Computer and Internet crimes

Objectives
1. Discuss key trade-offs and ethical issues associated with safeguarding of data and information
systems.
2. Identify reasons for the increase in the number of Internet-related security incidents.
3. Describe the most common types of computer security attacks.
4. Outline the characteristics of common perpetrators including their objectives, available resources,
willingness to accept risk, and frequency of attack.
5. Describe a multi-level process for managing Internet vulnerabilities based on the concept of
reasonable assurance.
Outline the actions that must be taken in response to a security incident.
Computer Abuse
• The unauthorized use of, or access to, a computer for purposes contrary to the wishes of the
owner of the computer or the data held thereon.

• Computer abuse means wrongful use of computers and peripherals.

• Computer abuse may not necessarily lead to a breakdown of the computer system.
Moonlighting
• Using the company’s computer facilities to do other personal work especially after the office
hours.
Surfing during company time
• This is using the company Internet facilities to surf and send personal emails during the company
time
Playing Games
• Using the computer facilities during the company hours to play games such as Pachisi, Solitaire,
Free cell etc.
• Viewing the computer files, facilities, and the internet during lecture time and constantly
disturbing the lecturer when the lecture is going on, especially BIST students.
Wrongful shutting down of Computers
• This is whereby a computer user turns off the computer without shutting it down.
Hitting the Computer
• Whereby a lot of force is used on the computer, for example on the keyboard. This can also
include intentional hitting of the computer.
Spreading viruses
 • Transferring viruses from one computer to another using storage devices like memory sticks and
floppy disks.
Downloading infected Files
• Downloading file attachments that are infected with viruses from the Internet
• Harassment through e-mails
• Hacking into your school’s database to change your examinations and many others.
Computer Crime
• Computer crime is any criminal offense, activity or issue that involves computers.
– Computer crime tends to fall into two categories:
• Computer is used to commit a crime
• Computer itself is a target of a crime. Computer is the victim.
Introductions
• A computer crime is an illegal act that involves a computer system or computer related system
like a telephone, microwave, satellite or other telecommunications system that connect one or
more computers or computer related systems, either as an object of a crime, an instrument used to
commit a crime or a repository of evidence related to a crime.
• Illegal acts fall within the domains of the commission of crimes which a legislature of a state or a
nation has specified and approved. Human acts using computers or computer related technologies
that encroach within the limits of the commission’s boundaries, are considered illegal and they
include:
– Intrusions of the Public Switched Network
– Intrusions into Public Packet Networks
– Privacy violations
– Industrial espionage
– Unauthorized downloading of games and software's
– computer Fraud,
– Copyright infringement
– Internet/email abuse,
– Using computers or computer technology to commit murder, terrorism, pornography and
hacking
– Website defacements
– Computer theft
– Most computer attacks on the resources above fall into three categories below.
 – Natural or Inadvertent attack that include accidents originating from natural disaster like
fire, floods, windstorms, lightening and earthquakes, and they usually occur very quickly
without warning, and are beyond human capacity, often causing serious damage to
affected cyberspace resources.
– Human blunders, errors, and omissions that are usually caused by unintentional human
actions. Unintended human actions are usually due to design problems, such attacks are
called malfunctions. Malfunctions, though occurring more frequently than natural
disasters, are as unpredictable as natural disasters.
– Intentional threats that are actually intended and they originate from humans caused by
illegal or criminal acts from either insiders or outsiders, recreational hackers, and
criminal. For the remainder of this chapter, we are going to focus on this.
Types of Computer Attacks
– Penetration Attack Type -involves breaking into a system using known security
vulnerabilities to gain access to any cyberspace resource –
• There is steady growth of these attacks – see the CERT Report below.
Denial of Service Attacks – they affect the system through diminishing the system’s ability
to function; hence, they are capable of bringing a system down without destroying its resources
Motives of Attacks
– Vendetta/Revenge
– Joke/Hoax/Prank
– The Hacker's Ethics - This is a collection of motives that make up the hacker character
– Terrorism
– Political and Military Espionage
– Business (Competition) Espionage
– Hate (national origin, gender, and race)
– Personal gain/Fame/Fun/Notoriety
– Ignorance
Notoriety: the state of being famous or well known for some bad quality or deed.
 Classification of Perpetrators of Computer Crime

Type of Objective Resources available to Level of risk Frequency of

perpetrator perpetrator taking Attack
acceptable
to
perpetrator
Hacker Test limits of system, gain Limited Minimal High
publicity

Cracker Cause problems, steal data, Limited Moderate Medium

corrupt systems

Insider Financial gain or disrupt Knowledge of systems Moderate Low

company’s information systems and passwords

Industrial spy Capture trade secrets or gain Well-funded, well Minimal Low
competitive advantage trained
Cybercriminal Financial gain Well-funded, well Moderate Low
trained
Cyberterrorist Cause destruction to key Not necessarily well Very high Low
infrastructure components funded nor well trained

Hacker
Hackers are individuals who attempt to gain access to computer systems illegally
• Supplies for the Hacker
– PC
– Communications network
• Why hack?
– Harass
– Show-off
– curiosity
– Gain access to computer services without
paying
– Obtain information to sell
A hacker is an individual who tests the limitations of systems out of intellectual curiosity.
Unfortunately, much of what hackers (and crackers) do is illegal.
– Breaking into networks and systems.
 – Defacing web pages.
– Crashing computers.
– Spreading harmful programs or hate messages.
Crackers are hackers who break code.
Malicious insiders are a security concern for companies. Insiders may be employees,
consultants, or contractors. They have knowledge of internal systems and know where the weak
points are.
Forms of Computer Criminals
Malicious insiders are the number one security concern for companies.
Industrial spies use illegal means to obtain trade secrets from the competitors of firms for which
they are hired.
Cybercriminals are criminals who hack into computers and steal money.
Cyber terrorists are people who intimidate or coerce a government to advance their political or
social objectives by launching attacks against computers and networks.
Legal Overview
Fraud is obtaining title to property through deception or trickery.
To prove fraud four elements must be shown:
– The wrongdoer made a false representation of the material fact.
– The wrongdoer intended to deceive the innocent party.
– The innocent party justifiably relied on the misrepresentation.
– The innocent party was injured.
Characteristics of Computer Crimes
• Geographic dislocation of offender
• Invisibility/Anonymity of offender
• Lack of victim awareness
• Unwillingness to report
• Intangibility of digital goods, evidence, value e.g., downloadable music and films, e-books and
others.
PREVENTION OF THE COMPUTER CRIME
• Education of each computer user on the dangers of the computer crimes, especially the young
generation which are the most numerous users.
• Through this education each individual user will learn how to protect himself from cyber
intruders or computer viruses before injuries happen.
• Administering of the information systems by trained personnel.
• When choosing administrators who will take care of the security of the information systems
special attention should be paid to their proper education and experience,
• so that they are one step ahead of the computer criminals and so that they apply proper protection
of the systems they control, according to regulations.
• Passing of laws;
Having in mind the dangers of the computer crime the state should pass proper sanctions against
perpetrators of such crime that will impose serious threat to many potential hackers who will not
run the risk of entering into protected systems.
• Install a corporate firewall.
• Install anti-virus software on personal computers.
• Implement safeguards against attacks by malicious insiders.
• Address the ten most critical Internet security threats (10 each in Windows and UNIX): Top
Twenty List
• Verify backup processes for critical software and databases.
• Conduct periodic IT security audits.
Detection of computer crime…
Injured party reports damage
• One of the most frequent ways to discover any crime is receiving a report about it by the injured
party.
• This is true for computer crimes too. In this sense an injured party can be both physical and legal
subjects, state organs and institutions.
Administrators of information systems find out
• Investigators of this type of crime sometimes use the original application program and sometimes
use special software for analysis and tools for investigation e.g., GFI Lan guard & GFI web
monitor.
• Investigators have found ways to collect traces from a remote computer which is out of their
physical reach through telephone line or network connection.
• Moreover, it is possible to follow the work of the computer network using the Internet.

Computer Forensic:
Computer investigation is the science of locating; extracting, analyzing and protecting specific
data from computers and digital storage media, which can be interpreted to serve as legal
evidence in courts of law.
No matter how much people are careful when stealing electronic information, they leave behind
traces of their activities. Also, when perpetrators try to destroy the evidence (proof) in the
computer they leave traces behind. In both cases the traces are;
Detectible and can be presented before the court.
Computer forensic specialists should be able to run complex evidence recovery procedures with
ability and expertise that will support the credibility of the expert witnessing in question.
- Copying of data
- Search of evidence in electronic mail and other internet communication
- Recalling of data
- Browsing of documents and other data
- Filing and presenting of computer traces
Detection
Intrusion detection systems monitor system and network resources and activities and, using
information gathered from these sources, they notify authorities when they identify a possible
intrusion.
Honeypot is a computer on your network that contains no data or applications critical to the
company but has enough interesting data to lure intruders so that they can be observed in action.
Response
Incident notification is the plan and process used to notify company individuals when a computer
attack has happened. In addition, your company should be prepared to:
– Protect evidence and activity logs
– Incident containment
– Incident eradication
– Incident follow-up
Computer/Cybercrime in Africa
Cyber threats are a big issue in Africa. It is estimated that up to 80% of all computers in Africa
are infected, compared to 30% in Europe.

Causes for growth of Cybercrime in Africa…

African countries have been criticized for dealing inadequately with cybercrime as their law
enforcement agencies are inadequately equipped in terms of personnel, intelligence and
infrastructure, and the private sector is also lagging behind in curbing cybercrime.
African countries are pre-occupied with attending to pressing issues such as poverty, the Aids
crisis, the fuel crisis, political instability, ethnic instability and traditional crimes such as murder,
rape and theft, with the result that the fight against cybercrime is lagging behind.
 According to computer security experts, a lot of cybercrime emanates from the African continent,
and these threats spread easily because many computer systems are not properly protected.
The fight against cybercrime requires a cohesive and coordinated approach, but in Africa,
poverty and underdevelopment are the major causes for growth of cybercrime in the region.
The popularity of social networks that is sweeping across the continent and the availability of
affordable Internet enabled mobile devices coupled with the rise in e-commerce are fueling the
increase in threats to business security in Africa.
Lack of proper security defenses could expose infrastructures to concrete risks of attacks with
serious impact.
Computer-generated security organizations in Africa still lack adequate staff that work to
develop local IT security expertise, as well as offer real-time online threat intelligence services to
the public and private sectors.
It’s not difficult to understand why computers in Africa are so vulnerable to hacking. According
to a World Bank survey, almost 80 percent of the population lacks even basic knowledge of
computers.
Internet cafes, though widespread, are unable to afford antivirus software, making them easy
targets for hackers and botnet operators. , most African countries have no legal regulations in
place to stop or prosecute online crime, thus providing a safe haven for cybercriminals.
A botnet is a collection of Internet-connected programs communicating with other similar
programs in order to perform tasks. This can be as mundane as keeping control of an Internet
Relay Chat (IRC) channel, or it could be used to send spam email or participate in distributed
denial-of-service attacks. The word botnet is a combination of the words robot and network
More unemployment
The latest employment statistics show that unemployment is up and increasing. More people
without work quite simply means more soft targets for syndicates.
The potential for internet abuse in Africa is also high. This is due to the lack of security
awareness programmers or specialized training for the law enforcement agencies.
Lack of legal framework and the existence of weak infrastructures for dealing with cybercrime
Many watchers are warning that Africa is becoming a major source of cyber-crimes; for example,
Nigeria is ranked as the leading State in the region as the target and source of malicious internet
activities; and this is spreading across the west African sub-region
Fighting Cybercrime in Africa…
• African countries are keen to address the issue because not only does it hurt their economies
directly, it also has the potential to compromise their standing as a foreign investment target.
• Several countries that already have specific cybercrime and security legislation or are in the
process of shaping it, including Nigeria, South Africa, Ghana, Kenya, Uganda, Cameroon,
Botswana and Zambia.
• Cybercafés, an important part of the African internet landscape, are encouraged to implement
security procedures to reduce fraud.
• The involvement of top-level government officials, policy makers and implementation groups
must be highlighted at all levels of discussion and coupled with cross-border collaboration, is a
justifiable route for success in fighting cybercrime.
• It is submitted that international mutual legal and technical assistance should be rendered to
African countries by corporate and individual entities to effectively combat cybercrime in Africa.
• Computer ethics education should also be taught to children in schools to educate them about the
negative consequences of committing cybercrime.
• The possibility exists that new forms of cybercrime will emerge with evolving technology. New
cyber laws should therefore be introduced to respond to these rapid changes.
• There should also be continuous research and training of IT security personnel, finance services
sector personnel, police officers, prosecutors and the judiciary to keep them abreast of advancing
computer technology.
• A need also arises for the introduction of more specialized prosecutors and specialized
procedures to facilitate the prosecution of cybercrime cases on a priority basis.
• Internet users should also be encouraged to share the burden of securing informational privacy
where feasible.
• At the end of the day, a balanced approach that considers the protection of fundamental human
rights and the need for the effective prosecution of cybercrimes is the way forward.
• The efforts of professional organizations such as the International Criminal Police Organization
(Interpol) are necessary to combat cybercrime.
• Actually, Interpol has provided technical guidance in cybercrime detection, investigation and
evidence collection.
• The role of multi-national organizations such as the Commonwealth of Nations, the Group of 8
(the G8) and the Organization for Economic Co-operation and Development (the OECD) is
important because their work encompasses a broader territorial environment.

Efforts in Fighting Cybercrime in East Africa

• East African countries have scaled up efforts to combat cybercrimes through a multi-stakeholder
approach involving the government, industry and civil society organizations.
• A cyber security management task force chaired by Kenya has been coordinating activities aimed
at rooting out cybercrimes in the five East African Community member countries.
• This taskforce deals with cyber security at legal, policy and regulatory levels.
• A plan for the five East African states of Uganda, Kenya, Tanzania, Rwanda and Burundi to set
up Computer Emergency Response Teams (CERTs) to fight cybercrime is under way, as
countries concerned seek to involve the International Telecommunications Union's (ITU) help.
• The East African Communications Organizations (EACO) Congress, an umbrella body of all five
regulators, will pursue ITU support for the establishment of the national CERTs.
• The five regulators will also establish a collaborative framework for the national CERTs at
regional and international levels.
• EACO will work to establish and harmonize Internet security policies and Internet laws in the
East African region.
Computer crime and the law in Uganda
• The Parliament of Uganda on Thursday, 7th October, 2010 passed into law two cyber bills that
present a basis for the long overdue legal regulations for security of electronic transactions.
• This follows the increasing business done online in the country and world over every day. As
Government embraces the use of ICT in delivery of its services, it is envisaged that more citizens
and business targeted services will move online for easier access and efficiency.
The Ugandan Cyber Bills
1. Electronic Signatures Bill
• Electronic Signatures Bill makes provision for and regulates the use of electronic signatures and
provide for other related matters.
• The Bill makes provision for the use of electronic signatures in order to ensure that transactions
are carried out in a secure environment.
• It establishes a public key infrastructure for authenticity and security of documents.
• Recognizes the different signature creating technologies and provides effective administrative
structures e.g., establishment of Certification Authorities
2. Electronic Transactions Bill
• The Bill creates a light-handed regulatory regime for electronic transactions.
• It facilitates the development of e-commerce in Uganda by broadly removing existing legal
impediments that may prevent a person from transacting electronically because of a gap in the
traditional laws.
• It makes provision for functional equivalence; thus, paper transactions and electronic
transactions are treated equally before the law. Establishes rules that validate and recognizes
contracts formed through electronic means
• Sets default rules for contract formation and governance of electronic contract performance
• Defines the characteristics of a valid electronic writing and an original document
• Supports the admission of computer evidence in courts and arbitration proceedings
3. The Computer Misuse Bill
• The computer misuse bill will make provision for the safety and security of electronic
transactions and information systems.
• The Bill takes cognizance of the fact that all computer operations are susceptible to computer
crimes and our current legal system does not recognize computer crimes thus the importance of a
legislation to provide for computer crimes.
• It creates several computer misuse offences. e.g., unauthorized modification of computer
material. The bill lays down mechanisms for investigation and prosecution of the offences
Case 1
Cybercrime: Even Microsoft is Vulnerable
• On October 27, 2000, Microsoft acknowledges that its security had been breached and that
outsiders using a Trojan house virus had been able to view source code for computer programs
under development.
Case 2
Visa Combats Online Credit Card Fraud
Visa-branded credit cards generate almost $2 trillion in annual volume and are acceptable at over
22 million locations around the world. Visa is reviewing new ways of authenticating user
transactions