What is Cybercrime?
It's complicated. Cybercrime cannot be described by any one word. Just like crime as we know it, cybercrime has many different applications and can occur anytime and anyplace. Identity thieves and other criminals use several different methods, depending on how much they know and what their objective is. Cybercrime is 'crime' involving some sort of a 'computer' or 'cyber' factor.
The Council of Europe's Cybercrime Treaty uses the term 'cybercrime' to identify offenses ranging from criminal activity against data to content and copyright infringement [Krone, 2005]. Others [Zevar-Geese, 1997-98] have stated that the definition is not that confined and include fraud, unauthorized access, child pornography, and cyberstalking. The United Nations have authored the Manual on the Prevention and Control of Computer Related Crime and they include fraud, forgery, and unauthorized access [United Nations, 1995]. Obviously cybercrime comes in many different packages and different types of cybercrime are going to require different defences if your computer is going to be safe.
Internet security software giant Symantec draws from the various definitions of cybercrime and define it as 'any crime that is committed using a computer or network, or hardware device'. Symantec says that 'the computer or device may be the agent of the crime, the facilitator of the crime, or the target of the crime'. The cybercrime may occur just on the computer or in addition to other places. To help us understand this complex group of crimes, Symantec has divided it into two categories and they are Type I and Type II cybercrime
Type I cybercrime contains the following properties:
Typically it is a single event (in the mind of the victim). An example would be when a victim downloads a Trojan horse, without knowing it, and then the horse installs a keystroke logger into his or her machine. Or the victim could receive an e-mail that carries a link to a supposed known entity, but instead it is a link to a hostile website. Type I cybercrime is often enabled by crimeware programs like keystroke loggers, viruses, rootkits or Trojan horses. Software flaws or vulnerabilities will usually provide the anchor that the identity thief/criminal is looking for. An example would be a group of criminals having control of a website and then taking advantage of a vulnerability in a Web browser that would allow them to place a Trojan horse on an un-suspecting persons computer. Type I examples include but are not limited to phishing, theft or manipulation of data services by way of hacking or viruses, identity theft, and bank or e-commerce fraud.
Type II cybercrime includes, but is not limited to cyberstalking and harassment, child predation, extortion, blackmail, stock market manipulation, complex corporate spying and planning/carrying out terrorism. The properties of Type II cybercrime are a set of circumstances etc. that are an on-going series of events where there are repeated interactions with the target. One example is a target being contacted on a social networking site or chat room and because of the calculated time and effort of the criminal, a relationship is formed. Inevitably the target is exploited in a criminal manner. Another example is a group of identity thieves, terrorists or other criminals using hidden messages to communicate in a public forum to plan activities or discuss money laundering locations. Type II cybercrime is usually enabled by programs that are not classified as crimeware where conversations may take place using IM (instant messaging) or files may be shared using FTP.
The Council of Europe's Cybercrime Treaty uses the term 'cybercrime' to identify offenses ranging from criminal activity against data to content and copyright infringement [Krone, 2005]. Others [Zevar-Geese, 1997-98] have stated that the definition is not that confined and include fraud, unauthorized access, child pornography, and cyberstalking. The United Nations have authored the Manual on the Prevention and Control of Computer Related Crime and they include fraud, forgery, and unauthorized access [United Nations, 1995]. Obviously cybercrime comes in many different packages and different types of cybercrime are going to require different defences if your computer is going to be safe.
Internet security software giant Symantec draws from the various definitions of cybercrime and define it as 'any crime that is committed using a computer or network, or hardware device'. Symantec says that 'the computer or device may be the agent of the crime, the facilitator of the crime, or the target of the crime'. The cybercrime may occur just on the computer or in addition to other places. To help us understand this complex group of crimes, Symantec has divided it into two categories and they are Type I and Type II cybercrime
Type I cybercrime contains the following properties:
Typically it is a single event (in the mind of the victim). An example would be when a victim downloads a Trojan horse, without knowing it, and then the horse installs a keystroke logger into his or her machine. Or the victim could receive an e-mail that carries a link to a supposed known entity, but instead it is a link to a hostile website. Type I cybercrime is often enabled by crimeware programs like keystroke loggers, viruses, rootkits or Trojan horses. Software flaws or vulnerabilities will usually provide the anchor that the identity thief/criminal is looking for. An example would be a group of criminals having control of a website and then taking advantage of a vulnerability in a Web browser that would allow them to place a Trojan horse on an un-suspecting persons computer. Type I examples include but are not limited to phishing, theft or manipulation of data services by way of hacking or viruses, identity theft, and bank or e-commerce fraud.
Type II cybercrime includes, but is not limited to cyberstalking and harassment, child predation, extortion, blackmail, stock market manipulation, complex corporate spying and planning/carrying out terrorism. The properties of Type II cybercrime are a set of circumstances etc. that are an on-going series of events where there are repeated interactions with the target. One example is a target being contacted on a social networking site or chat room and because of the calculated time and effort of the criminal, a relationship is formed. Inevitably the target is exploited in a criminal manner. Another example is a group of identity thieves, terrorists or other criminals using hidden messages to communicate in a public forum to plan activities or discuss money laundering locations. Type II cybercrime is usually enabled by programs that are not classified as crimeware where conversations may take place using IM (instant messaging) or files may be shared using FTP.