Cybercrime is continuously growing with the expansion of business networks and the internet. Currently, organizations of all sizes rely on their internet connectivity, data, and networks to conduct their businesses. From an international community perspective, cybercrime causes the global economy to incur an annual loss of about $445 billion, with businesses being damaged by intellectual property theft that exceeds a $160 billion loss to individuals (Bandler and Merzon, 2020). The threat keeps growing due to cybercriminals’ intention to exploit the existing network and online vulnerabilities in business networks. Further, businesses’ lack of resources and knowledge contributes to the challenge since one in four business owners has little or no understanding of the threat posed by cybercrime.
The link between national security and cybercrime is becoming an increasingly prevalent challenge from a national perspective. With the advancements in technology, the criminal ability to cause harm and annoyance to a country’s critical infrastructure and the people continues to undermine the dynamic instrumentalities (Schuh, 2019). Similarly, the national security profile of a country has been impacted by an increase in the parallel approaches to physical attacks with which cyber-attacks occur. Modern interconnectedness provides an almost parallel approach that causes uncertainties, offers undermining methods to a nation’s security, and is more damaging than physical attacks.
Cyber-attacks scope on towns and cities is now clearer from the hometown level. More than 70 percent of ransomware attacks in the U.S. are targeted at local and state governments (Muggah and Goodman, 2019). Cybercriminals are deploying distributed service denial attacks, ransomware, and associated off-the-shelf hacker tools that bugle and interrupt municipal networks. The digital arsenals threatening municipal networks are sourced from the deep web with fully automated weapons resulting in continuous attacks on local governments.
References
Bandler, J., & Merzon, A. (2020). Cybercrime investigations: A comprehensive resource for everyone. CRC Press.
Muggah, R., & Goodman, M. (2019). Our cities are under cyberattack. Here’s why – and what they should do about it. World Economic Forum. Web.
Advancements in technology hinder numerous aspects in their essence, possessing both positive and negative influence on the sphere of cyberspace. Various modern developments offer substantial advantages to the authorities and specialised agencies in designing robust strategies and tools directed at combating the issue of cybercrime. However, high computer misuse and fraud rates can be connected to the information technology improvements that serve as a ‘fertile ground’ for the crimes (Chawki, Darwish, Khan, & Tyagi, 2015, p. 4). Consequently, it is critical to investigate the issue of the ongoing expansion of digital platforms and tools and its relation to the emergence of electronic crimes in the UK. Statistical analysis of the data provided by the Office for National Statistics, the assessment of existing literature and designing of surveys with the authorities’ members can provide the foundation for the research.
Aims
To investigate the connection between rapid technological development and high rates of cybercrime and fraud in the UK.
To investigate the potential influence of technology advancements on the possibility to implement additional and more sophisticated security measures to decrease the level of cybercrime and fraud.
Objectives
To conduct a substantial literature review on the topic of cybercrime and fraud rates in the UK.
To analyse statistical data provided by the Office for National Statistics and set aside the trends in cybercrime and fraud within the last year.
To assess current protection, safety, and security measures undertaken by the authorities in the attempts to combat cybercrime and fraud.
To address the reasons behind high rates of cybercrime and fraudulent activities.
Why is This Research Worth Doing?
Technological developments rapidly enter numerous aspects of individuals’ lives and business operations, which creates a substantial ground for the emergence of related crimes. The active integration of information technology offers multiple advantages but, at the same time, hinders potential threats for the safety and trustworthiness of information and individuals. Technological proliferation has shaped the way individuals live and, as of 2013, there were more than 35 million Internet users in the UK (Holt, Bossler, & Seigried-Spellar, 2015). This number implicates the potential target audience for computer abuse. The global expansion of technological integration led “to the digitalisation of sensitive financial and government information,” as well as private data and the creation of massive databases (Holt & Bossler, 2015). In such a way, a foundation with numerous opportunities for both digital misuse growth and the implementation of new security measures exists in the field.
Another significant factor that points out the necessity of this research is the seriousness of potential cybercrime dangers. Digital space offers various possibilities for the commitment of electronic abuses, which highlights the need for “regulatory measures and policing in national strategies” (Lavorgna & Sergi, 2016, p. 171). It implies how severe the incidents can be and how much harm they can bring to society. Thus, cybercrime and fraud represent a critical issue and require careful assessment and the search for new ways to battle the problem.
Previous Work
Modern technology advancements help countries around the globe to enhance their network and communication exchange and utilise new ways of operations and strategies. Simultaneously, the innovations can be considered to be a trigger to the emergence of electronic crimes. According to Chawki et al. (2015), “the growth of global connectivity is inseparably tied to the development of contemporary cybercrime,” which can generate numerous violations within this sphere (p. 3). Moreover, data breaches and fraudulent activities have substantial costs for the victims and authorities. In such a way, e-commerce fraud and card and banking violations’ losses are increasing (Levi, Doig, Gundur, Wall, & Williams, 2015). This fact emphasises the connection between technological progress and the occurrence of distinctive types of computer misuse and fraud. Curiously, the virtual world with passwords and codes as a protection measure does not possess the same borders as the physical one (Viano, 2017). Thus, it increases the chances of criminal pervasion into the private or corporate space.
Moreover, the scholars highlight different opportunities offered by the convenience of various advancements. The British government has doubled spending on cybersecurity in attempts to combat the growing problem (McMurdie, 2016). The high expenditures imply the fact that the technological process facilitates computer misuse and fraud and needs more rigid attention. Besides, the reach of developments led to the growth of “avenues for engaging in criminal behaviour” (Willits & Nowacki, 2016, p. 105). It is possible to state that the improvements in the availability and expansion of services provided by technology have an impact on the increasing numbers of cybercrime.
Another significant aspect to cover is the adoption of advancements to fight electronic crimes and prevent fraudulent activities. In contrast to the fact that technology growth is directly related to criminal cases, different analytical and preventive tools and systems are designed with the help of developments. One of the instruments is the integration of advanced analytics technology that can point out what happened, why such behaviours are occurring and what it is doing to the operations (De Oliveira & Stickings, 2016). Moreover, it is crucial to understand the stages that the investigation and, as a result, the protection process should include. Such phases, as initiation, outcome, cybercrime execution stack, and law enforcement constitute the foundation for the integration of tools and strategies (Sun, Shih, & Hwang, 2015). Hence, incorporating progressive measures can build a defensive mechanism against illegal infiltration and help to manage the threats at different levels.
Thus, it is also essential to go through the policies and actions generated with the help of information technology and used to protect the online space from cybercrime. Digital developments made it possible to access the data using such tools as GPRS and EDGE (Gillespie, 2016). Consequently, it is vital to integrate legislation and specially-designed guarding procedures. The creation of the National Cyber Security Centre, which serves as “the centre of government expertise on cyber,” represents the attempt to respond to the emerging issue and tackle it (Saunders, 2017, p. 5). As a result, the authorities are concentrating their forces and professionals to come up with the most powerful strategies that will provide guidance, advice, and support for the computer misuse and fraud threat. Moreover, particular measures include the implementation of such standards as DMARC and DNS RPZ filtering (Saunders, 2017). Those provisions represent active utilisation of technology advancements aiming to protect the cyberspace from the attacks.
Design and Methods
This research will apply the combination of primary and secondary data as the foundation for the assessment, with the more significant part of work based on secondary sources. It is crucial to obtain the statistics on fraud and cybercrime provided by the Office for National Statistics. This source of information reflects the figures from the Crime Survey for England and Wales and Home Office police recorded crime incidents (Office for National Statistics, 2019). It will be possible to examine this information with the help of SPSS, R, and Microsoft Excel analytical tools. Each of that software can provide useful data and generate its graphical representation. Thus, an analysis of the rates of computer misuse and fraud in different areas and based on distinctive types of online abuse within the nation will be carried.
Besides, the research will undertake an assortment of secondary sources, such as scholarly journal articles and books related to the sphere of cybercrime, security, and legislation. The platforms for collecting the information will be Google Scholar, EBSCO, and JSTOR to ensure the reliability of the used resources. The used keywords will include ‘cybercrime,’ ‘fraud,’ ‘information technology’ and ‘UK.’ Additional search will also use such keys as ‘measures,’ ‘security,’ ‘digital crime’ and ‘criminal law.’ Through the investigation of those resources, in combination with the findings from statistical analysis, it will be possible to meet the study’s aims and objectives.
Another part of the research will implement a collection of primary data if obtaining permission. Generating a survey aimed at questioning national agencies on the strategies that they utilise and on their view on information technology can offer additional information. It is crucial to gain informed consent with the participants of the survey and ensure the protection of anonymity and confidentiality if requested. Linking the findings from the questionnaire to the secondary data can provide a greater picture of cybercrime and fraud, its connection to the modern developments, and the existing and potential safety, security, and protection measures. The use of the mentioned resources implies the exploitation of both qualitative and quantitative research methods. Statistical analysis will generate numerical data, while an investigation of secondary information will deliver descriptive details on the issue. It is crucial to remember research limitations while doing a thorough findings’ assessment.
Ethical Considerations
The research will be undertaken in compliance with the British Society of Criminology’s (BSC) Code of Ethics. It is vital to use it as a foundation because it supports “reflective and responsible ethical practice in criminological research,” which is essential to the study (British Society of Criminology, 2015, p. 2). The primary focus of this work is gathering secondary data available in print or online versions, which implicates that the researchers will be mindful with information protection aspect. Besides, the BSC requires the citation of others’ ideas, regardless of the material’s status, and the check of reliability (British Society of Criminology, 2015). Personal facts will not be disclosed, all the information will be cited appropriately, and the study will employ only reliable sources. It is also critical to establish suitable relationships with the research’s sponsors. Maintaining good connections and seeking to clarify the obligations of those involved in the research is essential (Scott, 2018). Thus, considering all possible implication of the study is critical for compliance with ethical requirements.
The utilisation of primary data emphasises careful understanding of ethical considerations as well. The research should keep in mind that the study aims to eliminate any risk to the surveys’ participants. In such a way, based on the BSC’s Code of Ethics, the study will minimise any physical or psychological harm, or the devaluation of personal worth among the contributors (British Society of Criminology, 2015). Consequently, it is significant to ensure the sensitivity to all the ethical deliberations. A detailed analysis of those can be found in Appendix A. Besides, the research will be conducted objectively and without prejudices, where its discussion and conclusion are based on ethical standards.
Timetable
The research will be conducted on a part-time basis for six months and will include three primary stages.
First and second months:
Collecting the information from the Office for National Statistics;
Evaluating the statistical data with the help of analytical software;
Generating the proper questions for the survey for further distribution among the participants;
Ensuring the presence of all the ethical considerations for the collection of primary data.
Third and fourth months:
Searching for reliable sources;
Determining information that is most suitable to the research topic among the allocated resources;
Sending out the surveys to the participants.
Fifth and sixth months:
Analysing the findings from the surveys;
Compounding the results of the statistical analysis with the outcomes of the secondary data assessment;
Combining the discoveries from the primary sources with the information from secondary sources;
Outlining the limitations of the study;
Linking all the findings together and presenting them in a report form.
Resources & Costs
The greater part of the research will involve gathering the information that is available in print version or via the Internet. The Office for National Statistics provides statistical data at no cost. The utilisation of analytical software is also integrating free programs such as R and Microsoft Excel, and access to SPSS can be obtained with the help of the university. Hence, the collection of secondary data and an assessment of statistics do not imply any costs. Still, it is crucial to consider possible fees to gain access to the paid materials and to hire a specialist in a statistical evaluation for a more precise data evaluation. Thus, miscellaneous costs of £300 will be accounted for this part of the research.
The collection of primary data involves the costs for the design of necessary documents, such as informed consent, which may require a discussion with a lawyer to ensure the credibility and reliability of all aspects. Therefore, the required funding for this part of the study might need around £700 to hire the professionals who will design everything needed without the gaps. Consequently, the overall cost of the research will be £1000.
Chawki, M., Darwish, A., Khan, M. A., & Tyagi, S. (2015). Cybercrime, digital forensics and jurisdiction. Cham, Switzerland: Springer.
De Oliveira, I. S., & Stickings, A. (2016). Financial institutions and cybercrime: Threats, challenges and opportunities. RUSI News brief: Cybercrime, 36(4), 17-19.
Gillespie, A. A. (2016). Cybercrime: Key issues and debates. New York, NY: Routledge.
Holt, T. J., & Bossler, A. M. (2015). Cybercrime in progress: Theory and prevention of technology-enabled offences. New York, NY: Routledge.
Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K. C. (2015). Cybercrime and digital forensics: An introduction. New York, NY: Routledge.
Lavorgna, A., & Sergi, A. (2016). Serious, therefore organised? A critique of the emerging “cyber-organised crime” rhetoric in the United Kingdom. International Journal of Cyber Criminology, 10(2), 170-187.
McMurdie, C. (2016). The cybercrime landscape and our policing response. Journal of Cyber Policy, 1(1), 85-93.
Office for National statistics. (2019). Crime in England and Wales: Additional tables on fraud and cybercrime. Web.
Saunders, J. (2017). Tackling cybercrime–the UK response. Journal of Cyber Policy, 2(1), 4-15.
Scott, D. (2018). The politics and ethics of criminological research. In P. Davies & P. Francies (Eds.), Doing criminological research (pp. 137-160). London, UK: SAGE.
Sun, J. R., Shih, M. L., & Hwang, M. S. (2015). A Survey of digital evidences forensic and cybercrime investigation procedure. IJ Network Security, 17(5), 497-509.
Viano, E. C. (2017). Cybercrime: Definition, typology and criminalisation. In E. C. Viano (Ed.), Cybercrime, organised crime, and societal responses: International Approaches (pp. 3-22). Cham, Switzerland: Springer.
Willits, D., & Nowacki, J. (2016). The use of specialised cybercrime policing units: An organisational analysis. Criminal justice studies, 29(2), 105-124.
In an era of global digitalization of all aspects of life, cybersecurity is of particular importance. The digital and economic wellbeing of citizens, social stability, and trust on the Internet depend on how well-developed the cyber security framework is. However, cybercrime is not uncommon for today’s users, and the number of various schemes to defraud and extort money through social engineering and computer programs are actively growing. This research paper aims to shed light on the phenomenology of cybersecurity and cybercrime as part of this security breach.
Cybersecurity: Definition
Cybersecurity, while a modern term, still does not have an unambiguous definition that fully encompasses all aspects of the phenomenon. For example, the U.S. National Cyber Security Agency defines the term as the art of protecting networks and devices from unauthorized access to them (CISA, 2021). In this interpretation, the philosophy of privacy of personal, commercial, and strategic data on which cybersecurity is built is clearly visible. Von Solms (2021) shows that cybersecurity applies mainly to the domain of the Internet, only within which the term makes sense. Meanwhile, one should not assume that cybersecurity is the prerogative of technicians and software engineers only since the consequences of a breach will affect the entire business or private life of those not associated with the world of IT technology. Consequently, as Dodson (2018) postulates in his presentation, cybersecurity issues are essential to all people and business industries. Notably, cybersecurity is not stable and is constantly moving toward improving security tools. For example, Geluvaraj et al. (2019) report that integrating artificial intelligence techniques into cybersecurity practices will lead to promising discoveries and a qualitative change in the agenda. Taking all of the above into account, it becomes possible to draw a generalized conclusion about what exactly cybersecurity is. Thus, cybersecurity should be understood as part of the discipline of information security and activities aimed at preventive protection of mobile networks and devices against intentional or unintentional hacking.
Notably, cybersecurity has long-lasting significance for the individual and for business, as its breach can become a critical threat. Thus, it is safe to say that cybersecurity aims to protect private data, money, and reputation from access by people who should not have that access. For example, if large corporations typically have a system for allocating access so that a person with lower levels of access is never authorized to access strategically important company data (Reynolds, 2019). Cybersecurity protections are implemented not only internally but also externally, which protects private data from any hacking and phishing attacks.
Types of Cybersecurity
As with the different definitions, there is no single classification that reflects all the different forms of cybersecurity. However, the following four types of this phenomenon can cover all aspects as broadly as possible. Thus, the first type is network cybersecurity, whose framework is designed to protect computers from external attacks carried out within the network. This includes attacks on email as a result of phishing, where clicking on third-party links drops a virus on the user’s device. In fact, this is the most common type of cybersecurity with which this phenomenon is traditionally associated in general. Network cybersecurity is implemented with many barriers and filters, and one of the primary ones is the firewall, a system utility to control the traffic that passes through.
The second type is cloud-based cybersecurity, which is designed to protect the digital assets of users or companies that are online. One of the most prominent examples where this type of security is most needed is Netflix, which allows cloud streaming of thousands of media titles, essentially the company’s digital assets. Unauthorized access to movies and shows would lead to theft and piracy of what the company gets paid for, so cloud-based cybersecurity proves critical. This includes any files that the average user stores on virtual cloud drives, whether iCloud or Google Drive. Security when using apps is another type of cybersecurity. In this context, responsible developers create mobile platforms and apps that protect the user’s personal data and prevent third-party programs from accessing content. This can be accomplished through built-in security systems and password-protected access to the app, including two-factor authentication.
The three types of cybersecurity discussed earlier were aimed at providing preventive measures against attackers. However, if data has already been compromised, and especially if the data belongs to large organizations, the type of operational cybersecurity is implemented, acting urgently and ex post facto. Operational cybersecurity is needed to minimize the damage from a hacker attack and, if possible, regain access to the data. This includes working to ensure backup plans and creating reinforced encryption of employee data.
Cybercrime: Definition
No matter how much the cybersecurity framework is developed, however, it will never be enough to guarantee one hundred percent protection from hacking. Cybercrime will always exist and evolve because, as Bhatia (2019) said, “without a cyber-attack, the concept of cybersecurity cannot exist” (p. 55). Cybercrime is interpreted in different ways, and among its definitions, one can find that cybercrime is any form of crime that is committed through the use of a computer (Panda Security, 2021). An interesting perspective on cybercrime is found in Collier et al. (2021), who pointed out that the decision to engage in virtual crime often involves a sense of boredom. An important property is highlighted by Sarre et al. (2018), who pointed out that cybercrime remains a serious societal problem requiring urgent action by law enforcement orders. The synthesis of everything described leads to the conclusion that cybercrime is, in general, any crime that is committed in an information technology environment.
In fact, everyone has once faced the manifestations of cybercrime, losing money, some of their data, or information that they do not want to share. Hacks in social networks happen quite often, and quite a few modern users have already been trained in the basics of online behavior so as not to become a victim of fraud. Meanwhile, the number of virtual crimes is proliferating, as is the number of ways in which cybercriminals defraud users. For example, data reports that 93.6% of malware could easily adapt so that built-in security systems do not detect their code (Zaharia, 2021). In addition, it is predicted that by 2023, more than 33 billion accounts, four times the world’s population, will be compromised (Vojinovic, 2019). Consequently, multiple cybersecurity threats continue to be relevant and are unlikely ever completely to disappear; instead, they will continue to improve and adapt continually.
Types of Cybercrimes
Cybercrimes can be roughly divided into two groups: those aimed at devices and those aimed at seizing private data. The first type of threat includes any attack by hackers whose aim is to render a computer device inoperable in order to extort it. The price to pay for unlocking a device can be money or personal data; only after transferring them can the scammers unlock the user’s computer if they want to. This category of cybercrime includes viruses, malware, and DoS attacks (Panda Security, 2021). Interestingly, comparatively recently, this category has been able to add another threat, namely hidden cryptocurrency mining on the user’s computer (Nadeau, 2021). This type of crime may seem harmless to individuals because it does not steal data, but instead, the planted beacon steals the user’s traffic and the computing power of the device in order to covertly mine cryptocurrency. The user notices a dramatic decrease in the functionality of their computer and a constant cooling system, even when the computer is not performing resource-intensive tasks.
The second category of cybercrime includes any programs and actions designed to compromise. Specifically, this includes social engineering, phishing emails, identity theft, and cyberbullying. Such threats are not only aimed at siphoning money from a user or company but may also be aimed at committing physical crimes based on the material received. Cyberbullying is a susceptible sector in this category, as it aims at depressing the mental wellbeing of individuals, which can lead to tragic consequences in real life.
Conclusion
To summarize, cybersecurity is one of the most important feature of today’s Internet-dependent civilization, investing in the protection of virtual personal data. The digitalization of almost all areas of life catalyzes the need to protect this data. However, cybersecurity is not absolute, as there is always the threat of cybercrime. Such virtual crimes have consequences beyond the Web, so cybersecurity is constantly developing new defense techniques.
References
Bhatia, D. (2019). Do you think cybersecurity is a new concept? Think again…. Cybernomics, 1(7), 55-56.
CISA. (2019). Security tip (ST04-001). Department of Homeland Security. Web.
Collier, B., Clayton, R., Hutchings, A., & Thomas, D. (2021). Cybercrime is (often) boring: infrastructure and alienation in a deviant subculture. The British Journal of Criminology, 61(5), 1-9.
Dodson, D. (2018). Cybersecurity: Is it about business or technology? Usenix. Web.
Geluvaraj, B., Satwik, P. M., & Kumar, T. A. (2019). The future of cybersecurity: Major role of artificial intelligence, machine learning, and deep learning in cyberspace. International Conference on Computer Networks and Communication Technologies, 739-747.
Nadeau, M. (2021). Cryptojacking explained: How to prevent, detect, and recover from it. CSO. Web.
Panda Security. (2021). Types of cybercrime. Panda. Web.
Reynolds, M. (2019). How to define access levels in access control systems. DGA. Web.
Sarre, R., Lau, L. Y. C., & Chang, L. Y. (2018). Responding to cybercrime: Current trends. Police Practice and Research, 19(6), 515-518.
Vojinovic, I. (2019). More than 70 cybercrime statistics – Soon to be a $6 trillion problem. Dataprot. Web.
von Solms, B. (2018). Cybersecurity and information security – what goes where? Information & Computer Security, 1-10.
Zaharia, A. (2021). 300+ terrifying cybercrime and cybersecurity statistics (2022 edition). CompariTech. Web.
Over the past decades, virtual space has changed the way people live and do daily business. The Internet has changed the way people communicate, and for many businesses and organizations, the way they work has changed. In today’s business environment, if an organization does not have any kind of internet presence, it risks being left behind its competitors as advanced technology continues to evolve.
Cybersecurity Threats
Phishing remains the main method of infiltrating corporate infrastructure, accounting for a large percentage of attacks. Also, there are security threats to IoT devices, deepfakes, malicious ads, cyber attacks from social networks, and many other threats (Narwal et al., 2019). Therefore, the virtual space at the current stage of development is not completely safe.
Most Recent Threats
Artificial Intelligence (AI)
AI adoption can greatly simplify many of the day-to-day tasks faced by cybersecurity teams. Recently, there has been exponential growth in the amount of data processed in various systems (Narwal et al., 2019). There is a growing trend toward the use of artificial intelligence and machine learning technologies by cybercriminals to search for vulnerabilities, implement phishing attacks, bypass biometric authentication and protection, create malicious software, and guess passwords.
Cryptojacking and Cloud Data Leaks
Cryptojacking is a trend in which cybercriminals take over the home or work computers of third parties in order to “mine” cryptocurrency. Mining cryptocurrencies requires massive computing power. Therefore, hackers can make money by copying other people’s systems (Carlin et al., 2019). Additionally, the pandemic has forced organizations to do everything on the basis of the cloud due to its significant advantages, such as full visibility and control over data, cost savings, reliability, mobility, etc. At the same time, even protection does not provide complete security.
Threat Actors
The common categories of threat actors include cyber terrorists, script kiddies, organized cybercriminals, state-sponsored threat agents, inside agents and bad actors, human error, and hacktivists. To build a safe system, an analysis of possible threat actors is used. Phishing is an entry point for them; thereafter, techniques and tactics are used, including continued phishing beaconing, long-term persistence, and reconnaissance (Dobrowolski et al., 2020). These days, they can use remote work, cloud systems, less secure mobile payment systems, social media, and many other unsecured structures to penetrate the virtual space.
APT12 Analysis
One of the cyber groups is a Chinese cyber espionage group known as DynCalc, DNSCALC, XESHE, or simply APT12. The organization has used recognized malware such as phishing emails, HIGHTIDE, THREEBYTE, and WATERSPOUT in its malicious campaigns. Each of this malware became more and more advanced versions, which is difficult to track and control. There was a slight hiatus in the activities of the organization, but now it is active again. Moreover, this group targets organizations in China and Taiwan (Moran & Oppenheim, 2018). The APT12 group successfully achieves its goals, as its attacks and malware are noted in many organizations. Thus, in the modern world, there are organizations that have been presented in the cybercrime market for many years but continue to conduct attacks.
Cybersecurity Tools, Tactics, Procedures
The reliable and secure operation of data transmission networks, computer systems, and mobile devices is an essential condition for the functioning of the state and maintaining the economic stability of society. The safety of key public information systems is influenced by the use of hardware and software, including semiconductor technologies, removable hardware, dark web monitoring, antivirus software, encryption, and penetration testing. All of these technologies can be used in in-depth defense to create multiple layers of security.
Tools Versus APT 12
Today, the Internet is not a particularly safe place. This is due to the fact that the Internet is a public open system in which data moves uncontrollably and can be discovered, intercepted, or stolen if the correct knowledge of the equipment is applied. This state of affairs is troubling, especially when sensitive data such as personal or financial information is transmitted over the Internet.
Machine Learning Against Cybersecurity
Advances in machine learning in recent years have allowed the creation of a huge number of applications such as applied data analysis, threats, malware detection, and removal. This can help the world in the fight against cybersecurity, for example, by quickly analyzing codes and finding errors in them (Handa et al., 2019). The solution to many problems is provided by Darktrace. Each enterprise, offer a personal “immune system” that analyzes the flow of information within the company and looks for various kinds of vulnerabilities. The clients of this company are giants such as eBay, Samsung, and Micron. If machine learning were used in APT12 attacks, it could make it possible to find anomalies in the patterns of user and device behavior and promptly recognize and block the attack. None of the APT12 case studies described indicate that organizations have used machine learning.
Conclusion
In conclusion, the modern world is susceptible to various types of cyberattacks. There are criminal groups that wield power to harm organizations or even states. At the same time, new solutions steadily appear, the application of which can help to deal with virtual crime. Since people these days are very curious about the online space, it is important to make their presence in it beneficial and safe.
Handa, A., Sharma, A., & Shukla, S. K. (2019). Machine learning in cybersecurity: A review.Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 9(4), e1306. Web.
With the progressive advances in technology, incidences of cybercrimes are also on the rise. Preventing these cybercrimes requires organizations to develop knowledge that can help them form psychological profiles of the perpetuators of these crimes.
This would subsequently help organizations install appropriate controls in order to effectively deal with cybercrimes.
It is the lack of effective controls that accounts for most hacking incidences, as depicted by the case of Gary McKinnon who was able to gain unauthorized access to NASA and pentagon systems, deleting crucial data that grounded their operations.
Introduction
Cybercrimes are criminal activities that target computer and networks such as electronic hacking and denial of service. Cybercrimes have become increasingly rampant in today’s world, despite many advances that have been made in improving security systems (Turkle, 2000).
The trend that is observed nowadays is that of a global hacking culture, which is often highly collaborative compared to what is considered to be the previous subculture.
Hackers are generally regarded as anti-social technophiles whose core motive is mischief and malice. It is estimated that worldwide, hacking activities amount to more than $10 billion each year, while damages arising from these activities are in excess of $100 billion annually (Wall, 2008).
Incidents of cybercrimes have also increased with the exponential growth in internet access across the world.
Similarly, technical skills related to computing have increased, resulting into emergence of skilled programmers, some of whom engage in the development of malicious software and unauthorized intrusion into systems for various reasons.
Just like other criminals, cybercriminals can be motivated by a number of reasons such as doing an espionage looking for military secrets, system vulnerabilities, and economic benefits or trying to reverse engineer their way into vital infrastructure (Wall, 2008).
Other motivations may appear trivial, such as searching for passwords, system user identity, dates, and contacts, information that may often be used in unprecedented ways.
Hacking may also take the form of hacktivism, an internet vigilantism that involves hacking systems to advance a political cause (Campbell & Kennedy, 2009).
Motivations for hacking
Hacking for entertainment motives has been demonstrated particularly among young people. A great majority of hackers are also motivated by economic benefits, including embezzlement, corporate espionage and acting as agents for hire. The need to revenge is also a common motivator for cybercriminals.
Some people vent their emotional anger by hacking into systems with the intent of damaging systems or causing a complete denial-of service attack. There also exist social motivations to cybercrimes, whereby a hacker may break into a system to show off their capabilities to their peers or to gain attention from authority.
These socially motivated hackers claim to seek knowledge, discover new things, or be driven by the need to be the first ones to find a particular weakness in a system (Campbell & Kennedy, 2009).
Some hackers perceive that the cyberspace should be a level playground and advocate for free information. These hackers harbor sentiments against transnational organizations and governments in the cyberspace.
Thus, they seek to make the cyberspace an unlimited and deregulated entity by breaking into systems and disclosing computer passwords. Politically motivated cybercriminals, hacktivists, are people with political agendas who are oriented to extremist beliefs.
These people resort to hacking systems to spread their propaganda or pass their messages, often severely disabling systems of those who are opposed to their beliefs. They can engage in cybercrimes to generate funds for their cause.
Though it is the rarest motivator for cybercrimes, psychiatric and personality disorders have been recognized as the most dangerous cybercriminals.
Some hackers have been shown to suffer from conditions such as schizophrenia, depression and mania conditions that make such hackers feel detached from the society (Campbell & Kennedy, 2009).
Hacking of the Pentagon by Gary McKinnon
Gary McKinnon is perhaps one of the most popular hackers in the world, after confessing to unlawfully gaining access to computers at NASA and the Pentagon by capitalizing on security glitches in Microsoft’s operating system.
McKinnon, an unemployed computer systems administrator, hacked into computers belonging to private companies, NASA and the pentagon in 2001 and 2002.
McKinnon boasted to have scanned a lot of military computers, and he was surprised at the ease with which he gained entry since many of the computers had auto passwords while others apparently had no passwords installed.
McKinnon’s crime activities were identified as he attempted to download a picture he believed to be an alien spacecraft from NASA. This allegedly compromised the United States computer networks, causing computer damages and a loss of more than $800,000.
Further, McKinnon left messages on the hacked computers, which made fun of the security systems and criticized the United States’ foreign policy (Fisher, 2007).
While the United States perceived McKinnon’s cybercrime activities as terrorism related, his supporters argued that MacKinnon’s motivations for hacking are odd.
Supporters of McKinnon were of the opinion that McKinnon was a lone eccentric whose interest was merely an obsession to obtain information about UFOs and the United States’ secrets concerning alternative forms of energy (Fisher, 2007).
While confessing to his crime, Gary McKinnon said that he was mainly driven by his interest in UFOs, which dates back to his childhood years. His interest was to infringe on the security system of the pentagon and NASA to gain evidence of unidentified flying objects’ activity.
McKinnon believed that the NASA and the Pentagon kept secret crucial information concerning free energy suppression and unidentified flying objects’ activity.
Being jobless and bored, McKinnon spent a huge proportion of his time on the computer attempting to unravel his childhood interest concerning unidentified flying objects.
It was in the process of pursuing his interest that he found his way into the United States networks and was taken back at the ease of access (The Telegraph, 2009). He realized that the networks lacked firewalls and most government employees had no passwords for their computers.
It is alleged that McKinnon gained administrator privileges on various NASA and Pentagon computers, after which he utilized that access to manipulate user accounts. This enabled him to control the systems remotely.
Upon committing this crime, Gary McKinnon never made attempts to cover his tracks, but rather he readily confessed to have hacked into the system when he was traced.
Unidentified flying objects are objects believed to originate from space or other planets. People are generally interested in these unidentified flying objects because they believe that they are the key to unraveling mysteries surrounding the universe, forms of life in other planets and their origin.
Both the public and scientific community harbor interests about unidentified flying objects as they belief that these objects are controlled by some forces from space. To a majority of the public, unidentified flying objects do exist, and are best kept secret in the scientific community and the military (Ruppelt, 2011).
Motivations of Gary McKinnon
Gary McKinnon’s motivations seem to arise out of boredom and curiosity. At the time of committing his crime, McKinnon was not employed. Out of boredom, he decided to search for information about unidentified flying objects and alternative forms of energy.
McKinnon believed that the United States had some information related to extraterrestrial life forms and technology. Therefore, he took his time to gain the evidence by hacking into computer networks.
In targeting the NASA and Pentagon computers, McKinnon must have been inspired by film war-games he had watched as a child about a young man who accessed Pentagon secrets, almost triggering a war.
According to McKinnon, the United States was keeping vital information regarding technology related to unidentified flying objects, anti-gravity and free energy, which it had obtained through reverse engineering and ought to release the information to help humanity as alternative sources of energy.
McKinnon also says he had no malicious intent, except unraveling the secrets about unidentified flying objects and extraterrestrial life forms. McKinnon’s form of motivation can be said to be intrinsic since he reported to have experienced full engagement and he sought no reward (The Telegraph, 2009).
McKinnon’s personality
Cybercriminals are often thought to have narcissistic oriented traits as demonstrated by the comments they leave on the systems after breaking into them.
Hackers often leave bragging comments or their names on the web pages, an attribute considered as intended to gain admiration from other hackers and informing the media (Wall, 2008).
Gary McKinnon can also be said to have those narcissistic traits, considering the sarcastic nature of comments he left on the military website, his identity and promise to continue hacking into the system.
As a child, McKinnon was described by his mother as having phobia for traveling and had obsession with natural bodies and planets. McKinnon was suffering from ‘Asperger’s Syndrome’. Asperger’s Syndrome is a form of autism that is very rare.
Individuals with this syndrome are often very intelligent and have a great understanding of complex systems. Nevertheless, sufferers have problems in deciphering social cues and the consequences of their often obsessive behavior.
It is suggested by McKinnon’s supporters that this syndrome may have been the reason for his cybercrime activities (The Telegraph, 2009). It can, therefore, be deduced that McKinnon’s criminal activity may in part have some psychiatric and personality dimensions.
Identifying potential hackers
Understanding an individual’s intention and motivation to hack into a system requires detailed knowledge of their background, psychology, personality characteristics, and social environments.
A significant number of hackers have been shown to be motivated to break into systems by reasons beyond financial gains, such as fraud or theft. In addition, most hackers who intrude into systems claiming to be testing the security system often do not own personal systems.
This, therefore, requires profiling of hackers to establish their motivations. Organizations can be able to prevent further cybercrimes by learning to identify personal characteristics of the hackers.
Most hackers have characteristics that reflect their capabilities. Organizations can, therefore, utilize these psychological profiles to determine the type of firewall to be put in their systems (Campbell & Kennedy, 2009).
How Organization Should Defend against Hacking
Cybercrimes continue to be very costly, and the costs are proportional to organizational size. These cybercrimes threaten technological developments and integrity of systems, and even human lives (West, 2009).
The basic strategies towards reducing the risk of security breaches on computer and data networks as witnessed in McKinnon’s case include the use of an encryption system, implementation of adequate controls on data storage and access, and creating backups of data off-sites.
Establishing the motivation, psychological and personality traits of the hackers could be helpful in understanding the nature of the problem. This can help in development of appropriate strategies to reduce cybercrimes (Campbell & Kennedy, 2009).
Using encryption system
Though passwords can help enhance the security of an organization’s computer networks, they are not sufficient in ensuring that privacy of the data is maintained.
There is, therefore, need for organizations to use encryption systems particular for sensitive information. Encryption systems ensure that only individuals with the appropriate electronic key gain access to the stored information (West, 2009).
Instituting controls on data storage and access
It is suggested that approximately 90 per cent of security breaches in organizations arise from the failure to implement simple and easily installable controls (West, 2009). This was the scenario with the NASA and Pentagon systems when McKinnon hacked their system.
McKinnon also reports to have found a lot of hackers from different countries, like China, Australia and Canada who had broken into the system (The Telegraph, 2009). This would not have happened had the Pentagon and NASA put in place adequate controls in their systems.
Organizations, therefore, need to design and implement policies that are clear and auditable on their computer networks to protect them from being manipulated and misused by unauthorized users, be they insiders or outsiders.
These controls can be firewalls or antivirus systems designed to control unauthorized access to an organization’s network or manipulation of data.
Organizations must ensure that the antivirus software installed in their systems is reliable and updated, while the employees should be sufficiently trained to use the software. Placing a firewall in the system could be helpful in keeping the hackers away from accessing the system.
A firewall helps protect the system by blocking any communication from unauthorized sources. Firewalls also help prevent hackers from remotely logging into an organization’s system by blocking them from viewing or accessing files or manipulating the system’s programs.
Organizations can prevent hacking by ensuring that their systems have functional network firewall, and any activities available are carefully monitored for potential security exposures (West, 2009).
Creating back-ups
Creating and retaining back-ups, preferably at a different location, could serve to reduce the extent of data damage in case of hacking. Back-ups help prevent large-scale data loss or manipulation following security breach (West, 2009).
According to the allegations leveled against McKinnon by the United States, McKinnon deleted a lot of data, which crippled some military operations for almost two days.
In the absence of backups, the operations of organizations may become grounded for a long time due to cybercrime activities, making them incur a lot of losses.
Regular audit of security systems
Organizations should perform a through audit of their computer systems and keep them updated in order to keep off the hackers. This is because hackers are always sharpening their skills and coming up with new ways of circumnavigating the security systems (West, 2009).
It is recognized that hackers like McKinnon utilize system vulnerabilities as a result of organizations using old operating systems with known weaknesses.
Conclusion
Psychological profiling is a significant way of preventing cybercrimes. This is because it helps in understanding various aspects of the perpetrators of the crime such as personality and motivations.
This could subsequently equip organizations with the capabilities to identify the threat and institute appropriate level of control in their system. McKinnon’s hacking event could have been prevented if Pentagon and NASA had implemented appropriate system security measures.
References
Campbell, Q., & Kennedy, D. M. (2009). ‘The psychology of computer criminals’, In Bosworth, et al. (Eds.), Computer security handbook. New York, NY: John Wiley & Sons.
Fisher, P. (2007). Gary McKinnon. SC Magazine for IT Security Professionals. p. 38. Web.
Ruppelt, E. D. (2011). The report on identified flying objects: The original 1956 edition. New York, NY: Cosimo Inc.
Turkle, P. (2000). Hackers: Crime in the digital sublime. London: Routledge.
Wall, D. S. (2008). Cybercrimes, media and insecurity: The shaping of public perceptions of cybercrime. International Review of Law Computers & Technology, 22(1-2): 45-63.
West, M. (2009). ‘Preventing system intrusions’, In J. R. Vacca (ed.) Computer and Information security handbook. Amsterdam: Elsevier.
Cyber crime is a growing global problem. Despite intense efforts by law enforcement officers to stop the practice, cyber crime continues to spread. Brenner (2010) says that partly, the growth of cyber crime stems from the extra-territorial nature of the practice. On the contrary, Wall (2007) argues that the growth of cyber crime mainly stems from the changing nature of such crimes. The abuse of new technology has also led to the spread of this practice. Consequently, there have been rising numbers of cyber attacks in the United Kingdom (UK) and the United States (US). These countries have reported cyber crimes for many years and despite the increased attempts to curb their spread, they continue to increase. Loader (2012) reports that developed countries, which do not have an established internet connection also, report increased incidences of cyber crime.
The American government has taken cyber security with utmost importance. In fact, the US Homeland Security considers America as a thriving ground for cyber crimes. This is because America is not only a victim of such attacks, but also the source of most attacks (Schell 2004). The Anti-Phishing Working Group recently produced new statics that show the growth of cyber crimes within the past year (Chik 2012). Increased awareness of cyber crime in the UK and America has largely informed the rise in the number of cyber crime litigation in both countries. However, most of these litigations do not have a common legislative basis.
This paper explores the nature of cyber crime in the context of the law of defence (in the US and the UK). From this analysis, this paper highlights the legal underpinnings of UK and US laws on self-defence. A lot of emphasis is made to compare the application of the law of defence on cyber crime, viz-a-viz the application of the same laws in the “physical world.” In this regard, this paper explores the law of defence (as outlined by the UN), the right to bear arms, and the implications of these laws in the cyberspace.
UK and US Laws on Cyber Crime
America
Since federal and state governments govern American states, the process of formulating laws divides between the state and federal governments. Usually, state laws are more applicable to cyber crime, unless there is a special situation where there is a need for Federal intervention (Chik 2012). For example, when cyber crime threatens national security, Federal cyber laws may apply. Alternatively, when the prevention of cyber crime requires the uniform application of law, the Federal government may intervene in the formulation (or enforcement) of such laws. Therefore, because of the distributed functions of state and federal governments, both governments have contributed in the formulation and enforcement of cyber law.
Nonetheless, because of the political differences in America, every state formulates and enforces their laws. There is therefore no legal requirement for all American states to adopt uniform laws (Chik 2012).
UK
Specific legislations on cyber crime in Europe inform UK’s cyber laws. Indeed, there is a close relationship between Europe’s public policy on self-defence and UK’s legislations on the same. For example, the UK is subject to cyber crime legislations, as formulated by Council of Europe (CoE). Therefore, the provisions of self-defence laws (under the convention) are applicable in the UK, as they are applicable in other European countries (that are signatories to the convention). The close historical, geographic, and economic relation between UK and Europe inform the close interconnection between the UK and Europe’s cyber laws.
Nonetheless, the most common law governing cyber crime in the UK is the Computer Misuse Act of 1990 (Securelist 2012). The government has however updated this act with newer and stiffer penalties. The quest to update this law came from the inadequacies of existing laws to curb hacking activities within the UK. More so, this issue came into sharp focus when previously existing legislations failed to convict Stephen Gold and Robert Schifreen for gaining unauthorised access to a UK organisation, BT Prestel services. Because of the inadequacy of the law to convict the two suspects, the court acquitted them.
The Right of Defence
Normally, every country has a right to defend its people against any form of attack. However, technological advancements have introduced a new form of attack, which contravenes the conventional wisdom regarding the right to defend a country. The cyberspace is the platform where conventional rules of self-defence have been broken (Arsene 2012). However, as Moore (2010) observes, several countries still adopt a conventional approach to prevent cyber attacks. For example, the US uses the military to defend the country against cyber attacks. Arsene (2012) questions the justification for doing so, because there are many risks associated with adopting a military approach to defending a country against cyber attacks.
One risk is the overlap of self-defence and conventional space defence strategies. In other words, militarising cyber security may take a war-like approach, which should not be the case. Therefore, while conventional wisdom may approve the use of force in conventional space, the use of force as a right to self-defence may not work in the cyber world. Therefore, even though a cyber attack may manifest the same characteristics as a conventional attack, responding to such an attack with force may be unlawful (Arsene 2012).
People often compare the self-defence law to the English law. Researchers say this law is part of private defence because it allows for the use of illegal means to prevent an attack (or protect a country from harm) (Himma 2008). In Britain, this law stems from the common law and the criminal law act of 1967 (Samaha 2005). One common principle of self-defence rules focus on the use of reasonable force to prevent an attack. Therefore, from the nature of the law, self-defence is more of a justification as opposed to an excuse (Scheb 2011, p. 417).
Globally, the right of self-defence in cyber attacks is still an unresolved issue. Indeed, because of some complexities identified when comparing cyber attacks with conventional attacks, it is difficult for countries to exercise (blindly) their right to self-defence without considering the unique dynamics of cyber attacks (Committee on Deterring Cyber attacks 2010, p. 163).
The UK and the US share the same approach to cyber attacks. Both countries propose the use of force when cyber attacks result in death, injury, harm, or destruction of property. However, the US has been most vocal about this provision. In fact, there are loud calls in the US to treat cyber attacks like “ordinary” attacks if they cause death or property destruction. The US Defence Department claims that it will not hesitate to use force to defend itself against cyber attacks that can kill, destroy property, or harm its people.
The Right of Defence as Per the UN Law and Proportionality of Response
Article 2 (4) of the UN charter describes situations when countries can use force for self-defence (Ellen 2012). The clause discourages the use of force as a means to solve international conflicts, but it approves it when states need to defend themselves from external aggression. Article 51 of the UN charter stipulates this provision (Ellen 2012). Many people have interpreted the provisions of this charter to either support or oppose the use of force as a self-defence mechanism in cyberspace attacks (Jasper 2012). Here, the main dilemma centres on whether to use force, even when there is no armed attack (like in the cyberspace). Some analysts have approved the use of force in such situations, while others deny the use of force (Ellen 2012).
Because of the dilemma caused by the application of Article 51 (the use of force as a self-defence mechanism), the International Court of Justice has been forced to interpret the use of force as a self-defence mechanism. Milhorn (2007) explains the court’s ruling by demonstrating that the use of force as a self-defence mechanism only applies to situations where there is significant and the real threat of a country. The charter also stipulates that the use of force only apply to the specific country that wants to defend itself (Ellen 2012). Moreover, the article says that the intention to defend the country using force should show a high probability of success. Lastly, the charter says that the force applied should be proportional to the damage suffered from the attack (Schiller 2010).
All the above stipulations are difficult to apply in the cyberspace. In fact, some observers say it is impossible to apply the above provisions in cyber crime (Wyler 2005). Usually, the complication arises when determining any direct loss of life (or any loss of property) that meets the conditions of triggering article 51. Broadly, it is often difficult to find the evidence that would trigger the activation of article 51.
The complications brought by the nature of cyber crime also pose a challenge to the implementation of article 51 of the UN charter because some cyber crimes are difficult to trace to one country. Moreover, even if a state traces the source of the attack to one country, they may not know the individual who is directing the attack (Wyler 2005). For example, an attacker may infiltrate innocent servers and use them to direct the attacks, as a zombie. Furthermore, trying to trace such attackers may consume a lot of time. Estonia and Iran provide examples of the difficulty of tracing attackers because even though the countries experienced cyber attacks a few years back, they have still been unable to know the real identity of the attackers.
Lastly, the main issue affecting the use of force (as stipulated in article 51 of the UN charter) rests on the need to prove proportionality and necessity (Himma 2008, p. 410). Besides the time-consuming nature of knowing the identity of attackers, it is also difficult to prove that allowing a counter-attack may achieve the objective of preventing the attack. Similarly, it is difficult to limit the effects on intended targets if a defensive attack occurs. From the strict circumstances that the UN allows defensive attacks, it is difficult to meet the criterion for launching an armed attack in cyber crime (Carr 2011, p. 50). Therefore, even though cyber attacks may interfere with a country’s economic sphere, air space, maritime space, and territorial integrity, it is difficult to depend on article 51 of the UN charter to justify defensive attacks on cyber crimes.
Right to Bear Arms
In the UK, the right to bear arms is part of the English common law. Scholars, such as, Aristotle and Machiavelli have also recognised this right as part of a person’s right to self-defence. Similarly, the US constitution also acknowledges the right to bear arms as part of self-defence laws. The same protection replicates in several state constitutions. Still in the US, the government introduced the right to bear arms as a second amendment to the bill of rights. In the UK, the common law tradition acknowledges the right to bear arms (Wyler 2005).
Parliamentary supremacy in the UK has however imposed many regulations to the right to bear arms. For example, the prerogative to control the right to bear arms shifted from the monarch to parliament. Notably, the Pistol act of 1903 was the main legislative provision that regulated the right to bear arms (Wyler 2005). The right to bear arms covers several weapons that are offensive to the law. Knives and firearms are the main weapons considered offensive by the UK law.
While the right to bear arms may be a critical part of self-defence law, its applicability in the cyberspace is impractical. Indeed, the right to bear arms aim to protect a person from a physical assault (or harm). However, attacks in the cyber world are intangible. Similarly, as other situations described in this paper, it is difficult to know the attacker. Therefore, it is equally difficult to apply the right to bear arms as a means to protect a person from cyberspace attacks.
Case Studies
First Case Study
Cyber space security poses unique challenges to the application of self-defence laws. For example, when two people share organisational resources through open port access, it is difficult to establish the legal justification for using self-defence legal provisions if an attacker tries to infiltrate the cyber network. This situation is true when one party gives another party the authority to gain access to the organisation’s resources, and the second party responds to a security threat through the established connection. Technically, the second party would not be breaching the law because he responds to the attacker through an established connection.
In the above situation, it is difficult to establish the right legal framework for approaching the issue because the intention of the attacker is not established. If the second party knew the intention of the attacker, it would be easier to justify the action of the second party who acts in self-defence. This scenario elopes in the Computer misuse act, which seeks to establish the intention of the attacker (first) before any legal consequences are determined. Without knowing the intention of the attacker, it is difficult to establish that the law was broken.
An incident that occurred in the UK, in 2004, demonstrates the need to establish the intention of the attacker before castigating an attacker. Here, an organisation accused a teenager of destroying a server by sending millions of mails to the server (Ellen 2012). However, the court ruled that the defendant had not contravened the computer misuse act because his actions did not lead to any unauthorised changes to the information in the computers. The failure to prove the intention of the defendant proved to be the biggest weakness here. However, if the organisation could prove that the teenager changed the information in their servers, they would have established the intention of the attack and held the defendant liable for his actions. They however failed to do so.
The above case highlights the need to establish the intention of an attacker as he tries to gain access to the cyber network. With the absence of a determined intention from the attacker, it is difficult to justify a response to an enemy threat. Therefore, the existence of the intention to gain unauthorised access to a cyber attack does not provide sufficient ground to warrant a counter-attack. However, if the attacker went further and altered information on the servers, substantial grounds for a response would be sufficient to warrant a conviction.
Second Case Study
In a situation where an attacker declares that he is part of a wider network of global cyber commons, issues of self-defence also arise because if an attacker is part of the global cyber commons, he may install cookies into an organisation’s resources. Cookie installation poses significant threats to online privacy and security because an organisation’s resources could be availed to a third party, thereby compromising an organisation’s cyber safety. Indeed, through the installation of cookies, an attacker may easily access an organisation’s resources and use them to harm it. Bajaj (2012) says that the installation of cookies resembles the storage of an organisation’s resource in a central database where everyone can gain access to it. Moreover, an attacker may intercept an organisation’s traffic (through cookies sent on ordinary unencrypted Http sessions) and use the information acquired here to harm the organisation (Bajaj 2012). Therefore, even though an attacker may be part of the global cyber commons, he may pose significant threats to an organisation. These threats prompt organisations to defend themselves. Therefore, based on the severity and the possibility of such threats occurring, it is crucial for an organisation to defend itself from such risks. Stated differently, if a burglar enters a person’s house, the owner of the house has a right to defend himself.
However, the cyberspace (as part of the global cyber common) poses unique challenges to cyber security (and more specifically for issues of self-defence). Albeit an artificial one, Bajaj (2012) explains that the cyberspace is part of the global cyber commons. Therefore, like other national assets like the sea, oceans, land, and air, states need to protect the global cyber commons against any attack. However, unlike physical resources like land and oceans, the global cyber common does not have national borders. Therefore, except for a few strategies discussed in this report, it is very difficult to defend a country/organisation (completely) from attacks in the global cyber commons.
However, if an attacker declares that he is part of the global cyber commons and installs cookies in an organisation’s resource base, the law of self-defence applies because as a resource owner it is crucial to monitor the activities of every website visitor. Even though there may be significant flaws in comparing the cyberspace with the physical world, monitoring visitor activities on an organisation’s website resembles installing CCTV cameras to monitor shoppers’ activities in a supermarket. This is a critical safety measure of self-defence.
Nationally, states also protect their interest in the global commons because they understand the implications of the global cyber commons on national security and strategic interests (Bajaj 2012). This is especially more profound in the US. Therefore, protecting a nation’s interest in the cyber common network forms part of national defence. The same justifications, which countries use to protect their national interests in the cyber commons, outline the justification for the enforcement of self-defence laws to monitor visitors’ activities on an organisation’s website.
Different organisations have adopted different strategies for defending themselves against attacks from the global commons. One such strategy is the installation of filters to enforce censorship. However, none of these strategies provide absolute protection to an organisation because the protocols for gaining access to organisational resources are accessible from anywhere in the world. Therefore, different servers and networks can access company resources from different locations around the world. Broadly, the laws for defending an organisation/country against cyber attacks are still unrefined, but it is crucial to say, different countries and organisations continue to pursue the same strategy they would use when defending themselves against physical attacks.
Conclusion
Self-defence laws aim to protect people and organisations from injury, or harm. However, the changing technological nature of the environment has brought new challenges to the applicability of these laws. Often, the law has played catch up to cyberspace attacks and even developed countries are still grappling with the challenge of enforcing self-defence laws without contravening other laws. This paper demonstrates that the provision for the enforcement of self-defence laws pose unique challenges to the enforcement of the same laws in the cyber world. Therefore, albeit cyber attacks may bear the same characteristics of an armed attack, it is difficult for organisations to evoke self-defence laws, even as outlined by article 51 of the UN charter. Some of the unique challenges posed to the enforcement of self-defence laws in the cyber world include proportionality issues, the trans-national nature of cyber attacks, and the difficulty experienced in identifying the attacker.
Besides the above challenges, it is similarly difficult to invoke self-defence laws (at least in the conventional way) in cyber attacks because cyber attacks (often) do not lead to the direct loss of life. Therefore, there is a significant mismatch between the use of armed attacks (as a self-defence mechanism) because it is difficult to satisfy the conditions for approving armed attacks in the cyberspace.
This paper also highlights significant differences and similarities in the applicability of defence laws in the UK and the US. By the nature of their geography and distribution, both countries are subject to larger legislative provisions in cyber laws. For example, the UK is a signatory to European laws on cyber attacks, while cyber defence laws that the Federal government formulates also bind American states. Even though cyber defence laws continue to evolve in these countries, the English common law is the basis of their enforcement. In America, the bill of rights also plays a critical role in the enforcement of these laws. Nonetheless, throughout the analyses in this paper, there is a clear trend towards the militarisation of self-defence laws in cyberspace (especially in the US) (Greenwald 2012, p. 2). Analysts should treat this trend with a lot of caution because the militarisation of self-defence laws in the cyber world may fail to achieve the same objectives they would achieve in the “real” world. It is therefore pertinent for international and local laws to encompass the unique dynamics of cyberspace attacks. The introduction of a new set of laws to accommodate these dynamics may be a good start for many countries to address the unique challenges of the cyber world.
Brenner, S 2010, Cybercrime: Criminal Threats from Cyberspace, ABC-CLIO, New York.
Carr, J 2011, Inside Cyber Warfare: Mapping the Cyber Underworld, O’Reilly Media, Inc., New York.
Chik, W 2012, Challenges to Criminal Law Making in the New Global Information Society: A Critical Comparative Study of the Adequacies of Computer-Related Criminal Legislation in the United States, the United Kingdom and Singapore. Web.
Committee on Deterring Cyber attacks 2010, Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy, National Academies Press, New York.
Ellen, M 2012, ‘Cyber Security without Cyber War’, J Conflict Security Law, vol. 17 no. 2, pp. 187-209.
Himma, K 2008, The Handbook of Information and Computer Ethics, John Wiley & Sons, London.
Jasper, S 2012, Conflict and Cooperation in the Global Commons: A Comprehensive Approach for International Security, Georgetown University Press, Georgetown.
Loader, B 2012, Cybercrime: Security and Surveillance in the Information Age, Routledge, London.
Milhorn, T 2007, Cybercrime: How to Avoid Becoming a Victim, Universal-Publishers, New York.
Cybercrime refers to a crime of any kind that involves the combination of a network and a computer. Cyber-criminals use the computer to commit electronic crimes. The computer may also serve as a target for the criminals. Cybercrime is a threat to any organization as it avails private and confidential data to criminals. The criminals in turn use the data to destroy fundamental organizational structures such as databases, reputation and even steal assets such as money, electronically.
Discussion
Ignoring or paying insignificant attention to cybercrime can be very costly. For instance, the attack on Sony Pictures by hackers in December 2014 demonstrates how devastating cybercrime can be to any company (Durbin, 2015).
Cybercrime is a collective term that encompasses a host of electronic crimes such as email spoofing, hacking, data diddling, password sniffing, software piracy and denial of service. If the threat is not dealt with, every crime that constitutes a cybercrime could lead to a different form of damage to the organization that is unique and different from the others.
Cybercrime can be detected by an organization through the use of a myriad of intrusion detection techniques. For instance, operating system commands, tripwires, and anomaly detection techniques are some of the methods that could be used to detect cybercrime. The process of identifying cybercrime and taking appropriate action can be rigorous and expensive.
Each organization needs to have in place an IT department with qualified security personnel to determine and act appropriately on the threat whenever need arises. The target organization may also consider hiring the services of an independent computer forensics investigator who will provide insights as to the prevention and detection of future e-crimes.
Conclusion
Cybercrime is one of the top current IT threats, and every organization must establish the necessary up to date counter mechanisms for security purposes.
Scholars, researchers, and criminologists agree that despite numerous efforts to define what cybercrime is, they are yet to come up with a standard definition of the term. The very nature of crimes committed over computer networks makes it hard for the debaters to reach an agreeable conclusion. While the debate is healthy, some scholars (Cross and Shinder, 2008; Gordon and Ford, 2006; Kirkegaard, 2005) argue that the lack of a standard definition hampers how security experts react to the range of crimes committed in the virtual environment. Gordon and Ford (2006) are among scholars who believe that multiple definitions of cybercrime have led to confusion among security experts since the multiple definitions do not offer a clear picture about the breadth of crimes committed in cyberspace.
Acknowledging the role that the computer information technologies have played in breaking down geographical and cultural barriers, Kierkegaard (2005) observes that the global nature of cyberspace frustrates any efforts to come up with a globally-acceptable definition of cybercrime” (p. 60). Specifically, Kierkegaard (2005) notes that conceptions of crime differ between cultures, and what Americans consider as ‘crime’ may not be perceived the same way in Asia, Africa, and even in some European countries. This then makes it difficult for security experts to recommend universal means of preventing, detecting, and even prosecuting cybercrimes.
To combat cybercrime, Ngafeeson (2010) argues that businesses, governments, and the expansive global community would need to work together. Ngafeeson’s (2010) argument would however bear fruits only if the interested parties develop a standard way of defining, identifying, and classifying cybercrime. Admittedly, the longer the security forces stay without a clear and succinct definition, the more cybercrime evolves hence outpacing any efforts set up to fight it.
Different definitions
According to Ngafeeson (2010), though scholars and security analysts agree that cybercrime is a global menace, they have only managed to describe the phenomenon partially. Notably, some scholars and crime experts define cybercrime as ‘computer-assisted’, while others define it as ‘computer-focused’. An example of the former definitions is represented by Wall (2007) who defines cybercrime as “the transformation of criminal or harmful behavior by networked technology.” The latter group of definitions is represented by Wilson (2007) who defines it as “a crime that is enabled by, or that target computer”. According to Ngafeeson (2010), these distinct definitions limit the security forces’ ability to deploy effective crime-fighting measures in the virtual environment.
Restating a theory by Cantor and Land (1985), Ngafeeson (2010) observes that cybercrime, just like other ordinary crimes “required the presence of motivated offenders, suitable targets, and the absence of effective guardians” (p. 4). Lacking proper definitions of cybercrime means that although there are motivated offenders and suitable targets in cyberspace, guardians are usually lacking effective countermeasures in some cybercrime categories because the crime specialists do not deem them ‘crime’ enough situations. In other cases, countries simply lack a criminal justice system to address cybercrime.
But how does this happen? Well, Nagre and Warade(2008) offer some insight into how cybercriminals take advantage of the disharmony between different stakeholders interested in ending cybercrime. To start with, Nagre and Warade (2008) note that law enforcement bodies are not fast enough to catch up with new technologies used in cyberspace. This means that cybercriminals monitoring new technological development can outpace the law enforcement bodies.
The lack of a standard cybercrime definition further worsens the law enforcements’ inadequacy since different countries, individuals and businesses do not coordinate well to fight cybercrime. Specifically, countries that have varying definitions of the offense use conflicting policies to address cybercrime. Cybercriminals who are well aware of penalties enforced by different countries can move to geographic locations where their actions are not categorized as crimes, or where the cybercrime policies are lenient.
Nagre and Warade (2008) give an example of software embedded on a computer host system silently spying on the information accessed by a computer user. While this may not be seen as a crime in some countries, other countries, especially in the developed world see such spying as a blatant invasion of people’s privacy. Such an act moves from being just a civil case of invading someone’s privacy to a criminal act when the instigators of the software silently steal information from a computer without the user noticing it.
Nagre and Warade (2008) further note that governments the world over have accepted attempted cyber espionage as a normal activity instituted by curious citizens (and foreigners) to test the defenses that governments have on their computer configurations. While some governments view such activities as being motivated by curiosity, Nagre and Warade (2008) argue that individual criminals or criminal groups with vested economic or political motives can successfully hack into government computers hence accessing information stored therein.
For this reason, the authors argue that governments and criminologists’ failure to label actions in cyberspace could also hinder their inclusion in the cybercrime list. Specifically, some of these possible criminal activities, which include secret monitoring of computerized functions and cyber espionage, are considered necessary for economic completion and national defense. Articulating the threat posed by such government-created criminal leeway, an unnamed industrial official cited by Nagre and Warade (2008) lamented that the weak computer security practices enforced by the government could create room for crises in the future. If hackers for example succeed in breaking into databases containing sensitive information, the government would not just dismiss such an action as an ordinary glitch in cyberspace.
Without a proper definition of cybercrime, governments, individuals, and even businesses lack standard reactionary measures when cybercriminals attack. In an example offered by Nagre and Warade (2008), the United States Department of Defence (DOD) could not determine the best way to react to cyber-attacks launched from China even after determining that most such attacks did not come from ordinary malicious individuals. Specifically, Nagre and Warade(2008) note that the DOD did not know whether to treat the attacks as an intentional war from china, thus calling for military intervention or just ordinary crime that could be handled by police detectives.
Hoisington (2009) is among scholars who hold the opinion that ordinary cybercrime incidents like the deactivation of government websites could easily degenerate into cyber warfare especially if computer espionage targets critical networks. Specifically, Hoisington (2009) argues that cybercrime can assume destructive scenarios to the extent of risking lives through misinformation. The scope of offenses is however wide and includes actions such as illegal interceptions, copyright theft, cyberstalking, tax evasion, money laundering, cyber-terrorism, extortion, Denial of Service(DOS), electronic vandalism, forgery, investment fraud, and identity theft.
Other offenses that can also be classified as cybercrime include the illegal and unauthorized use of remote computers or digital devices, espionage, and the publication of offensive material about individuals, businesses, or governments. That is not all; Gordon and Ford (2006) hold the opinion that the definition of cybercrime continues evolving depending on the perceptions held by victims of cybercrimes and their observers or protectors.
Dealing with crimes committed over cyberspace requires law enforcement officers, criminologists as well as policymakers to visualize any imaginable crime that can be committed on virtual platforms and develop measures to counter the vices. As Gordon and Ford (2006) state, criminals with the intent to commit a crime will exploit every available option that cyberspace provides. This explains why terrorists and pedophiles readily use the virtual environment to perpetuate social evils.
Gordon and Ford, therefore, argue that a basic definition of cybercrime would need to be based on theoretical frameworks. Most of the existing descriptions are only descriptive and thus they fail to capture the entire breadth of crimes committed in cyberspace (Parker (1998). It is for this reason that Gordon and Ford (2006) propose that defining cybercrime, as “any crime that is facilitated or committed using a computer, network, or hardware device” would be a simple, yet comprehensive description (p. 14).
The description by Gordon and Ford (2006) does not state the nature of offenses that should be considered as cybercrime. As such, it is presumable that any offense committed on computers, computer networks, or hardware devices can be defined as a cybercrime. Notably, the authors admit that cybercrime can also occur in non-virtual environments, since “the computer or device may be the agent of the crime, the facilitator of the crime, or the target of the crime” (p.14). This can be interpreted to mean that the computer or electronic device used to perpetrate cybercrimes does not have to be in a network. While this definition may be comprehensive, it still does resolve the problem of responding to cybercrime. Specifically, criminologists and security experts would need to define crime if they are to devise effective means of responding to cybercrime.
Defining crime
Rossiers and Bittle (2004) argue that crime can be defined simply as “something that is against the law,” or broadly as a social wrong, which is shaped by the society’s understanding and response to the same (VI). If cybercrime were to be addressed based on these definitions, criminologists and security experts would still have a huge problem in their hands. In the first description, Rosiers and Bittle (2004) suggest that any activity that goes against stipulated legal guidelines is a crime. While this may look like a straightforward definition, applying this concept to cybercrime would still raise problems.
Specifically, the fact that different countries and cultures linked by cyberspace have different legal approaches to addressing crime would make countering cybercrime from a global perspective a challenge. An example of how this happens is Gordon and Ford’s (2006) observation that developed countries recognize infringement of copyright of computerized information, programs, or hardware as serious forms of cybercrime. Developing countries on the other hand do not have strong copyright laws, and some even lack the mechanisms needed to enforce such laws. Such a scenario gives cybercriminals a perfect ground to exploit the legal inadequacies in developing countries, and by extension the non-standardized criminal laws between the countries and cultures.
Rosiers and Bittle’s (2004) second definition of crime does not provide criminologists and security officers with an easier solution on how best to define, identify and respond to cybercrime either. The authors’ suggestion that crime is a social evil shaped by a society’s understanding and response to social offenses suggests that the concept of crime varies in different societies, thus making it even more complex to arrive at a standard definition of cybercrime. This then compounds the probability of getting a standard solution on how best to respond and address cybercrimes.
Why is a standard definition of cybercrime so important?
According to Finnie, Petee, and Jarvis (2010), governments, businesses, and individuals face a degree of ambiguity whenever they seek to identify and address cybercrime. Specifically, even experts in computers and related technologies seem to disagree on the exact cyberspace behaviors that deserve to be classified as being criminal. Countries or regions have therefore resulted in developed their definitions of the term, usually putting into consideration what the society in question perceives as criminal behavior. Consequently, Finnie et al. (2010) note that discrepancies exist in definitions used by different countries or regions, and this by far negates any effort that the global society may put in place to identify and combat cybercrime.
The discrepancies that exist between countries and regions in their definition of cybercrime, no doubt affect how security experts design reactionary measures to related offenses. As explained elsewhere in this paper, lenient cybercrime laws in some countries give cybercriminals an operating platform where they effectively evade the legal consequences put in place by countries or regions that have stiffer cybercrime laws.
With a standardized definition of cybercrime, however, such law-evading behaviors would decline. However, a global uniform response to cybercrime would require more than just a standardized definition of the cyberspace crime phenomena. It would be a more strategic crime-fighting measure if countries, regions, and cultures aligned anti-cybercrime laws in a manner that made it difficult for cybercriminals to enjoy leniency in some regions.
Any attempts to attain a standard definition of cybercrime should be done with the need for flexibility in mind (Hoisington, 2009). Specifically, security experts and policymakers should expect variations of cybercrime to come up in the future. As such, any uniform laws made in response to prevailing cybercrime trends across geographical borders should be flexible enough to react to new kinds of criminal activity developing in cyberspace.
A specific definition of cybercrime would bring to the fore the intensity of different offenses committed in the cyberspace hence guiding security experts on how best to detect, arrest and punish perpetrators. Gordon and Ford (2006) hypothesize that dividing cybercrime into two continuums would make defining the phenomenon easier; hence making the responsibility of designing response measures less strenuous for the security experts.
Specifically, Gordon and Brown (2006) suggest that cybercrime should be divided into i) crimes targeting technology; and ii) crimes targeting people. The first category of cybercrimes involves crimes that are technical and discrete and may require the offender to use crime-ware programs. Offenses in the second category, on the other hand, are less technical. While perpetuating the latter, criminals may prey on their victims using ordinary software packages such as e-mail and instant messaging among others.
Notably, cybercrimes targeting technology would need crime experts and policymakers to remain vibrant in making laws that respond to the fast-evolving tech crimes even after attaining a standardized definition. Cybercrimes directed towards people would however not require much response creation by the security experts, since they can be addressed using existing criminal laws. According to Gordon and Brown (2006), the latter category of cybercrimes are ordinary traditional crimes facilitated by cyberspace and can be addressed using ordinary criminal laws. Examples of such crimes include child pornography, drug trafficking, money laundering, child predation, corporate espionage, stalking, and terrorism. In some cases, however, existing laws cannot adequately address the ‘old crimes’ committed in cyberspace (Cross & Shinder, 2008).
According to Cross and Shinder (2008), definitions of cybercrime matter because their accuracy provides security experts with an incentive to develop effective legal responses. Moreover, the formation of new laws to address cybercrime would form a basis for court precedents, which would be used to address similar cases in the future.
Do definitions matter?
According to Cross and Shinder (2008), “criminal offenses consist of specific acts or omissions, together with a specified culpable mental state” (p. 3). For security experts and policymakers to develop enforceable laws, the definition of a crime has to be specific. As many legal experts would tell, unspecific definitions in criminal law provide room for maneuver to both the prosecution and defense sides. This would in turn cause arguments, confusion, and even litigation regarding the applicability of the law.
Jurisdictional issues also make precise definitions of cybercrime important. As Cross and Shinder (2008) argue, investigating cybercrimes can only be successful if law enforcement officers know the specific nature of the offenses involved. Moreover, the investigators need to know the specific laws that address cybercrimes since such knowledge is helpful in the investigation stage.
Definitions of cybercrime also matter because as Cross and Shinder (2008) observe “the IT personnel, users and victims, police officers, detectives, prosecutors, and judges” cannot intelligently discuss offenses committed on cyberspace in the absence of definitions that are either the same or substantially similar (p. 9). Without clear definitions, it is also obvious that collecting meaningful cybercrime statistics would be a futile undertaking, hence making any effort to analyze cybercrime trends or patterns pointlessly. Without a proper and comprehensive analysis of cybercrime, government agencies responsible for the welfare of citizens cannot adequately counter cybercrimes.
Specifically, Cross and Shinder (2008) observe that for government agencies to develop proactive anti-cybercrime prevention plans, they would need to train specialized personnel, and buy sophisticated equipment. Such an undertaking would require agency heads to ask for additional budgets, which they would need to justify by proving that cybercrime is a real threat to the public. Without statistics attained from cybercrime analysis, the agency heads may not have the facts needed to back their request for additional funding.
The hope of attaining a standard definition of cybercrime
Despite Cross and Shinder’s (2008) assertion that developing proactive cybercrime prevention plans depends on how willing regions, countries, and other cyberspace stakeholders are to attain a standardized definition, there is no denying that such a milestone would face numerous challenges. Stakeholders would need to overcome the multi-jurisdictional nature of cybercrime definitions. In the United States alone, different states’ organs define cybercrime in different terms.
The definition used by the Federal and State Statutes is different from the definition used by the USA Patriotic Act, the Protect America Act, and the State Laws. On the international scene, the United Nations has its definition of cybercrime, as does the European Union. If a common definition were to be attained, it is rather apparent that a lot of coordination and cooperation would be needed within and outside geographical, cultural, and regional divides.
According to Gordon and Ford (2006), a common cybercrime definition would “provide researchers with a common language, necessary for sound collaboration (or even meaningful discussion)”, which would perhaps motivate governments, businesses, and individuals to adopt a common ground (p.16). Consequently, a common definition would make it easier for security experts to determine the scope of cybercrime, therefore enhancing the chances of experts finding successful counter-cybercrime measures. As Gordon and Ford (2006) state in their conclusion, the different definitions of cybercrime only lead to unclear usage of the term, which consequently leads to conflicting responses by security forces based in different jurisdictions.
The admission by scholars, legal experts as well as policymakers that cybercrime definitions need to be standardized could be an indication that cyberspace stakeholders may too awaken to the same need. If the observation made by Kierkegaard (2005) is anything to go by, government and business enterprises have already realized that confronting cybercrime individually is no longer effective. As such, more stakeholders are encompassing other constituencies across geographical, cultural, and regional borders in the search for effective solutions to counter cybercrime.
Conclusion
The details revealed in this essay leave no doubt that indeed definitions of cybercrime do matter. Moreover, different definitions may not help crime experts, the legal fraternity, and law enforcers in identifying and addressing offenses that occur in cyberspace. As such, scholars such as Cross and Shinder (2008) advocate for a standard definition of cybercrime, arguing that such an act would make analyzing cybercrimes easier hence necessitating the formation of effective detection and deterrent legal practices.
Whether the global community will adopt a standardized definition or continue with their fragmented definitions is only a question that time will answer. In the meantime, cybercrime will progress and change in line with other developments happening in cyberspace. As such, we can expect that internet criminals will get more creative as they passionately pursue victims across international borders. While the solution to cybercrime does not entirely lie in standardizing its definition, it is clear that a common description of the phenomena across the world would give security experts a common ground to examine the offenses.
This would in turn enhance the chances of the security experts developing cyber crime-fighting techniques applicable across geographic borders. If not for anything else, the standardized cybercrime fighting techniques would deter criminals who base their actions in countries or regions that treat the offenses leniently.
To give credit where it is due, however, this essay must admit that security experts have developed technological countermeasures against cybercrime over the years. This is despite the different definitions of the cybercrime phenomena. The effective use of the countermeasures however varies across physical and geographical borders since different individuals, governments, and businesses’ perceptions of cybercrime varies. Proponents of a standardized definition of cybercrime claim that the variations in defining the concept result in different responses to the offenses, hence guaranteeing leniency or acquittal to cybercriminals in some areas.
References
Cross, Michael, and Shinder, Debra L. (2008) Scene of the cybercrime. 4th edition. Burlington, MA, Syngress.
Finnie, T., Petee, T. & Jarvis, J (2010) The future challenges of cybercrime. Proceedings of the Futures Working Group, 5, 1-76.
Gordon, S., & Ford, R. (2006) On the definition and classification of cybercrime. Journal of Computer Virology, 2, 13-20.
Hoisington, M. (2009) Cyberwarfare and the use of force giving rise to the right of self-defense. Boston College International and Comparative Law Review, 32(2), 439-454.
Kierkegaard, S. M. (2005) Cracking down on cybercrime global response: the cybercrime convention. Communications of the IIMA, 5(1), 59-66.
Nagre, D. and Warade, P. (2008) Cyber Terrorism vulnerabilities and policy issues- “facts behind the myth”. Web.
Parker, D. (1998) Fighting computer crime: a new framework for protecting information. Wiley, New York.
Rosiers, Nathalie, and Bittle, Steven (eds) (2004) What is a crime? Defining criminal conduct in contemporary society. Toronto, UBS Press.
Wall, D. (2007) Policing cybercrimes: situating the public police in networks of security within Cyberspace. Police Practice and Research: An International Journal 8(2): 183-205.
Cases that involve multiple countries may be more difficult to investigate than domestic crimes because of the collaborative issues that the nations often face. The case “Purchase Order Scam Leaves a Trail of Victims” is an example where states’ local law enforcement and weak international cooperation contributed to the situation not having any positive outcomes. The discussed problem is the so-called purchase order fraud. Criminals use fake websites, phone numbers, and emails to purchase large quantities of goods (“Purchase order scam,” 2014). It may be virtually impossible to recover the purchased products once they leave the U.S. soil. A case analysis is offered below, discussing the American justice system, violations of the law in both the U.S. and Nigeria, the collaboration of the international and local agencies, and the outcomes to this investigation.
American Justice System
The difference between dealing with international and domestic crimes lies in the use of the law system of either one or multiple countries. In local cases, individuals and groups undergo the process that fully relies on the American law. However, when working with international crimes, all involved countries employ their procedures. As the discussed case does not have any success with an actual prosecution, one can focus on the investigation itself. In the U.S., the examination of such cases is taken over by the FBI that can collect necessary information from affected retailers, universities, and persons acting as the middleman between the scammers and sellers. The national agency may also try to examine the addresses and contacts used by the fraudsters to find their physical location. However, they cannot physically investigate these places without getting permission from the country of the perpetrators’ residence.
If the criminals are identified, the U.S.’ agreement with the involved country can affect the due process. For example, the nations can arrange a transfer where the perpetrator is brought to the U.S. for a trial or, on the other hand, brought into the state of residence to be tried and convicted there. In this particular example, the crime was committed against organizations located in the U.S. However, the fraudsters were operating from Nigeria. The countries can decide which laws will be reciprocated.
Generally, non-citizens possess a range of rights that are similar to those of the U.S. citizens. Thus, the actual trial and investigation processes incorporate such enforced rights as the right to a jury, protection from all discrimination and self-incrimination (“U.S. Constitution,” n.d.). Nevertheless, as the case does not involve potential criminals being identified, these guidelines are not applicable. The only procedural laws that the U.S. has utilized in this example deal with the reach of the investigation which is hindered by the lack of collaboration with Nigeria.
Violation
In the discussed case, the criminals’ citizenship status cannot be determined conclusively because their identities were never established. However, it is most likely that the offenders are the citizens of Nigeria, according to the U.S. investigators (“Purchase order scam,” 2014). This lack of information along with the remote location of criminals does not help the investigation, because the involved American agencies are unable to collect more details about these persons without receiving support from the government of Nigeria. Therefore, the perpetrators cannot be apprehended and charged as they do not reside on the U.S. territory. Moreover, the nature of these people’s activity, cybercrimes, also limits the abilities of the U.S. This type of illegal actions is difficult to investigate, primarily because the criminals used fake numbers, emails, and websites and influenced American citizens who voluntarily, although unknowingly, supported these crimes.
The perpetrators were located in Nigeria at all times, including the moment of the crime. Their place of residence affected the U.S.’ investigation significantly, as the local law enforcement agencies could not find the individuals or the shipped goods once the latter left the U.S. territory. Thus, the investigation could not move past the border without additional support from international agencies. The discussed activities in the case included only IC3 (Internet Crime Complaint Center) and FBI-led investigations, which implies that the process of locating perpetrators did not involve Nigeria. Therefore, it can be said that the criminal’s foreign citizenship played a crucial role in their apprehension.
Upon committing purchase order fraud, the involved individuals violated multiple domestic and international laws. First of all, in the U.S., they purchased goods under the disguise of respected organizations located in the U.S. For this purpose, the criminals used fake identities such as emails, websites, and phone numbers. These actions constitute fraud and fall under the 18 U.S. Code § 1028 – “Fraud and related activity in connection with identification documents, authentication features, and information” (“18 U.S. Code § 1028 – Fraud,” n.d., para. 1). Specifically, the fraudsters could be tried according to the subsections (a)(1) and (a)(7). The first subsection deals with the processes of producing false identification documents or means – in this case, online sources, fake phone numbers, and purchase documentation. The next subsection can be used as well because it describes the procedure of assuming others’ identity with the intent of committing an illegal activity under their name.
According to these laws, punishment may include a fine and imprisonment for “not more than 15 years” as stated in the subsection (b)(1)(D) (“18 U.S. Code § 1028 – Fraud,” n.d., para. 1 ). The criminals’ case can be processed using this particular subsection because they used false means of Identification and succeeded in obtaining expensive equipment and materials which cost more than $1.000.
In Nigeria, similar laws exist as well. According to the country’s Criminal Code Act, the fraudsters violated Chapter 38 called “Obtaining property by false pretenses; Cheating” (“Criminal Code Act,” n.d.). Specifically, the criminals can be tried according to such subsections as 419 and 421. In paragraph 419, the obtainment of goods under false pretenses is discussed. This violation subjects the person to seven years of imprisonment as the cost of the accumulated goods is higher than one thousand naira. Subsection 421 deals with making other people obtain or deliver products as a part of the fraudulent activity and perpetrators can be imprisoned for two years.
International Agencies and Law
The laws mentioned above are the main ones to be considered during the examination. The investigation was unable to locate the criminals because they resided in Nigeria. According to the regulations of Nigeria, the perpetrators can be apprehended with a warrant, which means that they have to be investigated by both countries. The lack of collaboration reveals that the U.S.’ national agencies do not have the ability to prosecute these individuals on their own which staggers the investigation. The U.S. laws could not be enforced because of the limited power the FBI and IC3 have abroad. It is apparent that no international agencies were asked to participate in the process. It can be explained by the fact Nigeria is a country with a historically low success of crime prosecution initiatives (“Countries/jurisdictions,” 2014). This point may be a leading political factor that hinders the investigation. Other impactful aspects are the high rate of corruption in Nigeria and its lack of official agreements with the U.S. regarding criminal activity investigations.
The only possible way to mitigate these crimes involves educating citizens and businesses about fraud. FBI and IC3 can collect information about the incidents from individuals and companies in order to attempt stopping the goods’ shipment on the U.S. territory. However, once the products cross the border, it is virtually impossible to bring them back. As was mentioned above, the level of reciprocity in this case was extremely low, which led to the criminals not being located in every instance. If the coordination between the U.S.’ domestic agencies, Nigerian law enforcement, and international cybercrime organizations was established, the success of the operation could be much higher. Thus, cooperation is essential in such instances.
Conclusion
Upon analyzing all details of the case, one can conclude that the investigation was performed ineffectively. The criminals were not apprehended or even identified in all instances, which meant that the affected businesses had to absorb all financial losses. However, it can be said that the work of the IC3 could be considered efficient in its attempts to recover the goods while they are still in the U.S. Nevertheless, the overall state of the investigation does not offer many opportunities for future successes. It could be recommended to consult with Nigerian law enforcement in order to get permission to track these fraudsters or obtain their means of identification and computer location. However, seeing as their reliability is considered low, education and crime prevention seem to be the best possible ways to mitigate such crimes.
The virtual environment of the global network has been inundated with cybercriminals (Yar, 2013). According to Lewis University, the phenomenon of a cybercrime dates back to 1971, when the web was first invaded by the virus notoriously known as Creeper. It was very simple by the present-day standards, yet it managed to cause havoc across the Internet (Ruiz, Winter, & Park, 2015). Unfortunately, viruses and other tools used by cybercriminals are getting smarter and increasingly more sophisticated; causing global concerns regarding personal information and business data. A similar situation can be observed in the UAE (Enzer, 2011), which was identified by the Assocham-Mahindra SSG study as one of the countries that cybercriminals attacked India from (Sethi, 2015).
Cyber Crime in the United Arab Emirates
The recent introduction of updates to the UAE Cybercrime Law 2016 will impose a set of more augmented penalties on the offenders, including a life sentence. However; the specified regulation does not have tangible effects on cybercriminals as it does not allow for the willing acceptance of proper behavioral patterns and the recognition of cybercrime as an intrinsically negative phenomenon. Therefore; the development of programs aimed at changing the target audience’s concept of cybercrime is crucial.
Cyber Crime in Dubai
It is viewed positively that the current legislation reinforces the significance of the letter of the law. For instance, “Dubai Police have urged victims of online social networking sites to approach authorities because their hesitation encourages suspects to target more victims” (Al-Najami, 2010). However, the lack of information regarding the concept of cybercrime, the ways of inhibiting it and the tools that the UAE society can use to prevent cybercrimes are not completely obvious. Thus; the number of cybercrimes has been increasing in the UAE generally, and in Dubai particularly as shown in Figure 1 (Hasbini, 2014).
Therefore, the focus should be shifted from providing penalties to reinforcing knowledge promotion among ICT users. Also, awareness programs should be created to educate people on cybercrimes. Thus; significant progress can be expected. Accordingly, the UAE government saw the necessity and urgency to review the cybercrime law of 2012 and amend it to protect the society, economy, and environment more effectively.
Policy Understanding, Formulation and Development
The Federal Law No (2) of 2006 on the Prevention of Information Technology Crimes
This law is meant to regulate the telecommunication sector and to deter the occurrence of cybercrimes. Article two through to four deals with the violation of the information technology rules and regulations as well as the penalties that come with such acts or omissions. An imprisonment term not exceeding one year and penalty of not more than AED 20,000 will be imposed on offenders for crimes like unlawful access to a website leading to violation of privacy, erasure, deletion, damaging, disclosure, alteration, destruction or replication of information (Cross & Shinder, 2008). Moreover, temporary detention and fine not exceeding AED are to be imposed on the person that uses any information technology device or Internet to disrupt, delete or modify the information or data (article 5).
The law further considers the relationship between medical records, diagnoses, treatment, and their distortion through the Internet and sets out the repercussions for such acts (United Nations, 2007). Other critical issues that are provided for by this law pertains to the use of the Internet for bullying, impersonation through the internet, online banking violations, online prostitution or fornication, abuse of Islamic shrine or ritual, defamation, promotion of wrongdoing, online drug trafficking, money laundering and the use of the internet for terrorism activities. There are further provisions on how this law shall be enforced and the parties responsible for its implementation. This law is particularly important because it sets out clear boundaries to the right and wrong uses of the Internet and other ICT devices.
The Amendment: Federal Decree-Law No. (5) of 2012 on Combating Cybercrimes
This law analyzes different scenarios for cybercrimes and how they may be committed. The law states the relevant punishment for each type of cybercrime under varying conditions under various circumstances(Lunt & Livingstone, 2012). The most prevalent class of these crimes is as enlisted in article 44 of this law are crimes against State security. These are the crimes listed in articles 4, 24, 26, 28, 29, 30, and 38 of the Decree-law. This law is very important especially in the phase of rapidly emerging crimes that are committed using the Internet and the ICT systems. Thus, the aim is to ensure that the illicit content, which is usually very characteristic of major websites, does not find its way to the public (Holt & Schell, 2011).
The Study for Amendment in 2016
Amendments are seen as the best way of ensuring that laws meet the general needs of the people and the constitution. For instance, amendments in 2016 will seek to iron out some of the lapses that have been making the application of the law to be ineffective. For instance, IP address forgery is a very minor crime and guilty parties can be sentenced to a jail term that ranges from 24 hours to a maximum of years. The amendment will target individuals making fraudulent use of computer network protocol addresses with criminal intent.
Approaches
This law is to help to push the change agenda of the government in redefining the true use of the internet and ICT system and devices (Geers, 2011). The successful implementation of the law can lead to a drastic reduction in the number of related crimes and social vices. Unfortunately, the lack of relevant knowledge by some of the concerned stage agents, which makes them irrelevant to the mission, is the major challenge that is likely to hamper the enforcement of the law. To solve this, the government needs to provide the strongest and most up-to-date training to its officers to tackle cybercrime issues.
Policy Development
According to the eightfold path analysis, the problem is the need to find a solution in curbing cybercrimes and preventing ICT crimes (Cooper, Seiford, & Tone, 2006). The evidence attesting to this scenario is derived from the government criminal statistics records showing the number of cybercrimes and the ICT devices’ crimes. The two alternatives that have been combined in this law are the imposition of varying fines and imprisonment terms depending on the crime graveness. This law, if taken seriously, could be the most suitable criteria that can be applied to bring about the much-needed regulation of the rampant crimes in the telecommunication sector (Baggili, 2011).
The only shortfall in this law is that it requires constant monitoring of the entire web to detect signs of suspicious activities. This is to say that some crimes might be committed and go unnoticed if there is no surveillance at a particular moment. However, if the government brings all the stakeholders on board, then this should be an easy mission for its objectivity to be achieved.
Impacts of the Policy
Impacts on Society
The cybercrime law and its amendments are aimed at protecting people from becoming victims of their greediness, or that of others. It is planned to reduce the number of online gamblers, as well as of individuals who participate in money laundering. Also, young generations will be made aware of fake trading and false promotions of online cheats. The terrorist groups are expected to lose their cyber-power and cybercrime communication. For example, Twitter canceled 125,000 Isis terrorist accounts under the government’s pressure (Yadron, 2016). Most importantly, personal information and business data will be secured confidentially.
On the whole, the law in the UAE is aimed at promoting the traditional values of the people and enhancing their well-being (“UAE Cybercrime Law,” 2015). At the same time, some laws, such as the laws that penalize actions against the public morals taken online, are considered ambiguous by some scholars due to the vagueness of the definitions provided in them (Aldurra, 2013, pp. 52-53).
However, it is noted that the legal system offers “some guidance on the kinds of behavior that are regarded by society as acceptable” (Aldurra, 2013, p. i), so such laws also help define what people of the UAE should be like. Therefore, making cybercrime a legal offense and enforcing such laws promote disapproving attitudes towards those who commit such crime in society, even though making the people aware of such policies is also essential.
Impacts on the Economy
The implementation of the policy towards cybercrime is aimed at defending both the governmental structures of the UAE and its businesses. The laws which define the concrete types of cybercrime in detail allow for more effective implementation of penalties against cyber offenders. Therefore, the policy will provide a more thorough protection for the government and enterprises, safeguarding them from hacked accounts and stolen data and money. This will allow for a safer business environment, which will have a positive impact on the UAE’s economy. On the whole, it is stressed that the implementation of the cyber policy in the UAE has the development of “a competitive economy led by creative and knowledgeable Emiratis” as one of its goals (Al-Khouri, 2012, p. 136).
Impacts on the Environment
Technologies, the cyber technologies, in particular, hurt the environment. For instance, for computers and the Internet to work, large amounts of resources such as electricity (which comes down to energy produced in power plants that pollute the environment) are consumed. Committing cybercrime that leads to significant data losses means that the resources used in production and storing this data are wasted and that new resources need to be consumed to restore or replace the data.
Therefore, implementing the policy which protects against cybercrime should have a positive effect on the environment by preventing the waste of natural resources that were used to produce the information defended by this policy. Also, the abuse of the obtained information or access might allow criminals to harm the environment e.g. political reasons, which also needs to be safeguarded against.
Challenges and Issues (Interview)
Implementation
Two main challenges are facing the amended UAE’s cybercrime law. Firstly, with the increasing rates of cybercrimes due to the rapid and complex ICT advancements; tracking all cybercrime criminals is being harder for law enforcers. The majority of organizations are struggling to keep up with the technology and thus have vulnerable areas in their system. Cyberattacks are hard to trace. Usually, a cyberattack might be noticed when files are destroyed and irreversible damages occurred. Reporting the issue late helps the attacker conceal their steps and make it more misleading to catch them (Emirates 24/7, 2015).
The accidental destruction of the evidence by policemen if not handled properly causes security specialists to waste more time trying to catch a few criminals while more attacks are happening instantaneously(ISSA, 2014).
Secondly, international crime is another weak spot in the UAE cybercrime law. Having the internet bypassing virtually all countries’ political borders gives cybercrime criminals and computer scammers the ultimate freedom to attack people outside their countries’ domains. On the other hand, countries find it hard to punish people outside their borders, especially for those from lawless countries. Dr. Omar Al Ghoul, a chief judge at the Federal courts in Kalba, mentioned this loophole in an article, written by The National, in which he called for stronger cybercrimes law in the UAE. He stated that “Cybercrimes are transnational, and sometimes offenders are outside the state. So maybe countries could extradite them to the UAE. There should be several international agreements to regulate such issues” (Malek, 2014).
Beckstormsaid “How you relate to the world as a country or a company explains how you will be affected by the cyber world around you”. Cybercrime criminals moved further and faster and continued their cybercrimes attacks everywhere. Having the world’s countries take a step to stop block this serious security loophole is what a future cyber-law would look forward to (WAM, 2016).
Case Study
In Egypt, ‘Operation Phish Phry’ resulted in stealing over $1.5 million from different citizens’ banks’ accounts. The cybercrimes criminals have successfully faked a bank website and directed account users to it via a hyperlink through a convincing email message. The victims trusted the well-faked website, through which the hackers stole the users’ information. Those cybercrime criminals withdrew small amounts from different users; to avoid awakening the bank; to disturb their attention, and to make it more challenging. An American hacker was sentenced to 13-year jail and almost half of the other 47 Egyptians were declared to be innocent and the rest ran away (El-Guindy & Hegazy, 2012).
Computer users can be hacked easily, which mandates that stricter laws are required to protect users from cybercrimes and punish those criminals appropriately. In 2012, a virus attacked, damaged and deleted information from more than 30,000 computers at the Saudi ARAMCO (Elnaim, 2013). This is a weakness in the security systems that any entity or individual is exposed to the risk of cybercrimes attacks.
Best Practices
During the research team interviews, an anonymous government information security and risk management professional who is an expert with Cybercrimes stated that organizations generally and the government entities particularly respond actively and proactively to secure themselves from cyberattacks. They do not wait until cybercrimes laws are issued; otherwise; they might be attacked by cybercriminals.
He stated that stealing passwords is a cyberattack and not a cybercrime; for which frequent awareness sessions were provided; so that public employees know and implement the best practices to secure their cyberspace. Cyberattacks and cybercrimes evolve quicker than cyber laws. However, many government organizations in the UAE support compliance efficiently with cybercrimes laws by organizing campaigns such as Dubai Government Information Security Resolution (DGISR).
He added that using memory sticks or flash memory (USBs) is not a cybercrime rather than a source for successful cyberattacks; however; organizational cybersecurity policies, in compliance with and support to cyber-laws, are issued proactively for higher organizational and national cybersecurity levels. he added that worldwide (alike the US, Europe, Russia, and Ukraine) 25.4-percent chance that government organizations will be cyber-attacked and energy sector has 16.3-percent cyberattacks; so; the government-energy organization has the 41.7-percent probability to be hacked in any environment; for which the success rate will depend on the type of the cyberattacks.
He advised that Cyberattacks are moving aggressively to the MENA region and organizations should respond proactively to them as Symantec reported. He stated that 2012 and 2014 reported the most cybercrimes. He explained that organizations do not talk about their exposure to cyberattacks; so; no one will know about them; until the media reports them as happened with Bank of Sharjah that has been recently cyberattacked.
Conclusions
Summary
To sum up, it should be noted that, even though cybercrime has a history of more than four decades, it has become an increased threat over the last years. Cybercriminals may pose a significant threat to the personal safety of individuals, normal functioning of companies and governmental structures, and even to the national safety. To safeguard against such offenses, a cybercrime policy is being implemented in the UAE. This policy is aimed at augmenting punishments for cybercrime. The policy should benefit the society, the economy of the state, and the natural environment. At the same time, it has been noted that some definitions provided in the new legislation are vague (Aldurra, 2013) and that people are often unaware of the laws regarding cybersecurity, so these issues also need to be addressed.
Policy Recommendations
Raise awareness of the current legislation regarding cyber technologies in society.
Because the technologies used in cybercrime evolve rapidly, organize ongoing research of the issue to provide better protection.
Constantly monitor and improve the legislation regarding cybercrime for the laws not to lag significantly from cyber offenders.
References
Al-Khouri, A. M. (2012). eGovernment strategies: The case of the United Arab Emirates (UAE). European Journal of ePractice, 17, 126-150. Web.
Aldurra, F. A. (2013). Cybercrime and penal code: A comparative study between United Arab Emirates and Japan. Web.