By Androna Canisius

Published: May 16, 2024

References: 5

Open Access

|

|

Abstract

Like every aspect there is, the internet too is dual-natured. While the internet acts and serves as a positive tool, benefiting a group of people, there is another group of people who unfortunately fall prey to skilled criminals who use the internet to suit their deceitful interests. This paper aims to explore and examine cybercrime for what it is- a type of unlawful and illicit conduct that is on the rise day by day due to the slick works of trained attackers within cyberspace. The paper intends to provide an overall understanding of what is meant by the term cybercrime, what motivates cybercriminals, and the challenges that come with attempting to face these threats and attacks.

Introduction

The internet has been altering society in multiple unimaginable ways, changing modes of communication between people along with their attitudes and approaches towards learning and conducting business. Despite the internet’s exceptionally liberal potential, the majority of the users find it to be a rather daunting and intimidating process, due to its rapid growth opening up to uncountable possibilities of cybercrime activities including extortion and espionage which are way more complex than just hacking and cracking. The rapid technological evolution has made it a challenge for laws to keep up with while making sure no right of an individual is breached.

What is Cyber Crime

While some experts view cybercrime as another category of crime that requires a different legislative system due to its particularly distinct challenges that are not tackled by traditional criminal law, others consider cybercrime to be just another regular crime in which computers are used as either the target in the attack or merely as a tool.

Traditional crime and cybercrime are two of the multiple categories of crime and it’s vital that we understand how they differ from each other. Even though the offense committed by the offender is the basic subject of both crimes, the tactical approach and methodology used, are poles apart. While cybercrimes are carried out through the use of a computing device and a network ideally, traditional crimes are executed physically, beyond cyberspace. The process of solving a cybercrime is far more complex than that of a traditional crime. The chances of the individual committing the crime leaving easily noticeable evidence are high in the case of traditional crimes whereas it’s generally the exact opposite in cybercrimes as tracking down a digital footprint is not as easy as one would think.

Hackers vs Crackers

Hackers get unauthorized access to systems with the intention of receiving more knowledge and bettering themselves at this skilled practice, without causing any intentional harm to an individual or a system. Hackers, also commonly referred to as White hats, are professionals who generally work for organizations that invest in internet security to keep their data protected, with the possession of legal certificates that approve their hacking practice. Crackers unlike hackers, work with the intention of damaging or harming individuals and data, despite their degree of skillfulness. In the case of finding a loophole, a cracker would use it as an opportunity to steal or alter data as a means of gaining profit. To differentiate these categories in simple terms- the illegal activities of crackers or black hats are the reason why hackers are hired to protect organizations.

Suggestions for improvement: The paper discusses the work of both hackers and crackers to be malicious and practically the same. The viewpoint presented here equates both categories, with which I beg to differ. The paper could have focused a little more on differentiating between hackers and crackers and how hackers work to prevent the works of crackers.

Why People Hack

The paper explores the concept of hacktivism, disgruntled employees, recreational hackers, and website administrators as some of the several reasons behind hacking, and states that it could be carried out with personal, professional, or political intentions.

Hacktivism is the act of hacking for either social or political purposes. “Anonymous”, being one of the most famous hacktivist groups with some of the most notorious works in the history of hacktivism can be considered a great example when elaborating on this topic. One of their most recent works was their cyber war on Twitter against Vladimir Putin, the president of Russia, exposing discreet information owned by Russian government bodies and several other businesses run by the state, following Russia’s invasion of Ukraine. Some of the other infamous hacktivist events include Operation Payback (2010), Arab Spring (2010 - 2012), Hacking Team Exposure (2015), Panama Papers (2016), and The Ashley Madison Data Breach (2015).

One of the most common reasons why employees are considered to be the greatest cyber security risk right now is their lack of awareness concerning what activities they should and should refrain from engaging in, generally as a result of inadequate training provided by the organization. It’s either a case of an employee’s negligence and carelessness or the employee stealing and selling confidential or highly sensitive insider information for their own unethical monetary interests. Websites possess the ability to collect extensive hidden information from their users, including their IP addresses, browsing history, and at times their FTP usernames and passwords. Some hackings are carried out by individuals or groups who are driven by the urge to test their skills and enhance their knowledge or merely for personal satisfaction, while others are ethical hackings conducted by white hat hackers, as mentioned before.

Suggestions for improvement: Although this section provides fairly sufficient information on the reasons behind hacking, the fact that no real-world examples have been given, weakens any strong argument the author of the paper has intended to make, lowering the authors’ credibility. The lack of examples and comprehensive information is unfortunately evident throughout, which could ruin the reader’s understanding and impression of the paper.

Types of Cyber Crime

This section of the paper is the best written of all, considering the ample and clear explanation provided with more examples compared to the other sections. Cybercrimes cover a wide spectrum of offenses including Malware, Denial of Service, Cyberstalking, Financial crimes, Cyber pornography, Sale of illegal articles, Online gambling, Intellectual property crimes, Email spoofing, Forgery, and Cyber Defamation. Unlike the rest of the sections in the paper, each type of crime here has been supported by a credible example or case study making it much easier for the reader to comprehend how and why these activities are considered illegal and criminal, without having to refer to any additional sources for an improved explanation and understanding.

Suggestions for improvement: None

Challenges

The paper touches upon the challenges faced by the government and the investigation bureau in the case of cybercrimes such as the struggles of establishing identity and locating evidence, coordinating real-time responses to cyber threats, obtaining legal authority to conduct investigations, constantly working on technological advancements and developing successful strategies to fight cybercrime.

Ransomware attacks, when targeted against a government, could be one of the most dangerous conditions in the field of cyber security. Governments undergo an unimaginable amount of pressure when they have to choose between negotiating with the attacker and giving them the large payment demanded, typically in the form of cryptocurrencies, or not complying with their demands at all. A ransomware attack can be a national security threat in the case of any highly sensitive or confidential information under intelligence or defense services being involved. A popular example is the Conti attack against Costa Rica in April 2022 where data that exceeded 600GB was stolen and exposed online. The Costa Rican government’s refusal to pay the $10 million demanded by Conti, has led to continuous attacks against the nation’s ministries. Other challenges include Data breaches, Weaponizing legitimate tools, and Wipers that are designed with the goal of preventing an organization from accessing confidential or highly sensitive information that can’t be restored unlike ransomware even if the organization in question is willing to pay a ransom.

Suggestions for improvement: Even though multiple challenges related to cybercrime have been mentioned, this section too lacks adequate elucidation and supportive real-world examples for the reader’s comprehension. While having briefly discussed the challenges, the paper could have also specified any tactical actions or security measures that could be taken by organizations in order to prevent these challenges. The use of more concrete evidence or insight into any recovery measures or solutions would have validated the paper even more.

Cyber Laws, their advantages, and proposed changes in IT Act 2000

The IT Act 2000 was passed to acknowledge the legality of electronic documents or contracts and allow digital signatures to be used for verification and authentication. Some of the key advantages of cyber law include the validity of electronic communication in legal proceedings, legal recognition of digital signatures, addressing security concerns by defining secure digital signatures and procedures, authorization for corporate entities to act as certifying authorities for digital signature certificates and provision for companies to conduct e-commerce under legal infrastructure. The new legislation proposes Trap and Trace orders which play an important role in the process of recording incoming IP packets and tracing their origins when any type of malware or denial of service is involved. A request for the age of eligibility for major cybercrimes to be lowered to the age of fifteen and above has also been proposed, making sure that minors could be pronounced liable for their actions as well.

Suggestions for improvement: In this section, it’s evident that even though the outline touches lightly on the importance of legal infrastructure, a significant amount of the discussion focuses mainly on the legal issues and legal framework created by the Information Technology Act 2000. An excessive focus on the legal aspects could overshadow the technological aspects required to get an understanding of the cybersecurity-related components discussed in the paper, as it’s important that a balance is brought between both legal and technical resources. Although this extensive research would seem sufficient from a legal point of view, it’s unfortunately clear that the insights provided here wouldn’t suffice for an IT-centric research paper.

Conclusion

Today, the unfortunate rapid growth of cybercrime is an immense global challenge as cybercrimes and digital offenses are much more interconnected with traditional crimes than they used to be before, therefore increasing the rate of how normalized these crimes are now. Ideally the rapid growth of new technology and elements under artificial intelligence, dealing with cybercrimes should only get easier, but when considering the range of unimaginable illegal activities that could be assisted by even an ounce of artificial intelligence involved, nothing can be assured to a certain extent. Despite the numerous benefits of technological advancement, in threat detection and prevention, in the wrong hands, it could most certainly expand the landscape of cybercrimes.

Comparison of the review to the original paper

Overall, the research paper lacks elucidation and the use of sufficient examples to support its arguments and strengthen its statements. The review mitigates this oversight by providing ample explanations of each important cybersecurity-centric aspect which was only briefly discussed in the original research paper. The research paper equates the work of both hackers and crackers to be the same with no amount of differentiation between the two, whereas the review explores and contradicts their viewpoint by delineating the differences and discussing how the work of hackers prevents the illegal means of a cracker. The background as to why people hack was not constructed clearly in the research paper, lacking precision and clarity, unlike the review paper which discusses the statements of the research paper with further evidence and real-life case studies and examples. The challenges in the paper lack clarity which might make it harder for the readers to understand the main point of the discussion, as each challenge is listed with no extended explanation to support them. Certain statements like “knowing where to look for evidence” and “improving training at all levels of the organization” could be considered a little too vague to be on a research paper. The review overcomes these blunders with detailed explanations and examples, recognizing the key points discussed in the paper. As mentioned above as a suggestion for improvement under the discussion of cyber laws, the research paper focuses more on the legal aspects of these laws while the review summarizes the IT-centric approach mentioned briefly in the paper. The overall readability of the research paper is impacted by grammatical mistakes and the inconsistent construction of sentences which is mitigated by the review, with the attempt of providing a clearer and more specific take.

References

• Cybercrime changing everything an empirical study - ResearchGate, https://www.researchgate.net/profile/Neelesh-Jain-3/publication/275709598_CYBER_CRIME_CHANGING_EVERYTHING_-_AN_EMPIRICAL_STUDY/links/554493760cf23ff7168546c5/CYBER-CRIME-CHANGING-EVERYTHING-AN-EMPIRICAL-STUDY.pdf?origin=publication_detail (accessed Dec. 4, 2023).

• M. Pinto, “How cyber crimes differ from traditional crimes,” Eat My News, https://www.eatmy.news/2022/11/how-cyber-crimes-differ-from.html (accessed Dec. 4, 2023).

• “Difference between hackers and Crackers,” GeeksforGeeks, https://www.geeksforgeeks.org/difference-between-hackers-and-crackers/ (accessed Dec. 4, 2023).

• T. H. Jr., “What is anonymous? how the infamous ‘hacktivist’ group went from 4chan trolling to launching cyberattacks on Russia,” CNBC, https://www.cnbc.com/2022/03/25/what-is-anonymous-the-group-went-from-4chan-to-cyberattacks-on-russia.html (accessed Dec. 4, 2023).

• Michali, “Cybersecurity challenges for governments,” Check Point Software, https://www.checkpoint.com/cyber-hub/cyber-security/what-is-cybersecurity-for-governments/cybersecurity-challenges-for-governments-in-2023/ (accessed Dec. 4, 2023).

About the Author

Androna Dihani Canisius is currently enrolled in the Northwood University program at ANC Education in Sri Lanka, majoring in Business Administration in Management Information Systems. During her academic journey, she has taken part in school debates and inter school debates and is a member of the Psychology Club of ANC and the Rotaract Club of ANC. Along with being one of the organizers of events like the Halloween party of the Psychology Club of ANC, she has organized blood donation campaigns, drives, and other events showing her passion for event management, community engagement, and teamwork.

"Empowering Minds, Inspiring Futures: Bridging Academia and Innovation Globally"

Wells Resource