Professional Documents
Culture Documents
ESSAY 2:
Title:
The link between technology and crime did not begin with the development of
computers. With the emergence of the telegraph during the nineteenth century,
for computers, the main concern was given by the handling of information from the storage
and processing of personal data products of works of fiction, such as Orwell's 1984 (Herhalt,
2011).
Technology provides potent tools, but like with any instrument, they can be
hazardous if not handled with proper safety precautions. The difficulty of combating
cybersecurity because technology cannot prevent cybercrime on its own. (Sawyer, B. D., &
during the 70s from some resonant cases portrayed by the newspapers. The first computer
crimes were economic, among which computer espionage, software "piracy," sabotage of
digitized databases, and extortion stood out. Espionage was carried out by extracting hard
drives from computers (Schell, B.,2020), stealing diskettes or directly copying information
from devices, and absorbing electromagnetic emissions that radiate every computer to data
collection. About software piracy, the characteristic modality was the unauthorized copying
(Grabosky, P., Smith, R. G., Smith, R. G., & Dempsey, G., 2001). Finally, cases of sabotage
and computer extortion were the crimes that most concerned organizations due to the high
were cases of alteration of files of the databases of the companies and the balance sheets of
the banks for the manipulation of invoices of salary payments. Typical cases were carried
out by installing reading devices in the entrance doors of ATMs and false keyboards in them
to copy debit card data through the violation of magnetic stripes. This motivated, on the
part of the issuing companies, the adoption of chips, in plastics, as a security measure. "It
was precise during this time that the regulatory protection of European countries for
intangible goods such as electronic money began, a process initiated by the United States in
1978. The legal coverage of the databases of banking institutions and companies was
indispensable for business conduct, mainly against the theft of commercial information.
Criminology of Cybercrime
From a criminological point of view, there are two approaches to this new type of
criminal phenomenon; the first is that computer crimes are nothing more than conventional
crimes that take on new life from the use of computer devices and services and applications
on the Internet. The second perspective states that information and communication
technologies provide new tools for committing non-existent crimes, such as the distribution
of viruses or malicious programs through the network, attacks on websites, and software
piracy (Moore, R., 2014). The truth is that both approaches are valid. There are traditional
crimes that take on new forms from the intermediation of automated devices as well as new
criminal forms that would not be possible to commit if there were no software program or
digital files present, such as, for example, in the elaboration of malicious programs to harm
a web server to affect the operation of the page, or those to extract information from a
device -for example, spyware or spyware-, or alter or damage the operation of a device
through viruses, worms, and Trojans. (Carvajal, R. G. L., & Inlago, M., 2021)
Beyond the existing definitions of this type of behavior, the truth is that cybercrime
does not represent a specific type of crime; it is not part of complete or organized crime, nor
can they be considered crimes of white neck, according to the definition given by Edwin
Sutherland in 1929. In general, when we talk about computer crimes, we refer to those
indeterminable and illegal behaviors where a computer device intervenes to commit a crime
or as an end or object of it. In this sense, computer crimes are understood regarding the
place that technology occupies for the commission of the crime rather than the naturalized
criminal of the act itself. The computer conducts the wrongdoing, the crime of threatening
being the wrongdoing itself, when someone uses email to intimidate or attempt to blackmail
another person. In the second scenario, the computer dispositive serves as either the
instrument of the crime or the intended victim of the crime. This occurs when a person
compromise the computer's functionality. In the second scenario, the offender might be
Criminal Investigation
series of difficulties (Martini, B., & Choo, K. K. R.,2012). First, it should be noted that a
characteristic of computer crimes is the low rate of judicial complaints at a global level,
which consumes a sizeable hidden number of this type of conduct. Several factors explain
users are victims of these behaviors without taking cognizance of this situation,
as, for example, happens in the presence of a spy film or spyware installed in a
• On the other hand, users also have a path to an effective resolution in judicial
before the possibility of being affected their image and reputation and avoid
Another factor that makes the criminal investigation of crimes complex in which a
computer device intervenes is the fragility of the computer test; in these types of crimes,
the place of the event where the potential evidentiary elements are located is in a virtual
environment. That it is virtual does not imply that it has no actual existence. Still, digital
environments pretend to be representations of physical objects, for which the crime scene,
in addition to physical, is logical (Delaney et al., 2012). On the other hand, digital evidence is
flexible, as digital files can be deleted or altered very quickly (Freiling, F. C., & Schwittay, B.,
2007); it is volatile because the existence of certain digital information depends on electrical
energy and can be automatically lost when turning off or unplugging a device (Huang, A. Q.,
et al, 2010), it is easily concealable since it can be saved in external storage devices -such as
CDs, DVDs, pen drives, external hard drives, etc. (Ahlberg, M., 2005) folders are hidden,
foreign servers, and can be encoded, stored in special formats, inside other files or stored
with false names, among others. Finally, the computer test can be anonymous, while digital
files do not print the unique features of their users. On this last point, the absence of
responsible for the events. On the commercial Internet, the use of the most popular
services and applications of the network – Facebook, YouTube, WhatsApp, Twitter, and
Google – is free since the primary source of your income is advertising. In this sense, the
objective of the providers is not to identify the person behind the screen but to their tastes
and preferences (O'Connell, 2003). In this way, the Internet favors the construction of
preventive, detection, and correction measures aimed at protecting the computer resources
of an organization.
There is a figure by which the scope of this field is usually explained, the one that is
usually known as the CIA triad, in allusion to the initials of the English words Confidentiality,
Integrity, and Availability (Davies et al., 2017). Confidentiality, authenticity, and integrity are
three properties that possess the data and information stored, transmitted, or received on
computer devices. Confidentiality represents the guarantee that each message transmitted
by the networks can be read by its legitimate recipient, the authenticity to the legitimacy of
Threats of Cybersecurity
A cyber-attack can block some internal systems, interrupt the work of hundreds and
even thousands of professionals; leak confidential data and information; paralyze industry
production lines; interrupt power in cities or expose personal customer information and
The company victim of digital attacks has financial and credibility losses, which
With the emergence of the telework culture in 2020, corporate perimeters now
extend to employees' homes. This makes it more difficult for security professionals to survey
the internal network through traditional access controls and perimeter monitoring, such as
firewalls and intrusion detection systems (Sundström, F., Ekfors Elvin, A., & von Heland, W.,
2021). Additionally, 84% of IT leaders predict that telecommuting will be more widely and
permanently adopted post-pandemic, making this challenge continue into 2021 and
IT teams will need effective endpoint management solutions such as mobile device
management (MDM) and secure access service edge (SASE) tools to combat these risks.
These solutions allow for better visibility and control of data, including in third-party
applications such as Zoom, Slack, and Office 365 (Attaran, M., & Woods, J., 2018). This
approach will also extend to traditional security instruments by ensuring that tools such as
anti-malware are in place, patches are up-to-date, and secure configurations are in place.
With the successful breach of SolarWinds and later its 300+ customer base and many
other third-party breaches in the past, more companies are paying attention to their third-
party risk management programs. This indicates an increase in threat actors' sophistication,
complexity, and persistence. (Hiller, J. S., Kisska-Schulze, K., & Shackelford, S., 2022)
Corporate mergers and acquisitions (M&A) and license management functions need
to be more aligned with governance, risk, and compliance teams to prevent a similar breach
from affecting their networks. A crucial step is to conduct a thorough security audit of all
third-party vendors (Tanriverdi, H., Roumani, Y., & Nwankpa, J., 2019). This intra-
organizational collaboration will also better prepare organizations for the amplified
compliance rules of the future, which will provide a baseline for third-party risk
According to the FBI, ransomware attacks grew in 2020, with a 300% increase by
April and a sevenfold increase by mid-year. Such attacks are likely to remain one of the top
threats in 2021.
One reason is that more companies are purchasing ransomware insurance. This fact
has not gone unnoticed by cybercriminals. Since companies have insurance, they will be
willing to pay the ransom for quick data decryption instead of fighting the threat. As a result,
strengthens security hygiene. This includes tactics such as timely patching, enforcing least-
In 2020, the volume and complexity of email phishing attacks followed an increasing
trend. Cybercriminals use phishing to distribute malware, steal credentials and extract
money from users. Studies have found that users were three times more likely to click on a
phishing link and give their credentials at the start of the pandemic. In addition, in a survey
conducted in mid-2020, 38% of respondents said that a co-worker had been the victim of a
While 2020 hasn't introduced any fundamental changes to phishing, threat actors
have adjusted tactics to leverage other words throughout the year, keeping pace with
people's interest in new topics. For example, keywords like "pandemic" and "Covid" were on
the rise in the first few months of the year, and as "vaccinations" and "emergency aid"
appeared as relief options, attackers added these emotionally charged words to the
phishing vocabulary.
combining the right tools and adequately educated personnel will reduce your chances of
• Establish a robust security awareness program for employees to serve as the last line
• Consider running mock phishing tests in your organization so employees know what
Protection Of Data
RFID stands for Radio Frequency Identification, which is usually called "Radio
Frequency Identification" in Spanish. This technology is based on using a small chip attached
to a product, which allows its tracking and location. Although this technology suggests
postmodern origins, the reality denotes that it is not so novel. For example, since the forties,
the US military has used this system during World War II for the remote reconnaissance of
However, at present, this technology has gained the interest of the industry, which
relies on it as a means to optimize the traceability of all goods throughout the distribution
chain because of the advances in miniaturization and the reduction of the costs of the
manufacture of chips open up great possibilities today, from its use in the recycling process -
to facilitate the task of selection and separation of materials- to the control of the
organizations, companies, and companies have begun to use the technology through
different Applications. Although the pioneers have been the companies of transport of
Conclusions
illegal acts, international cooperation in this regard, and the reform of procedural codes for
the admissibility of electronic evidence in the context of a court case, the criminal solution is
insufficient for the design of a public policy for the network. Therefore, forming a
comprehensive cybercrime plans and policies is vital. The rules produced due to these
studies and the collection of statistical data on new sorts of criminal behavior must be
recommendations for future courses of action, it must also provide legislative proposals for
the sector's regulation, offer assistance and guidance to organizations that request it, and
Engineer, 3(3), 25-27.
Attaran, M., & Woods, J. (2018). Cloud Computing Technology: A Viable Option for Small
Brewer, R., de Vel-Palumbo, M., Hutchings, A., Holt, T., Goldsmith, A., & Maimon, D. (2019).
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/
246749/horr75-summary.pdf
SCIENCES, 3(2).
Davies, K., and Patel, P.P. (2017). Cybercrime in the society: problems and preventions.
Delaney, P.M. (2012). How the smartphone, constant connectivity with the Internet, and
social networks act as catalysts for juror misconduct. St. Thomas Law Review, 24(3),
473-480.
Freiling, F. C., & Schwittay, B. (2007). A common process model for incident response and
Herhalt, J. (2011). Cyber-crime-A growing challenge for governments, KPMG Issues Monitor,
https://www.kpmg.com/Global/en/IssuesAndInsights/ArticlesPublications/
Hiller, J. S., Kisska-Schulze, K., & Shackelford, S. (2022). Strategies for Boosting
Huang, A. Q., Crow, M. L., Heydt, G. T., Zheng, J. P., & Dale, S. J. (2010). The future
renewable electric energy delivery and management (FREEDM) system: the energy
Landaluce, H., Arjona, L., Perallos, A., Falcone, F., Angulo, I., & Muralter, F. (2020). A review
of IoT sensing applications and challenges using RFID and wireless sensor networks.
Martini, B., & Choo, K. K. R. (2012). An integrated conceptual digital forensic framework for
Singer, P. W., & Friedman, A. (2014). Cybersecurity: What everyone needs to know. oup usa.
Sundström, F., Ekfors Elvin, A., & von Heland, W. (2021). Understanding the Effects of Cyber