Cybercrime and On-Line Safety in Cyberspace

Home , Internet bot

www.idosr.org Saja ©IDOSR PUBLICATIONS International Digital Organization for Scientific Research. ISSN: 2550-7958. IDOSR JOURNAL OF COMMUNICATION AND ENGLISH 6(1) 47-57, 2021. Cybercrime and On-Line Safety in Cyberspace Saja Bukhari Department of Communication University of the Gambia ABSTRACT Cybercrime is essentially a transnational crime with a ‗modus operandi‘ that exploits interstate differences in the capacity to respond to such crime, and appears in the same company as such powerful global concerns as civil war, genocide and poverty. This transnational character provides cybercriminals, especially organized crime (OC), with the agility to avoid counter-measures even when implemented by capable actors. Although some have questioned the existence of organized criminal activities in cyberspace, several studies have noted the potential and actual synergy between organized crime and cyberspace in recent years. This paper outlines some of the issues and problems in respect to the role of OC in cybercrime. Keywords; Cybercrime, transnational, crime, civil war, genocide and poverty.

INTRODUCTION Information and communications ‗modus operandi‘ that exploits inter-state technologies (ICT) have become a crucial differences in the capacity to respond to element in our day-to-day activities; and such crime, and appears in the same lie at the heart of critical infrastructures company as such powerful global around the world and key components, concerns as civil war, genocide and particularly in the technologically poverty (United Nations 2004 [9]. advanced countries [1, 2, 3]. This is Although there is no definitive list of hardly surprising as the proliferation of what constitutes cybercrime or computer ICT and connectivity of the internet in related crime a consensus has emerged today‘s information age open the door to about what falls within the scope of the increased productivity, faster offences that occur in cyberspace [10]. 1. communication capabilities, and Telecommunications Theft & Illegal immeasurable convenience [4]. Interception 2. Piracy Copyright Theft 3. Unfortunately, our increased dependence Cyber Stalking 4. Electronic money on ICT and the pervasive laundering and Tax evasion 5. Electronic interconnectivity of our ICT infrastructure Vandalism, Cyber-Terrorism, Denial of exposes us to an evolving spectrum of Service, Extortion 6. Sales and Investment cyber-threats [5, 6]. Justice Sidambaram, Fraud, Forgery (Classic Pyramid schemes) District Judge of Singapore's Subordinate 7. Electronic Funds Transfer Fraud and Courts, explained that [w]e live in a Counterfeiting (Carding, Identity Theft world of constant change [7]. Trade and and Misrepresentation) 8. Content Crime technology interact to accelerate the rate - Offensive Materials 9. Espionage 10. of change [8]. Science and technology of Resource Theft - illegal use of personal today may become history tomorrow, computers (PCs) or other digital devices while the knowledge and skills we acquire [11]. Cybercrime ranges across a wide now may fast become obsolete. As a spectrum of activities and behaviors: at result, the current operations in an ever- one end are crimes that involve changing environment are constantly fundamental breaches of personal or faced with new challenges. With the corporate privacy, such as assaults on the arrival of the information age, complex integrity of information held in digital crimes such as computer crimes, phone depositories, identity theft and the use of cloning and other high-technology crimes illegally obtained digital information to have emerged [8]. Cybercrime is blackmail a firm or individual. Midway essentially a transnational crime with a along the spectrum are transaction-based 47

www.idosr.org Saja crimes such as fraud, trafficking in child spectrum are those crimes that involve pornography, digital piracy, money attempts to disrupt the actual workings of laundering, and counterfeiting [12]. These the Internet. These include spamming, are specific crimes with specific victims, hacking, and denial of service attacks but the offender hides in the relative against specific sites to acts of cyber- anonymity provided by the Internet [13]. terrorism by non-state actorsthat is, the Another aspect of this type of crime use of the Internet to affect a nation's involves those that deliberately alter data economic and technological infrastructure for either profit, personal or political and cause public disorder or disturbances objectives. At the other end of the and even death [14, 15,16]. THE THREAT ENVIRONMENT Cyberspace provides criminal actors a also voiced similar concerns. ICT safe haven that enhances their advances have undeniably changed the organisational and operational way criminals conduct their activities, capabilities [17, 18,19, 20]. Information and policing also needs to adapt security and associated laws and policy enforcement strategies that reflect are also less well developed in emerging changes in society. With the increasing economies, thus providing an digitalisation of information, ‗policing environment in which criminal activities will be carried out over a borderless can be conducted at lower risk but still community, rather than within the have an impact on advanced economies confines of national boundaries [23]. In [21]. Such threats are increasingly response to the changing societal important and strategically relevant. For landscape, Grabosky explained new forms example, a 2008 report of the Centre for of policing, involving the harnessing of Strategic and International Studies (CSIS) nongovernment resources, will become Commission on Cybersecurity for the essential. Given the fact that cyberspace 44th Presidency began with a central knows no boundaries, and that computer finding: ‗The United States must treat crime often transcends national frontiers, cyber-security as one of most important effective countermeasures will also national security challenges it faces [22]. require a degree of international co- A 2009 Australian Defence white paper operation which is without precedent [24]. DATA BREACHES Almost every business in developed computer or network intrusions) are a economies makes use of the internet. As cause for concern. According to the data businesses continue to engage in breach investigations conducted by electronic commerce, they will become Verizon Business from 2004 to 2008, for increasingly globalized and example, only 9% of the 90 data breaches interconnected and the level of data being (involving 285 million compromised created by society is set to increase. In records) were attributed to physical terms of the future threat landscape, it is attacks. In the Verizon investigations, argued that the increased variety and hacking is one of the leading causes of volume of attacks is inevitable given data breaches (64% of cases) and transnational crime networks‘ desire to reportedly a favoured technique of obtain personal and confidential cybercriminals, and ‗unauthorised access information [25]. Not all criminal misuse via default, shared, or stolen credentials of computers or digital devices involves constituted more than a third of the hacking since passwords, PIN (personal entire Hacking category and over half of identification numbers) and other all compromised records [11]. The protective codes can be obtained by involvement of OC groups in computer or ‗social engineering‘1 to gain access then network intrusions such as hacking and erase, modify or copy the information to unauthorised access to obtain sensitive suit the needs of their attack [6]. Non- information now emphasises the physical data breaches (e.g. due to importance of large-scale profit-driven

www.idosr.org Saja incentives. As noted by [14], a Senior and private financial gain‖. According to Counsel with the United States court documents, both accused persons Department of Justice‘s Computer Crime (and others known and unknown) & Intellectual Property Section, ‗allegedly participated in a scheme to ‗compromise of credit and debit card steal funds from bank and brokerage account information most often results in accounts by hacking into those accounts the type of identity theft referred to as through the internet, using personal ―account takeover,‖ which involves fraud financial information obtained through on existing financial accounts‘. For computer viruses‘ (United States of example in a recent case in the United America v Alexander Bobnev and Alexey States, two accused persons were indicted Mineev2). The accused persons on charges of ―unlawfully, intentionally, subsequently sent a portion of the stolen and knowingly, acting in interstate and funds to their associates in Russia using foreign commerce‖, via access of a money-remitting services after keeping a computer and ―thereby obtaining portion of the fraud proceeds for information from a protected computer themselves [15]. for the purposes of commercial advantage INTERNET FRAUDS, SCAMS AND PHISHING In online or internet scams, targeting top company executives—also cybercriminals abuse the internet to reach known as ‗spear phishing‘ or ‗whaling‘ in out to potential victims across the globe reference to bigger ‗fish‘ [18]. OC groups by sending unsolicited messages have also been known to use identity purporting to originate from legitimate fraud to either conceal their identities to organisations in order to deceive evade detection and protect their assets individuals or organisations into from confiscation or as an enabler to disclosing their financial and/or personal commit various frauds and other crimes. identity information [4]. Information Internet frauds and scams include obtained from ‗phishing‘ 3 and other ‗advance fee‘ frauds (also known as ‗419‘ illegal means is often for the purpose of cases named after the relevant section of using it to commit or facilitate crimes the Nigerian Criminal Code), online such as financial fraud and identity theft. auction frauds, identity and payment card A 2008 Gartner survey of 4,988 American frauds. These take many forms but adults, for example, indicated that top include, enticements to use your bank causes for financial fraud against account to deposit the plunder of a consumers and payment card frauds are former despot in Africa, administrative data breaches at a retailer, government fees to transfer a huge lottery pay-out (for agency or other, and third party which you strangely cannot remember ‗phishing‘[9]. The biennial KPMG fraud buying a ticket), or the bond money and survey of 420 organisations in Australia advance rent for a non-existent but and New Zealand reported similar reasonably priced apartment suitable for findings. Within the financial services an international student, and so on. Out sector, credit card fraud accounted for 39 of 275,284 complaints to the Internet percent of the value of fraud attributable Crime Complaint Centre in 2008, 26.5% or to external parties. Fraudulent access to 72,940 cases were reported to US law financial services‘ accounts [by adopting enforcement: online auction fraud the identity of the account holder by accounted for 25.5% of the reported cases ‗phishing‘ or ‗Trojan horse‘ attacks over and 16.3% of the total loss; payment card the internet] amounted to 31 percent of fraud accounted for 9% of cases and 4.7% the total value attributable to external of the total loss; and Nigerian advance fee parties [17]. Several researchers and scam accounted for 2.8% of cases and security practitioners have also suggested 5.2% of the total loss. The total monetary the involvement of OC groups in phishing loss from all reported cases of internet scams and messages are increasingly fraud and scams to United States law

www.idosr.org Saja enforcement agencies in 2008 was from the 2007 [14]. US$264.6 million – an increase of 10% MALWARE CREATION AND DISSEMINATION The McAfee ‘s virtual crime report and visits to an infected website. Building indicated that cybercriminals are botnets requires minimal levels of increasingly exploiting vulnerabilities in expertise [22]. Bot malware typically takes software and applying social engineering advantage of system vulnerabilities and to spawn a broad range of threats software bugs or hacker-installed including spyware, phishing, adware, backdoors that allow malicious code to be rootkits4, and botnets. In 2008, Symantec installed on computers without the [20] reported that new malicious code had owners‘ consent or knowledge. increased by 265 percent since 2007 and Compromised computers (also known as 60 percent of all current malicious code bots) are then turned into zombies. The was detected in 2008. Malware5 is shift in motivation from curiosity and software designed to infiltrate, fame seeking to illicit financial gain has compromise security or damage a been marked by a growing sophistication computer system, without the owner's in the evolution of bot malware, as informed consent and includes viruses, illustrated by recent examples of detected worms6, backdoors, keyloggers, and bot malware such as Conficker. Conficker trojans. The 2008 UK Threat Assessment has received a considerable amount of report observed that ‗most new malware media attention, and has been reported to is designed to steal financial data (such as have successfully infiltrated government credit card details, bank account details, networks, home PCs, critical passwords, and PINs) as a precursor to infrastructure, and universities [7]. various frauds and other deceptions‘ [22]. According to analysis of the Conficker An example of information stealing and its variants (Conficker B and C) by malware is keylogging programs that are Sophos and the Malware Threat Centre at designed to monitor user activity SRI International, Conficker was designed including keystrokes. This can then be to provide a secure binary updating used by cybercriminals to steal passwords service that effectively allows the bot or credit card details, which can then be malware designer instant control of used for malicious purposes such as millions of PCs. The design included identity/online fraud. An example of a sophisticated defensive mechanisms such ‗keylogger‘ case was the attempted theft as binary encryption methods and of more than £229m from Sumitomo compiler-level code obfuscation to hinder Matsui Banking Corporation in London. detection by anti-malware software. Three individuals were extradited to the Reverse engineering was made more UK from Belgium and Spain and £1.5m in difficult for investigators analysing the assets was [reportedly] restrained [23]. [7], malware (Porras et al. 2009; Fitzgibbon & estimated that the number of potentially Wood 2009) Compromised computers – malicious threats emerging each month zombies – can then be used as remote increased from roughly 300 to 2,000 attack tools or to form part of a botnet between 2003 and 2005, largely due to under the control of the botnet controller. the growth of bot-malware. [4], an IT According to [3] bot networks accounted security company, noted that an approximately 90 percent of all spam unpatched computer without antivirus email in 2008. A 2008 report by [2] also protection or a firewall would have a 50 stated that ‗the number of compromised percent chance of becoming a zombie zombie PCs in botnets has quadrupled in within 30 minutes of being connected to the last quarter alone and that these are the internet. Bot malware are often capable of flooding the Internet with more surreptitiously forwarded to victims by than 100 billion spam messages per various means, such as via email day … [and] are increasingly switching to attachments, peer-to-peer (P2P) networks, phishing, distributed denial of service

www.idosr.org Saja (DDoS) and website attacks which are company in February 2009 contained 1.9 capable of causing a huge amount of million infected computers including 73 damage and are a growing threat to the government domains [11]. Similarly in the security of nations, the national first quarter of 2009, [10], reported an information infrastructure, and the increase in the number of malicious economy.‘ [14]. Although malware are websites created and ‗sites that host still disseminated using conventional malware—with thousands of new sites tools such as email, cybercriminals have appearing daily‘. They also discovered a turned recently to exploiting browser search engine–optimization ring that plug-in and webserver vulnerabilities. A targeted the top Google search terms to large number of commercial, government, enable the installation of anti-virus university and other high profile and high software. Business, government and traffic websites worldwide apparently individual householders need to be aware may have been successfully compromised of risk mitigation strategies and to allow ‗infection‘ of unwitting visitors implement and update them because with malware. For example in May 2009, search engine optimization will continue the UK regional director of Finjan, an IT to be one of the most sought after attack provider of secure web gateway solutions, vectors by criminals. noted that a botnet discovered by the RESPONSES AND COUNTER MEASURES The threat of cybercrime has given rise to rivalry and organisational pathology a demand for strategies for prevention deemed to exist within some intelligence and control, particularly in the area of OC systems [2]. In our increasingly in cyberspace. Some of the key interconnected world, threats to national approaches reduce opportunities for the security can come from unexpected commission of cybercrime, making such sources and directions. OC and activities more difficult to commit, cybercrime appear to have grown in increasing the risks of detection, volume and impact, and both will enhancing the level and certainty of increasingly affect the financial security sanctions, and reducing the benefits of online business in addition to likely to be derived from committing such continuing to cause social harm to crimes. For example in the context of individuals and social cohesion [6]. The keeping children safe online, international widespread incidence of identity theft, treaties such as the Council of Europe including online theft of virtual identities, (CoE) convention on the protection of for example, is a major challenge since children against sexual exploitation have such theft is a common precursor offence been introduced to deal with child sex that requires a broad-based prevention offences. A recent report, for example, effort [9]. Furthermore, the potential for pointed out that countries, particularly mitigation of transnational cybercrime common law jurisdictions such as lies in effective public-private Australia, Canada, Singapore, United partnerships. The role of public policing States and United Kingdom have agencies will be a necessary but only one introduced online child grooming part of the overall response to cybercrime offences and laws that regulate the [13]. Convincing relevant private sector behaviour of sexual offenders on release actors of the need to cooperate in crime from custody, such as sex offender prevention, and forging regional multi- registration and community notification lateral cooperation between jurisdictions [13]. Anticipating the likely actions of in partnership with the public sector, are transnational criminals and terrorists is a key challenges [17]. The ‗securitisation‘ key role of law enforcement agencies process evokes a crisis-like security (LEAs). The effectiveness of these context in order to permit extra-ordinary responses is debatable given the measures to reduce risk. How this may hierarchical nature of LEAs, inter-agency occur in a multi-lateral context, where

www.idosr.org Saja harmonisation of response to non- illegal purposes and selling/renting traditional security threats is relatively established botnets (networks of novel, is the immediate challenge for compromised computers) to commit or effective control of cybercrime ‗anarchy‘ facilitate criminal activities, could be [23]. Greater knowledge, and the developed to deal with these threats. The recognition of a sense of ‗shared fate‘ in true impact of cybercrime is unknown cyberspace, will quicken the development due to poor detection and under- of multilateral responses and the reporting, but cybercrime prosecutions capability for transnational crime control. involving multiple jurisdictions will be an OC and terrorist groups have also essential response [22]. Because online recognised the value of leveraging offending easily transcends borders easily, information and ICT to facilitate, or numerous territories can simultaneously enhance the commission of crimes, and assert jurisdiction, particularly when an are dynamic in identifying new attack transits multiple jurisdictions with opportunities and ways to overcome different regimes for preserving evidence. counter-measures. Extraterritoriality, the Timely access to evidence located in one notion that cyberspace has no geographic or more foreign jurisdictions may be boundaries has driven the e-commerce difficult or impossible, as it would revolution, but OC also operates online normally require the assistance of under the same free market principles. authorities in the foreign jurisdiction(s), The emergence of an underground who may be unwilling or unable to assist. economy as the source/provider of illicit When the suspect is located abroad, these information may now indicate the level of difficulties are compounded. Countering professionalism and commercialisation the risks of cybercrime is a multi- present in the transnational crime sector. dimensional challenge and requires The illicit enterprise nature of the current effective coordination and collaborative digital underground market is an example. efforts on the part of a wide range of OC activities in cyberspace have serious government and private sector entities. implications for national security, and Achieving some uniformity will be an trends in cybercrime have shown that essential strategy to minimise the risk of attacks are increasingly originating from so-called safe havens and ‗jurisdiction regions where sanctions are often non- shopping‘, in which offenders seek out existent or operate as ‗on-costs,‘ and countries from which to base their enforcement is less robust. The need for activities that have the least severe greater uniformity/harmonisation of punishments or which have currently no cybercrime legislation within Australia extradition treaties. A recent report by the and across the region will become more Commission of the European pronounced as the number of cybercrime Communities [7], for example, highlighted cases increases as forecast [4]. Existing the need to enhance cross-border law legislative regimes, despite attempts at enforcement and judicial cooperation in definitional ‗technical neutrality‘, remain the fight against transnational payment vulnerable in the context of rapidly fraud, and improve the response of the emerging, new generation technologies to UN, Interpol and other international commit crimes [23]. In addition, existing agencies efforts [9]. The level of mutual offence definitions, although technically legal assistance in the China and ASEAN adequate, may be impossible to apply in region is underdeveloped, particularly in practice [3]. For example, in the case of respect to cybercrime, while Internet the prosecution of ‗botnet‘ intrusions, penetration has grown rapidly (Thomas evidence would need to be obtained 2009). China, for example, now has the concerning each of the thousands of largest population online, exceeding the computers that have been compromised – USA. The CoE‘s Cybercrime Convention [5] a gargantuan task. Thus a new offence is an apt model legislation that has been category, such as creating a network for adopted by some Asian jurisdictions (e.g.

www.idosr.org Saja Japan & Philippines) and has been applied. Even for core offences such as influential in the development of new the criminalization of unauthorized laws in Thailand and Indonesia [9]. A access to computers, systems, programs recent review of the legislative coverage and data some countries had yet to enact or criminalisation of cybercrime in Asia8 laws or provide for civil remedy. Despite showed that many gaps continue to exist widespread public alarm only one in the ‗seamless web‘ of laws designed to jurisdiction met the model laws for on- counter cybercrime in the region [10]. line child safety and six countries were Microsoft used the CoE Cybercrime without relevant laws. In short the scope Convention bench-mark, and, noted the of legal countermeasures to common poor compliance with model privacy laws cybercrime offences provide ample and only one jurisdiction met the modest manoeuvre for offenders wishing to ‗opt-out‘ anti-spam regime benchmark exploit cross-border legal loopholes [14].

THEORETICAL PROBLEMS The absence of settled theory about the ‗hackers‘ seeking reputation, or OC interaction of OC with cyberspace is an seeking illicit gain [12]. However, such an impediment to the development of sound assumption in respect to some forms countermeasures. At present, crime cybercrime may be misplaced. There is an prevention practices based on actor absence of evidence-based research about choice (cf. neo-classical deterrence theory) offender behaviour and recruitment in are usually applied with variable effect cyberspace, although learning and [14]. Routine activity theory draws on imitation play important roles [22]. Hence, rational exploitation of ‗opportunity‘ in OC groups cannot be understood from the context of the regularity of human just their illicit activities alone, that is – conduct [14], to design prevention as rational profit-driven networks of strategies, especially where terrestrial criminal actors, since socio-cultural interventions are possible – for example forces play an important role in the in the transit of goods. This approach genesis and sustainability of such groups. assumes criminals are rational and Alternative theoretical approaches that appropriately resourced actors that posit particular offender motives or operate in the context of high-value, pathologies, or the role of social conflict, attractive targets protected by weak have not featured widely in explanations guardians (e.g. ill-managed ISPs and of cybercrime. Early accounts of ‗hackers‘ jurisdictions with weak legal enforcement emphasised individuality and a non-profit of the Internet). An assumption is that OC orientation, but also observed the likely are profit-focused enterprises that seek shift to profit oriented misuse as the out opportunities provided by cyberspace, Internet developed [7]. Indeed the role of and acquire the necessary resources for social learning and offender pathology cybercrime by (inter alia) using has been neglected but may play a delinquent IT professionals and targeting significant role in predisposing some weakly protected computers/networks or actors to criminal activity and risk-taking other digital devices. Consequently, in cyberspace, where anonymity reduces deterrence (increased penalties and social surveillance and self-control [5]. detection) is the preferred policy Hate and so-called ‗content‘ crimes response enhanced by appropriately perpetrated via the Internet may reflect trained police (capable guardians) and social or individual pathologies, and less target ‗hardening.‘ The myriad the exercise of rational choice – although motivations of offenders requires no it may be ‗rational‘ to adopt Internet elaboration in the rational-choice model, strategies of dissemination [7]. and prevention strategies should be as Functionalist approaches assume crime is effective against terrorists using the a normal adaptation to change, and Internet as they would be for individual indeed represents a creative response to

www.idosr.org Saja adversity (usually experienced as understanding and empirical sources different forms of social exclusion) – about these ‗causes‘ with respect to profit cybercrime in this sense is normal, and content forms (e.g. hate crime, child although novel in its form. Thus, the cost pornography etc) of cybercrime. We of suppression of cybercrime may only be therefore propose the following: 1. The achieved by curtailment of the Internet‘s extent of profit-oriented cybercrime will natural advantages, such as low-cost index OC activity in cyberspace, and the connectivity. Another approach is to see more lucrative, the more likely OC rather the rise of certain forms of crime as a than individual offenders will dominate, result of conflict within society and and – the corollary that – content-related disputes about what constitutes ‗real‘ cybercrime will reflect ‗pathology‘ and be crime: here, the criminalisation of an act dominated by individuals rather than OC. represents the exercise of power by elites. 2. Criminal networks operating in Thus, defining behaviour as deviant or cyberspace will tend to be new forms of criminal may represent only sectional OC rather than traditional ‗mafia‘-like interests with little real community groups. Traditional OC will have limited support. For example, the practice of operations and focus on precursor illegally copying digital media without offences such as identity theft or money paying the copyright holders has only laundering. 3. OC operating in been recently ‗criminalised,‘ with cyberspace will trade primarily in the attendant changes to community attitudes, protection of illicit data and information opportunities for criminals and policing (e.g. compromised credit card and practice. [9], noted that in order ‗to identity details) and less likely to be advance criminological theory we need a engaged in systematic fraud/deception- developed theory of action through which related cybercrimes. These propositions we can address causal mechanisms.‘ offer challenging research questions and Functionalist, learning and conflict are conditioned by the way we see explanations, as well as choice theories, cybercrime evolving with the advent of are often applied to explain OC. In the technological and behavioural changes context of cyberspace, we have limited among those who use the internet FUTURE TRENDS

The use of ‗bots‘ is expected to increase information such as bank pins on such in the near future. Botnets are expected to devices. These are expected to become become involved in more sophisticated, the next prime target for attacks [13,18]. targeted attacks and reflects a general The introduction of commercial trend toward more focused hacker attacks appliances linked to the internet (e.g. [10]. While ‗syntactic‘ attacks such as vending machines, gas pumps, ATM‘s) worms and viruses were previously and the increased usage of mobile phones spread to cause disruption and to pay for such products suggests that inconvenience, the use of ‗semantic‘ or this will be the target of malware in the social engineering methods such as future. Other non-PC devices will also be ‗pharming‘ 9 are used to steal personal targeted. This includes routers, switches information that may be used to access and backup devices. Furthermore, real- bank accounts [13]. Therefore OC is time programs such as IM (Instant expected to adopt this activity and take a Messaging) are likely to be increasingly more active role in future high tech crime. targeted in the near future and are rapidly There will be a shift in targets from becoming a major risk vector [19]. There desktop computers to smart devices (i.e. appears to be a trend towards a greater cellular phones, Blackberry‘s) and other emphasis on the development of such internet-linked personal organizers semantic/human intelligence methods partly due to the ordinary user‘s rather than the syntactic measures. This inclination to store confidential is due to semantic methods placing value

www.idosr.org Saja on particular types of information (i.e. obtain information in many cases that credit card information) rather than the technological methods are unable to. This use of syntactic methods to release further illustrates the changing trend viruses and denial-of-service attacks. towards profit-motivated attacks and the Human based social engineering is able to involvement of OC [19]. CONCLUSION A 2007 inquiry into the future impact of collection designed to address the serious and organized crime on Australian following questions: 1.What are the society raised concerns about ‗...the current trends and emerging challenges increasing use of technology, that impact on cyber-security, specifically transnational connections and fluidity of the use of new and emerging technology organized crime groups [that] will make to facilitate and/or commit cybercrime? law enforcement‘s task of policing 2. What is the extent of the shift toward organized crime‘s illicit activities more OC cybercriminal activities and what are difficult‘ [11]. In the inquiry, the the characteristics of OC online activities? Australian Crime Commission ‗...called for 3. What are the best practices in a greater involvement and contribution by responses to cybercrime and the best academia to the body of research ways regulatory agencies can minimise informing Australia‘s policy and the risks of cybercrime? 4. What are the operational choices in fighting organized challenges for LEAs in detecting and crime‘ [12]. The importance of looking prosecuting cybercriminal activities and ahead to future offending in the online what new technologies are needed to environment was highlighted by [4] who, combat cybercrime? 5. What prevention only five years ago, noted that crime in strategies best help individuals and the digital environment was prone to corporations avoid cybercrime risks? rapid change and ‗those who fail to Such an agenda would help fill gaps in the anticipate the future are in for a rude knowledge base about cybercrime, and shock when it arrives.‘ There is need for provide a vital regional perspective. In further research. An urgent research addition, the research enhances greater project would be to launch region-wide collaboration within the international studies of the cybercrime threat community that will allow law environment that aim to address the enforcement agencies, policy makers and impact of OC involvement in cybercrime, other key stakeholders to better the nature of new variants of cybercrime understand and manage potential and the response of regulators. Such cybercrime threats in their jurisdictions, research would need to entail an regions and globally. extensive multi-method approach to data REFERENCES 4. Brenner, S.W. &. B.A. Frederiksen, 1. Australian Government (2002) ‗Computer Searches and Department of Defence. (2009) Seizures: Some Unresolved Issues‘, Defending Australia in the Asia Michigan Telecommunications & Pacific century: Force 2030. Online. Technology Law Review, 8:39. Available 5. Brenner S (2006) ‗Cybercrime 2. HTTP:http://apo.org.au/sites/defa Jurisdiction‘, Crime, Law and ult/files/defence_white_paper_200 Social Change, 46: 189-206. 9.pdf (accessed 31 July 2009). 6. Brenner S (2007) ‗―At Light Speed‖: 3. Brenner, S.W. (2002) ‗Organized Attribution and Response to Cybercrime? How Cyberspace May Cybercrime/Terrorism/Warfare‘, Affect the Structure of Criminal Journal of Criminal Law and Relationships‘, North Carolina Criminology 97:2 379-475. Journal of Law & Technology, 4:1, 7. Broadhurst, R. 2005. International 1-50. Cooperation in Cyber-crime

www.idosr.org Saja Research, presented at the 11th UN the Misuse of Social Networking Congress on Crime Prevention and Sites for Grooming Children for Criminal Justice, Workshop 6: Sexual Offences. Research and ‗Measures to Combat Computer public policy series no. 103. Related Crime‘, Bangkok, April, Canberra: Australian Institute of 2005. Criminology. Online. Available 8. Broadhurst, R & P. Grabosky (2005) HTTP: Computer-Related Crime in Asia: 17. http://www.aic.gov.au/en/publicat Emergent Issues. In Broadhurst, R. ions/current%20series/rpp/101- & P. Grabosky [Eds.], Cybercrime: 120/rpp103.aspx (accessed 31 July The Challenge in Asia, Hong Kong: 2009). The University of Hong Kong Press, 18. Choo KRR, Smith RG & McCusker R. 347-360. (2007) Future Directions in 9. Broadhurst, R G and Chantler, A. Technology-Enabled Crime: 2007- (2006) ‗Cybercrime Update: Trends 09. Research and public policy and Developments‘, In: Expert series no. 78. Canberra: Australian Group Meeting on The Institute of Criminology. Online. Development of Virtual Forum Available HTTP: against Cybercrime Report, June 19. http://www.aic.gov.au/publication 28-30, 2006, Seoul Korea, KICJP & s/current%20series/rpp/61- UNODC, pp. 21-56. 80/rpp78.aspx (accessed 31 July 10. Center for Strategic and 2009). International Studies (CSIS). (2008) 20. Choo, KKR and RG Smith. (2008) Securing 17 Cyberspace for the ‗Criminal Exploitation of Online 44th Presidency. Washington, DC: Systems by Organized Crime Center for Strategic and Groups‘, Asian Journal of International Studies. Criminology, 3:1, 37–59. 11. Chantler A. (1996) Risks, The 21. Cooke E, Jahanian F, McPherson D. Profile of Computer Hackers, PhD (2005) ‗The Zombie Roundup: Thesis, Curtin University, Understanding, Detecting, and unpublished. Disrupting Botnets‘. In: SRUTI‘05 12. Chantler A.N. & R. Broadhurst. Workshop Proceedings. USENIX (2008) Social Engineering and Association, Berkeley CA, pp 35–44. Crime Prevention in Cyberspace‘, 22. Council of Europe. (2004) paper presented to the Korean ‗Summary of the Organized Crime Institute of Criminology, October Situation Report: Focus on 30, 2008, Seoul. Cybercrime‘, Octopus Interface 13. Choo KKR (2007) ‗Zombies and conference: Challenge of Botnets‘, Trends & Issues in Crime Cybercrime, September 15-17, and Criminal Justice, 333. 23. Strasbourg Dandurand Y, Colombo Canberra: Australian Institute of G & Passas N. (2007) ‗Measures and Criminology. Online. Available Mechanisms to Strengthen HTTP: International Cooperation among 14. http://www.aic.gov.au/publication Prosecution Services‘, Crime, Law s/current%20series/tandi/321- and Social Change, 47:4–5, 261– 340/tandi333.aspx (accessed 31 289. July 2009). 24. Felson, M. (1998) Crime and 15. Choo KKR (2008) ‗Organized Crime Everyday Life, New York: Pine Groups in Cyberspace: A Typology‘, Forge Press. Fitzgibbon N & Wood Trends in Organized Crime 11:3, M. (2009) Conficker.C: A Technical 270–295. Analysis. Online. Available HTTP: 16. Choo KRR (2009) Online Child 18 Grooming: A Literature Review on

www.idosr.org Saja 25. http://www.sophos.com/sophos/d ocs/eng/marketing_material/confi cker-analysis.pdf (accessed 31 July 2009).