Today after the BPO outburst in the country we now live and work in a world’s biggest back office of global connectivity. We can exchange casual conversation or conduct multimillion monetary transactions with people on the other side of the planet quickly and inexpensively. The proliferation of personal computers, easy access to the Internet, and a booming market for related new communications devices have changed the way we spend our leisure time and the way we do business.
The ways in which criminals commit crimes is also changing. Universal digital accessibility opens up new opportunities for the unscrupulous. Millions of dollars are lost to computer-savvy criminals by both businesses and consumers. Worse, computers and networks can be used to harass victims or set them up for violent attacks-even to coordinate and carry out terrorist activities that threaten us all. Unfortunately, in many cases law enforcement agencies have lagged behind these criminals, lacking the technology and the trained personnel to address this new and growing threat, which has been aptly, termed cybercrime.
Until recently, many information technology (IT) professionals lacked awareness of and interest in the cyber crime phenomenon. In many cases, law enforcement officers have lacked the tools needed to tackle the problem; old laws didn’t quite fit the crimes being committed, new laws hadn’t quite caught up to the reality of what was happening, and there were few court precedents to look to for guidance. Furthermore, debates over privacy issues hampered the ability of enforcement agents to gather the evidence needed to prosecute these new cases. Finally, there was a certain amount of antipathy-or at the least, distrust-between the two most important players in any effective fight against cyber crime: law enforcement agents and computer professionals. Yet close cooperation between the two is crucial if we are to control the cyber crime problem and make the Internet a safe “place” for its users.
Law enforcement personnel understand the criminal mindset and know the basics of gathering evidence and bringing offenders to justice. IT personnel understand computers and networks, how they work, and how to track down information on them. Each has half of the key to defeating the cyber criminal.
Cybercrime: It sounds exotic, the stuff of which futuristic science fiction novels are made. However, law enforcement officers, network administrators, and others who deal with crime and/or cyberspace are discovering that the future is now, and cybercrime is a big and growing problem.
According to the Internet Fraud Complaint Center (IFCC), a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center, between May 2000 and May 2001, its first year of operation, the IFCC Web site received 30,503 complaints of Internet fraud. (The full report can be downloaded in .PDF format at www1.ifccfbi.gov/strategy/IFCC_Annual_Report.pdf)
According to the Computer Security Institute’s Computer Crime and Security Survey for 2001, conducted in conjunction with the FBI’s Computer Intrusion Squad, 186 responding corporations and government agencies reported total financial losses of over US$3.5 million, due primarily to theft of proprietary information and financial fraud (Source: gocsi.com/press/20020407.html ).
According to the Cybersnitch Voluntary Online Crime Reporting System, Internet-related crimes range from desktop forgery to child pornography and include such potentially violent crimes as electronic stalking and terrorist threats.
According to Meridien Research, as reported at epaynews.com, the cost of Internet fraud is expected to reach between US$5 billion and US$15 billion by 2005.
Although almost anyone has the potential to be affected by cybercrime, two groups of people must deal with this phenomenon on an ongoing basis:
- Information technology professionals, who are most often responsible for providing the first line of defense and for discovering cybercrime when it does occur
- Law enforcement professionals, who are responsible for sorting through a bewildering array of legal, jurisdictional, and practical issues in their attempts to bring cybercriminals to justiceInternational Law: The United Nations Definition of Cybercrime
Cybercrime spans not only state but national boundaries as well. Perhaps we should look to international organizations to provide a standard definition of the crime. At the Tenth United Nations Congress on the Prevention of Crime and Treatment of Offenders, in a workshop devoted to the issues of crimes related to computer networks, cybercrime was broken into two categories and defined thus:
a. Cybercrime in a narrow sense (computer crime): Any illegal behavior directed by means of electronic operations that targets the security of computer systems and the data processed by them.
b. Cybercrime in a broader sense (computer-related crime): Any illegal behavior committed by means of, or in relation to, a computer system or network, including such crimes as illegal possession [and] offering or distributing information by means of a computer system or network.
Of course, these definitions are complicated by the fact that an act may be illegal in one nation but not in another.
The paper goes on to give more concrete examples, including:
- Unauthorized access
- Damage to computer data or programs
- Computer sabotage
- Unauthorized interception of communications
- Computer espionage
These definitions, although not completely definitive, do give us a good starting point-one that has some international recognition and agreement-for determining just what we mean by the term cybercrime.
IT professionals need good definitions of cybercrime in order to know when (and what) to report to police, but law enforcement agencies must have statutory definitions of specific crimes in order to charge a criminal with an offense. The first step in specifically defining individual cybercrimes is to sort all the acts that can be considered cybercrimes into organized categories.
Copyright: Amit Nayak