It is in this digital soup, this is a
hyper-relational environment, that we see the
death of the barrier. . . . What we do have is
the network and the death of dichotomy. This is
fatal for the legal system, which depends for
its very life on the existence of barriers-
after all, that's what the law does: it utters
the line between this and that, and punishes the
transgressor.
-- Curtis E.A. Karnow
The Internet is a new frontier, but it's problems
are not unlike any wild, unregulated environment.
Just like the Wild, Wild West, the Internet is
wide open to both exploitation and exploration, it
has good and on it some of its users are simply bad
to the bone. There are no sheriffs on the
Information Superhighway, they think. In reality,
there are more and more law enforcement agents
setting up decoys on the web. While it appears no
one is there to protect you or to to lock-up virtual
desperados and bandits, you can resort to reporting
crimes if committed against you. The lack of
supervision and enforcement in certain areas, leaves
users to watch out for themselves and for each
other. That includes chat rooms on such as AOL, MSN,
and other online services, one's INBOX, and in
anything that extends your contact with another from
inside the web alone to outside at a physical
location.
One problem is that Teenagers keep dangerous
contacts a secret form their parents. It takes
considerable time, but a parent must insure that the
Teen understands that the ONLY reason an adult
impersonating someone their own age, or older, would
ever want to meet them, could potentially end their
life.
Early on in the history of the Internet, a loose
standard called "netiquette" was developed but it is
still very inadequate and not adequately protective,
from the standards found in "real life".
Unfortunately, cyberspace remains wide open to
faceless, nameless con artists that can carry out
all sorts of mischief.
A FEW Basic Rules ACSA has evolved:
A) Know who is contacting you. Find out
their name and address, and check them out first.
Remember, any person can impersonate anyone else!
B) Never give private information like credit
cards, social or other information, unless you
initiated a purchase with a reputable business, and
then only to a Banking Institution or Secure Credit
Card Processor. PayPal is a recommended
payment method, as is Thumbcard.
C) If you suspect fraud, don't pay, you can
always pay later. If you are a merchant and suspect
fraud, don't ship the merchandise, you can always do
so later. Wait and be sure of your customer.
D) Discount all offers up front to pay for goods
in any manner, and ship them to anything but the
confirmed address of the credit card holder or bank
account. ALWAYS check the Address Verification
System of your credit card processor and / or the
bank or credit card company in use.
E) If you receive a check, either verify the
shipping address with a good check verification
service, or provide it to the Bank issuing the
checks, and double check.
F) If you even remotely think someone
unauthorized in the household of the account holder
is pulling a fast one, contact the account holder by
phone.
C) Unless you are an adult, never give out your
real name or address or phone number to anyone you
haven't met in the Real world first, and then only
if they are someone you can trust, like a schoolmate
or teacher, and even then, hesitate. They
should not need your personal information.
The definition of cybercrime is still evolving.
Currently there is much debate among experts about
what constitutes a computer-related or cybercrime.
Cybercrime generally is understood to include
traditional activities such as fraud, theft or
forgery whenever a computer is involved. It can also
include a number of new crimes like
cyberstalking.
Cybercrime can also include activities not
considered criminal in one jurisdiction, but
punishable in another.
The top ten list of scams as recently listed in
Consumer Sentinel, a database maintained by the
Federal Trade
Commission are:
1. Internet auction fraud
2. Internet service provider fraud
3. Fraudulent Internet web-site design/promotions
(web cramming)
4. Fraud related to Internet information and adult
services
5. Multi-level marketing (pyramid sales) fraud
6. Business opportunities and work-at-home fraud
7. Investment, get-rich-quick schemes
8. Travel/holiday fraud
9. Telephone, pay-per-call solicitation frauds
10. Health-care fraud.
We cover most of the significant cybercrime
issues below.
Computer Network
Intrusions
One of the first problems with networks was that
people can get into them from anywhere. The popular
movie "War Games" illustrated an extreme but useful
example of this.
Crackers (often misnamed hackers) can break into
computer systems from anywhere in the world and
steal data, plant viruses, create back doors, insert
Trojan Horses, or change user names and passwords.
Network intrusions are illegal, but detection and
enforcement are difficult. Current law is limited
and many intrusions go undetected. The cracker can
bypass existing password protection by creating a
program to capture logon IDs and passwords.
Password sniffers are programs that monitor and
record the name and password of network users as
they log in, jeopardizing security at a site.
Whoever installs the sniffer can then impersonate an
authorized user and log in to access restricted
documents. Laws are not yet set up to adequately
prosecute a person for impersonating another person
on-line, but laws designed to prevent unauthorized
access to information may be effective in
apprehending crackers using sniffer programs.
Spoofing is done when you disguise one computer
to electronically "look" like another computer in
order to gain access to a system that would normally
be restricted.
Corporations, like governments, often spy on the
enemy. The Internet and privately networked systems
provide new and better opportunities for espionage.
Spies can get information about product finances,
research and development, and marketing strategies.
These cyberspies rarely leave behind a trail.
Stock manipulation, pyramid schemes,
fraudulent business opportunities, offshore scams,
are all types of cyberfraud. The Internet has made
these all the easier with
fraudulent web auctions, internet services,
merchandise, pyramid and multilevel marketing
schemes, business opportunities, work-at-home
schemes, credit card issuing, sweepstakes, and book
sales leading the way.
Cyberstalking refers to sending
harassing or threatening E-mail to others and
includes e-mail threats, e-mail
bombs, "nuking", sending unwanted message or
files, inappropriate requests in chat rooms, forged
e-mail source addresses, and inappropriate postings
on message boards. Cyberstalkers have been known to
make death threats, to publicize the victim's home
address and telephone number, and worse. It has
been estimated that approximately 200,000 people
stalk someone each year.
Cyberstalkers usually target women
and children who are inexperienced in on-line
activities and the rules of netiquette. These
stalkers feel empowered by their perceived
anonymity. Stalkers generally lose interest if they
don't get the reactions they seek.
How do defend yourself:
- Stay anonymous -
choose a genderless screen name
- Never give your
full name or address to strangers
- Learn
'netiquette' - follow it and expect it from
others
- Don't respond to
harassing or negative messages (flames)
- Get out of
uncomfortable or hostile situations quickly
- Watch what you
say - don't flirt online
- Save offending
messages
- Learn more about
Internet privacy
In general, it is easy to avoid cyberstalking -
you just need to avoid appearing to be an
inexperienced young girl. Don't accept files from
or give any personal information to strangers.
According to estimates by the U.S.
Software and
Information Industry Association, as much as
$7.5 billion of American software may be illegally
copied and distributed annually worldwide. Piracy is
easy, and few pirates are caught. T his
issue is thoroughly covered on the
What are Warez? page.
Cyberterrorism is the use of
computers and programs in attacks against others.
Cyberterrorism is thoroughly covered on our
Infowar page.
The use of the Internet to hinder
the normal functioning of a computer system through
the introduction of worms, viruses, or logic bombs
is referred to as computer sabotage. Computer
sabotage can be used to gain economic advantage over
a competitor, to promote the illegal activities of
terrorists, or to steal data or programs for
extortion purposes.
Software can be written that will instruct a
computer to do almost anything, now terrorism has
hit the Internet in the form of mail bombings. By
instructing a computer to repeatedly send electronic
mail (email) to a specified person's email address,
the cybercriminal can overwhelm the recipient's
personal account and potentially shut down entire
systems. This may or may not be illegal, but it is
certainly disruptive.
Millions of dollars may be lost annually by
consumers who have credit card and calling card
numbers stolen from on-line databases. Security
measures are improving, and traditional methods of
law enforcement seem to be sufficient for
prosecuting the thieves of such information.
Bulletin boards and other on-line services are
frequent targets for hackers who want to access
large databases of credit card information. Such
attacks usually result in the implementation of
stronger security systems.
Identity theft is really identity fraud. This
theft of one's identity occurs a criminal uses
someone else's identity for their own illegal
purposes. Examples include fraudulently obtaining
credit, stealing money from the victim’s bank
accounts, using the victim's credit card number,
establishing accounts with utility companies,
renting an apartment, or even filing bankruptcy
using the victim’s name. The cyber-impersonator can
steal unlimited funds in the victim’s name without
the victim even knowing about it for months -- even
years.
Conclusion
Cyber crime is a rapidly growing and evolving
area. Computer experts will be constantly
challenged to keep up with cyber crime techniques
and tools. Business continuity depends on strong
computer security and disaster recovery operations.
Do you best to stay current on these issues. The
links below offer some excellent resources for this
purpose.
LINKS
Related Pages
What are Warez?
InfoWar - Information Warfare
Cyber crime Resources
The
FBI
and the
National White Collar Crime Center are dedicated
to detecting and preventing all types of
computer-related crimes.
Computer Crime and Intellectual Property Section
(CCIPS) in the Criminal Division of the U.S.
Department of Justice.
National
Cybercrime Training Partnership - (NCTP) Leads
the Training Community in Developing a New Paradigm
for Training Law Enforcement in Electronic and
High-Technology Crime.
Cybercrime on the Internet - comprehensive
coverage of this issue
Cybercrime coverage from Techtv.com
CyberCrime - Justice, Law and Society - a great
collection of links from
InfoSysSec
Articles
Spies in the Digital Age-Noted espionage expert
H. Keith Melton explains how computers have changed
the rules of the game
What Is Computer and Telecommunication Crime?-from
the Royal Canadian Mounted Police
Who Should Fight Cybercrime? - from Wired, who
should it be? Politicians generally don't have the
technical understanding to make the informed
decisions that could become law. On the flip side:
Engineers are neither politicians nor police.
Internet Research Resources
411
Listings - search White Pages
Search-Top 10 Computer Searches for Locating Missing
Persons
Resources for Investigators - Canadian site
Cyber Helpers
Get virus protection software from
McAfee.com
The
Center for
Society and Cyber Studies
-
cyber crime news, internet Investigation,
Cybercrime Training & Education, e-Profiling, Public
Safety Cybercrime Units, and more.
CyberSnitch™
is the a High Tech Crime Reporting System that let's
you report Internet crimes. All reported crimes are
immediately received by legitimate law enforcement
agencies across the United States for further
investigation.
Cyber Angels
Need help? Cyber Angels Is the Largest Internet
Safety Organization in the World.
Privacy
Rights Clearinghouse, a California consumer
advocacy organization and hotline.
Get help with the
Identity-Theft Survival Kit. By a survivor of
identity-theft -- a Complete Package For Restoring
Your Credit And Peace Of Mind.
BOOKS
Secrets and Lies: Digital Security in a Networked
World - covers the
technologies used to protect and intercept data, and
strategies for proper implementation of security
systems.
Naked in Cyberspace: How to Find Personal
Information Online - reveals the personal
records available on the Net and demonstrates both
how they are used and how to use them.
Your Personal Netspy: How You Can Access the Facts
and Cover Your Tracks Using the Internet and Online
Services - Even if you find snooping about
other people distasteful, you should get this book
to find out what others can find out about you--and
how you can cover your digital tracks.
Data Privacy Law - an authoritative study in
three parts of U.S. data protection standards.
Legislating Privacy: Technology, Social Values, and
Public Policy - an excellent review of
privacy-related writings and case studies of
successful and unsuccessful privacy legislation.
Other Titles
Borders in Cyberspace: Information Policy and the
Global Information Infrastructure
Business Guide to Privacy and Data Protection
Legislation
The Computer Privacy Handbook: A Practical Guide to
E-Mail Encryption, Data Protection, and PGP Privacy
Software
Computers, Surveillance, and Privacy
Cryptography & Privacy Sourcebook (1996): Documents
on Wiretapping, Cryptography, the Clipper Chip, Key
Escrow & Export
PGP: Pretty Good Privacy |
