Computer CrimeThe illegal activities related to computers and computer networks are usually classified as computer crime. The computer can be involved either actively (computer-assisted crime), when the computer is used to commit the crime (computer sabotage and hacking), or passively (computer-related crime), when the computer is used indirectly to commit the crime (e.g., record data for an illegal weapon dealing). Some computer crimes are transformations of old crimes, such as espionage, theft, fraud and sabotage; others are entirely new kinds of crimes, such as trespassing in computer networks, cyberterrorism, and computer sabotage
Non-Reported Computer Crime Fear of bad publicity and reputation Lack of confidence that the authorities will apprehend the computer criminals Lack of specialised personnel to investigate computer crimes Ignorance of rights Ignorance of who is in charge in these cases Publicising computer crime will bring new ideas and methods of attacks Prosecutions are expensive, investigations are time- consuming and the sentences often light The existing laws are monolithic to computer technology, and most juries do not regard computer crimes as serious crimes because jury members in general lack the technical knowledge necessary to appreciate the severity of the crime
Computer AbuseComputer abuse: the use of computer systems to perform irresponsible or unacceptable acts such as sending electronic messages with offensive language or pornographic material and spam (unsolicited or illegal electronic messages sent automatically to bulk recipients, usually for advertisement).
Who are the computer criminals?Computer criminals can be either insiders or outsiders. Where insiders are individuals coming from within the company or the organisation where the criminal act takes place, such as employees, managers, supervisors, computer staff, clerks and cashiers, outsiders such as skilful hackers and terrorist groups have no direct relationship with the place of crime.
MotivationsComputer criminals are usually driven by the desire to win easy money steal goods to enjoy themselves by fooling the system to sabotage other people and machines to take revenge for personal reasons to perform acts of terrorism to produce propagandistic messages and revolutionary actions.
TargetsThe usual victims of computer criminals are Big companies Institutions Organisations Governments
Computer FraudComputer fraud includes any technique aimed at manipulating information within a computer system for the purpose of illicit gain. It is divided into computer-related fraud, in which the computer is used unintentionally to commit the fraud, and computer-assisted fraud, in which the computer is used actively to commit the fraud. Computer fraud involve: theft of money (e.g., unauthorised transfer of payments to different accounts); theft of information (e.g., retrieval of data from databases for illegal use); theft of goods (e.g., redirection of goods to wrong destinations); and theft of services (e.g., illegal use of a cable TV channel)
Forms of Computer Fraud ATM fraud: the fraudster uses automated teller machines EFT fraud: the fraudster uses the Electronic Fund Transfer system (EFT) EDI fraud: the fraudster uses the Electronic Data Interchange system (EDI) Credit card fraud: the fraudster steals the credit card number and the owner’s authentication. Telecommunication fraud: involves (1) long distance phone fraud and (2) mobile phone fraud. The latter is also known as cloning. Cable TV fraud: the fraudster decodes illegally the signal of a cable- TV channel. Telemarketing fraud: the fraudster redirects telemarketing goods to wrong addresses or sells fake telemarketing products to unsuspecting customers. Internet Stock fraud: the fraudster pretends to be an investment expert.
Hackers and HackingSkilful programmers, usually referred to as intruders or hackers, can gain unauthorised access, or break-in, to computers and computer networks. Hackers can either act directly, by penetrating the system themselves, or indirectly, by embedding a destructive program within the system that causes serious damage or problems to the machine.
Categories Hacker is just to a skilful programmer who is obsessive about programming Cracker is a person who gains unauthorised access to a computer system for malicious purposes Phreak (‘phone’, ‘free’, and ‘freak’) is a person that gains illegal access to telephone services and use these services to satisfy individual goals. Cypherpunker is an intruder who wishes to create new regions of privacy where ‘the system’ will not be able to invade. Hactivist is the use of hacking by hackers for political purposes such as promoting a political cause or spreading anti-war messages via the Web.
Kevin MitnickThe most typical example a hackerpersona is that of Kevin Mitnick. Hewas accused of hacking thecomputer systems of internationalcompanies such as Motorola andNokia and governmental agenciessuch as the North AmericanAerospace Defence Command andthe FBI. He was arrested by the FBIin September 1995 and remained inprison until January 2000. He wasunder supervision until January2003, and during this period he wasprohibited in the use of anytelecommunication technology
CyberpunkThe rebellious personality of ahacker is actually portrayed inthe cyberpunk movement. Theterm cyberpunk was madefamous by William Gibson’sbestselling novel Neuromancer(published in 1984). Acyberpunker is a fictitiouscountercultural personality of arebellious hacker who lives in ahigh-tech future, within adystopian and dehumanisedsociety integrated by computersand computer networks.
Hacking Techniques Piggybacking: the hacker invades a computer system by pretending to be a legitimate user of the network. Scavenging: the hacker searches through stray data for clues that might unlock the secrets of a targeted computer system. A similar technique is known as dumpster diving, wherein the hacker searches electronic garbage in order to find discarded documentation that may include user names and passwords. Password guessing: the hacker aims just to crack the password. Autodialing: the hacker systematically dials with his/her computer until answered by the computer on the other side of the line. Zapping: The hacker penetrates a computer system by unlocking the master key to its program, then self-destroying it by activating its own emergency program.
Computer SabotageThe computer saboteurs createtiny but destructive programsthat cause serious hardwareand/or software problems in acomputer system, such asdeleting files in the hard disk,destabilising the computersystem, clogging up mail serversby sending fake e-mails to theaddress found in the addressbook of the victim, and stealinginformation from the computer ofthe victim and sending thisinformation back to the saboteur.
VirusesViruses: By analogy to a ‘biological virus’, a ‘computer virus’ is a self-replicating program reproduced by attaching executable copies of itself to other programs. The effects of a virus may range from irritating messages to complete destruction of the system. A virus cannot run independently. The most common type of viruses are: (1) boot sector viruses: infects the system boot and spreads whenever the system is loaded; (2) e-mail viruses: spread through e-mail attachments; and (3) macro viruses: spread through documents that contain macros—programming instructions that perform automated tasks.
WormsWorms: A worm is a virus-like program that makes copies of itself across network connections, seeking uninfected workstations in which to reproduce. In contrast to a computer virus, a worm program can travel independently through different hosts and resides more in the computer memory of a system rather than on disk. The aim of a typical worm is through continued reproductions to cause disk or memory overload throughout the network. Inevitably, the network freezes and the system has to be reloaded; this process causes complete loss of memory data that have not been saved on disk. On the other hand, the consequences of a worm are not as destructive as that of a virus. A worm is a memory virus; thus it can be removed by shutting down the infected system.
Trojan HorsesTrojan Horses: A Trojan horse is a destructive program disguised to appear as something benign. The name of this malicious program comes from the famous wooden horse of the Trojan War that the Greeks left as a gift to the Trojans. The horse was full of Greek armed forces that caused the fall of Troy from when released into the city at the right moment. Likewise, the electronic version of the Trojan horse resides in the code of a program until the moment of its activation. The conditions of activation are determined by the computer programmer who designed the program. A Trojan horse is usually posted through the Internet disguised as a harmless program, game, or utility. Trojan horses are also used to exchange secret information between hackers. Some Trojan horses release other malicious programs such as viruses or worms.
BombsLogic Bombs and Time Bombs: Logic Bombs and Time Bombs are kinds of Trojan horses. A Logic Bomb inserts secretly into a system and causes a destructive action when a certain logical event or a sequence of events happens (i.e., if program x runs, then do destructive action y). Similarly, a Time Bomb is triggered after a particular time-related event (i.e., if program x runs after date y, then do the destructive action z). Frequently, a logic bomb or a time bomb is an act of vengeance. For example, a programmer who is unfairly removed from his or her post may plant a time bomb to be triggered after the date of his or her removal.
SpywareSpyware: A spyware is a type of surveillance program that is inserted into a computer system in order to monitor, store, and analyse the electronic transmissions of the system. A spyware is not itself a destructive program. In some cases, spywares are used for security reasons.
Fighting Computer CrimeThree different approaches are suggested to prevent computer crime:(1) computer security and management;(2) appropriate legislation, policies, and standards; and(3) education and moral awareness.