Ransomwareis quite an unpopular type of internet-based crime because itsperpetrators mainly target institutions. However, it is significantbecause it involves the exchange of large sums of money. This type ofoffense occurs when cyber criminals hack the systems owned bydifferent organizations (such as schools, companies, law enforcementagencies, and local authorities) and lock or encrypt the most crucialdocuments (FBI, 2016). These criminals demand a lot of money torelease the locked documents since they understand their significanceto the affected organizations. Ransomware is a type of malware thatis used by people with technical knowledge in computer-relateddisciplines. These people can target documents that will cripple theorganizations by disrupting their daily operations and subjectingthem to the risk of financial loss, in case they do not give theransom. The FBI reported that ransomware incidents are increasinglybecoming sophisticated with time, which makes prevention quitedifficult (FBI, 2016).
Cyberterrorism has also become an issue of concern in the modern world.Although terrorism has been taking place for many years, even beforethe discovery of the internet, the new technology has made it easyfor terror groups to identify security gaps and soft targets. Theseterror groups can penetrate the existing security systems, identifytheir weaknesses, and plan their attacks (FBI, 2016). This type ofcrime may include a wide range of activities depending on one’sunderstanding of the term terrorism. These activities may range fromhacking of complex security systems to sharing of simple propagandavia the internet. Therefore, any activity that is carried out on theweb, with the objective of demonstrating power, causing fear,blackmailing, and destroying the lives of other people can beincluded in the definition of cyber terrorism.
Whycyber offenders commit the crimes
is perpetrated by individuals, entities, or companies. What helpsprovoke cyber offense are the rewards in return. Competing businessesmay employ cyber criminals to break into the operating systems of thecompetitor to hinder their operations for a better competitiveadvantage. Similarly, entities can send malware through emails toobtain personal information for identity theft, unexpectedadvertisements or pornography.
Computercrime has a monetary value. The love for money and its usage is adriving force for criminal activities. The illegal obtained personaldata for email are used to access financial account leading tomassive loss of money. According to Ogwumike J. (2013), companieslose 250 billion USD in the United States due to cyber theft.Financial institution systems are hacked, and unsolicitedtransactions were done to the benefit of the criminal. On thebusiness perspective, rival companies use the anonymous root to spoilthe operating systems to lock them out of the market, even for dayhence more profit. Adverts popping up on social media or sent as spamin emails of the unsuspecting users give millions of cash to thesources daily. The numbers of illegal businesses increase due to theabuse of cyberspace.
is exciting, adventurous, provides a good challenge worth exploitingto the criminals with technological know-how. Usually, dangerous wormand malware result from tests of computer study students. Just likescience, an invention in the world of computers is worth trial. Theproblem is that some of the criminals fail to realize that they arecommitting an offense (Gerke, M. 2012)
Furthermore,cyber abuse offers chances for the traditional types of crimes. It isthrough the computers that they can hide their identity for a longwhile continuing with acts of crimes. The internet provides a safespace for defamation, hate speech, racial discrimination, andreligious intolerance. On the same note, criminals can accesssecurity details or sensitive information of their hit targets foreasier raids.
Additionally,most of the cyber terrorists are motivated by the desire to disruptsecurity agencies by vandalizing their systems. A recent example is avandalism that was done on the Twitter handle managed by the U.S.Central Command (Holden, 2016). The ability of cyber terrorists toaccess the systems operated by the U.S. forces caused fear, not onlyto the country’s citizens but to other nations that consider theUnited States as the “world’s policeman.”
Proposedstrategies for curbing cybercrime
Thegovernment cannot be entirely blamed for the escalation in the casesof cybercrime because there is enough evidence to show that someproactive measures were taken long before the crime could becomepopular. The government had foreseen the possibility of the crimesthat are planned and executed on the internet becoming a majorchallenge. The purpose of establishing NationalCyber Forensic & Forensic Training Alliance (NCFTA)was to bring the law enforcement agencies, scholars, and players inthe private sector together and share strategies, resources, andthreat intelligence (FBI, 2016). This information creates the needfor the identification of the loopholes that the governmentinitiatives have failed to address in the past, which has resulted inan exponential increase in cyber-based crime incidents.
Thelevel of vulnerability to incidents of cyber-attack can also bereduced through inspection and control measures. The process of asecurity audit that is performed on the internal system aims to helpthe organizations and individuals identify risk and conduct anassessment of the severity of each type of peril (Singleton, 2013).The outcome of the process of audit helps the target organizationsand individuals applies a combination of proactive and reactivemeasures to enhance the security of their systems. The effectivenessof the auditing approach is attributed to the fact that it helps theorganization identify weaknesses within its systems before they canbe exploited by cyber criminals. Also, regular audit exercise helpsorganizations identify incidents of attack at an early stage, thusreduce the extent of the damage. Therefore, audit and controlmeasures help people keep alert and take full charge of theircomputer systems.
Somestakeholders have also suggested that organizations should takebusiness insurance against financial losses that result fromincidents of cybercrime. This idea is based on the trends showingthat the number of cyber criminals who are motivated by the economicgains has increased over time (Singleton, 2013). Some financial andmaterials lose that are directly attributed to the internet-basedincidents of crime can cripple the affected organizations. Anadequate insurance cover can help the organization maintain its goingconcern during and after an attack. There is no indication that thestakeholders (including the security forces) will succeed ineradicating all cyber security threats, given that law, policies, andother control measures used in the past have failed (Singleton,2013). Therefore, it makes sense for the organizations to secure thesurvival of their businesses through insurance cover for losses thatthey are likely to incur, in case they are attacked.
Manyorganizations do not consider an incident response plan as part ofcybercrime prevention strategy. However, the program can help theaffected organization respond quickly to an attack and prevent severedamages to its systems. Also, a response plan helps the individualsas well as the companies that have been attacked recover from theincidents within a short duration, which safeguards their goingconcern (Singleton, 2013). Most importantly, an effective responseplan gives companies an insight into their risks of vulnerability andpotential steps that could have helped them minimize the chances ofbeing targeted. Therefore, a response plan motivates and provides thecompanies with an insight that they require for the development ofeffective prevention strategies.
Controllingcybercrime by civilians, government, private sector, and lawenforcement agencies
Accordingto Choudhury R. etal.(2013), efforts to attack individual computer system are usuallyorchestrated by cyber criminals. With the knowledge that humans aretrusting beings, hackers conduct social engineering to dupe civiliansto provide sensitive information and passwords unknowingly. Peoplehave to be educated to keep personal information and avoid trustingothers with such information. Ability to detect phishing attemptsreduces personal attacks.
Additionally,using public wireless connections exposes individuals to illegalactivities. Some of the Wi-Fi internet connections are not strict onregistration thence offering opportune moments for criminalanonymity. Civilians should have an up-to-date security forprotection.
Forsafety in online financial transactions, people are encouraged to usecredit cards because they have super protection from liability.Debits cards should be a preserve of manual businesses. Publiccomputers also endanger personal information, since hackers havesoftware that logs the keystrokes and record all the essential data.Lastly, regular account and credit reports assist in the detection ofany unknown activities (Ogwumike J. 2013).
Educationalprograms for young students on cyber safety. Efforts by the MadisonPolice Department’s Cyber Camp to show teens how to avoid beingvictims of cyber offenses were started in 2011 and continue to-date.A similar department that offers lessons on cyber safety continues toattract scores of youths and adults. It is done through the MadisonArea Council on Cyber Safety for Children, in partnership withUniversity of Wisconsin Hospitals, local businesses, and local schooldistricts. Perhaps a greater milestone should focus on developingapplications which force the digital generation to access thelearning objectives on their safety in computers.
Universitiesare also a promising route regarding academia and innovation ontechnology. Law enforcement agencies partner with such institutionsto train graduates in forensic science and computer science.Internship programs aimed at tapping the know-how of the fresh mindsand training on police knowledge is a solution towards stoppingcybercrime.
Asthe adage goes, if you go to Rome, do what the Romans do. Lawenforcement agencies should increase their tendency in pursuing theways of computer criminals. Understandably, the offenders never ceasein innovation about the computer. They have par online resources forthis purpose. That is the same effort that can keep the law enforcerat with the criminals. On-line resources such that of CCIPS (ComputerCrime and Intellectual Property Section, Find law, and Foundstoneprovides valuable information on cyberspace.
Collectiveeffort is yet another useful way to combat ICT offense. The lawenforcement agencies and the private sector should partner to fostertrust and confidence in fighting a coon cause. Arguably, tighteningIT security for providing adequate entities has been better comparedto the law enforcers. Pulling resources together for training andawareness on proper response techniques for cybercrime would serve ingood stead. Efforts by FBI and HTCIA (High Tech Crime InvestigationAssociation) are plausible. HTCIA and Intfragard promote informationsharing among state, law enforcement agencies, businesses, andacademic institutions. The voluntary data exchange is a gooddedication towards increasing the security of critical infrastructurein U.S (FBI 2016).
Onthe same breath, it is the law enforcers to heighten publicawareness. The benefits guaranteed with the technological advancementhave attracted more people without getting valuable cautionaryknowledge. In the same way, citizens are taught on other traditionalcrimes such as theft, assault, and burglary, sensitization oncomputer crimes should follow suit. If possible, reports on the sameoffenses should be directed to one central organization. Thecentralization can assist in cross-referencing to realize commonsolutions.
Thesocial media is yet another suitable platform for curbing cybercriminals. Apparently, the police have used this site to track gangsfor the traditional offenses. According to Choudhury R. etal.(2013), the practice is a reality in North California where agenciesconduct investigations by scanning social media for any indicationsof gang activity. Besides, the police have gathered real evidencefrom Youtube, Twitter, Instagram, and Facebook. Technologicalinnovations like open-source freeware. Likewise, employing moretrained officers to conduct a 24/7 surveillance on the digital spaceis essential in the cyber aspect.
Anothermodality worth pursuing as far as stopping cybercrime goes isgeo-fencing. It is a technology that assists the police ininvestigating information through the virtual world. They usegeo-fencing to enhance rapid crime detection and obtaining crucialevidence over the social media. Reactions that are posted relatedcrimes that happened in a defined geographical location assist in thepolice findings. Software such as Snap Trends is valuable in gettinginformation on social sites about law offenders. The same thing isvital in combating the increasing technological menace in our day(FBI 2016).
Aserious challenge in dealing with cyber criminals is the lack ofenough trained personnel. If anything, as Gerke, M. (2012) pointsout, there is difficulty in hiring, training, and retaining employeesby police departments. The professionals that could secure suchpositions earn better salaries in the private sector. Others gettrained but later secure greener pastures within privateorganizations. Law enforcement departments now focus on talentidentification among the employees as well as during recruitment. Forexample, the Toronto Police Service prides in a top 23-year old cybertalent they found in their parking enforcement unit. The backgroundinformation about new employees is necessary due to the change intraining programs in the police sector. Similarly, going back tocollege and high school competitions for cyber is a perfect sourcefor prospective computer crime detectives. The young talents shouldbe offered scholarships, internships, or even jobs.
Investingin training the officers should be funded by the seized funds fromthe Internet frauds. It will assist in cyber capacity building, addedto the partnership with other training institutions. More of theofficers should be supported to join classes in top institutions likethe National Computer Forensics Institute. Other specialized lessonson mobile devices, cyber forensics, and network intrusions arevaluable. In England, there are operational capabilities inbuilt forcybercrime. Hordes of expertise are available in the Serious andOrganized Crime Units which can be tapped to similar agencies.
Thegovernment has taken a positive step to be in the frontline toenhance cyber safety. Setting up the National Cyber Security andCommunications Integration Center by the Department of HomelandSecurity facilitates internal and external information sharing in allthe 16 industry sectors. Another body mandated to predict and abatethe threat is the FBI’s National Cyber Investigative Joint TaskForce. It has a pool of officers draw from 19 law enforcement sectorand intelligence agencies. The collective effort is significant inthe dissemination of data to the private partners in the war againstcyber offenses (Choudhury R. etal. 2013)
Whatthe police and the government have gone through at the hands of cybercriminals must be a good lesson. The security agents are entrustedwith the safety of the whole community, people who share top secretpersonal information with the police. Such is the kind of data thatget stolen from the cop’s computer networks. Therefore,prioritizing the network security system must be taken more seriouslyeven to the efforts in obtaining these kinds of information in thefirst place (Ogwumike J. 2013).
TheIRS (Internal Revenue Service)
Massiveprofits in the hacking and botnet business is a threat to publicfinancial institutions from, and IRS is no exception. The taxcollector has chipped in to shield the citizenry the advances ofcyber thieves. This comes in the wake of the proliferation in thenumber of impostor scams preying on civilians with tax arrears. Thebogus callers threaten for quicker tax remission through specifiedaccount numbers lure people to share private information, or thatthe individuals they are calling have a refund due. In 2014, JohnKoskinen, an IRS Commissioner, provided protection tips for theirclients on common scam signs. People can file their complaints aboutassistance through the FTC Complaint Assistant. Further, thecommissioner advised that information on the scam is available onTumblr and Youtube (IRS 2014).
Challengesthat Limit Effective Prevention of
Abatingcriminal activities is a daily concern of the law enforcementagencies and all other stakeholders. Like other types of crimes,holding cyber-space offenders accountable is a reality nightmare tothe government, law enforcement agencies, private sector, and thecivilians.
Firstly,shortage of experts who have adequate knowledge and skills to addresscybercrime issues is a challenge in the war against this type ofoffense. It is estimated that the world has about 1,000 who arespecially trained to deal with cases of cybercrime, but it needs morethan 30,000 experts (Al-Khotani, 2015). The lack of adequate expertswho dedicate their full time to address incidents of internet-basedoffenses has limited the capacity of the stakeholders in the securitysector to catch up with the criminals. It has given criminals anopportunity to develop new programs from time to time and use them toexploit consumers of the modern technology.
Secondly,the overreliance on Information and Communication Technologies (ICTs)in our everyday activities makes the whole system more susceptible toattacks. ICT is used in the management functions in the transportsector, communication services in energy and water supplies ande-commerce in general. Information exchange relies on the Internetservices like VoLP calls and electronic mail. All these increasechances that the offenders interrupt the hitherto weak technicalinfrastructure, leading to a tremendous financial loss. Further, therush to provide internet accessibility to citizens in developingnations is forcing governments to design cheaper infrastructuraltechnologies. The maximization of accessibility is by and by, at theexpense of protection measures (Choudhury R. etal. 2013).
Thirdly,cyber criminals are spoiled for choices regarding the availabledevices and access to a computer. Computer crimes require basicequipment such as internet availability, hardware, and software(Choudhury R. etal.2013). As noted earlier, extensive use of ICT makes hardware suchcomputers, flash, and hard disks readily available and more peoplegain the knowledge of a computer operation. Software tools that canlocate break passwords or locate open ports are downloadable topermit operations of computer criminals. The treat is extended bypeer-to-peer exchange of equipment, something that is very hard toprevent.
Whatis more, anonymous access of internet is a hotbed of cybercrime. Theoffenders do not subscribe to internet service and opt for unverifiedregistration service. Therefore, they remain unknown with unlimitedusage of the internet. Today, agencies restrict the free access tothe internet in Italy and China where a user must be identifiedbefore using public Internet terminals. As much as such restrictionscurb cyber abuse, suggestions that it is a human right violation.Opponents also argue that the growth of e-commerce and informationtechnology is jeopardized.
Overand above, the war against computer violations lacks strongmechanisms of control. Originally, the Internet use was meant for themilitary network with a decentralized architecture to preserve themain functionality. It ensured restriction in external control. Now,using the Internet has shifted to the civil service, changing thenature of demand for control tools. Interestingly, the society takespride opportunities due to ICTs with minimal efforts in controlmeasures. If operations of user circumventing filter technology byuse of encrypted communication services that are anonymous are notcontrol, more problems than ever are looming. Policy-makers andlaw-enforcement agencies need to develop certain degrees of centralcontrol to ensure cyber security (GerkeM. 2012).
Al-Khotani,S. (2015, April 29). Warning: Critical shortage of cybercrimeexperts. ArabNews.Retrieved from http://www.arabnews.com/featured/news/739446September 12, 2016
Choudhury,R. R., Basak, S., & Guha, D. (2013). Cyber Crimes-Challenges &Solutions. InternationalJournal of Computer Science and Information Technologies, 4(5)
FBI(2016). .Retrieved from https://www.fbi.gov/investigate/cyberon September 12, 2016
Gerke,M. (2012). Understanding: Phenomena, Challenges and Legal Responses.ITU
Holden,D. (2016). Iscyber-terrorism the new normal?Retrieved fromhttps://www.wired.com/insights/2015/01/is-cyber-terrorism-the-new-normal/September 12, 2016
IRS(2014), ScamPhone Calls Continue IRS Identifies Five Easy Ways to SpotSuspicious Calls. Retrieved fromhttps://www.irs.gov/uac/newsroom/scam-phone-calls-continue-irs-identifies-five-easy-ways-to-spot-suspicious-calls
Singleton,T. (2013). The top 5 cybercrimes. AmericanInstitute of CPAs.Retrieved fromhttps://www.aicpa.org/InterestAreas/ForensicAndValuation/Resources/ElectronicDataAnalysis/DownloadableDocuments/Top-5-CyberCrimes.pdfSeptember 12, 2016