Cybercrime – A Spider Web
With the advancement of technology, evil intelligence also seems to be growing day by day. For instance, cybercrime has become a great threat to the world including not only superpowers but also developing countries, where criminals are committing traditional crimes (such as theft, robbery, harassment and fraud, etc.) through the internet. This trend is on the rise because the internet seems to provide safety to such criminals. It is not easy for the police to catch a cybercriminal as he or she could be anywhere in the world. Cybercrimes exist in places that use the internet, or even technologies like artificial intelligence. The government of each country needs to establish new departments and institutions to deal with cybercriminals. Steps should also be taken to protect internet users from cybercrimes.
When it comes to committing a crime online, it is not clear as to what extent an action is a cybercrime, but it can generally be defined as ‘any malicious act that achieves economic or social gains through the internet or technology’. A more formal definition of cybercrime is that it is a crime in which a computer is the object of the crime (hacking, phishing, spamming and computer trespass), or is used as a tool to commit an offence (child pornography, hate crimes, accessing personal information or trade secrets, etc.) Those who commit cybercrimes can also be generically referred to as hackers. Broadly speaking, there are four subcategories of cybercrime, namely, cyber-trespass (viruses, hacktivism, denial of service attacks), cyber-deception (fraud, piracy, identity theft), cyber-pornography and cyber-violence (cyber-bullying, cyber-stalking).
The concept of cybercrime has been in existence since even before the invention of the computer and internet. The first cybercrime was recorded in 1820, which was not the age of modern computers, though the ‘abacus’ existed which is thought to be earliest and simplest form of a computer. Joseph-Marie Jacquard, a textile manufacturer in France, produced a revolutionary loom. The device allowed the automation of a series of steps in the weaving of traditional fiber. When Joseph’s employees came to know about it, they thought Joseph would replace them with his newly invented loom, so attempting to secure their livelihood and traditional employment they committed acts of sabotage to discourage Joseph from further use of innovative technology. In 1971, John Thomas Draper, an American known as a computer programmer and hacker, discovered that the giveaway whistle in Cap’n Crunch cereal boxes producing 2600 hetrz could be used to build a ‘blue box’ that allowed users to make free phone calls. Esquire published the “secret of the little blue box” with instructions for making one. In the years that followed, wire-fraud intensified in the US.
In 1986, a Pakistani mind helped generate the oldest virus in the world under unauthorized circumstances, which infected IBM computers worldwide. After many government and corporate computers had been damaged, the US Congress passed the Computer Fraud and Abuse Act, declaring such activities as crimes. In 1989, the first large-scale computer extortion case was investigated where, under the pretense of a quiz on the AIDS virus, users unintentionally downloaded a program which threatened to destroy all their computer data unless they paid $500 into a foreign account. In Pakistan, the first ever case was reported by the US Consulate in Karachi. It was reported to the Federal Investigation Agency that some Pakistanis were misusing credit cards and importing goods from America and other countries. It was stated that they stole slips of credit card payments and used them to purchase many items through the internet. The case went on trial in the special court for banking offences and bail was rejected not ony by the trial court but also by the Sindh High Court. All these events are significant in articulating the concept of cybercrime, how it has evolved in society and how it has become front-page news.
Since the last century, cybercrimes have been increasing continuously in numbers and in intensity, harming different states and institutions on different levels. Earlier cybercriminals used to hack systems out of curiosity or for enjoyment, but with the passage of time cybercrimes are worsening in shape. In the 21st century, cybercriminals have come up with more advanced tactics and have victimized millions of people.
The following are some of the prominent incidents of cybercrime which have affected billions of people and hacked millions of computers:
- In 2013, a billion Yahoo accounts were hacked by criminals who stole data including personal information, phone numbers, private emails, passwords and email addresses. Again in 2016, around 500 million Yahoo accounts were hacked.
- In 2015, three men stole the data of millions of people around the world. They were operating from Israel and targeted major companies, corporations and banks, including the US bank, JB Morgan Chase & Co. where they stole the personal data of 83 million customers and earned huge amounts by exploitation.
- In 2015, Russian hackers stole the personal data of bank staff from banks’ computer systems, then impersonated the bank staff online to order fraudulent transfers. They also ordered an ATM machine to dispense cash without inserting a bank card into the machine. By adopting the same strategy, they also stole 650 million euros from global banks.
- In 2017, “WannaCry” named virus was designed by hackers, which was a ransomware sent through email in the form of an attachment. When a user would open that link, the virus would spread in the computer, blocking all files. The files could only be accessed again after payment of ransom money. Through this virus, hackers also targeted the systems of UK’s National Health Service and blocked its computer system for more than a week. Approximately 300,000 computers were hacked through this virus.
These may seem like a few incidents but they are infamous for leaving disastrous effects on victimized systems.
Cybercrime has badly affected the global economy as well. A report by the Center for Strategic and International Studies in collaboration with the security firm McAfee estimated the global economic cost of cyber attackers to be $445 billion and accounted for the loss of 350,000 jobs in the United States and Europe. Globally, different countries have paid huge amounts. In 2013, the US economy lost $525.5 million to cybercrime (FBI, 2013) with the most common complaints being email scams and intimidating crimes such as those attempting to extract money from computer users. In 2012, cybercrime cost British businesses 21 billion euros (Morris, 2012) and affected more than 1 million computers users in the EU every day. Researchers have found that cybercriminals have stolen personal information of millions of people around the world. In 2013, this number amounted to around 40 million users in the US, 54 million in Turkey, 20 million in South Korea, 16 million in Germany and more than 20 million in China. A total of 800 million people have been affected by cyber-criminals. Between 2013 and 2015, the costs resulting from cybercrime quadrupled and it is feared that there will be another quadrupling from 2015 to 2019. Juniper Research has recently predicted that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion worldwide by 2019.
Comparatively, countries where technology is not yet used commonly are in the safe zone, so Pakistan is not as affected by cybercrime as compared to the US and other European Countries. This is mainly because of the lack of knowledge and access to the internet. According to a report, only 500,000 people have access to privately-owned ISPs. According to researchers, the most common cybercrime in Pakistan includes cyber-pornography, the sale of illegal articles, online-gambling, intellectual property crimes, cyber-stalking, email spoofing, unauthorized access to computers, virus attacks, hacking of accounts and theft of personal and official information contained in an electronic form.
Owing to the huge economic and personal data loss, it has become necessary to combat cybercrimes. Government officials across the world have rolled their sleeves up and started working on the laws, ideas and strategies to deal with cybercriminals. Governments’ efforts to control, censor and manage cybercrime with strict laws, punishments, jailing cybercriminals and blocking access to websites are on the rise. For instance, the US has formed the Cyber Threat Intelligence Integration Center (CTIIC), the basic purpose of which is to disseminate information on data breaches, while collaborating with other agencies tackling cybercrime.
Trend Micro, a Japanese multinational cyber-security and defense company founded in Los Angeles, California with headquarters in Japan, has also taken on the role of fighting cybercrime. It is working alongside law enforcement agencies such as INTERPOL and the Japan Metropolitan Police Department to bring cybercriminals to justice. The aim is to not only block malicious websites and provide antimalware but to also catch cybercriminals red-handed with the help of other agencies. In the UK, the National Cyber Crime Unit (NCCU) works as part of the National Crime Agency (NCA) to deal with cybercrimes quickly, target criminal vulnerabilities proactively and prevent criminal opportunities. NCCU provides intelligence and technical and strategic aid to NCA and other law enforcement agencies in order to deal with cybercriminals.
In Pakistan, the government has a lesser control over the internet, though it recently banned more than 50 websites. A few years back, the Pakistani government blocked YouTube to protest the existence of blasphemous content on the website. In 2016, the Pakistani Senate unanimously passed the cybercrime law called the Prevention of Electronic Crimes Act 2016. The National Response Center for Cybercrimes (NR3C) of the Federal Investigation Agency (a law enforcement agency of Pakistan) is also dedicated to fighting cybercrime. NR3C has been formed to deal with technology-based crimes in Pakistan. “Cyber-scouts” is the latest initiative of NR3C in which students are selected and trained to deal with computer emergencies and spread awareness. NR3C is proving services related to computer forensics, mobile forensics, video forensics, network forensics and technical training all over Pakistan. All countries are putting in efforts to deal with cybercrime according to the requirement and nature of cybercrime in respective regions.
It is true that cybercrimes are becoming more sophisticated and destructive in nature and effect, thereby making it difficult for the local authorities to locate and arrest cybercriminals, primarily because of two basic reasons: first, because a cybercriminal can be far away from his or her victim, for example operating in Russia while using servers in the UK and targeting users in the US; secondly, tackling cybercriminals requires specialized resources and expertise. It is predicted that in 2018 ransomware and digital extortion will provide wide opportunities for cybercriminals to thrive. To deal with this kind of situation, we need to make our security systems smarter and more sensitive to deal with malware. Security awareness trainings are also needed to be conducted for employees, CEOs and CFOs of companies and banks, etc. In order to overcome such problems with more efficacy, law enforcement agencies need to work alongside security research companies or institutes. The US and UK already have a few multinational cyber-security companies assisting law enforcement agencies to combat cybercrimes and punish cybercriminals. Other countries also need to follow suit to get rid of this underlying issue.
The views expressed in this article are those of the author and do not necessarily represent the views of CourtingTheLaw.com or any other organization with which she might be associated.