Cybercrime

Definitions
Cybercrime "means conduct, with respect to cyber systems. . . ."

Cybercrime "refers to criminal activities that specifically target a computer or network for damage or infiltration and also refers to the use of computers as tools to conduct criminal activity."

Overview
Cybercrime refers not only to criminal activities that specifically target a computer or network for damage or infiltration, but also includes the use of computers as tools to conduct criminal activity such as Internet extortion and Internet fraud. Computers significantly multiply the criminal's power and reach in committing such crimes. Some argue there is no agreed-upon definition for "cybercrime" because "cyberspace" is just a new instrument used to help commit crimes that are not new at all. Cybercrime can involve theft of intellectual property, a violation of patent, trade secret, or copyright laws. However, cybercrime also includes attacks against computers to deliberately disrupt processing, or may include espionage to make unauthorized copies of classified data. These attacks have such colorful names as:


 * spamming
 * phishing
 * spoofing
 * pharming
 * denial-of-service attacks
 * distributed denial-of-service attacks
 * viruses
 * trojan horse
 * worms
 * malware
 * spyware, and
 * botnets.

Cybercrime techniques have characteristics that can vastly enhance the reach and impact of criminal activity, such as the following:
 * Criminals do not need to be physically close to their victims to commit a crime.
 * Technology allows criminal actions to easily cross multiple state and national borders.
 * Cybercrime can be carried out automatically, at high speed, and by attacking a vast number of victims at the same time.
 * Targets often do not realize they have been victimized until much later.
 * Cybercriminals can more easily remain anonymous.

Figure 1 describes and compares cybercrime and traditional criminal techniques.



Cyberterrorism
If a terrorist group were to launch a cyberattack to cause harm, such an act also fits within the definition of a cybercrime. The primary difference between a cyberattack to commit a crime or to commit terror is found in the intent of the attacker, and it is possible for actions under both labels to overlap.

Often it is very difficult to determine if a cyberattack or intrusion is the work of a terrorist organization with the objective of doing harm, or a cybercriminal who wishes to steal information for purposes of monetary gain. Just as terrorists and violent extremists often rely on exploiting vulnerabilities of targets seen as soft and easy to access to support possible future cyberattacks, cybercriminals exploit these same vulnerabilities to gain access to information that may lead to monetary gain.

The proportion of cybercrime that can be directly or indirectly attributed to terrorists is difficult to determine. However, linkages do exist between terrorist groups and criminals that allow terror networks to expand internationally through leveraging the computer resources, money laundering activities, or transit routes operated by criminals.

Implementation of a stronger policy for domestic physical security has reduced the risk to some targets that may have previously been vulnerable to physical attacks. Also, it is suggested by numerous experts that terrorists may be enhancing their computer skills or forming alliances with cybercriminals that possess a high-level of telecommunications expertise. In addition, continuing publicity about Internet security vulnerabilities may encourage terrorists' interest in attempting a possible computer network attack, or cyberattack, against U.S. critical infrastructure.

Extent of cybercrime activities
Cybercrime is a threat to worldwide economic and security interests. Various studies and expert opinion estimate the direct economic impact from cybercrime to be in the billions of dollars annually. The annual loss due to computer crime was estimated to be $67.2 billion for U.S. organizations, according to a 2005 Federal Bureau of Investigation (FBI) survey. A 2007 survey estimated that losses from cybercrime exceeded $100 billion.

The estimated losses associated with particular crimes include $49.3 billion in 2006 for identity theft and $1 billion annually due to phishing. These projected losses are based on direct and indirect costs that may include actual money stolen, estimated cost of intellectual property stolen, and recovery cost of repairing or replacing damaged networks and equipment.

Law enforcement activities
Numerous public and private entities (federal agencies, state and local law enforcement, industry, and academia) have individual and collaborative responsibilities to protect against, detect, investigate, and prosecute cybercrime. The Departments of Justice (DOJ), Homeland Security (DHS), and Defense (DOD), and the Federal Trade Commission (FTC) have prominent roles in addressing cybercrime within the federal government.

DOJ's FBI and DHS's U.S. Secret Service (Secret Service) are key federal organizations with responsibility for investigating cybercrime. State and local law enforcement organizations also have key responsibilities in addressing cybercrime. Private entities &mdash; Internet service providers, security vendors, software developers, and computer forensics vendors &mdash; focus on developing and implementing technology systems to protect against computer intrusions, Internet fraud, and spam and, if a crime does occur, detecting it and gathering evidence for an investigation.

In addition, numerous partnerships have been established between public sector entities, between public and private sector entities, and internationally to address various aspects of cybercrime. For example, the Cyber Initiative and Resource Fusion Unit is a partnership established among federal law enforcement, academia, and industry to analyze cybercrime and determine its origin and how to fight it.

Challenges to addressing cybercrime
Entities face a number of key challenges in addressing cybercrime, including reporting cybercrime and ensuring that there are adequate analytical capabilities to support law enforcement (see table below). While public and private entities, partnerships, and tasks forces have initiated efforts to address these challenges, federal agencies can take additional action to help ensure adequate law enforcement capabilities.



International law
Cybercrime laws vary across the international community. Australia enacted its Cybercrime Act of 2001 to address this type of crime in a manner similar to the U.S. Computer Fraud and Abuse Act. In addition, Japan enacted the Unauthorized Computer Access Law of 1999 to cover certain basic areas similar to those addressed by the U.S. federal cybercrime legislation.

Council of Europe Convention on Cybercrime
Because political or natural boundaries are not an obstacle to conducting cybercrime, international agreements are essential to fighting cybercrime.

On November 23, 2001, the United States and 29 other countries signed the Council of Europe's Convention on Cybercrime as a multilateral instrument to address the problems posed by criminal activity on computer networks.

The Convention on Cybercrime distinguishes between four different types of offences:


 * Offences against the confidentiality, integrity and availability of computer data and systems;
 * Computer-related offences;
 * Content-related offences; and
 * Copyright-related offences.

Nations supporting this Convention agree to have criminal laws within their own nation to address cybercrime, such as hacking, spreading viruses or worms, and similar unauthorized access to, interference with, or damage to computer systems. It also enables international cooperation in combating crimes such as child sexual exploitation, organized crime, and terrorism through provisions to obtain and share electronic evidence. The U.S. Senate ratified this convention in August 2006.