Digital Crime and Terrorism Essay

Abstract The use of the Internet for criminal purpose is one of the most critical challenges facing the FBI and law enforcement in general. Understanding and using the Internet to combat Internet Fraud is essential for law enforcement. The fraud being committed over the Internet is the same Type of white collar fraud the FBI has traditionally investigated but poses additional concerns And Challenges, because of the new environment in which it is located. The Internet is a perfect vehicle to locate victims and provide the environment where the victims Don’t see or speak to the fraudulent. The Internet environment often creates a false sense of Security among users leading them to check out opportunities found on the Internet less Thoroughly than they might otherwise. Computer crime poses a daunting task for law Enforcement agencies because they are highly Technical crimes. Law enforcement agencies must Have individuals trained in computer science or computer forensics in order to properly to Properly investigate computer crimes. Computer crime is defined as any person that violates any Of the provisions of the following; unauthorized access to a computer system, Theft of computer Services, Interruption of computer Services, Misuses of computer system information, and Destruction of computer equipment. The general heading of computer crime can potentially Cover an array of offense by examining several existing definitions of computer crime, as well as Elements suggested as essential, some Have defined computer crime as any offense that uses or Somehow involves a computer. Role of Internet and crime The growth of the Internet has improved our economy, medicine and technology. Unfortunately, it has brought new opportunities for criminal activity, as well. Often, people Think cyber-crime simply refers to hacking, viruses and other intrusion tactics. Cyber- crime, However, threatens more than our businesses, economy or national infrastructure. Cyber- crime Affects us individuals, as well. Reprehensible crimes, such as child pornography and cyber Stalking, terrorize our children and our families. At the first hearing in this series, on May 24th, the Texas Deputy Attorney General for Criminal Justice testified that, quote, †One of the biggest problems is that computer criminals are targeting The most vulnerable of our society, children.† He pointed out that, according to the Federal Bureau of Investigation, child pornography was virtually extinct prior to the advent of the Internet. Now it is a serious plague on our society that must be stopped. Adults also experience the dark side of the Internet revolution. Using computer technology, Criminal types steal life savings and even identities of unsuspecting individuals. These pose Serious threats to the lives and the livelihoods of many individuals. But in addressing these areas Of crime, law-enforcement officers face several challenges. Identifying a sophisticated criminal Can be difficult. Once they are identified, bringing a criminal to justice may be problematic for Jurisdictional reasons. The criminal may be in a different State or even another country, and then law enforcement Officials must deal with extradition issues. Also, retrieving the information stored on a computer And using it for prosecution may be difficult if it requires highly technical skills not normally Taught to investigators or prosecutors. As long as there is technology, cybercrime will exist, yet Cybercrime must be curtailed as much as possible so that technology can legitimately continue To enrich our lives and strengthen our economy. Congress understands that law-enforcement officials must have the appropriate training and Equipment to fight fire with fire, or computer technology with computer technology; but Law-enforcement must remain cognizant of the need to protect the law-abiding publics Privacy while protecting the public. The public must understand that law-enforcement does need To use technology to deal with this new emerging threat to our children, our economy and our National security. Under current law, law-enforcement authorities must apply for the identical order in multiple Jurisdictions, causing burdens and delays that benefit no one but criminals. Congress should look At the possibility of a single order that would cover these kinds of requests comprehensively. Over the last decade, use of computers and the Internet has grown exponentially. Indeed, for Many individuals it is an integral part of their daily lives. With little more than a click of a Mouse, people can communicate, transfer information, engage in commerce, and expand their Educational opportunities. Unfortunately, criminals exploit these same technologies to commit Crimes and harm the safety, security, and privacy of us all. Indeed, as more people go online, More criminals are realizing that online crime can be lucrative, especially given the amount of Valuable commercial and personal information now being stored electronically. So-called †cybercrime† can be divided into two categories. On the one hand, we are seeing the Migration of †traditional† crimes from the physical to the online world. These crimes include Threats, child pornography, fraud, gambling, extortion, and theft of intellectual property. Simply Put, criminals are migrating online because they can reach more victims quickly, can collaborate With other criminals, can disguise their identities, and can use the global nature of the Internet to Remain anonymous. On the other hand, the Internet has spawned an entirely new set of criminal Activity that targets computer networks them. Included in this category are such crimes as Hacking, releasing viruses, and shutting down computers by flooding them with unwanted Information (so-called †denial of service† attacks). Our vulnerability to—and the damages caused By—this type of crime are astonishingly high. For example, in May of last year, the †I Love You† Virus began to infect computers on the Internet. Within a short period of time, it had disrupted the communications of hundreds of Thousands of computers, causing losses estimated in the billions of dollars. Virus demonstrated a new capability: when it infected a computer, it accessed the users Computer passwords and sent them electronically to a computer in a foreign country. The Implications of this virus—and the many viruses that have followed it—are staggering. In March of this year, the FBI’s National Infrastructure Protection Center issued a warning that An organized group of hackers from Russia and Eastern Europe had committed a series of Intrusions into more than forty banks and e-commerce companies in the United States. The Hackers stole over 1,000,000 credit card numbers from the companies’ data bases. They then Embarked on extortion of many of the companies, threatening to disclose confidential Information or damage the victims’ computer systems. Evidence suggests that the hackers then Sold many of the credit card numbers to organized crime groups. This crime—the investigation into which the Treasury Department participated and which has to Date resulted in two arrests—has grave implications. Not only did it cause financial losses for The Companies, but it harmed the privacy and security of the ordinary citizens whose credit Cards numbers and personal data were stolen. Individuals victimized by these sorts of Rightfully Fear the ramifications of criminals’ gaining access to their private financial and Personal data. This type of crime strikes at the confidence of consumers, threatening the vital Growth of e-commerce. Network crimes not only affect the security of individuals and businesses, they can also threaten Our nation’s critical infrastructures. Our power and water supply systems, telecommunications Networks, financial sector, and critical government services, such as emergency and national Defense services, all rely on computer networks. Cyber terrorist, the same devastating result could be achieved by hacking into the control Network and commanding the computer to open the floodgates. This is not a purely hypothetical Scenario. Several years ago, a juvenile hacker gained unauthorized access to the computers Controlling the operations of the Roosevelt Dam in Arizona. Although there are as yet no definitive statistics on the scope of the problem, there is no doubt That the number of crimes involving computers and the Internet is rising dramatically. For Example, the CERT Coordination Center, which was created to warn about computer attacks and Viruses, received over 21,000 network crime incident reports last year. This is more than double The number of reports it received the year before. Similarly, a survey conducted by the FBI and The Computer Security Institute recently revealed substantial increases in computer crime. Over 85 percent of the companies and government agencies surveyed reported computer security Breaches within the preceding twelve months, up from 70 percent last year. Moreover, Researchers at the University of California at San Diego recently reported a methodology that Enabled them to count the numbers of denial of service attacks. Their research revealed that 4,000 attacks occur every week. Responding to these threats is a daunting challenge. From my perspective, as I begin my assessment of our cybercrime efforts and the direction they Should take in the future, at least three themes or elements seem to emerge as particularly? Important to success in confronting cybercrime: developing specialized expertise, building Teamwork and partnerships, and assuring we have legal authorities which are both effective and Appropriate in the unique and ever-evolving setting of computers and the Internet. DEVELOPING SPECIALIZED EXPERTISE Combating computer crime requires a team of professionals, including investigators, forensic Experts, and prosecutors, all of whom have technical expertise. In addition to traditional Investigative skills, cybercrime investigators must be well versed in the intricacies of technology To insure that evidence is not lost or overlooked. Forensic experts must know how to handle Electronic evidence to protect its integrity for later use at trial, as well as how to recover and Analyze digital evidence from computers with hard drives that store gigabytes of data. And Prosecutors must understand the jargon and complexities of high-technology crimes and be able To translate technical evidence into a form understandable to a judge and jury. United States law enforcement agencies have devoted significant resources to developing cadres Of investigators and forensic experts who have the specialized skills needed for cybercrime Investigations. The FBI and Secret Service, which have particularly important investigative Responsibilities with respect to Internet and computer-related crimes, have certainly been in the A particularly important aspect of developing, and then sharing expertise in the field is the Nationwide network of federal prosecutors called Computer and Telecommunications Coordinators (or †CTCs†)—at least one from each district—who serve as the district’s Prosecutorial expert on computer crime cases. The CTC initiative was started by CCIPS in 1995, And has been strongly supported by our U.S. Attorneys. CCIPS trains and supports these Coordinators specially, so that they, in turn, can serve as a resource for their offices and the law Enforcement authorities and concerned industry in their regions of the country. In the Criminal Division, specialized expertise in combating cybercrime is not confined to CCIPS. Other sections have developed this expertise as traditional forms of criminality have Moved onto the Internet. For example, the Department has seen dramatic growth in various types of fraudulent online Schemes, and the Criminal Division’s Fraud Section has played a critical role in the Justice Department’s response, including overseeing a Department-wide Internet Fraud Initiative begun In 1999. Its work to date has included (1) advising and supporting federal prosecutors throughout The country, including maintenance of an Internet fraud brief bank; (2) developing specialized Training on Internet fraud for courses at the Department’s National Advocacy Center; (3) Publishing extensive materials on the Department’s website, www.internetfraud.usdoj.gov, in Order to promote public understanding of Internet fraud schemes and how to deal with them; and (4) Supporting improvements in federal agencies’ investigative and analytical resources, Including the Internet Fraud Complaint Center, a joint project of the FBI and the National Collar Crime Center. The Department has also been involved in the related problem of identity Theft, in part by providing national coordination of governmental efforts through the Identity Theft Subcommittee of the Attorney General’s Council on White Collar Crime. Of course, one of the most disturbing facets of cybercrime is the exploitation and abuse of Children, whether through distribution of child pornography over the Internet or through the Horrific conduct of sexual predators that operate online. The FBI, the U.S. Attorneys’ Offices, And the Division’s Child Exploitation and Obscenity Section have developed special expertise In Investigating and prosecuting these crimes and currently devote significant resources to the Online aspects of child pornography and luring cases. Moreover, in this area and others, the Department’s Office of Legal Education, in conjunction with various components of the Criminal Division regularly sponsors classes regarding computer crime and electronic evidence. BUILDING PARTNERSHIPS As I noted at the beginning of my statement, the second element which seems particularly Important to our efforts against cybercrime is partnership building. Of course, from years as a Prosecutor, I know that teamwork is essential to any successful crime-fighting effort. But it Strikes me that in the area of cybercrime the need for effective partnerships, is not only Especially important but also requires partnerships well outside the traditional law enforcement Community. The complexity of cybercrime and the breadth, or potential breadth of its Impact, are part of the reason. However, another factor is the diversity of interests at play in the Cyber-world, and hence in our efforts to combat cybercrime. These include, among others, law Enforcement Interests, national security interests, privacy interests, and Commercial interests. Partnership, or at least dialogue, we will allow those interests to conflict and collide in ways Destructive of our efforts to combat cybercrime. VIRUSES AND MALICOUS CODE Viruses and malicious code are simply programs and like any other program, are designed for a Specific function. A virus or malicious code program is written for a variety of noncriminal Purposes including advertisements, jokes, and political messages, however, less humorous and More malicious intentions include destroying data, information, information acquisition, and Identity theft, surreptitious control of a remote machine, or the shutdown of a legitimate business Or website. The virus is executed by some type of payload trigger, which causes the virus or Malicious code to deliver its contents or execute its commands. The trigger can be something The user does, such as opening an email attachment or downloading a file, it can be triggered By some event such as date or condition on a computer, or it can self- execute based on code Written into the virus program. PHISHING The term phishing means the fraudulent attempt to get a person’s private information (i.e. Username, password, account number, etc.).   Phishers send an email pretending to be from a legitimate company and ‘bait’ you to provide your Private information. Typically the email will address you as a customer and will direct you to Click on a link to provide critical information to avoid a looming problem which they have Discovered. This link will be to a false website – not the website of the legitimate company. Basically, they are ‘fishing’ for people’s information to use illegally. Phishing is a very Sophisticated scam and many individuals and companies have been fooled, resulting in the theft ‘Of their sensitive information as well as millions of dollars every year. The email is usually designed to look like it is sent from a real company. The ‘bait’ for personal Information is often contained in the email’s subject line. The subject usually contains a sense of Urgency. For example, it will read in one’s inbox â€Å"Your account needs to be verified† or â€Å"Your Account is about to be suspended.† CONCLUSION It is important to note that computer security is always dependent on the weakest link in the Chain. Security on the Internet and exposure to a potential attack is contingent upon the security Or lack thereof, of other parts of the network. It is also important to note that there is an Increasing number of dedicated infrastructure attacks. The interdependency of systems connected To the Internet used to carry out day-to-day business is ever growing and increasingly being Relied upon by variety of businesses, governments, and a numerous of other operations. There are four categories DDoS, worms, attacks on the Internet Domain Name System (DNS) And attacks against or using routers. Any attacks describe from my research could lead to Denial Of Service, compromise of sensitive or personal information, misinformation, and an extreme Economic impact, largely from lost revenue and the time and resources necessary to recover. Reference Second Edition Digital Crime and Digital Terrorist (Robert W. Taylor, Eric J. Fritsch, John Liederbach, and Thomas J. Holt) www.pearsonhighered.com Grossman, M. (Feb. 1999) â€Å"Cyber terrorism† http://www.mgrossmanlaw.com/articles/1999.cyberterrorism.htm Computer Security Policy and Research Institute. http.//www.cpi.seas.gwu.edu/aboutus.html www.research.ibm.com/antivirus www.internetfraud.usdoj.gov