This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Society has become increasingly aware of computer crimes also called cybercrimes as a result of the continual advancement of computer technology. Computer crimes began with the popularity of computers during the mid 1990's with the creation of Microsoft Windows 3.1. Computer technology is fairly young and the advancement of computers progress so quickly that agencies around the world are constantly trying to grasp the new technology and how best to police the crimes associated with it. It is certain, as stated in the article on "cybercrime" in the Encyclopedia Britannica (2009, ¶1), "Cybercrime, especially through the internet, has grown in importance as the computer has become central to commerce, entertainment, and government." In this paper, the definition of computer crime will be explored; statistics associated with computer crimes will be discussed; motivation of cybercriminals will be revealed and how to fight back against the cybercriminal will be touched upon.
Computer Crime Definition
There is controversy surrounding the definition of computer crime or cybercrime. In the Encyclopedia Britannica article on "cybercrime" (2009, ¶1), it defines cybercrime as "the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy." In the article, "Defining the boundaries of computer crime: piracy, break-ins, and sabotage in cyberspace" Tavani (2000) discussed the definition of computer crime and the need for a separate category of computer crime. Tavani (2000) wrote, "we can begin by noting that computers make possible certain kinds of crimes that otherwise would not have been possible in the pre-computer era" (p. 5). He further noted, "that for a criminal act to count as a genuine instance of computer crime, the act must be one that can be carried out only through the use of computer technology" (Tavani, 2000, p. 6). Furthermore, Tavani (2000) explained:
Crimes that fit our definition would fall into one of three distinct categories:
- Software Piracy - using computer technology to (a) produce one or more unauthorized copies of proprietary computer software, or (b) distribute unauthorized software or make copies of that software available for distribution over a computer network.
- Electronic Break-Ins - using computer technology to gain unauthorized access either to an individual's or an organization's computer system, or to a password protected Web site.
- Computer Sabotage - using computer technology to unleash one or more programs that (a) distribute the flow of electronic information across one or more computer networks, including the Internet, or (b) destroy or damage data and computer system resources. (p. 7)
Unlike the Encyclopedia Britannica's definition of computer crime, Tavani (2000) argued that criminal acts that involve the use of a computer but do not fit into the above three categories would not be categorized as a computer crime (p. 7). These crimes used the computer as a tool but were crimes long before computers became popular, as for example, child pornography. Child pornography was a crime long before computers became central to every household. Violators just found other methods of committing the crime without the computer during the pre-computer era. Computers have made crimes more opportunistic and it seems that it has become conveniently easy to group crimes that involved a computer together with the label of computer crime or cybercrime. As shown, there is still much controversy as to the exact definition of computer crime or cybercrime. In addition, a standard definition could not be defined using a dictionary. Typing "computer crime" or "cybercrime," into Merriam-Webster's Online Dictionary (2009) produced the following results, "The word you've entered isn't in the dictionary."
Computer Crime Statistics
It is worth noting that while searching for statistics on computer crimes it was obvious that this type of statistical data was hard to capture because many of these crimes are not reported and there is no all inclusive way to capture a complete and accurate statistical number. However, according to the National Criminal Justice Reference Service (NCJRS) Abstract on the "Internet Crime Report, 2008" authored by the Internet Crime Complaint Center, "The Internet Crime Complaint Center (IC3) which began operating on May 8, 2000, reports on complaints received and referred by IC3 to law enforcement or regulatory agencies for appropriate action." Furthermore, the NCJRS abstract (2009) offered the following statistics:
From January 1, 2008 through December 31, 2008, the IC3 Web site received 275,284 complaints, a 33.1 percent increase from 2007. These complaints were mostly related to fraud, such as auction fraud, nondelivery of ordered items, and credit/debit card fraud. Other types of complaints involved computer intrusions, spam/unsolicited e-mail and child pornography. Of these complaints IC3 referred 72,940 to Federal, State and local law enforcement agencies around the country for further consideration.... The total dollar loss from all referred cases of fraud was $264.6 million, with a median dollar loss of $931,000 per complaint. E-mail (74 percent) and Web pages (28.9 percent) were the two primary mechanisms by which fraudulent contacts occurred. (Internet Crime Report, 2008, NCJRS Abstract)
Another computer crime statistic worth mentioning is piracy. Piracy continues to be a problem among the software, music and the movie industry. In the article, "Computer-related crime: ethical considerations" Parker (1990) presented the following statistic on piracy, "A study related by a coalition of U.S. companies revealed that piracy of computer software and other copyrighted materials in twelve 'problem countries' is costing the United States more than 1.3 billion a year" (p. 14). Additionally, Parker (1990) reported that, "software manufacturers and analysts estimate that from four to ten illegal copies exist for every software package lawfully purchased" (p. 15).
Lastly, one other good resource for statistical data on computer crimes is from the Computer Security Institute (CSI). Since 1995, CSI has surveyed the community about how they were affected by network and computer crime. In 2008, over 500 security professionals from U.S. corporations, government agencies, financial institutions, medical institutions and universities responded to their survey. "The survey asks about a number of different sorts of computer attacks and incidents" (Richardson, p. 14). The survey charted, "four categories of highest incidence, namely viruses (50%), insider abuse (44%), laptop theft (42%) and unauthorized access to systems (29%)" (Richardson, p. 14). In addition the survey reported, "This year, the average loss per respondent was $288,618" (Richardson, p. 16). It is worth mentioning that within the report "security professionals observing the state of the 'hacker' underworld have long been very concerned about several significant factors likely to change the face of cybercrime within organizations" (Richardson, p. 17). Primarily, "The first of these is the shift toward a "professionalization" of computer crime...that more of the perpetrators of current computer crime are motivated by money, not bragging rights" (Richardson, p. 17). As seen through these statistics, computer crime has steadily risen over the years and there seem to be a shift in the world of computer crimes from committing these crimes because it is a challenge to now being motivated by money. Since computer technology continues to advance, it is reasonable to expect that cybercriminals will continue to advance as well, and become more professional in the profession of computer crimes.
Motivation of Cybercriminals
So what motivates a cybercriminal? Most people have a tendency to believe that cybercriminals are driven by the challenge or by money. Floyd, Harrington and Hivale (2007), authors of "The Autotelic Propensity of Types of Hackers" explore autotelic behavior and how it relates to motivation and the types of hackers. They defined autotelic behavior as a "characteristic of individuals who see challenges as opportunities for action, when others see challenges as threats" (Floyd, 2007, Section 2, ¶1). They further defined eight types of cybercriminals and their motivations as:
Novices (looking for media attention), cyberpunks (tend to brag about their exploits), disgruntled employees or ex-employees, petty thieves (motivated by greed or necessity to pay off other habits), coders (have sense of power and prestige), old-guard hackers (interested in the intellectual endeavor), professional criminals (who are highly motivated and trained and specialize in corporate espionage), information warriors / cyberterrorists (politically motivated) , and political activist (hactivists). (Floyd, 2007, Section 1, ¶4)
The authors further discussed two categories of hackers which were "black hat" and "white hat" hackers and there being an obvious difference in what motivates them (Floyd, 2007, Section 3, ¶5,6). "White hat hackers or 'old guard hackers'... appear to be driven more by the autotelic nature of hacking, whereas black hat hackers may be driven by malicious or self serving intentions" (Floyd, Section 3, ¶7). The authors Floyd, Harrington and Hivale concluded that autotelic behavior seemed to relate to the type of hackers who hack for a challenge whereas autotelic behavior is not related to those hackers who hack destructively (Floyd, Section 5, ¶1). In addition, they revealed how organizations looked to hire hackers in order to help better secure their own computer system (Floyd, Section 5, ¶2). However, it seems that organizations should become more aware of the type of hackers and their motivation before hiring a person into such a core and accessible position in an organization (Floyd, Section 5 ¶2).
Fighting Back Against the Cybercriminal
Author Jay Becker (1982) of the article "Computer Crime Career of the Future?" wrote, "The odds are one in twenty-two thousand that a computer criminal will go to jail" (p. 12). This is pretty good odds in favor for the computer criminal and with these odds it is probably safe to bet that computer criminals will become more common. So how do we compete? Doswell (2008) noted in "A Case Study on Computer Security for Non-Expert Computer User" that, "One of the biggest security holes are weak passwords" (p. 361). Most computer users generally pick easy passwords for them to remember and a password cracker program can easily give hackers accessibility into a home computer. In Doswell's (2008) article, she quoted Eugene H. Spafford, director of the Purdue Center for Education and Research in Information Assurance and Security as stating, "The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts" (p. 362). That is a very powerful statement considering there is at least one computer in most every home in the United States and multitude of computers in organizations around the world. Therefore, users need to become more diligent about protecting their computers at home. They need to be more aware of the hackers and how they hack computers and implore the means to fight back with antivirus software, firewalls and better computer passwords. Government agencies need to establish a legal and effective program against cybercriminals. As Sofaer and Goodman (2001) wrote in The Transnational Dimension of Cyber Crime and Terrorism:
An effective program against transnational cyber crime will require legal cooperation among states that involves the enforcement of agreed standards of conduct.... This consensus must be translated into a legal regime in which all states that are connected to the Internet prohibit forms of conduct widely regarded as destructive or improper. (p. 2)
In other words, there needs to be a consensus among federal and state and even countries about how to deal with cyber crimes. We need to be a nation or a multitude of nations without boundaries when dealing with cyber criminals as the internet has no boundaries and cyber criminals themselves have no boundaries.
In summary, as computer technology become more advanced there will continue to be a rise in computer crimes. Government agencies need to come to a consensus on how to regulate computer crimes across not only our own nation's borders but all countries as well. Standard definitions, laws and effective programs need to be put in place to deal with these computer crimes. Until government agencies make this a priority, the problem will continue to worsen and grow. The motivation for the cybercriminal will continue to allure them when there are few regulations in place. In the meantime, people and organizations need to protect their computer and proprietary information with stronger passwords and software that will prevent the cybercriminal from obtaining information.
- Becker, J. 1982. Computer crime career of the future?. SIGCAS Comput. Soc. 12, 1 (Jan. 1982), 12-15. Retrieved November 7, 2009 from the ACM Digital Library, DOI= http://doi.acm.org/10.1145/957893.957896
- Cybercrime. (2009). In Encyclopedia Britannica. Retrieved November 7, 2009 from Encyclopaedia Britannica Online: http://search.eb.com/eb/article-9001623
- Doswell, F. 2008. A case study on computer security for non-expert computer user. In Proceedings of the 46th Annual Southeast Regional Conference on XX (Auburn, Alabama, March 28 - 29, 2008). ACM-SE 46. ACM, New York, NY, 361-365. Retrieved November 7, 2009 from the ACM Digital Library, DOI= http://doi.acm.org/10.1145/1593105.1593201
- Floyd, K., Harrington, S. J., and Hivale, P. 2007. The autotelic propensity of types of hackers. In Proceedings of the 4th Annual Conference on information Security Curriculum Development (Kennesaw, Georgia, September 28 - 28, 2007). InfoSecCD '07. ACM, New York, NY, 1-4. Retrieved November 7, 2009 from the ACM Digital Library, DOI= http://doi.acm.org/10.1145/1409908.1409926
- Internet Crime Complaint Center, United States. (2009). Internet Crime Report, 2008. Abstract retrieved from NCJRS database: http://www.ncjrs.gov/App/Publications/abstract.aspx?ID=248476
- Merriam-Webster Online Dictionary. 2009. Retrieved November 7, 2009, from http://www.merriam-webster.com/dictionary/computer%20crime or http://www.merriam-webster.com/dictionary/cybercrime
- Parker, R. 1990. Computer related crime: ethical considerations. In Proceedings of the Conference on Computers and the Quality of Life (George Washington University, Washington, D.C., United States, September 13 - 16, 1990). CQL '90. ACM, New York, NY, 180-191. Retrieved November 7, 2009 from the ACM Digital Library, DOI= http://doi.acm.org/10.1145/97344.97425
- Richardson, Robert. 2008 CSI Computer Crime & Security Survey The latest results from the longest-running project of its kind. (n.d.) Retrieved November 7, 2009, from http://i.cmpnet.com/v2.gocsi.com/pdf/CSIsurvey2008.pdf
- Sofaer, A. D. 2001 The Transnational Dimension of Cyber Crime Terrorism. Hoover Institution Press. Retrieved November 7, 2009 from http://media.hoover.org/documents/0817999825_1.pdf
- Tavani, H. T. 2000. Defining the boundaries of computer crime: piracy, break-ins, and sabotage in cyberspace. SIGCAS Comput. Soc. 30, 3 (Sep. 2000), 3-9. Retrieved November 7, 2009 from The ACM Digital Library, DOI= http://doi.acm.org/10.1145/572241.572242