Professional Documents
Culture Documents
Crime On The Net
Crime On The Net
Crime on the Net takes many forms including hacking, viruses, fraud,
scams, money laundering, industrial espionage, prostitution, certain
forms of gambling, drug use, drug smuggling, suicide assistance,
defamatory allegations, cyber stalking, cyber terrorism, actual terrorism.
Hacking
Some Internet users think that hacking is pretty harmless fun and even
quite clever [for examples, see note 1], but it can be a serious invasion of
privacy and a significant threat to e-commerce. The Information Security
Advisory Group estimates that world-wide there are now some 100,000
hackers or crackers (as they prefer to describe themselves). White-hat
hackers test computer security at the request of organisations; black-hat
hackers act privately to break into systems; and grey-hat hackers
straddle both worlds.
While much hacking is done for so-called 'fun', other forms of hacking are
done for more mercenary reasons, especially the obtaining and sale of
credit card details. Where on-line trading is concerned, it is not the
connection which is particularly insecure but the database which can be
hacked into by those with specialist knowledge and criminal intent.
Currently the credit card trading centre of the world is St Petersburg in
Russia; the buyers tend to be from the Far East; and the victims live
predominately in the USA and Europe.
In the UK, following attempts by a hacker to tap into its mailing system,
Virgin Net was forced to require some 170,000 of its 800,000 customers
to change their passwords. Working from his bedroom on a £700 PC, a
Welsh teenager called Raphael Gray manged to hack e-commerce sites to
obtain credit card details of some 25,000 Internet shoppers before he was
apprehended.
In the US, CD Universe refused to pay the $100,000 blackmail demand of
a hacker – thought to be from Eastern Europe – who had obtained credit
card details of 300,000 of the company’s customers, so the hacker posted
25,000 credit card files on the Internet and claimed to have used the
details already to obtain money. Another US-based company which has
been threatened by a hacker was Bloomberg. The company pretended to
be willing to pay the hacker – who was based in Kazakhstan – and
arranged a meeting in London where two individuals were arrested.
Western Union closed its web site for five days in September 2001 after a
security breach saw hackers access 15,000 records containing credit and
debit card details. In February 2003, a hacker gained access to the credit
card details of more than 8M Mastercard, Visa, American Express and
Discover holders in the US by gaining access to the systems of an
undisclosed third party company which processes retailers' payments.
Viruses
The most prolific virus ever is Klez and MessageLabs estimates that one in
every 300 e-mails sent today contains a variation of the Klez virus.
However, it is believed that there are around 20,000 different computer
viruses in existence, many of them placed on the Internet deliberately to
cause confusion or damage.
So far, the worst month for viruses has been August 2003. First, Blaster.B
(also known as MSBlast) emerged, crashing systems such as that of Air
Canada (a couple of weeks later, the FBI arrested an 18 year old
American for creating the virus). Then SoBig F arrived which was so
prolific that, at its peak, it affected one in every 15 e-mails across the
world. Among many systems affected was that of the American railway
network which as a result suffered widespread delays.
Ironically not all virus warnings relate to actual viruses because, for some
reason, there are many hoaxes. Therefore, before passing on a warning
of a virus, it is always sensible to check first if the virus is a hoax or not.
Pirating
On the music front, some artists are now trying to make it impossible to
play new CDs on a PC and therefore make them hard to copy. The Celine
Dion CD "A New Day Has Come" has on it the label "Will not play on
PC/MAC". On the film front, the Motion Picture Association of America
(MPAA) has moved to close sites like Movies88.com.
Illegal Trading
Fraud
In the United States – where currently most on-line shopping takes place
– the National Consumers League runs an Internet Fraud Watch which in
1999 recorded a 38% increase in complaints, with a total consumer loss
of $3.2 million. The number one Internet fraud – representing 87% of all
reports – was online auction sales, followed by non-action sales of general
merchandise, Internet access services, computer equipment/software,
and work-at-home plans.
Scams
Many Web sites do not actually provide what they seem to offer. Consider
for instance the Ticket To Heaven site which offers a place with God for a
mere $15 [click here].
A typical Internet scam is to put up a bogus Web site which is just a front
for criminal activity. Only slightly more sophisticated is the ‘get rich quick’
site. This offers grants or payments in return for credit card or bank
account details.
One of the biggest scams, which originated off-line, has now been on the
Internet for years and continues to be prolific. It is called the "Nigerian
419" scam after the section of the Nigerian criminal code which oulaws
'advance fee' scams. It is organised by criminals in Nigeria - or, more
latterly, Gabon, Botswana or South Africa - who pretend that an
enormous sum of money (anything up to $80M) is ‘surplus’ to a public
contracts account or available following some compensation arrangement
and that the recipient of the communication can earn some 20% of this
sum (up to $16M) by secretly providing details of an available bank
account. The transaction is frequently described as “risk free”.
Links:
Department of Trade & Industry consumer guide to scams click here
UK Metropolitan Police advice click here
UK site of the National Criminal Intelligence Service click here
The 419 Coalition Web site click here
American site on Nigerian frauds click here
Money Laundering
The Italian policy believe that the Sicilian Mafia is laundering vast sums of
money in cyberspace by its use of on-line trading and banking. The police
in Palermo have discovered a £330m fraud which involves recycling
tainted profits into legitimate assets such as stocks and shares. The
global nature of the Internet and money laundering is clear from the
information that the money was shunted between an American company
incorporated in New Zealand, on to the Cayman Islands, and then to
accounts in Israel and Spain. The money was subsequently deposited in
Switzerland and carried by hand to banks in Croatia, Romania, Russia,
China and Liberia. Some observers believe that it is these vast sums of
currency swishing around that destabilised the Euro in its first year of
operation.
Prescription Drugs
In the UK, thanks to a flaw in the Medicines Act 1968, drugs are being
sold over the Internet that can have serious side effects and should only
be prescribed after a detailed consultation with a doctor. These drugs
include the anti-impotence drug Viagra (sildenafil), the stop-smoking
treatment Zyban (bupropion) and the slimming pill Reductil
(sibutramine). The Medicines Control Agency (MCA) is trying to regulate
the situation.
Defamatory Libel
In May 2002, there was the first case in Britain of someone sucessfully
taking action against a defamatory libel posted on the Internet. The
action was brought by former teacher Jim Murray against his former pupil
Jonathan Spencer (ironically now a teacher himself) in respect of
comments posted on the popular Friends Reunited web site. Spencer
claimed wrongly that Murray was sacked from his post after "making rude
remarks about girls" and "strangling" a pupil, but he failed to attend the
hearing at Lincoln County Court and Murray was awarded £1,250 and
£150 in costs.
Links:
Details of Hulbert case click here
Details of Godfrey case click here
Cyber Stalking
Still another UK case - in May 2003 - involved 50 year old David Cruz in a
seven-month campaign against 26 year old Chloe Easton in which he sent
anonymous obscene e-mails and text messages and put her details on a
prostitutes' web site. He was sent to prison for five months.
Links:
Cyberangels click here
Stalking Victims’ Sanctuary click here
Cyber Terrorism
Among the trends noted recently by computer security officials have been
an illegal trade in ageing Cray super-computers which are ideal for
cracking complex encrypted passwords used to guard major installations
and companies. In the hands of a terrorist organisation, such computers
could substantially assist a cyber attack on a country or company.
Links:
Department of Trade & Industry click here
TrustUK click here
Financial Services Authority click here
Links:
Netcheck Commerce Bureau click here
Better Business Bureau click here
Online Privacy Alliance click here
Some excellent work on how crime is likely to change in the future, with
particular reference to e-crime, can be found in the work of the Crime
Prevention Panel of the UK’s Foresight Programme. The Panel has issued
both a consultation paper entitled “Just Around The Corner” and a report
entitled “Turning The Corner”. The report calls for the establishment of “a
national e-crime strategy” including “the formulation of a specialist hi-
tech crime reduction training academy for both law enforcement and
business”.
Of course, the global nature of the Internet is such that many of the
initiatives that will be necessary to combat cyber-crime will need to be
multi-national and even global.
In the UK, the Home Office has funded the establishment of a special
multi-agency unit to counter criminal activity on the Internet. The new
unit is called the National Hi-Tech Crime Unit and comprises
representatives from the National Criminal Intelligence Service (NICS),
the National Crime Squad, the Association of Chief Police Officers (ACPO)
and the Customs & Excise.
In the UK, a number of local police forces have set up specialist units to
combat computer crime. One of these is the West Yorkshire police force
which has established a Telecoms and Computer Crimes Unit.
In the United States, since February 1998 there has been a National
Infrastructure Protection Centre (NIPC) located in FBI Headquarters. Now
President Clinton believes the risk of cyber terrorism to be sufficiently real
to ask the US Congress to approve a $2 billion programme to train a new
generation of ‘anti-hackers’. The specialised college where these people
will be trained will be called the Institute for Information Infrastructure
Protection. Meanwhile, in March 2000 a special Presidential Working
Group published its comprehensive report entitled “The Electronic Frontier
: The Challenge Of Unlawful Conduct Involving The Use Of The Internet”.
Links:
National Infrastructure Protection Centre click here
Working Group report on “The Electronic Frontier” click here
A key skill for any law enforcement agency acting on Internet crime is
that of forensic computing. In the UK, a new computer forensics training
centre has been set up in Liverpool by the California-based Guidance
Software