Computer Crime Research Center

library/gva2.jpg

Computer Crime Typology

Date: January 09, 2004
Source: Computer Crime Research Center
By: Vladimir Golubev

... /> The third group is made up by mixed methods that may be committed both by direct and indirect (remote) access. They are:


- secret insertion of commands in programs that allow to perform new unplanned functions, making this program runnable (program copies files, but simultaneously it deletes data on financial activity of enterprise);

- alteration of programs by way of secret placing of command sets that should snap into action under specified conditions in some time. E.g. as soon as the program illegally transfers money funds to so called false account, it will self-destruct and delete all the data on the committed operation;

- access to data bases and files of the authorized user through weak places in security systems. There arises an opportunity to read and examine information stored in the system, copy it, appeal for it in case of necessity. Thus one may appeal to data base of the competitor company and have an opportunity not only to analyze its financial state, but also obtain evident advantages in competition struggle;

- using bugs in programs and flaws. The program is “breaking” and malefactor inputs some amount of certain commands that help to perform new unplanned functions, making this program runnable. Thus, one may transfer money to false accounts, obtain info on real estate, identities, etc.


Criminals may obtain passwords, keys, ids (by way of getting a list of users with all required info, documents in institutions where there is no control of documents preservation, listening of phone talks) and penetrate in computer system as authorized users. Systems with no authentic identification (e.g. identification by physiological features: fingerprints, eye retina, voice) are especially invulnerable in this relation.


As it was already noticed, interference in computer, computer system and network operation without right may be connected to violating or threatening a person. Violating or threatening a person may take place in case of direct, indirect or mixed methods of committing computer crime. At that subject to violating or threatening are both authorized user of computer system and other person related to computer equipment.


Direct access to computer information connected to violating or threatening a person may occur in case when authorized user of other person after violating or under the threat of which, are forced to commit interference in computer, computer system and network operation without right. The damaging, deletion, deterioration, alteration or suppression of computer data without right is performed on the computer where information is stored.


Indirect access to computer information connected to violating or threatening a person will take place in case of direct or electromagnetic interception of information from computer where it is stored (with further copying, deletion, alteration and suppression of computer data without right) is committed by a person, suffered violation. This action may be not compulsory committed by a person suffered violation in full extent. It is enough only to obtain passwords, ids, access cards, etc.


Mixed methods of interference in computers, computer systems and networks operation without right may be committed the same way. For instance in case of physical influence (or threat) on programmers (operators) on purpose of inputting unplanned commands in program or its alteration: if violence occurs in order to detect flaws in security system, or other kinds of mistakes related to program structure, for its further use without right.


A. Rodionov and A. Kuznetzov suggest next classification of methods of interference in work of computer, computer systems and networks without right [7]:


1. Computer facilities impressments

2. Illegal interference in computer, computer systems and networks operation

crimes committed with computer information in global computer networks;

crimes committed with computer information in beepers, cellular phones, cash registers, etc.

3. Development or distribution of malicious software (viruses, cracks, etc.)

4. Interception of information: a). electromagnetic, b). indirect.

5. Copyright violation (computer pirates)

6. Mixed (complex) methods
On our opinion the given classification has some lacks. First, the reason of classification is direct object of criminal offence, but not the way of crime commitment. Second, illegal interference in work of computers, computer systems and networks is performed by a lot more ways (in particular, we didn’t mention direct ways). Third, ways of information interception are the ways of illegal access to it, that’s why it is unfounded to single out to a separate group.


Lets illustrate the way and mechanism of illegal interference in computers, computer systems and networks operation commitment by such case: bank employees are enrolled at initial stage (by way of bribe or blackmail). One of them will be a victim, the other will be a recipient of money funds, the third are the employees of banks where the stolen money will be withdrawn from the accounts and will be cashed. An employee of a telephone office in the place where the management of all the illegal operation will be performed is enrolled for confidence. An apartment is hired for a man on straw In this town, where the necessary equipment is installed: computer, communication facilities and uninterruptible power supplies. The main actual doer will act here in this appartment. Besides him, approximately 10-12 computers with operators are involved, since one computer can’t provide efficient operation. Thus total amount of accomplices may reach 30 persons. However its true goal is known only by not more than 5 persons – main actual doer and his direct accomplices. Each of other participants knows only his own concrete task.


Penetration in computer system of a commercial bank is performed by way of indirect access considered above.


The main actual doer, in case of successful course of operation, initiates the main payment order and makes it primary for processing and sending off to the specified addresses. Afterwards he inputs false payment orders on purpose to cover up the main payment. Right after the main transfer false orders disorganize the system of accounts settlement and temporarily paralyze it.


In conclusion we should mark out that typology of ways and methods of computer crime commitment will allow to develop more efficiently estimation and criteria in broad range of high-tech and computer crimes, and also will facilitate development of domestic laws taking into account international legislation.


[1] A. Koryagin, Computer and internet technologies crimes: urgency and problems of fighting with them. - http://www.crime-research.ru/library/Koragin.html

[2] V. Golubev, Investigating Computer crime / Monograph - Zaporozhye: University of Humanities “ZIGMU”, 2002.

[3] T. Tropina, Cyber criminality and terrorism, - http://www.crime-research.ru/library/Tropina.html.

[4] J. Baturin, A. Zhodzinski, Computer crimes and security - Moscow: Jurid. Lit, 1991, p. 18-34.

[5] B. Vehov, Computer crimes: ways of commitment and investigation methods – Moscow: 1996, p. 49-105.

[6] V. Golubev, J. Urchenko, Computer information crimes: ways of commitment and protection – edited O. Snigeryov, V. Martuzaev – Zaporizhzhya: Pavel, 1998, p.45.

[7] V. Sergeev, Computer crimes in banking – Banking, 1997, #2, p.27-28.

[8] A. Rodionov, A. Kuznetzov, High-tech crimes investigating – Bulletin of the Ministry of Internal Affairs of Russian Federation, 1999, #6, p.67.

[9] V. Sergeev, Computer crimes in banking – Banking, 1997, #2, p.27-28.


Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo