Introduction to

Cybercrime & Cyberlaw

Institute of Accountancy Arusha

Cybercrimes and
Cybercriminals
◼ There have been many stories in the
media about computer crime.
◼ Sometimes hackers have been
portrayed as “heroes”
◼ Perceptions about hacking and
computer crime are changing because
of increased dependency on the
Internet for our infrastructure.

Institute of Accountancy Arusha

A "Typical" Cybercriminal
◼ Many people (e.g. Parker 1998) believes that
typical computer hackers tend to exhibit three
common traits:
◼ Maturity (Precociousness);
◼ Curiosity;
◼ persistence.
◼ Many people conceive of the typical computer
hacker as someone who is a very bright and
technically sophisticated, young person.

Institute of Accountancy Arusha

A Typical Computer Criminal
(continued)
◼ It is noteworthy to carefully distinguish
between hackers, as nonprofessional or
"amateur" criminals, and professional
criminals.
◼ Stereotypical computer hackers, unlike most
professional criminals, are not generally
motivated by greed.
◼ Hackers seem to enjoy the "sport of
joyriding," another characteristic that
allegedly distinguishes stereotypical hackers
from professional criminals.
Institute of Accountancy Arusha
A Typical Computer Criminal
(continued)
◼ Many computer criminals have been company
employees, who were formerly loyal and
trustworthy and who did not necessarily
possess great computer expertise.
◼ Some employees have been tempted by flaws
in computer systems.
◼ So in this case, opportunity more than
anything else seems to have been the root
cause of many individuals who have been
involved in computer crimes.
Institute of Accountancy Arusha
A Typical Computer Criminal
(continued)
◼ If Forester and Morrison (1994) are
correct, at least three categories for
typical computer criminals are needed:
◼ 1. (amateur) teenage hackers;
◼ 2. professional criminals;
◼ 3. (once/current) loyal employees who
are unable to resist a criminal
opportunity presented by cyber-
technology.
Institute of Accountancy Arusha
Some Notorious
Cybercriminals
◼ Kevin Metnick: “Public Cyber-enemy No. 1” (1995);
◼ Robert Morris and the "Internet Worm” (1988);
◼ Onel de Guzman and the ILOVEYOU Virus (2000);
◼ "Mafia Boy" and the Cyber-Attacks on E-commerce
Sites (2001);
◼ "Dimitri" and Microsoft Corporation (2000);
◼ "Curador" and Identity Theft (2000);
◼ Notorious Hacker Cults;
◼ Chaos" ;
◼ The Legion of Doom“;
◼ The Cult of the Dead Cow."
◼ The Anonymous
Institute of Accountancy Arusha
Hacking vs. Cracking
◼ Can any Relevant Legal Distinctions Be
Drawn?
◼ Computer criminals are often referred
to as hackers.
◼ The term "hacker" has taken on a
defamatory meaning.

Institute of Accountancy Arusha

Hacking vs. Cracking
(continued)
◼ Himanen (2001) notes that the term "hacker"
originally applied to anyone who
"programmed enthusiastically" and who
believed that "information sharing is a
powerful positive good."
◼ A hacker as an "expert or enthusiast of any
kind."
◼ Note that a hacker need not be a computer
enthusiast.
◼ e.g., someone can be an astronomy hacker.

Institute of Accountancy Arusha

Hacking vs. Cracking
(continued)
◼ The Hacker Jargon File defines a "cracker" is
one "who breaks security on a system."
◼ Crackers often engage in acts of theft and
vandalism, once they have gained access.
◼ Some use the expressions white hat and
black hat to distinguish between the two
types of hacking behavior.
◼ “White hat hackers" refers to "innocent" or non-
malicious forms of hacking, while "black hat
hackers" refers roughly to what we described
above as "cracking."
Institute of Accountancy Arusha
Hackers and the Law
◼ Courts and juries understand very well
distinctions in crimes involving breaking and
entering into property in physical space.
◼ A person who picks the lock of a door handle, or who turns
an unlocked door handle but does not enter someone's
house, would not likely receive the same punishment as
someone who also turns enters that person's house.
◼ A person who illegally enters someone's house only to snoop
would probably not receive the same punishment as
someone who also steals items or vandalize property, or
both.

Institute of Accountancy Arusha

Defining Cybercrime
◼ When is a crime a computer crime?
◼ The problem of criteria.
◼ Are all crimes involving the use or
presence of a computer necessarily
computer crimes?
◼ Is a murder committed with a surgeon’s
scalpel an issue for medical ethics or
just an ordinary crime.

Institute of Accountancy Arusha

Defining Cybercrime
(continued)
◼ Some crimes have involved technologies
other than computers, but we do not have
separate categories of crime for them?
◼ For example, people steal televisions; but we don't
have a category of television crime.
◼ People also steal automobiles but we don't have a
category of automobile crime.

Institute of Accountancy Arusha

Determining the Criteria
◼ Consider three hypothetical scenarios:
◼ Scenario 1: Lee steals a computer device
(e.g., a printer) from a computer lab;
◼ Scenario 2: Lee breaks into a computer lab
and then snoops around;
◼ Scenario 3: Lee enters a computer lab that
he is authorized to use and then places an
explosive device, which is set to detonate a
short time later, on a computer system in the
lab.
Institute of Accountancy Arusha
Determining the Criteria
(continued)
◼ Each of the acts described in these three
scenarios is criminal in nature.
◼ But should they necessarily be viewed as a
computer crime or cybercrime?
◼ Arguably, it would not have been possible to
commit any of these specific crimes if
computer technology had never existed.
◼ But the three criminal acts can easily be
prosecuted as ordinary crimes involving theft,
breaking and entering, and vandalism.
Institute of Accountancy Arusha
Preliminary Definition of a
Computer Crime
◼ Forester and Morrison (1994) defined a
computer crime as:
◼ a criminal act in which a computer is used as the
principal tool.
◼ This definition rules out a computer crimes
the crimes committed in the three scenarios.
◼ Forester and Morrison's definition of
computer crime might seem plausible.
◼ But is it adequate?

Institute of Accountancy Arusha

Preliminary Definition of
Computer Crime (continued)
◼ Consider the following scenario:
◼ Scenario 4: Lee uses a computer to file a
fraudulent income-tax return.
◼ Arguably, a computer is the principal tool
used by Lee to carry out the criminal act.
◼ Has Lee has committed a computer crime?
◼ But Lee could have committed the same
crime by manually filling out a standard
(hardcopy) version of the income-tax forms
by using a pencil or pen.
Institute of Accountancy Arusha
Towards A Coherent Definition
of Computer Crime
◼ Girasa (2002) defines "cybercrime" as a
generic term covering a multiplicity of crimes
found in criminal code or in legislation having
the "use of computer technology as its central
component."
◼ What is meant by "central component?"
◼ Was a computer a central component in Lee's
cheating in filing out the income tax return?
◼ Is Girasa's definition of cybercrime an
improvement over Forester and Morrison’s?
Institute of Accountancy Arusha
Towards a Coherent Definition
of Cybercrime (continued)
◼ We can define a (genuine) cybercrime as a
crime in which:
◼ the criminal act can be carried out only through
the use of cyber-technology and can take place
only in the cyber realm. (Tavani, 2000)
◼ Unlike Forester and Morrison's definition, this
one rules out the three scenarios involving
the computer lab as genuine cybercrimes.
◼ It also rules out the income tax scenario.

Institute of Accountancy Arusha

Genuine Cybercrimes
◼ If we accept the working definition of
cybercrime proposed by Tavani (2000),
then we can sort out and identify
specific cybercrimes.
◼ We can also place those crimes into
appropriate categories.

Institute of Accountancy Arusha

 Three Categories of
Cybercrime
1. Cyberpiracy - using cyber-technology in unauthorized ways to:
a. reproduce copies of proprietary software and proprietary information, or
b. distribute proprietary information (in digital form) across a computer
network.

2. Cybertrespass - using cyber-technology to gain or to exceed unauthorized access to:

a. an individual's or an organization's computer system, or

b. a password-protected Web site.
3. Cybervandalism - using cyber-technology to unleash one or more programs that:
a. disrupt the transmission of electronic information across one or more
computer networks, including the Internet, or
b. destroy data resident in a computer or damage a computer system's
resources, or both.
Institute of Accountancy Arusha
Examples of the Three
Categories of Cybercrime
◼ Consider three actual cases:
1. Distributing proprietary MP3 files on the Internet
via peer-to peer (P2P) technology;
2. Unleashing the ILOVEYOU computer virus;
3. Launching the denial-of-service attacks on
commercial Web sites.
◼ We can use our model of cybercrime to see
where each crime falls.

Institute of Accountancy Arusha

Categorizing specific
Cybercrimes
◼ Crimes involving the distribution of
proprietary MP3 files would come under the
category of cyberpiracy (category i).
◼ The crime involving the ILOVEYOU or "love
bug" virus clearly falls under cybervandalism
(category iii).
◼ The denial-of-service attacks on Web sites
falls under the heading of cybertrespass
(category ii), as well asunder category (iii); it
spans more than one cybercrime category.
Institute of Accountancy Arusha
Distinguishing Cybercrimes
from Cyber-related Crimes
◼ Many crimes that involve the use of cyber-
technology are not genuine cybercrimes.
◼ Crimes involving pedophilia, stalking, and
pornography can each be carried with or
without the use of cybertechnology.
◼ Hence, there is nothing about these kinds of
crimes that is unique to cybertechnology.
◼ These and similar crimes are better
understood as instances of cyber-related
crimes.
Institute of Accountancy Arusha
Cyber-related Crimes
◼ Cyber-related crimes could be further divided
into two sub-categories:
◼ cyber-exacerbated crimes;
◼ cyber-assisted crimes.
◼ Thus, crimes involving cyber technology could
be classified in one of three ways:
◼ Cyber-specific crimes (genuine cybercrimes);
◼ Cyber-exacerbated crimes;
◼ Cyber-assisted crimes.

Institute of Accountancy Arusha

Cyber-exacerbated vs. Cyber-
assisted crimes
◼ Further differentiating cyber-related crimes
into two sub-categories enables us to
distinguish between a crime in which one:
◼ (a) uses a personal computer to file a fraudulent
income-tax return, from
◼ (b) crimes such as Internet pedophilia and
cyberstalking.
◼ In (a), a computer assists the criminal in a
way that is trivial and possibly irrelevant.
◼ In (b), cyber-technology plays a much more
significant (exacerbating) role.
Institute of Accountancy Arusha
Figure 7-1: Cybercrimes
and Cyberrelated Crimes
Cybercrimes Cyberrelated Crimes

Cyberspecific Cyberexacerbated Cyberassisted

Income-tax cheating
Cyberpiracy Cyberstalking (with a computer)
Cybertrespass Internet Pedophilia Physical assault with
Cybervandalism Internet Pornography a computer
Property damage
using a computer
hardware device
(e.g., throwing a
hardware device
through a window)
Institute of Accountancy Arusha
Organized Crime on the
Internet
◼ Career criminals, including those involved in
organized crime, are now using cyberspace to
conduct many of their criminal activities.
◼ Gambling and drug trafficking have moved to
an Internet venue.
◼ Scams related activities involving Internet
have increased.
◼ These kinds of crimes tend to receive far less
attention in the popular media than those
perpetrated by teenage hackers.
Institute of Accountancy Arusha
Organized Crime on the
Internet (continued)
◼ Racketeering-related crimes, regardless of
where and how they are committed, are
often considered "old-style" crimes.
◼ New forms of hacking-related crimes, on the
other hand, tend to “grab the headlines.”
◼ Some cyber-related crimes carried out by
professionals may be undetected because
professional criminals do not typically make
the same kinds of mistakes as hackers, who
often tend to be amateurs.
Institute of Accountancy Arusha
Organized Crime on the
Internet (continued)
◼ By focusing on the activities of amateur
hackers our attention is often diverted away
from crimes committed in cyberspace by
professional criminals.
◼ Unlike hackers, professional criminals do not
seek technological adventure; they are less
likely to get caught since their skill are better.

Institute of Accountancy Arusha

Law Enforcement Techniques
to Catch Cybercriminals
◼ Law-enforcement agencies, in addition to
placing wiretaps on phones, have used
electronic devices to detect and track down
professional criminals.
◼ Controversial technology known as keystroke
monitoring software.
◼ Keystroke monitoring records every key
struck by a user and every character of the
response that the system returns to the user.

Institute of Accountancy Arusha

Law Enforcement Techniques
(continued)
◼ Keystroke-monitoring software can trace the
text included in electronic messages back to
the original sequence of keys and characters
entered at a user's computer keyboard.
◼ This technology is especially useful in tracking
the activities of criminals who use encryption
tools to encode their messages.
◼ Systems for monitoring voice communication
are also present to track down criminals
Institute of Accountancy Arusha
Law Enforcement Techniques
(continued)
▪ Entrapment on the Net – inducing a person to
commit a crime
▪ Industrial espionage - profiting from spying
someone else's trade secret.

Institute of Accountancy Arusha

National and International
Efforts to Fight Cybercrime
◼ Problems of jurisdiction arise at both
the national and international levels.
◼ Girasa (2002) points out that
jurisdiction is based on the concept of
boundaries, and laws are based on
"territorial sovereignty."
◼ Cyberspace has no physical boundaries.

Institute of Accountancy Arusha

Jurisdictional Problems in
Cyberspace
◼ Hypothetical Scenario: Virtual Casino.
◼ Suppose it is legal to gamble on-line in
Tanzania but not in USA.
◼ A Tanzanian resident “visits” a gambling
Web site, whose server is in USA.
◼ If the Tanzanian resident “breaks the
law,” in which state did the crime take
place?
Institute of Accountancy Arusha
Jurisdictional Problems in
Cyberspace (continued)
◼ Hypothetical Scenario: International Law
Suits Involving Microsoft Corporation.
◼ Suppose that Microsoft Corporation develops
and releases, globally, a software product
that is defective.
◼ The defect causes computer systems using it
to crash under certain conditions.
◼ These system crashes, in turn, result both in
severe disruption and damage to system
resources.
Institute of Accountancy Arusha
Jurisdictional Problems in
Cyberspace (continued)
◼ What legal rights should consumers and
organizations who purchase this
product have in their complaint against
Microsoft?
◼ In the U.S. and other developed
countries there are strict liability laws.
◼ But certain disclaimers and caveats are
often issued by manufacturers to
protect themselves against litigation.
Institute of Accountancy Arusha
Microsoft Scenario (Continued)
◼ Suppose that several countries in which
Microsoft has sold its new product also
have strict liability laws.
◼ Should Microsoft Corporation be held
legally liable in each country in which its
defective product has been sold?
◼ Should that corporation then be forced
to stand trial in each of these countries?

Institute of Accountancy Arusha

Microsoft Scenario (Continued)
◼ In the case involving the ILOVEYOU Virus, several
nations wanted Onel Guzman extradited to stand trial
in their countries.
◼ Using the same rationale, perhaps it would follow
that Microsoft should stand trial in each country
where its defective product caused some damage.
◼ If Microsoft were forced to stand trial in each of
these countries, and if the corporation were to be
found guilty in these nations' courts, the economic
results for Microsoft could be catastrophic.

Institute of Accountancy Arusha

Legislative Efforts to Com-
bat Cybercrime in the U.S.
◼ The USA Patriot Act authorizes unannounced
"sneak and peek" attacks by the government
on individuals and organizations that it
suspected of criminal activities.
◼ The FBI intended to plant a "Trojan horse,"
code named "Magic Lantern," on the
computers of citizens it suspected of crimes.
◼ With this program, the government could use
"keystroke logging" to obtain encryption keys
for the computers of alleged criminals.
Institute of Accountancy Arusha
International Treaties
◼ The Council of Europe (COE) has considered
some ways for implementing an international
legal code that would apply to members of
the European Union.
◼ On April 27, 2000 the Council released a first
draft of an international convention of "Crime
in Cyberspace."
◼ In May 2000, the G8 (Group of Eight)
Countries met to discuss an international
treaty involving cybercrime.
Institute of Accountancy Arusha
International Treaties
(continued)
◼ The Council of Europe released its first draft
of the COE Convention on Cybercrime.
◼ A recent draft of that treaty addresses four
types of criminal activity in cyberspace:
◼ Offenses against the confidentiality, availability;
and integrity of data and computer systems;
◼ Computer-related offenses (such as fraud);
◼ Content-related offenses (such as child
pornography);
◼ Copyright-related offenses.

Institute of Accountancy Arusha