Computer and Internet

crimes

Facilitated by Mary Komunte

 Chapter 3 - Objectives
1. Discuss key trade-offs and ethical issues associated with
safeguarding of data and information systems.
2. Identify reasons for the increase in the number of Internet-
related security incidents.
3. Describe the most common types of computer security
attacks.
4. Outline the characteristics of common perpetrators including
their objectives, available resources, willingness to accept risk,
and frequency of attack.
5. Describe a multi-level process for managing Internet
vulnerabilities based on the concept of reasonable assurance.
6. Outline the actions that must be taken in response to a
security incident.
 Computer Abuse
• The unauthorized use of, or access to, a
computer for purposes contrary to the wishes
of the owner of the computer or the data
held thereon.

• Computer abuse means wrongful use of

computers and peripherals.

• Computer abuse may not necessarily lead to

a breakdown of the computer system.
 Moonlighting
• Using the company’s computer
facilities to do other personal work
especially after the office hours.
 Surfing during company time
• This is using the company Internet
facilities to surf and send personal
emails during the company time
 Playing Games
• Using the computer facilities during the
company hours to play games such as
Pachisi, Solitaire, Free cell etc.
• Viewing the computer files, facilities, and
the internet during lecture time and
constantly disturbing the lecturer when the
lecture is going on, especially BIST
students.
 Wrongful shutting down of Computers
• This is whereby a computer user turns off
the computer without shutting it down.
 Hitting the Computer
• Whereby a lot of force is used on the
computer, for example on the keyboard.
This can also include intentional hitting
of the computer.
 Spreading viruses
• Transferring viruses from one computer
to another using storage devices like
memory sticks and floppy disks.
 Downloading infected Files
• Downloading file attachments that are
infected with viruses from the Internet
• Harassment through e-mails
• Hacking into your schools database to
change your examinations and many
others.
 Computer Crime
• Computer crime is any criminal offense, activity
or issue that involves computers.
– Computer crime tends to fall into two categories:
• Computer is used to commit a crime
• Computer itself is a target of a crime. Computer
is the victim.
 Types of Computer Attacks
• Types of Computer Attacks:
– Penetration Attack Type -involves breaking into a system
using known security vulnerabilities to gain access to any
cyberspace resource –
• There is steady growth of these attacks – see the CERT Report below.
• Denial of Service Attacks – they affect the system
through diminishing the system’s ability to function;
hence, they are capable of bringing a system down
without destroying its resources
 Motives of Attacks
– Vendetta/Revenge
– Joke/Hoax/Prank
– The Hacker's Ethics - This is a collection of motives that make up
the hacker character
– Terrorism
– Political and Military Espionage
– Business ( Competition) Espionage
– Hate (national origin, gender, and race)
– Personal gain/Fame/Fun/Notoriety
– Ignorance
 Classification of Perpetrators of
Computer Crime
Type of Objective Resources available to Level of risk Frequency of
perpetrator perpetrator taking Attack
acceptable to
perpetrator

Hacker Test limits of system, gain publicity Limited Minimal High

Cracker Cause problems, steal data, corrupt Limited Moderate Medium

systems

Insider Financial gain or disrupt company’s Knowledge of systems Moderate Low

information systems and passwords

Industrial spy Capture trade secrets or gain Well funded, well trained Minimal Low
competitive advantage

Cybercriminal Financial gain Well funded, well trained Moderate Low

Cyberterrorist Cause destruction to key Not necessarily well Very high Low
infrastructure components funded nor well trained

See: Three Blind Phreaks

 Hacker
Hackers are individuals who attempt to gain
access to computer systems illegally

• Supplies for the Hacker

– PC
– Communications network
• Why hack?
– Harass
– Show-off
– curiosity
– Gain access to computer services without paying
– Obtain information to sell
 Hacker
• A hacker is an individual who tests the
limitations of systems out of intellectual
curiosity.
• Unfortunately, much of what hackers
(and crackers) do is illegal.
– Breaking into networks and systems.
– Defacing web pages.
– Crashing computers.
– Spreading harmful programs or hate messages.
 Hacker
• Crackers are hackers who break code.
• Malicious insiders are a security
concern for companies. Insiders may
be employees, consultants, or
contractors. They have knowledge of
internal systems and know where the
weak points are.
 Forms of Computer Criminals
• Malicious insiders are the number one security
concern for companies.
• Industrial spies use illegal means to obtain trade
secrets from the competitors of firms for which they
are hired.
• Cybercriminals are criminals who hack into computers
and steal money.
• Cyber terrorists are people who intimidate or coerce a
government to advance their political or social
objectives by launching attacks against computers and
networks.
 Legal Overview
• Fraud is obtaining title to property through
deception or trickery.
• To prove fraud four elements must be shown:
– The wrongdoer made a false representation of the
material fact.
– The wrongdoer intended to deceive the innocent
party.
– The innocent party justifiably relied on the
misrepresentation.
– The innocent party was injured.
Characteristics of Computer Crimes
• Geographic dislocation of offender
• Invisibility/Anonymity of offender
• Lack of victim awareness
• Unwillingness to report
• Intangibility of digital goods, evidence,
value e.g. downloadable music and films,
e-books and others.
PREVENTION OF THE COMPUTER CRIME
• education of each computer user on the
dangers of the computer crimes, especially
the young generation which are the most
numerous users.
• Through this education each individual user
will learn how to protect himself from cyber
intruders or computer viruses before injuries
happen.
PREVENTION OF THE COMPUTER
CRIME…
• Administering of the information systems by
trained personnel.
• When choosing administrators who will take care
of the security of the information systems special
attention should be paid to their proper
education and experience,
• so that they are one step ahead of the computer
criminals and so that they apply proper
protection of the systems they control,
according to regulations.
 PREVENTION OF THE COMPUTER CRIME…

• Passing of laws;
• Having in mind the dangers of the computer
crime the state should pass proper sanctions
against perpetrators of such crime that will
impose serious threat to many potential hackers
who will not run the risk of entering into
protected systems
Prevention of the computer crime
• Install a corporate firewall.
• Install anti-virus software on personal computers.
• Implement safeguards against attacks by malicious insiders.
• Address the ten most critical Internet security threats (10 each
in Windows and UNIX): Top Twenty List
• Verify backup processes for critical software and databases.
• Conduct periodic IT security audits.
• See: Tourbus Virus Solution or locally
• MS Patch for IE—CNET News. Implications of changes, speed
of reaction
 Detection of computer crime…
• injured party reports damage
• One of the most frequent ways to discover any
crime is receiving a report about it by the injured
party.
• This is true for computer crimes too. In this
sense an injured party can be both physical and
legal subjects, state organs and institutions.
 Detection of computer crime…
• administrators of information systems find out
• Investigators of this type of crime sometimes use the
original application program and sometimes use special
software for analysis and tools for investigation e.g.
GFI Lan guard & GFI web monitor.
• Investigators have found ways to collect traces from a
remote computer which is out of their physical reach
through telephone line or network connection.
• Moreover it is possible to follow the work of the
computer network using the Internet.
 Detection of computer crime…
computer Forensic :
Computer investigation is the science of locating; extracting,
analyzing and protecting specific data from computers and
digital storage media, which can be interpreted to serve as
legal evidence in courts of law.

• No matter how much people are careful when stealing

electronic information they leave behind traces of their
activities. Also when perpetrators try to destroy the evidence
(proof) in the computer they leave traces behind. In both
cases the traces are;
• detectible and can be presented before the court.
 Detection of Computer Crime…
• Computer forensic specialists should be able to run
complex evidence recovery procedures with ability
and expertise that will support the credibility of the
expert witnessing in question.
- Copying of data
- Search of evidence in electronic mail and other
internet communication
- Recalling of data
- Browsing of documents and other data
- Filing and presenting of computer traces
 Detection
• Intrusion detection systems monitor system and
network resources and activities and, using
information gathered from theses sources, they
notify authorities when they identify a possible
intrusion.
• Honeypot is a computer on your network that
contains no data or applications critical to the
company but has enough interesting data to lure
intruders so that they can be observed in action.
 Response
• Incident notification is the plan and process
used to notify company individuals when a
computer attack has happened. In addition,
your company should be prepared to:
– Protect evidence and activity logs
– Incident containment
– Incident eradication
– Incident follow-up
 Computer/Cybercrime in Africa
• Cyber threats are a big issue in Africa.
It is estimated that up to 80% of all
computers in Africa are infected,
compared to 30% in Europe.
Causes for growth of Cybercrime in Africa…

• African countries have been criticized for dealing

inadequately with cybercrime as their law enforcement
agencies are inadequately equipped in terms of
personnel, intelligence and infrastructure, and the
private sector is also lagging behind in curbing
cybercrime.
• African countries are pre-occupied with attending to
pressing issues such as poverty, the Aids crisis, the fuel
crisis, political instability, ethnic instability and traditional
crimes such as murder, rape and theft, with the result
that the fight against cybercrime is lagging behind.
Causes for growth of Cybercrime in Africa
• According to computer security experts, a lot of cyber crime
emanates from the African continent, and these threats spread
easily because many computer systems are not properly
protected.
• The fight against cybercrime requires a cohesive and
coordinated approach, but in Africa, poverty and
underdevelopment are the major causes for growth of
cybercrime in the region.
• The popularity of social networks that is sweeping across the
continent and the availability of affordable Internet enabled
mobile devices coupled with the rise in e-commerce are
fuelling the increase in threats to business security in Africa.
Causes for growth of Cybercrime in Africa
• Lack of proper security defenses could expose
infrastructures to concrete risks of attacks with
serious impact.
• Computer-generated security organizations in
Africa still lack adequate staff that work to
develop local IT security expertise, as well as
offer real-time online threat intelligence services
to the public and private sectors.
 Causes for the growth of Cybercrime in Africa
• Its not difficult to understand why computers in
Africa are so vulnerable to hacking. According to a
World Bank survey, almost 80 percent of the
population lacks even basic knowledge of
computers.
• Internet cafes, though widespread, are unable to
afford antivirus software, making them easy targets
for hackers and botnet operators. , most African
countries have no legal regulations in place to stop or
prosecute online crime, thus providing a safe haven
for cybercriminals.
Causes for growth of Cybercrime in Africa
• More unemployment
The latest employment statistics show that
unemployment is up and increasing. More people
without work quite simply means more soft
targets for syndicates.
 Causes for growth of cybercrime in Africa…
• The potential for internet abuse in Africa is also high.
This is due to the lack of security awareness
programmes or specialized training for the law
enforcement agencies.
• Lack of legal framework and the existence of weak
infrastructures for dealing with cybercrime
• Many watchers are warning that Africa is becoming a
major source of cyber-crimes; for example, Nigeria is
ranked as the leading State in the region as the target
and source of malicious internet activities; and this is
spreading across the west African sub-region
 Fighting Cybercrime in Africa…
• African countries are keen to address the issue because
not only does it hurt their economies directly, it also has
the potential to compromise their standing as a foreign
investment target.
• Several countries that already have specific cyber crime
and security legislation or are in the process of shaping
it, including Nigeria, South Africa, Ghana, Kenya,
Uganda, Cameroon, Botswana and Zambia.
• Cybercafés, an important part of the African internet
landscape, are encouraged to implement security
procedures to reduce fraud.
 Fighting Cybercrime in Africa
• The involvement of top level government officials,
policy makers and implementation groups must be
highlighted at all levels of discussion and coupled
with cross-border collaboration, is a justifiable route
for success in fighting cybercrime.
• It is submitted that international mutual legal and
technical assistance should be rendered to African
countries by corporate and individual entities to
effectively combat cybercrime in Africa.
 Fighting Cybercrime in Africa…
• Computer ethics education should also be taught to
children in schools to educate them about the negative
consequences of committing cybercrime.
• The possibility exists that new forms of cybercrime will
emerge with evolving technology. New cyber laws should
therefore be introduced to respond to these rapid changes.
• There should also be continuous research and training of
IT security personnel, finance services sector personnel,
police officers, prosecutors and the judiciary to keep them
abreast of advancing computer technology.
 Fighting Cybercrime in Africa…
• A need also arises for the introduction of more
specialized prosecutors and specialized procedures to
facilitate the prosecution of cybercrime cases on a
priority basis.
• Internet users should also be encouraged to share the
burden of securing informational privacy where feasible.
• At the end of the day, a balanced approach that considers
the protection of fundamental human rights and the need
for the effective prosecution of cybercrimes is the way
forward.
 Fighting Cybercrime in Africa…
• The efforts of professional organizations such as the
International Criminal Police Organization (Interpol) are
necessary to combat cybercrime.
• Actually Interpol has provided technical guidance in
cybercrime detection, investigation and evidence
collection.
• The role of multi-national organizations such as the
Commonwealth of Nations, the Group of 8 (the G8) and
the Organization for Economic Co-operation and
Development (the OECD) is important because their
work encompasses a broader territorial environment.
 Efforts in Fighting Cybercrime in East Africa
• East African countries have scaled up efforts to combat cyber
crimes through a multi-stakeholder approach involving the
government, industry and civil society organizations.
• A cyber security management task force chaired by Kenya has
been coordinating activities aimed at rooting out cyber crimes in
the five East African Community member countries.
• This taskforce deals with cyber security at legal, policy and
regulatory levels.
• A plan for the five East African states of Uganda, Kenya,
Tanzania, Rwanda and Burundi to set up Computer Emergency
Response Teams (CERTs) to fight cybercrime is under way, as
countries concerned seek to involve the International
Telecommunications Union's (ITU) help.
Efforts In Fighting Cybercrime In East Africa…
• The East African Communications Organizations
(EACO) Congress, an umbrella body of all five
regulators, will pursue ITU support for the
establishment of the national CERTs.
• The five regulators will also establish a
collaborative framework for the national CERTs
at regional and international levels.
• EACO will work to establish and harmonize
Internet security policies and Internet laws in the
East African region.
 Computer crime and the law in Uganda

• The Parliament of Uganda on Thursday, 7th

October, 2010 passed into law two cyber bills that
present a basis for the long overdue legal
regulations for security of electronic transactions.
• This follows the increasing business done online
in the country and world over every day. As
Government embraces the use of ICT in delivery
of its services, it is envisaged that more citizens
and business targeted services will move online
for easier access and efficiency.
 The Ugandan Cyber Bills

1. Electronic Signatures Bill

• Electronic Signatures Bill makes provision for and regulates the
use of electronic signatures and provide for other related matters.
• The Bill makes provision for the use of electronic signatures in
order to ensure that transactions are carried out in a secure
environment.
• It establishes a public key infrastructure for authenticity and
security of documents.
• Recognizes the different signature creating technologies and
provides effective administrative structures e.g. establishment of
Certification Authorities
 The Ugandan cyber bills…

2. Electronic Transactions Bill

• The Bill creates a light handed regulatory regime for electronic
transactions.
• It facilitates the development of e-commerce in Uganda by broadly
removing existing legal impediments that may prevent a person from
transacting electronically because of a gap in the traditional laws.
• It makes provision for functional equivalence, thus paper transactions and
electronic transactions are treated equally before the law. Establishes rules
that validate and recognizes contracts formed through electronic means
• Sets default rules for contract formation and governance of electronic
contract performance
• Defines the characteristics of a valid electronic writing and an original
document
• Supports the admission of computer evidence in courts and arbitration
proceedings
 The Ugandan Cyber Bills…

3. The Computer Misuse Bill

• The computer misuse bill will make provision for the safety
and security of electronic transactions and information systems.
• The Bill takes cognizance of the fact that all computer
operations are susceptible to computer crimes and our current
legal system does not recognize computer crimes thus the
importance of a legislation to provide for computer crimes.
• It creates several computer misuse offences. e.g. unauthorized
modification of computer material. The bill lays down
mechanisms for investigation and prosecution of the offences
Thank You