CYBER CRIME CONTROL, PREVENTION AND INVESTIGATION

Introduction

Cybercrime has been a hot button topic in recent years. A crime involving digital services

or computers, cybercrimes typically is when someone targets a computer for a crime, uses a

computer as a tool for a crime, or has computer containing evidence of a crime. Since the rise of

information technology, cybercrime has become taken center stage as a shift in criminal activity

means more criminals doing business online and using computers or attacking computers as a

result of it. Criminal investigators and law enforcement have thus begun efforts to control

prevent and investigate cyber activities to avoid major problems for the Government, agencies,

organizations, and individuals. As one article put it, it is a battleground. “The digital world has

become a battleground for the forces of good and evil. There is an ever increasing awareness that

the digital world provides an unlimited opportunity to further one’s goals” (Gregory & Glance,

2013, p. 51).

A way law enforcement is tackling cybercrime is through the hiring and retention of

highly skilled cybercrime experts via business enterprises and Government. This guarantees

compliance and enforcement of international guidelines for acceptable standard usage of

technological devices and computer in private and in work places. Although emphasis must be

placed on prevention measures, control and investigation measures are vital as well in

maintaining systems free of illegal breaches.

In case of any breaches, forensics experts must be called as they are the ones to conduct

the necessary forensic examinations, analysis, reconstruction, and documentation of any crime

scene, presenting evidence to the Court and other appropriate authorities that may lead to the

arrest, prosecution, and conviction of the suspected criminal. Another aspect of cybercrime aside

from breaches are digital assets. Certain private information like social security numbers and tax
information can easily become stolen and lead to identity fraud. These kinds of digital assets

must be safeguarded. Therefore, research needs to point towards new and innovative strategies to

circumvent these crimes and protect those affected by it.

Cyber-Crime Control (CCC)

CCC deals with the development of sufficient policies to help control cybercrime

activities. Any policies developed must spell out suitable punishment for convicted cyber

criminals. Convictions are as a result of court verdicts and will act a deterrent measure for any

person wanting to engage in criminal acts connected to technology.

Cyber Crime Prevention (CCP)

CCP involves emphasis on the training of administrators and users of cyber space,

security awareness, best practices and so forth to avert and minimize the occurrence of cyber

incidents. Underground hacking techniques while the cause of some cybercrimes can help

security managers and administrators understand how criminals works, thereby helping prevent

cybercrime. To think like a hacker is to use the techniques and tools hackers use thereby helping

to expose the various ways of detecting and thwarting cybercrime activities through training and

education. Recognition of users as the weakest link is paramount since that is where most of the

damage is done. “A solution out of this dilemma is a cyber-security policy decidedly anti-

vulnerability and at the same time based on strong considerations for privacy and data protection.

Such a security would have to be informed by an ethics of the infosphere” (Dunn Cavelty, 2014,

p. 701).

The types of tools that will aid in these efforts are open source and commercial tools that

will include, however, not limited to:

 1. Backtrack 5r3
2. email tracker pro

Metasploit pro and framework

Cyber Crime Investigation (CCI)

1. If and when a system becomes compromised, as it will inevitably happen,

regardless of measures taken to prevent or control the situation, investigations will be
implemented. Investigations assist in unraveling any clues behind the attack and could
help trace the hacker through and IP address, server, or other means of digital footprints.
While this is a hard task to complete, forensic investigation of computer system and
network based attacks provide experience to help prevent future attacks. From
identification of any clues, to collection of evidence, to preservation analysis, then
documentation, and finally presentation of evidence, here is where things like
victimology are observed.

Victimology is the study of any victim of crime as well as the psychological effects they
have or are imposed on them.
2. Victimology may not always mean an individual. It can be a bank, website, ministry,
server, agency, or any other target (Doerner & Lab, 2014).

Links to the Victims include:

 Work related
 Hobby related
 Work related

Family related
 Analysis of the victim helps reveal the reason behind the choosing of the victim and the
level of risk the offender took to acquire the victim.
  Victimology research includes a thorough search for evidence, including cyber trails.
Cyber trails are often an important way to obtain valuable information that can later
undermine an offender and lead to their arrest and subsequent conviction.

Aims and Objective

With cybercrime on the rise, it is a growing concern for both organizations/businesses

and Government. The aims are to discover ways to reduce cybercrime activities and existing

laws and amendments that were made to appropriately punish cyber criminals along with other

deterrent measures that have been or will be used to reduce cybercrime. Lastly the objective is to

develop a strategy for effectively tracking cyber criminals through application of research driven

cyber forensic techniques and how victims can report crimes and how the FBI website and the

IC3 may play a role.

Research Questions

These questions are meant to provide a means of exploring the current information available and

refine the search.

What are we trying to protect? What needs protection are several. They are availability

network, assets, network infrastructure, confidential personal data, resources that can be

categorized into three groups.

 Information stored physically such as hard copies

 Information store on transit (digitally) in the network or electronically
 Information stored in the human brain.

Why are intrusions so often successful? As stated earlier, the users are the weakest link in the

security chain. Users often fail to perform the actions necessary to avoid becoming a target for

cyber criminals. Things like no firewall, password sharing, simple passwords, ignorance of
organizational and/or logical boundaries in a network infrastructure along with numerous things

can create weakness and increase risk for breach. Research and implementation of best practices

will not 100% prevent cyberattacks, but will lessen the rate in which cybercrimes are performed.

What are the greatest challenges that we face today? Some of the challenges faced to day like

constant innovation and new technology, and environment complexity create further exploits and

threats because once one strategy is learned and implemented, the cybercriminal will have

learned of a new way to make a successful breach, bringing things back to square one. Now with

the use of mobile phones and the increase in mobile technology via mobile apps and

smartphones, cyber threats have increased. There has to be a trade off somewhere so technology

can still be innovative, but at the same time allow more time to develop better security. Rapid

improvements have set trigger to rapid growth of cybercrimes as detailed in a 2014 article.

Rapid improvements in information technologies have triggered the concept of

cyberspace which is considered as the fifth dimension of war. While transferring

information quickly from physical area to electronic/digital area, cyberspace has caused

to emerge a lot of threats and methods like cyber-attack, cyber-crime, cyber war which

are spreading too rapidly (Gedikli, 2014, p. 1).

Why are most attacks gone undetected? The majority of companies and organizations are not

aware if that have experienced a cyberattack. This is alarming news. It is one thing when

someone knows they are being hacked. It is another when the cyberattack goes unnoticed leaving

room for additional cyberattacks and problems like the comprising of security via leaked

confidential information. One of the biggest reasons is lack of skilled personnel, trained
specifically in incident response and cyber security. While there is available funding for schools

to train IT professionals, there not enough IT students in school, leading to a severe deficit and

enough blind spots for hackers to commit their cybercrimes. “Against ever evolving cyber-

threats the need to graduate students skilled in the concepts and technologies of cyber-security is

becoming a critical responsibility of academic institutions in order to help preserve the

sovereignty of the US and her allies” (Rowe, Lunt, & Ekstrom, 2011, p. 1).

Why are attackers not getting appropriate jail terms? This is a problem that is on the way to

being resolved with stricter and more stringent laws and policies being added to ensure proper

punishment is given to convicted cybercriminals. However, the process is a slow one, especially

when it comes to global cybercrime. While American cybercrime laws enforce at times jail time

and heavy financial penalties, global cybercrime laws are not as stringent as seen with Chinese

hackers hacking into the United States. The United States government could not interfere as the

attacks were performed while the hackers were abroad. What can be done however, to deal with

global cyber and what has been done successfully is the use and implementation of financial and

trade sanctions This is because they offer seemingly proportional response as well as a more

palatable approach than either inaction or military intervention. After the Sony attacks problem,

sanctions were issued against North Korea. “In April 2015, President Obama issued an executive

order that laid the groundwork for more active use of economic sanctions against Chinese,

Russian, Iranian, and North Korean hackers, as well as nonstate actors” (Segal, 2016, p. 95). By

President Obama doing this, he enabled the Treasury secretary to sanction entities as well as

individuals with punishments that could entail the freezing of any financial assets including the

barring of any commercial transactions. This keeps foreign countries from hacking because it
hits them where it hurts, money and assets. This is just one step however, in a ladder that

requires more steps towards completion.

What are the motivations for the cybercriminals? While cybercriminals frequently perform

illegal activities for monetary gain, there are many who do it for other reasons. Some may do it

for personal reasons. Some may do it for political reasons. Whatever the reasons are,

investigating such reasons can lead to the thwarting of such efforts by understanding the source

of cybercrime activity. For example, in a book discussing political-based hacking, a self-defined

‘hacktivist party’ by the name of Podemos hacked in order to extend their political aims to the

masses. “They are a political party that is using the rules of cyber-activism and the hacker culture

to create and set up another political model- more democratic, transparent, and collaborative.

Hacktivism is the emergence of popular political action, of the self-activity of a group of people,

in cyberspace” (Deželan & Vobic, 2016, p. 102).

What risk is the attacked willing to take in other to get the target? This is often understood

in relation to the gains. If there is a lot of money at stake or political expression that is deeply

important to the hacker, the cybercriminal may be willing to risk jail time in order to get their

target. This is seen several times in the United States where hackers caught are often asked why

they committed the crime and they told them they wanted to because of such and such and were

aware of the consequences if caught.

How can we tie the loose ends and make our cyber space more secure than it currently is?

This is difficult to answer. However, the most important thing is to improve the way IT students

learn and absorb the curriculum so they can become IT professionals and provide the assistance

so desperately needed in this area. Perhaps by adapting a holistic approach, the ball could get
rolling when it comes to reaching out to students and readying them for a successful career in IT

and cybersecurity.

Observations of the healthcare model, along with the findings of a recent workshop on

cybersecurity education, suggest some practical steps for such an approach. Computer science

educators, human resources professionals, and cybersecurity practitioners should seek to attract

computer science graduates to think beyond their stovepiped fields and collaborate to develop,

accept, and implement holistic, integrated solutions (Hoffman, Burley, & Toregas, 2012, p. 33).

The world of cybercrime is fast-pace. It is a constant struggle to try and stay afloat and

cybercriminals find new ways to hack and break into computer systems, stealing precious and

sensitive information. The worst part is, many organizations, business, and individuals are not

even aware they are being hacked. This leaves many blind to the true dangers of the cyber world.

However, there are ways to prevent and thwart would be hackers. Cybersecurity

professionals and educating users are key ways to undermine hackers. By users learning to

protect themselves, they can make it harder for hackers to access their computer and their private

information. By having more cybersecurity professionals, hackers can be found, caught, and

prosecuted.

The American government has also made great progress in dealing with global

cybersecurity threats. By issuing financial sanctions they hit countries like China and North

Korea where it hurts, their assets and capital. While this is one step, it is an effective step

towards reducing cybercrime activities. Lastly, cybersecurity professionals are an essential part

of controlling, preventing, and investigating cybercrimes, but there is a big shortage of them.
That is because IT students are not graduating at the amount needed. Schools and educators must

focus in properly preparing IT students so they can pursue a career in cybersecurity once

they graduate. That may take a holistic approach. A holistic approach depends on a

concerted effort to achieve the almost insurmountable goal of closing the gap.

Deželan, T. & Vobic, I. (2016). (R)evolutionizing political communications through social

media. IGI Global.

Doerner, W. & Lab, S. (2014). Victimology (7th ed., p. 15). Routledge.

Dunn Cavelty, M. (2014). Breaking the Cyber-Security Dilemma: Aligning Security Needs and

Removing Vulnerabilities. Sci Eng Ethics, 20(3), 701-715.

http://dx.doi.org/10.1007/s11948-014-9551-y

Gedikli, M. (2014). Improvements of cyberspace and effects to the battlefield.Cyber Sensing

2014. http://dx.doi.org/10.1117/12.2053356

Gregory, M. & Glance, D. (2013). Cyber Crime, Cyber Security and Cyber Warfare. Security

And The Networked Society, 51-95. http://dx.doi.org/10.1007/978-3-319-02390-8_3

Hoffman, L., Burley, D., & Toregas, C. (2012). Holistically Building the Cybersecurity

Workforce. IEEE Security & Privacy Magazine, 10(2), 33-39.

http://dx.doi.org/10.1109/msp.2011.181

Rowe, D., Lunt, B., & Ekstrom, J. (2011). The role of cyber-security in information technology

education. Proceedings Of The 2011 Conference On Information Technology Education -

SIGITE '11. http://dx.doi.org/10.1145/2047594.2047628

Segal, A. (2016). The hacked world order. New York: PublicAffairs.