Cybercrime Threats and Techniques
Cybercrime: Threats and Techniques
Common Cybercrime Activities:
- Phishing: Making fraudulent offers to consumers, such as manipulating the price of stocks, bonds, and securities, or selling computer equipment in regions with established e-commerce.
- Money Laundering: E-commerce can be used for the electronic transfer of goods or money to launder the proceeds of crime, especially if transactions can be hidden.
Phishing Details
The growth of telematics (remote computing) allows for increased purchases but also increases cases of fraud. This creates a dynamic where all the requirements of the crime of fraud are met, including deception and *”animus defraudandi”* (intent to defraud). There would be fraud against the person making the purchase.
Stratagems
Scammers use various techniques to hide computers, making them “look” electronically like another computer, to gain access to restricted systems and commit crimes. The famous hacker Kevin Mitnick used such tricks in 1996 to enter the home computer of Tsutomu Shimamura, a security expert, and distribute valuable security secrets on the Internet.
Online Gambling Issues
Online gambling has increased as e-commerce provides credit facilities and fund transfers over the Net. Problems occur in countries where gambling is a crime or where national authorities require licenses. Furthermore, fair play cannot be guaranteed, given the technical problems involved and the difficulty of judicial supervision.
Copyright Infringement of Databases
There is no uniform protection for databases in countries with Internet access. The most common protection system is contractual: the owner of the system allows users to download files, but forbids the replication of the database or the bulk copying of information.
Unauthorized Use of Computer Systems
This involves the unauthorized use of computers and software belonging to another’s computer system. This behavior is commonly committed by employees of data processing systems who use systems for private companies and follow-up work. Significant financial loss for companies occurs primarily in cases of abuse in teleprocessing or when companies must pay rent for system usage time.
Software Piracy and Computer Espionage
This encompasses behaviors aimed at illegally obtaining data from an information system. Common targets include research data, customer lists, and financial balances. In many cases, the object of the seizure is the computer program (software) itself, which often has significant economic value.
“Routine Cancer”
Another method that acts on application programs is called “routine cancer.” In this technique, destructive programs reproduce themselves in other programs, arbitrarily chosen.
Logic Bombs (Time Bombs)
In this method, the destructive activity of the program begins after a delay, either by the passage of time (e.g., two months or a specific date/time) or the occurrence of a predetermined condition (which may or may not appear), such as the presence of a data point, a code, or any command that the programmer sets as a signal to start acting. French case law provides examples of such cases. For instance, an employee programmed the system so that the company files would be automatically destroyed if his name was erased from the list of employees.
Fraud and Sabotage
Although it depends greatly on the type of organization, fraud and sabotage are crimes that most affect organizations. These crimes are often not clearly defined and published within the organization as offenses (e.g., piracy, misuse of information, omission of checks, unauthorized use of assets and/or computer services), and they can have a significant long-term impact.