E-Crime: A New Challenge to Policing Outcome
Posted On February 6, 2016 by Anish S filed under Miscellaneous
Dr. Raees A. Khan & Dr. Sanjay M. Tarede, IPS
No area of criminal activity is more on the cutting edge or has greater global implications than crime involving technology and computers. Electronic crime is merely a case of the ‘same old wine in new bottles’, which presents as a new form of business that will require a fundamental paradigm shift in policing. This article briefly describes the nature of the e-crime problems. Authors made a significant contribution in highlighting the strategic challenges posed by e-crime and the related response issues. An effort has been made to identify some of the tools of e-crime. The emerging science of forensic computing or computer forensics along with the forensic challenges of e-crime has been discussed then after. At last, it has been revealed that while information technology adoption had substantial effects on a wide range of police organizational practices, it had, by itself, a negligible impact on crime-fighting effectiveness.
There are two critical challenges to society in respect of information. The first relates to the ability to devise new legal, economic and social arrangements that will ensure both the creation and the effective and profitable utilization of new information and technology. The second challenges a liberal society to protect its basic political and human values from unwise applications, withdrawals or restrictions of that new knowledge. Digitalization creates risks and challenges for legal, technical and social structures. The technical capability to store, manipulate, and transmit all types of data at high speeds across global digital networks has become common place in academic, business and social environments. Alongside the exciting opportunities of the ‘information age’, there is a growing awareness of the serious risks and challenges posed by these digital developments. A fundamental cause of many of these risks is the large numbers of ways that individuals and/or groups can utilize these technologies to engage in inappropriate, criminal, or other illegal behavior.
It is very difficult to define the set of characteristics of criminals who commit online crime. In old days, technology criminals took pleasure in writing software exploits and releasing them so that they could brag about the subsequent outcomes of their destructive viruses. While in recent years, the scenario has completely been changed, as well-organized. Hierarchical criminal syndicates have realized that there is substantial money to be made by perpetrating a variety of e-commerce-targeted criminal activity1.
In the emerging electronic world there is a similar need to minimize the opportunities for criminals. However, most people have no practical basis upon which to judge risk in the digital world. Business managers lack an understanding of the value of their intangible assets. They fail to understand what is attractive to criminals, what can happen when criminals do gain access and the consequences to their business and society at large. As a result people exaggerate some risks, and seriously under-estimate others. The impact of crime in the digital world (usually causing no obvious material damage) is also often seen as less personal than crime in the real world. This makes it even harder to get people to understand the real risks in the digital world.
Organizations are increasingly suffering attacks on their information systems from both inside and outside, resulting in financial loss, damage and loss of business. Growth in availability and use of on-line services is inhibited by lack of confidence in the perceived safety of such services, often fuelled by ill-informed publicity. There is a danger that only technical or legislative solutions are considered in addressing these concerns but holistic approaches are needed to reduce opportunities for e-crime and establish confidence in the Internet. To be successful, such approaches need aggressive programmes to address both the perception and the reality of e-crime in different communities.
It was recently reported that cybercrime costs companies $1.6 trillion each year worldwide and that an Internet crime happens every 20 seconds12. E-crime presents as one of the major challenges of the future to Indian law enforcement. As Information and Communications Technology becomes even more pervasive, aspects of electronic crime will feature in all forms of criminal behavior, even those matters currently regarded as ‘traditional’ offences. It will also feature in many transnational crimes involving drug trafficking, people smuggling and money laundering. E-crime will present police with a range of challenges, including forensic issues2.
No doubt, India has been avid in its uptake of technology and is among the leading nations in terms of key measures of Internet infrastructure, penetration and activity. This rapid increase in the use of computer technology has facilitated India’s participation in the emerging Information Economy. At the same time one can not deny in the increase of its exposure to electronic crime issues. Information technology is becoming more and more pervasive in our society. The use of the internet will continue to evolve and grow in many areas including electronic commerce, online banking, drug stores with prescription services, health care services and records; and education. E-crime includes Fraud, Cyberstalking, Paedophilia, Hacking and unlawful intrusion, Drug trafficking and Money Laundering, and Extortion and Terrorism Committed by Extremist Groups.
Fraud - old crime new methodology - credit card fraud, counterfeit cards and their production, secret commissions, false accounting, loan scams, Internet auctions.
Cyberstalking - including electronic harassment through e-mail or other messaging - on the increase as offenders are seeking anonymity and faceless nature of the Internet to cause maximum distress.
Paedophilia - is growing at an alarming rate. Contact to the unsuspecting through Internet chat rooms and newsgroups.
Hacking and unlawful intrusion - new hacking technology available through newsgroups and Internet web sites - hackers effect entry into personal computers, business, industry and public utility computers to manipulate data and cause interference.
Drug trafficking and Money Laundering - on-line communications have enabled some criminals to send encrypted messages relating to supply, manufacture and distribution of drugs. Money laundering is greatly facilitated by the online environment.
Extortion and Terrorism Committed by Extremist Groups - Electronic systems used by extremists and terrorist groups using unlawful and violent methods to generate attention.
Fraud, including forgery and false pretences, has already been found to be the most expensive crime. Identity theft, in particular, which can facilitate a range of fraud offences, seems to be a growing concern. Office of Strategic Crime Assessments (OSCA) stated in a recent report on the changing nature of fraud in Australia (2000, p.10):
Technology has weakened the integrity of many identifiers currently in use – birth certificates can be reproduced using desktop publishing software; counterfeit passports and counterfeit smartcards can be purchased over the Internet. Easier access to these false identifiers facilitates a range of fraudulent behavior, including tax evasion, immigration malpractice, fraudulent claims against social security and health insurance companies. It also assists in hiding the proceeds of frauds.
The computer has become an integral part of our way of life. However, as our dependency on information technology increases, so too does our vulnerability. It is a famous proverb that ‘Prevention is better than Cur’. As in today’s criminal justice system, much more attention is needed to secure the system before something happened bad to the information system. With increasing globalization, extended enterprises, ‘e-motivated’ consumers, and the ubiquitous technologies that make it all possible, the need for information security is taking on greater urgency than ever before3. There were nearly 15,220 vulnerabilities reported between 2000 and 2004, including the major ones as under:
- The distributed denial of service attacks on Yahoo, eBay and other major Internet players;
- The ‘Love Bug’ virus (or ILOVEYOU worm);
- The reported denial of service attacks on the St George Bank in September4;
- The recent hacking of Microsoft where an attacker apparently gained access to the source code for a future product5;
- The large scale theft of over a million credit card details from various US e-commerce sites by Russian and Ukrainian crime gangs6;
- Attacks on government websites in the US, UK and Australia by Pentaguard in January 2001, said to be one of the largest most systematic defacements of worldwide government servers on the www7; and
- The largest identity theft case in Internet history involving 200 of the 400 richest people in America listed in Forbes magazine, which was recently discovered in the US8.
E-CRIME PROBLEM: IT’S NATURE
It was believed a few years ago that only several thousand people in the US had the capabilities to launch a cyber-attack. Today, it is estimated that there are 17 million such people in the US alone10. Computer criminals vary widely in skills, knowledge, resources, authority and motives which include greed and need to solve personal problems. As Grabosky states, none of these motivations are really new. An element of novelty does reside however in the unprecedented capacity of technology to facilitate acting on these motivations3.
The abuse of computer technology may threaten national security and public safety; and devastate the lives of affected individuals. It is well accepted that the traditional offending has been greatly facilitated by technology advancements such as mobile telephony and the Internet and encryption. The development of electronic media played an important role in new criminal opportunities or new crimes. Denial of service attacks, viruses, unauthorized entry, information tampering, cyberstalking, spamming, page-jacking, dumping or phone-napping, and computer damage are relatively new types of offending or undesirable behavior that did not exist in the pre-computing environment3.
CHALLENGES AND ISSUES
It is evident from the foregoing discussion that the nature and particular features of electronic crime is quite different from the traditional crime, which poses new and unique challenges for investigators. Policing is certainly facing a formidable challenge in the area of electronic crime because of:
- Multijurisdictional boundaries
- Evidence preservation
- Encryption decoding
- Identity prove
- Evidence search
- Investigation cost and priorities
- Real life crime response
- Strategic partnership and alliances development
- Methodology of reporting electronic crime
Several easily accessible tools are downloadable that are often available free on internet. Criminals can get much more assistance in obtaining the tools of crime by simply downloading easily accessible tools. There are said to be some 30,000 websites that post hacker codes, which can be downloaded to break passwords, crash systems and steal data11. Moreover, one study recently found that of 3 million sites tested world-wide, about 80% displayed a vulnerability that could be exploited by tools readily available on the Internet12. Several E-crime tools are available freely on internet including the followings13:
Anonymous re-mailers: This tool is being used by criminals to mask their identities by simply replacing the original source address of the sender with the address of the anonymous re-mailer.
Sniffers: This is an internet packet filter that allows criminals to intercept network traffic.
Nukers: This tool is used by criminals to destroy system log trails.
Password crackers: This tool allows criminals to ‘break’ encrypted password files stolen from a victim's network server.
Scanners: This is an automated tool that helps criminals to identify services running on network machines that might be exploited.
Spoofers: E-crime tool that allows criminals to masquerade as other users.
Steganography: This tool is based on the method of encrypting and hiding data in graphics or audio files. This e-crime tool is being used by criminals to spy, steal, or traffic in information via electronic dead drops.
Trojan programs: It is nothing but a legitimate program altered by the injection of unauthorized code into that program causing it to perform unknown (and hidden) functions to the legitimate user/system owner. Criminals use them to create undocumented ‘backdoors’ into network systems.
Computer forensics is an emerging discipline that focuses on the gathering of evidence from computers and computer networks. It is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable14 or the application of computer science to the investigative legal processes15. The evidence from computers may consist of actual files or the traces of a user's activities that are left in the activity logs of operating systems, browsers, databases, web proxies, or network firewalls, etc. All the evidences gathering must proceed in a manner that ensures that the evidence is admissible in a court of law, and can be documented and presented in an intelligible manner.
Specialists draw on an array of methods for discovering data that resides in a computer system or recovering deleted, encrypted or damaged file information16. The process involves the application of information technology to the search for digital evidence, and comprises three primary activities including media and electronic device analysis which examines various types of storage media, data communication analysis encompassing two main activities of network intrusion and data interception, and research and development.
Computer Forensics is not a data recovery. It is not something that can be done with software alone or that can be performed by anyone other than a trained and certified digital forensic practitioner. It is estimated that over 85% of all crimes committed today leave a trail of digital evidence. While computer crime is the most obvious example of where forensic computing is required, any kind of crime may contain digital evidence, from a variety of electronic devices, that needs to be examined e.g. email between victim and suspect in a sexual assault case, electronic spreadsheets with financial implications in a fraud or drug case, or a victim’s email, calendar or to-do list in a murder case.
Computer Forensics as an emerging science finds its roots as a discipline developed by U.S. federal law enforcement agents during the mid to late 1980’s. Being a fast developing area, there are a number of factors impacting on future directions including the reducing cost of technology and Internet, rapidly increasing storage capacity, rapidly expanding bandwidth, enhanced awareness amongst offenders of the nature of electronic evidence and increasing use of techniques to hide evidence, such as encryption, digital compression, steganography, remote storage, and audit disabling etc, increasing technical complexity; and increased computer literacy within the general community. Such factors indicate that a well developed forensic computing capability will be essential as information technology becomes more pervasive and complex. This is a particularly challenging area as it is said that the field of computer technology changes completely every 18 months17.
Many past studies of information technology have focused on manufacturing industries with intuitive output measures such as productivity and profits. Although some authors have argued that a primary role of information technology in police organizations is to improve police problem solving18, there is little empirical evidence connecting information technology use to improved enforcement.
It is evident from the literature that there is a great demand of partnership policing which leads to a proactive, problem-oriented response to crime and community safety. It relies on evidence – research on best practice – to determine the most appropriate and effective responses. The emphasis on analysis of trends and performance enables earlier intervention and prevention of crime. Henceforth, more proactive and targeted policing enhances the efficiency and effectiveness of police, which intern results in the community being better protected. An intelligent policing therefore requires a significantly enhanced forensic capacity.
No doubt, development in forensic science and technology has done a significant contribution in the ‘solvability’ of not just serious, but also high volume crimes such as residential burglary. They also allow the early identification of offenders and the prevention of further crimes. Literature reveals that nearly 40% of crimes will be solved using forensic technology. One of the burning examples is DNA technology that has already proven to be a vital investigative tool for police. This was one of the most significant investigative breakthroughs since fingerprints were introduced a century ago9.
A very relevant and important example to reveal how technology and partnerships can be interlinked is the national database system ‘CrimTrac’, which is helping to revolutionize policing in Australia. This system breaks down state and international borders to assist criminal investigations and provides police with the latest technology to solve crimes across jurisdictional borders9.
The ability to identify problems, analyze relevant data and develop practical solutions, using knowledge management systems in real time and information networks with other agencies. Turning data into a better understanding of the nature of crime and controlling them are some of the crucial challenges in the arena. To meet the challenges, there is a need of new body of knowledge and skills, completely new ways of thinking and acting and relating to the environment.
The specialist criminal investigation capability must be reorganized and resourced - at organizational, national and international levels, to effectively meet the new challenges posed by e-crime and terrorism.
The conventional separation of the institution of policing from the institution of higher learning and research (the university) is still pretty much widespread even today9. It is a matter of serious concern why policing and research have generally had an unhappy co-existence. An increasing number of researchers and professionals including Professor Lawrence Sherman in the United States, Gloria Laycock in London, and Professor Barry McDonald of East Anglia University, have reflected on this unhappy relationship and put forth some idea on how it might be turned round9.
Professor Barry McDonald wrote for the British Police Foundation, in an unpublished paper some years ago. Some of the dialogs are listed as under2:
- Academician: Why do the police ignore research findings?
- Police-Personal: Why don't researchers produce useable knowledge?
- Academician: Why do the police always reject any study that is critical of what they do?
- Police-Personal: Why do researchers always show the police in a bad light?
- Academician: Why don't police officers even read research reports?
- Police-Personal: Why can't researchers write in plain English?
- Academician: Why are the police so bloody defensive?
- Police-Personal: Why are researchers so bloody virtuous?
- Academician: Why are the police unwilling to examine their own organisational performance?
- Police-Personal: Why are researchers unwilling to produce information that a practical person can use to change a limited aspect of the world, but instead produce highly theoretical and abstract structures of no use to the problem-solver?
- Academician: Why do the police insist that they know better, when we are the experts in knowledge construction?
- Police-Personal: Why do researchers write recipes when they can't even cook?
Policing will need to be very selective about the range of e-crime incidents that it responds to and must carefully determine assessment and prioritization models, as there will never be complete policing of all e-crimes. There is currently a lack of knowledge and understanding of e-crime by front-line officers that needs to be addressed. This is due to a traditional geographical focus on fighting crime which doesn't translate to e-crime because of its global nature. Moreover, the costs of investigation will be high and there will be a need to respond in a much shorter time frame, increasing pressure on already stretched resources.
It is required to set up a central e-crime unit to act as a single point to collect and collate e-crime reports, share intelligence, co-ordinate e-crime responses and centralise standards. One victim may go to one local police station, but there may be 10,000 victims around the country. All of the notifications may be taken and decided whether to take any preventative action. Possibility may be explored for all the intelligence and decided whether to investigate. The problem with the current lack of co-ordination is that many thousands of victims may have been affected by e-crime, but are reluctant to involve the police because of its seemingly petty nature.
It is an ongoing and never ending battle to stay up with the criminals, particularly organized crime, which has access to virtually unlimited resources. New challenges require new skills and knowledge. In relation to training, much more needs to be done to ensure that all law enforcement personnel have a basic understanding of search and seizure issues in relation to electronic evidence, for instance. Steps must be taken now to ensure that we have the resources and the capability to protect our National Information Infrastructure and deal with the formidable challenge of e-crime.
It is well established fact that there is a need for more advanced and ongoing training for those involved in the investigation of electronic crime and for specialist training for a cadre of expert staff involved in the forensic computing area. Investigators involved in the investigation of complex e-crime will also require some essential forensic computing skills and knowledge. It is surprising that information technology appears to exert little effect on policing outcomes given the widespread use of information technology in modern police departments. Moreover, fighting electronic crime will be an expensive endeavor and a significant commitment from Government will eventually be required to address what constitutes ‘new business’.
1. Nigel Phair, “Behind the mask”, August 7, 2007.
2. Commander Barbara Etter, “The Forensic Challenges of E-Crime”, Australasian Centre for Policing Research to the University of Western Australia Forensic Science students on Wednesday 6 June 2001.
3. Russell L. Jones and Abhinav Rastogi, “Secure Coding: Building Security into the Software Development Life Cycle”, APPLICATION PROGRAM SECURITY NOV./DEC. 2004
4. Kaye, B. 2000, ‘St George Still a ‘Sitting Duck’’, Computerworld, Vol.24 No.11, 11 September, pp.1 & 4.
5. Gliddon, J. 2000, ‘Cracks in the Armour’, The Bulletin, 7 November, p.86.
6. Hellaby, D. 2001, ‘Warning over Credit Card Sting’, The Australian, IT section, 20 March, p.32.
7. Legard, D. 2001, ‘Hackers Hit Government S Computerworld, Vol.24 No.26, 29 January, p.12.
8. Weiss, M. 2001, ‘How the NYPD Cracked the Ultimate Cyberfraud’, NYPOST/FOXNEWS, 20 March.
9. John Barry, “Confronting the Future of Policing: technology, professionalism and partnerships”, Speech notes for Chief Commissioner Christine Nixon, Wednesday 30 October 2002.
10. O’Brien, K. & Nusbaum, J. 2000, ‘Intelligence Collection for Asymmetric Threats – Part Two’, Jane’s Intelligence Review, November, pp.50-55.
11. Adams, J. 2001, ‘The Weakness of a Superpower’, Foreign Affairs, May/June.
12. Van Dijk, S, 2001, ‘Technology Alone No Match for Security Risks’, Computerworld, Vol.24 No.39, 14 May, p.5.
13. KPMG 2000, E-Commerce and Cyber Crime: New Strategies for Managing the Risks of Exploitation, USA.
14. McKemmish, Rodney 1999, ‘What is Forensic Computing’, Trends & Issues, No. 118, Australian Institute of Criminology, Canberra.
15. Varney, T. 2000, ‘Computer Forensics’, Internal Auditing, November/December, pp.31-33.
16. Dearne, K. 2001, ‘Cybersleuths on E-Crime Trail’, The Australian IT Section, 22 May, pp.41 & 44.
17. Wynne, M. 2001, ‘Cyber Cops Byte Back’, Police, May, pp.24-27.
18. Brown, M. M., and J. L. Brudney (2003): “Learning Organizations in the Public Sector? A Study of Police Agencies Employing Information and Technology to Advance Knowledge,” Public Administration Review, 63(14), 30–43.