Cybercrime and Criminology Study Notes

Questions and Answers

Which of the following best describes the evolution of terminology related to crimes involving computers?

• Cybercrime was initially used, but computer crime became more prevalent with the rise of the internet.
• Cybercrime has always been the preferred term due to its broad applicability to various offenses.
• Computer crime and cybercrime have been consistently used interchangeably since the 1980s.
• Computer crime was initially used for crimes involving computers, but cybercrime became more popular with the emergence of the internet. (correct)

How did the Nigerian Cyber-crime Working Group define cybercrime?

• Offenses that occur in an online environment.
• Conducts prohibited by law with prescribed punishment, carried out using computers, electronic ancillary devices, processes and/or procedures. (correct)
• Computer-mediated activities which are either illegal or considered illicit.
• Offenses that are committed against individuals or groups of individuals to intentionally cause harm or loss.

What is the critical distinction between 'computer crime' and 'cybercrime' as discussed in the text?

• Computer crime involves only hardware, while cybercrime involves only software.
• Computer crime refers to any illegal activity that involves a computer, while cybercrime involves a computer/related device and a network. (correct)
• There is no distinction; the terms are interchangeable.
• Cybercrime is limited to financial crimes, while computer crime includes all other illegal activities.

Which of the following is NOT identified as a characteristic of cybercrime?

Cybercrime is always committed by individuals, not groups. (B)

According to Wall (2001), which of the following is a category of cybercrime?

Cyber trespass (D)

Thomas and Loader (2005) identified three basic categories of cyber criminals. Which option represents one of those categories?

Information Merchants and Mercenaries (D)

How did cybercrime evolve in the second generation according to Marcum's tracing?

It involved hacking and cracking of networks, often used to make free phone calls. (C)

According to Gercke (2012), what characterized the offences related to computer technology in the 1960s?

Primarily physical damage to computer systems and stored data. (D)

Which factor complicates law enforcement's ability to effectively combat cybercrime, contrasting it with physical space crime?

Cybercriminals can easily disguise or hide their identities in cyberspace. (B)

What does Ndubueze (2017) identify as forces that greatly influenced the development of cyber criminology?

Globalization (B)

What is cyber deviance concerned with?

Online activities inappropriate but not illegal (D)

Which statement accurately reflects one of Marcum's (2014) motivations of hackers?

Hackers seek access to information for fame and ego-enhancement. (C)

What is the primary function of the Economic and Financial Crimes Commission (EFCC) in Nigeria, as presented in the text?

Combating economic and financial crimes (B)

Which act addresses computer misuse by targeting unauthorized access and modification of computer systems?

The UK Computer Misuse Act 1990 (C)

What specific measure does the Cybercrime (Prohibition, Prevention, Etc) Act, 2015 in Nigeria take to protect critical national information infrastructure?

It authorizes the president to designate certain systems and networks vital to the country. (A)

Which of the following is an objective of the Cybercrimes Act in Nigeria?

To provide a framework for the punishment of cybercrimes. (A)

What is the primary goal of the UK Data Protection Act?

To protect personal data held by organizations. (C)

Why is encryption used in data transmission?

To protect data from unauthorized access. (D)

What is the purpose of a firewall in network security?

To prevent unauthorized access from external networks. (A)

Which of the following is a recommendation for creating secure passwords?

Using a mixture of letters, numbers, and special characters. (D)

What is the primary purpose of a backdoor in a computer system?

To bypass normal security controls. (B)

What is the main objective of a Denial-of-Service (DoS) attack?

To make a network resource unavailable to intended users. (C)

What makes Distributed Denial of Service (DDoS) attacks particularly difficult to defend against?

The attack comes from a large number of points (C)

What security risk is present when a user gains physical access to a computer?

Sensitive data can be directly copied and extracted. (A)

What does the term 'eavesdropping' refer to in the context of computer networks?

Intercepting and listening to private communications. (C)

What is the key characteristic of Multi-vector, polymorphic attacks?

They combine several types of attacks and also change form. (B)

What is the primary method used in phishing attacks?

Deceiving users into revealing sensitive information. (B)

What does 'privilege escalation' mean in the context of computer security?

Elevating access levels without authorization. (D)

What is the purpose of reverse engineering?

To deconstruct an object to reveal its design or code. (B)

Flashcards

What is Cybercrime?

Criminal activity targeting or using a computer, network, or networked device.

What is Computer Crime?

Any illegal activity involving a computer.

What is Scale in Cybercrime?

The number of internet users is large, increasing victims/offenders.

What is Anonymity in Cybercrime?

Internet users can hide their identifying information.

What are Cyber Deceptions/Theft?

Stealing money or property online.

What is Cyber Violence?

Causing harm or instigating physical harm online.

Who are Cyber Terrorists/Extremists?

Using ICT for illegal political or social activity, terrorism.

What is 1st Generation Cybercrime?

Exploiting mainframe computers, usually for financial gain.

What is Web 2.0?

Continued growth of creative technologies to faciliate e-commerce

What is 2nd Generation Cybercrime?

Using networks for hacking and cracking.

What is 3rd Generation Cybercrime?

Crimes that only exist because of the internet (spam, malware).

What is Cyberspace?

Virtual space where all activities/data are transmitted via networks.

What is Proximity in Cybercrime?

Cybercrime can be committed across geographical locations.

What is Scale in Cybercrime?

Cybercrime can be automated/affect many victims at once.

What is Anonymity in Cybercrime?

Cybercriminals can hide identities in ways not possible physically.

What is Globalization?

The increasing interconnectedness and interdependence of countries.

What is the Internet Revolution?

Increased flow of information, goods, and services online.

What is Cyber Criminology?

Scientific study of deviance, crime, and terrorism in cyberspace.

What is Cyberdeviance?

Online behaviors considered inappropriate, not outlawed.

What is Cybercrime (Specific)?

Online behaviors or activities prohibited by law.

What is Cyber Terrorism?

Using the internet to advance terrorist goals or activities.

What is Vulnerability?

A weakness in system design, implementation, or operation.

What is a Backdoor?

A secret method to bypass normal authentication/security controls.

What is a Denial-of-Service (DoS) Attack?

Making a network resource unavailable to its users.

What are Direct-Access Attacks?

Gaining physical access to a computer.

What is Eavesdropping?

Secretly listening to a private computer communication.

What is Phishing?

Acquiring sensitive data by deceiving users.

What is Privilege Escalation?

An attacker elevates their privilege or access level.

What is Social Engineering?

Trick and maliciously uses the unknowing supplies information

Study Notes

• This document contains study notes relating to cyber crimes and cyber criminology, including types of crimes, attacks, and motives of hackers.

Introduction to Cybercrime

• Cybercrime involves a computer and a network, where the computer can be the tool or the target of the crime.
• Cybercrime targets or uses a computer, computer network, or networked device.
• Cybercriminals or hackers commit cybercrime intending to make money, and these crimes are carried out by individuals or organizations.
• The term “cyber” relates to information technology, virtual reality, and computers.

First Cybercrime

• In 1988, a graduate student launched the first major Internet attack and was convicted of a new type of crime.
• In 1993, discovered pedophiles were transmitting sexually explicit images of minors via the Internet.

Conceptual Definition of Cybercrime

• There is no universally accepted definition of cybercrime.
• Cybercrime scholars and researchers have defined the term in various ways.
• Holt and Bossler (2016, p.7) say cybercrime consists of “offences that occur in online environment."
• Thomas and Loader (2000, p.3) state cybercrime refers to “computer-mediated activities which are either illegal or considered illicit by certain parties and which can be conducted through global electronic networks."
• The Nigerian Cyber-crime Working Group (2005, p.2) defines cybercrime as conducts prohibited by law with prescribed punishment, carried out using computers, electronic ancillary devices, processes and/or procedures.
• Cybercrime is carried out on the internet, using a computer as a tool or a target.
• Halder and Jaishankar (as cited in Ngo and Jaishankar (2017, p.3) describe cybercrime as offences committed against individuals or groups of individuals with a criminal motive to intentionally harm reputation, cause physical or mental harm, or loss, directly or indirectly, using modern telecommunication networks.
• Cybercrime features 30 different types of offences including hacking, malware, identity theft, online fraud, credit card fraud, spamming, web and email spoofing, dating scam, cyber bullying, harassment and stalking and distributed denial of service attacks.

Cybercrime Nature and Scope

• Cybercrime is a computer/technology-enabled crime that is committed through cyberspace/internet.
• Cybercrime may be committed via computer-mediated communication, electronic ancillary devices such as cell phones, i-pads, Internet-of-Things etc, and is an outlawed conduct with prescribed punishment
• A computer may be a tool to commit cybercrime or the target of cybercrime.
• Victims of cybercrime may be individuals or groups and may experience physical or psychological harm.
• Cybercrime is a transnational, emerging, and evolving kind of crime, and its prosecution may raise jurisdictional issues.

Computer Crime versus Cybercrime

• Computer crime and cybercrime are often used interchangeably but do not have the same meaning.
• Computer crime was generally used to describe almost all criminal activity involving computers until the late 1990s.
• Cybercrime refers to criminal activity that involves a computer/related device and network.
• The network connection is what makes the act cybercrime.
• Computer crime is any illegal activity that involves the computer while cybercrime involves a computer and a network.

Characteristics of Cybercrime

• Scale is large due to the number of internet users.
• Accessibility is increasing as the internet reaches more areas.
• Anonymity allows users to hide their identity making it difficult for investigators.
• Portability and Transferability of storage media makes it difficult to find the result of a crime.
• Global Reach leads to jurisdictional questions surrounding countries enacting laws and investigators accessing evidence.

Cybercrime Classifications

• Wall (2001) provided four categories including cyber trespass, cyber deceptions/theft, cyber pornography and cyber violence.
• Cyber Trespass refers to trespassing into the online property of others with the intention of causing damage there. Examples include hacking, virus attack and defacement.
• Cyber Deceptions/theft involves stealing money or property online such as credit card fraud, phishing e-mails, violation of intellectual property.
• Cyber Pornography includes all activities that violate laws against online obscenity and indecency like child pornography, revenge pornography etc.
• Cyber Violence involves causing psychological harm or instigating physical harm against others online and violating human rights laws. Examples include online hate speech, cyber stalking etc.
• The Council of Europe's Convention on Cybercrime (2001) captured four main categories including offenses against the confidentiality, integrity, and availability of computer data and systems, computer-related offenses, content-related offenses such as child pornography, and offenses related to infringement of copyright and related rights.
• Thomas and Loader (2005) identified three basic categories of cyber criminals as follows: hackers and phreaks, information merchants and mercenaries, terrorists, extremists and deviants.
• Hackers and Phreaks illegally use information and communication technologies to access computer systems in order to explore, seek information or satisfy their curiosity.
• Information Merchants and Mercenaries trade in the commercial sale of information and engage in crimes such as corporate espionage and sabotage, sale and theft of identity information, computer and network break-ins, and large scale software piracy.
• Terrorists, Extremists and Deviants use information and communication technologies (ICTs) for illegal political or social activity, may use ICTs to engage in terrorism, promote hate or engage in illegal social behaviours like the transmission of child pornography or engaging in pedophilia online.

Internet and Cybercrime Evolution

• The internet emerged for military purposes but today can be accessed by the general public
• The internet revolution enabled the movement of criminals from the physical space to the cyberspace and vice-versa.
• In the 1960s, when the internet emerged, variants of crime emerged and cybercrime has continued to evolve and is becoming more complex with the growth of digital technologies.
• Originating as an military experiement, the evolution of the internet has been summarized in two main phases by Naugghton (2016) as Phase One: From Military Experiment to Civilian Utility (1967-1995) and Phase Two: The Commercial Internet (1995-Present).
• The emergence of the internet was influenced by the cold war. The doctrine of mutual assured destruction (MAD) governed the nuclear stand-off between the United States and the Soviet Union, presumed to ensure national security by guaranteeing a reprisal attack should one side launch a nuclear attack.
• A communication system that could withstand a devastating thermonuclear attack was designed.
• Paul Baran, a researcher in RAND Corporation designed a mesh network base on high levels of link redundancy and digital communication technology known as packet switching.
• The Soviet Union launched the Sputnik satellite in October, 1957 leading to the establishment of the Advanced Research Projects Agency (ARPA) within the Department of Defense.
• Resource sharing network was first developed in ARPA in 1966 and the contract to build the network was awarded to Bolt, Beranek and Newman in 1969.
• By 1972, the 15 original sites had been connected and functioning for resource-sharing, but became used mainly for interpersonal communication, sharing files and email correspondence.
• The ARPANET was based on the packet switching technology of the modern internet, but was a unitary network owned and operated by ARPA.
• Researchers at the University of Hawaii had built ALOHA, a packet-switched network that operated via radio in the early to mid-1970s.
• From early to mid-1970s, ARPA ran three separate experimental networks - ARPANET, PRNET, and SATNET that used packet switching technology in different ways leading to the commencement of an internetworking project in 1973.
• Pentagon made it mandatory for all ARPANET host to adopt TCP/IP by January 1983.
• In October, 1982, the ARPANET continued as a research enterprise, while MILNET was exclusive for military communications.
• After creating the MILET domain, ARPANET regained its status as a research-oriented network controlled by universities and research institutions.
• United States National Science Foundation (NSF) funded the creation of the Computer Science Network (CSNET) in the early 1980s.
• In 1994, the National Science Foundation allowed commercial companies known as Internet Service Providers" (ISPs) to take over internet service.
• The Netscape's IPO was filed on 9th August, 1995, which facilitated the first internet boom that crashed in March, 2000.
• Services on the web from 1995 onwards were interconnected by means of software tools such as the syndication tool RSS and Application Programming Interfaces (APIs).
• Apple, Google, Facebook, Yahoo, Amazon, and Microsoft have acquired much power and influence and play significant roles in the daily lives of billions of people through market dominance in retail commerce and computer software and/or hardware.
• There is tension between the global network and local customs, culture and laws due to its expansion.
• In 2013, Edward Snowden revealed the surveillance capabilities of United States and allied governments.

Cybercrime Evolution by Marcum (2014)

• Cybercrime has evolved across three generations.
• The first generation is characterized by the illegal exploitation of mainframe computers and its operating system, usually perpetrated for financial gain or to acquire or destroy restricted information.
• The second generation uses networks, with hacking and cracking being common forms of cybercrime in this generation.
• The third generation came into being as a result of the broadband ability of the internet, existing only in the cyberspace

Cybercrime Evolution by Gercke (2012)

• Gercke (2012) traced the development of computer and cybercrime from the 1960s to the 21stCentury.
• The 1960s marked the introduction of transistor-based computer systems, which were smaller and cheaper than vacuum-tube based machines, leading to an increase in the use of computer technology.
• Offensive at this stage had to do with physical damage to computer systems and stored data.
• The 1970s, witnessed an increase in the use of computer systems and computer data, and heralded a shift from traditional property crimes against computer systems, to new forms of crime.
• The 1980s saw the growing popularization of personal computers, with an increase in the number of computer systems and potential targets for criminal victimization, leading to the emergence of software piracy and crimes related to patents.
• Offenders were able to enter a computer system without necessarily being present at the crime scene, and could spread malicious software.
• The graphical interface was introduced in the 1990s, leading to a rapid growth in the number of Internet users, and a shift of child pornography distribution from physical copies to online distribution
• The international community adopted the United Nations General Assembly Resolution in 1990 and the issuance of the manual for the prevention and control of computer-related crimes in 1994.
• Every passing decade of the 21st century witnessed new trends in computer crime and cybercrime, and increased sophistication in methods of committing crimes.

Crime in Physical Space versus Cyberspace

• Boundaries in the physical space can be easily delineated and policed, leading to historically physical space oriented law enforcement strategies.
• There are no clearly demarcated territories known in cyberspace, leading to different implications in combating cybercrime using traditional model of law enforcement.
• Cyberspace as a digitalized form where all its activities, data and content are transmitted and actualized through a networked communication technology is virtual in nature and is enabled by a networked communication technology.
• The features of cyberspace are fundamentally different from those of the physical space.

Cybercrime Differences from Physical Space Crime

• Cybercrime does not require any form of physical proximity between the victim and the offender.
• Cybercrime is largely and increasingly automated.
• Cybercriminals are not restricted by physical constraints
• Cyberspace allows criminals to disguise or hide their identities in ways that are not possible in the physical space.
• Cybercrime patterns are difficult to identify due to the fact that cybercrime is still relatively new and not accurately documented across countries.

Cyber Criminology Context

• Twenty-first century global social forces greatly influenced the development of the discipline of cyber criminology including globalization, the Internet revolution, mediatization/digitization and the growth of virtual communities.
• Early cyber criminologists were interested in investigating how globalization, the Internet, and virtual communities facilitate crime.
• Digitization refers to the process through which information is converted into a digital format.
• The term "Cyber Criminology" was academically coined by Karuppannan Jaishankar in 2007 with cyber criminology being one of the latest subdisciplines of criminology.
• Cyber criminology is "the study of causation of crimes that occur in the cyberspace and its impact in the physical space” which encompasses researchers from various fields such as criminology, victimology, sociology, internet sciences and computer science.
• The first cybercrime-specific theory: Space Transition Theory of Cybercrime was established in 2008.
• Cyber criminology captures deviance, crime and terrorism in the cyberspace.
• Ndubueze (2017) observed that cyber criminology is broadly focused on the spate of crime, deviance and terror in the cyberspace and the quest for social order and includes Bachmann, Brenner, Holt, Jewkes, Nhan, Wall, Yar, etc.

Cyber Criminology Concerns

• As a sub-discipline of criminology, key areas of cyber criminology include cyberdeviance, cybercrime, and cyber terrorism.
• Cyberdeviance refers to online behaviors and acts that are considered inappropriate or a moral but not outlawed. For example, use of vulgar language in chatrooms, use of social media language in formal email communication etc.
• Cybercrime refers to online behaviors or activities that are prohibited by law like cyber stalking, online advance fee fraud, child pornography, credit card fraud etc.
• Cyber Terrorism refers to the use of the internet for the advancement of terrorist goals or for the facilitation of terrorist activities and are politically, ideological, or religiously motivated.

Future of Cyber Criminology

• There is a growing global interest in cybercrime scholarship among criminologists and lawyers due to the growing social relevance of cybercrime.

Cybercrime Vulnerabilities and Attacks

• Vulnerability is a weakness in design, implementation, operation or internal control. An exploitable vulnerability is one with at least one working attack or "exploit" exists.
• Cybersecurity attacks include: Backdoor, Denial-of-service attack, Direct-access attacks, Eavesdropping, Multi-vector, polymorphic attacks, Phishing, Privilege escalation, Reverse engineering, Social engineering, Logic Bombs, Spoofing, Tampering, Malware, Child Pornography, Cyberbullying, Cyberstalking, Cybersquatting, and Dark Web.
• Backdoor is a secret method of bypassing normal authentication.
• Denial-of-service attacks (DoS) make a machine or network resource unavailable to its intended users.
• Direct-access attacks involve an unauthorized user gaining physical access to a computer to copy data, make operating system modifications, install software worms, keyloggers, covert listening devices or using wireless mice.
• Eavesdropping is surreptitiously listening to a private computer "conversation".
• Multi-vector, polymorphic attacks surfaced in 2017, and combined several types of attacks, and changed form to avoid cybersecurity controls as they spread.
• Phishing acquires sensitive information by deceiving the users.
• Privilege escalation describes a situation where an attacker with some level of restricted access is able to, without authorization, elevate their privileges or access level.
• Exploiting a vulnerability is how standard computer users gain access to restricted data.
• Reverse engineering deconstructs a man-made object to reveal its designs, code, architecture, or to extract knowledge.
• Social engineering tricks people into revealing sensitive information.
• Logic bomb is a program that runs at a specific date or time to cause unwanted and unauthorized functions.
• Spoofing is the act of masquerading as a valid entity through falsification of data in order to gain access to information or resources that one is otherwise unauthorized to obtain.
• Tampering describes a malicious modification or alteration of data.
• Malware, if installed on a computer, can leak personal information, give control of the system to the attacker, and delete data permanently.
• Child pornography is sexually explicit pictures, films or other materials involving minors that are increasing criminally advertised and distributed online.
• Cyberbullying uses technological devices by adolescents to harass, threaten, humiliate and embarrass their peers.
• Cyberstalking is stalking in an electronic form characterized by threatening behavior or unsolicited advancements directed at unsuspecting users of the internet and other forms of online and computer communications.
• Cybersquatting is the act of buying internet domain names that are linked to other people's trademarks or intellectual property, making its use limited to only a specified group of users.
• The dark web provides ways to conceal identities and illegal activities in order to avoid detection by law enforcement.

Motivations of Hackers

• Hackers include: Addiction, Curiosity, Excitement and Entertainment, Money, Power, Status and Ego, Ideologies, Peer Recognition, and Revenge.
• Addiction is attributed to continued participation in hacking and gained power by accessing forbidden areas in computer systems.
• Curiosity motivates hackers to learn as much information as possible, often through inappropriate or illegal means.
• Hackers claim their lives online are more exciting, cracking systems and codes for their own entertainment without the intention of causing much damage.
• Hackers are financially motivated for personal gain or to prevent large companies from financial success.
• The media portrays hackers as super-intelligent beings who can crack the toughest security codes and attain power and status from knowledge and skills.
• Hackers can obtain information that could change their current belief on some topics.
• Hackers can form social communities with online friends and seek recognition from these individuals.
• Hackers may decide to attack the victim as a payback for the wrong done him or her.

Computer crime Prevention

• The Economic and Financial Crimes Commission (EFCC) is charged with the responsibility of investigating and enforcing all laws against economic and financial crimes, and is the assigned financial intelligence unit (FIU) in Nigeria.
• The EFCC is charged with responsibility of curbing the activities of the hackers in Nigeria who uses other people's credit card number to order for goods from abroad, and to impersonate a valid user to gain access to a system or the network of an organization.
• This act was enacted to respond to the increasing menace posed by hacking into computer systems by unauthorized third parties.

Cybersecurity Laws

• Cybersecurity laws include: Computer Misuse Acts, Nigeria Data Protection Act: Cybercrimes (Prohibition, Prevention, Etc) Act, UK Data Protection Act.
• The UK Computer Misuse Act 1990 was introduced to prevent the increase of unauthorized access to and modification of computer systems often referred to as hacking.
• The Act identifies three specific crimes: unauthorized access, unauthorized access with the intention of committing another crime, and unauthorized modification of data or programs.
• The Nigeria Data Protection Act: Cybercrimes (Prohibition, Prevention, Etc) Act, 2015 enacts a bill for the prohibition, prevention, detection, response, investigation and Prosecution of cybercrimes. Provides an effective, unified and comprehensive legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes In Nigeria. This Act also ensures the protection of critical national information infrastructure, and promotes cybersecurity and the protection of computer systems and networks, electronic communications, data and computer programs, intellectual property and privacy rights.
• The UK Data Protection Act is designed primarily to protect individuals from the misuse of information held about them.

Malware and Network Security

• Malware control and network security components include: Encryption, Anti-virus, Firewall, and Passwords.
• Encryption involves scrambling data into an unreadable cipher text before it is transmitted.
• Anti-virus is a software program that is used to protect a computer system against the menace of viruses.
• Firewalls are made up of software and hardware placed between an organization's internal and external networks to prevent outsiders from invading.
• Passwords are a unique set of characters that may be allocated to an individual, a system or facility that must be input to allow access.

Description

Study notes covering cybercrimes, including types of crimes, attacks, and hacker motives. It also discusses the history of cybercrime and definitions. Cybercrime involves computers and networks, with computers as tools or targets.