Cybercrimes

The lack of a universal, or even generalizable, definition of terrorism has complicated both academic and government inquiries into the phenomenon.  Obfuscated by ideological, cultural, or political agendas, conceptualizations of terrorism or terrorist activities may be characterized as localized reactions to situational or historical cultural events.  In the wake of the Terror Attacks of 9/11, a virtual plethora of discussions, publications, and legislation was evidenced in the United States, including, but not limited to, the passage of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001.  Commonly known as the U.S.A. Patriot Act, the legislation was originally introduced by Representative Frank Sensenbrenner (R – Wisconsin), and incorporated provisions of two earlier anti-terrorism bills (Public Law 107-56).  While the Act brought together disparate House committees (e.g. Education and the Workforce; Transportation and Infrastructure; Armed Services; Financial Services; International Relations; Energy and Commerce; and, the Permanent Select Committee on Intelligence), it neither led to a universally accepted definition nor a greater understanding of the potentiality of the Internet as a terrorist tool.  Even those that acknowledged the emerging threat associated with technology concentrated too heavily on the web as a mechanism of destruction.  Such characterizations, originally deemed implausible or fantastical, presented scenarios equivalent to a cyber-apocalypse or a digital Pearl Harbor. 
The globalization of commerce, information, and communications has created a technological house of cards.  As those in legitimate society have increasingly employed the medium to conduct business, disseminate research findings, store sensitive information, and communicate with others; those in illegitimate society have increasingly exploited the vulnerabilities associated with such interconnectivity.  For individuals, potential areas for victimization include: data theft, identity fraud, computer damage, and stalking and harassment.  While the costs associated with such activity can be both financial and emotional, they are largely individualized.  For corporation, threats include: disruption of commerce or communication; extortion; theft or destruction of intellectual property or trade secrets; loss of consumer confidence; and, theft or destruction of funds or commodities.  Costs and prevalence of such victimization have significantly increased in recent years, with targeted companies experiencing an average loss of nearly $6 million a year (Ponemon Institute 2011).  The consequences associated with cybercrime involving corporations are farther reaching than those resulting from crimes experienced by individuals, and an attack may significantly impact the lives and livelihoods of both consumers and employees.  However, neither individual nor corporate cases reach the level of significance of those attacks that may be directed at a nation’s security, infrastructure, or military.   
Discussions of a “digital” or “electronic” Pearl Harbor began in earnest in 1998, when Richard A. Clarke, the National Security Council’s Senior Director and National Coordinator for Security, Critical Infrastructure, and Counter-Terrorism, presented a fantastical scenario where multiple system failures occur in a single day .  These included: multiple computer failures at military bases across the world; a massive blackout in San Francisco; telephone outages across Miami and New York; and, widespread failure of personal pagers, airline reservation systems, and automatic teller machines.  Such an occurrence, he stated, would be more catastrophic than Pearl Harbor.  As such, he encouraged proactive measures to prepare for the giant tsunami coming (Madsen 1998).   
The cataclysmic events portended by Clarke have not yet been realized, and both scholars and governments remain divided on the potentiality of a catastrophic disruption of communication, commerce, and government services and systems.  By focusing almost exclusively on the Internet as a trigger for terrorist attacks, both traditional and contemporary definitions have obscured other, perhaps more insidious, uses of the Internet.  That is not to suggest, however, that such conceptualizations should be entirely discounted.  Recent events in Iran and Estonia have certainly demonstrated that the medium may be employed as a mechanism of attack, but operationalization of the term must also recognize the utility of the web as a facilitator.  In fact, the interconnectivity of the web perfectly complements the amorphous structure and the media-centric nature of contemporary terrorist organizations which most often use the medium for propaganda, recruitment, fund-raising, dissemination of information, and justification.  In this regard, the Internet may be most appropriately characterized as a force multiplier and agility enabler that connect geographically disparate individuals and entities by affecting situational awareness.  Thus, emergent definitions must include both recognition and discussion of the Internet as a multipurpose terrorist tool – one which is increasingly important in the Digital Age.

""
In our daily life, economic activities, and national security highly depend on stability, safely, and resilient cyberspace. A network brings communications and transports, power to our homes, run our economy, and provide government with various services.
However it is through the same cyber networks which intrude and attack our privacy, economy, social life in a way which is harmful. Some scholars have interestingly argued that, “in the Internet nobody knows you are a dog”.  This raises some legal issues and concerns.
This paper presents important issues on the Security, Prevention, and Detection of Cyber Crime. The paper consists of four parts in Romanic Numbers.
In Part I, the attempt here is simply to familiarize the reader with a careful understanding of the Cyber Crimes. The author will trace back the meaning, history, and types of Cyber Crimes
In Part II, one has to know the concept of Cyber Security; this will include meaning, background, types if any and important of Cyber Security.
Part III will explain on Cyber Prevention and Detection the same will include meaning and history, Cyber Prevention and Detection Methodologies and Legal Instruments.
And Part IV, Personal Assessment basically in Tanzanian Laws.
""

The increasing threats of increasingly complex and frequent attacks make awkward a strong defensive position. Recent serious data breaches, such as those of the US Government Human Resources (OPM) department, have made headlines and the demand for better security has increased. As a result, today's decision makers demand better protection.
In the face of new daily cyber threats, IT experts fear violations and the destruction or manipulation of data. This leads to significantly increased expenditure. According to Gartner's research, the data security market will exceed $ 1, 000, 000, 000.00 by 2019.

In this environment, a new technology based on artificial intelligence and machine training emerges that is redefining device protection - and thus, security.

With the use of predictive and predictive techniques to detect attacks before they are executed and outside the system architecture, artificial intelligence is much more than just a technical innovation, it is a paradigm shift of philosophy and understanding.

Artificial Intelligence (AI) as a subfield of computer science performs cognitive skills such as learning, planning, or problem-solving in computer systems.

Apresentação destinada a um Seminário na disciplina "Cibercriminalidade" do Mestrado em Direito e Informática da Escola de Direito da Universidade do Minho, no dia 19 de maio de 2023, o qual tenho lecionado desde 2012.
Uma versão anterior servira de apoio uma aula da disciplina "Direito e Segurança Informática" do Mestrado em Segurança Informática da Universidade de Coimbra, no dia 2 de dezembro de 2022.

The following paper explores the main resolutions of the EU since the break of the millennium regarding Cyber-related issues, estimates whether they have a practical sense or only a declaratory nature, and lays out some observances regarding these decisions.

One of the key advantages of additive manufacturing (AM) is its digital thread, which allows for rapid communication, iteration, and sharing of a design model and its corresponding physical representation. While this enables a more efficient design process, it also presents opportunities for cyber-attacks to impact the physical word. In this paper the authors examine potential attack vectors along the Additive Manufacturing process chain. Specifically, the effects of cyber-physical attacks, and potential means for detecting them, are explored. Based on the results of this study, recommendations are presented for preventing and detecting cyber-physical attacks on AM processes.

The criminalization of cybercrime is dependent on national sensitivities and implementation, even though cybercrime exhibits a transnational character. The Council of Europe Convention on Cybercrime [2001. ETS No. 185, Council of Europe, Explanatory Report to the Convention on Cybercrime. 23. XI.2001, ETS – No.185. Budapest] does not specify general provisions of substantive criminal law, such as provisions on the minimum age of criminal responsibility (MACR). Therefore, determining this necessary element of culpability – the MACR for cybercrime – has been left to the choice of the States parties to the Convention. At the moment, the MACRs set by the States parties differ widely. Consequently, discrepancies between national laws have the potential to hinder international cooperation against cybercrime and to create criminal safe havens for perpetrators who are below the MACRs. This paper seeks to analyse the problem for cybercrime enforcement caused by the MACR and to develop suitable criteria against which provisions on MACRs for cybercrime should be judged.

Sexting is a new term used in Cyberpsychology. The term sexting was first used in 2005 by the Daily Telegraph, to unify the terms "sex" and "texting" and became an official word in 2009. In the present paper we have tried to define the term. It is highlighted that it is a recent phenomenon in the world of psychology. We have discussed the term sexting and sexting addiction in the light of available literature. We have concluded that sexting is one subdivision of Cyberpsychology and with the growing literature on the area, more epidemiological research in the future should be done to explain these mechanisms.

Czech: Příspěvek se věnuje aktuální problematice nahrávání a sdílení filmů ze strany drobných " pirátů " a otázce legálnosti sledování těchto autorských děl uživateli. Smyslem příspěvku je zprostředkovat pohled z právní praxe panující v České republice a přiblížit, jakým důsledkům čelí drobní " piráti " v trestním a civilním řízení, a to se zaměřením na způsob vyčíslení odškodnění požadovaného ze strany filmových distributorů.

English: The paper focuses on the current issue of "petty piracy" related to movie uploading and sharing and deals with the legality of watching this copyright material by users. The main aim of the paper is to provide a view of legal practice in the Czech Republic and to present the consequences of illegal activities for "pirates" in criminal and civil proceedings, focusing on the methods for calculation of compensation requested by film distributors.

The Internet has become an integral part of the life and business. It has contributed to a change in society, significant impact on business, manufacturing, service industry, government services, critical infrastructure, security setup and other fundamental aspects of modern society. Mobile technology, Internet, cloud computing and advances in networking through fourth and fifth generation technology has brought everything on the palmtop. With the advancement in the technology, more use and reliability on the Internet in various businesses and government services has contributed to the increase in cybercrime. Criminals are harnessing the Internet for committing the crime. Economic gain is the primary motive to commit the crime. Now, cyber economic crimes are the significant portion of the cyber crimes in India. Cyber crimes and cyber economic crimes are increasing at an alarming rate in India. Mumbai, being a financial capital, accounts for more number of cyber economic crimes in India. While responding to the new phenomenon of the cyber economic crime, traditional criminal justice system is facing various challenges. Technical, Operational, Legal, and Human resource are main four types of challenges that all the stakeholders of the criminal justice system facing while dealing with cybercrime

The requirement for a collaborative effort to achieve a common set of security standards for use by entities that process, store or transport voter data. -More than 350,000 voting machines are used in the Unites States today in over 42 States (VerifiedVoting 2017). The rise in the use of electronic mediums has posed great concern for those voting and those running for office. In 2016, the State of Florida reported the targeted attempts by Russian hackers to infiltrate and manipulate electronic voting in as much as 67 elections offices. As well reporting from additional sources that as many as voter database compromises across 21 states and forensics discovery at attempts by hackers to infiltrate the networks of voting equipment vendors, local election boards, political parties and email and social media accounts for candidates.  The industry and cyber security community has not discovered a process to protect the most democratic process in the world to date – Voting remains a target held at risk. 2018 Elections are critical to moving the U.S. forward to recovery - Feel free to reach out if you need support or have any additional questions.

The password is the most widely used identity verification method in computer security domain. However, due to its simplicity, it is vulnerable to imposters. A way to strengthen the password is to combine Biometric technology with password. Keystroke dynamics is one of the behavioural biometric approaches which is cheaper and does not require any sophisticated hardware other than the keyboard. The chapter uses a new feature called Virtual Key Force along with the commonly extracted timing features. Features are normalized using Z-Score method. For feature subset selection, Particle Swarm Optimization wrapped with Extreme Learning Machine is proposed. Classification is done with wrapper based PSO-ELM approach. The proposed methodology is tested with publically available benchmark dataset and real time dataset. The proposed method yields the average accuracy of 97.92% and takes less training and testing time when compared with the traditional Back Propagation Neural Network.

Cyber crime is a worldwide problem, with a global reach. Cyber crimes do not respect national boundaries, and so can be sent to and from anywhere in the world. Many reports, mostly by cyber security firms, regularly release information ranking the different nations in terms of top cyber crime output, broken down into varying cyber crime types. However, little has been done to classify nations according to separate cyber crime typologies using any multivariate methods. Instead, reporting is descriptive and unidimensional. The present research sought to fill this gap by conducting K-means clustering analysis on a sample of 190 countries using seven dimensions of cyber crime ranging from malware, fraud, spam, and digital piracy, as well as measures of GDP and internet use. The findings determined that nations can be broken down into four distinct categories based on cyber crime activity: low cyber crime countries, non-serious cyber crime countries, advance fee fraud countries, and phishing scam countries. The implications of these findings and the directions for future research are discussed. ________________________________________________________________________

The migration of crime to cyberspace has become an increasingly important policy challenge for Tunisia. National authorities need to adapt their regulations and organizational structures to face new threats that arise from the prevalence of internet in daily life. The sharp rise of cybercrime in Tunisia has rendered national law enforcement efforts obsolete in responding adequately to this unprecedented transnational challenge. Tunisia's fight against cybercrime is a crucial item on the country's current security sector reform agenda, and it is being hindered by the legal, structural, and financial challenges presented here. Tunisian policymakers should strengthen the Tunisian cyber-framework to ensure a more secure cyberspace.

In this age of information and technology, Internet plays the pivotal role for the exchange of huge amount of information. It influences not only all spheres of human life but also all age groups of man. Even if the internet has changed our society fundamentally, the information over internet is not free from any illegal access or harm. Thus the security and safety of information has become the major challenge of the present time. With the rapid growth of users, the cyber crime cases are also increasing and are not restricted by any geographical limitations or national boundaries in the world. Over the past few years India has witnessed many cyber crime cases. And it is a matter of great concern as it has direct negative impact on economic and social lives of people. Our research work is based on the quantitative analysis of cyber crime cases under the IT Act and Indian Penal Code in top vulnerable states and cities in India. Further the cyber crime cases committed by the people of different age group have been analyzed. And along with the description of different motives of cyber crime activities and the offences, the important remedial measures have been suggested that need to be taken to minimize the cyber crime cases.

The European Cyber Crime Centre, EC3, established under the umbrella of Europol, started operations on January 1 2013. It is to act as the focal point in the fight against cybercrime in the European Union. Using a “shared, cross-community approach” the EC3 is concluding partnerships with member states, European agencies, international partners and the private sector. This article describes the coming about of EC3 and its efforts to address cybercrime. Furthermore, the article is an attempt to assess the growing role of the European law enforcement community on the European security scene, this not least in view of the EC3’s mandate to conclude strategic agreements with a fairly high degree of autonomy.

If we start from the concept: “Forensic Computer is the science of extracting data so that it can be presented as evidence in a court of law” (Albert J. Marcella, 2007), in the process of extraction is important the recovery, examination and analysis of digital evidence; the recovery should be logical and physical starting from the identification of the type of partition, the identification of hidden drives. In the above process “investigation and examination”, the using of tools to recover deleted information that is related to the case is necessary, These tools must be standardized for proper information security, each disk drives a record of the data in each cluster, when a file is deleted, the reference to that file is removed from the record but the data is not actually delete from the disk (Casey, 2003). In all storages devices, external and internal the data will remain on the disk indefinitely, even when a deleted file is overwritten if the new file does not take up the entire cluster, for this reason a portion of the old file might remain in the slack space. When collecting the entire contents of a computer, a bitstream copy copies what is in slack space and unallocated space, whereas a regular copy does not, bistream copy duplicates everything in a cluster. (Casey, 2003) According to (Schweitzer, 2003) the proper forensic analysis the first step is to collect computer evidence, image is one of the first procedure to be carried out after the contents of the computer’s memory have been copied and preserved, the imaging process is nondestructive to the data and some cases not require the operating system.

Today, social engineering techniques are the most common way of committing cybercrimes through the intrusion and infection of computer systems. Cyber security experts use the term “social engineering” to highlight the “human factor" in digitized systems, as social engineering attacks aim at manipulating people to reveal sensitive information. In this paper, we explore how discursive framings of individual versus collective security by cyber security experts redefine roles and responsibilities at the digitalized workplace. We will first show how the rhetorical figure of the deficient user is constructed vis-à-vis notions of (in)security in social engineering discourses. Second, we will investigate the normative tensions that these practices create. To do so, we link work in STS on the politics of deficit construction to recent work in critical security studies (CSS) on securitization and resilience. Empirically, our analysis builds on a multi-sited conference ethnography during three cyber security conferences as well as an extensive document analysis. Our findings suggest a redistribution of institutional responsibility to the individual user through three distinct social engineering storylines – “the oblivious employee”, “speaking code and social”, “fixing human flaws”. Finally, we propose to open up the discourse on social engineering and its inscribed politics of deficit construction and securitization and advocate for companies and policy makers to establish and foster a culture of cyber in/security and corporate responsibility.

ABSTRACT In this paper we present the information security awareness rate of students in Kyrgyz Republic, where there is a rapid pace of formation and development of the information society. The survey was conducted with a sample of 172 students from different departments of the university. Our research study showed that despite the huge number of reports about computer crimes in the web, the knowledge about cybercrime is quite low and students are mostly not aware of many aspects of computer crime. Analysis was done to determine dependence of information security awareness rate on computer literacy rate and the education field of students. We conclude that although information technology is of wide usage, the information security topics need to be taught to prevent them from becoming victims of cyber crime.

The growth and development of cybersecurity jobs and careers have created a need for new skilled faculty that can effectively teach the appropriate content to students at all levels. Often instructors are hired based on their academic credentials and professional experience without the use of assessment and faculty development methods to discover if these instructors can teach effectively or even improve the way they teach. Effective instructors have the ability constructively adjust teaching approaches when students are excelling or struggling based on skillful observation and constant assessment. If a student learns something with great ease, perhaps that approach would be of benefit to others. Part of what helps novices develop expertise here is their explicit attempt to understand how and why something works for students. The implementation and use of microteaching can provide a quality improvement approach to help cybersecurity instructors on all levels improve their ability to...

The opportunities afforded through digital and communications technologies, in particular social media, have inspired a diverse range of interdisciplinary perspectives exploring how such advancements influence the way we live. Rather than positioning technology as existing in a separate space to society more broadly, the ‘digital society’ is a concept that recognises such technologies as an embedded part of the larger social entity and acknowledges the incorporation of digital technologies, media, and networks in our everyday lives (Lupton 2014), including in crime perpetration, victimisation and justice. In this article, we explore potential for an interdisciplinary concept of digital society to expand and inspire innovative crime and justice scholarship within an emerging field of ‘digital criminology’.

The hotel industry has been one of the most spirited industries especially in the 21st century. The hotel industry is the servicing business conducting another important branch in the economic development of the country. It is acknowledged that the hotel industry brings a high returns to the country. Most of the research has been done in other states of India. None of the study had been covered up in the Northern side of Rajasthan [Jaipur State]. Most of the research had been done on the basis of primary data in various sectors. None of the study had been covered up to find out the customer satisfaction inside the hotel industry in Marriott Hotel. This research has cover up respondents of Marriott Hotel with indication to satisfaction level in the services of the hotel industry. This research has been an insight into the mind of the consumer, with the help of which the organizations has become conscious of their pitfalls and in turn can also make improvements in the services regarding the level of satisfaction of the consumers towards their offerings. The basic need of this project was to know the "Satisfaction" amongst the respondents, with regard to "MARRIOTT HOTEL" services and its products.

The article discusses the concept of cyberbullying and its most common symptoms. The article also presents the possibilities of legal prosecution of such behavior. Polish police statistics will be used to show the level of risk of cyberbullying among adolescents. The paper will evaluate the awareness of secondary school students on behaviors associated with cyberbullying.

Anomalous a grey hat hacking group was suspected of hacking into the computers of the Office of Personnel Management (OPM). Because of the OPM hack, millions of government employees' background investigation information that OPM collects to ensure US government can trust its employees

От манипулацията на телефонните сигнали до "социалния инженеринг" - първите страници в историята на компютърната престъпност.
В сборника "Наръчник на следователя: Престъпления с висока обществена опасност", изд. Камара на следователите в България, София, 2019

Resumo: Num Estado de Direito, a luta política entre os vários grupos, que defendem ou atacam interesses de classe, económicos, profissionais, geracionais, de género, ou outros, embora regulada, é uma constante. Governos, empresas e cidadãos, individulamente ou em grupo, lutam pelos seus objectivos estabelecendo relações de poder. Os media sempre tiveram um papel instrumental neste contexto e o novo media do séc. XXI – o ciberespaço – não é excepção. As características estruturais e funcionais deste instrumento criaram novas condições para a mobi-lização e participação políticas, reavivando a crença na acção libertadora da téc-nica. Por outro lado, nenhuma outra tecnologia promoveu tanta concentração de poder nas grandes empresas da indústria digital, ou criou semelhantes condições para a vigilância activa dos cidadãos por parte dos Estados. Este artigo reune algumas reflexões sobre a importância do ciberespaço como dimensão de poder. Abstract: The political struggle among groups defending or attacking class, economic, professional, generational, gender or any other interests, although regulated, is a constant. Governments, businesses and citizens, individually or as a group, fight for their porpuses by establishing relations of power between them, the media had always played an instrumental role with this regard and the new media of the 21st century – the cyberspace – is no exception. The structural and 1 Entregue: 2.3.2015; aprovado: 30.5.2015.

Tras años de trabajo, estudio e investigación, “Hackeados” llega al público.

Un libro que, a diferencia del resto de los escritos por abogados, no está dirigido a otros abogados, sino al resto de los ciudadanos.

En un lenguaje accesible, desprovisto de tecnicismos y con tintes humorísticos, expone cuáles son algunos de los peligros a los que nos enfrentamos día a día en el universo 2.0.

Incluye un capítulo específico con decenas de consejos y recomendaciones esenciales de ciberseguridad para prevenir ser víctimas de un delito en nuestro hogar.

Luego de advertir y concientizar, el último fragmento del libro incorpora una guía que responde a las preguntas “¿qué, cómo y dónde denunciar?”, cuáles son los tipos penales previstos por la legislación argentina actual, un anexo con ejemplos de casos reales y habituales de intentos de estafas virtuales y un tutorial paso a paso para protegernos de hackers en nuestras redes sociales.

Más que un libro, Hacheados es una guía de concientización y prevención del ciberdelito.

The Coronavirus (COVID-19) crisis is having a massive impact globally with a rapid spread across the globe. Which made the World Health Organization declare it a pandemic. COVID-19 has prompted countries to adopt new behaviors such as social distancing, remote work and the closure of some important businesses and sectors. At the same time, the White Berets are doing their best to absorb the epidemic. However, while white hats protect people, black hats are taking advantage of the situation, leading to the spread of a cybersecurity pandemic.
Organizations have had to adapt to the demand for remote work quickly and at scale. Many have been forced to renovate their physical offices and policies set up in a panic to enable employees to work from home without the necessary training or well-made arrangements. Most of these companies and organizations have no plans on the ground to facilitate this radical and sudden change within a short period.
In fact, only 38% of companies have a cybersecurity policy. By moving to an online environment, organizations and companies around the world have implemented a "work from home" (WFH) business model that increases attack vectors and risks to internal data.
It is noteworthy that WFH has become the new normal for people all over the world. In most scenarios, this refers to requiring employees to use their personal devices and home networks, which are often inherently insecure and lack the required security standards. [1]
The pandemic has created a formidable challenge for companies around the world. The IT they have long relied on—data centers, clouds, departmental servers, and the digital devices their remote employees use to stay connected to each other and to company data—is becoming more important. Overnight, the demands placed on digital infrastructure skyrocketed. [3]
The paper presents cybersecurity attacks during the time of the COVID-19 pandemic, and a lot of information has been collected from the World Health Organization (WHO), trusted organizations, news sources, official government reports and available research articles. The paper then categorizes cybersecurity attacks and threats in the COVID-19 period and provides recommendations and countermeasures for each type. This paper discusses cybersecurity attacks and their countermeasures and reports on ongoing cybersecurity attacks and threats in this time period. Moreover, it is also a step towards analyzing the efficiency of the state's infrastructure as well as the social behavior of hackers and criminals at the time of the pandemic. [2]

User training and awareness is often touted as the strongest tool to resist cyberattacks, as users are often the primary attack vector used to gain access to environments (Thomas J. E., 2018). However, sometimes attackers have overwhelming knowledge and resources making them virtually unstoppable. The Office of Personnel Management (OPM) data breech was one of the most significant data breaches of 2015 (Fruhlinger, 2018). The OPM is responsible human resource management US Government (McGettigan, 2018). This breach affected some 20 million people (Brendan, 2016).