Cybercrime
Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. It has been variously defined as "a crime committed on a computer network, especially the Internet; Cybercriminals may exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.
Cybercrimes refer to socially dangerous acts committed using computer equipment against information processed and used in cyberspace.
In 2000, the tenth United Nations Congress on the Prevention of Crime and the Treatment of Offenders classified cyber crimes into five categories: unauthorized access, damage to computer data or programs, sabotage to hinder the functioning of a computer system or network, unauthorized interception of data within a system or network, and computer espionage.
Internationally, both state and non-state actors engage in cybercrimes, including espionage, financial theft, and other cross-border crimes. Cybercrimes crossing international borders and involving the actions of at least one nation-state are sometimes referred to as cyberwarfare. Warren Buffett has stated that cybercrime is the "number one problem with mankind", and that it "poses real risks to humanity".
The World Economic Forum's 2020 Global Risks Report highlighted that organized cybercrime groups are joining forces to commit criminal activities online, while estimating the likelihood of their detection and prosecution to be less than 1 percent in the US. There are also many privacy concerns surrounding cybercrime when confidential information is intercepted or disclosed, legally or otherwise.
The World Economic Forum's 2023 Global Risks Report ranked cybercrime as one of the top 10 risks facing the world today and for the next 10 years.
Characteristics and classification
A cybercrime is understood as a culpable unlawful act committed by a subject in cyberspace using computer networks, which is prohibited by current legislation under the threat of punishment.The Russian scholar I. M. Rassolov, in his works, points out the following characteristics of cybercrimes:
- The use of computer networks and international information exchange, which constitutes the principal distinguishing feature of a crime in the sphere of high technologies. In this case, the computer and its networks act as the object of the crime, the instrument of the crime, or the means on which unlawful acts are prepared.
- The transnational nature of the crimes under consideration and the international character of the participants in the criminal community.
- A stable tendency toward the "organized" nature of cybercrimes and their expansion beyond national boundaries.
- The presence of a criminal pyramid consisting of at least three levels of interaction.
A proposed taxonomy classifies cybercrime into two top-level groups: pure-technology cybercrime and cyber-advanced crime. Pure-technology cybercrime "targets or victimizes the computer technology ecosystem" to "disrupt the confidentiality, integrity, or availability of a computer-technology ecosystem", while cyber-advanced crime "uses computer technology to target or victimize natural persons, governments, business entities, or property" in order to "deprive, disrupt or damage entities or assets."
Computer fraud
Computer fraud is the act of using a computer to take or alter electronic data, or to gain unlawful access to a computer or system. Computer fraud that involves the use of the Internet is also called internet fraud. The legal definition of computer fraud varies by jurisdiction, but typically involves accessing a computer without permission or authorization.Forms of computer fraud include hacking into computers to alter information, distributing malicious code such as computer worms or viruses, installing malware or spyware to steal data, phishing, and advance-fee scams.
Other forms of fraud may be committed using computer systems, including bank fraud, carding, identity theft, extortion, and theft of classified information. These types of crimes often result in the loss of personal or financial information.
Digital arrest
is a form of online fraud where perpetrators impersonate law enforcement officials to deceive victims. This scam typically involves contacting individuals via phone, falsely claiming they are implicated in criminal activity related to a parcel containing illegal goods, drugs, counterfeit documents, or other contraband. In some variations, scammers target the victim's relatives or friends, falsely stating the victim is in custody due to criminal involvement or an accident. Victims are then coerced into remaining on camera and isolating themselves, while the fraudsters extract personal and financial information under the guise of an official investigation, ultimately transferring the victim's assets to money mule accounts.To detect and prevent the fraud, be wary of unsolicited calls from supposed law enforcement demanding immediate payment or personal information. Legitimate law enforcement agencies rarely conduct investigations in this manner. Verify the identity of the caller independently by contacting the relevant agency directly through official channels. Remember, the government agencies never put anyone under digital arrest, it's not permissible.
Fraud factories
A fraud factory is a collection of large fraud organizations, usually involving cyber fraud and human trafficking operations.Cyberterrorism
The term cyberterrorism refers to acts of terrorism committed through the use of cyberspace or computer resources. Acts of disruption of computer networks and personal computers through viruses, worms, phishing, malicious software, hardware, or programming scripts can all be forms of cyberterrorism.Government officials and information technology security specialists have documented a significant increase in network problems and server scams since early 2001. In the United States there is an increasing concern from agencies such as the Federal Bureau of Investigation and the Central Intelligence Agency.
Cyberextortion
Cyberextortion occurs when a website, e-mail server, or computer system is subjected to or threatened with attacks by malicious hackers, often through denial-of-service attacks. Cyber extortionists demand money in return for promising to stop the attacks and provide "protection". According to the FBI, cyber extortionists are increasingly attacking corporate websites and networks, crippling their ability to operate, and demanding payments to restore their service. More than 20 cases are reported each month to the FBI, and many go unreported in order to keep the victim's name out of the public domain. Perpetrators often use a distributed denial-of-service attack. However, other cyberextortion techniques exist, such as doxing and bug poaching. An example of cyberextortion was the Sony Hack of 2014.Ransomware
Ransomware is a type of malware used in cyberextortion to restrict access to files, sometimes threatening permanent data erasure unless a ransom is paid. Ransomware is a global issue with 153 countries affected by this type of attack in 2024.The number of attacks is constantly growing, with 5,263 attacks in 2024. And this is the number of large and successful attacks with serious consequences, the total number of attempted attacks, including in automatic mode in 2021, amounted to more than 300 million attacks worldwide. Nearly a third of the major attacks in 2024 targeted industrial enterprises, affecting critical infrastructure and services, causing severe losses. In some cases, attacks on medical facilities also resulted in human casualties. Between 2016 and 2021 ransomware caused the deaths of between 42 and 67 patients due to the treatment difficulties created. In 2024 an attack on UK pathology provider Synnovis resulted in thousands of surgeries and appointments being canceled. Ransom amounts in attacks are also continuously and significantly increasing. According to the 2022 Unit 42 Ransomware Threat Report, in 2021, the average ransom demand in Norton cases was $2.2 million, and the number of victims whose personal data ended up in the dark web's information dumps increased by 85%. Losses in 2021 and 2022 are nearly $400 million. In 2024, the average ransom amount is $5.2 million, with the two largest ransoms demanded from healthcare organizations - $100 million from India's Regional Cancer Center and $50 million from Synnovis.Cybersex trafficking
Cybersex trafficking is the transportation of victims for such purposes as coerced prostitution or the live streaming of coerced sexual acts or rape on webcam. Victims are abducted, threatened, or deceived and transferred to "cybersex dens". The dens can be in any location where the cybersex traffickers have a computer, tablet, or phone with an internet connection. Perpetrators use social media networks, video conferences, dating pages, online chat rooms, apps, dark web sites, and other platforms. They use online payment systems and cryptocurrencies to hide their identities. Millions of reports of cybersex incidents are sent to authorities annually. New legislation and police procedures are needed to combat this type of cybercrime.There are an estimated 6.3 million victims of cybersex trafficking, according to a recent report by the International Labour Organization. This number includes about 1.7 million child victims. An example of cybersex trafficking is the 2018–2020 Nth room case in South Korea.