Globalisation Exam

Cyber Crime

• Internet - symbol of global connectivity - shapes leisure and professional activities through the use of ICT

• International Telecommunication Union - 2015 - 3.2 billion internet users compared to 400 million in 2000

• Global connectivity - more opportunities for crime - casual internet users unaware of dangers of life online  

• McLaughlin and Muncie (2001) - “illegal acts committed with the assistance of, or by the means of computers, computer networks, the internet and web-based information and information and communication technologies” 
• No consistent definition of cybercrime as the term covers a range of illicit activities
• Sandywell (2010) categorised definitions in three ways; 

                    1)“traditional criminal activities that are expanded or enhanced by the internet” such as fraudulent behaviour,

                    2) “traditional criminal activities that are generalised and radicalised by the internet” such as paedophilia and grooming,

                    3) “criminal activities that are created by the internet”, such as hacking

• Rise of the use of technology opened up many gateways for crime to take place, not necessarily new criminal behaviour, but new ways of committing already criminalised behaviour.
• E.g: fraudulent behaviour and paedophilia are both issues which occur outside of the online world - given new life online, whereas before the internet - hacking not so much of an issue

• Two physical domains to operate in – land and sea
• Traditionally, by definition, a pirate refers to one who “robs or commits illegal violence at sea” (Pollock, 2014)  
• But - navigating new spaces - new domains developed - e.g. cyberspace - term “pirate”  adopted more modern definition
• Today - “illegal copying of digital goods…without explicit permission from and compensation to the copyright holder” (Higgings, 2007) is also labelled as piracy.
• Link between both types - their agendas – engaging in illegal activities for their own greater good.
• Arguably - cyber criminals the new modern day pirates

• Cybercrime challenges the traditional notion of the “common” criminal
• "Common” criminal  - often stereotyped - working-class and uneducated (Browne, 2011) ,
• Cybercriminals - often loose networks of attackers - “highly motivated, less risk averse and well-funded” individuals originating from Eastern Europe and Asia (Ciampa, 2007)
• Jewkes (n.d.) - cyberspace -  “playground for criminals” - hidden forums cyber criminals use - “dark web”  - “information that has been intentionally hidden and cannot be accessed through a standard web browser” (Ciampa, 2007) -  exploitation of casual day-to-day internet users and perceiving attackers as more dangerous and threatening as attackers exploit vulnerabilities in order to generate income - reinforcing the notion that cyber criminals are considered to be the new modern day pirates

• Centre for Strategic and International Studies (2014), the global cost of cybercrime can be as high as 445 billion US dollars (
• Same study - cybercrime costs around 0.8% of global GDP (global domestic product - one of the primary indicators used to measure the health of a countries economy (Investopedia, 2005), compared to 0.02% for maritime piracy or 0.89% for counterfeiting and piracy
• These statistics show that modern day piracy is much more of a problem than any other form of piracy today

• Hacking - “the process of gaining unauthorised access into a computer system for a variety of illegal purposes” (Kizza, 2009)
• Hacking makes up most of the cybercrime statistics - Britain targeted by around 1000 cyber-attacks per hour - US and Hong Kong being the leading hacking states (ABCOM, 2013)
• Whilst all forms of hacking are considered a crime, hacker’s motivations vary. Yar (2013) - hackers will often present themselves as “rebels who act against traditional society”
• Supported by Mentor’s (1986) idea of the “Hackers Manifesto” which argues that hacking is a “response to the greed, wars and lies of governments and major corporations” thus raising the question whether hackers are rightfully criminalised or whether more credit should be given to them for the justice that they attempt to bring about
• Raising the question whether hackers are rightfully criminalised or whether more credit should be given to them for the justice that they attempt to bring about

•  “Anonymous” – leaderless group - maintain anonymity with the primary aim of encouraging internet freedom and exposing government hypocrisy through acts of civil disobedience – (Michael, 2012)
• Example of the conflict between hackers and the law
• Primarily targets large cooperation’s and government agencies in order to bring awareness to issues the public may not be aware of otherwise
• 2001 - Anonymous launched an attack on Sony, whereby the hacktivists leaked personal details including usernames and password combinations, names, addresses, and bank details of over 13,000 PlayStation users (Brooks-Pollock, 2014) - attack made the public aware of Sony’s poor privacy protection measures which in return urged Sony to improve the data protection measures they have in place

• Benefited the greater good of the public - attack on “****** City” – a file sharing website frequently used by paedophiles in order to access child ***********
• Anonymous released the names of over 1,500 members of the site to reinforce that such sites will not be tolerated by the group (Raza, 2016)
• This attack was carried out in the “Hidden Wiki” – a server which provides guides to underground sites that support illegal activity – an area unfamiliar to law officials, showing that groups such as Anonymous are often not financially motivated, but truly aim to protect the public

• The Computer Misuse Act 1990 - aims to criminalise cyber crime such as hacking by introducing new offences into UK criminal law such as; “unauthorised access to computer material, unauthorised access with intent to commit a further offence” - further offences could include fraud under the Fraud Act 2006 or theft under the Theft Act 1968.
• Lastly, The Computer Misuse Act 1990 considers “unauthorised modification” an offence under UK criminal law (Inbrief.co.uk, 2016)
• Over the course of 25 years, The Computer Misuse Act 1990 has been applied to convict 80 high-profile cases of hacking
• E.g: supermarket employee who leaked the personal details of 100,000 members of staff, including national insurance numbers and bank details, was imprisoned for 8 years
• A university student was imprisoned for 8 months after hacking the universities database in order to improve grades (Aduwa, 2015).

• The Terrorism Act 2000 -  hackers will be regarded as terrorists if “their actions are considered a means of intimidating the public…or promoting a political, religious or ideological cause” (Aduwa, 2015)
• Section 55 of The Data Protection Act 1998 “the unlawful obtaining of personal data by hackers, impersonators…without authorisation is made a punishable offence” (Aduwa, 2015)
• Data Protection Act 1998 breach e.g.: - Mark and Spencer’s - 2007 - personal details of over 20,000 employees were stolen due to a failure of encrypting the data
• Mark and Spencer were issues with a notice to ensure all data is encrypted and no further action was taken (Aduwa, 2015)
• Thus showing that hackers hacking the “dark web” are more likely to be criminalised than business or governments who fail to abide by the law

• Guardians or villains?
• Governments are using state-sponsored attackers to launch computer attacks against their rivals, such as foreign governments or perhaps their own citizens that the government may consider threatening (Ciampa, 2007)
• Sate sponsored attackers are considered to be the most threatening of attackers, as they are highly skilled and have “enough government resources to breach almost any security defence” (Ciampa, 2007)
• Thus producing the counter argument that perhaps hackers are not the modern day pirates, but government bodies that exploit the public’s trust

• Former National Security Agency employee - highlighted the hacking tools the Government Communication Headquarters (GCHQ) use in order to spy on citizens without their knowledge and consent
• The hacking tools allowed GCHQ to access a smartphones browser data, monitor calls and messages and even track a person’s exact location (Virtue, 2015)
• GCHQ admitted that about “20% of its intelligence reports contained information derived from hacking” (Bowcott, 2016)
• Large corporations and government bodies often attempt to justify their increase in surveillance and hacking through the topic of terrorism

• Complaints against GCHQ were made - resulted in a trial as GCHQ’s actions were believed to be unlawful both under the Computer Misuse Act 1990 and article 8 of the European Convention on Human Rights - which focuses on the on an individual’s right to privacy and states that it protects the individuals against “arbitrary interference by public authorities and private organisations” (Equality and Human Rights Commission, 2012)
• British government has been criticised for amending the Criminal Misuse Act in order to permit the hacking attacks carried out by GCHQ
• Government introduced a new legislation within the Criminal Misuse Act which provides “a new exception for law enforcement and GCHQ to hack without criminal liability” (privacyinternational.org, 2015)
• This change not only making the complaints about GCHQ irrelevant, but only providing the British government with a new leeway to conduct further cyber-attacks within the UK

• Wall (2001) subdivides cyber crime into four categories

                1) cyber-trespass e.g. hacking/viruses

                 2)  cyber deception and theft e.g. advanced fee frauds - large sums of money are deposited into an account and help is needed in order to release them, in return the helper is promised a financial reward, or phishing - large scale email frauds using legitimate-looking electronic emails from banks, requiring an update on security measures and therefore getting hold of a persons bank details

                  3) cyber *********** - breaching laws on obscenity and indecency - "operation ore" 2002 - fbi passed details to national criminal intelligence service of over 7000 British people who had accessed a texas based subscription child *********** site. Over 200 arrests were made - only small number came to court  

                 4) cyber violence -  doing psychological harm to or inciting physical harm against others thereby breaching laws relating to the protection of the person e.g. hate speech, stalking. Johnson (2003) - cyber stalking - "unwanted, threatening or offensive email or other personal communication over the computer that persists in spite of requests by the victim that it be stopped"

• Jewkes (2003) - number of challenges with policing cybercrime 

                    1) Volume - scale of the material online makes it difficult to police

                     2) Jurisdiction - as with terrestrial crimes which cross international boundaries there can be many problems in applying domestic criminal laws

                     3) Under-reporting - victims may be unaware that they have been victimised or unwilling to report internet-based crimes, therefore, restricting what the police can do

                     4) Police culture - the relatively high-tech, desk-bound nature of how much cyber policing puts it somewhat at odds with what are often viewed as the more exciting and high profile elements of police work

                     5) Limited resources - until such crime becomes a core policing priority it is unlikely to command significant resources