Regulating Cybercrime Notes
Week 1:
Lecture 1A Readings:
Evolution of Cybercrime:
1960s: reports of computer manipulation, computer sabotage, computer espionage and the
illegal use of computer systems.
Three ‘generations’ of cybercrime:
1. Cyber crimes facilitating traditional offences eg. fraud,
2. Crimes across networks eg. hacking,
3. crimes that are ‘wholly mediated’ by technology eg. botnets
Challenges of cybercrime:
1. Scale:
The internet allows users to communicate with many people, cheaply and easily.
2. Accessibility:
Technology is ubiquitous and increasingly easy to use, ensuring its availability to both
offenders and victims.
>Criminal activities that may be beyond the skills of the individual, the internet provides
easy access to those who will do it for you, or tell you how.
3. Anonymity:
Offenders may deliberately conceal their identity online by the use of proxy servers,
spoofed email or internet protocol (IP) addresses or anonymous mailers.
4. Portability and transferability:
Ability to store enormous amounts of data in a small space, and to replicate that data with
no appreciable diminution of quality.
5. Global reach:
Majority of cybercrime acts encountered by police involve a “transnational element”’.
6. Absence of capable guardians:
Digital technology presents law enforcement with a range of challenges.
Principal categories of cybercrime:
1. Cyber-dependent crimes: those ‘that can only be committed using a computer,
computer networks, or other form of ICT’. Eg. hacking, malware and DoS attacks
2. ‘Cyber-enabled’ crimes: ‘traditional crimes that are increased in their scale or reach
by the use of computers, computer networks or other ICT’. Eg. child pornography,
stalking, criminal copyright infringement and fraud.
, 3. Computer-supported crimes’: crimes in which the use of the computer is an
incidental aspect of the commission of the crime but may afford evidence of the
crime. Eg. addresses found in the computer of a murder suspect.
Cyberterrorism:
Attacks on computer networks to further a political, religious or ideological cause, which
have the potential to harm, possibly disrupting essential services such as water, power,
hospitals, financial systems, emergency services, air/shipping control etc.
> In many cases, the threat of cyberattack is not from terrorist groups but from traditional
state actors.
Cyberterrorism-two categories:
1. Situations where technology is used to facilitate the activities of terrorists.
Information and communication technologies (ICTs) may be used to facilitate each stage of
a terrorist attack, from recruitment and radicalization, financing and planning through to
execution.
2. Technology may also be utilised in raising finance.
In this sense, ‘cyberterrorism’ simply ascribes a motivation for other forms of cybercrime.
Cyberspace attacks must have a ‘terrorist’ component in order to be labelled
cyberterrorism.
>The attacks must instil terror as commonly understood (that is, result in death and/or
large-scale destruction), and they must have a political motivation.
Scale of the problem:
There is a lack of reliable statistical cybercrime data.
Factors that continue to make accurate data collection difficult:
1. Lack of consensus as to the meaning of ‘cybercrime’ means that it may not be
included within official crime statistics, or varying meanings may be used by
different institutions.
2. Many cybercrimes’ are in fact existing offences that are facilitated by technology, but
offence statistics often fail to draw a distinction between online and offline crime.
3. the level of actual offending may not accurately be reflected in crime statistics due to
under-reporting.
4. Law enforcement agencies may not have the expertise and/or resources to detect or
investigate cybercrime, while the range of agencies involved may also hamper
accurate recording.
5. many of the numerous sources of data available suffer from problems of over- or
under-reporting
6. media reporting of cybercrime may present a distorted picture.
,‘online/offline consistency’:so far as possible, online conduct should be regulated in the
same way as any other conduct and existing laws relied upon. This results in a ‘half-way’
approach to reform, creating wholly new offences only where absolutely necessary, and
amending existing offences in order to address specific problems.
- helps to ensure that the online environment is not less regulated than the offline
environment and hence more attractive to criminals.
- avoid the false dichotomy that the ‘online/offline’ distinction sometimes presents
‘Virtual crime’; a crime committed in ‘cyberspace’.
Two issues:
1. Where such crimes occur. Do they occur in ‘cyberspace’? Whether cyberspace
represents a distinct ‘place’ which should be subject to its own distinct regulatory
regime. Physical conduct?
‘Internal perspective’:the perspective of the computer user who perceives that he or she
has entered an online world which is distinct from the geographical location in which they
are physically sitting.
‘External perspective’, on the other hand, adopts the viewpoint of the outsider observing
the functioning of the computer in the physical world rather than the perceptions of the
user.
2. whether that particular communication is an offence in the jurisdiction in which it is
sent or received.
Online conduct giving rise to criminal sanction:
1. Offences against the person, eg. ‘virtual rape’/virual murder. The relevant harms are
the distress of the victim and interference with their use of the game.
2. Offences against property
3. Sexual activity
Offences where the computer is the target:
‘[o]offences against the confidentiality, integrity and availability of computer data and
systems’.
Three main categories of conduct:
1. unauthorised access to computers or computer systems;
2. malicious software; and
3. DoS attacks.
a. Unauthorised access to computers or computer systems:
- logging on without permission
, - hackers using networks to gain remote access, sometimes via computers in a
number of jurisdictions
Access motivations:
1. access to information;
2. modification/impairment of data; and
3. use of a computer.
(i) Access to information:
Obtaining confidential commercial or government information (e.g. trade secrets,
intellectual property, defence secrets) or personal information (e.g. medical records, credit
card or social security numbers or credit history).
(ii) Modification/impairment of data:
Modify, delete valuable data, or alter that data so that it is misleading and/or worthless.
(iii) Use of a computer:
Eg. Unauthorised access
1. The use of a service to which the person is not entitled
2. Use of another person’s network may allow a defendant to conceal other illegal
activities
3. A wireless network may provide a point of entry for unauthorised access to a
computer system.
4. Possible to intercept communications transmitted over wireless networks.
B. Malicious software:
Main categories of malware:
1. viruses and worms:
Both are programs that infect a computer by being copied and then performing a
programmed function.
Difference: a virus must infect another program. Worms are similar to viruses but are
self-replicating; that is, they do not need to infect another application.
2. Trojans:
Trojans are programs which appear to be innocent but contain a hidden function.
3. Bots:
A bot is a program which infects a targeted computer and allows it to be controlled
remotely.
4. Spyware:
A range of programs that in some way monitor computer use.
Week 1:
Lecture 1A Readings:
Evolution of Cybercrime:
1960s: reports of computer manipulation, computer sabotage, computer espionage and the
illegal use of computer systems.
Three ‘generations’ of cybercrime:
1. Cyber crimes facilitating traditional offences eg. fraud,
2. Crimes across networks eg. hacking,
3. crimes that are ‘wholly mediated’ by technology eg. botnets
Challenges of cybercrime:
1. Scale:
The internet allows users to communicate with many people, cheaply and easily.
2. Accessibility:
Technology is ubiquitous and increasingly easy to use, ensuring its availability to both
offenders and victims.
>Criminal activities that may be beyond the skills of the individual, the internet provides
easy access to those who will do it for you, or tell you how.
3. Anonymity:
Offenders may deliberately conceal their identity online by the use of proxy servers,
spoofed email or internet protocol (IP) addresses or anonymous mailers.
4. Portability and transferability:
Ability to store enormous amounts of data in a small space, and to replicate that data with
no appreciable diminution of quality.
5. Global reach:
Majority of cybercrime acts encountered by police involve a “transnational element”’.
6. Absence of capable guardians:
Digital technology presents law enforcement with a range of challenges.
Principal categories of cybercrime:
1. Cyber-dependent crimes: those ‘that can only be committed using a computer,
computer networks, or other form of ICT’. Eg. hacking, malware and DoS attacks
2. ‘Cyber-enabled’ crimes: ‘traditional crimes that are increased in their scale or reach
by the use of computers, computer networks or other ICT’. Eg. child pornography,
stalking, criminal copyright infringement and fraud.
, 3. Computer-supported crimes’: crimes in which the use of the computer is an
incidental aspect of the commission of the crime but may afford evidence of the
crime. Eg. addresses found in the computer of a murder suspect.
Cyberterrorism:
Attacks on computer networks to further a political, religious or ideological cause, which
have the potential to harm, possibly disrupting essential services such as water, power,
hospitals, financial systems, emergency services, air/shipping control etc.
> In many cases, the threat of cyberattack is not from terrorist groups but from traditional
state actors.
Cyberterrorism-two categories:
1. Situations where technology is used to facilitate the activities of terrorists.
Information and communication technologies (ICTs) may be used to facilitate each stage of
a terrorist attack, from recruitment and radicalization, financing and planning through to
execution.
2. Technology may also be utilised in raising finance.
In this sense, ‘cyberterrorism’ simply ascribes a motivation for other forms of cybercrime.
Cyberspace attacks must have a ‘terrorist’ component in order to be labelled
cyberterrorism.
>The attacks must instil terror as commonly understood (that is, result in death and/or
large-scale destruction), and they must have a political motivation.
Scale of the problem:
There is a lack of reliable statistical cybercrime data.
Factors that continue to make accurate data collection difficult:
1. Lack of consensus as to the meaning of ‘cybercrime’ means that it may not be
included within official crime statistics, or varying meanings may be used by
different institutions.
2. Many cybercrimes’ are in fact existing offences that are facilitated by technology, but
offence statistics often fail to draw a distinction between online and offline crime.
3. the level of actual offending may not accurately be reflected in crime statistics due to
under-reporting.
4. Law enforcement agencies may not have the expertise and/or resources to detect or
investigate cybercrime, while the range of agencies involved may also hamper
accurate recording.
5. many of the numerous sources of data available suffer from problems of over- or
under-reporting
6. media reporting of cybercrime may present a distorted picture.
,‘online/offline consistency’:so far as possible, online conduct should be regulated in the
same way as any other conduct and existing laws relied upon. This results in a ‘half-way’
approach to reform, creating wholly new offences only where absolutely necessary, and
amending existing offences in order to address specific problems.
- helps to ensure that the online environment is not less regulated than the offline
environment and hence more attractive to criminals.
- avoid the false dichotomy that the ‘online/offline’ distinction sometimes presents
‘Virtual crime’; a crime committed in ‘cyberspace’.
Two issues:
1. Where such crimes occur. Do they occur in ‘cyberspace’? Whether cyberspace
represents a distinct ‘place’ which should be subject to its own distinct regulatory
regime. Physical conduct?
‘Internal perspective’:the perspective of the computer user who perceives that he or she
has entered an online world which is distinct from the geographical location in which they
are physically sitting.
‘External perspective’, on the other hand, adopts the viewpoint of the outsider observing
the functioning of the computer in the physical world rather than the perceptions of the
user.
2. whether that particular communication is an offence in the jurisdiction in which it is
sent or received.
Online conduct giving rise to criminal sanction:
1. Offences against the person, eg. ‘virtual rape’/virual murder. The relevant harms are
the distress of the victim and interference with their use of the game.
2. Offences against property
3. Sexual activity
Offences where the computer is the target:
‘[o]offences against the confidentiality, integrity and availability of computer data and
systems’.
Three main categories of conduct:
1. unauthorised access to computers or computer systems;
2. malicious software; and
3. DoS attacks.
a. Unauthorised access to computers or computer systems:
- logging on without permission
, - hackers using networks to gain remote access, sometimes via computers in a
number of jurisdictions
Access motivations:
1. access to information;
2. modification/impairment of data; and
3. use of a computer.
(i) Access to information:
Obtaining confidential commercial or government information (e.g. trade secrets,
intellectual property, defence secrets) or personal information (e.g. medical records, credit
card or social security numbers or credit history).
(ii) Modification/impairment of data:
Modify, delete valuable data, or alter that data so that it is misleading and/or worthless.
(iii) Use of a computer:
Eg. Unauthorised access
1. The use of a service to which the person is not entitled
2. Use of another person’s network may allow a defendant to conceal other illegal
activities
3. A wireless network may provide a point of entry for unauthorised access to a
computer system.
4. Possible to intercept communications transmitted over wireless networks.
B. Malicious software:
Main categories of malware:
1. viruses and worms:
Both are programs that infect a computer by being copied and then performing a
programmed function.
Difference: a virus must infect another program. Worms are similar to viruses but are
self-replicating; that is, they do not need to infect another application.
2. Trojans:
Trojans are programs which appear to be innocent but contain a hidden function.
3. Bots:
A bot is a program which infects a targeted computer and allows it to be controlled
remotely.
4. Spyware:
A range of programs that in some way monitor computer use.
