Digital Media Concepts/Cyber Crimes

From Wikiversity
Jump to navigation Jump to search

Cyber Crimes refer to the wrongful acts, punishable by law that are conducted over a computer or through networks using digital technology. Cyber crimes targeting computers, either as victim of the crime, or as the medium used in the commission of the crime. Cyber crimes, like other crimes, cause threats to a person, company or country's emotional or financial safety.

Cyber crimes (sometimes referred to as "cybercrimes") have evolved a lot with evolution of technology. Earlier, when technology was primitive, the rate of cyber crimes was very nominal but as technology is evolving the types of cyber crimes and the mechanisms used for their commission have evolved greatly[1]. This has also led to the development and implementation of several laws at regional, state, national, and international levels to control cyber crimes and penalize cyber criminals.

Cyber Criminal refer to individuals who use technology and computers for the purpose of gaining access to personal and private information, which is then misused by the criminal to cause various types of harms to the victim. Cyber criminals mainly indulge in these activities for profit, and in other cases for motives such as revenge, defamation, and other personal motives. Some cybercriminals have been indulging in these activities for years with skilled expertise in using modern and advanced technologies for the commission of cyber crimes. Other cyber criminals are small level hackers. Cyber criminals can perform individual activities in their homes or they can even be employed by governments and large organizations to conduct criminal activities using technology for harmful motives against rivals.

Classification[edit | edit source]

Cyber crimes are classified into the following categories:[2][3]

Crimes against government[edit | edit source]

When international criminals illegally enter computer systems of governments in different countries and computer systems of government agencies for the purpose of stealing vital information, they come under the category of crimes against government. This is the least common type of cyber crime and includes hacking government and military websites, circulating disruptive propaganda, etc. These cyber criminals are hired by government agencies to exploit a rival country and they are usually terrorists. Despite being the least common, these types of cyber crimes are usually most threatening since they have national level implications. These are also acts of cyberterrorism.

Crimes against individuals[edit | edit source]

These types of cyber crimes are targeted towards individual victims and are focused on exploitation of these individual victims by entering into their computers and misusing their personal data or using the computer as a tool to cause harm to them and endanger their safety. Examples of crimes against individuals are : Cyberstalking, email spoofing, fraud, defamation, leaking obscene materials, unauthorized access into computer systems, etc.

Crimes against property[edit | edit source]

Some examples of crimes against property include, intellectual property crimes which involves using computers as a mean to gain unauthorized access trade secrets, trademark violations, etc. A hacker may steal bank details of an individual which he/she would then use to remove money out of the account. All these are examples of cybercrimes against property.

Crimes against society[edit | edit source]

These involve using computer systems as a means to endanger the society. Cyber criminals use technology to indulge in activities like online gambling, human trafficking, forgery, child pornography, etc. which are threatening to the society in general, and youth in particular.

Types[edit | edit source]

Following are a few types and examples of cyber crimes:

Hacking[4][edit | edit source]

Hacking is defined as illegally entering into a computer system or a network inside a computer system for gaining access to private files for the purpose of misuse. Hackers are divided based on their relationship with the system they are hacking. Based on that relationship, hackers are classified into 'White Hat', 'Black Hat', and 'Grey Hat' hackers. White hat hackers are ethical hackers who use the art of hacking for benefitting organizations and societies. Grey hat hackers enter into computer systems like Black hat hackers but without any malicious intent. Black hat hackers on the other hand hack computer systems with criminal motives of causing harm to individuals. Hacking has major implications on the safety of organizations and countries as hackers may enter into computer systems of major organizations and countries and steal vital information which may be misused and threaten national safety and the safety of organizational data.

Cyberstalking[5] and harassment[edit | edit source]

This type of cyber crime involves harassing and stalking a person, group, or organization using the computer network. Cyberstalking is stalking that takes place mainly over social media channels and it causes mental distress to an individual. For example, getting unwanted messages and pictures from an individual repeatedly can be a source of great distress. A cyber stalker does not physically follow a person but follows him virtually and keeps a close track on his/her activities and invades hi/her privacy. Online Harassment is where a person sends threats, unwanted messages, blackmail messages, etc. using a social media platform. The most common victims of online harassment are young kids and the youth since they do not know how to respond to such threats.

Defamation[6][edit | edit source]

Online defamation refers to using the internet and social media platforms to intentionally damage and distort the reputation of an individual or organization. It can be done through the spreading of false rumors, releasing obscene images and videos of a person with the intent of defamation, etc. Defamation is a source of great stress to an individual and can be threatening to their mental well being and personal and professional life.

Phishing[edit | edit source]

Phishing refers to the illegal practice of sending out emails in the disguise of a reputable company in order to extract vital personal information like credit card numbers, bank account details, etc. with the motive of misuse of personal gains. There are several types of phishing such as whaling, spear phishing, clone phishing, SMS phishing, etc. and there are several techniques to perform the act of phishing like link manipulation, website forgery, covert redirect, etc. There are several prevention techniques and laws in place to protect individuals from the crime of phishing.

Virus Dissemination[edit | edit source]

Computer Virus refers to a malicious computer program that infects computer systems and has the ability to spread to other computers within a network and disrupt vital computer operations. They disrupt the functioning of the computer and modify, delete or manipulate vital data. Virus dissemination refers to the process of this malicious computer network attaching itself to the software and destroying the functioning of the victim's system. Computer virus can range from small range bothersome modifications to a computer systems to destructive viruses that destroy the functioning and operations of entire computer systems.

Prohibited/Illegal Content[edit | edit source]

This cybercrime involves circulation and distribution of illegal, prohibited or explicit content that can be offensive, disturbing or wrongly influential. For example, circulation of content such as illegal videos of sexual content between adults, child pornography, videos of terrorism and criminal activity. This type of content is very widely available on the dark web and is capable of instigating crimes, wrongly influencing people of all age groups, and causing several kinds of harm to the victims.

Identity theft and fraud[edit | edit source]

Identity thefts refer to the unauthorized access to resources of a particular person like credit cards, bank accounts, etc. by wrongfully pretending to be that person. In the United States, only a person's social security number is needed to gain access to all documents and records to steal his/her identity. Once a cyber criminal wrongfully gains access to a person's social security number, they would easily be able to impersonate him/her. Another major example is credit card fraud wherein a cyber criminal pretends to be a person in order to gain access to their credit cards and make unauthorized transactions.

Others[edit | edit source]

The internet has been used as a platform for conducting several illegal activities such as the illegal drug trade, human trafficking, kidnapping, etc. through the dark web. There exist groups online who carry out these activities of organized crime and are very detrimental to the well being of the society.

Cyber crimes have major impacts on individuals, governments, organizations, and society in general. There are several laws in place to help combat these crimes.

Role of Computers[edit | edit source]

In the commission of cyber crimes, computers can either be the victims of the crime or the tool used to commit the cyber crimes. Based on that roles of computers are classified as follows : Computer as a tool and computer as a target.[7]

Computer as a tool[edit | edit source]

A computer is used as a tool for commission of a cyber crime when the victim is an individual. These crimes focus more on causing harm and damage to individuals rather than to the computer. In these types of crimes, computers are used as a medium for committing the crime. In cases where computers as used as a tool, psychological tendencies and human weaknesses are employed into luring the victims. These crimes tend to be less technical in nature and are more focused on causing psychological and intangible harm to the victims, so legal actions against these crimes are harder than crimes that cause tangible crimes. Crimes that come under these categories have existed for a long time. For instance, harassment, cyberstalking, fraud, etc. have been conducted through several mechanisms, but the development of computers and technology have made it easier for criminals to conduct these crimes online and have provided them with an easier mechanism to carry out these illegal activities.

The most common examples of these types of crimes are:

  1. Online harassment,
  2. Cyberstalking
  3. Phishing
  4. Fraud and identity theft, etc.

Computer as a target[edit | edit source]

This role of computers comes to play when computers are targets of the cyber crimes, rather than individuals. These type of crimes require the criminal to be highly skilled in technologies related to computer systems and networks since they aim at targeting the computer systems and networks to either damage or destroy their functioning or to steal and manipulate data and other vital information within them. With the development of technologies, these crimes have also advanced and there are many new techniques and mechanisms with which criminals carry out these crimes.

The most common examples of these types of crimes are:

  1. Computer Virus
  2. Malware, etc.

Legislations to combat cyber crimes[8][9][edit | edit source]

Cyberlaws (also referred to at "IT Law") are specific legislations in place to penalize cyber criminals and attempt to reduce crimes in the technological domain. It is the entire legal system in place to deal with cybercrimes and provide legal protection to individuals and organizations against harm and losses caused due to cybercrimes. With the evolution of cyber crimes, the laws to combat them have also evolved. Although cyber crimes are a global issue, the laws for cyber crimes differ from country to country.

Need: Like any other law, IT Laws are required to penalize cyber criminals and discourage people to engage in such activities. They are meant to provide safety and protection to individuals, organizations, and societies and to maintain peace and harmony within the technological domain.

Cyberlaws cover several domains of cyber crimes. Some of them are:

  1. Scam/Treachery
  2. Online harassment and cyberstalking
  3. Data Protection
  4. Cyber crimes related to Intellectual property

Each country has its own cyberlaws in place to combat cyber crimes.

Few cyberlaws of some countries[10]
Country Law
United States of America The National Information Infrastructure Protection Act (NIIA), etc.
United Arab Emirates Federal Law 5 and 12 on Combatting cyber crimes, etc.
China PRC's Criminal Law, etc.
India Information Technology Act 2000, etc.
Japan The Act on the prohibition of unauthorized computer access, etc.
United Kingdom Data Protection Act of 1988, Network and information systems regulations of 2018 etc.

The penalties in place for cyber crimes also vary from country to country. In the United States, for example, a computer hacker can go to prison for up to 10 years for his first offence and if he commits a crime again, he can receive jail time of up to 20 years. In Republic of Korea, violators can receive up to 30 million won fine or jail time of maximum three years and so on. In this way, different countries differ in their type and degree of penalty offered for a cyber crime.

Precautions[11][edit | edit source]

In order to protect oneself from a cyber crime, necessary precautions must be followed:

Create strong passwords and security measures[edit | edit source]

Password for social media accounts, Email accounts, bank accounts, and various other accounts online should be created very sensibly. They must not be easy to crack or guess since that would make them more vulnerable to being hacked. Passwords must contain a combination of Uppercase and Lowercase letters, numbers, symbols, and must not be too short or too long. In addition to that, security questions for accounts must be carefully chosen. Two-factor authentication must be chosen to ensure that additional layer of protection for online accounts.

Install a Strong Antivirus software[edit | edit source]

It would be smart to invest in a strong and advanced anti virus software to protect computer systems from being hacked. An antivirus software keeps viruses and other malware out of computer systems by detecting their presence and taking necessary steps to get rid of the virus, if they happen to attack the computer systems. Software like McAfee SecurityCenter, Norton anti virus software, can help prevent cyber crimes like virus dissemination, malware, phishing, spyware, and other cyber crimes.

Education, awareness, and safety[edit | edit source]

It is very important to read more and educate oneself about the various cyber crimes that are prevalent in today's society. In addition to that, children's activities on social media platform should closely be monitored and controlled, as they are most vulnerable to cyber crimes. Education and taking precautions will enable us to prevent a cyber crimes from taking place and being one step ahead of a cyber criminal. Educating oneself on the various legislations will also help to reduce the damage from a cyber crime and provide penalties to the cyber criminal.

Know what to do and how to get help if you are a victim of a cyber crime[edit | edit source]

It is very essential to be familiar with various IT Laws of the country a person is residing with in order the know the help available if a person is a victim of a cyber crime. There are several authorities and agencies in place to contact in case a cyber crime takes place. It is very important to report a cyber crime as soon as it takes place in order to prevent any further damage and to punish cyber criminals to discourage them.

Yahoo! Data Breach : Example[12][13][14][edit | edit source]

A major data breach had taken place with the internet giant Yahoo!! in 2014 when data of over 500 million users had been stolen making it the greatest cyber breach in history. Several data of users had been stolen like usernames, passwords, date of births, Emails, etc.

Access to such information could help hackers break into several accounts such as bank accounts, credit cards, etc. Any account which has information associated with that Yahoo!! Account could you hacked into when such information was accessed by the hacker. People have several indirect accounts with Yahoo!! through Flickr, Sky, etc. even if they have not signed up directly with Yahoo! and all those accounts and information fed into those accounts were affected due to this. This breach was reported to the public in September 2016, however, it took place in 2014.

Hackers were able to enter into these accounts and steal data by replicating cookies that Yahoo! uses through a proprietary code. These cookies enable users to login into their account without entering their username and password every time and the hackers replicated these cookies, thus gaining account details of all Yahoo! users. They were able to steal both encrypted and unencrypted user information including passwords, security questions, etc. Even though Yahoo! uses a hashing system for encrypting the passwords for its user, the hackers were able to crack the code using their highly advanced technologies and hacking skills.

Yahoo!'s reaction and response to this breach has described by many experts as "Too little too late". Yahoo! invalidated the forged cookies and they could not be used again. Security questions and answers that were not encrypted had to be reset and could not be used to access email accounts again. Yahoo! also decided to set up a Two-Step authentication process which sent a code to the users phone before logging in to ensure maximum safety. Yahoo! urged users to change passwords and towards December, they almost forced users to change their passwords which was seen as a puzzling and unprofessional reaction to such a large data breach.

Users always trust a particular website before creating an account with them and entering their personal information. Yahoo! failed to live up to this trust and failed to protect their users and their personal data.

This was one of the largest data breaches that had taken place with such a large internet giant, Yahoo!

Conclusion[edit | edit source]

Cyber crimes have greatly evolved over the past few decades with advancement in technology[15]. Technologies are improving to make lives easier, but at the same time it has made life easier for hackers and other cyber criminals to pursue they wrongful acts and cause harm and damage to individuals, organization, and society. In order to protect oneself from being a victim of a cyber crime, necessary precautions must be taken and respective authorities must be contacted with any delay to prevent further damage.

References[edit | edit source]

  1. Violino, Bob. "Cybercrime is increasing and more costly for organizations". ZDNet. Retrieved 2020-10-12.
  2. "Types of Cybercrime - Panda Security". Panda Security Mediacenter. 2018-08-20. Retrieved 2020-10-11.
  3. "Classification and Provisions of Cyber Crimes: Hacking, Penalty". Toppr-guides. 2018-12-19. Retrieved 2020-10-12.
  4. "What is Hacking - Everything You Need to know Hackers". Malwarebytes. Retrieved 2020-10-12.
  5. "The 12 Types Of Cyber Crime | Chapter No. 2 | Fasttrack To Cyber Crime". Digit. Retrieved 2020-10-12.
  6. "What is Online Defamation & How to Fight Back". Blog | Tech Educators | Blue Ocean Global Technology. Retrieved 2020-10-12.
  7. "Cyber Crime - Computers As Targets Or Criminal Tools". law.jrank.org. Retrieved 2020-10-12.
  8. "What is Cyber Law?". www.computerhope.com. Retrieved 2020-10-12.
  9. "Cyber Laws: What Have Different Countries Done To Prevent Cyber Crime?". UnBumf. Retrieved 2020-10-12.
  10. "Cyber Laws of Different Countries ·". Retrieved 2020-10-12.
  11. "11 ways to help protect yourself against cybercrime". us.norton.com. Retrieved 2020-10-12.
  12. "'State' attack on Yahoo hit 500m users". BBC News. 2016-09-23. Retrieved 2020-10-12.
  13. "The Yahoo Cyber Attack & What should you learn from it?". Cashfloat. 2017-04-20. Retrieved 2020-10-12.
  14. Volz, Dustin (2016-09-23). "Yahoo says hackers stole data from 500 million accounts in 2014". Reuters. Retrieved 2020-10-12.
  15. "Evolution in the World of Cyber Crime". Infosec Resources. 2016-06-28. Retrieved 2020-10-12.