Some aspects of investigating computer crimes
Date: October 15, 2003Source: Computer Crime Research Center
By:
One of the top-priority goals of the modern society saturated with information computer technologies is to fight computer crimes. According to interrogations, materials, hearings and scientific researches, the world society faces serious problems in this sphere. Thousands cybercrimes are committed in the developed countries and economic losses inflicted by them make up billions US dollars.
According to US expert statistics, in the USA an average damage is $3.2 thousand (a physical bank robbery), $23 thousand (a swindle) and $500 thousand (a computer crime).
The imperfectness of laws and state system on fighting cybercrimes aggravates all this [1].
It is necessary to protect computer information systems from committing crimes connected with stealing, illegally modifying or destroying processed information, using computers in an unauthorized way, as well as deliberate interference with their work because of an increased significance of information e-systems in a social life, sizes of their use to process limited access data and popularity of the Internet.
Vitaly Kozlov considers it expedient to place both computer information or its protection crimes and computer technology ones among computer offenses [2]. In our mind, such a definition fully complies with UNO experts’ recommendations and covers any crime that can be committed in the computer system and network.
The investigation of computer crimes considerably differs from that of other “traditional” offenses. The study of criminal cases shows that the low investigation results from the lack of systematized and worked through procedures of investigating computer crimes, as well as mistakes made during investigating actions with respect to computer information or computers themselves [3].
At first sight computer crimes seem to be investigated by using traditional laws on theft, misappropriation, property damage and so on. However, when we try to establish the availability of all structural elements of the traditional crime committed by using electronic computer, it will be evident that the traditional legislation cannot be used to investigate new crimes. For example, if a delinquent person illegally or for the criminal purpose entered the room with electronic computers, the law can be applied in a traditional way. When a criminal penetrated into the room with electronic computers to damage the machine material part or steal program, only an illegal intrusion will suffice to bring an accusation. However, if a person tries to obtain an illegal access to computer memory data to download valuable information, the traditional legislation does not provide preferring a charge for such a crime. A criminal can obtain an access through his home remote terminal or secret phone code. It is not always possible to prove the fact of stealing property as required by law. For example, computer program can be “read” from the remote computer terminal. Such a withdrawal does not affect computer hardware and even software because coded information can be only copied somewhere without leaving the computer. The traditional law on stealing or withdrawing cannot be used to bring an accusation against a person copying or downloading information without modifying and removing it in a physical way.
Let us consider main problems faced by inspectors and experts.
The most difficult will be to establish the fact of committing a computer crime because its external evidences are much decent when compared with a grocery robbery. In fact, there is no visible material damage when committing computer crimes. For example, an illegal copying of information remains undetected and introducing of viruses is viewed as an unpremeditated mistake made by a user that could not “catch” it when communicating with the outer computer world.
Now the exposure of computer crimes is quite low because of the complexity of hardware and software. Moreover, the victims are often not in a hurry to appeal to law enforcement bodies. Sometimes the guilty persons are dismissed or transferred to other structural organizations. The refusal of criminal prosecution results in the lack of general prevention thereby inviting the other persons to try their forces. The victims should not be blamed because the difficult complex of problems affects their conduct. An understanding of it can help both a potential victim and law enforcement bodies.
The mechanism of committing crimes connected with automated systems of processing information is hidden from the victims (firm share-holders). In addition, the fact of information leakage can be concealed by e-means before revealed.
The officials responsible for computer system security are not interested in revealing the fact of committing e-crimes. The acknowledgement of an unauthorized access to the computer system puts their professional qualification under doubt whereas the inadequate measures of computer security taken by authorities can result in serious inner problems.
As a rule, banking officials carefully conceal revealed crimes committed against bank computers because it can damage its prestige and result in losing clients.
Some victims are afraid of serious, competent investigation because it can reveal an improper or even illegal mechanism of transacting.They often fear that insurance companies will increase insurance payments or refuse to renew their insurance policy if computer crimes are regularly committed at this organization.Victims can turn down the investigation because of disclosing in court their financial and other official secrets.
Foreign attorneys and inspectors note that documents produced by those suffered from computer crimes do not often suffice to bring grounded accusations.
If commercial activity crimes are traditionally measured with minutes, hours, days and weeks, automated system offenses are measured with fractions of a second.
The difficulty of estimating inflicted losses is an interesting aspect of financial computer crimes. Schneider’s case of Pacific Ocean Phone Company e-robbery can serve as an example of it. He stated during the inquiry that he had stolen nearly $1 million whereas the company indicated the lost sum of at most $100 hundred.The investigation of computer crimes is often quite expensive. Sometimes organizations do not want to increase their losses by adding investigation costs. The victim often denies an idea of exposing a crime because of limited material resources.Exposed computer criminals in many countries are known to get off with small penalties (often – suspended sentences). It compels the victims not to report an incident to law enforcement agencies.
Therefore, inspectors are deprived of the suffered organization support at the beginning of investigation.
Another important problem complicating the investigation is that the society does not consider computer crimes as a serious danger when compared with traditional ones.
Average citizens perceive a hacker as a clever and interesting person whereas a victim – greedy and stupid. Therefore, people do not often shed tears apropos of organizations suffered from computer crimes and those do not hasten to make a laughing-stock of themselves [4].
Sometimes computer crimes are exposed by chance. One day an official from the computer center working some oil companies noticed that a client’s read indicator had been turned on for a long time before the record LED was lighted. The investigation showed that this man had been engaged in industrial espionage and sold company data to its rivals.
There is no doubt that a good inspector investigating computer crimes should be a perfect programmer or at least know about the use and possibilities of electronic computers. Unfortunately, there are not many such specialists among programmers let alone inspectors.
However, it is an erroneous opinion that the investigation of computer crimes is incredibly difficult and the matter of elite. There are some factors simplifying the investigation. Among them is a strictly limited circle of persons disposed to committing such a crime. In fact, there are much more people capable of tearing away a receiver in the public call box than those inventing and spreading computer viruses.
The investigations of crimes connected with an illegal using of information computer systems show that most of those offenses were perpetrated by authorized persons that knew quite well the system-operating mode and could take it to their mercenary advantage.
If a programmer found some modifications of his program and library access password, incorrectly made copy or restored archive, he knows whom to raise a claim.
If it is a matter of an unauthorized access to thoroughly closed system, data imitation, planting a “logical bomb” in the adjusted program, such experts can be counted on the fingers of one hand in every computer center.
There is a paradox here: the more skilful is a computer crime the easier a criminal can be found.
Another factor simplifying the investigation is that all large computer centers are equipped with systems registering an operator’s actions. As a rule, the service personnel should monitor an operator’s register.
For example, Kernel University experts managed to open the archive of passwords used to obtain a system...
Next
Add comment
Email to a Friend
