events that could cause you harm if you leave yourself vulnerable. Common sense is being aware that you have vulnerabilities that spies can exploit if provided the opportunity. Winkler suggests that people should list their vulnerabilities, determine the value of each vulnerability, choose countermeasure choices and then keep yourself secured using common based on common knowledge. The victims, in addition to the law enforcement officials should also conduct regular trainings to prepare themselves on what to expect from spies or computer criminals (Winkler, 2005).
According to Newman, the waters of the internet are filled sharks, and every day they come up with new ways to sink their teeth into their victim's money. Some tips that the victims can use include the following: People should never reply to any emails or pop-up messages that ask for personal information such as passwords or credit card numbers. The real companies never ask for this kind of information in an email. People should be careful not to click on any links in suspicious emails. If it sounds too food to be true, it probably is. Victims shouldn't be fooled by emails offering free products or money. They should beware of pop-up ads fro free downloadable software because doing so might be downloading a virus. People should also lock up their valuables. They should protect themselves by installing strong firewalls and anti-virus software and be sure to update it regularly. This can help make life hard for the computer criminals so that they'll move on to easier targets. Newman also provides in his book a list of resources such as CIA, FBI, DHS, Cubercrime.com, Cybercrimelaw.org, and Bytecrime.org that people can look up for more information about cybercrime (Newman, 2008).
In addition to the tips suggested by Newman, Henderson also added that people should review their credit card and bank account statements as soon as they receive them to determine whether there are any unauthorized charges. If the statement is late by more than a couple of days, people should call their credit card company or bank to confirm billing address and account balances. Henderson also indicated that according to the FBI, increased employee training consistently helped minimize theft. It was reported that employee training diminished crimes and computer abuse, such as harassment vie e-mail and personal use of business computer systems. People should also report any suspicious activity to the local police or to the Federal Trade Commission (Henderson, 2005).
This writer agrees with Winkler about people using their common sense about approaching computer crimes. People should determine what is important to them in their lives then take all the measures they can to protect such valuables from everyone around them, especially from computer criminals. As a little school boy, this writer was simply experiencing with computer and just familiarizing with it. As the years go by, the school boy continued to work with computers as he moved up in school. Equipped with some knowledge about what computers can do for people, this writer is now aware of the many opportunities, good and bad, that computers can offer people. As the school boy, the only thoughts regarding using the computer then were to figure out how to use the equipment and play games. As an adult, this writer learns a new lesson every day about the dangers and the advantages of having and using a computer. Knowing some of the tips given by the mentioned authors and sources and simply using common sense when using the computer each day, are hopefully enough to guide this writer in this world of computers. This writer believes that as long as people are aware of what computer crimes and are educated about what they're about, hopefully there should be lesser computer criminals around.
Boni, W.C., & Kovacich, G.L. (1991). I-Way Robber. Crime on the Internet.
Carter, D.L. (1992). How Techno-criminals Operate. 1992, from the World Wide
Charney, S., & Kent, A. (2005). Computer Crime Research Center. Types of
Computer Crime, 1-7. November 25, 2005, from the World Wide Web:
Gray, P. (2005). Beware the crime lords of the internet. May 31, 2005, from the
World Wide Web: http://www.smh.com.au/new/Next/Beware-the-crime-
Henderson, H. (2005). Internet Predators. New York: Fact on File, Inc
Hitchcock, J. A. (2002). Net Crimes & Misdemeanors. Medford, NJ: Information
Hyatt, M. (2001). Invasion of Privacy. How to Protect Yourself in the Digital
Age. Washington, DC: An Eagle Publishing Company.
Littman, J. (1997). The Watchman. The Twisted Life and Crimes of Serial
Hacker Kevin Poulsen. Boston: Little, Brown and Company.
Newman, M. (2008). You Have Mail. True Stories of Cybercrime. New York:
Winkler, I. (2005). Spies Among Us. Indianapolis, IN: Wiley Publishing, Inc.