Cyber Crimes and General Principles
As the new millennium dawned, the computer has gained popularity in every aspect of our lives. This includes the use of computers by persons involved in the commission of crimes. Today, computers play a major role in almost every crime that is committed. Every crime that is committed is not necessarily a computer crime, but it does mean that law enforcement must become much more computer literate just to be able to keep up with the criminal element. According to Donn Parker , “For the first time in human history, computers and automated processes make it possible to possess, not just commit, a crime. Today, criminals can pass a complete crime in software from one to another, each improving or adapting it to his or her own needs.”
The first recorded cyber crime took place in the year 1820. The era of modern computers, however, began with the analytical engine of Charles Babbage. Cyber crime is an evil having its origin in the growing dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to nuclear power plants is being run on computers, cyber crime has assumed rather threatening implications.
The majority of what are termed “cyber-crimes” is really violations of longstanding criminal law, perpetrated through the use of computers or information networks. The problems of crime using computers will rarely require the creation of new substantive criminal law; rather, they suggest need for better and more effective means of international cooperation to enforce existing laws.
On the other hand, there are new and serious problems posed by attacks against computers and information systems, such as malicious hacking, dissemination of viruses, and denial-of-service attacks. Such attacks should be effectively prohibited, wherever they may originate. At the same time, it is to be remembered that often the most effective way to counter such attacks is to quickly deploy technical countermeasures; therefore, to the extent that well-meaning but overbroad criminal regulations diminish the technical edge of legitimate information security research and engineering, they could have the unintended consequence of actually undermining information security.
What is a Computer Crime?
a. Criminals Can Operate Anonymously Over the Computer Networks.
b. Hackers Invade Privacy.
c. Hackers Destroy "Property" in the Form of Computer Files or Records.
d. Hackers Injure Other Computer Users by Destroying Information Systems.
e. Computer Pirates Steal Intellectual Property.
Definition of Cyber Crime
Defining cyber crimes, as "acts that are punishable by the Information Technology Act" would be unsuitable as the Indian Penal Code also covers many cyber crimes, such as email spoofing and cyber defamation, sending threatening emails etc. A simple yet sturdy definition of cyber crime would be "unlawful acts wherein the computer is either a tool or a target or both".
Classification of Cyber Crimes:
The Information Technology Act deals with the following cyber crimes along with others:
o Tampering with computer source documents
o Publishing of information, which is obscene in electronic form
o Child Pornography
o Accessing protected system
o Breach of confidentiality and privacy
Cyber crimes other than those mentioned under the IT Act
o Cyber Stalking
o Cyber squatting
o Data Diddling
o Cyber Defamation
o Trojan Attack
o Financial crimes
o Internet time theft
o Virus/worm attack
o E-mail spoofing
o Email bombing
o Salami attack
o Web Jacking
The Concept of Cyber Terrorism
Cyber crime and cyber terrorism are both crimes of the cyber world. The difference between the two however is with regard to the motive and the intention of the perpetrator.
While a cyber crime can be described simply as an unlawful act wherein the computer is either a tool or a target or both, cyber terrorism deserves a more detailed definition. One can define cyber terrorism as a premeditated use of disruptive activities or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.
Any person who commits an illegal act with a guilty intention or commits a crime is called an offender or a criminal. In this context, any person who commits a Cyber Crime is known as a Cyber Criminal. The Cyber Criminals may be children and adolescents aged b/w 6-18 years, they may be organized hackers, may be professional hackers or crackers, discontented employees, cheaters or even psychic persons.
a. Kids & Teenagers (age group 9-16 etc.)
This is really difficult to believe but it is true. Most amateur hackers and cyber criminals are teenagers. To them, who have just begun to understand what appears to be a lot about computers, it is a matter of pride to have hacked into a computer system or a website. There is also that little issue of appearing really smart among friends. These young rebels may also commit cyber crimes without really knowing that they are doing anything wrong.
According to the BBC , Teen hackers have gone from simply trying to make a name for them selves to actually working their way into a life of crime from the computer angle. According to Kevin Hogan , One of the biggest changes of 2004 was the waning influence of the boy hackers keen to make a name by writing a fast-spreading virus. Although teenage virus writers will still play around with malicious code, 2004 saw a significant rise in criminal use of malicious programs. The financial incentives were driving criminal use of technology.
Another reason for the increase in number of teenage offenders in cyber crimes are that many of the offenders who are mainly young college students are unaware of its seriousness. Recently the Chennai city police have arrested an engineering college student from Tamil Nadu for sending unsolicited message to a chartered accountant. The boy is now released on bail. So counseling session for college students has to be launched to educate them on the gravity and consequences emanating from such crimes.
In September, 2005, A Massachusetts teenager pleaded guilty in federal court in Boston for a string of hacking crimes reported to include the February compromise of online information broker Lexis Nexis and socialite Paris Hilton's T-Mobile cellular phone account. The US Court noted that the number of teenage hackers is on the rise and only the lowest 1 percent of hackers is caught.
In the above instance, the judge imposed a sentence of 11 months' detention in a juvenile facility. If he had been an adult, he would have faced charges of three counts of making bomb threats against a person or property, three counts of causing damage to a protected computer system, two counts of wire fraud, one count of aggravated identity theft and one count of obtaining information from a protected computer in furtherance of a criminal act. This is clearly a deviation from the traditional principles of criminal law.
b. Organized hacktivists
Hacktivists are hackers with a particular (mostly political) motive. In other cases this reason can be social activism, religious activism, etc. The attacks on approximately 200 prominent Indian websites by a group of hackers known as Pakistani Cyber Warriors are a good example of political hacktivists at work.
c. Disgruntled employees
One can hardly believe how spiteful displeased employees can become. Till now they had the option of going on strike against their bosses. Now, with the increase independence on computers and the automation of processes, it is easier for disgruntled employees to do more harm to their employers by committing computer related crimes, which can bring entire systems down.
d. Professional hackers (Corporate espionage)
Extensive computerization has resulted in business organizations storing all their information in electronic form. Rival organizations employ hackers to steal industrial secrets and other information that could be beneficial to them. The temptation to use professional hackers for industrial espionage also stems from the fact that physical presence required to gain access to important documents is rendered needless if hacking can retrieve those.
Criminal Law – General Principles
According to criminal law, certain persons are excluded from criminal liability for their actions, if at the relevant time; they had not reached an age of criminal responsibility. After reaching the initial age, there may be levels of responsibility dictated by age and the type of offense allegedly committed.
Governments enact laws to label certain types of activity as wrongful or illegal. Behavior of a more antisocial nature can be stigmatized in a more positive way to show society's disapproval through the use of the word criminal. In this context, laws tend to use the phrase, "age of criminal responsibility" in two different ways:
1. As a definition of the process for dealing with alleged offenders, the range of ages specifies the exemption of a child from the adult system of prosecution and punishment. Most states develop special juvenile justice systems in parallel to the adult criminal justice system. Children are diverted into this system when they have committed what would have been an offense in an adult.
2. As the physical capacity of a child to commit a crime. Hence, children are deemed incapable of committing some sexual or other acts requiring abilities of a more mature quality.
The age of majority is the threshold of adulthood as it is conceptualized in law. It is the chronological moment when children legally assume majority control over their persons and their actions and decisions, thereby terminating the legal control and legal responsibilities of their parents over and for them.
But in the cyber world it is not possible to follow these traditional principles of criminal law to fix liability. Statistics reveal that in the cyber world, most of the offenders are those who are under the age of majority. Therefore, some other mechanism has to be evolved to deal with cyber criminals.
Today’s Hackers – Tomorrows Security Analysts
Frank William Abagnale, Jr. is a former check con artist, forger and imposter who, for five years in the 1960s, passed bad checks worth more than $2.5 million in 26 countries. During this time, he used eight aliases — even more to cash bad checks. Currently he runs Abagnale and Associates, a financial fraud consultancy company. His life story provided the inspiration for the feature film Catch Me if You Can.
An Indian teenage hacking expert who has helped global think-tanks and police officials combat computer attackers and digital swindlers is spurning job offers to pursue a degree at the prestigious Stanford University. Ankit Fadia, 18 has crisscrossed India, giving lectures to police departments, software companies, educational institutions and government agencies on how to fight "cyber criminals" and deal with computer viruses.
Fadia, developed his computer skills after spending long hours on the Internet, breaking into Web sites as an "ethical hacker" and then informing companies about their sites' vulnerability. Also, he wants to start his own computer security firm.
Also, Not all hackers are bad. There are certain hackers whose job is to intrude into a software system by evading or disabling security measures and checks how vulnerable the system is to the bad hackers. Ethical computer hacking has come of age in order to stop or pre-empt intruders from messing around with a computer programme. “Financial transactions are the mainstay of banking operations. Banks and other such institutions need to be extra careful of the bad hackers. Ethical hackers do what a hacker does but only to identify the loopholes in software programmes.
Ethics and morality in different circumstances connotes varied and complex meanings. Each and everything which is opposed to public policy, against public welfare and which may disturb public tranquility may be termed to be immoral and unethical.
In the past terms such as imperialism, colonialism, apartheid, which were burning issues have given way to cyber crime, hacking, 'cyber-ethics' etc. Today in the present era there is a need to evolve a 'cyber-jurisprudence' based on which 'cyber-ethics' can be evaluated and criticized. Further there is a dire need for evolving a code of Ethics on the Cyber-Space and discipline.
The Information Technology Act 2000 was passed when the country was facing the problem of growing cyber crimes. Since the Internet is the medium for huge information and a large base of communications around the world, it is necessary to take certain precautions while operating it. Therefore, in order to prevent cyber crime it is important to educate everyone and practice safe computing.
Following Frank William Abagnale & Robert Morris, many other hackers are intending to make use of their skills for better purposes. This trend continues even now where companies as their security analysts hire the brilliant hackers. Also, there is a dire need for evolving a code of Ethics on the Cyber-Space and discipline. In the cyberspace, following traditional principles of criminal law to fix liability is not possible. Since most of the cyber criminals are those who are under the age of majority, some other legal framework has to be evolved to deal with them. Since cyber world has no boundaries, it is a Herculean task to frame laws to cover each and every aspect. But, however a balance has to be maintained and laws be evolved so as to keep a check on cyber crimes.
1. www.gahtan.com/cyberlaw - Cyber Law Encyclopedia
2. Cyber Law and Information Technology by Talwant Singh Addl. Distt. & Sessions Judge, Delhi
3. Cyber Crimes & Real World Society By Lalitha Sridhar
5. World Information Technology And Services Alliance (Witsa) Statement On The Council Of Europe Draft Convention On Cyber-Crime
The author can be reached at: email@example.com