Computer & Crime

Two fundamental areas :

1. What is computer crime ?

a. The use of computer to carry out or facilitate a criminal offence

b. Control manipulate and use data for illegal purposes.

2. What effects does computer technology have on law enforcement ?

Challenges for Law enforcement

o Cyber crime is usually small and outside routine police duties

o Police gives priority to local cases
o Many cybercrimes are global; apart from child exploitation there's little incentive to
investigate across international boundaries

Classification of crimes

o Computer and networks

o Digital crimes
o Virus used as a tool

o Crimes IN machine, crimes using the machine, crimes against the machines

o Computer dependent versus

Two methods of Classification

A. Traditional crime via computer - computer is the instrument for doing something that can
be done by other means .. Such as ?

i. Sales of illegal articles, pornography, intellectual property, online gambling

ii. Luring, stalking, harassment, some kinds of fraud, identity theft

Such crimes can occur without computers and networks Often involves a "social
engineering" aspect with computers

B. Computer misuse crimes - computers are more centrally involved, perhaps the target
 Computer network is often the target Usually involves…

Unauthorized access , inferences with systems , destruction or altering of data

Theft of data

Phishing

Identity theft

Harassment

Stock market

DDOS bot net

Tangible to intangible carries potential for great harm because the spatial and temporal
constraints of physical world no longer apply

E.g bank robbery

 Physically limited to one single place

 Perpetrator from nearby physical place, identifiable by witness perhaps

Cyber crimes usually not reported by organizations because of the impact on their
reputation

What tool do law enforcement have?

International Efforts

 Council of European Convention on Cybercrime (also known as Budapest Treaty)

o Dealing with infringements of copyright

o Child pornography
o And violation of network security

 Criminal offents under the Treaty:

o Illegal Access - hacking, stealing passwords

o Illegal intersection - pocket sniffing, Man in the middle

o Data interference - damager, deletion, alteration

o System interference - hinder functioning by inputting, altering, deleting data

o Misuses of devices

 Computer related offence

 o Computer related forgery - inauthentic data intending to be used a if authentic for legal
purposes
o Computer-related fraud - causing loss (property, etc.) to another person through
altering/deleting data or interfering with the functioning of a computer, intending to
dishonestly gain benefit

 Content-related offences

o Offences related to child pornography

o Offences related to infringements of copyright and related rights

 Procedural laws - Signatory nations should establish laws aimed at…

o Expedited preservation of stored computer data

o Expedited preservation and partial disclosure of traffic data

o Production orders
o Search and seizure of stored computer data

o Real-time collection of traffic data

o Interception of content data
The use of a computer to carry out or facilitate criminal offence

Use of electronic gadgets to access control or manipulate and use data for illegal purposes

Is a huge challenge to law enforcement:

 Cybercrimes often “small” and outside routine police duties

 Police tend to give priority to local cases i.e. suspects and victims are local … but …
 Many cybercrimes are global; apart from child exploitation there’s little incentive to investigate
across international boundaries
 Recent success in intentional cooperation?
 Note: use of TOR software (can also be used with illicit intent)

Classification of Crimes:

Many definitions of cybercrimes … examples (Target: DOS, Ransomware, Hacking)

 Any crime the involves computers and networks

 Crimes that are somewhat digital
 Crimes where companies are the target versus uses as a tool

Can be used to carry out almost any type of crime

Big problem/challenge` for law enforcements

Some organizations don’t report their crime due to rep

Regulation:

 Physical: Gov can control or regulate in the same way as phone systems, require to be intercept
able
 Code: enables and restricts certain behavior, i.e. blocking software, filters, firewalls etc.
 Content: real space laws regulate cyber space, e.g. speech

International govs must work together for cyber crime

Illegal access: breaking into a system by hacking, stealing password etc

Illegal interception: packet sniffing etc. leading to recovery of actual data

Data interference: damange deletion, alteration etc

System interference: hinder functionality by inputting altering or deleting data

Article 6: misuse of devices

Computer crimes are crimes with computers as instruments e.g. steal info etc.

Examples of crime are: financial crime, online gambling, IP crime, email spoofing

Identity theft, fraud, phishing, spam,

Computer misuse crimes: when computer or network is the target

Usually involve unauthorized access, to computer system/networks, destruction of data

Ex: Trojan attacks, theft of computer system, physical damage, email bombing

Fishing uses mail client not crimeware

Identity theft uses keylogger or Trojan, is crimeware

Stalking uses messaging client, forum, not crimeware

Ddos uses bots is crimeware

Identity theft is against law in Canada, criminal code 342 and bill s-4 created offences 402.1 ..

Tobok lecture:

Threats: • State-sponsored hacking and espionage • Theft of intellectual property • Costs of Cyber
Crime, Trends, Damages and expansion • Organized Crime and Cyber crime • Risk To Corporations

Opportunities & Resilience: • Leverage technology • International cooperation; close loopholes •

Human intelligence; holistic thinking

Costs of cyber crime 2013: $100 billion (Wall Street Journal est.) 2015: $400 billion (Lloyd’s Insurance
est.) By 2019: $2.1 trillion (Juniper Networks est.)

Cost of technology is dropping, cheap to buy malware kits, key loggers, viruses etc

Education and training really important

VENTURELAB Lecture:

Building a thriving and engaging ecosystem is really hard

Step 1:people, putting people first, hiring the proper people

Step 2: innovation: wttmsw: whoeer tried most stuff wins.

Step 3 acknowledgement: WEism

Culture is the game

Community engagement really important: An emotional, vital, innovative, joyful, creative,

entrepreneurial endeavor that elicits maximum **concerted human potential in the wholehearted
pursuit of EXCELLENCE in service of others

Fred Carter

Fred Carter Senior Policy & Technology Advisor Office of the Information and Privacy Commissioner of
Ontario (IPC)

Commissioner Brian Beamish • Appointed by Ontario Legislature • Independent from government •

Oversees 3 privacy & access to information laws

Information privacy refers to the right or ability of individuals to exercise control over the collection, use
and disclosure by others of their personal information • Personally-identifiable information (“PII”) can
be biographical, biological, genealogical, historical, transactional, locational, relational, computational,
vocational or reputational, and is the stuff that makes up our modern identity

Privacy Risks • Fraud and security concerns are inhibiting confidence, trust, and the growth of e-
commerce, e-government • Fears of surveillance and excessive collection, use and disclosure of personal
information by others are also diminishing confidence and use • Lack of individual user empowerment
and control

Principles of Fair Information Practices (FIPPs) • Based upon the 1980 OECD principles: 1. Collection
limitation • Informed consent 2. Data quality 3. Purpose specification 4. Use limitation 5. Security
safeguards 6. Openness 7. Individual participation • Individual access and challenging compliance 8.
Accountability