The Cybercrime Impact on People and Business

Introduction

Cybercrime is becoming more common every year, posing a threat to public safety. The article Target to Pay $18.5M for 2013 Data Breach that Affected 41 Million Consumers is about the biggest customers’ data captured by intruders in the US (McCoy, 2017). A cybercrime that occurred in 2013 involved a hacker attack on the computer gateway of a retail giant, which led to the leakage of customer data (McCoy, 2017). The incident showed how important it is to maintain cybersecurity.

Impact on Business and Individuals

Target has lost huge budget funds and customer confidence; cybercrime can significantly undermine the reputation of any organization. The global cost of cybercrime is estimated at 6 million US dollars, while in 2015, the amount was half as much (Khiralla, 2020). Cybercrime poses a significant threat to entrepreneurs in a rapidly evolving technological society. Cybercrime deprives people of a sense of security and increases anxiety (Furnell, 2020). However, users have become more attentive due to the increased incidence of cyber-attacks. Many people use two-factor identification on their accounts and do not disclose personal information on the Internet. However, online scammers use new methods of crime, so people experience the negative effect of not being able to protect themselves fully.

Personal Experience

Unfortunately, my friend had to deal with cybercrime; it was hacking a page on a social network. Hackers took possession of personal information: photographs and history of correspondence and blackmailed, demanding money for non-dissemination of this data. My friend did not agree to their terms and went to the police. Internet blackmail is a terrible phenomenon of our time, greatly spoiling the lives of victims. The only correct course of action would be to contact law enforcement and refuse to cooperate with the blackmailers. Because of the cybercrimes described, I changed my behavior: now I am careful on the Internet, do not enter my data on suspicious sites and put additional protection on my accounts.

Conclusion

Cybercrime is one of the significant dangers in today’s society. The fraudsters’ actions negatively affect businesses and people, forcing them to bear losses and depriving them of a sense of security. To fight cybercrime, people must consider their safety and take measures to protect themselves. Two-factor account protection, avoiding clicking on suspicious links, and a reasonable amount of secrecy on the Internet can protect against scammers.

References

Furnell, S. (2020). Technology Use, Abuse, and Public Perceptions of Cybercrime. In The Palgrave Handbook of International Cybercrime and Cyberdeviance (pp. 45-66). Palgrave Macmillan, Cham.

Khiralla, F. A. M. (2020). Int. J. Comput. Sci. Netw., 9(5), 252-261.

McCoy, K. (2017).

Impact of Cyber Crime on Internet Banking

Introduction

Digital banking has enabled unrestricted and secure access to accounts anytime, anywhere for customers on their computers, tablets, and smartphones. Customers can now make simple and secure transactions, including checking account balances or getting statements online from the convenience of their gadgets. However, the rise of online banking has brought unintended consequences such as identity theft, credit card fraud, spamming, phishing, and other related cybercrimes. The paper evaluates a con article on ‘The impact of cybercrime on e-banking’ [1]. It analyzes and discusses cyber threats’ impact on online banking and the need to improve security measures.

Review

The study by [1] seeks to propose a research model that evaluates cybercrime in e-banking to inform future imperial research on the context. It mainly focuses on business-to-consumer (B2C) e-commerce, with particular attention to electronic banking. Electronic banking or e-backing is the use of the internet as a remote delivery channel for banking services via the internet. E-banking is the main mode of transactions for most online business transactions, such as online flight booking, e-commerce purchases, and banking. Nevertheless, users do not fully trust online banking for fear of losing personal information or becoming victims of cybercriminals. According to the study, people aged 60 years and above suffer the most losses, with 55,043 reported cases, losing a total of $339,474,918 [1]. Generally, people have little confidence in the technology despite the security improvements of digital banking and trust services. Other research has also evaluated the awareness and habits of digital banking users and established they lack knowledge of the possible attacks on these digital platforms [2]. Therefore, losses attributed to cybercrime in e-banking are expected to rise as more people gain access to computers and the internet.

Based on [1] literature review, common cybercrime risks and threats include work-at-home frauds, web cloning or online lottery, loan scams, hacking, identity theft, phishing, and retail-based fraud schemes. However, the study focuses on phishing, identity theft, and hacking because they mainly affect financial institutions like insurance companies, banks, and credit unions. Therefore, the author modeled his research technology acceptance model to combat identity theft, hacking, and phishing. The resulting research model comprises three independent variables (identity theft, hacking, and phishing) and one dependent variable (e-banking), as shown in figure 1.

The proposed research model
Fig. 1 The proposed research model

The study aims to conduct quantitative research requiring a survey to test three hypotheses. The hypothesis includes:

  • H1: Phishing will have a negative impact on the adoption of electronic banking.
  • H2: Identity theft will have a negative impact on the adoption of electronic banking.
  • H3: Hacking will have a negative impact on the adoption of electronic banking.

The study is yet to validate the hypotheses. In the end, the author shall publish the findings on which cybercrime has the greatest impact on e-banking.

Critique of the Paper

Based on the topic and analysis of the content, one would expect the author to develop a model that would be used to test the hypothesis. It is possible to conclude the author is trying to draw attention to elements of modern threats to e-banking rather than proposing a model. Furthermore, the author needed to provide an abstract description of the research model, including how it will use the variables to produce outcomes. For instance, it would help if the author provided details on how the model in figure 1 works.

Reflection

The paper gives a big picture of e-banking security threats and presents a complete view of the security landscape. More broadly, it draws readers’ attention to the fact that e-banking should be an end-to-end solution. By investigating cybercrime in e-banking from a user perspective through a survey, the author’s effort has resulted in the need to address issues associated with contemporary digital and mobile banking. For instance, the elderly are at risk of cybercrime involving identity theft, hacking, or phishing due to limited knowledge [2]. Besides, there is a need to define a new set of evaluation criteria for the complete assessment of e-banking security. Banks, e-commerce, and other businesses that accept online transactions also need to embark on extensive campaigns to sensitize their customers and raise general awareness on security issues on e-banking platforms.

Conclusion

E-banking has become an essential part of the banking system and a popular mode of transaction for most people. However, customers must keep vigilant to protect their accounts from cybercriminals. The study users three independent variables (identity theft, hacking, and phishing) and one independent variable (e-banking) to develop a research model for future researchers. However, the study had shortcomings, such as insufficient details on the model and the unclear goal of the research. Nonetheless, the study raises critical concerns about the need to reevaluate the security of e-banking from the users’ perspective. The statistics suggesting the elderly have become the main victims of cyber criminals on e-banking platforms indicate the need to raise awareness for the users. Besides, the paper provides a basis for future research on the issues with contemporary digital and mobile banking.

References

D. Chevers, “The impact of cybercrime on e-banking: A proposed,” in International Conference on Information Resources Management (CONF-IRM), 2019.

W. Wodo, D. Stygar and P. Błaskiewicz, “Security Issues of Electronic and Mobile Banking,” in Proceedings of the 18th International Conference on Security and Cryptography (SECRYPT 2021), 2021. 10.5220/0010466606310638.

Footnotes

  1. D. Chevers, “The impact of cybercrime on e-banking: A proposed,” in International Conference on Information Resources Management (CONF-IRM), 2019.
  2. W. Wodo, D. Stygar and P. Błaskiewicz, “Security Issues of Electronic and Mobile Banking,” in Proceedings of the 18th International Conference on Security and Cryptography (SECRYPT 2021), 2021. 10.5220/0010466606310638.

Cyber Crime and Necessity of Cyber Security

Introduction

With the advancing technology and increased internet connectivity, many people around the world are using online sites for various activities. Organizations as well as individuals have found it safe to store their most valued information on the internet. This has increased accessibility of information while enhancing the flow of information.

Unfortunately, the same technological advancements have been used by people with ulterior motives to take advantage of private information, or even disrupt normal operations of an organization. Consequently, there is need to enforce policies that will help in protecting organizational information and systems from criminals.

The Cyber Intelligence Sharing and Protection Act (CISPA)

This is one of the policies that has been proposed to curb cyber crimes and is being debated in the congress. The Act proposes the sharing of information between the U.S. government and other security agencies including technology and manufacturing companies.

The main aim is to establish communication channels between private firms and government intelligence bodies to enhance sharing of potential and emerging cyber security threats (Rachael, 2013).This is meant to enable the government to investigate cyber threats thus enhance systems security.

Advantages

CISPA is expected to increase detection of cyber security threats and thus help in reduction of cyber crimes. On the same note, CISPA includes in its definition intellectual property which is the most risky material. Moreover, the systems of United States which are vital for every day live needs protection from hackers and this Act serves just that purpose (Foss, 2012). The Act also seeks to enhance confidence of people and organizations on the internet and various systems in general.

Disadvantages

Nevertheless, the Act has been opposed by majority of people both from the government and from the private sector. Firstly, some people are very concerned with the inclusion of intellectual property as one of the reasons for sharing information. It has been argued that the

Act is so vague on this matter which might lead to infringement of the right to privacy. On top, security agencies can use this leeway to screen people’s communication in the pretext of searching for potential cyber threats. Similarly, critics have argued that the Act gives security personnel excuses to interfere and even messing up with people’s information because no legal action can be taken against them (Foss, 2012).

It is not only the CISPA Act that has been proposed to counter cyber threats. There was the Stop Online Piracy Act which was defeated because it included intellectual property theft. On the same note, U.S. representative Dan Lungren proposed the Precise Act which after dropping grave provisions will be debated together with the CISPA.

Additionally, there is the Federal Information Security Amendment Act of 2012. Contrary to the CISPA, many of these other Acts have not included intellectual property in any of their clauses. However, they are all aiming at the same goal of eliminating chances of cyber crime taking place (Rachael, 2013).

Conclusion

Cyber security is a necessity given the increasing number of cyber crimes that are being recorded. In this regard, any step that will help in identifying possible security threats should be highly encouraged. However, care should be taken so as not to interfere with people’s right to privacy. Furthermore, drafting of the Bills should avoid vague language that will leave loopholes for people to misapply the law.

References

Foss, S. H. (2012). . New York Times. Web.

Rachael, K. (2013). . The Wall Street Journal. Web.

Cybercrime and Its Impact in the GCC Region

Introduction

The introduction of the information and communication technologies nowadays offers a great range of advantages for the society, especially for the financial sector. Unlimited access to the information and communication technologies (ICT) supports freedom of speech as well as it promotes online banking and the usage of various mobile data services that ease the lives of many. However, such a growth of information technologies does not exist without any possible risks. Due to the fact that the majority of essential services like water supply and electricity depend on a smooth functioning of the ICT, there has been many attempts on hindering their performance and therefore cause harm to the society.

It is a commonly known fact that the attacks against the Internet infrastructure and services take place on a regular basis. Hacking and online fraud are the primary examples of attacks on the ICT. Furthermore, the financial damage caused by such attacks is reported to be quite substantial. The estimated annual cost of the global attacks is approximately one hundred billion dollars (Go-Gulf par. 1).

What is Cybercrime?

Cybercrime can be defined as a range of crimes committed through the use of the Internet and computers as tools or victims. Cybercrime can range from spamming to fraud and include criminal trespass to the global security systems or theft of corporate and governmental secrets. Anything from downloading illegal music and video files to stealing money from online bank accounts is classified as cybercrime. However, cybercrime is not limited to monetary offenses, creating viruses and posting confidential information online is also considered cybercrime.

The majority of cybercrimes cannot be differentiated into one specific category of crime, which contributes to the limited capacity of cybercrime records. The Internet Crime Complaint Center is a primary body responsible for compiling and releasing the statistical reports on cybercrime. By using statistics, the analysts are able to prepare information on the trends and rates of cybercrime (National Crime Prevention Council 1).

The issues of cybercrime and cybersecurity cannot be separated from the general concerns of the global community. This is supported by the fact that the United Nations General Assembly resolution related to cybersecurity points at cybercrime as one of the major challenges for the global security systems that exist within the international dimension. For example, before reaching a recipient, an e-mail containing illegal information can pass through a series of countries. Therefore, when investigating such instances of cybercrime, international cooperation between countries is of the highest importance. In addition, many cybercrimes occur due to the fact that modern technologies are the same everywhere. Therefore, standardization allows for the same protocols being used across the world (ITU 2).

What is the Impact of Cybercrime?

Background

As shown by the recent events, cybercrime in the financial sphere is a pervasive issue; and one from which the assets of the GCC countries are not protected to a complete extent. It has been estimated that the cost of the global cybercrime is greater than the GDP of eighty percent of countries throughout the world. In addition, the number and nature of criminals conducting cyber offenses is constantly increasing to include not only individuals but criminal syndicates, the organization of terrorists, and even countries. The inexpensive tools for conducting cybercrime are nowadays widely available; therefore, the threat actors rarely have to resort to any unknown methods to conduct cybercrime. Keeping the issue of cybercrime under control is becoming more difficult as the technological advances develop. Nowadays criminals are able to use many sophisticated methods for committing fraud or stealing funds or personal information. In addition, some criminals prefer to collaborate and work in cooperation in order to commit fraud on a larger scale. Given all these facts, the efforts towards preventing cyber crime a predominantly technological, which means that their effect only lasts until a solution to deal with the technological prevention methods is developed. Therefore, the advances in the technological sphere are challenged by the rapid pace with which cyber criminals are able to develop their new methods of fraud.

Emerging Threat in the GCC Region

The most important findings gathered from the PWC survey suggest that cybercrime is now ranked second in the list of all reported economic crimes in the Middle East. While the global statistics indicate that 24% of companies that went through economic crime reported cybercrime, the GCC region reports 37% (PWC 15). The most common types of cybercrime affected the spheres of computer networking, applications, and systems. However, data stored by third parties as well as mobile devices can also become targets to cybercrime.

The recently occurred cases suggest that any company can be affected by cybercrime. Two of the largest gas and oil companies in the Middle Eastern region reported an attack on their networking system, causing thousands of separate computers disruption in their operation. Between 2012 and 2013 the financial sector across the region also reported instances of cybercrime in Oman and United Arab Emirates (PWC 15).

The motivation for cyber-attacks in the region can include financial, political, personal, and ideological. For example, in 2014 the oil companies in UAE, Saudi Arabia, and Qatar received anonymous threats of cyber-attacks from the politically motivated group of hackers (Nagraj par. 1). The threat was made due to the hackers being unsatisfied with the US being used as the currency for selling and buying oil in the region. Therefore, companies are not the only targets that could have been affected by the attacks, governments were at high risk, too. However, such threats are rarely substantiated by the actual attacks.

One of the primary characteristics of cybercrime as an evolving threat is the pace with which a crime can be performed, causing the crime victims a substantial loss of financial assets or data before they find out that an attack has been performed. Therefore, the effectiveness of many responses to cyber-attacks is completely diminished. In many cases the system a company relies on when working can often become the main tool use against it by a cybercriminal who can then change or hid his or her identity.

Therefore, the fundamental challenge for the Gulf region and its businesses is understanding the risks of cyber-attacks and keeping up with their pace. Very often computer networks used by the companies are not complicated enough to account for the risks associated with the disruptions caused by much more sophisticated tools cybercriminals use. It is important to mention that some local governments have already taken some action to manage and prevent cybercrime, with the 2012 UAE’s Cyber Crimes Law and the 2012 Saudi Arabia’s Arab Cybercrime Agreement leading the action.

What are the Cybercrime Costs?

Due to a variety of factors, measuring the actual cost of cybercrime is difficult. These factors include the cybercrime effect on the safety systems the damage caused to the reputation of a company, interference with the business operations, and loss of opportunities. According to the recent survey conducted by PWC, when asked to estimate the costs of cybercrime effects on the business in the past two years, 35% of respondents could not give a specific answer while 40% believed that their business did not suffer from cybercrime (16).

The received results indicate the significant scale of the issue. In the majority of instances, the companies that never reported their financial loss due to cybercrime are usually unaware that they have been victims of such fraud or have probably incorrectly quantified the cost of the cyber-attacks. Such statistics are not unusual since the mentioned findings on the cybercrime in the GCC region coincide with the global reports that also mentioned forty percent of companies not reporting any financial loss caused by cybercrime (PWC 17).

The Middle Eastern survey also included respondents who did report their financial loss from cybercrime; however, the numbers are quite low. Six percent of respondents claimed that their loss had been approximately 1 million dollars while two percent reported the loss between 5 and 100 million dollars. On the basis of the report, it can be concluded that the financial damage caused by cybercrime in the GCC region could be far more substantial that the majority of the companies report.

What Are the Examples of Cybercrime in the GCC?

UAE Example

The statistics of Dubai have indicated a significant increase of 88% in the overall number of cybercrimes in 2013 compared to 2012. In 2013 the Dubai Police investigated under one thousand five hundred cases of cybercrime, which is three times more than the number of crimes reported in 2011 (Hasbini par. 4).

Due to the significant increases in the Internet use (UAE penetration of 92%), the transfer of personal or corporate information has become the easiest it has ever been. In the country, the most used online services are e-shopping, e-banking, e-bills, and e-government transactions. All of the mentioned services have proven to be very convenient for the users; however, there is a significant threat of cybercrime.

According to Altaher’s article in Gulf News, the United Arab Emirates is nowadays the target of approximately 5% of the worldwide attacks (par. 1). Moreover, the rate of such attacks has increased by five hundred percent since 2011. The expert opinion expressed by Rabih Dabbousi, the senior vice-president of Dark Matter, a cyber security company, suggested that “Cybercrime follows the money. The money of financial transactions in the UAE, the establishments of financial free zones and the overall appeal of investing in the country are only some reasons why banks and other financial institutions are constantly being attacked” (qtd. in Altaher par. 3). Furthermore, Dabbousi also explained that the oil and gas industry of the region is the second target for the cyber attacks.

One of the primary points that put the United Arab Emirates on the radar of the cyber criminals is the technological advances targeted at increasing the quality of the population’s life. The differentiation and innovation strategies contribute to the steady increases in the cyber attacks. Therefore, the country is becoming more and more visible from the economic and social competitive perspective, which attracts cyber criminals (Altaher par. 9).

Saudi Aramco Attacks

The 2012 cyber attacks on Saudi Aramco, the official Saudi Arabian Oil Company, had a tremendous impact on the way global companies now approach the issue of cybercrime. The computer network of the company was infected by the Shamoon virus that affected thirty thousand Windows-operating computers. The response from the company was not effective despite the vast resources available. It took Saudi Aramco under two weeks in order to restore the network and recover from the damage caused the company.

The main purpose of the Shamoon virus was the complete deletion of all data containing in the hard drivers of corporate computers. Despite the fact that the virus attack did not cause any oil spills or explosions, the attack did affect the operations of the company as well as the loss of some production data. The US Secretary of Defense Leon Panetta described the virus being very sophisticated since there is a very small number of countries or organizations capable of performing such an attack (Bronk and Tikk-Ringas par. 3). Because the virus rendered all computer useless as well as greatly undermined the operational capabilities of Saudi Aramco the financial impact of the attack is incomparable to that of the U.S. Government hacks of the fingerprint database. The Cutting Sword of Justice took responsibility for the attacks and referred to the “crimes and atrocities” Saudi Aramco committed as the main motivation. However, there were suspicions that the cyber attack was sponsored by the Iranian regime which had also been subjected to the same virus attacks prior to Saudi Aramco.

According to the response from the international community, the Saudi Aramco attacks were the “wake-up call” for the global businesses that do not treat the threats of cyber attacks seriously. If a similar attack were to be performed with other critical global infrastructures, the effect on the communication networks, financial markets, as well as health and safety services would have been tremendous (Info Security par. 6).

What are the GCC’s Cyber Security Laws?

The governments of the GCC region have recently adopted new laws that were drafted collectively. Despite the fact that the majority of the member states already have their own cybercrime laws, the Gulf is becoming much more integrated economically, politically, and culturally, therefore requiring a unified set of laws that can be applied throughout the region.

The newly adopted law is very similar to the one in Oman and to a large extent covers all technology-associated acts that fall under the category of cybercrimes. These acts include e-documents forging, stealing credit card information, creation and distribution of viruses, cyber terrorism, communications interception, hacking, accessing the e-system without authorization, as well as other acts that put the integrity of private and corporate information at risk (Aziz par. 5).

The cybercrime law was adopted in order to reach the following five objectives:

  • Provision of high-quality control and management of the data protection services;
  • Raising awareness of the cyber security importance;
  • Implementation of various methods of ensuring the cyber security in the region;
  • Creating a nationwide plan for facing the risks associated with cybercrime;
  • Making sure that the member states are committed to the task of eliminating the instances of cybercrime.

The United Arab Emirates is the GCC state that has the most comprehensive laws regarding cybercrime – the UAE-Law No. 5 of 1012 concerning Combating Information Technology Crimes, which replaced the previous Cyber Crimes Law adopted by the government in 2006. The 2012 UAE Cyber Crime Law has added a range of new crimes and included the offenses related to country’s obligations in the context of international treaties (Jairwdeh par. 8). In addition, the 2012 laws included a much higher penalty for the offenses compared to those outlined in the previous 2006 law.

The 2012 law was the first legislative document that included and codified a full range of offenses that can be implemented with the use of the Internet; furthermore, the sentences for individuals that were found guilty of cybercrime are also included. The new additions to the punishable under the law crimes include the promotion or distribution of pornographic material, indecent acts, and gambling on the Internet. Therefore, this law encompasses a range of possible violations that can be easily performed with the use of the Internet.

Qatar has also been working towards establishing cyber crime laws beneficial for outlining primary principles related to managing this type of crime. Issued in 2014, the Qatar’s Anti-Cybercrime Law aggressively targeted a large range of technology-related crimes by means of imposing significant penalties for those proven guilty. The types of cyber crimes included in the law range from the criminal acts committed in relation to software and data specifically to the usage of various methods and systems that facilitate the actions targeted to blackmail and defame other individuals.

One of the most significant aspects of Qatar’s Cybercrime law is its addressing the cross-border cybercrime. In order to prevent cybercrimes occurring across the border but may be linked to Qatar, the law provides specific rules related to extradition of suspected criminals that committed the unlawful acts classified as cybercrime.

The law distinguishes five separate types of cybercrime, which include the infringement of intellectual property rights, the electronic transaction with cards (forging cards, unlicensed production, unauthorized usage), fraud and forgery of electronic documents, content crimes (terrorism, false news, child pornography and social principles infringement), and hacking (Salt and Doha par. 3)

GCC Challenges Regarding Cybercrime – Expert Opinion

The expert opinion on the issue of cyber security is provided by Megha Kumar, the head of the software research and advisory practice at IDC in the Middle East, Turkey, and Africa. As the manager in research, Kumar has been the primary person responsible for delivering and controlling project across a variety of technological levels (storage, IT security, analytics, databases, etc.) at the same time with actively participating in the collaboration with vendors that wished to improve their competitive strategies on the market.

Challenge 1

Megha Kumar, the senior analyst at IDC MEA, stated that GCC countries require much more effective collaboration when it comes to the issue of cybercrime. As a specialist in the sphere of cyber security, Kumar underlined that with the growth of international companies in the region that collaborate with customers and partners around the globe, the need for high quality cyber security systems has skyrocketed significantly. Due to the quick pace of technological advances development, many companies have become targets of cybercriminals that want to achieve either a financial gain or disrupt the operation of the companies to damage their reputation. In addition, the increased concern about the issue of cybercrime is evidenced by the growth in spending on security software across all sectors.

The expert underlines that many of the advanced threats posed to the security systems of the region can remain unnoticed for a long period of time and thus cause major damage. This fact contributes to the overall complexity of the challenge. Furthermore, the developing countries are currently characterized by the second and third technology platforms merging to become one entity, which also poses a great threat to the security of the cyber space.

Cybercrime is largely influenced by the financial motivation; however, there is also an issue when hackers try to deface an information network by promoting an unfavorable political agenda which does not go along with the commonly practiced views and ideas. Therefore, the implications for cybercriminal activity are not purely financially-driven, any platform can become a subject of an attack targeted at damaging the reputation.

Challenge 2

Currently, the information technology security concerns are not limited to the GCC companies looking for various ways to secure their networks and operational data. According to Kumar, governments also show concerns when it comes to protecting valuable information. With the improvements of the cross-country levels of cooperation and networking, companies and governments become the main victims of cybercrimes, which have also been growing and expanding in terms of sophistication and the damage they can cause to the current economic environment. The cybercriminal activity such as identity thefts and virus distribution is increasingly becoming more motivated financially, as evidenced by the significant spread of online financial scamming and illegal transactions that take place online. Furthermore, the methods of cybercrime have expanded into a broad variety – criminals take advantage of the vulnerabilities that exist within the social networking and hosting sites in order to get confidential information about the users and then manipulate such information to gain the financial outcome.

Kumar underlined the fact that GCC countries had experienced cyber-attacks of this kind. Bank ATM’s hackings, the Ghostnet attacks on the Kuwait and Bahrain in 2009, the defacement of publication websites, attacks on the oil companies’ networks are just some of the examples.

In order to protect clients from identity theft and credit card forging, the GCC banking services are significantly investing into security and authentication solutions. The providers of telecommunication services are also investing in establishing new security solutions for protecting their customers from fraudulent acts. Nevertheless, the organizations within the operating industries should not be the only actors responsible for establishing cyber security governments are the primary bodies that should lead the process of securing the cyberspace from criminal activities.

The cyberspace in the GCC region is under the monitor and filter from any content that does not match the social or political ideas adherent to the region. In a similar way, governments should look into securing the Internet space against cybercriminal activity. It is highly important since attacks that occur on a larger scale can damage the communication networks in the region and sometimes even lead to physical and financial losses to private users or corporate bodies. While the UAE, Qatar, and Saudi Arabia have been proactive with their approach towards cybercrime, other GCC countries are still challenged with adequately addressing the issue on the legislative basis. The establishment of such agencies as CERT (computer emergency response teams), unique task forces that specifically deal with cybercrime, and campaigns for raising the awareness of the cyber security importance are some of the examples of how GCC countries can start addressing the problem of cybercrime, eliminating it in the future. Therefore, the GCC governments are advised to further collaborate to tackle the threat and damage cybercrime can cause since such damage should not be viewed as something limited by borders.

Challenge 3

Megha Kumar also discussed another major challenge for the GCC information technology sector – the issue of software piracy. According to the 2011 “BSA Global Software Piracy Map”, the rate of software privacy in the GCC is:

  • 51% in Saudi Arabia with the commercial value of $449 million;
  • 61% in Oman with the commercial value of $36 million;
  • 37% in the United Arab Emirates with the commercial value of $208 million;
  • 50% in Qatar with the commercial value of $62 million.

Therefore, the region is highly exposed to software piracy which has its own specific impact on the cyber security. Despite to the fact that pirated software is much more vulnerable to viruses, companies, and private individuals often use it due to the fact that it is much cheaper. Nevertheless, the software that has been manipulated by a third party can offer an unauthorized entry for various bots, viruses, and hackers, which can easily disrupt the performance of the system. Furthermore, pirated software is not limited to operating systems, games, and other applications it can also include the security software intended to fight against cyber-attacks. Because many users do not wish to pay for security system upgrades and full versions of the software and opt for a cheaper pirate alternative, they make their computers vulnerable to many kinds of dangerous attacks that undermine the integrity of private or corporate data.

GCC governments are currently trying to address the issue of pirated software due to the significant pressure that comes from software developers that work in the region. While some primary steps have been taken by the GCC governments, there is very much to be done in the future in order to take the issue of software pirating under control (Kumar par. 5).

Challenge 4

The fourth challenge in establishing cyber security in the region relates to a gap that exists between businesses and the information technologies the businesses employ. According to Megha Kumar, the opinions of the decisions makers in the IT departments so not coincide with the IT’s understanding of how information security should be managed. In the majority of cases, Chief Information Officers see the lack of skills as the main disadvantage of the IT department while the information technology managers feel that there is very little support from the higher authorities in terms of implementing new solutions for information security. Therefore, there is a major lack of cohesive strategies for cyber security that are acceptable for everyone. In order to implement a much more extensive range of information security strategies, the existing gap should be eliminated (Gulf News Technology par. 3).

The GCC organizations are currently working towards employing much more sophisticated solutions for information technology security in order to manage the issues of hacking, traffic network, as well as little user awareness. Apart from that, many organizations are trying to add information security training into their corporate agenda thus raising awareness of cyber security initiatives that address the challenge of security attacks.

The survey that included Chief Information Officers has shown that fifty-seven percent of the participants admitted that sustaining cyber security at the same time with coming up with innovative solutions was the biggest priority they had to deal with in the year of 2014 (Gulf News Technology par. 6). Furthermore, half of the respondents stated that ensuring smooth information security in their department was the second major challenge to be addressed. Thus, it is evident that many organizations in the GCC region are majorly concerned about how performance can be sustained alongside with their business availability. Additionally, many admitted that the rate of IT solutions investments evolves at a much lower speed in comparison with the speed of the security landscape.

Chief Information Officers also mentioned additional challenges that exist within their area of expertise. Namely, the improvements in IT assets utilization, connectivity management, and systems availability are just some of the additional aspects of concern. Contrary to the opinions expressed by the Chief Information Officers, IT managers mentioned that the sophistication of the cyber-attacks has increased exponentially while the support from the executive management decreased. Another enterprise security challenge related to no cohesive security strategies, which has been agreed upon collectively by the executives and the IT managers.

The results of the survey indicated that the GCC companies are majorly investing into various initiatives for information security since the challenges they face are exponential. In relation to this, in 2014 companies predominantly invested into firewall systems, detection of intrusion, as well as attack and data loss prevention systems. Kumar also mentioned that there is an increased focus on deploying firewalls of the next generation, which are able to offer a much detailed look at how the enterprise information can be better protected (Gulf News Technology par. 10).

Challenge 5

The last challenge related to establishing cyber security in the GCC region is associated with the economic crisis. There is an unfortunate trend, which suggests that software piracy and cybercrime will be greatly deprioritized when the governments deal with the impact of the economic crisis, especially the financial and political challenges. Nevertheless, it is highly important that the governments address the problem with a higher intensity at such times since the sphere of information technology will be much more susceptible to possible fraudulent acts. The implementation of greater efforts for enterprises and consumer education on the importance of cyber security policies will not only benefit in creating a much more effective environment for business but also ensure that individuals and corporations are protected against cyber-attacks at the time when the government is dealing with other challenges.

In particular, countries like Qatar, the United Arab Emirates, and Saudi Arabia has always positioned themselves as the safest and attractive platforms to do business. Therefore, for them to increase their attractiveness for any type of business (local or international), it is crucial for them to improve the regulation of cyber security policies and implementation of laws targeted at protecting the private and corporate assets from the instances of the cyber-criminal activity.

On the other hand, the current situation in Qatar regarding the issue of information technology security is extremely volatile. The volatility is experienced not only in terms of malware but also in the aspect of hacking instances, cyber warfare, and persistent threats that has become much more complex and advanced than it used to be. Furthermore, the advances in big data, cloud computing, and mobile media also greatly contribute to the volatility of cyber-security when it comes to its management, implementation, and development. According to Kumar, Qatar’s businesses should perform an evaluation of the investments that go towards the information technology security sector at the same time with rationalizing the costs, protecting the existing assets as well as coming up with innovative security solutions. Thus, the businesses should address the sustainability of their security systems while making sure that such systems are the main enablers and supporters of their operation.

For countries like Oman, the main challenge in managing the issue of cybercrime relates to the budget constraints. Due to the fact that many companies are trying to get as many resources as they can through downsizing their headcount, the issue of enterprise software security is becoming an even larger challenge that it has already been. In the course of downsizing the employee count in a company, there is a potential risk of some dissatisfied workers taking important information with them to use against the company in the future. Thus, the challenge of cyber security remains under-addressed and overlooked at many levels of business life.

Megha Kumar concluded with the statement that “as the GCC region recovers, the governments will need to ensure not just political and economic stability but also digital stability to sustain growth levels” (par. 7).

Summary and Analysis

According to the findings from the conducted research, the GCC region is currently highly vulnerable to a variety of cybercrime that is being imposed upon different business spheres. The evolving coverage of the Internet, the widespread availability of technology, and the lack of commitment to the problem of cybercrime are the main issues that challenge the business and the governmental areas of GCC.

The cyberattack performed against the corporate software of Saudi Aramco can be classified as the ‘wake-up call’ for the GCC to start taking the issue of cybercrime seriously. In order to keep control over cyber security as well as manage the financial or reputational damage a company has experienced, the GCC countries are working cooperatively to establish a set legislative framework that includes the types of crimes classified as cybercrime and the punishment the perpetrators will receive if proven guilty. In addition, such a framework implies mutual cooperation between member states in terms of extradition of cyber criminals.

It has been concluded that the calculation of costs that appear as a result of cybercrime is a complicated process. The factors like the cybercrime’s effect on the safety systems, the damage caused to the reputation of a company, interference with the business operations, and loss of opportunities are very hard to estimate. Additionally, many businesses do not know the financial impact cybercrime caused to their companies. According to the survey conducted by PWC, when asked to estimate the costs of cybercrime effects on the business in the past two years, 35% of respondents could not give a specific answer while 40% believed that their business did not suffer from cybercrime.

Therefore, the lack of awareness about the issue of cybercrime contributes to the challenges the GCC region faces. In addition to the fact that not many businesses are able to estimate the costs of cyber-attacks on them, the research reported that there is a lack of cooperation between the IT managers in companies and the Chief Information Officers due to the different views on how the issue of cybersecurity should be addressed.

Due to the fact that currently cybercrime is ranked second in the list of the most concerning threats, the future direction of the government as well as corporations should move towards mutual cooperation in terms of establishing cyber security and eliminating possible damages it causes to the overall financial industry. To deal with the issue effectively, there should be a comprehensive evaluation of the previously-implemented methods of cybersecurity, as well as employment of skilled professional in the sphere of IT who can bring innovative solutions to the table.

Similar to the way GCC countries should work cooperatively towards establishing cybersecurity on each level, there is a positive prospect for working with other international organizations and governments that have much more experience in protecting businesses and customers from the possible cyber attacks.

Because the economic and financial sphere of the GCC region is evolving to meet the expectations of the global and local communities, the changes in the area of cyber-security should go hand-in-hand with the changing environment. The financial sector at large suffers from the cybercrime because of the incompatibility of the available crime tools and the systems they attack. Therefore, the massive emphasis should be put on creating innovative cyber-security measures that will not be as vulnerable to many types of cybercrime.

Works Cited

Altaher, Nada. . 2016. Web.

Bronk, Christopher, and Eneken Tikk-Ringas. The Cyber Attack on Saudi Aramco. 2013. Web.

BSA Global Software Piracy Map. 2011. Web.

Go-Gulf. . 2013. Web.

Gulf News Technology. 2015. Web.

Info Security. 2014. Web.

ITU. 2012. PDF file. Web.

Jairwdeh, Terek. Introducing a Cybercrime Law in the GCC. 2014. Web.

Kumar, Megha. Cybercrime Challenges in the GCC. 2010. Web.

Nagraj, Aarti. 2014. Web.

National Crime Prevention Council. Cybercrimes. 2012. Web.

PWC. 2014. Web.

Salt, David, and Maryam Shaikh-Doha. 2014. Web.

Cybercrime and Combating Methods

Introduction

The processing of confidential data is essential for most companies operating today. General personal information may include employee records and customer profiles filled with personally identifiable information, financial data files such as invoices and agreements with company payment details, as well as those belonging to customers and suppliers, and business contracts with other businesses (Grimes, 2020). If the storage of this data is not secure, this can lead to a severe data leak. The long-term consequences can be devastating, along with the financial costs of dealing with a data leak containing confidential information. They can lead to a drop in stocks and the closure of businesses.

Secure Storage of Information

The first step to ensuring the security of confidential information that the company works with is creating data protection protocols. Most information security policies are based on the rule of least privilege. The company’s staff and employees from outside have access only to the data they need (Grimes, 2020). As a result, the workflow is never affected, but a premium level of security is maintained.

Protecting specific locations in systems, servers, and the cloud to store sensitive information can be inflexible for companies but also inefficient once data needs to be moved. When dealing with sensitive data, companies should use encryption software instead (Prasad & Rohokale, 2020). Encryption effectively encrypts electronic information, making it look like random characters (Grimes, 2020). Only persons to whom the corresponding key has been issued can view or interact with the content. By protecting data, rather than the storage area, files can move freely through internal systems or be shared outside the protective boundaries set by IT teams while they never become vulnerable.

Preventing The Theft of Information

Attackers can access company data in several ways, including a phishing method that uses unsuspecting employees as a gateway. However, there are also several ways for companies to protect themselves and their dice from such attacks (Alabdan, 2020). The primary and straightforward method that many companies neglect is to update the software. Software and technology companies always add security protocols to their products, but they will not work if applications and devices are updated (Prasad & Rohokale, 2020). The main thing is to be aware of these changes and update the entire set of tools to protect data from hackers.

Companies that want to protect themselves against phishing attacks and hackers can use the anti-phishing toolbar. The phishing protection toolbar is a web browser extension that protects against such attacks when visiting a malicious website. Anti-phishing toolbars check everything clicked on in real time and block any possible threat or attack (Grimes, 2020). They benefit people who do not understand cybersecurity and want to protect their information and data regardless of which site they visit.

Cyberterrorist Attacks

As already mentioned, hackers can use phishing to get the information they need. They are trying to obtain confidential information, such as passwords, usernames, and credit card details, by masquerading as trusted persons using mass email distribution that tries to bypass spam filters (Alabdan, 2020). Emails from popular social networks, banks, auctions, or IT administrators are usually used to attract an unsuspecting public. This is a form of criminally fraudulent social engineering. There is also the concept of targeted phishing – a minor targeted email attack on a specific person or organization to hack their protection (Alabdan, 2020). A targeted phishing attack is carried out after investigating the target and has a personalized component designed to force the target to do something contrary to their interests.

EMP

People are increasingly vulnerable to natural disasters and military attacks on energy systems. Electromagnetic magnetic pulses (EMP) can destroy electronics, leaving the environment untouched but without simple means of survival (Lim et al., 2021). While a massive solar coronal mass ejection (CME) could shut down a significant portion of the world’s electrical grid, electronic devices not connected to the grid will not be damaged. Nevertheless, the electromagnetic pulse emitted by a nuclear explosion is very different because the first of its three phases occurs within billionths of a second. This extremely fast EMP can travel hundreds of miles from an exploding nuclear bomb with a voltage potential of 50,000 volts or more per meter (Lim et al., 2021). This is more than enough to damage unshielded semiconductor electronic equipment permanently.

Protection from EMP

Electromagnetic shielding prevents electromagnetic waves from affecting sensitive electronics — everything from televisions and microwave ovens to mobile phones and baby monitors, as well as critical computer processors in modern smart devices. Painting the screen provides complete coverage at a much lower cost (Lim et al., 2021). In addition, the conductive paint can also remove heat from sensitive electronic devices, allowing them to regulate their temperature and preventing the thermal shutdown of modern electronics. It turns out that a very effective measure of protection against EMP, or shielding, can be made from aluminum foil. Ordinary heavy-duty aluminum foil has blocked all nine million watts of radio frequency energy from entering the radios.

Conclusion

Since threats to data security are constantly changing and evolving, any time spent waiting or delaying a data protection plan implementation or improvement poses a significant risk. These attacks highlight the vulnerability of data and the lack of reliable security strategies in organizations of any size. It is necessary to adhere to the following steps to improve the overall security of the company: knowing what needs to be protected; a firm password policy; a disaster preparedness plan; encryption of confidential information.

References

Alabdan, R. (2020). . Future Internet, 12(10), 168. Web.

Grimes, R. A. (2020). Hacking Multifactor Authentication. John Wiley & Sons.

Lim, C., Min, K., Kim, K., & Park, Y. J. (2021). . Sustainability, 13(2), 570. Web.

Prasad, R., & Rohokale, V. (2020). . Cyber Security: The Lifeline of Information and Communication Technology, 231-247. Web.

Cybercrime: Criminal Threats From Cyberspace

Introduction

  • The internet has provided people with a cheap and easy way of communicating.
  • However, internet has been associated with complex crimes which have posed a big challenge to law enforcement officials all over the world.
  • These crimes range from identity theft, internet scams, cyber stalking, online gambling, pirating, illegal trade, cyber terrorism and fraudulent transactions among others.
  • Cyber criminals invade privacy, destroy brands, harm others and even destroy public trust.

The internet has provided people with a cheap and easy way of communicating. People can access a lot of information, entertainment and is a good avenue for socioeconomic and political activities. However, the internet has been associated with the complex crimes, which have posed a big challenge to law enforcement officials all over the world. These crimes range from identity theft, internet scams, cyber stalking, online gambling, pirating, illegal trade, cyber terrorism and fraudulent transactions among others. While some people engage in these activities as harmless fun and adventure, others are criminals who are determined to use the internet for their own selfish gains. In this case, they invade privacy, destroy brands, harm others and even destroy public trust. From the year 2000, the number of the reported cases has been increasing. However, there are still other cases that have gone unreported since victims have fear that they may be exposed to vulnerabilities.

Introduction

Internet Crimes

Internet Crime Evolution

  • When computers were new, very few people were conversant with them, and their use was limited to a few organizations which could afford them
  • Cyber crime began with unsatisfied employees who caused physical damage to computers
  • Initially, criminals focused their efforts on home users through spreading viruses, identity theft, and cyber stalking
  • The internet has come with many opportunities for internet crimes (Reyes, 2007).

When computers were new, very few people were conversant with them, and their use was limited to a few organizations which could afford them. Initially, the internet presence was experienced by few people hence few cases of computer crimes. Cyber crime began with unsatisfied employees who caused physical damage to computers to get back at their employers in the early 1980s. It has since grown with the increasing popularity of personal computers in homes and the availability of the internet. Initially, criminals focused their efforts on home users through spreading viruses, identity theft, and cyber stalking. With the increasing technology, organizations are also at risk since criminals are determined to hack information and use it to perform transactions that may result in loss of funds or important information. The introduction of the World Wide Web in the 1990s and the evolution of social networking sites in the 21st century have come with many opportunities for internet crimes. Computer crimes keep advancing due to the fast developments in technology (Reyes, 2007).

Internet Crimes

Cyber criminals use various techniques
Cyber criminals use various techniques. Source: Passeri, 2012.

Common Internet Crimes

Hacking and Viruses

  • Hacking is the most popular form of internet crime.
  • Hackers may overwhelm target sites with a lot of information to slow down the system and crash it
  • Viruses may be used by criminals to erase important data
  • Mostly, internet criminals have threatened e-commerce since their main purpose is to obtain funds illegally.
  • Hackers target banks and other financial institutions(Darlington, 2006).

Hacking is the most popular form of internet crime. In hacking, an individual enters private networks and change information or even prevents the legal user from accessing information. In other cases, hackers may overwhelm target sites with a lot of information to slow down the system and crash it. Viruses used by criminals to erase important data or lock up systems are similar to hacking. They take advantage of the lost data to make false claims. They may also generate new data, which may serve to exhort funds or other resources from their victims. Mostly, internet criminals have threatened e-commerce since their main purpose is to obtain funds illegally. They do so by obtaining security information from organization’s customers and using this information to conduct fraudulent activities. It mostly affects banks and other financial institutions. At times, criminals create illegal sites and use them to sell their own products using well known brands (Darlington, 2006).

Pirating and Illegal Trading

  • Digital technology has facilitated internet criminals to infringe on copyright laws
  • It is closely linked to illegal trading
  • Fraud is also popular
  • Criminals have advanced to packet reading
  • Other forms of fraud exist to swindle innocent victims (Darlington, 2006).
  • Online shopping is also greatly affected (Brenner, 2010).

Digital technology has also made it easy for internet criminals to copy creative products such as films and music. Through the internet, many people can share pirated material at lower fees that do not get to the original composer. It is closely linked to illegal trading in which people use newsgroups, bulletin boards or even newsgroups to commit crimes such as parallel trading or counterfeit of established brands. Fraud is also popular, and criminals have advanced to packet reading. In this case, hackers locate data patterns in credit and debit cards and copy this data to reproduce similar ones. Other forms of fraud exist in which fraudsters introduce extra fees for the services they have signed up for without the knowledge of the service users (Darlington, 2006). Online shopping is also affected in occasions where legal registered sellers offer consumers the wrong products (Brenner, 2010).

Internet Scams and Cyber Stalking

  • Scams are very popular with internet criminals
  • They often require information such as credit card details, bank account details, passwords and social security numbers (Brenner, 2010)
  • Notably, social sites have also facilitated internet crimes
  • This has led to increased Cyber Stalking
  • This has been exploited by rapists and pedophiles
  • Criminals use malicious communications through the internet to cause distress and anxiety (Darlington, 2006).

Scams are very popular with criminals enticing their victims to give confidential information with a promise to get them rich. They often require information such as credit card details, bank account details, passwords and social security numbers. It mostly affects those who have limited knowledge on the internet and its dangers (Brenner, 2010). Similarly, the advent of social sites such as MySpace and Facebook has made it easy for criminals to stalk their victims by learning about their hobbies, professions and daily activities. This is common among rapists and pedophiles who take advantage of the social sites to catch the attention of their victims. The UK has experienced multiple cases in which criminals use malicious communications through the internet to cause distress and anxiety (Darlington, 2006).

Cyber Terrorism

  • Cyber terrorism has become a major threat
  • Cyber terrorists design and send computer based attacks
  • This is meant to destroy target networks, systems, or even stored information
  • These criminals are known to purchase aging computers
  • They use them to crack passwords and gain access to critical data
  • Militaries and governments are the most affected groups (Brenner, 2010).

Cyber terrorism has become a major threat since the internet has made it easy for criminals to advance their social and political objectives. Cyber terrorists design and send computer based attacks to destroy target networks, systems, or even stored information to make those operating the given system helpless. Once they destroy networks, they can invade or access information without being monitored. Through the internet, terrorists can also coerce or intimidate the target organizations and governments by sending anonymous threat messages. These criminals are known to purchase aging computers. They use them to crack passwords or guide them into accessing delicate information for them to install similar programs to ease access. This affects militaries and governments and poses security attacks (Brenner, 2010).

Online Gambling

  • The online gambling industry has provided a variety of services
  • However, this has raised issues on consumer confidence, integrity, security and fairness in the games
  • The criminals cheat on others during gambling activities
  • This form of crime is common in the UK, Canada, and Australia (McMullan & Rege, 2010).

The online gambling industry has provided a variety of services including casino games, poker, blackjack, bingo, and lottery games among others. However, this has raised issues on consumer confidence, integrity, security and fairness in the games. Criminals have taken advantage of technology to cheat on others during gambling activities. For instance, they use computer viruses to see the hands of their opponents during play. A study indicated that 50% of casino players believed that internet providers cheated on them and were dissatisfied with the way their complaints are processed. This form of crime is common in the UK, Canada, and Australia (McMullan & Rege, 2010).

Common Internet Crimes

Pirating and Illegal Trading

Internet Scams and Cyber Stalking

Cyber Terrorism

Online Gambling

Distribution of Targets

Conclusion

  • The internet crimes pose a threat to individuals, organizations and states.
  • They involve people from different geographic areas.
  • Thus, it is hard to catch and punish the criminals.
  • A personal initiative is the best strategy to curb this crime.
  • The criminals have become a nuisance and they keep changing their strategies.
  • They have perfected their game for their own selfish gains, harm others and destroy public trust.

In as much as the internet has provided a platform for social-economic development and cultural integration, internet crimes pose a threat to individuals, organizations and states. They involve people from different geographic areas. Thus, it is hard to catch and punish the criminals. The problem can only be minimized through personal initiatives in which individuals take precaution in the way they share internet resources with others. There is a big probability that this problem will keep on growing due to the efforts put by internet criminals in keeping up with the technology. They use it for their own selfish gains, harm others and destroy public trust.

Conclusion

References

Brenner, S. W. (2010). Cybercrime: Criminal threats from cyberspace. Santa Barbara, Calif: Praeger.

Darlington, R. (2006). Web.

McMullan, J.L. & Rege, A. (2010). Online Crime and Internet Gambling. Journal of Gambling Issues, 24(5), 54-85.

Passeri, P. (2012). 1-15 September 2012 Cyber Attacks Timeline. Web.

Reyes, A. (2007). Cyber crime investigations: Bridging the gaps between security professionals, law enforcement, and prosecutors. Rockland, MA: Syngress Pub.

Target Corporation’s Data Breach and Cybercrime

Cybercrime entails the use of a computer or networking device to endeavor in criminal activities. A data breach is one of the primary cybercrimes that significantly affect consumers and the business under attack. The unlawful acquisition of information from a particular system without permission from the owner causes adverse effects to the organization, for example, loss of trust from consumers and financial losses. In 2013, Target experienced a cybercrime that involved a data breach of Target’s system hence accessing the service database consisting of customers’ personal information.

The data breach at Target caused adverse impacts to almost 70 million customers. The cyber attackers accessed the customer’s contact information, which allowed them to monitor their whereabouts. Target also announced that more than 41 million customers’ payment cards were affected, which captured their verification codes giving access to their finances (McCoy, 2017). Consumers not only lost their finances due to the data breach but also lost their trust in shopping at the retail giant.

Target also faced adverse effects caused by the data breach in 2013. The weakness that was detected in their system, which allowed attackers to maneuver and acquire managerial access to the organization, caused a class-action lawsuit against the company. Regardless of their loss, Target was required to pay up to $10,000 to consumers who provided empirical evidence of their losses caused by the cyberattack (McCoy, 2017). An $18.5 million multistate settlement was also required to be met by the organization while providing monitoring services to the unfortunate consumers affected by the cybercrime (McCoy, 2017). The company was forced to use some of its shares to educate the consumers on cybercrimes.

The data breach experienced at Target expounded my knowledge on the possible cybercrimes that might occur. The case scenario that occurred at Target modified my behavior as a consumer while dealing with credit cards. As a consumer, it is essential to ensure the security measures of an organization before giving out personal information. In case of a suspicious request, it is critical to confirm by contacting the company to countercheck the request. Unfortunately, my mother was situated in cybercrime where she clicked on a spam email that tricked her to provide the password to her email. This cybercrime is known as phishing whereby spam emails are randomly sent to individuals. The phishing campaign enticed her with a shopping voucher, which, in turn, ended up corrupting her emails and illegally accessing her personal information. After her case scenario, we learned various ways to protect ourselves against cybercrimes.

Reference

McCoy, K. (2017). USA Today. Web.

Cybercrime and Cybersecurity as Challenges

In recent years, the computer technology field has evolved and developed gradually and has contributed to the success of many individuals and organizations. Technology has faced numerous challenges as it continues to grow tremendously. The main challenge is cyber-attack, where criminals have been targeting companies and individuals, creating great harm to the vulnerable users of technology. Some of the incidences that support this claim are information theft, malware, ransomware attack, and hacking of servers which has become a significant challenge to technology users in all parts of the world. Cyber security experts have rescued technology users by detecting and protecting computer systems from these attacks.

In 2017 shock befell the globe after learning how helpless the world was after the famous wanna-cry ransomware cyber-attack targeted the Microsoft Windows operating system by encrypting the data of its users. The encrypted ransomware demanded some payments in the form of Bitcoins to decrypt the data, an incident that prompted my venture into a career in technology to help in countering these vices affecting technology. Since all technology forms and systems are vulnerable to cyber-attack and it is not always easy to identify the weak link where the cyber attackers would penetrate, relevant studies such as cyber security would solve this problem.

Computer programming sessions were among the best topics back in my school, which drove my desire for this technology path. Being a recent graduate of Electronic Engineering Technology and Computer Engineering Technology from Norfolk State University, getting a chance to pursue a master’s degree in cyber security at Norfolk State University to develop more skills would be highly appreciated. Cyber security is vital to the current growing digital world because it offers confidentiality and security of personal information and financial credentials.

Crucial topics include big data analytics, cloud computing, digital forensics, cyber-psychology, wireless security, and socio-cyber-security. Cyber security knowledge enables an individual to engage in actual-world practice using recent digital security technologies. Top organizations are willing to spend a lot on cyber security experts who can protect their data from being vulnerable, taking a course in cyber security very relevant and marketable with good job security.

The masters in cyber security will enhance the best ways to secure networks and information systems by intrusion detection and detection of ordinary events. One will also learn the defensive cyber security technologies and techniques used in modern organizations to protect systems data and achieve Knowledge of the maintenance and design of reliable and safe information systems. It will also be possible to identify the human factors that compromise a network and computer security.

This program will also enlighten on the legal, technical, policy, and dimensional aspects of network security, computer systems security, and information security. Principles of network security design and operation and those of computer networks, including security assessments, design fundamentals, and incident response, will be achieved. It will also involve auditing and testing knowledge and the standard penetration testing methodology, Technical aspects of networks, computer and information system security, and the techniques related to authentication, access control auditing, and secure communication. These skills gained from the cyber security course will make one fit in various careers: security architect, Chief information security officer, security assessor, and security manager. Occupations such as Security director, security engineer, and information security consultant also require cybersecurity expertise and will be very important in the future dynamic digital world.

Cybercrime and Its Legal and Practical Management

Introduction

Today, innovative technologies penetrate every sector of the global community’s life, whether it is private life, finances, businesses, health or personal information. In modern society, everything can be encrypted in the form of code, so tangible assets are transformed into numbers in the computer software for convenience, carrying the same value. Johnson (2016) uses a metaphor and suggests that the global community “puts all of it physical eggs in one virtual basket and its dependence on cyber technology is now absolute” (p. 2). With the development of various programmes that significantly simplify the daily activities of the organisations and individuals, the issues of privacy and security became more spread. People around the world have faced cybercrime, which imposes severe threats on businesses and individuals on the international level. The purpose of this paper is to investigate the issue of cybercrime and discuss how legal and practical provisions can manage the emerging problem and eliminate those criminal activities.

Investigating Cybercrimes

Within the last decades, cybercrime has gained various names and associations, including e-crime, digital crime and hi-tech crime. First, it is crucial to understand the definition of cybercrime and its implications. Cybercrime is “a diverse range of illegal and illicit activities that share in common a unique electronic environment (“cyberspace”) in which they take place” (Yar & Steinmetz, 2019, p. 6). Consequently, one can say that the actions of a criminal nature that violate federal and public laws and regulations and occur within the Internet space are referred to as cybercrime.

Cybercrime implicates numerous challenges for the global community and its sectors, including jurisdiction. The scholars suggest five critical characteristics of electronic crimes, which include accessibility, anonymity, scale, portability and transferability and global reach (Gillespie, 2019). Those features imply that the Internet is available in different corners of the world, which means its availability, but, at the same time, increases the target audience of victims. Besides, keeping anonymous status is possible in cyberspace, which imposes additional challenges for the authorities to fight those types of crimes. Easy access to the information storage and its portability, as well as the ability of cybercrime to transcend borders, demonstrate the difficulties that the e-crime can cause (Gillespie, 2019). Therefore, the cybercrime characteristics emphasise the necessity of firm regulations and practices that will reduce the number of attacks via the Internet significantly and will provide useful ways of the electronic data and assets protection.

Growing Problem

It is possible to say that the scope of cybercrime is continuously growing. The Office of National Statistics, based in the UK, stated that, in 2016, there were almost six million cases of e-crime (Epps, 2017). Breaches in information can have drastic effects on the organisations, including financial losses and aggravated image and reputation. The statistics from the Insurance Information Institute revealed that from 2014 to 2018, the number of cybercrime complaints and reported damage has significantly increased (“Facts and Statistics,” 2019). The situation implicates that the need for protection and security measures and regulations is growing in the global community. One of the suggestions is to employ “a system that not only keeps the information secure but is also cost-effective and results in a faster and more seamless authentication process” (Epps, 2017, p. 15). In such a way, the companies that have experienced or have a potential threat of experiencing data breaches should integrate all possible protection tools and practices not to have substantial losses in the future.

Besides the significance of various safeguard strategies within individual business, it is crucial to remember the global reach feature of cybercrime, which implies that the issue of digital crimes requires precise international regulations. Thus, it is essential to investigate the seriousness of transnational cyber-attacks and analyse the existing solutions and propositions. Transnational cybercrime refers to any digital crime that infiltrates the system, creates disorder and compromises the original information through the coding language (Perloff-Giles, 2018). In other words, according to Gottschalk (2019), transnational cyber-attacks involve various activities that violate the laws with the use of information technology. Hence, one can note that the crimes that include the use of the Internet do not consider physical borders and can influence any country. Transnational cybercrimes can be represented in various forms of illegal actions, such as online grooming, financial frauds within corporations, money laundering or content piracy (Gottschalk, 2019). Thus, nations around the world have the same need to protect their society, their assets and reputation.

Issue of Anonymity

The fact that the Internet space can be anonymous and that anyone can become a victim of digital attacks emphasises the value of international law in the emerging issue. According to Urbas (2012), “legal jurisdiction traditionally is based on geographical territory” (p. 8). For instance, criminal’s actions are considered based on the laws in the country of citizenship. In some cases, the unlawful individual is judged on the current laws of the citizenship country and the land of crime commitment. Nevertheless, those strategies are not always practical in the cases of Internet criminal activities. Still, with the growing need for protecting the global society, the legal authorities from different nations started to co-operate and turn to law enforcement collaboration. The first step to address the severe problem of cybercrime across the borders was the creation of the Council of Europe Convention on Cybercrime that became effective in 2004 (Gillespie, 2019). This Convention became the first international instrument that considered the significance of cyberspace dangers.

Main Provisions

As far as this document represents one of the most influential works for the management of cyber-attacks at the international level, it is crucial to look at its main provisions. Keyser (2016), suggests that the Convention on Cybercrime became “a new, powerful, and timely piece of international legislation” (p. 132). The Convention includes the guidelines for the measures that nations should undertake at domestic levels and the suggestions for international collaboration (Gillespie, 2019). Hence, it is possible to claim that the solution for the evolving problems can start at the local level, within the country. It is crucial not just for businesses and public organisations to secure the information but also for the country’s authorities to implement the measures that will protect its citizens. Starting with the integration of protection methods at the local level can have a favourable impact on the overall picture.

Still, not always a robust cyberspace defence system within a specific nation can prevent foreign hackers or other types of digital criminals from intervening. As a result, the Convention on Cybercrime also encourages cooperation among countries. Although many states made various attempts to fight cybercrime, the EU “remains at the forefront” in establishing the proper framework to combat digital criminal activities (Mittal & Sharma, 2017, p. 1372). The Convention seeks to harmonise the existing laws within various nations by offering procedures, related definitions and real-time collection of data (Mittal & Sharma, 2017). Moreover, it endorses collaborative assistance in “handling traffic and stored computer data,” which represent the primary cybercrime targets (Hui, Kim, & Wang, 2017, p. 499). Thus, the Convention’s primary purpose is to initiate the collective work of the laws in different states through the requirements to combat cybercrime.

Another significant point about the Convention on Cybercrime and its efficiency is the fact that since the time it was drafted, the cyberspace went through substantial modifications. This document aims to harmonise domestic laws, while in the global world, some nations do not have specific legislation concerning digital crimes (Mittal & Sharma, 2017). Though there are particular weaknesses of the Convention, scholars point out that introducing international agreements in the future can become a substantial step towards fighting the crimes related to cyberspace (Mittal & Sharma, 2017). Therefore, cybercrime represents a critical issue in the global arena and can touch any country. The Council of Europe Convention represents a substantial effort to determine the existing problems of the Internet space and provide possible solutions to gaps in combating digital offences.

In the global community, cybercrime is a complex phenomenon that requires serious actions and modifications, not only according to the Convention. Without any doubt, the Convention portrays one of the essential measures of eliminating cybercrime, but the issue has to be solved on various levels (Sabillon, Cano, Cavaller Reyes, & Serra Ruiz, 2016). Consequently, scholars state that protective measures should start from personal data security implementation and escalates to societal, organisational, military and international levels (Sabillon et al., 2016). It is crucial to remember that, though cybercrime involves technological advancements, integrating security measures only through technology would not be enough. The integration of various fields besides international cooperation, such as training, culture and awareness, in combination with proper technical improvements, will create new opportunities to confront cybercrime (Sabillon et al., 2016). As a result, the existence of a solid defence will decrease the likelihood of cyberattacks and will contribute to the minimisation of digital crime around the globe.

It is useful to observe the suggestions that the National Cyber Security Centre (NCSC) in the UK has issued. The general concept offers a four-component approach, which includes victims’ protection, deterring the UK-based cyber criminality, tackling international cybercrime groups and the criminal marketplace (Saunders, 2017). One can notice that although those provisions were implemented on the domestic level, they concern transnational activities related to cybercrime. Therefore, it implies that internal policies have an influence on international collaboration and encourage nations to work together.

At this point, it is necessary to look at the statement that cybercrime is a challenge, but it is nothing that existing legal and practical provisions cannot handle. It is possible to say that the authorities and law enforcement figures in different nations aim to fight cybercrime, and the continuous work on the current situation improvement is taking place. Still, it is controversial to say that the existing practices have all the necessary means in tackling digital attacks. For instance, in the statistics from the Insurance Information Institute, one can see that from 2015 to 2018, the number of identity thefts did not drop significantly (“Facts and Statistics,” 2019). However, one can trace the improvement and notice the unstoppable development process directed towards fighting cyber-attacks. The promotion of such activities at the domestic level, stronger encouragement of agencies to collaborate and the introduction of universal requirements for fighting cybercrime can solve the problem.

However, the investigation of cybercrimes is a complicated process that has numerous challenges that might prevent agencies and authorities from achieving the desired objectives. Maras (2019) lists the issues that include the lack of or inadequate national and international laws, slow information and evidence sharing networks and deficit in national capacities. Hence, those barriers might slow down the successful cybercrime investigation conducted collaboratively. Still, great work is done to overcome those obstacles and prosper in the cybercrime fight. For instance, Interpol has established a National Central Bureau in all countries that serve the role of the “contact point for law enforcement” (Maras, 2019, p. 284). Consequently, despite numerous challenges, the legislature makes attempts to improve the situation.

Conclusion

The paper has discovered the features of cybercrime that implicate severe challenges, including the burdens on legislation. The problem is that cyber-attacks are connected to technological progress, while jurisdiction is developing at slower rates. Day and Bryant (2014) claim that many insist that “more laws are required to protect individuals, e-commerce, and society” (p. 83). Nations possess diverse jurisdiction procedures concerning cybercrime management and solution. Apart from being a useful tool in eliminating the issue, these regulations can have inadvertent effects on the private lives of individuals or confidentiality. Without any doubt, the increased attention towards the problem of cybercrime will tackle those issues. A powerful transnational collaboration, including individual countries’ approaches that naturally involve international groups’ tracking and law enforcement, will continue finding solutions for the growing problem of cybercrime.

In conclusion, cybercrime and its implications impose severe challenges on the global community. Investigations related to the crimes committed in cyberspace have a complex nature and require strict guidelines. Today, the Europe Council Convention on Cybercrime is one of the most potent international instruments in combating digital criminal activities. Despite the burdens and continuous debates over the effectiveness of the existing laws and regulation, new developments and strategies are integrated into the system, aiming to manage cybercrime efficiently and minimise losses.

References

Day, E., & Bryant, R. (2014). Law and digital crime. In R. Bryant & S. Bryant (Eds.), Policing digital crime (pp. 83–110). Farnham, England: Ashgate Publishing Limited.

Epps, C. (2017). Best practices to deal with top cybercrime activities. Computer Fraud & Security, 2017(4), 13-15.

(2019). Web.

Gillespie, A. A. (2019). Cybercrime: Key issues and debates (2nd ed.). Abingdon, England: Routledge.

Gottschalk, P. (2019). Transnational cybercrime and cybercrime by transnational organisations. In V. Mitsilegas, S. Hufnagel, A. Moiseienko, S. Yanan, & L. Mingxiang (Eds.), Transnational crime: European and Chinese perspectives (pp. 86–100). New York, NY: Routledge.

Hui, K. L., Kim, S. H., & Wang, Q. H. (2017). Cybercrime deterrence and international legislation: Evidence from distributed denial of service attacks. MIS Quarterly, 41(2), 497-523.

Johnson, M. (2016). Cybercrime, security, and digital intelligence. New York, NY: Routledge.

Keyser, M. (2016). The Council of Europe Convention on Cybercrime. In I. Carr (Ed.), Computer crime (pp. 131–170). New York, NY: Routledge.

Maras, M. H. (2019). Cybercrime laws and investigations. In M. Natarajan (Ed.), International and transnational crime and justice (2nd ed., pp. 281–286). Cambridge, England: Cambridge University Press.

Mittal, S., & Sharma, P. (2017). A review of international legal framework to combat cybercrime. International Journal of Advanced Research in Computer Science, 8(5), 1372-1374.

Perloff-Giles, A. (2018). Transnational cyber offenses: Overcoming jurisdictional challenges. Yale Journal International, 43(1), 191-227.

Sabillon, R., Cano, J., Cavaller Reyes, V., & Serra Ruiz, J. (2016). Cybercrime and cybercriminals: A comprehensive study. International Journal of Computer Networks and Communications Security, 4(6), 165-176.

Saunders, J. (2017). Tackling cybercrime–The UK response. Journal of Cyber Policy, 2(1), 4-15.

Urbas, G. (2012). Cybercrime, jurisdiction, and extradition: The extended reach of cross-border law enforcement’. International Journal of Internet Law, 16(1), 7-17.

Yar, M., & Steinmetz, K. F. (2019). Cybercrime and society (3rd ed.). Los Angeles, CA: SAGE.

Cybercrime Effects on UAE Educational Institutions

Research problem

Cybercrime is a growing concern in the contemporary world. Because of the high pace of digitalization, there are numerous loopholes and vulnerabilities in systems used by attackers and malefactors. This sort of illegal activity is called cybercrime and acquires the top priority today for project managers responsible for the functioning of a certain organization, the achievement of goals, and further development (Diffee and Datta, 2018). For educational institutions of UAE, the problem is also topical as the frequency of cyber-attacks grows because of the shift of priorities towards online education. However, there is still a little understanding of the scope of the issue in the UAE, and the effects cybercrime has on teachers or educators (Matsumoto, 2019). Additionally, there are no clear guidelines on how to act under new conditions and remain capable of preserving the high efficiency of educational establishments in the UAE (Imranuddin, 2017). Finally, there is no clear vision of the effective cybersecurity model that can be employed by teachers working in the sector, which means that they remain helpless (Philip and Salimath, 2018). For this reason, the research problem is the gap in knowledge about cybercrime in educational institutions of the UAE and the need for improved security measures to resist a new threat.

Research questions

The scope of the theme preconditions the introduction of the following research questions:

  1. What are the effects of cybercrime on teachers and changes in their functioning preconditioned by the growing importance of this concern in the context of UAE?
  2. What guidelines and cybercrime model can be adopted by project managers to address and minimize the effects of cybercrime in the UAE educational institutions?

The given research questions are linked to the objectives formulated above and help to acquire information needed to examine the role of cybercrime in contemporary society. Additionally, the presented research questions will guide the research project and ensure that all important pieces of evidence will be collected and processed appropriately.

Research Aim

The research aims to examine the effects of cybercrime in the UAE educational institutions. The research will propose guidelines that can be adopted by project managers to minimize the effects of cybercrime in the UAE educational institutions. Moreover, the study will propose a comprehensive cybersecurity model that can be used to mitigate cybercrime attacks in the UAE educational establishments.

Research objectives

  • Review the literature to outline the negative effects of cybercrime on the educational establishments and teachers;
  • Ascertain how malefactors can use existing vulnerabilities and loopholes to steal data or damage teaching faculty in the educational institutions of the UAE;
  • Establish the effects of cybercrime on teachers and changes in their functioning preconditioned by the growing importance of this concern in the context of educational establishments in the UAE;
  • Propose a cybersecurity model that will be include cybercrime guidelines and key determinants that can be used by UAE educational sector to manage and mitigate cyberattacks

Research Statement

The diversity in the negative effects of cybercrime on project managers presupposes the need for a specific response to manage the problem. The poor understanding of the problem and the absence of tools available to project managers precondition the deterioration of the situation (Matsumoto, 2019). Under these conditions, the creation and implementation of specific guidelines, along with the comprehensive cybersecurity model can reduce cybercrime rates in educational establishments of the UAE. Managers will acquire strong tools and strategies to respond to the growing diversity of threats.

Depended variable

The dependent variable in the research is the cybercrime rates in the educational establishments of the UAE. As far as there is a need for an in-depth investigation of how different models work, it is vital to measure any changes in the state of cybercrime and its rate to conclude about the effectiveness of a particular measure.

Independent variables

The guidelines offered to project managers outlining the safe behaviors and practices and the comprehensive cybersecurity model are the independent variables of the study. It is critical to determine the effectiveness of these measures in struggling against cybercrime and resisting threats associated with this factor. For this reason, such factors are viewed as independent variables, and their influence should be measured.

Research hypothesis

The negative effects of cybercrime on the teaching faculty in the educational institutions of the UAE can be managed by using specific guidelines and cybercrime model.

Novelty of the study

The project has both practical and theoretical novelty. First of all, there is an attempt to create relevant and effective interventions that would help to alter the situation in the education domain of the UAE and provide managers with tools that are needed to resist cybercrime. The establishment of the comprehensive model can be viewed as a novel approach for the sector as it considers all existing problems and their diversity, which increases every year.

At the same time, the theoretical novelty of the research comes from several factors. Initially, there is an attempt to analyze the problem of cybercrime that effects the educational scope of the UAE. Previous attempts were focused on the analysis of the area in general and universal ways to resist it. However, their effectiveness might vary because of the accuracies of the working environment its diversities. For this reason, the focus on the scope of education with its own characteristics is vital for the creation of an improved vision of the problem and generation of the enhanced capability to resist it. Altogether, the high practical and theoretical novelty of the research justifies the choice of the topic and proves the need for further research in the given scope.

Operational definitions

Variable Theoretical definition Operational definition Measurement
items/scales
Dependent variable Cybercrime is an illegal and criminal activity presupposing using a computer, networks, or devices that have access to networks, to cause damage and perform maleficent actions, cause damage, and deteriorate the functioning of an organization (Diffee and Datta, 2018). The dependent variable can be measured by evaluating its current rates, the number of cyberattacks, their nature, and damage caused by them to educational establishments in the UAE. The frequency of attacks per a selected period will be measured to outline the average meaning.
Independent variable (1) Guidelines on cybersecurity and resisting cybercrime are a set of rules and recommendations offered to managers to minimize the risk of being attacked or hacked (Diffee and Datta, 2018). Guidelines’ acceptance by teachers can indicate its applicability to the UAE educational sector Surveys can be used to collect information about teachers’ acceptance and readiness to use guidelines.
Independent variable (2) Comprehensive cybersecurity model is a framework characterized by the minimum vulnerabilities achieved by following the guidelines and using innovative security systems (Philip and Salimath, 2018). The functioning and effects of cybersecurity models can be evaluated by monitoring the dynamics of attacks stability of institutions’ functioning The variable can be measured by determining if there is a reduction in the number of cyberattacks. teaching faculty responses can also be evaluated.

Conceptual framework

For the research, an existing framework offered by previous research paper is being used. The given model states that cybersecurity is a complex concept consisting of multiple factors. To attain success, it is vital to consider legal, technical, organizational measures, capacity building, and cooperation (ABI Research, n.d.). Building the model for the research, the technical and organizational measures are considered as they can be impacted by the proposed variables. Guidelines on cybersecurity and cybersecurity model affect the organizational elements of a unity and its technological components:

Technological components

Reference List

ABI Research (n.d.) Global cybersecurity index. Conceptual framework. Web.

Dasgupta, D., Akhtar, Z. and Sen, S. (2020) ‘Machine learning in cybersecurity: a comprehensive survey’, The Journal of Defense Modeling and Simulation.

Diffee, E. and Datta, P. (2018) ‘Cybersecurity: the three-headed Janus’, Journal of Information Technology Teaching Cases, 8(2), pp. 161–171.

Imranuddin, M. (2017) A study of cyber laws in the United Arab Emirates. Master Thesis. Rochester Institute of Technology. Web.

Matsumoto, A. (2019) ‘Literature review on education reform in the UAE’, International Journal of Educational Reform, 28(1), pp. 4–23.

Philip, J. and Salimath, M. S. (2018) ‘A value proposition for cyberspace management in organizations’, Business Information Review, 35(3), pp. 122–127.

Zhuang et al. (2015) ‘A theory of cyber attacks. A step towards analyzing MTD systems’, 2nd ACM Workshop on Moving Target Defense, pp. 1-10.