Cybercrime

From The IT Law Wiki

(Redirected from Cyber crime)

[edit] Overview

Cybercrime refers to criminal activities that specifically target a computer or network for damage or infiltration. Cybercrime also includes the use of computers as tools to conduct criminal activity such as Internet extortion and Internet fraud. Computers significantly multiply the criminal’s power and reach in committing such crimes.

Some argue there is no agreed-upon definition for “cybercrime” because “cyberspace” is just a new instrument used to help commit crimes that are not new at all. Cybercrime can involve theft of intellectual property, a violation of patent, trade secret, or copyright laws. However, cybercrime also includes attacks against computers to deliberately disrupt processing, or may include espionage to make unauthorized copies of classified data. These attacks have such colorful names as:

Cybercrime techniques have characteristics that can vastly enhance the reach and impact of criminal activity, such as the following:

Criminals do not need to be physically close to their victims to commit a crime.
Technology allows criminal actions to easily cross multiple state and national borders.
Cybercrime can be carried out automatically, at high speed, and by attacking a vast number of victims at the same time.
Cybercriminals can more easily remain anonymous.

[edit] Definitions

There are a variety of definitions of "cybercrime," including:

1. Cybercrime "means conduct, with respect to cyber systems. . . ."^[1]

[edit] Cyberterrorism

If a terrorist group were to launch a cyberattack to cause harm, such an act also fits within the definition of a cybercrime. The primary difference between a cyberattack to commit a crime or to commit terror is found in the intent of the attacker, and it is possible for actions under both labels to overlap.

Often it is very difficult to determine if a cyberattack or intrusion is the work of a terrorist organization with the objective of doing harm, or a cybercriminal who wishes to steal information for purposes of monetary gain. Just as terrorists and violent extremists often rely on exploiting vulnerabilities of targets seen as soft and easy to access to support possible future cyberattacks, cybercriminals exploit these same vulnerabilities to gain access to information that may lead to monetary gain.

The proportion of cybercrime that can be directly or indirectly attributed to terrorists is difficult to determine. However, linkages do exist between terrorist groups and criminals that allow terror networks to expand internationally through leveraging the computer resources, money laundering activities, or transit routes operated by criminals.

Implementation of a stronger policy for domestic physical security has reduced the risk to some targets that may have previously been vulnerable to physical attacks. Also, it is suggested by numerous experts that terrorists may be enhancing their computer skills or forming alliances with cybercriminals that possess a high-level of telecommunications expertise. In addition, continuing publicity about Internet security vulnerabilities may encourage terrorists’ interest in attempting a possible computer network attack, or cyberattack, against U.S. critical infrastructure.

[edit] Extent of Cybercrime Activities

Cybercrime is a threat to worldwide economic and security interests. Various studies and expert opinion estimate the direct economic impact from cybercrime to be in the billions of dollars annually. The annual loss due to computer crime was estimated to be $67.2 billion for U.S. organizations, according to a 2005 Federal Bureau of Investigation (FBI) survey. A 2007 survey estimated that losses from cybercrime exceeded $100 billion.^[2]

The estimated losses associated with particular crimes include $49.3 billion in 2006 for identity theft and $1 billion annually due to phishing. These projected losses are based on direct and indirect costs that may include actual money stolen, estimated cost of intellectual property stolen, and recovery cost of repairing or replacing damaged networks and equipment.

[edit] International law

Cybercrime laws vary across the international community. Australia enacted its Cybercrime Act of 2001 to address this type of crime in a manner similar to the U.S. Computer Fraud and Abuse Act. In addition, Japan enacted the Unauthorized Computer Access Law of 1999 to cover certain basic areas similar to those addressed by the U.S. federal cybercrime legislation.

Because political or natural boundaries are not an obstacle to conducting cybercrime, international agreements are essential to fighting cybercrime.

[edit] CoE Convention on Cybercrime

On November 23, 2001, the United States and 29 other countries signed the Council of Europe’s Convention on Cybercrime as a multilateral instrument to address the problems posed by criminal activity on computer networks.

The Convention on Cybercrime distinguishes between four different types of offences:

Offences against the confidentiality, integrity and availability of computer data and systems;^[3]
Computer-related offences;^[4]
Content-related offences;^[5] and
Copyright-related offences.^[6]

Nations supporting this Convention agree to have criminal laws within their own nation to address cybercrime, such as hacking, spreading viruses or worms, and similar unauthorized access to, interference with, or damage to computer systems. It also enables international cooperation in combating crimes such as child sexual exploitation, organized crime, and terrorism through provisions to obtain and share electronic evidence. The U.S. Senate ratified this convention in August 2006.

[edit] References

↑ Art. 1.1, Draft International Convention to Enhance Protection from Cyber Crime and Terrorism (CISAC).
↑ See Kelly O’Connell, "Cyber-Crime hits $100 Billion in 2007," ITU News related to ITU Corporate Strategy, Oct. 17, 2007.[1]
↑ Art. 2 (Illegal access), Art. 3 (Illegal interception), Art. 4 (Data interference), Art. 5 (System interference), Art. 6 (Misuse of devices).
↑ Art. 7 (Computer-related forgery), Art. 8 (Computer-related fraud).
↑ Art. 9 (Offences related to child pornography).
↑ Art. 10 (Offences related to infringements of copyright and related rights).

[0] Art. 1.1, Draft International Convention to Enhance Protection from Cyber Crime and Terrorism (CISAC).

[1] See Kelly O’Connell, "Cyber-Crime hits $100 Billion in 2007," ITU News related to ITU Corporate Strategy, Oct. 17, 2007.[1]

[2] Art. 2 (Illegal access), Art. 3 (Illegal interception), Art. 4 (Data interference), Art. 5 (System interference), Art. 6 (Misuse of devices).

[3] Art. 7 (Computer-related forgery), Art. 8 (Computer-related fraud).

[4] Art. 9 (Offences related to child pornography).

[5] Art. 10 (Offences related to infringements of copyright and related rights).

[1]

[2]

[3]

[4]

[5]

[6]

Create a new article Upload a new image
Recent changes Help	Random page Special pages Recent changes Random page