2. Types of Cybercrime
Europol (2018) differentiates cybercrime into cyber-dependent crimes (i.e.,
"any crime that can only be committed using computers, computer networks
or other forms of information communication technology;" McGuire and
Dowling, 2013, p. 4; Europol, 2018, p. 15) and cyber-enabled crimes (i.e.,
traditional crimes facilitated by the Internet and digital technologies).
The key distinction between these categories of cybercrime is the role of ICT
in the offence - whether it is the target of the offence or part of the modus
operandi (or M.O.; i.e., method of operation) of the offender (UNODC, 2013,
p. 15).
3. Cyber-dependent crimes
These are cybercrimes that primarily target systems, networks, and data, and
seek to compromise their confidentiality (i.e., systems, networks, and data are
protected and only authorized users can access them), integrity (i.e., data is
accurate and trustworthy and has not been modified) and availability (i.e., data,
services, and systems are accessible on demand).
These cybercrimes include hacking; malware creation, possession, and
distribution; denial of service (DoS) attacks; distributed denial of service (DDoS)
attacks; and website defacement (i.e., a form of online vandalism targeting the
content of websites).
4. Hacking
Hacking is a term used to describe unauthorized access to systems, networks, and
data (hereafter target). Hacking may be perpetrated solely to gain access to a
target or to gain and/or maintain such access beyond authorization.
Hackers may also seek unauthorized access to systems to cause damage or other
harm to the target. In 2014, Lauri Love, a British hacker, defaced websites, gained
unauthorized access to United States Government systems, and stole sensitive
information from these systems (Parkin, 2017). This cybercrime compromised the
confidentiality of data (by gaining unauthorized access to the website and system
and stealing information) and the integrity of data (by defacing websites).
5. A distributed denial of service
attack (or DDoS attack)
A distributed denial of service attack (or DDoS attack) refers to the use of
multiple computers and other digital technologies to conduct coordinated attacks
with the intention of overwhelming servers and/or intermediaries to prevent
legitimate users' access (Maras, 2016, p. 270-271).
Imagine many computers trying to connect to a single computer (the server) all
at the same time. The single computer has a limited amount of processing power
and network bandwidth. If too many computers try to connect at the same time,
the server cannot respond to each connection quickly enough.
The result is that the server may not be able to respond to real users because it is
too busy with fake requests.
6. A Distributed Denial of Service attack (or
DDoS attack)
DDoS attacks can be conducted by an individual, group, or state. States can
target critical infrastructures, which are deemed essential to the functioning
of society. For example, Country A experienced a series of DDoS attacks
perpetrated by Country B on its financial sector. As a result of these
cyberattacks, citizens of Country A were unable to access online banking, and
ATMs within this country were intermittently working.
7. A Distributed Denial of Service
attack (or DDoS attack)
DDoS attacks are made possible by utilizing digital devices that have been
infected with malicious software (or malware) to enable the remote control of
these devices and use them to launch cyberattacks. The botnet (i.e., the
network of infected digital devices - known as zombies) can be used to commit
other cybercrimes, such as cryptojacking. Crytopjacking is a tactic whereby the
processing power of infected computers is used to mine cryptocurrency (i.e.,
encrypted digital currency) for the financial benefit of the person (or persons)
controlling the infected digital devices (i.e., the botherder) and/or those who
hired the botherders (see Cybercrime Module 13 on Cyber Organized Crime for
further information on cryptocurrency).
8. Malware (or malicious software)
Malware (or malicious software) is used to infect target systems in order to
monitor them, collect data, take control of the system, modify system operation
and/or data, and damage the system and/or data. Article 3(b) of the
Commonwealth of Independent States' Agreement on Cooperation in Combating
Offences related to Computer Information of 2001 prohibits the "creation, use or
distribution of malicious software." There are several forms of malware that can
be used to infect systems (Maras, 2014; Maras, 2016):
Worm. Standalone malicious software that spreads without the need for user
activity.
Virus. Malware that requires user activity to spread (e.g., an executable file with
virus spreads when opened by the user).
9. Malware (or malicious software)
Trojan horse. Malware designed to look like legitimate software in order to
trick the user into downloading the programme, which infects the users' system
to spy, steal and/or cause harm.
Spyware. Malware designed to surreptitiously monitor infected systems, and
collect and relay information back to the creator and/or user of the spyware.
Ransomware. Malware designed to take users' system, files, and/or data
hostage and relinquish control back to the user only after ransom is paid.
Cryptoransomware (a form of ransomware) is malware that infects a user's
digital device, encrypts the user's documents, and threatens to delete files and
data if the victim does not pay the ransom.
Doxware is a form cryptoransomware that perpetrators use against victims that
releases the user's data (i.e., makes it public) if ransom is not paid to decrypt
the files and data.
10. Cyber-enabled crimes
Cyber-enabled crimes are computer-related offences committed "for personal or financial gain or
harm" (UNODC, 2013, p. 16). The cybercrimes included under this category "focus … on acts for
which the use of a computer system [or digital device] is inherent to the modus operandi" of the
criminal (UNODC, 2013, p. 17). The 2013 UNODC Draft Comprehensive Study on
Cybercrime identified the following cybercrimes in this broad category (p. 16):
Computer-related fraud or forgery
Computer-related identity offences
Sending or controlling sending of spam
Computer-related copyright or trademark offences
Computer-related acts causing personal harm
Computer-related solicitation or "grooming" of children
12. Computer‐related fraud or forgery
Article 7 of the Council of Europe Cybercrime Convention defines computer-
related forgery as "intentional… and without right, the input, alteration,
deletion, or suppression of computer data, resulting in inauthentic data with the
intent that it be considered or acted upon for legal purposes as if it were
authentic, regardless whether or not the data is directly readable and
intelligible." This cybercrime is also prohibited under Article 10 of the Arab
Convention on Combating Information Technology Offences.
Computer-related forgery involves impersonation of legitimate individuals,
authorities, agencies, and other entities online for fraudulent purposes.
Cybercriminals can impersonate people from legitimate organizations and
agencies in order to trick them into revealing personal information and providing
the offenders with money, goods and/or services.
13. Computer‐related fraud or forgery
Computer-related forgery involves impersonation of legitimate individuals,
authorities, agencies, and other entities online for fraudulent purposes.
Cybercriminals can impersonate people from legitimate organizations and
agencies in order to trick them into revealing personal information and
providing the offenders with money, goods and/or services.
A common technique used is the sending of an email to targets with a website
link for users to click on, which might either download malware onto the
users' digital devices or sends users to a malicious website that is designed to
steal users' credentials ( phishing). The "spoofed" website
(or pharmed website) looks like the organization's and/or agency's website
and prompts the user to input login credentials.
14. Computer‐related fraud or forgery
Computer-related fraud includes many online swindles that involve false or
misleading promises of love and companionship ( catphishing), property
(through inheritance scams), and money and wealth (through lottery scams,
investment fraud, inheritance scams, etc.).
The ultimate goal of these scams is to trick the victim into revealing or
otherwise providing personal information and/or funds to the perpetrator (a
form of social engineering fraud). This tactic, as the name implies, uses social
engineering (a term popularized by a US hacker, Kevin Mitnick), the practice
"of manipulating, deceiving, influencing, or tricking individuals into divulging
confidential information or performing acts that will benefit the social
engineer in some way" (Maras, 2014, p. 141)
16. Computer-related identity offences
Online identity theft is the theft of personal information in order to commit
fraud. This can happen through your email account but can also be a result
of online purchases or other situations where you give out sensitive
information such as your credit card information.
A related concern is identity spoofing, in which the victim is impersonated on
social networking sites such as Instagram or Twitter. Identity spoofing may
also involve spoofing someone’s Internet Protocol (IP) address (the unique
number associated to your computer as you surf the internet). The purpose of
identity spoofing on social networking sites can range from a simple prank to
more serious attacks aimed at shaming or hurting someone’s social
networks. Internet Protocol spoofing is used by hackers to cover their tracks
or to gain access to places normally closed to them.
18. Computer‐related copyright or trademark
offences
Article 10 of the Council of Europe Cybercrime Convention criminalizes
"offences related to infringements of copyright and related rights." Similarly,
Article 17 of the Arab Convention on Combating Information Technology Offences
prohibits "offences related to copyrights and adjacent rights."Copyrights "relate …
to literary and artistic creations, such as books, music, paintings and sculptures,
films and technology-based works (such as computer programs and electronic
databases)" (WIPO, 2016, p. 4).
There are several international treaties relating to copyright protection,
including the Berne Convention for the Protection of Literary and Artistic
Works of 1886, the World Intellectual Property Organization (WIPO)Agreement on
Trade-Related Aspects of Intellectual Property Rights of 1994, and the WIPO
Copyright Treaty of 1996. Regional laws also exist with respect to intellectual
property. A notable example of the infringement of copyright protection is digital
piracy (e.g., the unauthorized copying, duplication, or distribution of a movie
protected by copyright law).
19. Computer‐related copyright or trademark
offences
Copyrighted works are considered a form of intellectual property, which is
defined by WIPO as "creations of the mind, such as inventions; literary and
artistic works; designs; and symbols, names and images used in commerce."
Article 2(viii) of the Convention Establishing the World Intellectual Property
Organization (WIPO) of 1967 holds that
intellectual property…include[s] rights relating to: … literary, artistic and scientific
works, … performances of performing artists, phonograms and broadcasts, …
inventions in all fields of human endeavour, … scientific discoveries, … industrial
designs, … trademarks, service marks and commercial names and designations, …
protection against unfair competition, and all other rights resulting from intellectual
activity in the industrial, scientific, literary or artistic fields.
20. Computer‐related copyright or
trademark offences
Intellectual property, therefore, includes not only copyrights (e.g., books,
music, film, software, etc.), but also trademarks (i.e., names, symbols or
logos belonging to a brand, service, or good), patents (i.e., novel and unique
creations, innovations, and inventions) and trade secrets (i.e., valuable
information about business processes and practices that are secret and
protect the business' competitive advantage). Intellectual property is
explored in greater detail in Cybercrime Lesson 14 on Cyber-Enabled
Intellectual Property Crime.
22. Computer‐related acts causing personal harm
According to the 2013 UNODC Draft Cybercrime Study, "computer-related acts
causing personal harm" include "the use of a computer system to harass, bully,
threaten, stalk or to cause fear or intimidation of an individual" (17).
Examples of these types of cybercrimes are cyberstalking, cyberharassment,
and cyberbullying. These cybercrimes are not included in multilateral and
regional cybercrime treaties (e.g., the Cybercrime Convention; African Union
Convention on Cyber Security and Personal Data Protection; and Arab
Convention on Combating Information Technology Offences).
23. Computer‐related acts causing personal harm
Cyberstalking, cyberharassment, and cyberbullying have been used
interchangeably. Some countries refer to any act that involves the child in
either a victim or offender status as cyberbullying (e.g., Australia and New
Zealand), while states within the United States use the term cyberbullying to
refer to acts perpetrated by and against children. Some countries do not use
the term cyberbullying, but instead use the term cyberharassment or
cyberstalking, or different terms such as cybermobbing (in Austria and
Germany) to describe cyberbullying (European Parliament, Citizens' Rights and
Constitutional Affairs, 2016, 24-25), while others do not use any of these
terms.
24. Computer‐related acts causing personal harm
While there are no universally accepted definitions of these types of cybercrime, the
following definitions that cover essential elements of these cybercrimes are used in
this class.
Cyberstalking. The use of information and communication technology (ICT) to commit a
series of acts over a period of time designed to harass, annoy, attack, threaten, frighten,
and/or verbally abuse an individual (or individuals).
Cyberharassment. The use of ICT to intentionally humiliate, annoy, attack, threaten, alarm,
offend and/or verbally abuse an individual (or individuals).
Cyberbullying. The use of ICT by children to annoy, humiliate, insult, offend, harass, alarm,
stalk, abuse or otherwise attack another child or other children.
What differentiates these cybercrimes is the age of the perpetrators (i.e., only
children engage in and are victims of cyberbullying), and intensity and prevalence of
the cybercrime (cyberstalking involves a series of incidents over time, whereas
cyberharassment can involve one or more incidents). These cybercrimes and their
differences are explored in further detail in Cybercrime Lesson 6 on Interpersonal
Cybercrime.
25. Solicitation or "grooming" of children
Information and communications technologies have been used to facilitate child
grooming. Child grooming is the process of fostering rapport and trust through
the development of an emotional relationship with the victim (Maras, 2016, p.
244). According to Whittle at al. (2013), "grooming varies considerably in style,
duration and intensity; often reflecting the offender's personality and behavior"
(63).
The offender may manipulate the victim using a variety of power and control
tactics, including (but not limited to): adulation, gifts, isolation, intimidation,
threats, and/or force (Berlinger and Conte, 1990; O'Connell, 2003; Mitchell,
Finkelhor, and Wolak, 2005; Ospina et al., 2010; Maras, 2016) as well as feigning
shared interests, or building trust by mimicking a child's apparent sense of
isolation.
26. Solicitation or "grooming" of children
Child grooming can occur on social media platforms, over email, in chat
rooms, through instant messaging services, and via apps, among other areas.
A 2017 BBC investigation revealed that the Periscope app, which enables live
broadcasting anywhere in the world, was being used by predators to groom
children. The predators who contacted the children who were broadcasting
live made sexualized comments about the children and some even requested
children to remove their clothes (BBC, 2017).
28. Content-related offences
As the title implies, the cybercrimes included in this section involve illegal
content. A prime example of illegal content is child sexual abuse material. The
term child sexual abuse material should be used over child
pornography because the term child pornography minimizes the seriousness of
the offence. What the person is viewing, is not sexual activities between a child
and an adult, but the sexual abuse of a child. Nevertheless, international,
regional, and national laws use the term child pornography instead of child
sexual abuse material. Article 9 of the Council of Europe Cybercrime Convention
criminalizes offences related to child pornography, which is conceptualized as
including visual depictions of 'a minor engaged in sexually explicit conduct … [,] a
person appearing to be a minor engaged in sexually explicit conduct … [, and/or]
realistic images representing a minor engaged in sexually explicit conduct."
29. Child Pornography
A person commits an offence under Article 9 of the Council of Europe Cybercrime
Convention if the person "intentionally and without right … produc[es] child
pornography for the purpose of its distribution through a computer system [,] …
offer[s] or mak[es] available child pornography through a computer system [,] …
distribut[es] or transmit[s] child pornography through a computer system [,] …
procur[es] child pornography through a computer system for oneself or for
another person [, and/or] … possesses child pornography in a computer system or
on a computer-data storage medium." Article 29(3)(a-d) of the African Union
Convention on Cyber Security and Personal Data Protection also proscribes the
production, procurement, possession, and facilitation of child pornography.
30. Computer Misuse and CyberCrime Act
https://www.pckamunya.co.ke/wp-content/uploads/2018/07/Computer-
Misuse-and-Cybercrimes-Act.pdf