Thursday, July 10, 2008

Cyber Crime

The rapid growth of the Internet and of Computer technology over the past few years has led to the growth of internet related crimes throughout the world. These crimes have no boundaries and may affect an individual, his property, an organization or society at large. Many organizations have been losing their customers, time and money due to their vulnerability to hacking,

Cyber crime may be defined in a general way as an unlawful act wherein the computer is either a tool or a target or both. Cyber crimes can be categorized as follows:

Ø Unauthorized access to computer systems or networks: It means any person who secures access or attempts to secure access to a protected system.

Ø Email bombing: It refers to sending a large amount of emails to the victim resulting in victim’s email account or mail server crashing.

Ø Data didding: This kind of an attack involves altering the raw data just before it is processed by a computer and then changing it back after the processing is completed.

Ø Salami attack: This attack is used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed.

Ø Internet time theft: This connotes the usage by an unauthorized person of the Internet hours paid for by another person.

Ø Logic bomb: This is event dependent program. This implies that this program is created to do something only when a certain event (known as a trigger event) occurs.

Ø Virus / worm attack: Virus is a program that attach it selves to a computer or a file and then circulate it selves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it.

Implications for public policy makers

United Nations, in its International Economic report, suggested that the government in each country has to establish laws that criminalize cyber attacks and enable police to adequately investigate and prosecute such activities. They should also set up risk management policies, regularly review security regulations for information and communication technology and expand training to ensure that their economies have the human resources needed to establish and maintain effective security programs. International, technical and policy co-operation between industrialized and developing countries should be encouraged and supported since all will benefit from better defenses against cyber crime.

It focuses on the challenges posed for the world’s poorer nations by accelerating use of the internet in the conduct of international business and finance. 89% of the enterprises in the European Union countries are connected to the internet. There are few enterprises in the developing countries, for instances, only 5% of firms in Mauritius and 9% in Thailand. In many other developing countries, governments cannot even provide statistics on the topic.

The United States formulated an Act called “Computer fraud and abuse Act in 1984 to deal specifically with unauthorized use of computers and the alteration and destruction of the records they contain both in the domestic as well as its international businesses. This Act prohibits use of a computer to transmit a program or command which damages a computer system or network or interrupts the use of cyber system, trafficking in passwords to US government computers and the use of computer or internet to transmit passwords with the intent to defraud.

The council of Europe’s convention on cyber crime is a collective response by members of the council of Europe (45 states) and some non-member states to the challenge of cyber crime. The convention aims to lay down common definitions of certain criminal offenses and to define common types of investigative powers better suited to the information technology environments by ensuring that relevant criminal procedures are brought into line between countries. It also aims at determining both traditional and new types of international cooperation, to enable cooperating countries to put in place arrangements for the investigation and prosecution of the offenses set forth by the convention, including the use of a network of permanent contacts.

While cyber security technology may vary in sophistication from country to country, they have to provide effective defenses against cyber crime without eroding individual privacy and other human rights. Government policy makers should exchange experiences and establish international modes of co-operations to help in training police, state prosecutors and the judiciary on cyber crime technology and they should share experiences on educating the public about data security measures. Finally governments need to set up methods of co-operation with the private sector including banks to combat cyber crime. They can create a legislative framework and set a benchmark for the courts to decide what constitutes a cyber crime and how to control or impose punitive action against those who involve in such an act.

Implications for International business practitioners

A three-pronged strategy can be adopted by the international business practitioners to control cyber crimes. The first one is to create user awareness and make them know how vulnerable and exposed they are, especially in the wake of convergence of technologies and the proliferation of Internet. The second one is to deploy an effective technological solution, which many companies treat as top most priority, though it is not so. The third one is that companies should have a security policy of their own, as technology only plays a small role in the overall security scenario. The IT manager in the company should only deploy the policy. There should a liberal sharing of forensic technology for achieving standardization of expert efforts. There should also be more cross-country training exchange programmes. Timely alerts should be provided by affected companies to others regarding new forms of crime and new modus operandi.

There are several other recommendations that need to be considered by the firms in high-tech sector. Disruption, denial of service and website defacements will continue to be problems but exploitation of access to information systems for profit is likely to become more pervasive. The trend towards accessing business highlighting security holes and offering one’s service for a significant fee would reduce the problem to an extent.

Criminal intelligence analysis needs to be integrated fully into business intelligence, risk assessment needs to incorporate criminal threats and cyber security needs to be conceptualized as part of a broader security problem that cannot be understood or dealt with in strictly technical terms. Defending against such contingencies requires that high-tech firms develop broad security programs that incorporate cyber security into a much broader program. An arrangement in which the security officer is responsible for cyber security as part of a comprehensive mandate is likely to be more effective and appropriate than one in which cyber security is seen as a distinct portfolio separate from other components of security.

For the high-tech businesses, it is perhaps even more important to know their partners especially when they are from another country. Questions need to be asked about their financing, their clients and their associates as well as the extent to which there are laws against cyber crimes. Thorough background checks are essential prior to allowing any joints of data and communication systems or to bringing in their representatives to work with one’s own employees.

Companies doing business on the internet and particularly those offering mechanisms to facilitate financial transactions need to take steps to identify opportunities for money laundering. Once this is done, they need to introduce safeguards to close loopholes and prevent money laundering.

References:

Organized crime and cyber crime: implications for business
Phil Williams, CERT Coordination centre

UNCTAD press release, 2005
“Developing countries must take steps to fight cyber crime to benefit form boom in e-business”

35 comments:

芥末 said...

良言一句三冬暖,惡語傷人六月寒。 ..................................................

香蕉哥哥 said...

裸體寫真全裸美女圖片色情訊息黃色圖片自拍裸體圖片sex裸露圖片18限85cc a片台灣色情網站免費色情圖一夜激情聊天情色聊天室限制級爆乳女優作愛巨乳學院性愛情慾陰脣一夜情下體網愛聊天鹹濕做愛自拍成人圖庫成人影城性關係視訊情人性影片觀賞裸照淫美成人論壇av寫真自拍裸女貼圖av圖情色性愛貼圖成人vcdsexy辣妹視訊聊天色情視訊淫婦台灣情色論壇丁字褲貼圖免費a片影片淫蕩女人live show男女做愛火辣妹妹激情網愛聊天美女裸照免費色情網站

冠宇 said...

破解色情守門人成人色情電影院線上免費色情短片色情動畫影成人色情動畫成人電影秀亞洲線上免費成人電影性片免費狂看性交線上免費影片性免費小說網性美女做愛性美女遊戲性教影片性教學影片性感乳房影片性感做愛電影性感援交妹性感電影性感劍士性愛a片免費試看性小遊戲幸愛影片姓愛圖貼亞洲線上免費電影亞洲線上免費影片其色制聊天室咆哮入口咆哮老鼠網咆哮鼠85cc聊天室情色視訊情色視訊

欣盈 said...

I do like ur article~!!!..................................................

惠蘋 said...

Joy shared with others are more enjoyed.......................................................

士嬌 said...

一夜情視訊網際論壇一夜激情聊天室一對多美女視訊一對一視訊一對一視訊聊天一對一視訊辣妹妹影音視訊聊天室一本道 a片 東京熱avdvd影片一本道 a片 東京熱av免費影片一本道 a片 東京熱免費成人影片觀賞一本道 a片 東京熱成人圖片區亞洲禁果名模影城甜心寶貝直播貼片玩美女人視訊網美女短片免費試看視訊交友網50024彩虹avdvdsex888免費看影片亞亞 dvd 光碟百事免費av視訊聊天網免費線上 aa 片試看85CCsex貼片網s383情色大網咖熟女自拍sex免費成人影片情境坊歡愉用品 視訊泳裝秀拓網交友免費成人影片,104免費成人情色文學小說視訊主播脫衣秀gogo2sexplus28論壇米克綜合論壇聊天室交友av成人網g8mm 視訊壞朋友論壇視訊美女msvt中部人聊天室視訊網愛聊天室網路援交168論壇辣妹貼圖新竹援交38ga片下載

志平 said...

haha~ funny! thank you for your share~ ........................................

GeraldF_Rotter雅慧 said...

I do like ur article~!!!...................................................

LoganO_Kellam1 said...

辛苦了!祝你愈來愈好!.............................................

M12aeganT_Moe12 said...

志不立,天下無可成之事。.............................................

CharitaA_Reese said...

不願彎腰撿拾一根針的人,永遠不值得一塊錢。 ....................................................

BlakeR_采男 said...

Undertake no more than you can perform. ............................................................

姵Roman潔 said...

The more haste, the less speed. ............................................................

冠儒俊鑫 said...

能猜得出女人真實年齡的男人也許耳聰目明,但肯定毫無大腦。哈哈!..................................................................

芸茂 said...

很期待新的內容,支持你.................................................................

文群文群 said...

知識可以傳授,智慧卻不行。每個人必須成為他自己。.................................................................                           

于庭 said...

人不能像動物一樣活著,而應該追求知識和美德............................................................

雲亨雲亨雲亨 said...

人生是故事的創造與遺忘。............................................................

ToryO_Viss鈺雯er0316 said...

晚上好,很喜歡你的blog哦.....................................................

佩璇佩璇 said...

Share and share alike.............................................................

LoydD_Motter11嬌潔 said...

相逢即是有緣~~留個言問候一聲,祝您平安順利............................................................

亞賴童h吳賴慧迪童能方童典 said...

聰明的人喜歡猜心 雖然每次都猜對了卻失去了自己的心............................................................

林柏毅林柏毅 said...

Some people cannot see the wood for the trees.............................................................

dawsonfelicia張君dawsonfelicia均 said...

死亡是悲哀的,但活得不快樂更悲哀。. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

雅俊芬凱陳許 said...

河水永遠是相同的,可是每一剎那又都是新的。. . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

ToryO_Vis建銘 said...

人應該做自己認為對的事,而不是一味跟著群眾的建議走。..................................................

秀吉秀吉 said...

來拜訪囉~部落格很棒^^~幫你推個文............................................................

惠宛佳桂 said...

成熟,就是有能力適應生活中的模糊。............................................................

群育航學 said...

如果你批評他人。你就沒有時間付出愛......................................................................

允黃淑 said...

來幫你衝一下人氣,捧個人場囉~~..................................................................

王辛江淑萍康 said...

絕不要羞於承認自己不知道的事。..................................................

幸平平平平杰 said...

我來湊熱鬧的~~^^ 要平安快樂哦..................................................

孫邦柔 said...

如果你批評他人。你就沒有時間付出愛......................................................................

洪勳劉耀德劉耀德華 said...

吾錯吾錯...我平時都好鐘意用呢d~而家學多好多~thx+0+......................................................

瑰潼 said...

文章不求沽名釣譽,率性就是真的............................. ....................................