Read CyberCrime Page 2


  Chapter 2 : 2. The phenomena of cybercrime

  2.1 Definitions

  Most reports, guides or publications on cybercrime begin by defining the terms “computer crime” and

  “cybercrime”.In this context, various approaches have been adopted in recent decades to develop a precise

  definition for both terms. Before providing an overview of the debate and evaluating the approaches, it is useful to

  determine the relationship between “cybercrime” and “computer-related crimes”.Without going into detail at this

  stage, the term “cybercrime” is narrower than computer- related crimes as it has to involve a computer network.

  Computer-related crimes cover even those offences that bear no relation to a network, but only affect stand-alone

  computer systems.

  During the 10th United Nations Congress on the Prevention of Crime and the Treatment of Offenders, two

  definitions were developed within a related workshop:Cybercrime in a narrow sense (computer crime) covers any

  illegal behaviour directed by means of electronic operations that target the security of computer systems and the

  data processed by them. Cybercrime in a broader sense (computer- related crimes) covers any illegal behaviour

  committed by means of, or in relation to, a computer system or network, including such crimes as illegal possession

  and offering or distributing information by means of a computer system or network.

  One common definition describes cybercrime as any activity in which computers or networks are a tool, a target or a

  place of criminal activity. There are several difficulties with this broad definition. It would, for example, cover

  traditional crimes such as murder, if perchance the offender used a keyboard to hit and kill the victim. Another

  broader definition is provided in Article 1.1 of the Stanford Draft International Convention to Enhance Protection

  from Cyber Crime and Terrorism (the “Stanford Draft”), which points out that cybercrime refers to acts in respect to

  cybersystems.

  2.2 Typology of cybercrime

  The term “cybercrime” is used to cover a wide variety of criminal conduct. As recognized crimes include a broad

  range of different offences, it is difficult to develop a typology or classification system for cybercrime. One approach

  can be found in the Convention on Cybercrime, which distinguishes between four different types of offences:

  1. offences against the confidentiality ,integrityandavailabilityofcomputerdataand systems;

  2. computer-related offences; 3. content-related offences; and 4. copyright-related offences.

  This typology is not wholly consistent, as it is not based on a sole criterion to differentiate between categories.

  Three categories focus on the object of legal protection: “offences against the confidentiality, integrity and

  availability of computer data and systems”; content-related offences; and copyright- related offences. The fourth

  category of “computer-related offences”does not focus on the object of legal protection, but on the method used to

  commit the crime. This inconsistency leads to some overlap between categories.

  In addition, some terms that are used to describe criminal acts (such as “cyberterrorism” or “phishing”) cover acts

  that fall within several categories. Nonetheless, the four categories can serve as a useful basis for discussing the

  phenomena of cybercrime.

  2.3 Development of computer crime and cybercrime

  The criminal abuse of information technology and the necessary legal response are issues that have been discussed

  ever since the technology was introduced. Over the last 50 years, various solutions have been implemented at the

  national and regional levels. One of the reasons why the topic remains challenging is the constant technical

  development, as well as the changing methods and ways in which the offences are committed.

  - 2.3.1 The 1960s

  In the 1960s, the introduction of transistor-based computer systems, which were smaller and less expensive than

  vacuum-tube based machines, led to an increase in the use of computer technology. At this early stage, offences

  focused on physical damage to computer systems and stored data. Such incidents were reported, for example, in

  Canada, where in 1969 a student riot caused a fire that destroyed computer data hosted at the university. In the mid

  1960s, the United States started a debate on the creation of a central data-storage authority for all ministries.

  Within this context, possible criminal abuse of databases and the related risks to privacy were discussed.

  Cyber Crime

  7

  - 2.3.2 The 1970s

  In the 1970s, the use of computer systems and computer data increased further.At the end of the decade, an

  estimated number of 100 000 mainframe computers were operating in the United States.With falling prices,

  computer technology was more widely used within administration and business, and by the public. The 1970s were

  characterized by a shift from the traditional property crimes against computer systems that had dominated the

  1960s, to new forms of crime. While physical damage continued to be a relevant form of criminal abuse against

  computer systems, new forms of computer crime were recognized. They included the illegal use of computer

  systems and the manipulation of electronic data. The shift from manual to computer- operated transactions led to

  another new form of crime – computer-related fraud.Already at this time, multimillion dollar losses were caused by

  computer-related fraud.Computer-related fraud, in particular, was a real challenge, and law- enforcement agencies

  were investigating more and more cases. As the application of existing legislation in computer-crime cases led to

  difficulties, a debate about legal solutions started in different parts of the world. The United States discussed a draft

  bill designed specifically to address cybercrime.Interpol discussed the phenomena and possibilities for legal

  response.

  - 2.3.3 The 1980s

  In the 1980s, personal computers became more and more popular. With this development, the number of computer

  systems and hence the number of potential targets for criminals again increased. For the first time, the targets

  included a broad range of critical infrastructure. One of the side effects of the spread of computer systems was an

  increasing interest in software, resulting in the emergence of the first forms of software piracy and crimes related to

  patents.The interconnection of computer systems brought about new types of offence. Networks enabled offenders

  to enter a computer system without being present at the crime scene. In addition, the possibility of distributing

  software through networks enabled offenders to spread malicious software, and more and more computer viruses

  were discovered. Countries started the process of updating their legislation so as to meet the requirements of a

  changing criminal environment. International organizations also got involved in the process. OECD and the Council

  of Europe set up study groups to analyse the phenomena and evaluate possibilities for legal response.

  - 2.3.4 The 1990s

  The introduction of the graphical interface (“WWW”) in the 1990s that was followed by a rapid growth in the

  number of Internet users led to new challenges. Information legally made available in one country was available

  globally – even in countries where the publication of such information was criminalized. Another concern associated

  with online services that turned out to be especially challenging in the investigation of transna
tional crime was the

  speed of information exchange. Finally, the distribution of child pornography moved from physical exchange of

  books and tapes to online distribution through websites and Internet services. While computer crimes were in

  general local crimes, the Internet turned electronic crimes into transnational crime.

  As a result, the international community tackled the issue more intensively. UN General Assembly Resolution 45/121

  adopted in 1990 and the manual for the prevention and control of computer-related crimes issued in 1994 are just

  two examples.

  - 2.3.5 The 21st Century

  As in each preceding decade, new trends in computer crime and cybercrime continued to be discovered in the 21st

  century. The first decade of the new millennium was dominated by new, highly sophisticated methods of committing

  crimes, such as “phishing”, and “botnet attacks”, and the emerging use of technology that is more difficult for law

  enforcement to handle and investigate, such as “voice-over-IP (VoIP) communication” and “cloud computing”. It is

  not only the methods that changed, but also the impact. As offenders became able to automate attacks, the number

  of offences increased. Countries and regional and international organizations have responded to the growing

  challenges and given response to cybercrime high priority.

  Cyber Crime

  8

  Cyber Crime

  9