Understanding Cybercrime

Cyber attacks are on the rise. The media constantly report about data breaches and increasingly sophisticated cybercrime. Even governments are affected. At the same time, it is obvious that technology alone cannot solve the problem. What can countries do? Which issues can be addressed by policies and legislation? How to draft a good law? The report assists countries in understanding what cybercrime is about, what the challenges are in fighting such crime and supports them in drafting policies and laws.

Provides a general yet original overview of cybercrime and the legal, social, and technical issues that cybercrime presents. Understanding and Managing Cybercrime is accessible to a wide audience and written at an introductory level for use in courses that focus on the challenges having to do with emergence, prevention, and control of high tech crime. It takes a multidisciplinary perspective, essential to full appreciation of the subject and in dealing with this very complex type of criminal activity. The text ties together various disciplines-information technology, the sociology/anthropology of cyberspace, computer security, deviance, law, criminal justice, risk management, and strategic thinking. One reviewer writes, "The book provides an excellent introduction into what cybercrime is, why we need to be concerned about it and what can, and is, being done about it." Another reviewer describes Understanding and Managing Cybercrime as, "a major contribution to the emerging study of cybercrime and information security."

This book describes the key cybercrime threats facing individuals, businesses, and organizations in our online world. The author first explains malware and its origins; he describes the extensive underground economy and the various attacks that cybercriminals have developed, including malware, spam, and hacking; he offers constructive advice on countermeasures for individuals and organizations; and he discusses the related topics of cyberespionage, cyberwarfare, hacktivism, and anti-malware organizations, and appropriate roles for the state and the media. The author has worked in the security industry for decades, and he brings a wealth of experience and expertise. In particular he offers insights about the human factor, the people involved on both sides and their styles and motivations. He writes in an accessible, often humorous way about real-world cases in industry, and his collaborations with police and government agencies worldwide, and the text features interviews with leading industry experts. The book is important reading for all professionals engaged with securing information, people, and enterprises. It’s also a valuable introduction for the general reader who wants to learn about cybersecurity.

Cybercrimes are often viewed as technical offenses that require technical solutions, such as antivirus programs or automated intrusion detection tools. However, these crimes are committed by individuals or networks of people which prey upon human victims and are detected and prosecuted by criminal justice personnel. As a result, human decision-making plays a substantial role in the course of an offence, the justice response, and policymakers' attempts to legislate against these crimes. This book focuses on the human factor in cybercrime: its offenders, victims, and parties involved in tackling cybercrime. The distinct nature of cybercrime has consequences for the entire spectrum of crime and raises myriad questions about the nature of offending and victimization. For example, are cybercriminals the same as traditional offenders, or are there new offender types with distinct characteristics and motives? What foreground and situational characteristics influence the decision-making process of offenders? Which personal and situational characteristics provide an increased or decreased risk of cybercrime victimization? This book brings together leading criminologists from around the world to consider these questions and examine all facets of victimization, offending, offender networks, and policy responses. Chapter 13 of this book is freely available as a downloadable Open Access PDF at http://www.taylorfrancis.com under a Creative Commons Attribution-Non Commercial-No Derivatives (CC-BY-NC-ND) 4.0 license.

There are today no more compelling sets of crime and security threats facing nations, communities, organizations, groups, families and individuals than those encompassed by cybercrime. For over fifty years crime enabled by computing and telecommunications technologies have increasingly threatened societies as they have become reliant on information systems for sustaining modernized living. Cybercrime is not a new phenomenon, rather an evolving one with respect to adoption of information technology (IT) for abusive and criminal purposes. Further, by virtue of the myriad ways in which IT is abused, it represents a technological shift in the nature of crime rather than a new form of criminal behavior. In other words, the nature of crime and its impacts on society are changing to the extent computers and other forms of IT are used for illicit purposes. Understanding the subject, then, is imperative to combatting it and to addressing it at various levels. This work is the first comprehensive encyclopedia to address cybercrime. Topical articles address all key areas of concern and specifically those having to with: terminology, definitions and social constructs of crime; national infrastructure security vulnerabilities and capabilities; types of attacks to computers and information systems; computer abusers and cybercriminals; criminological, sociological, psychological and technological theoretical underpinnings of cybercrime; social and economic impacts of crime enabled with information technology (IT) inclusive of harms experienced by victims of cybercrimes and computer abuse; emerging and controversial issues such as online pornography, the computer hacking subculture and potential negative effects of electronic gaming and so-called computer addiction; bodies and specific examples of U.S. federal laws and regulations that help to prevent cybercrimes; examples and perspectives of law enforcement, regulatory and professional member associations concerned about cybercrime and its impacts; and computer forensics as well as general investigation/prosecution of high tech crimes and attendant challenges within the United States and internationally.

Cyber attacks are on the rise. The media constantly report about data breaches and increasingly sophisticated cybercrime. Even governments are affected. At the same time, it is obvious that technology alone cannot solve the problem. What can countries do? Which issues can be addressed by policies and legislation? How to draft a good law? The report assists countries in understanding what cybercrime is about, what the challenges are in fighting such crime and supports them in drafting policies and laws.

Research on cybercrime has been largely bifurcated, with social science and computer science researchers working with different research agendas. These fields have produced parallel scholarship to understand cybercrime offending and victimization, as well as techniques to harden systems from compromise and understand the tools used by cybercriminals. The literature developed from these two fields is diverse and informative, but until now there has been minimal interdisciplinary scholarship combining their insights in order to create a more informed and robust body of knowledge. This book offers an interdisciplinary approach to research on cybercrime and lays out frameworks for collaboration between the fields. Bringing together international experts, this book explores a range of issues from malicious software and hacking to victimization and fraud. This work also provides direction for policy changes to both cybersecurity and criminal justice practice based on the enhanced understanding of cybercrime that can be derived from integrated research from both the technical and social sciences. The authors demonstrate the breadth of contemporary scholarship as well as identifying key questions that could be addressed in the future or unique methods that could benefit the wider research community. This edited collection will be key reading for academics, researchers, and practitioners in both computer security and law enforcement. This book is also a comprehensive resource for postgraduate and advanced undergraduate students undertaking courses in social and technical studies.

When it comes to computer crimes, the criminals got a big head start. But the law enforcement and IT security communities are now working diligently to develop the knowledge, skills, and tools to successfully investigate and prosecute Cybercrime cases. When the first edition of "Scene of the Cybercrime" published in 2002, it was one of the first books that educated IT security professionals and law enforcement how to fight Cybercrime. Over the past 5 years a great deal has changed in how computer crimes are perpetrated and subsequently investigated. Also, the IT security and law enforcement communities have dramatically improved their ability to deal with Cybercrime, largely as a result of increased spending and training. According to the 2006 Computer Security Institute's and FBI's joint Cybercrime report: 52% of companies reported unauthorized use of computer systems in the prior 12 months. Each of these incidents is a Cybecrime requiring a certain level of investigation and remediation. And in many cases, an investigation is mandates by federal compliance regulations such as Sarbanes-Oxley, HIPAA, or the Payment Card Industry (PCI) Data Security Standard. Scene of the Cybercrime, Second Edition is a completely revised and updated book which covers all of the technological, legal, and regulatory changes, which have occurred since the first edition. The book is written for dual audience; IT security professionals and members of law enforcement. It gives the technical experts a little peek into the law enforcement world, a highly structured environment where the "letter of the law" is paramount and procedures must be followed closely lest an investigation be contaminated and all the evidence collected rendered useless. It also provides law enforcement officers with an idea of some of the technical aspects of how cyber crimes are committed, and how technology can be used to track down and build a case against the criminals who commit them. Scene of the Cybercrime, Second Editions provides a roadmap that those on both sides of the table can use to navigate the legal and technical landscape to understand, prevent, detect, and successfully prosecute the criminal behavior that is as much a threat to the online community as "traditional" crime is to the neighborhoods in which we live. Also included is an all new chapter on Worldwide Forensics Acts and Laws. * Companion Web site provides custom tools and scripts, which readers can download for conducting digital, forensic investigations. * Special chapters outline how Cybercrime investigations must be reported and investigated by corporate IT staff to meet federal mandates from Sarbanes Oxley, and the Payment Card Industry (PCI) Data Security Standard * Details forensic investigative techniques for the most common operating systems (Windows, Linux and UNIX) as well as cutting edge devices including iPods, Blackberries, and cell phones.