crime type 2 - cybercrime

Question 1

What are some examples of cyber crime? 10 examples

Answer 1

• Malware: viruses and ransomware
• Cryptojacking
• Data breach
• Distributed DoS attacks (DDoS)
• Phishing and spear-phishing
• E-commerce frauds
• Cyberespionage
• Selling illegal items online
• Soliciting, producing, or possessing child pornography.
• Using encrypted apps to organize a robbery

Question 2

Define cyber dependent

Answer 2

Offences that can only be committed by using a computer, computer networks or other ICT
- spread of viruses
- distributed denial of service attacks (DDoS)

Question 3

Define cyber enabled

Answer 3

Traditional crimes that are increased In their scale or reach by using a computer, computer networks or other ICT
- phishing emails
- selling drugs on crypto markets

Question 4

define cyber assisted

Answer 4

To assist the commission of traditional crimes (e.g. to gather information or to communicate)
- use of encrypted apps to communicate between co-offenders

Question 5

What is malware?
Examples

Answer 5

Software designed to interfere with a computers normal functioning
- blanket term for viruses, trojans and other destructive computer programs
Examples:
- ransomware
- botnets
- Trojans
- worms

Question 6

What is cryptojacking?

Answer 6

Cryptojacking is the act of hijacking a computer to mine cryptocurrencies against the users will, through websites, or while the user is unaware.

Question 7

What is data breach?

Answer 7

A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.

Question 8

What is distributed denial of service attacks?

Answer 8

In a distributed denial-of-service (DDoS) attack, multiple compromised computer systems attack a target and cause a denial of service for users of the targeted resource. The target can be a server, website or other network resource

Question 9

What is phishing?

Answer 9

The fraudulent practice of sending emails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

Question 10

What is spear phishing?

Answer 10

While phishing attacks target anyone who might click, spear phishing attacks try to fool people who work at particular businesses or in particular industries in order to gain access to the real target: the business itself

Question 11

what are e commerce frauds?

Answer 11

when scammers intercept a commercial transaction on a ecommerce store with the goal of personal or financial gain
- also known as payment fraud, in which scammers steal money from either the customer, the merchant or both

Question 12

what is cyberespionage?

Answer 12

-type of cyberattack in which unauthorised user attempts to access sensitive or classified data or intellectual property for economic gain, competitive advantage or political reasons
- its the intention of stealing data, info, or intellectual property from or through computer systems

Question 13

why do criminals use encrypted apps?

Answer 13

• encryption allows you to communicate in secrecy through open forum such as computer bulletin boards and internet websites

Question 14

list 3 types of targets of cybercrime and what type of attacks will affect them

Answer 14

1. individual users
   - more likely to be victims of minor cyberattacks e.g. online harassment
2. corporate
   - suffer more serious crime e.g. DDos attacks
3. states
   - life threatening attacks against critical infrastructures

Question 15

list 3 types of cybercrime associated with machines/computers

Answer 15

1. crimes against the machine/ computer integrity
   - viruses
   -DDoS
2. crime using machines
   - phishing
3. crime in the machine
   - illegal pornographic material

Question 16

how do we measure/ count cybercrime?

Answer 16

• police recorded crime
• victimisation surveys
• vendor databases

Question 17

why is there underreporting in police recorded crime?

Answer 17

• not perceiving that what had taken place was a crime
• individuals not realising that they are victims of cybercime
• not knowing where to report
• believing that the police cannot do anything
• embarrassment (romantic scams, sexual offending against children, online harassment)

Question 18

does police recorded crime distinguish between online and offline?

Answer 18

it does not

Question 19

between 2007 and 2012 how many people were prosecuted for computer misuse act?

Answer 19

• 88 sentenced
• 101 prosecuted

Question 20

what are 3 key features of the computer misuse act?

Answer 20

• hacking
• creation and distribution of malware
• other instances of computer misuse

Question 21

what is cybercrime often registered as?

Answer 21

fraud

Question 22

what are the main vectors of payment fraud?

Answer 22

• phishing
  -social engineering

Question 23

what significantly impacted online fraud?

Answer 23

covid19

Question 24

what is helping dark web users thrive?

Answer 24

grey infrastructures

Question 25

what do dark web users use as communication channels or to bypass market fees?

Answer 25

• telegram
  -wickr

Question 26

child sexual abuse material has increased considerably using what?

Answer 26

-social media
-online gaming platforms
- P2P networks
-dark web

Question 27

what are ransomware programmes doing?

Answer 27

• using supply chain attacks to compromise the networks of large corporations and public institutions and utilise new multi layered extortion methods

Question 28

why has mobile malware become a scalable business model?

Answer 28

• by introducing overlay attacks, two-factor authentication disruption, and SMS spamming capabilities

Question 29

what do crime victimisation surveys do?

Answer 29

• focus on organisations or individuals
• focus on the just ‘known’ victimisation
• also capture data about the impact and response of cybercrime : e.g. financial losses, anxiety about future cyberattacks, length of system downtime, repetitional damage
• businesses: might be reluctant to report experience of cybercrime (reputational damage)

Question 30

what is the most common types of phishing messages?

Answer 30

• delivery companies
• bank building society
• ecommerce company
• government services

Question 31

where is the most voluminous data on ecrimes found? what are they not?

Answer 31

• from vendors
• these are not surveys

Question 32

what do vendors data focus on?
give 3 examples

Answer 32

focus on breaches that are technologically measurable by vendor specific software, such as:
- botnet
- spam
-viruses

Question 33

who is kevin mitnick?

Answer 33

• AKA ‘the condor’
• what he did: hacking into digital equipment corp, pacific bell etc
• sentenced: tot of more than 5 years (8 months in solitary confinement)
  -where is he now? hes a cyber security expert, head of mitnick security consulting LLC

Question 34

who is michael calce?

Answer 34

• AKA mafia boy
• what he did: DDoS attack against yahoo, amazon, dell, ebay and CNN (at age 15, cost $1.2 billion)
• sentence: 8 months in open custody
• where is he now? he’s a writer and own optimal secure, a cybersecurity company

Question 35

cybercrime equal to offline crime has:

Answer 35

• same motivation as offline crimes
• theories general in conceputalisation
• cyber crime in this instance is just crimes that happen to be online

Question 36

cybercrime not equal to offline crime is:

Answer 36

• certain cybercrimes require acquiring knowledge/ skills
• e.g. hacking, malware distribution

Question 37

rational choice theory

Answer 37

• people committing crimes are rational actors
• rational choice theory states that individuals have free will to choose between criminal or non-criminal behaviours
• before committing crime the individuals weigh the costs and benefits of criminal behaviour vs legal behaviour

Question 38

deterrence theory

Answer 38

deterrence theory is a choice based theory that states people commit crimes when they expected benefits of committing a crime outweigh the likely costs of the crime

Question 39

routine activity theory and cybercrime

Answer 39

• theory based on the assumption that crime can be committed by anyone who has the opportunity
• cybercrimes rely on computer networks to connect motivated offenders with potential targets of victimisation in an absence of capable guardianship

Question 40

self control theory

Answer 40

• theory about the lack of individual self control as main factor behind criminal behaviour
  -self control is the ability to avoid behaviours whose long term costs exceed immediate rewards
• largely associated with many forms of crime, inclduing cybercrime:
  i. cyberbullying
  ii. cyber harassment
  iii. unauthorised computer use

Question 41

self control theory

Answer 41

• theory about the lack of individual self control as main factor behind criminal behaviour
  -self control is the ability to avoid behaviours whose long term costs exceed immediate rewards
• largely associated with many forms of crime, inclduing cybercrime:
  i. cyberbullying
  ii. cyber harassment
  iii. unauthorised computer use

Question 42

social learning theory
what does skinner say
what does bandura say

Answer 42

skinner = behaviours learned through positive and negative reinforcement
bandura = people learn behaviour from role models

Question 43

social learning in the cyberspace:

Answer 43

-differential association = online and offline friends involved in cyber activities
-steep learning curve = learn coding, procedures
- recognition in virtual communities

Question 44

neutralisation theory

Answer 44

delinquents use a series of justifications to neutralise their deviant behaviour
- minimising harm
- denial of victim
- denial of responsibility
- condemning the condemners
- appealing to higher loyalties