This week's readings introduce several issues related to the increased use of information technology in the criminal justice system, and the many challenges that criminal justice agencies face in impl

Computer-based technology allows criminals to operate more efficiently and effectively and presents a challenge for the justice system because cyber crime’s rapid evolution is difficult to detect through traditional law enforcement channels. Cyber crime has grown as information technology (IT) has evolved and become part of daily life in most industrialized societies. Today more than 1 billion people are using email, and over 240 million are mobile Internet users. The Internet generates enormous revenue, with spending on IT and telecommunications expected to grow by more than 6 percent per year, soon reaching about $2 trillion. Also, many critical infrastructure systems are conducted and controlled online, ranging from banking to traffic control. As this vast network of essential technology and global communication continues to grow, it has become a target for illegal activities and enterprise.

Moreover, the nature of these crimes and the criminals who commit them vary considerably. Below we will discuss three general forms of cyber crime – cyber theft, cyber vandalism, and cyber terrorism.

Cyber theft Since the beginning of the Industrial Revolution, every technological breakthrough has brought with it tremendous benefit for society, but also new opportunities for criminal behavior. This has been particularly true of the IT revolution. The computer and Internet provide improvements in education, commerce, entertainment, and medicine, but they also allow criminals to be more creative, efficient, and anonymous. Today, cyber thieves use a variety of methods – all of which did not exist decades ago – to either distribute illegal goods or services, or to defraud people for profit. Following are descriptions of some of the primary forms of cyber theft.

I) Computer fraud a. Definitional issues This form of cyber crime is not a unique offense, but rather involves the commission of common-law fraud using contemporary technology. The definition of cyber fraud is as follows:

The intentional misrepresentation of information or identity to deceive others, the unlawful use of a credit or debit card or ATM, or the use of electronic means to transmit deceptive information, in order to obtain money or other things of value. Includes instances in which a computer was used to defraud the business of money, property, financial documents, insurance policies, deeds, use of rental cars, or various services by forgery, misrepresented identity, credit card or wire fraud.

Since many cases of computer fraud fit this definition, many instances of computer fraud are prosecuted under traditional statutes. However, the property that is stolen through computer fraud is often not as tangible as in traditional fraud, such as computer programs or trade secrets.

b. Levels and trends According to a survey covering the year 2017, about 45% of the businesses surveyed reported falling victim to cyber theft in the previous year. Of those cyber thefts, cyber fraud was the most common form (about 43%). One increasing form of cyber fraud involves the use of a plastic covering over ATM keypads that records the keys pressed by an ATM user. A computer attached to the plastic overlay records all the information the criminal needs to clone the card.

II) Denial of service attacks a. Definitional issues A denial of service attack involves the disruption, degradation, or exhaustion of an Internet connection or e-mail service that results in an interruption of the normal flow of information. Denial of service is usually caused by flooding a server with millions of bogus messages or orders. Though sometimes the attack is intended only to cause harm – in which case it would be considered cyber vandalism – in some cases, the goal is to extort money from the victimized company or organization. For example, a denial of service attack against an online casino during a major sporting event could cause the casino to lose a large amount of money. The casino may decide to give in and pay the attackers’ “ransom” to avoid angering clients and losing revenue.

b. Levels and trends In the survey mentioned above, about 24% of businesses reported being the victim of a denial of service attack. Moreover, about 2/3 of those businesses reported experiencing more than one attack throughout the year. These attacks can be costly – over 4% of the businesses reported losing more than $10,000 due to the attack, while about 1% reported losing more than $100,000. III) Theft of intellectual property a. Definitional issues This involves the illegal obtaining of copyrighted or patented material, trade secrets, or trademarks (including designs, plans, blueprints, codes, computer programs, software, formulas, recipes, graphics) usually by electronic copying.

Often, groups of individuals work together to illegally obtain software and then bypass its copyright protections (called “cracking” or “ripping”). The software is then posted on the Internet for others to in the group – and often the general public – to use. This particular form of intellectual property theft is referred to as “warez.” Another common form of intellectual property theft is file sharing, and especially music sharing. Though many people, including college students, casually download and share music and movies, it is considered a serious crime, with first-time penalties as high as five years incarceration and a fine of $250,000.

b. Levels and trends The illegal reproduction and distribution of movies, software, games, and music is estimated to cost U.S. industries $19 billion worldwide each year.

In the same survey mentioned above, about 19.2% of the surveyed firms experienced some form of intellectual property theft. Of those, 70% involved trade secrets and 47% involved copyrighted material. Intellectual property theft is even more likely than denial of service attacks to result in monetary loss over $10,000. Nearly one-third of the victimized businesses reported losing more than $100,000 due to the theft.

IV) Identity theft a. Definitional issues Identity theft occurs when a person uses the Internet to assume someone's identity, with the purpose of conducting a financial transaction in the victim's name. This often involves opening a new credit card with the victim's information, and/or purchasing goods using the victim's information.

Many different methods are used. In some cases, the thieves fill out change-of-address forms at the post office to have the victim's credit card bills rerouted to them. They then contact the credit card company to request a change of address on the account. Then they order numerous expensive items over the Internet and have the items delivered to the new address. It can take months for the victim to realize that their identity has been stolen. Other identity thieves create false email accounts or websites that appear to be from legitimate businesses. These messages or website inform the person that there is a problem with their account, and then ask the person to send their personal information, such as name, address, phone number, and social security number. This information can then be used to create new accounts in the victim's name, or to access preexisting accounts. This form of identity theft is referred to as “phishing.” Convincing victims to willingly provide their personal information is referred to as “social engineering.” Another strategy involves using viruses and malware installed on a users computer to record the necessary information. This is sometimes referred to as “technical subterfuge.” b. Levels and trends Identity theft is increasing at an alarming rate. In an identity theft supplement to the 2018 National Crime Victimization Survey (NCVS), it was found that about 23 million persons (or about 9% of all persons 16 or older) experienced at least one type of identity theft in the previous 2-year period. The cost over that two-year period was a total of nearly $15.1 billion dollars, though about one third (32%) of identity theft victims reported that they did not incur an out-of-pocket expense due to the crime. About 55% of victims spent 1 day or less resolving the financial and credit problems associated with the incident, though 6% reported that they were still experiencing problems with the theft more than 6 months after discovering it.

Regarding phishing scams, in particular, an anti-phising advocacy group detected over 113,000 new phishing websites in the month of January, 2019, and similar numbers in subsequent months. Moreover, they estimated that more than 35% of computers worldwide are infected with some form of phishing malware. The financial sector was the most targeted industry of these phishing schemes (38.1%).

Cyber vandalism In contrast to cyber thieves, some cyber criminals are motivated more by revenge or malice than by monetary gain. Such cyber criminals engage in various forms of cyber vandalism. Cyber vandalism involves malicious intent and ranges from sending destructive viruses and worms, to hacker attacks designed to destroy or impede important computer networks via trojan horses, logic bombs, and website defacement. These forms of cyber vandalism are described below.

In addition to cyber vandalism, other traditional crimes are now committed in cyber-fashion. Cyber stalking refers to the use of the Internet, e-mail, or other electronic communication devices to stalk another person. Some stalkers pursue minors through online chat rooms while others harass their victims electronically. Cyber bullying inflicts and compounds the harm of traditional bullying but does so through the medium of electronic text.

I) Implanting disruptive computer programs The most typical use of cyberspace for destructive purposes involves implanting disruptive programs such as viruses, worms, trojan horses, logic bombs, and spam. • A computer virus is a type of malicious software program that disrupts or destroys existing programs and networks. • A worm is similar to a virus, but uses the infected computer or network to self- replicate by automatically sending itself to other users – usually through email.

• Trojan horses are software programs that look harmless, and often useful, but contain malicious code that can damage the computer system.

• A logic bomb is a program that is secretly attached to the system. It monitors the system, and after a certain input or action, or sometimes on a specific date, a malicious action is triggered. In some cases, a simple message is printed to the screen, while in other cases, data is destroyed or corrupted.

• Website defacement occurs when a cyber vandal inserts or substitutes code on someone else's website, thus exposing the website visitors to misleading or provocative information. Nearly all website defacements are intended to vandalize rather than to obtain profit.

II) Cyber stalking Cyber stalking refers to the repeated use of the Internet, e-mail, or related electronic communication devices to annoy, alarm, or threaten a specific individual or group of individuals. This sometimes includes harassment of the victim's friends, family, and employers in an effort to further embarrass and isolate the victim. The stalker typically uses chat rooms, email, and social media to develop an online relationship with the victim. Others may send threatening messages to the victim, or convince others to harass them.

In a 2009 study, “Stalking Victimization in the United States”, it was found that 3.4 million people in the U.S. over the age of 18 experienced stalking. The highest rate was among the youngest age group, 18-24. This suggests that if younger persons were included in the survey, the numbers would be considerably higher. Of those stalking victims, 25% reported that the stalking occurred through technology such as email, instant messaging, and websites.

A 2003 study of data collected by the New York City Police Department's Computer Investigation and Technology Unit (CITU) reported that cyber stalking was the most reported of all cyber crimes – nearly 50% of all cyber crimes involved aggravated harassment by means of a computer. Cyber stalking continues to be a difficult crime to solve. The study found that approximately 50 percent of the cases were closed after finding enough evidence to substantiate the victim’s claim, but without positively identifying the offender after following all investigative leads.

III) Cyber bullying Cyber bullying involves the repeated use of the internet, mobile phones, or other digital technologies to inflict intentional harm upon others . Examples of this type of bullying can include sending mean text messages, writing hurtful or threatening emails, posting negative and defamatory stories online, creating fake social networking accounts, ranking or rating using online websites, blackmailing or terrorizing someone using pictures and rejecting, isolating or excluding someone using technological tools . The dramatic increase in the use of digital media – especially among young people – has created the potential for a concurrent increase in cyber bullying.. A recent study by the Neilsen Company found that among 13-17 year old teens, 83% use their cell phones for text messaging, with a significant gap between the average monthly numbers of text messages vs. phone calls – 2,899 texts vs. 191 phone calls. Likewise, the use of text messages has shown a dramatic increase, with average monthly usage growing from 435 texts in 2007 to 2,899 in 2011. Similar increases have been seen in the usage of social media sites. Utilizing social media tools such as Twitter, Instagram, or Facebook has been found to be the most popular activity among 8-18 year olds . A recent study found that on a typical day, 40% of teens are reported to go on a social networking site and those that do will spend an average of 54 minutes on the site.

Given this dramatic shift in teen technology usage it comes as no surprise that there has been a rise in incidents of cyber bullying. Cyber bullying affords anonymity and pseudonymity to bullies. The internet can provide a way for bullies to set-up accounts with false identities, use pseudonyms in chatrooms, leave anonymous comments on blogs and similarly phone numbers can be blocked to send anonymous text messages and make prank calls. This sense of anonymity may embolden bullies; making them exchange more hurtful and malicious comments than they may have been able to face-to-face.

According to the “School Crime Supplement” to the National Crime Victimization Survey, about 28 percent of children ages 12–18 report having been bullied at school, and 6 percent report having been victims of cyber bullying, with a slightly higher percentage for females than males. A 2006 HarrisInteractive email survey found higher rates of cyber bullying, reporting that about 47% of teens report having been cyberbullied in the past year. A similar figure was found in a 2009 MTV/Associated Press poll.

Cyber terrorism Cyber terrorism can be viewed as an effort by covert forces to disrupt the intersection where the virtual electronic reality of computers meets with the physical world. It involves a premeditated, politically motivated attack against information, computer systems, computer programs, and data. Infrastructure at risk of cyber terrorism includes oil refineries and nuclear power plants. Because of advancements in technology, cyber terrorists can commit their acts from anywhere in the world, and with little or no cost. The financial sector is often the target of cyber terrorism. As ever-increasing numbers of financial transactions occur over computer systems – both among multi-billion dollar corporations as well as average individuals – a nation’s economy is particularly attractive target. One survey found that financial firms received an average of over 1,000 attacks per company.

Some experts question the existence of cyber terrorism, claiming that not a single case of cyber terrorism has yet been recorded, that cyber vandals and hackers are regularly mistaken for terrorists, and that cyber defenses are more robust than is commonly supposed. They argue that the greatest use of technology by terrorist groups is for organizational and administrative purposes. However, even many of these skeptics recognize that the potential threat is severe, and steps must be taken to address it.