crime type 2 - cybercrime Flashcards
What are some examples of cyber crime? 10 examples
• Malware: viruses and ransomware
• Cryptojacking
• Data breach
• Distributed DoS attacks (DDoS)
• Phishing and spear-phishing
• E-commerce frauds
• Cyberespionage
• Selling illegal items online
• Soliciting, producing, or possessing child pornography.
• Using encrypted apps to organize a robbery
Define cyber dependent
Offences that can only be committed by using a computer, computer networks or other ICT
- spread of viruses
- distributed denial of service attacks (DDoS)
Define cyber enabled
Traditional crimes that are increased In their scale or reach by using a computer, computer networks or other ICT
- phishing emails
- selling drugs on crypto markets
define cyber assisted
To assist the commission of traditional crimes (e.g. to gather information or to communicate)
- use of encrypted apps to communicate between co-offenders
What is malware?
Examples
Software designed to interfere with a computers normal functioning
- blanket term for viruses, trojans and other destructive computer programs
Examples:
- ransomware
- botnets
- Trojans
- worms
What is cryptojacking?
Cryptojacking is the act of hijacking a computer to mine cryptocurrencies against the users will, through websites, or while the user is unaware.
What is data breach?
A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.
What is distributed denial of service attacks?
In a distributed denial-of-service (DDoS) attack, multiple compromised computer systems attack a target and cause a denial of service for users of the targeted resource. The target can be a server, website or other network resource
What is phishing?
The fraudulent practice of sending emails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
What is spear phishing?
While phishing attacks target anyone who might click, spear phishing attacks try to fool people who work at particular businesses or in particular industries in order to gain access to the real target: the business itself
what are e commerce frauds?
when scammers intercept a commercial transaction on a ecommerce store with the goal of personal or financial gain
- also known as payment fraud, in which scammers steal money from either the customer, the merchant or both
what is cyberespionage?
-type of cyberattack in which unauthorised user attempts to access sensitive or classified data or intellectual property for economic gain, competitive advantage or political reasons
- its the intention of stealing data, info, or intellectual property from or through computer systems
why do criminals use encrypted apps?
- encryption allows you to communicate in secrecy through open forum such as computer bulletin boards and internet websites
list 3 types of targets of cybercrime and what type of attacks will affect them
- individual users
- more likely to be victims of minor cyberattacks e.g. online harassment - corporate
- suffer more serious crime e.g. DDos attacks - states
- life threatening attacks against critical infrastructures
list 3 types of cybercrime associated with machines/computers
- crimes against the machine/ computer integrity
- viruses
-DDoS - crime using machines
- phishing - crime in the machine
- illegal pornographic material
how do we measure/ count cybercrime?
- police recorded crime
- victimisation surveys
- vendor databases
why is there underreporting in police recorded crime?
- not perceiving that what had taken place was a crime
- individuals not realising that they are victims of cybercime
- not knowing where to report
- believing that the police cannot do anything
- embarrassment (romantic scams, sexual offending against children, online harassment)
does police recorded crime distinguish between online and offline?
it does not
between 2007 and 2012 how many people were prosecuted for computer misuse act?
- 88 sentenced
- 101 prosecuted
what are 3 key features of the computer misuse act?
- hacking
- creation and distribution of malware
- other instances of computer misuse
what is cybercrime often registered as?
fraud
what are the main vectors of payment fraud?
- phishing
-social engineering
what significantly impacted online fraud?
covid19
what is helping dark web users thrive?
grey infrastructures
what do dark web users use as communication channels or to bypass market fees?
- telegram
-wickr
child sexual abuse material has increased considerably using what?
-social media
-online gaming platforms
- P2P networks
-dark web
what are ransomware programmes doing?
- using supply chain attacks to compromise the networks of large corporations and public institutions and utilise new multi layered extortion methods
why has mobile malware become a scalable business model?
- by introducing overlay attacks, two-factor authentication disruption, and SMS spamming capabilities
what do crime victimisation surveys do?
- focus on organisations or individuals
- focus on the just ‘known’ victimisation
- also capture data about the impact and response of cybercrime : e.g. financial losses, anxiety about future cyberattacks, length of system downtime, repetitional damage
- businesses: might be reluctant to report experience of cybercrime (reputational damage)
what is the most common types of phishing messages?
- delivery companies
- bank building society
- ecommerce company
- government services
where is the most voluminous data on ecrimes found? what are they not?
- from vendors
- these are not surveys
what do vendors data focus on?
give 3 examples
focus on breaches that are technologically measurable by vendor specific software, such as:
- botnet
- spam
-viruses
who is kevin mitnick?
- AKA ‘the condor’
- what he did: hacking into digital equipment corp, pacific bell etc
- sentenced: tot of more than 5 years (8 months in solitary confinement)
-where is he now? hes a cyber security expert, head of mitnick security consulting LLC
who is michael calce?
- AKA mafia boy
- what he did: DDoS attack against yahoo, amazon, dell, ebay and CNN (at age 15, cost $1.2 billion)
- sentence: 8 months in open custody
- where is he now? he’s a writer and own optimal secure, a cybersecurity company
cybercrime equal to offline crime has:
- same motivation as offline crimes
- theories general in conceputalisation
- cyber crime in this instance is just crimes that happen to be online
cybercrime not equal to offline crime is:
- certain cybercrimes require acquiring knowledge/ skills
- e.g. hacking, malware distribution
rational choice theory
- people committing crimes are rational actors
- rational choice theory states that individuals have free will to choose between criminal or non-criminal behaviours
- before committing crime the individuals weigh the costs and benefits of criminal behaviour vs legal behaviour
deterrence theory
deterrence theory is a choice based theory that states people commit crimes when they expected benefits of committing a crime outweigh the likely costs of the crime
routine activity theory and cybercrime
- theory based on the assumption that crime can be committed by anyone who has the opportunity
- cybercrimes rely on computer networks to connect motivated offenders with potential targets of victimisation in an absence of capable guardianship
self control theory
- theory about the lack of individual self control as main factor behind criminal behaviour
-self control is the ability to avoid behaviours whose long term costs exceed immediate rewards - largely associated with many forms of crime, inclduing cybercrime:
i. cyberbullying
ii. cyber harassment
iii. unauthorised computer use
self control theory
- theory about the lack of individual self control as main factor behind criminal behaviour
-self control is the ability to avoid behaviours whose long term costs exceed immediate rewards - largely associated with many forms of crime, inclduing cybercrime:
i. cyberbullying
ii. cyber harassment
iii. unauthorised computer use
social learning theory
what does skinner say
what does bandura say
skinner = behaviours learned through positive and negative reinforcement
bandura = people learn behaviour from role models
social learning in the cyberspace:
-differential association = online and offline friends involved in cyber activities
-steep learning curve = learn coding, procedures
- recognition in virtual communities
neutralisation theory
delinquents use a series of justifications to neutralise their deviant behaviour
- minimising harm
- denial of victim
- denial of responsibility
- condemning the condemners
- appealing to higher loyalties
