Cybercrime Investigation

SIGNIFICANCE: One of the major areas of computer crime, cybercrime is expanding rapidly, costing Americans hundreds of millions of dollars per year. Victims seldom see or know the perpetrators, and the criminal justice system is only beginning to address the problem directly.

The first useful electronic computer was built in 1946. By the mid-1960s, the term computer crime was in the general lexicon and in legal jargon by the 1970s. The term cybercrime entered general use with the development and expansion of the Internet. The two terms, cybercrime and computer crime, are often used interchangeably. This, however, is not precisely correct. A cybercrime is one that is committed using the Internet and, by definition, computers. Most observers would agree that a computer must be the tool of the attack, the object of the attack, or both. Computer crime, on the other hand, does not need the Internet to be committed.

95342817-20161.jpg95342817-20162.jpg

Many crimes that have been around since before the development of computers can be committed today via computer. Computers, most of the time, add an increased shroud of anonymity to criminal acts. Crimes perpetrated over the Internet can be committed from almost any place on the planet.

Types of Cybercrime

When thinking of cybercrime, most people think of releasing so-called viruses, trojans, worms, and denial-of-service attacks. Other cybercrime includes snooping, computer hacking and cracking, spoofing, and various forms of theft and fraud. Stalking takes place on the Internet, and Internet pornography is abundant. Finally, organized crime and terrorists are using the Internet. The following discussion briefly covers prominent types of criminal activity on the Internet.

Computer viruses of many kinds have been developed. Each is able to replicate itself and to become part of another file; this is how viruses spread. Not every virus does damage, but every virus is potentially dangerous. Trojans differ from viruses in two important ways: They do not replicate themselves, and they can stand alone as files. Trojans are disguised as files that users want, such as music files, video files, games, or other software. Once inside victims’ computer systems, trojans are free to release the hidden programs for which they are designed. These can be anything from harmless pranks to outright destruction of computer hard drives.

Worms spread copies or segments of themselves to other computers, usually via electronic mail. Worms differ from viruses because they do not need to attach to other files. Worms occupy increasing amounts of system resources, eventually bringing down the system. The first worm program was released in 1988. Its spread across the United States shut down a significant part of the Internet.

A denial-of-service attack makes the computer service unavailable to authorized users. The attack hogs resources or damages resources to the extent that they cannot be used.

Web-jacking occurs when someone takes control of a site and either changes it or otherwise manipulates it. Cases have occurred in which sites have been vandalized, instructions have been altered, and other types of changes have been made.

Logic bombs are dormant until triggered by some specific logical event. This event might be a specific date and time, the removal of a person’s name from the system, or some other specific event. Then the bomb delivers its payload, which can be very destructive within the computer system.

Spoofing occurs when an Internet user is redirected from a legitimate Web site to a fake site set up to look like the original. This is done to get the victim to give personal information to the “company” when transacting business.

Snooping, hacking, and cracking are all forms of unauthorized intrusion into computer systems. Snoopers are usually just curious people who enter a system to browse around. Hackers are persons with varying degrees of expertise who break into computer systems for many reasons. The challenge may merely be to see if they can do it, or it may be for more sinister reasons, such as stealing information or vandalizing the computer or Web site. Hackers also work for hire. Some consider themselves to be advanced and elegant programmers, and they consider the term “hacker” a badge of honor. These people think that hackers who ply their trade for nefarious purposes should be called “crackers,” the type of hacker who should be viewed with contempt. Crackers communicate with one another online, on Web-based bulletin boards or private electronic mail lists. Sometimes crackers form groups with strange names like the Legion of Doom or the Chaos Computer Club and seek out more and more challenging exploits for their computer expertise. In 1995, the Department of Defense was subjected to more than 250,000 attacks by hackers and crackers.

Personal Crimes

A variety of thefts and fraud can take place online. The most damaging type of theft is identity theft. Hackers and crackers look for Social Security numbers and other types of personal information. Corporate and government databases are the largest sources of this kind of data. Illegal use of a victim’s Social Security number, for example, can enable a criminal to borrow money, even qualify for mortgage loans, under the victim’s name. Purchases of all kinds can be made, with victims unaware of it until they apply for a loan or credit card, or until they check their credit reports. It can take months, or even years, to get credit issues arising from identity theft resolved.

Fraud can take many forms, old and new. The Nigerian letter scam, formerly perpetuated by postal mail, is an example. In it, electronic mail appears in the victims’ in-boxes offering to transfer large sums of money to the victims’ banks if they will provide their account numbers so that the transfer can take place. Victims are offered a percentage for their cooperation. More recent examples include investment schemes and lottery or inheritance scams.

It is possible to gamble online. Players buy “chips” using a credit card, can play any game in the “house,” and bet as much money as they want. Where gambling is illegal, such online gambling is illegal, too. The games may be rigged against the players. Also, some online gambling is used for money laundering.

Cyberstalking involves sending harassing or threatening electronic mail to a specific individual repeatedly and over time. It may also include visiting chat rooms frequented by victims and harassing them there. Usually, women are the victims of stalking crimes. Children may also fall victim to cyberstalkers, especially if the perpetrators are pedophiles. As many as 200,000 people stalk someone each year.

Internet pornography is another new version of an old problem. Thousands of pornographic Web sites offer pictures and videos of all kinds to anyone who can find them. All Internet sites that offer pornographic material, whether on a subscription basis or for free, are supposed to have a warning about the contents that instructs minors to exit the site. The most serious problems associated with pornography are in the area of child pornography. Child pornography can be encrypted (hidden) on computers and exchanged. In 2003, authorities in Europe and the United States uncovered an international child pornography ring leading to the arrest of hundreds of defendants.

Organized crime and terrorists also use the Internet, mainly for money laundering and transfers. The written text is encrypted to hide its meaning before it is sent over the Internet. A process called steganography hides graphic images and sends them undetected over the Internet. Gangsters operate gambling sites online as well as other illegal enterprises. Terrorists operate Web sites that incorporate elaborate symbols to deliver hidden messages. They also use the sites as recruitment tools and propaganda dissemination vehicles.

Prevalence

In 2023, nearly three hundred thousand people in the United States had been victimized by phishing or spoofing. More than fifty-five thousand experienced a breach of personal data, while almost forty-nine thousand were victims of cyber extortion.

In 2020, more than $4 billion was lost to cybercrime in the United States. Hospitals and other healthcare facilities, local governments, major corporations, and schools have been targeted by ransomware, which allows perpetrators to hold data hostage and demand payment from the victim with the promise of releasing the data.

Internet “baby-sitter” software has been developed for use by parents to safeguard their children from deleterious Internet material and chat rooms, but it is no substitute for careful monitoring of children’s online activity.

Internet crime continues to expand, and criminals find new ways to victimize people. Major companies have been founded on virus-scanning technology. Many other private companies have been formed to investigate cybercrime.

Investigation

At issue in investigating cybercrime effectively are training enough officers to conduct investigations, developing sufficient case law and knowledge among prosecutors to prosecute criminals, and establishing effective punishments to deter cybercriminals and effectively protect the private and public sectors of American society.

Since the mid-1960s, the Federal Bureau of Investigation (FBI) has effectively promoted crimefighting through the use of task forces. These have been used to fight organized crime, distribution of drugs and guns, and many other crime problems. In 1996, the FBI formed the Computer Investigations and Infrastructure Threat Assessment Center (CITAC) to coordinate computer crime initiatives. When it comes to cybercrime, the FBI continues to coordinate task forces but also offers investigative help and support, training, grants, and other assistance to state and local agencies as they try to handle the growing problem.

Even though computer crime and cybercrime have been in the public consciousness since the late 1980s, the majority of police departments, and perhaps the majority of states’ law-enforcement agencies, do not have well-trained, well-equipped computer crime investigation units. A few large cities, such as New York, Washington, DC, and San Francisco, have had computer crime units since the late 1980s. These units were formed with the help of the FBI. Mid-sized and small cities often have no capability for such investigations. Larger cities like the ones mentioned above and regional cooperative ventures, like the Sacramento Valley High-Tech Crimes Task Force, emerged as leaders in the field.

The Institute for Security Technology Studies at Dartmouth College convened a meeting of leading national and state agencies in 2003 to draft a coordinated research and development agenda for fighting cybercrime. Training and research were slowly being implemented to equip investigators with the necessary expertise to investigate cybercrime. The FBI and some of the larger, better-funded law-enforcement agencies offered training opportunities in the field of cybercrime. A few colleges and universities offered classes in the subject. A growing literature on cybercrime and investigations was emerging. Nevertheless, most investigation was still carried out by private sector employees of computer firms and by companies created to conduct cyber-investigations.

Most police agencies do not have the necessary resources to provide adequate training for their officers and investigators. The ability to conduct investigations of cybercrime includes not only all the training to investigate normal street crime but also a thorough knowledge of computer systems, electronic evidence collection, preservation and analysis techniques, both logical and physical analysis, and forensic analysis techniques. Most departments that do any cyber-investigation are fortunate enough to have staff members who had learned about computers before they arrived. Others have learned on the job. Organized training is still emerging and is still expensive.

Prosecution

When criminal activity on the Internet was first being recognized, it was not taken very seriously by law-enforcement agencies. Women who complained of being harassed or stalked were told to avoid particular chat rooms or to delete electronic mail messages from the harassers. Victims of fraud were told that nothing could be done to recover their money. Hackers were considered to be harmless curiosities. As the phenomenon of cybercrime gradually came to be understood, law-enforcement personnel realized the criminal justice field would be changed forever.

One of the problems with successfully prosecuting cybercrime is that of establishing jurisdiction. At issue is who should have jurisdiction when an offense occurs. Considering that the victim and the offender may be thousands of miles apart, the answer to this question has been difficult. Some have expressed the idea that cyberspace should be designated a separate and unique jurisdiction. In the United States, the main law enforcement agencies that investigate domestic crime online are the FBI, US Secret Service, US Immigration and Customs Enforcement (ICE), US Postal Inspection Service, and Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF). All of these agencies have offices in every state.

Perhaps the most important computer crime statute, the Computer Fraud and Abuse Act of 1984 , was the first major piece of legislation to govern cyberspace. Since its passage, a number of other laws have been enacted to address computer crime. Because there are a large number of types of such crimes, many laws are necessary. Important on the list are the Electronic Privacy Act of 1986, the Computer Abuse Amendments Act of 1994, the Electronic Espionage Act of 1996, the Electronic Theft Act of 1997, and the Digital Theft Deterrence and Copyright Damages Improvement Act of 1999.

On January 1, 2004, Congress passed a new federal antispam law in response to dramatically increasing levels of spam arriving in citizens’ electronic mail in-boxes. The FBI, in cooperation with the Direct Marketing Association, launched an antispam initiative called Operation Slam-Spam. In a similar case from 2003, New York State prosecutors sent Howard Carmack to prison for three-and-a-half years for sending 825 million junk electronic messages from his home.

Along with an expanding amount of federal law to curtail cybercrime, states also have an expanding collection of statutes to deal with the issue. Among the topics covered under these laws are: computer tampering, which includes modification to programs or to the way a network or networked computer operates; computer trespassing, or unauthorized access to computer systems; disruption of computer services statutes, which seek to protect the integrity of Internet service providers; computer fraud statutes, which include all forms of fraudulent activity but specifically cover cases in which a computer is used to conduct the activity; spam-related statutes, which generally focus on using a network to falsify the header information on mass electronic mail; unlawful use of encryption statutes, which are aimed at using this technology to hide information passed between cybercriminals and increasingly among terrorists and drug traffickers.

Cyber-stalking laws make it illegal to use the Internet to harass or threaten individuals, especially for purposes of extorting money. Other broad categories of crime that have had to be covered in the cybercrime rubric include money laundering and monetary transactions, racketeering, economic espionage, theft of trade secrets, swindles, embezzlement, gambling, pornography, stalking, and terrorism.

Punishment

Early computer criminals were not punished very severely. There was little specific case law under which to punish their crimes, and most cases were novelties. When Robert Morris was convicted for releasing the first worm in 1988, the Cornell University graduate student was dismissed from school, fined $10,000, and placed on three years’ probation. This was despite the fact that the worm had spread to six thousand computers and clogged both government and university systems at an estimated $100 million in damages. In 1992, Kevin Poulsen, who was wanted for other Internet crimes, rigged the phone system of a radio station to win a contest fraudulently. He spent five years in prison for computer and wire fraud. In 1994, Vladimir Levin was sentenced to three years in prison for stealing $10 million from Citibank. In 2024, a Michigan man was sentenced to ten years in prison for his role in defrauding individuals using scam virus alerts. The scheme, which involved multiple people, used pop-ups that falsely alerted victims that their computers were infected with viruses. The man, Doyal Kalita, was also involved in distributing controlled substances online. In addition to the prison sentence, he was ordered to forfeit more than $2.5 million and pay $272,293 in restitution to victims.

Bibliography

Baase, Sara. A Gift of Fire: Social, Legal, and Ethical Issues for Computers and the Internet. 2nd ed. Upper Saddle River: Prentice-Hall, 2003. Print.

Clifford, Ralph D, ed. Cybercrime: The Investigation, Prosecution, and Defense of a Computer-Related Crime. Durham: Carolina Academic, 2001. Print.

"Computer Crimes." United States Sentencing Commission, May 2023, www.ussc.gov/guidelines/primers/computer-crimes. Accessed 25 June 2024.

"Computer Crime Statutes." National Conference of State Legislatures, 4 May 2022, www.ncsl.org/technology-and-communication/computer-crime-statutes. Accessed 25 June 2024.

"The Cyber Threat." Federal Bureau of Investigation, 2024, www.fbi.gov/investigate/cyber. Accessed 25 June 2024.

Grabosky, Peter. Cybercrime. New York: Oxford UP, 2015. Print.

"Michigan Man Who Orchestrated International Computer Fraud and Online Drug Distribution Schemes Sentenced to Decade in Prison." US Department of Justice, 18 June 2024, www.justice.gov/usao-ma/pr/michigan-man-who-orchestrated-international-computer-fraud-and-online-drug-distribution. Accessed 25 June 2024.

Morgan, Steve. "Cyber Crime Costs Projected To Reach $2 Trillion by 2019." Forbes. Forbes Media, 17 Jan. 2016, www.forbes.com/sites/stevemorgan/2016/01/17/cyber-crime-costs-projected-to-reach-2-trillion-by-2019/. Accessed 25 June 2024.

"Most Commonly Reported Cyber Crime Categories in the United States in 2023, by Number of Individuals Affected." Statista, 2024, www.statista.com/statistics/184083/commonly-reported-types-of-cyber-crime-us/. Accessed 25 June 2024.

Shinder, D. L., and Ed Tittle. Scene of the Cybercrime: Computer Forensics Handbook. Rockland, Mass.: Syngress, 2002. Chapter 2 contains a brief history of cybercrime.

Stephenson, Peter. Investigating Computer-Related Crime. Boca Raton, Fla.: CRC Press, 2000. Moderately technical discussion covering types of computer crimes, their impacts, investigations, and different forensic technologies available.

2015 Cost of Cyber Crime Study: Global. Traverse City: Ponemon Inst., 2015. PDF file.