The Forms of Cybercrime

Cybercrime is a worldwide problem that requires operational technical and legal response. Every human achievement present challenges that need addressing by creating laws to regulate their activities. Information is an essential component of the success of any organisation, and its security is prioritised. The increasing cyber attack and hacking of information are threatening the financial gains by the affected organisation. The use of ransomware to encrypt data and demand ransom has caused massive financial losses to both individuals and organisations. However, cybercrimes can be reduced by reducing the vulnerabilities of information security through the use of strong passwords, data encryption and identity protection. The paper presents various forms of cybercrimes such as identity theft, credit card theft, cyberterrorism, cyberattack, software piracy and electronic stalking and bullying. Cyberterrorism creates avenues for soliciting funds for terrorist groups who use such income to commit crimes against humanity. Besides, cyberterrorism provides a stage for rumour mongering and political propaganda that affects the outcome of elections hence compromising civic rights. Therefore, the paper tries to give an overview of cybercrime, impacts, forms and possible interventions.

Cybercrimes

Cybercrime refers to the use of computers or digital devices to commit crimes. The computer can become a target of the crime, a tool used to commit the crime or contain evidence that a crime was committed.  Since a large amount of data processing relies on information technology (IT), the investigation, prevention and control of cybercrimes is paramount for the success of organisations that heavily rely on online information sharing. There is an increasing need by organisations and government agencies to identify cybercrime experts who would assist in mitigating the menace through earlier detection and prevention of the frauds. The experts can assist in conducting a forensic investigation; reconstruct the crime scene, gather necessary evidence and present their findings to the relevant authorities for arrest, trial and sentencing of the charlatans. Cybercrime is a global problem that requires significant technical and legal responses. Stanciu and Tinca (2017) considered security and efficient use of information as a valuable asset because it supports value creation and sustainable development. However, over dependency by companies on IT creates concern among managers in security information issues because cybercrime is a potential threat to the realisation of financial and business objectives. Complex incidences of security attacks threaten individuals, public institutions, companies and social life in general. The digital global society creates no borders and cybercriminals focus on any isolated target in any part of the world. As such, the focus of this research is to offer comprehensive knowledge about cybercrimes, cybercriminals behaviour, implications of the breaches, litigation and to develop thoughts on cybersecurity and means of its enhancement.

Research Questions

The current study tried to answer the following questions.

a) What are we trying to protect? People tend to protect assets, available network resources, network infrastructure and confidential individual data stored either electronically, physically or intellectual property.

b) What are the most significant challenges that organisations face today? Some of the challenges include environmental complexity, inadequate focus on security, new threats and exploits, the low budget for security and shortage of qualified staff.

c) Why are attackers not getting appropriate jail terms?

d) What motivate cybercriminals?

Methods

The study relied on a systematic review of the available literature on CC and security. The research investigated various studies performed by different scholars from different geographical locations and regions on information technology (IT) and CC. The study evaluated the main issues emphasised by the scholars in the conducted surveys regarding the evolution of the modern forms of computer initiated criminal activities. The study analysed the concerns by IT experts and maintained the views held by the researchers. The paper also used consensual inductive approach to analyse and synthesise alternative points of view that revealed the concern and dimensions of CC. The study is part of extensive ongoing research by another scientist in trying to comprehend the evolution of cybersecurity and cyberattacks techniques and suggest ways of strengthening the security of the information system infrastructure.

Forms of Cybercrimes

The negative impact of cybercrime of government agencies, organisations and civilian population has attracted extensive research in the security of the information system. The researchers have identified various forms and techniques used by the cybercriminals to exploit the vulnerabilities that exist in data security. Microsoft report (2017) identified various types of cybercrimes such as credit card theft, cyber terrorism and electronic stalking and bullying. Other forms identified are cyber hacking and cracking, identity theft, network intrusions and software piracy. Goldman, Maruyama, Rosenberg, Saravalle and Solomon-Strauss (2017) confirmed that credit card theft is on the rise due to the digitisation of markets and increasing use of electronic cash. The criminals target individuals with credit or debit cards and fraudulently access their accounts with the intention of withdrawing the existing funds or make purchases without making payments. Some skimmers may use robotic phone calls to jam the network of the victim and access confidential information or act as service providers calling to make inquiries on some ongoing account activities which might capture the attention of the victim and disclose private information with the intention of preventing crime while unaware that they are facilitating one.

Secondly, cyberterrorism is on the rise. Research by Goldman, Maruyama, Rosenberg, Saravalle and Solomon-Strauss (2017) identified an increasing trend in cyberterrorism activities such as the use of propaganda and psychological warfare, communication and networking, and fraudulent fundraising. Stanciu and Tinca (2017) defines cyberterrorism as the convergence of cyberspace with terrorist activities. Cyberterrorism by be used to influence elections thereby leading to ideological change. It can also be used to raise funds for terrorist groups. For instance, Indonesian security discovered the transfer of funds by Islamic State operative to a partner in Indonesia using bitcoin (Goldman et al., 2017). Contrastingly, pure cyberterrorism involves a direct attack on the cyberinfrastructure of the victims to achieve political, ideological or religious gains (Zerzri, 2017).

Thirdly, electronic stalking and bullying refer to the use of the internet by cybercriminals to harass group or an individual. Stanciu and Tinca (2017) identified several forms of harassment such as false accusation, libel, slander and defamation. The main intention of the cybercriminals is to gather information about the victims and used to embarrass, harass or threaten the victim. Cyberbullying in some states like California is regarded as a criminal offence (Stanciu and Tinca, 2017, pp. 615). Cyberbullying is an advanced level cyberstalking with severe consequences such as higher levels of anxiety and depression among the victims.

Fourthly, cyber hacking and cracking have adverse consequences as it leads to the loss of confidential data that might end up landing in wrong hands thereby promoting identity theft. Hacking refers to the unauthorised access to confidential information through software modification. Since the onset of the year 2018, there have been several successful hacking incidences. Some of the notable hackings include Russian Grid Hacking of the US power grid and hacking of over 300 universities in the US by Iranian hackers who stole 31 terabyte of data worth over $3 billion in intellectual property (Newman, 2018). Besides, hacking of the Under Armour’s MyfitnessPal application that compromised and exposed emails, passwords and usernames of over 150 million users (Newman, 2018). However, there are modern forms software modification by hackers such as the use of cigarettes attached to PCs (Bevington, 2017, n.pag). E-cigarettes are peripheral devices that are easily accessible but may be used by hackers to unlock PCs and leak data to third parties (Bevington, 2017, n.pag). Hackers may also intrude private and public networks, access the user details and use the information to demand ransom or compromise users’ bank accounts.

Impacts of Cybercrimes

Cybercrime has no positive impacts on individuals. However, increase in digital crime has elicited research in the possible ways of identifying intrusion and preventing loss of data to unauthorised parties (Kanayama, 2017, pp.26). The increasing rate of data fraud by cybercriminals has led to the development of cybercrime literacy curriculum to create awareness and possible ways of preventing future attacks. However, the complexity of the cybercrimes makes identification of genuine request and fraudulent requests from servers very tricky. As such, there escalating level of fraudulent activities facilitated by the internet has led to significant financial losses by companies and government agencies (Kanayama, 2017). For instance, the hacking of 300 universities by the Iranian hackers led to data leakages of intellectual property amounting to $3 billion (Newman, 2018). The Centre for Strategic and International Studies (CSIS) together with McAfee reported an increasing rate cybercriminal activities leading to global loss of $445 billion in 2014. However, the increasing trend has led to the loss of $600 billion by January 2018 (Lewis, 2018).

Moreover, companies and government institutions are increasing the spending on information by funding research and hiring IT specialists who help in reducing system vulnerabilities and enhance the safety of digital information. Increasing competition among businesses and banks in offering in time services has plummeted the number of credit cards in circulation. The attackers have accesses credit and debit cards of more than 200 million people worldwide that led to enormous financial losses (Armerding, 2018). Some of the few cases since 2013 include hacking of 145 million eBay users credit cards (2014), 209,000 Equifax consumer credit cards exposed (2017), 134 million credit cards of Heartland Payment Systems customers (2008) and 40 million credit cards for Target Stores clients (2013) (Armerding, 2018).

Furthermore, the escalating rate of cybercrimes is a threat to national security as new uncontrolled forms of payments such as Bitcoins, Ethereum, Dash and Ripple have been used to transfer money to terrorist groups leading to escalating global terrorism (Goldman, Maruyama, Rosenberg, Saravalle and Solomon-Strauss, 2017). Further analysis by Stancu (2016) indicates that the use of cyberterrorism and cyberbullying target vulnerable groups, who are easily recruited, paid and used to commit acts of terror across the globe. Therefore, cyberterrorism has several negative implications leading to economic deterioration, theft of private information and loss of finances. The modern form of file encryption virus called ransomware has affected several users leading to loss of confidential information if one is not able to pay the ransom and loss of finances to those who raise the required ransom (Stancu, 2016, pp. 75). This has affected both the public and governments institutions alike. Besides, companies spend much cash on securing digital information reducing the profitability index of many companies.

Discussion Supporting With Evidence

The motivation behind cybercrimes is financial gains. Research by Stanciu and Tinca (2017) noted the increasing trend is a ransomware attack. The criminals use a virus to encrypt user information and demand a ransom to decrypt the data. The second motivation was credential theft whose consequences were significant financial losses by organisations. The cybercriminal target wealthy individuals, casinos, banks and financial firms with substantial daily financial flows. The main intention of the criminals is to make easy money by hacking confidential information. For instance, NotPetya attack on pharmaceutical giant cost the company more than $300 million (Armerding, 2018, n.pag). Secondly, a group of criminals called Shadow Brokers leaked EternalBlue, a vulnerability in Microsoft security patch and developed “WanaCrypt0r 2.0” virus which was used to attack United Kingdom’s National Health Services (UK NHS) internet service provider Telefonica. The criminals left a note demanding $300 in Bitcoin as ransom without assurance that the files would be decrypted (Bisson, 2017, n.pag). Other ransomware attacks were BadRabbit that affected media outlets in Russia and Ukraine and Cerber ransomware, which affected the most significant number of computers ever in history and lead to loss of confidential information and resources (Bisson, 2017, n.pag).

Cyberattacks are a threat to national security. The rise of botnets (a group of computers and telecommunication devices that have been hacked) may be used to jam network and create unrealistic requests. Several requests from savers create digital traffic hence preventing security serves from distinguishing the genuine request from non-genuine one. When this happens, security firms, organisation and individuals are temporarily denied services while the hackers are infiltrating the servers and stealing confidential information. If such information regarding secret government dealings and security information is leaked, the effect can be devastating.

Intervention

The systematic analysis of the available literature indicates that cybercrime is a multidimensional and cross-border crime that requires a cross-sectoral approach (Stancu and Tinca, 2017). The strategy requires private sectors, a public-private collaboration between law enforcement agencies, the IT industry, information security firms, internet companies and financial organisations. Because of the complexity in presenting evidence of cyber crimes as it does not involve physical assaults or appearance, it is essential to take precautions (Stancu, 2016). The suggested precautionary measure include using strong passwords, be social media savvy and keep profiles private, secure mobile devices by downloading applications from trusted sources only, protecting data through encryption with passwords, protect digital identity and protecting PCs with security software. Besides, the organisation should hire experts who can protect data and identify breaches before they have a devastating effect.

Issues (professional ethics, social/legal issues)

The increasing assimilation of technology continues to have a growing impact on society and its affairs. Therefore, most communities, organisations and religious groups find it difficult to function without communication. Goldman, Maruyama, Rosenberg, Saravalle and Solomon-Strauss (2017) acknowledges that every human achievement creates social problems that require legislation to harmonise the co-ordination of the activities in a professional manner. However, Stanciu and Tinca (2017) observed that the existing legal structures are insufficient to handle the civil, criminal and moral wrongs committed by the digital fraudsters leading to deterioration of professional ethics. As such, prosecutors and courts struggle to convict criminals due to weak legal systems. Madhu (2016) underscore that despite the establishment of Interpol police with international jurisdiction to oversee the investigations involving cybercrimes, the different legal structures in different countries have limited the success of such efforts.

Consequently, cybercrimes in India, UK and US are increasing due to the high number of internet traffic and financial stability of firms operating in these regions hence becoming a primary target for hackers (Madhu, 2016). Surprisingly, the UK and the US have emphasised that organisations should strengthen their information security without creating legislation (Stancu, 2016). However, India created legislations under the information technology act, 2000 to try cyber criminals. The act indicates that whoever with the intention to cause or knowing to cause wrongful loss or damage to the public by deleting, altering information or diminishing its value commits a crime. Such people can be sentenced to three years jail term alongside financial compensations.  

Conclusion

Advancement in technology has facilitated computer-generated crimes that target the public, organisation and government agencies. Information security is a priority for any organisation as it is an essential factor in stimulating economic growth and development. Wrong use and access to information may be detrimental to governments and business organisations hence creating the need to develop measures to curb cybercrimes with the intention of enhancing the integrity and security of information.

Challenges and Opportunities Ahead.

Despite the major challenges presented by cybercrimes such as cyberterrorism, phishing, vishing, cyberstalking and cyberbullying others, there are potential future improvements in information security as many organisation are heavily investing in research to facilitate information security. In addition, the creation of cybercrime legislation by countries like India and the European Commission are positive steps towards reducing the impact. The public is becoming techno-savvy and informed thereby enhancing the identification and prevention of crimes before they are committed.

Personal Reflection

Despite the several challenges facing the information technology sector, I think that most organisations have good intentions in maintaining and providing a secure platform for sharing information. Although human beings may not be perfect in developing information security systems, it is wrong for individuals to exploit the vulnerabilities that exist to cause psychological, social and financial harm to others. I believe that using personal knowledge to cause harm or exploit organisations and people is unethical and should be condemned. I think there is a need to create an international body to investigate and try cybercriminals. Any nation can become a victim of cyberattacks as the criminals use remote locations, which might not require physical location in the target country. Besides, I believe that there is a need for the government to enact a measure to regulate the use of the internet to promote the integrity of shared information.

References

Armerding, T. (2018). The 17 biggest data breaches of the 21st century. [online] CSO Online. Available at: https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html [Accessed 20 Oct. 2018].

Bevington, R. (2017). How e-cigarettes can be used to hack computers. [online] Sky News. Available at: https://news.sky.com/story/e-cigarettes-can-be-used-to-hack-computers-10908333 [Accessed 20 Oct. 2018].

Bisson, D. (2017). 10 of the Most Significant Ransomware Attacks of 2017. [online] The State of Security. Available at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/10-significant-ransomware-attacks-2017/ [Accessed 21 Oct. 2018].

Goldman, Z., Maruyama, E., Rosenberg, E., Saravalle, E. and Solomon-Strauss, J. (2017). Terrorist Use Of Virtual Currencies Containing the Potential Threat. CNAS, pp.1-56.

Kanayama, T. (2017). Impact of Cybercrime in Japan—Findings of Cybercrime Victimization Survey. Sociology Study, 7(6).

Lewis, J. (2018). Economic Impact of Cybercrime At $600 Billion and Counting - No Slowing Down. [online] Csis.org. Available at: https://www.csis.org/analysis/economic-impact-cybercrime [Accessed 20 Oct. 2018].

Madhu, S. (2016). Why cybercrime is an important issue - Microsoft in Education. [online] Education.microsoft.com. Available at: https://education.microsoft.com/Story/Lesson?token=Etigi [Accessed 21 Oct. 2018].

Newman, L. (2018). The Worst Cybersecurity Breaches of 2018 So Far. [online] WIRED. Available at: https://www.wired.com/story/20h18-worst-hacks-so-far/ [Accessed 20 Oct. 2018].

Stanciu, V. and Tinca, A. (2017) ‘Exploring cybercrime - realities and challenges’, Accounting & Management Information Systems / Contabilitate si Informatica de Gestiune, 16(4), pp. 610–632. doi: 10.24818/jamis.2017.04009.

Stancu, A. I. (2016) ‘Evolution of the International Regulations Regarding Cybercrime’, Public Administration & Regional Studies, 18(2), pp. 72–79.

Zerzri, M. (2017). The Threat of Cyber Terrorism and Recommendations for Countermeasures. C·A·Perspectives on Tunisia. Center for Applied Policy Research. pp. 1-6