Anderson 1

Jackson Anderson

Mr. Leptak-Moreau

English 1201

24 October 2021

Literature Review

Why is Cybercrime such a challenge to overcome? As said in one of my sources

“Cybercrime is evolving on a daily basis, it is being perfected so much that even judiciary and

professionals fight these crimes constantly” (Arifi 53). Cybercrime is always changing, new

exploits are found, new things are discovered, and more people and companies are targeted every

day. Lawmakers at the International, Federal, and State level are struggling to keep up with the

rapidness of online hackers, and it’s a problem. Cybercrime can be something as simple as

someone stealing your email address on a sketchy website to a major classified file leak.

Cybercrime is also very profitable and, in some countries, can even be a job that makes more for

people than a normal job in the area.

Cybercrime is as old as computers are and used to be called phreaking before it was called

hacking. All of the exploits that used to work very well no longer work because of new laws and

new protections put in place. These exploits are much worse today than they used to be, if you

were to get into a database or computer 50 years ago you would get some simple information and

some code, whereas now you can get credit card information, addresses, full names, and a lot

more information you don’t want criminals to have. Most of these so called “phreaks” used to do

what they did because they were able to get free calls to anywhere in the world, something we
 Anderson 2

take for granted nowadays. “Phreaks” would also like to block calls on someone’s behalf,

sometimes even blocking 911 calls.

The first key point to bring up is why do people commit cybercrimes? Simple answer, they

are very profitable and can cause a lot of damage. It was estimated that in 2021 cybercrime

would cause $6 trillion in USD in damages (“Global Cybercrime Damages Predicted to Reach $6

Trillion Annually by 2021”) which comes from Cybercrime Magazine, a source that does their

own studies and is cited in most of the other articles I have read at some point. Most of the time

these damages are caused by a person stealing one’s personal information and pulling money out

of their bank account, or having it sent to them through gift cards or other means, but cybercrime

recently took the life of a German man when attackers put ransomware on the IT systems in a

major hospital in Dusseldorf (“German Hospital Hacked, Patient Taken to Another City Dies”),

which was reported by the Associated Press which is a news company founded in 1846 that

covers large news findings from all over the world.

The next key point is that not all cybercrime is bad, which sounds like an oxymoron. There

are 3 types of hackers, black hat, white hat, and grey hat, that each do different things. A black

hat hacker is one who has malicious intent and wants to break the law, steal information, and

cause damage. A white hat hacker is someone who gets paid to find flaws in an IT system, and

patch them so black hat hackers can’t get into it, they are also just called penetration testers or

pen testers. A grey hat hacker is someone who does good things, in a not so good way, such as

Anonymous the hacker group that on multiple occasions has seen that the government was doing

something wrong and leaked classified files, not legal, but also not bad for U.S. citizens.
 Anderson 3

The third key point is what can governments or law makers do about cybercrime? Limiting

internet access would be unconstitutional even if its for a good cause, like the Children’s Internet

Protection Act, that has been deemed unconstitutional on many accounts but is trying to protect

children. Laws have been in place since around the 80’s that could prevent cybercrime and could

actually bring hackers to justice, but now it is much harder. The Computer Fraud and Abuse Act

(CFAA) of 1986 is usually what is used for prosecuting criminals, the law prohibits accessing a

computer that you don’t have authorization to, but doesn’t even define what without

authorization means, so lawyers can manipulate it and twist it to get their client out of it. This

law also states that a computer that isn’t used in a voting system, Federal Elections, foreign

commerce, or used by the U.S. government isn’t a protected computer. Protected computers are

what this law is able to convict criminals of accessing, defrauding, or damaging. Internationally

the U.S. has the best laws put in place, and they were made 35 years ago, that’s a problem. Cyber

law is a very new area of law but is one that many governments are putting a lot of focus on

because it is such a big issue.

The last key point I want to bring up is all the different types of cybercrime and what they

all mean and the damage they can cause. The most common type of cybercrime by far is

phishing, or stealing personal information which is usually done by a fake website or by a spam

email, these kinds of attacks target older people, kids, or people who can’t see that it is fake.

Another type of attack is ransomware, which is when a hacker puts software on a device that

locks the device and all of its files until the owner of the device pays a sum of money that is

usually paid in bitcoin, these can target just about anyone and are very effective because once

you get it you can’t do anything other than wipe everything or pay. One type of attack called a

Distributed Denial Of Service or DDOS for short is not necessarily that bad with the wrong
 Anderson 4

target, but with the right target it can destroy a small business, a DDOS sends lots of data from

lots of different computers that can take an internet connection completely down.

One misconception is that hackers are easy to spot, and it should be easy to see when you

are getting conned, but it isn’t. One type of ‘hacking’ called social engineering caused multiple

major twitter accounts to be hacked, because a man pretended to carry lots of heavy stuff to his

office and people let him in to the building. Many people also assume that they have a strong

password, but most of the time this is false. Creating a strong password is difficult, and if you

don’t know what hackers look for it is even harder, symbols, capital letters, and randomness are

the best chance you have.

There are currently preventative laws put in place for cybercrime that serve to “prevent

cybercrime, or at the very least, mitigate the damage” (Cybercrime Module 3 Key Issues: The

Role of Cybercrime Law). The government could also set up their own net protections to try and

help the public, but this might not be too effective. A different solution could be to make laws on

what the minimum protections companies are allowed to use, many times it is a company’s fault

that stored passwords in plaintext or they had a leak. If there was a legal minimum for

protections it could help the cybercrime problem. This method would be hard to monitor and

would take a lot of resources to check.

 Anderson 5

Works Cited

Arifi, Dora, and Besa Arifi. “Cybercrime: A Challenge to Law Enforcement.” Cybercrime: A

Challenge to Law Enforcement, Sciendo, 1 Dec. 2020,

https://www.sciendo.com/article/10.2478/seeur-2020-0016.

“Global Cybercrime Damages Predicted to Reach $6 Trillion Annually by 2021.” Cybercrime

Magazine, 9 Nov. 2020, https://cybersecurityventures.com/annual-cybercrime-report-
2020/.

“German Hospital Hacked, Patient Taken to Another City Dies.” AP NEWS, Associated Press,
17 Sept. 2020, apnews.com/article/technology-hacking-europe-
cf8f8eee1adcec69bcc864f2c4308c94.

“18 U.S. Code § 1030 - Fraud and Related Activity in Connection with Computers.” Legal
Information Institute, Cornell Law School, www.law.cornell.edu/uscode/text/18/1030

Katharina.kiener-Manu. “Cybercrime Module 3 Key Issues: The Role of Cybercrime Law.”

Cybercrime Module 3 Key Issues: The Role of Cybercrime Law, Feb. 2019,
www.unodc.org/e4j/en/cybercrime/module-3/key-issues/the-role-of-cybercrime-law.html.