Cyber Crime: Its Past, Present, and Future

Abstract

This paper explores many facets regarding cybercrime or the use of computer, the internet, and similar technology in order to commit a variety of crimes. The paper will examine how these cybercriminals do the things they do, as well as some of the tactics used by law enforcement to counter it. It will also demonstrate cyber crime’s effectiveness with a few examples, such as the infamous Craigslist Killer, and how they were able to get away with so much. Lastly, the article will discuss the future of cybercrime, and whether or not this is a growing trend or simply “growing pains” of a relatively new form of media that are soon to be sorted out.

Introduction

First, it is necessary to examine the history of cybercrime, and how it reached the level it is at today. Cybercrime, obviously, really hit its stride with the explosion of popularity of the internet in the late ’90s. However, even before that, ever since the advent of the internet, in fact, cybercrime and the need for stringent cybersecurity has been a sad reality.

One of the earliest examples of what could be called cybercrime actually dates back to the 1870s, when rambunctious young boys were rude to customers on early phone networks. “In the late 1870s, the new AT&T system in America had to stop using the teenagers as switchboard operators…they [were talking] back to subscribers, saucing off, uttering facetious remarks, and generally giving lip…worst of all they played clever tricks with the switchboard plugs: disconnecting calls, crossing lines so that customers found themselves talking to strangers, and so forth. This combination of power, technical mastery, and effective anonymity seemed to act like catnip on teenage boys” (Sterling, B. 1992). This example helps to show that computers themselves are not to blame for computer crime, but the user. For some, it is in their nature to want to destroy and cause as much havoc as possible, and computers simply provide the outlet for that desire. On that note, many times, before computer hacking became widely practiced, people would take out their frustration on their employer, the government, or a simple ex-friend by destroying the computers, which were much more costly at the time.

In the ’60s and ‘70s it was relatively common practice to both physically destroy computers and data centers, as well as subvert long-distance telephone networks (M.E. Kabay, 2008). However, the earliest case of actual intra-computer crime (that is, crime that actually takes place within the computer system) dates back to the early ’70s, with who was known at the time as “Albert the Saboteur” (Kabay, 2008). This involved the sabotage of a government computer at “the National Farmers Union Service Corporation of Denver, where a Burroughs B3500 computer suffered 56 disk head crashes in the 2 years from 1970 to 1972. Downtime was as long as 24 hours per crash, with an average of 8 hours per incident” (Kabay, 2008). Experts replaced several different components of the computer at a cost of about $500,000, but the crashes continued. During this time, no one suspected Albert, the night shift operator. Finally, management used a security camera to catch Albert “pen up a disk cabinet and poke his car key into the read/write head solenoid, shorting it out and causing the 57th head crash (Kabay, 2008). While nowadays this would probably qualify more as simple sabotage, at the time it was much more significant because of the cost to replace the computer parts, as well as the detrimental effects the computer’s downtime caused. This act of cybercrime was the proverbial kick in the pants that alerted the government to the risks and crimes that come along with computers. From here, cybercrime evolved to become more software-focused, instead of simply destroying the computer or its core components. For example, in 1988, a computer criminal named Kevin Mitnick and a friend “cracked the University of Southern California computers again and misappropriated hundreds of Mb of disk space (a lot at the time) to store VAX VMS source files stolen from Digital Equipment Corporation (DEC)” (Littman J. 1996). This relatively simple act of sabotage, which Mitnick repeated for several years after, helped to spawn the idea among computer criminals that it is very possible and even, perhaps, profitable to sabotage these machines for profit; for example, stealing data from them for profit, or, even worse, credit card fraud.

Credit card fraud is the earliest example of computer crime that is still alive and well today, save perhaps for simple sabotage of computer systems. Although credit cards and, subsequently, credit card fraud have been around since the 1950s, profit lost due to credit cards did not start to become a serious issue until the advent of advanced computer technology. In 1980, credit card fraud cost companies $180 million, while in 1995, shortly after computers had become widespread, its total cost was a whopping $1.63 billion total, with $875 million being in 1995 alone (Shorter, K. 2007). These cybercriminals were able to subvert early security systems, usually by impersonating another user, or with early viruses that could extract information from the computer, and use this to gain access to credit card records and numbers, which they could then simply use at their leisure or sell for profit. Until authorities really cracked down on it, credit card fraud was an enormously lucrative avenue of crime. Even today, credit card fraud is still a widely used form of fraud, especially with the amount that credit cards are used in society today.

One of the most infamous types of cybercrime is identity theft. Identity theft is another somewhat ancient method of cybercrime simply because of how easy it was, and, to an extent, still is to impersonate someone else on the internet. In the late 1990s and early 2000s, credit card fraud grew a subcategory known as identity theft. Identity theft is the process of obtaining one’s personal information, such as social security numbers, credit card information, and address and using this information to impersonate them for illegal purposes. Identity theft is the earliest example of computer crime that is only possible because of computers. In a way, identity theft set the stage for the many other types of computer crime that followed. In any case, identity theft is now a huge problem for people with access to a computer, which, in this day and age, is virtually everybody. Identity theft affects about 6.4 million households across the U.S., and each of these 6.4 million households incurs an average loss of about $1000 (Baum, K, 2005). For reference, total losses due to all types of theft, including things like robbery and burglary, total $1,620 per household, meaning that identity theft makes up more than half of all losses from theft (Baum, K. 2005). Even now, some vestiges of what began with identity theft still remain. For example, the art of spam, in which specialized servers sent out billions of messages a day in an attempt to fool users into thinking the emails they send are legitimate, is still alive and well today.

The current age of internet crime involves a much more personal touch, although the old standbys, such as identity theft, are still in full force. The advent of social media and other networking services has made it easy for pedophiles, stalkers, or worse to easily pick up prey via these social networks. Take, for example, the infamous Craigslist Killer. Craigslist is a simple service that works as a digital classified ads section of a newspaper, allowing people to find whatever it is they need, including a mate. One such user, named Philip Markoff, used Craigslist to set up dates with three women, one of whom, Julissa Brisman, he killed, and the other two he attempted to rob (LaRosa, P., and Cramer, M. 2009). Of course, even before this, Craigslist and similar sites had been a litany of scams and similar crimes, but the premeditated nature of this particular case, as well as the total innocence of the victims, caused the entire nation to pay attention. In fact, after the news of the Craigslist Killer broke, many other similar cases surfaced. Although the death of Brisman was tragic, the killing did open law enforcement’s eyes to the dangers of social networking and its uses as a way to set up crimes. After this slew of serious cybercrime cases, authorities decided to crack down on cybercrime. This is when the most common cybercrime terms used today, such as cyberstalking. Law enforcement has also taken to educating website owners and users in general of the dangers that the modern internet poses for the average user, and how to defeat hacker’s various attempts. In addition to increased surveillance on law enforcement’s part, the Craigslist Killing also caused most other websites, especially those that allow strangers to potentially meet, to enact a series of new changes that not only increased site security against hackers and the like, but also educated users on the potential dangers of using their site (LaRosa and Cramer, 2009). Since then, cybercrime has continued to evolve. Things like denial of service (DDOS) attacks can prevent a website from functioning altogether for a few hours and can be easily done by amateur hackers.

Another, quickly growing type of cybercrime is known as cyberbullying. Now that most teenagers have access to things like cell phones, social networks, and the internet in general, a new type of cybercrime has emerged known as cyberbullying. Cyberbullying is the act of someone using the internet to perform traditional bullying tactics such as extortion, threats, or simple humiliation. Cyberbullying is more of an issue than people think, especially in this day and age. Studies show that about 20% of teenagers aged 11-18 reported being cyberbullied at least once, although that number could be as high as 40% (Hinduja and Patchin 2011). The effects of cyberbullying on teenagers are profound. Namely, it increases thoughts of suicide, as well as attempts at suicide, by a large margin. “In our recent research involving approximately 2,000 randomly selected middle --schoolers from one of the most populous school districts in the United States, 20% of respondents reported seriously thinking about attempting suicide (19.7% of females; 20.9% of males), while 19% reported attempting suicide (17.9% of females; 20.2% of males)” (Hinduja and Patchin, 2011).

These studies also show that there is currently more cyberbullying occurring in schools than real bullying. This is problematic for students, teachers, and parents because cyberbullying, despite not being a physical form of bullying, nevertheless has a real, measurable negative effect on teenagers. The reason cyberbullying has such a radical effect on teenagers is twofold. First, teenagers are going through rapid changes in their life; changes that require the support of friends and family. They are most susceptible to psychological attacks at this stage, and that is what cyberbullying preys on. Second, cyberbullying is not physical. It attacks the mind and psyche of the victim by repeated insults, threats, or humiliations. In addition, some types of cybercrime are even more minor, but nonetheless incriminating. For example, the advent of sites such as YouTube allows teenagers to take videos of people who might not want to be videotaped and put on the internet for all to see. This is also possible with technology such as cell phones and is generally a more popular tactic among females, who tend to use more psychological bullying tactics, while males prefer physical and verbal (Hinduja and Patchin, 2011). Cyberbullying helps to put the issues of cybercrime at large in perspective. Because of the nature of how computers work, it is difficult to pin down a particular culprit of cybercrime because it is so difficult to prove that an individual was using the computer at that specific moment. The advent of new technology, such as wireless networks, further muddles this issue, as, in addition to proving the perpetrator was using the computer at the time, and accusers must also prove that someone else was not using the house’s wireless Wi-Fi signal to perform the crime.

Cybercrime has come a long way since the late 1800s, but so have the methods used to combat it. What was once a very specialized and technical form of sabotage is now widely available for any armchair hacker to use on a potential victim? The unity that the internet has brought the world is also its biggest weakness, as cybercrime is only becoming more and more widespread as the internet continues to increase in prevalence across the world. Both these hackers and law enforcement must be constantly updating ways to subvert each other’s defenses in the never-ending war on cybercrime. For many of the common users, it may seem like a confusing battle which they are mere spectators to. There are always ways to combat it, though, such as by being vigilant with anti-virus software and keeping abreast of the latest news regarding tactics that hackers are using. Cybercrime relies primarily on ignorance of fear of its victim in order to be effective, and these are the easiest things for potential users to change.

References

Baum, K. (2005). ―National Crime Victimization Survey: Identity Theft, 2005.‖ Bureau of Justice Statistics

Kabay, M. E. (2008). A Brief History of Computer Crime: An Introduction for Students. School of Graduate Studies at Norwich University.

LaRosa, P., & Cramer, M. (2009). Seven Days of Rage: The Deadly Crime Spree of the Craigslist Killer. Simon and Schuster. com.

Littman, J. (1996). The Fugitive Game: Online with Kevin Mitnick --The Inside Story of the Great Cyberchase. Boston: Little, Brown and Company. P. 30

Patchin, J. W., & Hinduja, S. (2011). Traditional and nontraditional bullying among youth: A test of general strain theory. Youth & Society, 43(2), 727-751.

Shorter, K. (2007). ―Plastic Payments: Trends in Credit Card Fraud.‖ FBI Law Enforcement Bulletin (June 1997). http://www.fbi.gov/publications/leb/1997/june971.htm

Sterling, B. (1992). The Hacker Crackdown: Law and Disorder on the Electronic Frontier. New York: Bantam. Retrieved from: http://www.mit.edu/hacker/hacker.html