Computer - Related Crime

Prepared for:

Michael Guth

Faculty Mentor

Northcentral University

Prepared By:

Peter H. Rast

White Collar Crime, CJ5009

Definition of Computer Crime

Computer crime is difficult to define. The difficulty arises from the many different crimes involving computers and the rapid changes in these crimes. Also, there is an element of "I know it when I see it." It is difficult to provide a concise definition of computer crime as is illustrated by the following definition from the 2000 edition of a popular dictionary:

Criminal activity directly related to the use of computers, specifically illegal trespass into the computer system or database of another, manipulation or theft of stored or on-line data, or sabotage of equipment and data ⁽¹⁾.

Consider the additional aspects of computer crime identified by Carter and Bannister ⁽²⁾.

• •Computer as target
• •Computer as agent
• •Computer incidental to other crimes
• •Crime associated with prevalence of computers
• •Network malfeasance

The above dictionary definition of computer crime nicely covers computers as agents or targets. However, the definition does not deal effectively with the other aspects identified by Carter and Bannister. Consider the computer as incidental to other crimes. A computer may be used as a collection and storage device for contraband such as child pornography. Although this crime can be committed without computers, computer capabilities such as email and peer-to-peer file sharing have made the crime considerably easier to commit. Computers are now being used to commit traditional telemarketing crimes such as stock scams, lottery scams, and Nigerian 419 scams ⁽³⁾. Computers are also being used for identity theft, harassment, stalking, gambling, money laundering, and cross-border commerce. Terrorists and unfriendly governments have been known to attempt disruptions of regional power grids ⁽⁴⁾.

Other, broader, terms have been suggested such as technocrime ⁽⁵⁾ and hi-tech crime ⁽⁶⁾. The mission statement of the Sacramento Valley Hi-Tech Crimes Task Force is an operational definition that is quite broad:

The mission of the Sacramento Valley Hi-Tech Crimes Task Force is multi-jurisdictional investigations; tracking and disruption of commerce involving stolen goods; and investigation and prosecution of those engaged and participating in white-collar crime, organized crime, crimes against persons, and fraud when high technology or identity theft is a factor.

Computer crime, hi-tech crime, technocrime, or whatever one chooses to call crime involving computers, is a very broad subject. As technology advances, the definition of computer crime evolves.

Reporting of Technocrime

"Dark crime", a criminological term referring to unreported crime, can also be applied to unreported computer crime ⁽⁷⁾. Dark computer crime may account for as much as 95% of computer crime. Computer crime is difficult to detect due to the vast storage capability of modern technology, the speed at which computers operate, the sophistication of computer criminals, and the distributed nature of the modern computer network. The instrumentalities of computer crime require technical knowledge to perpetrate and detect. And, many investigating officers do not have the training or experience to deal effectively with computer crime ⁽⁸⁾. Victims may not realize they have been victimized, may be embarrassed to report such crime, may wish to protect their image and assets, or may be otherwise unable to deal with computer crime.

Extent of Computer Crime

Local Experience

Like most crime, computer crime is difficult to quantify. Part of the problem is definitional. Part is jurisdictional. Consider the Sacramento Valley Hi-Tech Crimes Task Force, a proxy for local computer crime experience. The task force encompasses private industry and local law enforcement agencies in the areas depicted in figure 1, as well as federal and state law enforcement agencies. The task force investigated 764 cases in 2001 and arrested or participated in the arrest of 537 people. The task force reports: "in recent years, California has suffered losses in excess of $6 billion in revenue and approximately 20,000 technology sector jobs directly linked to high technology and computer-based crime." There are five hi-tech task forces in California, not all agencies in California participate, definitions vary, and reporting and prosecution cover only a small percentage of actual crime. The magnitude of the problem is unknown, but is acknowledged to be very large.

At the Colloquium on Computer Crimes and Other Crimes against Information Technology, Wurzburg, Germany, October 1992, a report on computer crime based on reports of its member countries estimated that only 5 per cent of computer crime was reported to law enforcement authorities. If the reporting estimate hasn't changed greatly since 1992, the Sacramento Hi-Tech task force alone missed 95% of the crimes: over 15,000 incidents and perhaps 10,000 perpetrators. This is consistent with the reporting experience for more traditional crimes.

The Sacramento Hi-Tech Crimes Task Forces says the following about the impact of computer crime on the California local and state economy:

Today, high technology crime continues to have a devastating impact on California's economic infrastructure and thriving high technology industry. The high technology industry is reportedly accountable for more than half of California's overall export sales and employs more than any other manufacturing sector in the state. If allowed to go unchecked, high technology crimes will continue to have a devastating effect on all Californians as their effect ripples throughout our economy.

National Experience

How big is the computer crime, high technology crime problem? No one really knows ⁽⁹⁾. Numerous sources estimate the extent of selected aspects of computer crime, but the landscape changes frequently with the emergence of new crimes employing computer technology in some manner. A good summary of computer crime was presented in 2000 by FBI Director Louis Freeh to a Senate subcommittee ⁽¹⁰⁾. Director Freeh stated computer related crime was increasing rapidly, costs billions each year, and the true extent of the problem is unknown. He then goes on to describe several categories of cybercrime and provides estimates of their extent.

• •Insiders - extent unknown, but up to 71% of companies may have been compromised by insiders in some fashion
• •Hackers - extent unknown, but in one case 26,000 credit card numbers were stolen and in another case damage was estimated at $3 million.
• •Virus - unknown, but huge, including costs of the damage and repair.
• •Criminal groups - again, extent unknown. But, Citibank lost $10 million in one case and recovered all but $400,000.
• •Terrorists - a new category that has tremendous destructive possibilities.
• •Internet fraud - stock fraud alone is estimated to cost $10 billion each year.
• •Intellectual property - $2 billion per month

The numbers associated with this partial list boggle the mind. What is most distressing is there is scant information on the overall extent of cybercrime, just fragmented estimates.

Computer Criminals

Although a broad range of persons commit computer crimes, the skill level required is a matter of controversy. However, it appears that the skills and characteristics of a computer criminal are similar to a competent ethical computer professional. Computer crimes are committed by young and old and by persons from all social backgrounds. Although lone hackers and crackers will continue to exist, increasing computer and network complexity suggests computer criminals will, of necessity, combine efforts. Indeed, cyber gangs and organized computer crime has existed for some time. Estimates suggest trusted insiders, alone and in groups, commit 90% of economic computer crime.

Additional Technocrimes

In addition to the computer crimes described by Director Freeh, there are many other computer and related crimes. They can be as unsophisticated as dumpster diving for hardcopy computer and credit records or as sophisticated as viruses and other more difficult techniques. A partial list of such activities includes:

• •Dumpster diving
• •Wiretapping
• •Eavesdropping
• •Denial or degradation of service
• •Masquerading
• •Harassment
• •Piracy
• •Unauthorized access to data
• •Data traffic analysis
• •Trap doors
• •Trojan horses
• •Tunneling
• •Viruses and worms
• •Salamis
• •Logic bombs
• •Data diddling
• •IP spoofing
• •Password sniffing
• •Scanning

More Threats and Sources of Attack

Computer threats come from a large variety of sources. E-Activists are "social activists" that have migrated to or added computer based activities to burning ski lodges and car dealerships. Organized crime has found computer fraud lucrative and relatively risk free. Additional computer crimes and activities include:

• •Hackers
• •Crackers
• •e-Activists
• •Foreign agents and infowarriors
• •Outside consultants
• •Cyber gangs
• •Industrial espionage, foreign and domestic
• •Organized crime
• •Vandals
• •Vendors, especially integrated vendors
• •Whistle blowers
• •Bad defaults
• •False upgrades
• •Replays
• •Piggybacking
• •Password guessing and phishing

Combating Computer Crime

The first line of defense against computer crime has to be computer security, i.e., identifying possible threats and establishing countermeasures. Doing so becomes a risk management problem, balancing acceptable levels of risk with associated costs - protection as well as costs of inadequate protection. Not only must assets be protected, but personnel must be carefully selected and educated. The most difficult thing to get right is probably employee selection. Recall the characteristics of a computer thief are similar to the qualifications of a competent technology employee.

The second line of defense is detection and prosecution. Traditionally, law enforcement has selected commercial crime and fraud investigators and trained them in the special aspects of computer crime. SEARCH and NWC3 are law enforcement training organizations that specialize in training these selected officers in the technology and techniques of computer crime investigation. These and other organizations also recognize that training must change to accommodate and keep up with the rapidly changing computer crime environment and the computer criminal.

Law enforcement requires cooperation from victims. Otherwise, computer crime fighting will be even less effective. Successful prosecution may result in recovery, but may also result in deterrence. And, the more computer crime is reported, the more quickly law enforcement can respond to the changing computer threat environment.

Conclusions

Paraphrasing Lord Kelvin, a problem can't be understood unless it can be measured. As a corollary, if a problem can't be described and quantified, solutions will be misdirected, elusive, or ineffective. Not only is cybercrime a large and growing problem, a problem of potentially greater significance is not knowing the size and boundaries of the problem. As computers become more pervasive and technology advances, definitions will change, including the addition of more categories of computer crime. But, crime has always been a moving target whose dimensions are ephemeral; in this respect, computer crime is no different.

Although efforts to address computer crime on all levels are massive and growing, the main concerns about this crime are that it is growing faster than resources to combat it and perpetrators are one step ahead of pursuers. Unfortunately, the size of the problem isn't known, so the perpetrators may be much more than one step ahead of the pursuers.

1. The American Heritage Dictionary of the English Language (4^th ed.). (2000). Boston: Houghton Mifflin Company.

2. Schichor, D., Gaines, L. & Ball, R. (2002). Readings in white-collar crime. Prospect Heights, IL: Waveland.

3. Rast, P. H. (2004, July). Telemarketing Fraud. Retrieved August 3, 2004, from http://michaelguth.com/economist/telemarketingfraud.htm

4. Standridge, K. Power Failures. Paper prepared for University of New Haven, posted to Fred Cohen and Associates website. Retrived August 5, 2004, from http://all.net/

5. Friedrichs, D. O. (2004). Trusted criminals: White collar crime in contemporary society. Belmont, CA: Wadsworth.

6. Sacramento Valley Hi-Tech Crimes Task Force. Mission Statement. Retrieved August 3, 2004, from http://www.sachitechcops.org/

7. O'Brien, M. J. (2004, August 3). Computer Crime. Retrieved August 3, 2004, from http://www.mobrien.com/computer_crime.shtml#crime

8. Lee, H. (2001). Crime Scene Handbook. San Diego, CA: Academic Press.

9. Holder, E. H. Jr. (2000). Remarks of Deputy Attorney General Eric H. Holder, Jr., High-Tech Crime Summit, January 12, 2000, Washington, DC. Retrieved August 3, 2004, from http://www.usdoj.gov/criminal/cybercrime/dag0112.htm

10. Freeh, L. (2000). Statement for the Record of Louis J. Freeh, Director Federal Bureau of Investigation on Cybercrime Before the Senate Committee on Judiciary Subcommittee for the Technology, Terrorism, and Government Information. Washington, D.C. March 28, 2000, retrieved August 3, 2004, from http://www.usdoj.gov/criminal/cybercrime/freeh328.htm

11. Icove, D, Seger. K, & Von Storch, W. (1995). Computer Crime: A Crimefighter's Handbook. Sebastopol, CA: O'Reilly. Chapter 2 retrieved August 3, 2004, from http://www.oreilly.com/catalog/crime/chapter/cri_02.html

12. Fred Cohen and Associates. http://all.net/

MICHAEL A. S. GUTH, Ph.D., J.D. Professor of Financial Economics and Law send e-mail (E-mail is quickest method of contact).   116 Oklahoma Ave.   Oak Ridge, TN   37830-8604   Phone: (865) 483-8309