CYBER CRIME

PRESENTED BY

ROHIT REVO

CONTENTS
Title

Page

Internet as Medium of Crime

Definitions of Cybercrime

Classification of Cyber Crime

Cyber Criminals

Cyber Crime Challenges

Traditional Crime and its Cyber Equivalents

Defining Cyber Crime Offenses

Criminal vs Non Criminal Act

10

International Cyber Crime Laws

11

Criminal and Non Criminal Cyber Crime Offenses

13

Criminal and Non Criminal Cyber Crime Offenses

14

Criminal and Non Criminal Cyber Crime Offenses

15

Criminal and Non Criminal Cyber Crime Offenses

16

CYBER CRIME THEORY

Internet as a medium for

Crime
Internet offers unparalleled opportunities to criminals and coupled with the ease of access and
anonymity, it serves as a useful tool to amass huge wealth with minimum efforts. Transnational
Organized Crime syndicates are now resorting to Cyber Crime and thus threatening the security
of global financial industry and other sovereign Nation States.
According to Nortons annual Cybercrime Report, the estimated annual cost over global
cybercrime is 110 billion. 1
Globally, each victim accounted for an average of $197 in financial loss. In the US this increased
to $290. 2
The burgeoning of internet and introduction of new digital technologies provide a platform for
committing crimes such as fraud and identity theft on an industrial scale. 3 Easy access to
Internet has created new opportunities for criminals and also equipped and motivated a new set
of people to carry these crimes in the cyberspace, effectively creating new business models.
These days basic malware software packages are being offered which give people an opportunity
CYBER
THEORY
to have
a goCRIME
at hacking
and a chance to steal online passwords. Some of these packages are
very readily available and even offer money-back guarantee that makes it easier than ever to
create and spread malware. 4

Definitions of Cybercrime
Crime is defined as an action or omission which constitutes an offence and is punishable by law.

While the definition of Crime is widely accepted, there is an absence of an agreed definition for Cybercrime. Given the fast
changing pace of developments in this industry, the definition of Cybercrime is still evolving. Though widely used in day today conversations
and in media, this term means different things to different people.

Directed at computers

Crime using Electronic Networks

Crimes directed at computers or other information communications

technologies (ICTs) such as hacking and denial of service attacks.

Cybercrimes are crimes which are mediated by networked

technology and not just computer. 9

Crimes where computers or ICTs are an integral part of an offence

(such as online fraud, identity theft and the distribution of child
exploitation material) . 6

Any crime conducted using networked computers and can include

criminal activities.

Directed again CIA

Computer Crime

Cyber Crime is an action directed against the confidentiality,

integrity and availability (CIA) of computer systems, networks and
computer data as well as misuse of such systems, networks and
data. 7

The term computer crime has often been used to cover a

multitude of offences ranging from virus dissemination, hacking and
organized crime to terrorist rings that use the computer and
computer networks in the commission of the offence. 10

Computer-focused crimes

Computer-mediated activities

Computer-focused crimes on the other hand include crimes that

emerged in tandem with the establishment of the Internet and could
not exist apart from it, such as virus, malware or botnet infection,
and hacking. 8

Cybercrime is computer-mediated activities which are either illegal

or considered illicit by certain parties and which can be conducted
through global electronic networks. 11

Classification of Cyber
Crime
Many academicians, agencies and companies have tried to
classify the cyber crimes and group them into different sub
classifications. This is important to identify the level of offence
and which category the offence falls into.
True Cyber Crime and E-enabled Cyber Crime

Type I and Type II Cyber Crime

We should seek to distinguish between true cyber crime (i.e.

dishonest or malicious acts which would not exist outside of an
online environment, or at least not in the same kind of form or
with anything like the same impact), and crime which is simply
e-enabled (i.e. a criminal act known to the world before the
advent of the worldwide web, but which is now increasingly
perpetrated over the Internet). 13

Type I is generally a singular, or discrete, event from the

Intentional Cyber Crime vs Unintentional Cyber Crime

perspective of the victim. It often is facilitated by the

introduction of crime ware programs such as keystroke loggers,
viruses, rootkits or Trojan horses into the users computer
system.
Type II cybercrime, at the other end of the spectrum, includes,
but is not limited to activities such as cyber stalking and
harassment, child predation, extortion, blackmail, stock market
manipulation, complex. 14

Take an example of an email got from a spammer, which the receiver forward to another friend without checking the contents. The sender
may be committing a cyber crime offense by distributing a malicious Trojan or self replicating virus unintentionally. The penalties for
unintentional cyber crime are lenient as compared to people committing intentional acts of cyber crime with the sole aim of causing financial
and reputation loss
A recent addition to cyber crime is corporate espionage, and planning or carrying out terrorist activities online.

CYBER CRIME THEORY

Cyber Criminals

The computer underground lexicon generally divides computer criminals into three
separate types: script-kiddies, hackers, and crackers.
Script-kiddies employ tools downloaded from the Internet to exploit common security
weaknesses. They are involved in nuisance crimes like defacing websites and the amount
of damage they cause is limited.
Hackers are able to use the standard tools with a much higher degree of sophistication
and some are adept enough to design intrusion programs. There is also a voyeuristic
component
Crackers include those who attack computer systems for personal profit, such as people
carrying out economic espionage, or for malicious purposes, like virus writers. Cyber
terrorists are grouped with crackers because they share similarly malevolent purposes 15
CYBER CRIME THEORY

Cyber Crime Challenges

One of the distinct characteristics of Cyber Crime is that it could occur within multiple jurisdictions and is more cross
border in nature. A cyber crime could be conducted on servers in Australia by a person or a group of persons in China
or India. Thus a criminal law is fraught with jurisdiction issues as different countries may have different cyber laws and
may not treat the offence with the same penalty.
A cyber criminal may be a juvenile and may thus be treated differently that an adult offender. Cyber Criminals could
also escape in some countries using legal loopholes or lack of substantive legal provisions for this illegal conduct. Such
offences may be overlooked. Also there could be lack of cooperation between different countries.
Lack of Awareness of Cyber Threats

Localisation of Cyber Criminals

There is still a lack of awareness relating to cyber threats and cyber

crime. While it is being talked about a lot, many countries and
companies have yet to address the risks associated with this. Any
countries with weak cyber regulation thus becomes safe havens for
such groups and puts other countries at risk.

In some countries the laws may either not been developed yet or they may
be tolerant and lenient towards certain cyber crime activities, which would
in the long run cause these criminals to localise their activities in certain
countries. Like the Nigerian email spam and the Russian and Chinese
malware activists.

Ease of Location
Cyber crime is easier to conduct that a traditional crime as an
operator can operate from any location, and in the absence of a
formal crime scene, cyber crime needs specialised people and data
forensics to track the digital evidence. All the collaborators can
operate in a virtual world and once they taste success, they boast
and build a false aura around their digital personalities, which is also
encouraging a lot of hackers.

CYBER CRIME THEORY

Offshore and Cross Border Players

In a traditional crime, the players involved may be from the same country
where the crime occurred whereas in Cyber crime the players could be
offshore and they could be ideologically motivated to form groups to
threaten the infrastructure of the target country apart from targeting
individuals and businesses in these countries.

Cybercrime
Traditional criminals or robbers in the past would have to physically enter
the bank premises and gain entry to collect cash and monies. Whereas
cyber criminals can gain access to banks computer system and steal
money and cause massive disruptions to the operations of the bank and
also cause irreparable damage to the banks reputation.

Traditional Crime and its Cyber Equivalents

16

It would be fair to say that traditional crime is now migrating into the realm of
Internet as Cyber Crime.

Traditional crime

Cybercrime equivalent

Fraud

Online fraud/mass marketed fraud (including auction fraud, advance fee fraud, phishing)

Burglary/malicious damage

Online hacking, denial of service attacks, viruses

Child sex offences

Online child grooming, child pornography websites

Money laundering

Through online payment systems, e-cash

Theft

Identity theft, bank website phishing and movie, music and software piracy

Stalking

Cyber stalking, cyber bullying

While there are tough penalties for traditional crime, the regulation has been behind when it comes to deterring cyber
criminals. Probability of being caught is minimal and the penalties do not adequately fit the crime. For this reason, in spite
of the increasingly stringent regulations and compliance mandates, we can expect to see criminals continue to target the
payment card industry and will see continued data breaches. 17
One of the main differences in Cyber and Traditional Crime is that in a traditional crime, the victim and the offender operate
in close proximity to each other whereas in the realm of cyber crime, the victim and the assaulter could be in different
CYBER CRIME THEORY
geographical areas and maybe in different time zones as well.

Defining Cyber Crime Offenses

Crimes in which the computer is the target of the criminal activity

18

This includes spamming, malware infection, botnets, denial of service, misuse of devices , intrusion
attempts, malicious code, infections worms and malware. This could include simple or malicious hacking

Crimes in which the computer is a tool used

to commit the crime 19
Computers used to carry out online fraud,
stalking, cracking, creation of illegal pornography,
cyber bullying to tarnish personal reputation, cyber
harassments, unsolicited electronic
communication, online theft and gaining
access and modifying Commonwealth data.
CYBER CRIME THEORY

Crimes in which the use of the computer is an

incidental aspect of the commission of the
crime. 20
Computers are used to carry out traditional crime
acts like theft, stalking , sedition, scam, theft,
forgery, intrusion.

Criminal vs Non Criminal Act

An offense carried out by an individual can have criminal or non criminal retribution.
Certain offenses can be charged as either ordinance or criminal offenses - for example, retail theft
(shoplifting) or disorderly conduct. And some offenses are noncriminal for first time offenders but
criminal for second time violators.
A non criminal offense may result in a monetary penalty like a parking fine whereas a criminal
offense may lead to a jail term and a possible penalty. 21
As a general principle if its a crime offline, then it is also a crime online and can have an
equivalent severe punishment for the act. 22
Research has shown that people who are involved in cyber crimes know their victims more often.

Digital threat offenders threaten their ex-partner more often (28.9%) than in the case of traditional
threats (15.5%). Digital fraud occurs more often between business partners (47.3% vs. 24% for digital
and traditional fraud, respectively) and occurs less often among acquaintances (1.8% vs. 7% for digital
and traditional fraud, respectively). 23
CYBER CRIME THEORY

International Cyber Crime

Laws

The Council of Europe Convention on Cybercrime Convention requires Parties

(i.e., ratifying states) to adopt such legislative and other measures as may be
necessary to establish as criminal offences under its domestic law, when
committed intentionally 24
Australia has adopted Cybercrime Legislation Amendment Act 2012 which will
allow Australia to collaborate and access and share information with
international agencies. Australia has also joined the Council of Europe
Convention on Cybercrime which gives Australian government agencies more
powers to fight cyber crimes.
CYBER CRIME THEORY

Criminal and Non Criminal

Cyber Crime Offenses
Take the example of a recent cyber crime where half of South Koreas population had their
personal information stolen. The breach involved 27 million people and 220 million records. 16
hackers were arrested for targeting the personal details of these people on gaming and
gambling websites. 25
This is a criminal offense which falls under the category of
Economic Crimes Unauthorized access to computer systems without right,
Content Related Offense Identity theft and data theft, Misuse of information
Privacy Offense Illegal collection of unauthorized data
If we apply the Europe Convention of Cybercrime to this incident, to which Australia is now a party,
the offenses could be
Article 184: Illegal Access to a Computer System without right
Article 185: Illegal Interception of Computer Data
Article 187: Interference with a Computer System without right
Article 188.1: Misuse of Devices for the purpose of committing a criminal offense
CYBER CRIME THEORY

Criminal and Non Criminal Cyber Crime Offenses

Offense
-

Type of Offense

Hacking

Hacking in principle violates the Confidentiality, Integrity, Availability of Computer Systems

and malicious hacking is an offense in Australia under Cybercrime Legislation Amendment
Act 2012. However there is also a big push to allow ethical hacking or hacking for fun and to
bring the onus of protecting computer systems and networks to their respective
organizations.

Defacing of Websites/Cyber
Vandalism

This offense is non criminal in nature and is primarily aimed to hurt company reputations
and also to propagate a message usually done by either fanatics or cross border non state
actors.

Dissemination of viruses

The effect of this could be minimal or major. The act could be classified as Criminal or Non
Criminal based on the classification of data this virus destroys and if this leads to Denial of
critical Service.

Denial of Service Attacks

and Denial of Service
Attacks using Botnets

While this is equivalent to cyber trespassing and could be classified as an Act of Civil
Disobedience, (occupy protests/sit-ins) on the Internet this is classified as high Tech cyber
crime in Australia. European Unions Cyber Crime Convention and UK legal system also
criminalizes this attack.

Creation and distribution of

malicious software

Creation of viruses, worms, trojans is a criminal activity which is done with the sole aim of
causing disruptions in service. However there could be a Non Intentional Act of distribution
of such malicious software which may replicate by sending in an email and if the person
CYBER CRIME THEORYdoes not know about the malicious contents then it is a non criminal offense.

Criminal and Non Criminal Cyber Crime Offenses

Offense

Type of Offense

Online Money laundering

This is an criminal act in which funds are stolen and transferred overseas. It is increasingly
becoming a cyber crime as people turn to online channels to transfer these funds.

Cyber terrorism

Any activity associated with terrorism is a criminal activity.

Intellectual
Property/Copyright
infringements/Piracy

This is a criminal act which could result in a jail term as well as a hefty fines.

Spam

It is an offense to send Spam to individuals you dont deal with. While this may be Non
Criminal offense, some of the outcomes or actions resulting from the Spam could have
Criminal consequences.

Cyber
obscenity/pornography

This could be a criminal offense in some countries but in some countries it is perfectly legal
to allow pornography for people aged 16 years and above. Child Abuse Material generation
and distribution is however a criminal offense.

Bullying/Stalking

Cyber Criminals take advantage of vulnerabilities and peoples emotions. These act is
Criminal in Nature according to NSW (Domestic and Personal Violence Act 2007)

CYBER CRIME THEORY

Criminal and Non Criminal Cyber Crime Offenses

Offense

Type of Offense

Domain name
hijacking/Cyber Squatting

This could lead to loss of revenue for companies attacked. However this act can be classified
as Non Criminal in nature.

Misuse of credit cards

This is a criminal act which could have severe consequences for the perpetrators.

Information and Identity

theft/misuse

Such acts including Identity theft is an criminal act.

Blackmail

These act is Criminal in Nature according to NSW (Domestic and Personal Violence Act 2007)

Hate sites

There has been a lot of debate about Hate Laws in Australia and the amendments being
bought in by the government to allow free speech and to modify Racial Discrimination Act
18c. This is a non criminal offense at this moment. However if any hate crime gets reported
on such sites that is a criminal act.

Corporate Espionage

It is a federal crime in many countries including US. In some countries civil laws cover these
acts however they are better addressed by bringing this under the purview of criminal law.

CYBER CRIME THEORY