CSS 212

General Overview of Cyber Crime Activities & Categorizations

Cybercrime activities are those criminal activities that specifically target a

computer or network for damage or infiltration and also refer to the use of
computers as tools to conduct criminal activities. Cybercrime activities could be
classified as

“computer-aided” and “computer-focused”

a Computer-Aided Crimes

These are crimes accomplished with the help of computer. It can also be referred to
as computer-assisted crimes. Some of them are as follows:

i Denial of service Attack (DoS)

This is an act by the criminal, who floods the bandwidth of the victim network or
fills his e-mail box with spam mail depriving him of the services he is entitled to
access or provide short for denial-of-service attack, a type of attack on a network
that is designed to bring the network to its knees by flooding it with useless traffic.
Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit
limitations in the TCP/IP protocols. For all known DoS attacks, there are software
fixes that system administrators can install to limit the damage caused by the
attacks. But, like Virus, new DoS attacks are constantly being dreamed up by
Hacker.

ii Virus Dissemination

Malicious software that attaches itself to other software. (virus, worms, Trojan
Horse, Time bomb, Logic Bomb, Rabbit and Bacterium are the malicious codes.

iii Software Piracy

Theft of software through the illegal copying of genuine programs or the

counterfeiting and distribution of products intended to pass for the original.

iv Net Extortion
This is the process of seizing, getting or copying data of high value or secrecy in
order to threaten its damage, exposure or reputation tarnishing for huge sum of
money.

v Phishing

The act of sending an e-mail to a user falsely claiming to be an established

legitimate enterprise in an attempt to scam the user into surrendering private
information that will be used for identity theft. The e-mail directs the user to visit a
Web site where they are asked to update personal information, such as passwords
and credit card, social security, and bank account numbers, that the legitimate
organization already has. The Web site, however, is bogus and set up only to steal
the users information. Phishing, also referred to as brand spoofing or carding.

vi Cyber trespassing

This type of crime includes following a victim online. Cyber Criminals send a
program to the victim‟s machine, which after getting downloaded in stealth or
hidden capture all the information from the victim‟s machine and send it to the
criminal. The information collected by the cybercriminal is then used against the
victim for harassing, black mailing etc.

vii Cyber Contraband

Selling of illegal items by use of computer system, preferably having internet

connectivity.

viii Cyber terrorism

Terrorist use technology to spread terrorism across the world. Some websites
provide unwarranted information about making ammunitions, hacking techniques,
spreading arms and ammunitions by using secret codes.

ix Cyber laundering

Cyber criminals lure the victim by sending email‟s assuring them that they have
won a lottery and asking the victim to pay token amount to get the lottery amount.
They ask personal information from the victim such as Name, Age, Address, Bank
Account, Occupation etc. This information collected is then used against the victim
for commiting the crime. The lottery amount is never received by the victim, nor
the token amount is returned back.

x Cyber Theft

This type of crime involves stealing internet time.

xi Cyber Pornography

This is one of the most prominent crime taking place on the internet. Cyber
criminals make websites which promote nudity on the internet. There are many
websites on the internet which promote this heinous crime. Another way by which
criminals promote pornography on the internet is by cutting and pasting two or
more photographs from pornographic sites and merging with the photograph of the
victim. This is called as morphing. Special care has to be taken by individuals,
groups while putting photographs on the websites. Whenever photographs are put
on the internet features such as cut, copy, paste and print screen should be disabled.

xii Email bombing

This kind of activity refers to sending large numbers of mail to the victim, which
may be an individual or a company or even mail servers there by ultimately
resulting into crashing.

xiii Data diddling

This kind of an attack involves altering raw data just before a computer processes
it and then changing it back after the processing is completed. The electricity board
faced similar problem of data diddling while the department was being
computerized.

xiv Salami attacks

This kind of crime is normally prevalent in the financial institutions or for the
purpose of committing financial crimes. An important feature of this type of
offence is that the alteration is so small that it would normally go unnoticed. E.g.
the Ziegler case wherein a logic bomb was introduced in the bank‟s system, which
deducted 10 cents from every account and deposited it in a particular account.
xv Denial of Service attack

The computer of the victim is flooded with more requests than it can handle which
cause it to crash. Distributed Denial of Service (DDoS) attack is also a type of
denial of service attack, in which the offenders are wide in number and
widespread. E.g. Amazon, Yahoo.

xvi Logic bombs

These are event dependent programs. This implies that these programs are created
to do something only when a certain event (known as a trigger event) occurs. E.g.
even some viruses may be termed logic bombs because they lie dormant all
through the year and become active only on a particular date (like the Chernobyl
virus).

xvii Trojan attacks

This term has its origin in the word „Trojan horse‟. In software field this means an
unauthorized programme, which passively gains control over another‟s system by
representing itself as an authorized programme. The most common form of
installing a Trojan is through e-mail.

xviii Web jacking

This term is derived from the term hijacking. In these kinds of offences the hacker
gains access and control over the web site of another. Hacker is someone gains
unauthorized access to computer system or confidential information. Web jacker
may even mutilate or change the information on the site. This may be done for
fulfilling political objectives or for money. Of recent many sites were web jacked.
Out of uncounted number was the site of Bombay crime branch which was also
web jacked. Another case of web jacking is that of the „gold fish‟ case. In this case
the site was hacked and the information pertaining to gold fish was changed.
Further a ransom of US $ 1 million was demanded. Thus web jacking is a process
whereby control over the site of another is made backed by some consideration for
it.
b Computer-Target/Focused Crime

These are cybercrimes attacks meant to disrupt the functionality of the computer
(the effect of this crime is directly felt by the system).

i Viruses

This type of malicious code requires you to actually do something before it infects
your computer. This action could be opening an email attachment or going to a
particular web page.

ii Worms

Worms propagate without user intervention. They typically start by exploiting a

software vulnerability (a flaw that allows the software's intended security policy to
be violated), then once the victim computer has been infected the worm will
attempt to find and infect other computers. Similar to viruses, worms can
propagate via email, web sites, or network-based software. The automated self-
propagation of worms distinguishes them from viruses.

iii Trojan horses

A Trojan horse program is software that claims to be one thing while in fact doing
something different behind the scenes. For example, a program that claims it will
speed up your computer may actually be sending confidential information to a
remote intruder.

iv Physical Destroying the System in other to Destroy Evidence

Even in the traditional law today, for a criminal court to set upon any lawsuit there
must be genuine evidence or witnesses

Categorization of Cybercrime Activities

Categorization Based on Targets
According to Mr. Pavan Duggal, who is the President of cyberlaws.net and consultant,
from wide research and study of cybercrime, cybercrime has been clearly defined into
various categories. Basically into 3 major categories:
 (i) Person-oriented cybercrimes.
(ii) Property-oriented cybercrimes.
(iii) Government-oriented cybercrimes.
1 Person-Oriented Cybercrimes
This is the category of cybercrimes that are targeted towards the personality of individual
or aimed at causing emotional, financial loss or any other form of damage. At the initial
stage, the damage caused may be minor but if not checked could be amplified. Even in
situations where minimal pain, the scars may cut across generations. Some of the
examples of crimes under this category are:

• Email spoofing
• Spamming,
• Cyber Defamation,
• Harassment & Cyber stalking,
• Phishing
• Intellectual Property crimes
• Unauthorized Accessing of Computer
• Cyber Stalking
• Cyber/Child Pornography
• Email account hacking
• Email scams
• Virus attack and so on.
Have a look at the following real life scenarios:

A minor girl was lured after deception to a private place through cyber chat (chat room)
by a man, who, along with his friends, attempted to gang grape her. As some passersby
heard her cry, she was rescued.

Taking Virus attack as another example wherein the damage was not done to a person but
to the masses is the case of the Melissa virus. The Melissa virus first appeared on the
internet in March of 1999. It spread rapidly throughout computer systems in the United
States and Europe. It was estimated that the virus caused 80 million dollars in damages to
computers worldwide. In the United States alone, the virus made its way through 1.2
million computers in one-fifth of the country's largest businesses. David Smith pleaded
guilty on Dec. 9, 1999 to state and federal charges associated with his creation of the
Melissa virus. There are numerous examples of such computer viruses few of them being
"Melissa" and "love bug".

Violation of privacy of online citizens is a Cybercrime of a grave nature. No one likes

any other person invading the invaluable and extremely touchy area of his or her own
privacy, which the medium of internet grants to the citizen.

2 Property-Oriented Cybercrimes
These are crimes that are targeted towards organization of corporate existence. It could be
targeted towards business or non-business organizations. The essence of this category of
crime is to cause a low output or slow down their business. It is destruction of others'
property. These include some of which have explained in the unit 1:
• Intellectual Property crimes
• Credit Card Fraud
• Theft of computer source code
• Software piracy
• Unauthorized Accessing of Computer
• Denial of Service
• Virus attack
• Email Bombing
• Salami Attack
• Trojan Horse
• Data diddling
3 Government-Oriented Cybercrimes
In this type of crime the government is the target, mostly to steal security and high profile
information. This includes:
• Cyber Terrorisms
• Web hacking
• Tax evasion and money laundry
• Cyber defamation
The third category of Cyber-crimes relate to Cybercrimes against Government. Cyber
terrorism is one distinct kind of crime in this category. The growth of internet has shown
that individuals and groups to threaten the international governments as also to terrorize
the citizens of a country are using the medium of Cyberspace. This crime manifests itself
into terrorism when an individual "cracks" into a government or military maintained
website.

Cracking is amongst the gravest Cyber-crimes known till date. It is a dreadful feeling to
know that a stranger has broken into your computer systems without your knowledge and
consent and has tampered with precious confidential data and information.
Coupled with this the actuality is that no computer system in the world is cracking proof.
It is unanimously agreed that any and every system in the world can be cracked. The
recent denial of service attacks seen over the popular commercial sites like E-bay, Yahoo,
Amazon and others are a new category of Cyber-crimes, which are slowly emerging as
being extremely dangerous.

Categorization Based on the Object of Legal Protection

According to the Council of Europe Convention on Cybercrime, four different types of

cybercrime offenses were identified. They are:

• Offences against the confidentiality, integrity and availability of computer data

and systems;

• Computer-related offences;

• Content-related offences; and

 • Copyright-related offences

1 Offences against the Confidentiality, Integrity and Availability of Computer

Data and Systems:

All offences in this category are directed against (at least) one of the three legal
principles of confidentiality, integrity and availability. Unlike crimes that have been
covered by criminal law for centuries (such as theft or murder), the computerization of
offences is relatively recent, as computer systems and computer data were only
developed around sixty years ago. The effective prosecution of these acts requires that
existing criminal law provisions not only protect tangible items and physical documents
from manipulation, but also extend to include these new legal principles. This section
gives an overview of the most commonly occurring offences included in this category.

 Illegal Access (Hacking, Cracking)

The offence described by “hacking” refers to unlawful access to a computer system, one
of oldest computer-related crimes. Following the development of computer networks
(especially the Internet), this crime has become a mass phenomenon. Famous targets of
hacking attacks include the United States National Aeronautics and Space Administration
(NASA), the United States Air force, Pentagon, Yahoo, Google, eBay and the German
Government. Examples of hacking offences include: Breaking the password of password-
protected websites; and

• Circumventing password protection on a computer.

 Data Espionage

Sensitive information is often stored in computer systems. If the computer system is

connected to the Internet, offenders can try to access this information via the Internet
from almost any place in the world. The Internet is increasingly used to obtain trade
secrets more often. The value of sensitive information and the ability to access it
remotely makes data espionage highly interesting. In the 1980s, a number of German
hackers succeeded in entering United States government and military computer systems,
obtain secret information and sell this information to agents from the Soviet Union.
Offenders use various techniques to access victims‟ computers, including:

• use of software to scan for unprotected ports;

• use of software to circumvent protection measures; and

• “social engineering”.

Especially the last approach “social engineering”, which refers to a non-technical kind of
intrusion that relies heavily on human interaction and often involves tricking other people
to break normal security procedures, is interesting as it not based on technical means.

 Illegal Interception

Offenders can intercept communications between users (such as e-mails) or intercept data
transfers (when users upload data onto webservers or access web-based external storage
media) to record the information exchanged. Offenders can target any communication
infrastructure (e.g., fixed lines or wireless) and any Internet service (e.g. e-mail, chat)

 Data Interference

Computer data are vital for private users, businesses and administrations, all of which
depend on the integrity and availability of data. Lack of access to data can result in
considerable (financial) damage. Offenders can violate the integrity of data and interfere
with them by:

• Deleting data; and/or

• Suppressing data; and/or

• Altering data; and/or

• Restricting access to them.

One common example of the deletion of data is the computer virus.

 System Interference

The same concerns over attacks against computer data apply to attacks against computer
systems. More businesses incorporating Internet services into their production processes,
with benefits of 24-hour availability and worldwide accessibility. If offenders succeed in
preventing computer, systems from operating smoothly, this can result in great financial
losses for victims. Attacks can be carried out by physical attacks on the computer system.
If offenders are able to access the computer system, they can destroy hardware. For most
criminal legal systems, remote physical cases do not pose major problems, as they are
similar to classic cases of damage or destruction of property. However, for highly
profitable e-commerce businesses, the financial damages caused by attacks to the
computer system are often far greater than the mere cost of computer hardware.
2 Content-related Offences

This category covers content that is considered illegal, including child pornography,
xenophobic material or insults related to religious symbols. The development of legal
instruments to deal with this category is far more influenced by national approaches,
which can take into account fundamental cultural and legal principles. For illegal content,
value systems and legal systems differ extensively between societies. The dissemination
of xenophobic material is illegal in many European countries, but can be protected by the
principle of freedom of speech in the United States. The use of derogatory remarks in
respect of the Holy Prophet is criminal in many Arabic countries, but not in some
European countries.

 Erotic or Pornographic Material

Sexually-related content was among the first content to be commercially distributed over
the Internet, which offers advantages to retailers of erotic and pornographic material
including:

• Exchange of media (such as pictures, movies, live coverage) without the need for cost-
intensive shipping;

• Worldwide access, reaching a significantly larger number of customers than retail

shops;

 Racism, Hate Speech, Glorification of Violence

Radical groups use mass communication systems such as the Internet to spread
propaganda. Besides propaganda, the Internet is used to sell certain goods e.g. Nazi-
related items such as flags with symbols, uniforms and books, readily available on
auction platforms and specialized web-shops.

 Religious Offences

A growing number of websites present material that is in some countries covered by

provisions related to religious offences e.g., anti-religious written statements. Although
some material documents objective facts and trends (e.g., decreasing church attendance in
Europe), this information may be considered illegal in some jurisdictions. Other
examples include the defamation of religions or the publication of cartoons.

 Illegal Gambling and Online Games

Internet games and gambling are one of the fastest-growing areas in the Internet

 Spam and Related Threats

“Spam” describes the emission of unsolicited bulk messages. Although various scams
exist, the most common one is e-mail spam. Offenders send out millions of e-mails to
users, often containing advertisements for products and services, but frequently also
malicious software.

3 Copyright- and Trademark-related Offences

One of the vital functions of the Internet is the dissemination of information. Companies
use the Internet to distribute information about their products and services. In terms of
piracy, successful companies may face problems on the Internet comparable to those that
exist outside the network. Their brand image and corporate design may be used for the
marketing of counterfeit products, with counterfeiters copying logos as well as products
and trying to register the domain related to that particular company. Companies that
distribute products directly over the Internet can face legal problems with copyright
violations. Their products may be downloaded, copied and distributed.

 Copyright-related Offences

With the switch from analogue to digital, digitalization has enabled the entertainment
industry to add additional features and services to movies on DVD, including languages,
subtitles, trailers and bonus material. CDs and DVDs have proved more sustainable than
records and video-tapes. Digitalization has opened the door to new copyright violations.
The basis for current copyright violations is fast and accurate reproduction. Before
digitalization, copying a record or a video-tape always resulted in a degree of loss of
quality. Today, it is possible to duplicate digital sources without loss of quality, and also,
as a result, to make copies from any copy. The most common copyright violations
include:

• Exchange of copyright-protected songs, files and software in file-sharing systems;

• The circumvention of Digital Rights Management systems;

 Trademark-related Offences
Trademark violations are similar to copyright violations, a well-known aspect of global
trade. Violations related to trademarks have transferred to cyberspace, with varying
degrees of criminalization under different national penal codes. The most serious
offences include:

• The use of trademarks in criminal activities with the aim of misleading targets; and

• Domain or name-related offences. The good reputation of a company is often linked

directly with its trademarks. Offenders use brand names and trademarks fraudulently in a
number of activities, including phishing, where millions of e-mails are sent out to Internet
users resembling e-mails from legitimate companies e.g., including trademarks. Another
issue related to trademark violations is domain-related offences such as cyber-squatting,
which describes the illegal process of registering a domain name identical or similar to a
trademark of a product or a company

4 Computer-related Offences

This category covers a number of offences that need a computer system to be committed.
Unlike previous categories, these broad offences are often not as stringent in the
protection of legal principles, including:

• Computer-related fraud;

• Computer-related forgery, phishing and identity theft; and

• Misuse of devices.

 Fraud and Computer-related Fraud

Computer-related fraud is one of the most popular crimes on the Internet, as it enables the
offender to use automation and software tools to mask criminals‟ identities. Automation
enables offenders to make large profits from a number of small acts. One strategy used by
offenders is to ensure that each victim‟s financial loss is below a certain limit. With a
„small‟ loss, victims are less likely to invest time and energy in reporting and
investigating such crimes. One example of such a scam is the Nigeria Advanced Fee
Fraud

 Computer-related Forgery

Computer-related forgery describes the manipulation of digital document for example,

by:
• Creating a document that appears to originate from a reliable institution;

• Manipulating electronic images (for example, pictures used as evidence in court); or

• Altering text documents.

The falsification of e-mails includes the scam of “phishing” which is a serious challenge
for law enforcement agencies worldwide. “Phishing” seeks to make targets disclose
personal/secret information.

 Misuse of Devices

Cybercrime can be committed using only basic equipment. Committing offences such as
libel or online fraud needs nothing more than a computer and Internet access and can be
carried out from a public Internet café. Offences that are more sophisticated can be
committed using specialist software tools.

 Combination Offences

There are a number of terms used to describe complex scams covering a number of
different offences. Examples include:

• Cyber terrorism;

• Cyber laundering; and

• Phishing;

Cyber terrorism

Today it is known that terrorists use ICTs and the Internet for:

• Propaganda;

• Information gathering;

• Preparation of real-world attacks;

• Publication of training material;

• Communication;

• Terrorist financing;

• Attacks against critical infrastructures.

  Cyber warfare

Cyber warfare describes the use of ICTs in conducting warfare using the Internet. It
shares a number of features in common with cyber terrorism. Discussions originally
focused on the substitution of classic warfare by computer-mediated or computer-based
attacks. Network-based attacks are generally cheaper than traditional military operations
and can be carried out even by small states

 Cyber laundering

The Internet is transforming money laundering. With larger amounts, traditional money-
laundering techniques still offer a number of advantages, but the Internet offers several
advantages. Online financial services offer the option of enacting multiple, worldwide
financial transactions very quickly.