INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION

Typology of Cyber Crime Types of Cybercrime Description

In a traditional means, a term crime covers a broad range of offenses. It is from Financial Crimes Credit Card Frauds; Money Laundering
this broad-range, the typology or classification of cybercrime became difficult. Cyber Pornography Pornographic Websites; Online distribution
A good example of an international instrument which tried to categorize types of Online Gambling Millions of websites, all hosted on servers abroad,
cybercrime is the Council of Europe the History of Global Harmonization on Cyber Crime offer online gambling.
Legislation-The Road to Geneva, December 2008. IP Crimes Software Piracy; Copyright Infringement;
The Convention on Cyber Crime distinguishes between four different types of Trademarks Violations; Theft of Computer Source
offenses Code.
1. Offenses against the confidentiality, integrity and availability of computer data Email Spoofing A spoofed email is one that appears to originate from
and systems, such as illegal access, illegal interception, data interference, system one source but actually has been sent from another
interference, and misuse of devoice; source.
2. Computer-related offenses, such as computer-related forgery and computer- Cyber Defamation This occurs when defamation takes place with the
related Fraud help of computers and/or the Internet. E.g. someone
3. Content-related offenses, such as offenses related to child pornography; And publishes defamatory matter about another website.
4. Copyright-related offenses, such as offenses related to copyright infringements Cyber Stalking This involves following a person's movements across
and related rights. the Internet by posting messages (sometimes
Even though this typology of cybercrime is not wholly consistent, as the fourth threatening) on bulletin boards frequented by the
category does not focus on the object of legal protection but on the method, which in turn victim, entering chat-rooms frequented by the victim,
brings about overlap between categories. Nonetheless, the categories serve as a useful basis constantly bombarding he victim with emails etc.
for discussing the phenomena of cybercrime globally. Unauthorized Access Also known as Hacking. Involves gaining access
The term "cybercrime" is used to cover a wide variety of criminal conduct. As illegally to a computer system or network and in some
recognized crimes include a broad range of different offenses, it is difficult to develop a cases making unauthorized use of this access.
typology or classification system for cybercrime. One approach can be found in the Hacking is also the act by which other forms of
Convention on Cybercrime, which distinguishes between four different types of offenses: cyber-crime (e.g., fraud, terrorism) are committed.
1. offenses against the confidentiality, integrity and availability of computer data Theft Theft of information contained in electronic form
and systems; such as that stored in computer hard disks. removal
2. computer-related offenses; storage media, etc. Can extend to identity theft.
3. content-related offenses; Email Bombing This refers to sending a large number of emails to the
4. copyright-related offenses. victim resulting in the victim's email account (in case
This typology is not wholly consistent, as it is not based on a sole criterion to of an individual) or mail servers (in case of a company
differentiate between categories. Three categories focus on the object of legal protection: or an email service provider) crashing.
"offenses against the confidentiality, integrity and availability of computer data and Salami Attacks These attacks are often used in committing financial
systems"; content-related offences; and copyright related offenses. The fourth category of
crime and are based on the idea that an alteration, so
"computer-related offences"109 does not focus on the object of legal protection, but on insignificant, would go completely unnoticed in a
the method used to commit the crime. This inconsistency leads to some overlap between single case. E.g. a bank employee inserts a program,
categories. into the bank's servers, that deducts a small amount
In addition, some terms that are used to describe criminal acts (such as of money (say 5 cents a month) from the account of
"cyberterrorism" or "phishing") cover acts that fall within several categories. Nonetheless,
the four categories can serve as a useful basis for discussing the phenomena of cybercrime.
Crim CDI 9 | 1
INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION
every customer. This unauthorized debt is likely to go
unnoticed by an account holder.
Denial of Service (DNS) This involves flooding a computer resource with
Attack more requests than it can handle, causing the
resource (e.g. a web server) to crash thereby denying
authorized users the service offered by the resource.
Another variation to a typical denial of service attack
is known as a Distributed Denial of Service (DDoS)
attack wherein the perpetrators are many and are
geographically widespread. It is very difficult to
control such attacks and is often used in acts of civil
disobedience.
Virus/worm Viruses are programs that attach themselves to a
computer or a file and then circulate themselves to
other files and to other computers on a network.
They usually affect the data on a computer, either by
altering or deleting it. Worms, unlike viruses do not
need the host to attach themselves to. They merely
make functional copies of themselves and do this
repeatedly till they eat up all the available space on a
computer's memory.
Logic Bombs These are event dependent programs where
programs kick into action only when a certain event
(known as a trigger event) occurs. Some viruses may
be termed logic bombs because they lie dormant
throughout the year and become active only on a
particular date (e.g. Chernobyl virus).
Trojan Attacks An unauthorized program which functions from
inside what seems to be an authorized program,
thereby concealing what it is actually doing.
Web Jacking This occurs when someone forcefully takes control
of a website (by cracking the password and later
changing it).
Cyber-Terrorism Hacking designed to cause terror. Like conventional
terrorism, e-terrorism is utilized hacking to cause
violence against persons or property, or at least cause
enough harm to generate fear.
Classification of Computer Crimes
Computer crime encompasses a broad range of activities.
1. Financial fraud crimes - Financial fraud can be broadly defined as an
intentional act of deception involving financial transactions for purpose of
personal gain. Fraud is a crime, and is also a civil law violation.
2. Internet fraud - means trying to trick or scam someone else using the Internet.
This usually means that the person who is being tricked loses money to the people
scamming them. Internet fraud can take place on computer programs such as chat
rooms, e-mail, message boards, or Web sites.
3. Computer fraud - is any dishonest misrepresentation of fact intended to let
another to do or refrain from doing something which causes loss. In this context,
the fraud will result in obtaining a benefit by:
a. Altering in an unauthorized way. This requires little technical expertise
and is a common form of theft by employees altering the data before entry
or entering false data, or by entering unauthorized instructions or using
unauthorized processes;
b. Altering, destroying, suppressing, or stealing output, usually to conceal
unauthorized transactions. This is difficult to detect;
c. Altering or deleting stored data;
4. Other forms of fraud may be facilitated using computer systems,
including
✓ bank fraud - is the use of potentially illegal means to obtain money, assets, or
other property owned or held by a financial institution, or to obtain money from
depositors by fraudulently posing as a bank or other financial institution. For this
reason, bank fraud is sometimes considered a white-collar crime.
✓ carding - is a form of credit card fraud in which a stolen credit card is used to
charge pre-paid cards. Carding typically involves the holder of the stolen card
purchasing store-branded gift cards, which can then be sold to others or used to
purchase other goods that can be sold for cash
✓ identity theft - also known as identity fraud, is a crime in which an imposter
obtains key pieces of personally identifiable information, such as Social Security or
driver's license numbers, in order to impersonate someone else.
✓extortion - (also called shakedown, outwrestling and exaction) is a criminal
offense of obtaining money, property, or services from an individual or institution,
through coercion
✓ theft of classified information
Crim CDI 9 | 2
INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION
o Classified information is sensitive information to which access is
restricted by law or regulation to particular classes of people. A
formal security clearance is required to handle classified
documents or access classified data. The operation of assigning
the level of sensitivity to data is called data classification.
A variety of internet scams, many based on phishing and social
engineering, target consumers and businesses.
Cyberterrorism
Government officials and information technology security specialists have
documented a significant increase in Internet problems and server scans since early 2001.
But there is a growing concern among government agencies such as the Federal Bureau of
Investigations (FBI) and the Central Intelligence Agency (CIA) that such intrusions are
part of an organized effort by cyberterrorists, foreign intelligence services, or other groups
to map potential holes in critical systems. A cyberterrorist is someone who intimidates or
coerces a government or an organization to advance security his or her political or social
objectives by launching a computer. based attack against computers, networks, or the
information stored on them.
Cyberterrorism in general can be defined as an act of terrorism committed through
the use of cyberspace or computer resources (Parker 1983). As such, a simple propaganda
piece in the Internet that there will be bomb attacks during the holidays can be considered
cyberterrorism. There are also hacking activities directed towards individuals, families,
organized by groups within networks, tending to cause fear among people, demonstrate
power, collecting information relevant for ruining peoples' lives, robberies, blackmailing
etc.
Cyber-extortion
Cyber-extortion occurs when a website, e-mail server, or computer system is
subjected to or threatened with repeated denial of service or other attacks by malicious
hackers. These hackers demand money in return for promising to stop the attacks and to
offer "protection". According to the Federal Bureau of Investigation. cyber-crime
extortionists are increasingly attacking corporate websites and networks, crippling their
ability to operate and demanding payments to restore their service. More than 20 cases are
reported each month to the FBI and many go unreported in order to keep the victim's
name out of the public domain. Perpetrators typically use a distributed denial-of-service
attack.
An example of cyberextortion was the attack on Sony Pictures of 2014.
Cyberwarfare
Sailors analyze, detect and defensively respond to unauthorized activity within U.S.
Navy information systems and computer networks
The U.S. Department of Defense (DoD) notes that the cyberspace has emerged
as a national-level concern through several recent events of geo-strategic significance.
Among those are included, the attack on Estonia's infrastructure in 2007, allegedly by
Russian hackers. "In August 2008, Russia again allegedly conducted cyberattacks, this time
in a coordinated and synchronized kinetic and non-kinetic campaign against the country
of Georgia. The December 2015 Ukraine power grid cyberattack has also been attributed
to Russia and is considered the first successful cyberattack on a power grid. Fearing that
such attacks may become the norm in future warfare among nation-states, the concept of
cyberspace operations impacts and will be adapted by war fighting military commanders
in the future.
Computer as a target
These crimes are committed by a selected group of criminals. Unlike crimes using
the computer as a tool, these crimes require the technical knowledge of the perpetrators.
As such, as technology evolves, so too does the nature of the crime. These crimes are
relatively new, having been in existence for only as long as computers have which explains
how unprepared society and the world in general is towards combating these crimes. There
are numerous crimes of this nature committed daily on the internet:
Crimes that primarily target computer networks or devices include:
1. Computer viruses
2. Denial-of-service attacks
3. Malware (malicious code)
Computer as a tool
Internet fraud, Spamming, Phishing, and Carding (fraud)
When the individual is the main target of cybercrime, the computer can be
considered as the tool rather than the target. These crimes generally involve less technical
expertise. Human weaknesses are generally exploited. The damage dealt is largely
psychological and intangible, making legal action against the variants more difficult. These
are the crimes which have existed for centuries in the offline world. Scams, theft, and the
likes have existed even before the development in high-tech equipment. The same criminal
has simply been given a tool which increases his potential pool of victims and makes him
all the harder to trace and apprehend.
What does Spamming mean?
Spamming is the use of electronic messaging systems like e-mails and other digital
delivery systems and broadcast media to send unwanted bulk messages indiscriminately.
The term spamming is also applied to other media like in internet forums, instant
Crim CDI 9 | 3
INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION
messaging, and mobile text messaging, social networking spam, junk fax transmissions,
television advertising and sharing network spam.
Crimes that use computer networks or devices to advance other ends include:
✓ Fraud and identity theft (although this increasingly uses malware, hacking or
phishing, making
it an example of both «computer as target» and «computer as tool» crime)
✓ Information warfare
✓ Phishing scams
✓ Spam
✓ Propagation of illegal obscene or offensive content, including harassment and
threats
Phishing is mostly propagated via email. Phishing emails may contain links to
other websites that are affected by malware. Or, they may contain links to fake online
banking or other websites used to steal private account information.
Phishing is the fraudulent attempt to obtain sensitive information such as
usernames, passwords and credit card details by disguising oneself as a trustworthy entity
in an electronic communication. Typically carried out by email spoofing or instant
messaging, it often directs users to enter personal information at a fake website which
matches the look and feel of the legitimate site.
Phishing is an example of social engineering techniques being used to deceive
users. Users are often lured by communications purporting to be from trusted parties such
as social web sites, auction sites, banks, online payment processors or IT administrators.
Obscene or offensive content
The content of websites and other electronic communications. may be distasteful,
obscene or offensive for a variety of reasons. In some instance these communications may
be legal.
The extent to which these communications are unlawful varies greatly between
countries, and even within nations. It is a sensitive area in which the courts can become
involved in arbitrating between groups with strong beliefs.
One area of Internet pornography that has been the target of the strongest efforts
at curtailment is child pornography, which is illegal in most jurisdictions in the world.
Online harassment
Various aspects needed to be considered when understanding harassment online.
Whereas content may be offensive in a non-specific way, harassment directs
obscenities and derogatory comments at specific individuals focusing for example on
gender, race, religion, nationality, sexual orientation. This often occurs in chat rooms,
through newsgroups, and by sending hate e-mail to interested parties. Harassment on the
internet also includes revenge porn.
There are instances, where committing a crime using a computer can lead to an
enhanced sentence. For example, in the case of United States v. Neil Scott, Kramer was
served an enhanced sentence according to the U.S. Sentencing Guidelines §2G1.3(b) (3)
for his use of a cell phone to "persuade, induce, entice, coerce, or facilitate the travel of,
the minor to engage in prohibited sexual conduct." Kramer argued that this claim was
insufficient because his charge included persuading
through a computer device and his cellular phone technically is not a computer. Although
Kramer tried to argue this point, U.S. Sentencing Guidelines Manual states that the term
computer "means an electronic, magnetic, optical, electrochemically, or other high speed
data processing device performing logical, arithmetic, or storage functions, and includes
any data storage facility or communications facility directly related to or operating in
conjunction with such device.
Connecticut was the U.S. state to pass a statute making it a criminal offense to
harass someone by computer. Michigan, Arizona, Virginia and South Carolina have also
passed laws banning harassment by electronic means.
Harassment as defined in the U.S. computer statutes is typically distinct from
cyberbullying, in that the former usually relates to a person's "use a computer or computer
network to communicate obscene, vulgar, profane, lewd, lascivious, or indecent language,
or make any suggestion or proposal of an obscene nature, or threaten any illegal or
immoral act," while the latter need not involve anything of a sexual nature.
Although freedom of speech is protected by law in most democratic societies (in
the US this is done by the First Amendment it does not include all types of speech. In fact,
spoken or written "true threat" speech/text is criminalized because of "intent to harm or
intimidate", that also applies for online or any type of network related threats in written
text or speech. The US Supreme Court definition of "true threat" is "statements where the
speaker means to communicate a serious expression of an intent to commit an act of
unlawful violence to a particular individual or group".
Drug trafficking
Darknet markets are used to buy and sell recreational drugs online. Some drug
traffickers use encrypted messaging tools to communicate with drug mules. The dark web
site Silk Road was a major online marketplace for drugs before it was shut down by law
enforcement (then reopened under new management, and then shut down by law
enforcement again). After Silk Road 2.0 went down, Silk Road 3 Reloaded emerged.
However, it was just an older marketplace named Diabolus Market, that used the name
for more exposure from the brand's previous success.
Crim CDI 9 | 4
INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION
CATEGORIES OF CYBER CRIME
We can categorize cybercrime in two ways.
1. The computer as a target using a computer to attacks other computer, e.g.
Hacking, virus/worms attacks, Dos attack etc.
2. The computer as a weapon using a computer to commit real world crime e.g.
cyber terrorism, credit card fraud and pornography etc.
Documented cases
One of the highest profiled banking computer-crime occurred during a course of
three years beginning in 1970. The chief teller at the Park Avenue branch of New York's
Union Dime Savings Bank embezzled over $1.5 million from hundreds of accounts. A
hacking group called MOD (Masters of Deception), allegedly stole passwords and
technical data from Pacific Bell, Nynex, and other telephone companies as well as several
big credit agencies and two major universities. The damage caused was extensive, one
company, Southwestern Bell suffered losses of $370,000 alone.
In 1983, a nineteen-year-old UCLA student used his PC to break into a Defense
Department International Communications system.
• Between 1995 and 1998 the Newscorp satellite pay to view encrypted
SKY-TV service was hacked several times. during an ongoing
technological arms race between a pan-European hacking group and
Newscorp. The original motivation of the hackers was to watch Star Trek
re-runs in Germany; which was something which Newscorp did not have
the copyright to allow.
• On 26 March 1999, the Melissa worm infected a document on a victim's
computer, then automatically sent that document and a copy of the virus
spread via e-mail to other people.
• In February 2000, an individual going by the alias of Mafiaboy began a
series denial-of-service attacks against high-profile websites, including
Yahoo, Dell Inc., E*TRADE, eBay, and CNN. About fifty computers at
Stanford University, and also computers at the University of California at
Santa Barbara, were amongst the zombie computers sending pings in
DDoS attacks. On 3 August 2000, Canadian federal prosecutors charged
Mafiaboy with 54 counts of illegal access to computers, plus a total of ten
counts of mischief to data for his attacks
• The Russian Business Network (RBN) was registered as an internet site in
2006. Initially, much of its activity was legitimate. But apparently the
founders soon discovered that it was more profitable to host illegitimate
activities and started hiring its services to criminals. The RBN has been
described by VeriSign as «the baddest of the bad»>. It offers web hosting
services and internet access to all kinds of criminal and objectionable
activities, with an individual activity earning up to $150 million in one year.
It specialized in and in some cases monopolized personal identity theft for
resale. It is the originator of MPack and an alleged operator of the now
defunct Storm botnet.
• On 2 March 2010, Spanish investigators arrested some personalities in
infection of over 13 million computers around the world. The "botnet" of
infected computers included PCS inside more than half of the Fortune
1000 companies and more than 40 major banks, according to investigators.
• In August 2010 the international investigation Operation Delego,
operating under the aegis of the Department of Homeland Security, shut
down the international pedophile ring Dreamboard. The website had
approximately 600 members, and may have distributed up to 123 terabytes
of child pornography (roughly equivalent to 16,000 DVDs). To date this
is the single largest U.S. prosecution of an international child pornography
ring; 52 arrests were made worldwide. In January 2012 Zappos.com
experienced a security breach after as many as 24 million customers) credit
card numbers, personal information, billing and shipping addresses had
been compromised. In June 2012 LinkedIn and eHarmony were attacked,
compromising 65 million password hashes. 30,000 passwords were
cracked and 1.5 million EHarmony passwords were posted online.
December 2012 Wells Fargo website experienced a denial-of-service
attack. Potentially compromising 70 million customers and 8.5 million
active viewers. Other banks thought to be compromised: Bank of America,
J. P. Morgan U.S. Bank, and PNC Financial Services.
• April 23, 2013 saw the Associated Press' Twitter accounts hacked the
hacker posted a hoax tweet about fictitious attacks in the White House that
they claimed left President Obama injured,1311 This hoax tweet resulted
in a brief plunge of 130 points from the Dow Jones Industrial Average,
removal of $136 billion from S&P 500 index, and the temporary
suspension of AP's Twitter account. The Dow Jones later restored its
session gains.
Diffusion of cybercrime
The broad diffusion of cybercriminal activities is an issue in computer crimes
detection and prosecution. According to Jean Loup Richet (Research Fellow at ESSEC
ISIS), technical expertise and accessibility no longer acts as barriers to entry into
cybercrime. Indeed, hacking is much less complex than it was a few years ago, as hacking
Crim CDI 9 | 5
INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION
communities have greatly diffused their knowledge through the Internet. Blogs and
communities have hugely contributed to information sharing: beginners could benefit
from older hackers' knowledge and advice. Furthermore, hacking is cheaper than ever:
before the cloud computing era, in order to spam or scam one needed a dedicated server,
skills in server management, network configuration, and maintenance, knowledge of
Internet service provider standards, etc. By comparison, a mail software-as-a service is a
scalable, inexpensive, bulk, and transactional e-mail sending service for marketing
purposes and could be easily set up for spam. Jean-Loup Richet explains that cloud
computing could be helpful for a cybercriminal as a way to leverage his attack - brute
forcing a password, improve the reach of a botnet, or facilitating a spamming campaign.
Investigation
A computer can be a source of evidence (see digital forensics). Even when a
computer is not directly used for criminal purposes, it may contain records of value to
criminal investigators in the form of a logfile. In most countries are required, by law, to
keep their logfiles for a predetermined amount of time. For example; a European wide
Data Retention Directive (applicable to all EU member states) states that all E-mail traffic
should be retained for a minimum of 12 months.
Methodology of cybercrime investigation
There are many ways for cybercrime to take place, and investigations tend to start
with an IP Address trace, however that is not necessarily a factual basis upon which
detectives can solve a case. Different types of high-tech crime may also include elements
of low-tech crime, and vice versa, making cybercrime investigators an indispensable part
of modern law-enforcement. Methodology of cybercrime detective work is dynamic and
is constantly improving. whether in closed police units, or in international cooperation
framework.
Legislation
Due to easily exploitable laws, cybercriminals use developing countries in order to
evade detection and prosecution from law enforcement. In developing countries, such as
the Philippines, laws against cybercrime are weak or sometimes nonexistent. These weak
laws allow cybercriminals to strike from international borders and remain undetected.
Even when identified, these criminals avoid being punished or extradited to a country,
such as the United States, that has developed laws that allow for prosecution. While this
proves difficult in some cases, agencies, such as the FBI, have used deception and
subterfuge to catch criminals. For example, two Russian hackers had been evading the FBI
for some time. The FBI set up a fake computing company based in Seattle, Washington.
They proceeded to lure the two Russian men into the United States by offering them work
with this company. Upon completion of the interview, the suspects were arrested outside
of the building. Clever tricks like this are sometimes a necessary part of catching
cybercriminals when weak makes it impossible otherwise President Barack Obama
released in an executive order in April 2015 to combat cybercrime. The executive order
allows the United States to freeze assets of convicted cybercriminals and block their
economic activity within the United States. This is some of the first solid legislation that
combats cybercrime in this way.
The European Union adopted directive 2013/40/EU. All offenses of the directive,
and other definitions and procedural institutions are also in the Council of Europe's
Convention on Cybercrime.
Penalties
Penalties for computer related crimes in New York State can range from a fine and
a short period of jail time for a Class A misdemeanor such as unauthorized use of a
computer up to computer tampering in the first degree which is a Class C felony and can
carry 3 to 15 years in prison
However, some hackers have been hired as information security experts by private
companies due to their inside knowledge of computer crime, a phenomenon which
theoretically could create perverse incentives. A possible counter to this is for courts to
ban convicted hackers from using the Internet or computers, even after they have been
released from prison though as computers and the Internet become more and more central
to everyday life, this type of punishment may be viewed as more and more harsh and
draconian. However, nuanced approaches have been developed that manage cyber
offender behavior without resorting to total computer or Internet bans. These approaches
involve restricting individuals to specific devices which are subject to computer monitoring
or computer searches by probation or parole officers.
Awareness
As technology advances and more people rely on the internet to store sensitive
information such as banking or credit card information, criminals increasingly attempt to
steal that information. Cybercrime is becoming more of a threat to people across the
world. Raising awareness about how information is being protected and the tactics
criminals use to steal that information continues to grow in importance. According to the
FBI's Internet Crime Complaint Center in 2014 there were 269,422 complaints filed. With
all the claims combined there was a reported total loss of $800,492,073. But cybercrime
does yet seem to be on the average person's radar. There are 1.5 million cyber-attacks
annually, that means that there are over 4,000 attacks a day, 170 attacks every hour, or
nearly three attacks every minute, with studies showing us that only 16% of victims had
asked the people who were carrying out the attacks to stop. Anybody who uses the internet
Crim CDI 9 | 6
INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION
for any reason can be a victim, which is why it is important to be aware of how one is
being protected while online.
Intelligence
As cybercrime has proliferated, a professional ecosystem has evolved to support
individuals and groups seeking to profit from cybercriminal activities. The ecosystem has
become quite specialized, including malware developers, botnet operators, professional
cybercrime groups, groups specializing in the sale of stolen content, and so forth. A few
of the leading cybersecurity companies have the skills, resources and visibility to follow
the activities of these individuals and group. A wide variety of information is available
from these sources which can be used for defensive purposes, including technical
indicators such as hashes of infected files or malicious IPS/URLs, as well as strategic
information profiling the goals, techniques and campaigns of the profiled groups. Some
of it is freely published, but consistent, on-going access typically requires subscribing to an
adversary intelligence subscription service. At the level of an individual threat actor, threat
intelligence is often referred to that actor's "TTP", or "tactics, techniques, and procedures,"
as the infrastructure, tools, and other technical indicators are often trivial for attackers to
change.
Computer viruses are forms of code or malware programs that can copy
themselves and damage or destroy data and systems. When computer viruses are used on
a large scale, like with bank, government or hospital networks, these actions may be
categorized as cyberterrorism. Computer hackers also engage in phishing scams, like asking
for bank account numbers, and credit card theft.
Stalking Defined
Carrie walks back to her dorm room, but she cannot shake the feeling that she's
being watched. Over the last two weeks, she has received several blocked calls to her cell
phone. Sometimes she will answer the calls, and other times she lets it go to voicemail.
When she answers, no one speaks, and whoever it is does not leave a voicemail message.
Carrie has also been getting emails to her school account. The emails tell her that she is
pretty, and there will be comments about the pants or shirt she wore that day. Tonight,
Carrie feels she needs to talk to the police because she feels someone is stalking her.
The definition for stalking is when a perpetrator singles out a specific
person and causes the person emotional distress and causes the individual to fear
for his or her life, safety, or safety of others. A stalker can be a former boyfriend or
girlfriend, an acquaintance or a stranger.
In order for stalking to be a crime, there has to be two or more occasions of visual or
physical proximity; non-consensual communication, either written or verbal; threats; or a
combination of any of these occasions. In the example, Carrie has had a combination of
these occasions and is being subjected to several types of stalking.
Types of Stalking
Stalking can occur in several forms.
The first type of stalking is when the perpetrator follows an individual and watches them.
Maria is being watched while she is walking back to her home. Her stalker is using
surveillance stalking to track and follow her. With surveillance stalking, the perpetrator is
known to sit outside the home, place of work, school, or other places that the individual
usually go to regularly. Along with surveillance stalking, there is cyberstalking.
Maria is also a victim of cyberstalking, which is the use of electronic means, such as the
Internet or cellphones, to stalk victims. Cyberstalking is also considered unsolicited contact
from the perpetrator to the victim. The difference between cyberstalking and surveillance
stalking is that surveillance stalking is done in a physical sense, and cyberstalking is done
through technology and electronic means. The perpetrator has not made physical contact,
so the stalking is not considered aggravated stalking.
Another type of stalking is aggravated stalking. Aggravated stalking occurs when the
perpetrator restrains the victim, causes bodily harm to the victim, or violates an order of
protection. Maria has not had any of these happen to her, so her stalker is using
surveillance stalking and cyberstalking. There are also categories that try to define each
type of stalker.
Types of Stalkers
Actions define the type of stalking, but personalities combined with the actions define the
type of stalker:
1. Rejected Stalker -This type of stalker becomes upset when the friendship or romantic
relationship has ended. The rejected stalker is not only self-centered and jealous but also
over-dependent and persistent.
2. Resentful Stalker - The resentful stalker feels humiliated that the relationship has
ended and seeks revenge upon the victim. Resentful stalkers are often irrationally paranoid
and are known to verbally assault their victims.
3. Predatory Stalker - The predatory stalker seeks power and sexual gratification. They
will not make physical contact but will use surveillance to track the victim.
4. Intimacy Seeker - The intimacy-seeking stalker seeks an intimate and romantic
relationship with the victim. When the stalker is rejected by the victim, he or she will
continually phone the victim, write the victim letters, and can become jealous and violent
if the victim enters into a relationship with someone else.
Crim CDI 9 | 7
INTRODUCTION TO CYBERCRIME AND ENVIRONMENTAL LAWS AND PROTECTION
5. Incompetent Suitor- The incompetent suitor stalker usually has inadequate social
skills. They want a relationship with the victim but do not have the ability to realize he or
she is not meant to be with the victim.
6. Erotomania and Morbidly Infatuated - This type of stalker feels that the victim loves
them even though they may not have had any contact with the victim. The stalker is usually
paranoid, prefers suitors in a higher social class, and will repeatedly approach the victim.
Cyberstalking is the use of the Internet or other electronic means to stalk or
harass an individual, group, or organization. It may include false accusations, defamation,
slander and libel. It may also include monitoring, identity theft, threats, vandalism,
solicitation for sex, or gathering information that may be used to threaten, embarrass or
harass.
Cyberstalking is often accompanied by real time or offline stalking. In many
jurisdictions, such as California, both are criminal offenses. Both are motivated by a desire
to control, intimidate or influence a victim. A stalker may be an online stranger or a person
whom the target knows. They may be anonymous and solicit involvement of other people
online who do not even know the target.
Cyberstalking is a criminal offense under various state anti-stalking, slander and
harassment laws. A conviction can result in a restraining order, probation, or criminal
penalties against the assailant, including jail.
Cyberstalking is a crime in which the attacker harasses a victim using electronic
communication, such as e-mail or instant messaging (IM), or messages posted to a Web
site or a discussion group. A cyber stalker relies upon the anonymity afforded by the
Internet to allow them to stalk their victim without being detected.
Online harassment, sometimes referred to as "cyber harassment," usually pertains
to threatening or harassing emails, instant messages, or website entries. ... To be
considered cyberstalking, the behavior must pose a credible threat of harm to the
victim. All states have anti-stalking laws, but the legal definitions vary.

Crim CDI 9 | 8