Search for notes by fellow students, in your own course and all over the country.
Browse our notes for titles which look like what you need, you can preview any of the notes via a sample of the contents. After you're happy these are the notes you're after simply pop them into your shopping cart.
Document Preview
Extracts from the notes are below, to see the PDF you'll receive please use the links above
TEP1241 Ethics and Professional Conduct
Chapter 7:
Cybercrime & CyberRelated Crimes
1
Faculty of Information Science and Technology , Multimedia University Malaysia
Among the questions examined in this chapter are:
– What is cybercrime, and how can it be distinguished from
cyber-related crimes?
– Can a meaningful distinction be drawn between hacking and
“cracking” in the context of cybertechnology?
– What is “active defense hacking” or counter hacking, and is it
morally permissible?
– Can biometric technologies be used to assist law enforcement
groups in identifying criminals in ways that are ethically
permissible?
– Why are jurisdictional issues problematic for prosecuting some
cybercrimes?
2
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Contents
1
...
3
...
5
...
National and International
Laws to Combact Cybercrime
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
3
Cybercrimes and Cybercriminals
• Stories involving computer crime have been
highly publicized in the media
...
”
• The media also sometimes portrayed
hackers in the early days of computing as
“heroes
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
A "Typical" Cybercriminal
• Parker (1998) distinguishes between “hackers”
(as nonprofessional or “amateur” criminals) and
professional criminals
...
”
• He describes “typical computer hackers” as
exhibiting three common traits:
1) precociousness;
2) curiosity;
3) persistence
...
”
• The term “hacker” now has a negative
connotation
...
“Crackers”
• Himanen also notes that a hacker need not
be a computer enthusiast
...
”
For example, someone can be an astronomy
hacker
...
”
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Hackers vs
...
”
• Unlike many traditional hackers, crackers
typically engage in acts of theft and
vandalism, once they gain access to a
computer
...
“Black Hat” Hackers
• Some use the expressions white hat hacker and
black hat hacker (see for example, Wall 2007) to
distinguish between the two types of behavior
separating hackers from crackers
...
• “Black hat hackers" are viewed as engaging in
behavior that is described above as "cracking
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Active Defense Hacking or Counter Hacking
• Can counter hacking or “hacking back” (at
hackers) be justified?
• Counter hacking has been done both by
individuals and corporations
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Counter Hacking (Continued)
• Counter hacking can be either preemptive or
reactive
...
• Is counter hacking an act of self-defense, or is it
simply another case of “two wrongs making a
right”?
• It is difficult to provide a moral justification for
counter hacking; and from a legal perspective, it is
not clear whether “hacking back” can be viewed in
a way that is not criminal
...
• Hackers can use the computers of innocent
persons as “host computers” to initiate their
attacks
...
”
• Victims assume that the attacks originated from the
host computer, rather than from the actual
computer that initiated the attack
...
• Should counter hacking be legalized?
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Hacking and the Law
• In this chapter, we analyze computer breakins and hacking-related issues mainly from a
legal perspective
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Criteria for Determining Computer Crimes
• When is a crime a computer crime?
• There is often a problem of clear criteria
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Criteria for Determining Computer Crimes (Continued)
• Do we need a separate category of
computer crime/cybercrime?
• Some crimes have involved technologies,
but do not require separate categories of
crime
...
• They also use automobiles to commit
crimes, but we don't have a category of
automobile crime
...
g
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Criteria for Determining Computer Crimes (Continued)
• Each of the acts described in the three scenarios
is criminal in nature
...
• But these criminal acts can easily be prosecuted
as ordinary crimes involving theft, breaking and
entering, and vandalism
...
Can we justify such an
inference?
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Defining Computer Crime
• Forester and Morrison (1994) define a
computer crime as “a criminal act in which a
computer is used as the principal tool
...
”
• But is Forester and Morrison's definition of
computer crime adequate?
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Defining Computer Crime (Continued)
• Review Scenario 4, where a person
(“Sheila”) uses a computer to file a
fraudulent income-tax return
...
• Has Sheila committed a computer crime?
Consider that she could have committed the
same crime by manually filling out a
standard (hardcopy) version of the incometax forms by using a pencil or pen
...
"
• What is meant by "central component?"
• Was a computer a central component in the
scenario where Sheila filed the fraudulent income
tax form?
• It is difficult to distinguish which crimes have and
which do not have a computer as their central
component
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Towards a Coherent Definition of Cybercrime
• We define a (genuine) cybercrime as a crime
in which the criminal act can:
1) be carried out only through the use of
cybertechnology, and
2) take place only in the cyber realm
...
• And it also rules out the income tax scenario
(scenario 4)
...
• We can also differentiate three broad
categories of (genuine) cybercrime:
1) cyberpiracy,
2) cybertrespass,
3) cybervandalism
...
Cyber piracy: using cybertechnology in unauthorized
ways to:
- reproduce copies of proprietary information, or
- distribute proprietary information (in digital form) across a
computer network
...
Cyber trespass: using cybertechnology to gain
unauthorized access to:
- an individual’s or an organization’s computer system, or
- a password-protected Web site
...
Cyber vandalism: using cybertechnology to unleash
one or more programs that:
- disrupt the transmission of electronic information across one or
more computer networks, including the Internet, or
- destroy data resident in a computer or damage a computer
system’s resources, or both
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Categorizing (Genuine) Cybercrimes
• Crimes involving the unauthorized exchange
of proprietary MP3 files would come under
the category of cyberpiracy (Category I)
...
• The denial-of-service attacks on Web sites
falls under the heading of cybertrespass
(Category II), as well as under Category (III)
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Distinguishing Cybercrimes from Cyber-related Crimes
• Many crimes that involve the use of
cybertechnology are not genuine
cybercrimes
...
Nothing about these kinds of crimes is
unique to, or requires the use of,
cybertechnology
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Cyber-related Crimes
• Cyber-related crimes can be further
divided into two sub-categories:
i
...
cyberassisted crimes
...
Cyber-assisted crimes
• We can also further distinguish between a
crime in which cybertechnology is used to:
a) file a fraudulent income-tax return,
b) stalk people, distribute pornography
...
• In (b), cybertechnology has played a much
more significant (i
...
, an exacerbating) role
...
e
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Figure 7-1: Cybercrimes and Cyber-related Crimes
Cybercrimes
Cyberspecific
Cyberpiracy
Cybertrespass
Cybervandalism
Cyberrelated Crimes
Cyberexacerbated
Cyberstalking
Internet Pedophilia
Internet Pornography
Cyberassisted
Income-tax cheating
(with a computer)
Physical assault with
a computer
Property damage
using a computer
hardware device
(e
...
, throwing a
hardware device
through a window)
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Identity Theft: A Cyber-related Crime
• Cybertechnology has contributed significantly to rise in
identity theft crimes
...
• Use information to make purchases or transactions
under victim’s identity
...
Identity theft seems
to be cyber-exacerbated crime
...
• E
...
lax security & carelessness involving information in
computer databases – easy to acquire personal information
about victims
...
• One common example is a scheme involving email that
appears to be from a reputable business
...
• The emails often look legitimate because they include the
official logos of the companies they claim to be
...
• This often indicates that the e-mail is not
from a legitimate source
...
”
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Technologies and Tools Used to Combat International Cybercrime
• Two kinds of tools/technologies
that have been used to fight
cybercrime at the international
level are:
1)Biometrics;
2)Keystroke monitoring
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Biometrics Technologies
• Biometrics can be defined as:
the biological identification of a person,
which includes eyes, voice, hand prints,
finger prints, retina patterns, and
handwritten signatures (Power, 2000)
...
fingerprints can be “read” by a computer that is
“touch sensitive” and “endowed with hearing
and seeing capacities
...
• These kinds of scanning devices capture a
digital image of one's iris, which is then
stored in a database
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Keystroke Monitoring Software
• Law-enforcement agencies have used a technology
called keystroke monitoring to track down
professional criminals
...
• Keystroke-monitoring software can trace the text in
electronic messages back to the original sequence of
keys and characters entered at a user's computer
keyboard
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
National and International Efforts to Fight Cybercrime
• Problems of jurisdiction arise at both the
national and international levels
...
• Cyberspace has no physical boundaries
...
S
...
• It was renewed (in a slightly modified form) in March
2006
...
• Works closely with the Electronic Communications
Privacy Act (ECPA) of 1986
...
• It authorized the government to attach pen registers and
trap-and-trace devices to a suspect’s phone
...
• A pen register used on the Internet can reveal the URLs
of Web sites visited by a suspect
...
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
Patriot Act (continued)
• In December 2005, it was reported that the Bush
Administration had been monitoring the e-mails and
phone calls of U
...
citizens who were communicating
with individuals outside the U
...
• Opponents argued that the Bush Administration’s
practices violated the law because no court order was
requested in conducting surveillance on U
...
citizens
...
S
...
Bush administration argued that
it was acting within the law because
its primary obligation was to protect
the American public against terrorist attack
...
• The Council of Europe (COE) has considered
some ways for implementing an international
legal code that would apply to members of
the European Union
...
"
Faculty of Computing and Informatics & Faculty of Information Science and Technology , Multimedia University Malaysia
International Laws and Treaties (Continued)
• The COE Convention on Cybercrime
considers four types of criminal activity in
cyberspace:
1
...
Computer-related offenses (such as fraud);
3
...
Copyright-related offenses