4 Contemporary Computer Crime Chapter Outline • I. Web-Based Criminal Activity a. Interference with Lawful Use of Computer II. Malware o a. Viruses and Worms o b. DoS and DDoS Attacks o c. Botnets and Zombie Armies o d. Spam o e. Ransomware and the Kidnapping of Information III. Theft of Information, Data Manipulation, and Web Encroachment o a. Traditional Methods of Proprietary Information Theft o b. Trade Secrets and Copyrights o c. Political Espionage IV. Terrorism o a. Cyberterrorism V. Neotraditional Crime: Old Wine in New Bottles o a. Dissemination of Contraband or Offensive Materials ▪ i. Child Pornography ▪ ii. Child Enticement/Exploitation ▪ iii. Online Pharmacies ▪ iv. Online Gambling o b. Threatening and Harassing Communications ▪ i. Cyberstalking and Cyberharassment ▪ ii. Cyberbullying o c. Online Fraud ▪ i. Auctions ▪ ii. Online Credit Card Fraud ▪ 1. Skimming ▪ 2. RFID ▪ iii. Web-cramming/ISP Jacking ▪ iv. Fraud via Data Manipulation o v. Securities Fraud and Stock Manipulation ▪ 1. False Information ▪ 2. Insider Trading o d. e-Fencing o e. Fraudulent Instruments VI. Ancillary Crimes o a. Money Laundering ▪ i. Process of Money Laundering ▪ ii. Fighting Money Laundering VII. Conclusions o • • • • • • LEARNING OBJECTIVES After reading this chapter, you will be able to do the following: • • • • • ■ Explore the current state of Internet crimes in the United States and abroad. ■ Identify emerging trends in Web-based crime. ■ Develop a working knowledge of the six classifications of motive for modern computer intruders. ■ Become familiar with more computer terms and recent laws that aid the government in cracking down on computer criminals. ■ Gain knowledge of modern terrorists and their use of technology which is changing the face of terrorism completely. KEY TERMS AND CONCEPTS • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • anonymizer • Can-Spam Act • Classical era • counterfeiting • credit card fraud • cyberbullying • cyberharassment • cyberstalking • cyberterrorism • data diddling • day trading • denial of service (DoS) attack • distributed denial of service (DDoS) attack • eco-terrorism • e-Fencing • erotomaniacs • extortion • false information • finding • Floppy Era • forfeiture • forgery • fraud • fraudulent instruments • freezing • insider trading • Internet Era • IP spoofing • ISP-Jacking • love-obsession stalker • • • • • • • • • • • • • • • • • • • • • Macro Era • macro viruses • malware or malicious programming code • money laundering • NAMBLA • obsessional stalkers • ransomware • salami technique • shoulder-surfing • social engineering • spam • spamming • stalking • Unlawful Internet Gambling Enforcement Act of 2006 • VBS worm generator • vengeance or terrorist stalker • vicinage • W32.Waledac • Web-cramming • zombies or bots WEB-BASED CRIMINAL ACTIVITY In the dawning hours of the computer age, the term “computer crime” usually referred to the theft of computers or computer components. This distinction changed dramatically with the introduction of the cyberage. Increasingly, criminals have targeted a far less tangible commodity—information. At least 60 million residents of North America have online bank accounts, and at least one-third of the American workforce, or 50 million individuals, are online. In addition, big businesses and multinational corporations are increasingly relying on technology systems and the Internet for the distribution of goods and materials, communication, billing, and account management. In 2011, e-commerce amounted to nearly $200 billion in the United States alone. This represents a 16.1 percent increase over 2010 figures.1 It should not be entirely unexpected, then, that criminals are increasingly focusing their efforts in this realm. Just as law enforcement tended to overlook the seriousness of hacking and phreaking in the 1980s, legislative bodies have been slow to respond to the potentiality of contemporary computer crime in the twenty-first century. In fact, the strides made in electronic communications and the increasing emphasis on point-and-click platforms have enabled a variety of criminally minded individuals to expand their horizons. Traditionally, computer crime was comprised mainly of trafficking in stolen equipment or falsification of records. Although certain types of computer crime were possible prior to the introduction of cyberspace, the marriage of computer and telecommunications has resulted in an explosion of the crime. The impression of anonymity has proven all but irresistible to criminally minded individuals. In fact, it may be argued that some individuals who had previously been deterred by the fear of exposure are more susceptible to the temptations posed by this type of platform. Indeed, preliminary estimates of Internet gambling, illegal in virtually every area of the country, suggest that the Web, with its promise of anonymity, has encouraged criminal activity among the masses. To wit, individuals who would never walk into an adult book store in search of photographs or videos of bestiality or child pornography readily download those same materials in the privacy of their home. Those unwilling to walk into a bank with a gun may feel comfortable altering bank records or manipulating stock records. Those same individuals who were dissuaded from seeking revenge through traditional avenues may feel completely confident in posting embarrassing or compromising information on the Web. Even hackers, whom many authorities believed to be a relic of the 1980s, are increasingly dangerous. Recent cases indicate that computer dependency and globalization of communication have been exploited by individual, group, and government hacking entities. A group known as Global Hell, for example, is suspected of hacking into a variety of government sites including the U.S. Department of the Interior, the United States Army, the Federal Bureau of Investigation, and the White House. Although their motivations appear to be a simple quest for notoriety as opposed to the destruction of government property, implications for national security are tremendous. Other implications of computer crime include • • • • • 1. financial losses, 2. personal security (i.e., identity theft), 3. industrial espionage, 4. international security, and 5. public safety. In fact, threats to public welfare and personal safety may surpass national security concerns. Generally speaking, there are six categories of online crime: • • • • • • • Interference with lawful use of computers—DOS attacks, viruses, worms, other malware, cybervandalism, cyberterrorism, spam, etc. • Theft of information and copyright infringement—industrial espionage, ID theft, ID fraud, etc. • Dissemination of contraband or offensive materials—pornography, child pornography, online gaming, treasonous or racist material, etc. • Threatening communications—extortion, cyberstalking, cyberharassment, cyberbullying, etc. • Fraud—auction fraud, credit card fraud, theft of services, stock manipulation, etc. • Ancillary crimes—money laundering, conspiracy, etc. Interference with Lawful Use of Computers Industrial or corporate competition has also escalated to the malicious destruction of data. This eco-terrorism or corporate warfare is not unique, nor is it a new concept. Traditionally, other methods of destruction included attacks on physical structures (i.e., headquarters, research laboratories, etc.) or tangible objects (i.e., file cabinets, vials of chemicals, etc.). But just as the virtuality of cyberspace has altered traditional modes of communication, education, and commerce, it has transformed the competitive arena of big business. Indeed, the interconnectivity of technological devices which have become so prized across the globe has exponentially increased the vulnerability of those self-same corporations. While the impact of a traditional mail bomb was limited to the physical area surrounding the packaging, the implications of e-mail bombs are limitless in their application and may include a complete dismantling of a company’s informational infrastructure. The Toolkit of a Cybercriminal Although methods and mechanisms of cybercriminals vary, the majority of online victimization is perpetrated by employing one of the various tools.2 • • • • • • • • • • • • Bots or zombies—a computer which has been compromised by some form of malware which enables the criminal to remotely control that computer. For the most part, bots or zombies are employed collectively in a botnet. Keyloggers—a software program or hardware device which records all keystrokes of a compromised computer. Depending on the device or software employed, the information is either locally stored or remotely sent to the perpetrator. Bundlers—malware which is hidden inside what appears to be legitimate software or download. Containers often include gaming software, freeware, image or audio files, or screensavers. DDoS—a concentrated attack on a system or service which employs botnets to disrupt or deny access to the target. Packet Sniffers—software programs which are capable of monitoring network traffic and capturing specific data. They are often employed to “sniff” and capture passwords as they travel across the network. Rootkits—a compilation of tools which are employed by hackers on a compromised machine. Among other things, rootkits allow criminals to maintain access, prevent detection, build in hidden back doors, and collect information from the compromised system. Spyware—a software which covertly collects information from a compromised system. It is often bundled with legitimate software and can transmit the information collected to a designated site or user. Scripts—short programs or lists of command which can be copied, remotely inserted, and used to attack a local computer or network. Phishing—an e-mail or document which attempts to persuade the recipient to divulge specific information, like passwords, account numbers, etc. (It will be discussed more thoroughly in Chapter 5.) Trojans—a general category which encompasses a variety of other cybertools. Covertly installed, these programs are designed to collect information, provide control, or distribute data. Worms—wholly contained viruses that travel through networks, automatically duplicating and mailing themselves to other systems. Viruses—programs or pieces of malicious code which are intended to infect or compromise random systems or machines. MALWARE As discussed in Chapter 2, malware or malicious programming code refers to code that causes damage to computer systems. This broad-based category includes back doors, Trojan horses, viruses, worms, and DoS attacks. All of these entities can be, and have been, employed by terrorists, hacktivists, corporate spies, criminals, and pleasure seekers. The range of their utilization includes blackmail, extortion, and espionage, while their payloads in destruction range from nuisance to devastation. Some viruses, for example, may simply insert, delete, or scramble text within MS Word documents (e.g., wm97thu and Anna Kournikova). Particularly destructive malware like computer worm Conficker had already infected as many as 12 million computers worldwide and seems almost invulnerable to containment. Unfortunately, occurrences of markedly nasty malware continue to rise with the popularity of botnets. Most Dangerous Celebrities of 2011 According to McAfee, Heidi Klum topped the list of the Most Dangerous Celebrities of 2011. As cybercriminals often use the names of popular topics, searches for information on celebrities are often used to spread malware. Rounding out the top ten are Cameron Diaz (2); Piers Morgan (3); Jessica Biel (4); Katherine Heigl (5); Mila Kunis (6); Anna Paquin (7); Adriana Lima (8); Scarlett Johansson (9); and Brad Pitt, Emma Stone, and Rachel McAdams (10).3 Viruses and Worms Contrary to popular belief, computer viruses are not a new phenomena. Although early mainframe users experienced anomalies, they necessarily credit such occurrences as malicious or intentional. Loss of files or misplaced lettering was attributed to programming glitches. The first recognized computer virus, the rabbit, appeared in the 1960s. These programs diminished the productivity of computer systems by cloning themselves and occupying system resources. These rabbits were strictly local phenomena, incapable of copying themselves across systems and were the result of mistakes or pranks by system programmers. The first virus attached to an executable file made its appearance in the 1970s on the Univax 1108 system.4 Pervading Animal was attached to the end of an executable file and required the computer user to answer a series of questions regarding animals. Since that time, viruses have continued to evolve and are currently capable of network failure and mass destruction of data. Here is a brief timeline of some significant evolutionary developments. Although the proliferation of viruses often makes it difficult for users to comprehend their evolution, there are four distinct eras of computer viruses. The first of these may be defined as the Classical Era (1960s–1970s), in which system anomalies occurred accidentally or were a result of pranks by programmers or system administrators. The second evolutionary era, known as the Floppy Era (1980s–1990s), was largely characterized by infection of DOS machines spread by removable media. During this period the spread of computer viruses was relatively limited, and the evolution of viruses was relatively slow. Due primarily to their lack of sophistication, viruses during this period were easy to detect, isolate, and eliminate. This began to change with the introduction of polymorphic viruses which emerged in the early 1990s. These viruses avoided detection by using indecipherable code, easily defeating early antivirus software which identified potential viruses by looking for segments of known virus code. Year Name Elk Cloner (created by 1982 Richard Skrenta) 1986 Brain (created by Basit & Amjad Frooq Alvi) 1987 Christmas Tree 1988 Morris Worm (created by Robert Morris) 1990 Chameleon 1990 Murphy, Nomenclatura Beast 1992 Michelangel 1996 Win.Tentacle 1997 Linux.bliss Systems Targeted Apple DOS 3.3 Various European Academic Research Network and IBM Vnet Unix for Vax; Sun Microsystems DOS Windows Windows Windows 3.x Linux 1997 Homer 1997 mIRC worms Windows 1998 Win32.HLLP.DeTroie Windows 1998 Back Orifice Various 1998 VBScript.Rabbit Windows 2000 LoveLetter Windows 2000– Nimda, CodeRed, 2001 Sircam Windows Significance Released “in the wild”—not locally contained First PC boot sector virus; first virus to operate in stealth mode, replacing infected sectors with clean ones. First total epidemic of a network virus Picked up user passwords; focused on errors in OS First polymorphic virus. Defeated traditional platforms for virus detection Creation of Bulgarian “virus production factory” and first BBS devoted to virus making Causes boom in antivirus software First Windows epidemic First virus for Linux First network worm virus using FTP to propagate Virus scripts are transmitted along Windows IRC channels Capable of transmitting information from the infected computer to the owner Introduction of clandestine installation of Trojans, enabling remote access to infected computers Creation of HTML virus—employing the MS Windows and Office options, infection of remote computers and Web servers, replication via e-mail First widely distributed virus making use of the VBS extension. Considered the costliest virus, as system administrators were unprepared for it.5 Re-emergence of the worm. Replication via e-mail and scans and infects Web servers. Capable of infecting computers by simply viewing of subject line in Outlook. Originally touted as having the capacity to bring down the Internet. Year Name Systems Targeted 2000 Liberty Palm OS 2003 Slammer Windows/Internet 2003 Lovesan Windows/Internet 2003 Sobig Windows/Internet 2003 Mimail Windows/Internet 2004 Various (Sasser, Windows/Internet MyDoom, NetSky, etc.) 2008 Conficker, Kido, Downadup Windows Significance First harmful Trojan to target Palm Pilot operating systems.6 First fileless or “flash” worm. Caused several segments of the Internet to crash. Did not copy itself but remained in memory. Exploited weakness in Windows 2000/XP Widespread DoS attack on selected sites designed to facilitate spam attacks.7 Exploited latest vulnerability in Internet Explorer which allowed binary code to be extracted from HTML files and executed.8 Proliferation of viruses dedicated to facilitating mass spam attacks. Formed botnet and remains difficult to control due to multiple advanced malware techniques By the mid-1990s, end users became aware of the risk of viruses, and many stopped sharing programs or running executable files. At the same time, the explosion of the Internet, the electronic mail, and the Windows OS proved irresistible to virus creators. As such, macro viruses emerged, and the Macro Era (1990s–2000s) was born. Unlike viruses found in the first two periods, macro viruses infect documents and templates, not programs. Embedding the malicious code into the macro programming language found in popular Microsoft and Macintosh (e.g., Word, Excel) applications, the virus infects the system when the user opens the document. Once executed, the virus will become embedded in both current and future documents. The virus is then propagated via e-mail, networks, and the Internet. One of the first notable examples of a macro virus appeared on the Internet in March 1999. The Melissa virus caused more than $80 million in damages to computers across the globe. In the United States, the viruses infected 1.2 million computers of one-fifth of the nation’s largest businesses. Created by David Smith, the virus was embedded in a document posted on the Internet newsgroup Alt.sex. Proclaiming to contain passcodes to various adult-content Web sites, users infected their computers by downloading and opening the document. The virus then propagated itself by sending e-mail to the first 50 addresses in the computer user’s address book. Smith was subsequently sentenced to 20 months in federal prison, three years of supervised release, 100 hours of community service, and a fine of $5,000. In addition, he was prohibited from accessing a computer of any kind.9 In the wake of the Melissa virus and the prosecution of David Smith, investigators recognized that the transmission of viruses was continuing to evolve. In mid-2000, two viruses heralded a new period in virus sophistication and distribution. The Internet Era (2000–present) began with the introduction of a group of publicized infections: CodeRed, SirCam, and w32/Nimbda.Amm. One of the group’s methods of propagation was similar to Melissa’s exploitation of Microsoft Outlook. All were capable of using an infected system’s address book to infect other computers. However, this new group demonstrated a variety of alternative methods of replication that were not found in previous viruses. CodeRed, for example, scanned the Internet for vulnerable machines, and then infected them, while Nimda (“admin” spelled backwards) infected computers even when the infected e-mail was simply viewed through MS Outlook’s preview window.10 Unfortunately, the re-emergence of network worms continues to plague users and system administrators alike. An increasing proliferation of such worms is continuing to cause untold damages, and worms are increasingly utilized to perpetrate large-scale DoS attacks. While the motivations for their creation vary, more and more are being unleashed for economic gain. Public Apathy and Increased Vulnerability Especially popular among hackers in the 1980s, the threat of malicious programming code created near hysteria among early computer users and spawned an entire industry. However, the creation of antivirus and firewall programs has almost negated the unease experienced nearly two decades ago. Unfortunately, they have also led to a false sense of security among the American public, resulting in an apathetic approach to data security. In fact, malicious attacks or information theft are so dangerous that even computer giants like Apple and IBM have not been immune. Regardless of the level of scrutiny afforded to computer viruses or other contaminants, their threat remains genuine. In fact, virus creation and dissemination has become more pronounced with the inception of made-to-order virus and worm tool kits readily available via the Internet. The VBS Worm Generator (VBSWG 1.50b), for example, allows script kiddies (i.e., novice users with malicious intentions) to create viruses quickly and painlessly. Reportedly created in Buenos Aires, Argentina, VBSWG 1.50b creates VBS worms that infect Windows systems with MS VB5 runtimes or Windows Scripting Host 5.0. Unfortunately, this includes Windows 95 SE, 98, and 98 SE. Although other toolkits exist (including Satanic Brain Virus Tools, 1.0; the Instant Virus Production Kit; and Ye Olde Funky Virus Generator), this particular one has been directly responsible for a variety of recent viruses, including the popular Anna Kournikova virus, and is so specialized that users may name their own virus and select from a variety of payloads. It even allows users to choose the manner of virus activation (i.e., timed, immediate, etc.). DoS and DDoS Attacks The primary objective in a denial of service (DoS) attack is to disable a large system without necessarily gaining access to it. Traditionally, the most common DoS attack involved mailbombing (e.g., jamming a system’s server with voluminous e-mail). Other traditional methods included the time-proven method of manipulation of phone switches or the more sophisticated method of low-level data transmission. These attacks were directed at some of the Web’s most popular portals, including www.amazon.com, www.eBay.com, and www.Yahoo.com. Motivations varied from personal to organizational to political. During this period, national infrastructures remained relatively unscathed, and attacking packets originated from a single address or network.11 Botnets and Zombie Armies Since their inception, criminals have now recognized and developed a new methodology for DoS attacks. Known as DDoS (distributed denial of service) attacks, this emerging technology employed zombie or robot (aka bot) machines to increase the effectiveness and efficiency of their payload. Zombies or bots are compromised computers attached to the Internet which are often used to remotely perform malicious or criminal tasks. They are often used in large batches (i.e., zombie armies or botnets), and the majority of owners of zombie computers are unaware of their usage. Their use is increasingly common as they effectively camouflage the perpetrator and decrease the operating costs of their criminal operation associated with bandwidth. Motivations for DDoS attacks range from boredom to theft to extortion. Hacktivists have also used zombie computers in a variety of highly publicized attacks. For example, hacktivist group Anonymous effectively shut down the Web site of the Westboro Baptist Church, the organization that is best known for protesting at the funerals of soldiers. Anonymous was also responsible for the DDoS that temporarily disrupted service for MasterCard and PayPal in late 2010 after the corporations cracked down on Wikileaks. Diagram of how DDoS attacks operate via compromised machines, remotely controlled by the perpetrator. In 1999, the first known DDoS attacks occurred, with tools known as Trinoo and Tribe Flood Network (TFN). Since that time, such attacks have become commonplace and have been employed by a variety of individuals or groups, such as extortionists, business competitors, and terrorists. In fact, many businesses and corporations are so fearful of the potential economic loss caused by such an attack, that they often acquiesce to the demands of cyberextortionists, even before an attack has been launched. It is not uncommon, for example, for extortionists to threaten online gambling sites with a DDoS attack in the days immediately preceding a popular sporting event. Even the mafia has not proven immune to such strong arming tactics. In 2006, members of New York’s Bonanno crime family were forced to pay “protection” money and beef up online security for their online gaming site www.playwithal.com. Cyberextortion—the use or the implicit threat of use of technological means to cause harm to the physical being, reputation, or property of an individual, organization, or company as a means to obtain the consensual exchange of property from that individual, organization, or company. In June 2007, the Department of Justice and the FBI announced that an ongoing cybercrime initiative, Operation Bot Roast, had identified over 1 million compromised computer IP addresses. Recognizing that the majority of victims remained unaware of their computer’s victimization, the FBI announced that they would join with industry leaders and other government agencies (including Microsoft and the Botnet Task Force) to inform and educate computer users of their vulnerability.12 Since that time, botnets and the use of zombie armies have become increasingly popular. In 2010, the same Botnet Task Force, helmed by Microsoft, took down one of the world’s largest spambots. The W32.Waledac botnet had the capability of sending as many as 1.5 billion spam e-mails a day. Spam Although the term spam has long been a part of American language, its contemporary meaning bears little resemblance to its original etymology. In today’s verbiage, the term spamming may be defined as the abuse of electronic messaging systems to randomly or indiscriminately send unsolicited bulk messages. While spam may be found in a myriad of electronic communications (i.e., instant messaging, Usenet newsgroup, blogs, mobile phones, etc.), most users are familiar with the term as it applies to e-mail. In fact, it seems unlikely that any regular user of e-mail has escaped victimization. It is increasingly employed by some advertisers to reduce operating costs and escape accountability. In addition, it can be employed by criminals launching DDoS attacks irrespective of primary motivation. While many end users view spam as little more than a nuisance, some of the direct effects associated with the practice of spamming include the cost in human time of reading or deleting the messages; reduced productivity due to reduction of focus; purchase of antispam software; and the consumption of computer and network resources. The exact costs of spam are difficult to determine. According to a University of Maryland study, spam resulted in almost $22 billion in lost productivity alone! They calculated this figure by multiplying the average time which workers spent deleting spam each day (i.e., three minutes) by the number of online adults by the average wage.13 The study further revealed that 11 percent of individuals receive at least 40 such messages daily. Traditionally, electronic spam was most commonly used by advertisers or by businesses themselves. Not all of the spam was innocuous, and it was popularly employed by pornography sites. Currently, an antispam backlash has significantly reduced the viability for legitimate companies to employ the practice, and most have abandoned it altogether. However, the amount of spam continues to increase, and is currently used to spread viruses; deliver Trojans or other malware; initiate DDoS attacks; commit identity theft; facilitate Internet fraud; promote political extremism; and further a variety of other online crime, like extortion and blackmail. In 2010, the top three spam botnets were Rustock, Grum, and Cutwail.14 Smurfing, Fraggling, and DDoS Attacks To avoid detection by authorities, some criminals are using two distinct methods of distributed denial of service (DDoS) attacks. The first, known as smurfing, occurs when a perpetrator utilizes Internet Control Message Protocol (ICMP) echo (ping) traffic at IP broadcast addresses from spoofed source addresses. The second, known as fraggling, utilizes User Datagram Protocol (UDP) UDP echo packets instead of ICMP. In both cases, the providers or machines which are most likely to be victimized are IRC servers and their providers. In 2006, Daniel J. Lin became the first person convicted of violating the Can-Spam Act and was sentenced to three years in federal prison and imposed a $10,000 fine. Lin, along with his partners, distributed millions of e-mail messages advertising various products, including weight loss patches and “generic” Viagra. To increase sales and to advertise his wares, Lin sent bulk emails with fraudulent header information through a variety of zombie computers.15 In addition to the Can-Spam Act, the federal government has employed other contemporary legislation to prosecute spammers. In May 2007, for example, Robert Soloway was indicted by a federal grand jury on various charges, including multiple counts of mail fraud, wire fraud, e-mail fraud, aggravated identity theft, and money laundering. Dubbed the “Spam King” by federal authorities, Soloway operated numerous Web sites and domains which hid spam tools inside software marketed as legitimate. Allegations also include the creation of a botnet of more than 2000 proxy computers. The indictment was a culmination of a joint operation conducted by the U.S. Postal Inspection Service, the DOJ’s Computer Hacking and Intellectual Property unit, the Internal Revenue Service, and the FBI.16 The Evolution of Viruses Jon Hoskin Clemson University The first computer bug was an actual insect, which stopped a relay from working and thus had to be “debugged.” There is no similar related origin for the computer malware terms virus, worm, and Trojan. Nevertheless, the use of the word virus to describe a computer program that perpetuates itself in a fashion similar to a biological virus is apt. Although relatively new, the computer virus has become so ubiquitous that This Week in Virology (TWIV.TV), the foremost podcast on biological viruses (B-viruses), has the subtitle “The kind That Make You Sick” so as not to mislead listeners. B-viruses are ancient and may even have been the progenitor of life as we know it. On the other hand, the computer virus was first constructed in the early 1970s and can be defined as a program created by intelligent design, a purposeful if not positively motivated human activity. While the differences are dramatic, numerous similarities exist including how we eradicate them. B-viruses don’t appear to be alive but exist by making use of the biological world around them including utilizing biochemical processes present in host organisms to replicate and fend off the host’s defenses. Similarly, computer malware can only use capabilities of the host computer and is dependent on the knowledge and creativity of the programmer. Malware creators use all available tools including security features and must constantly make changes for their products to remain viable. For example, malware which prevents access to a targeted machine through the use of sophisticated encryption algorithms may be remotely installed on a victim’s device. Traditional extortion scams may then require a preliminary payment of $79 to regain access. However, the victim is later told that such payment does not necessarily assure that the data or machine hasn’t been compromised. Like legitimate software companies, malware creators also push out updates, which can be accomplished via large sophisticated botnets (networks of compromised computers). Infected machines can thereby obtain updated information, protected by encryption via increasingly sophisticated methods to hide and protect their source. The intent of the computer virus is to do the bidding of its intelligent designer, usually for financial gain. Malware of any type is frequently delivered as bogus “antivirus” spyware (sometimes known as scareware), via compromised Web sites or spam—unsolicited e-mail advertising. Spam has evolved from simple advertisements to targeting e-mail to specific people, called spear-phishing. Such weaponized e-mail uses social engineering, such as referring to events presumably only insiders would know about (e.g., click here to see my embarrassing pictures of Friday’s company picnic or to view changes in your retirement benefits), thus enticing users to open files or unintentionally go to compromised Web sites. One wonders what this creative, if misguided, entrepreneurial spirit could add to civilization if harnessed in a positive way, but the longer view is that it makes all software more secure by forcing programmers to build in security measures. Computer security will likely always be a moving target as malware creators necessarily become ever-more refined. The best recent example is the Stuxnet worm, which targeted Iranian centrifuges and whose creation required a dramatic increase in resources (knowledge about the centrifuge controllers, how the computers isolated from the Internet might be breached, etc.), thus describing what might more accurately be defined as Internet warfare. At its most basic level, the cause of continued malware can be categorized in several ways, the first until recently being a lack of security awareness by programmers and users alike. Second is the misguided pressure to release software before it is ready. Inevitably, a stream of patches and fixes follow, defining the initial product security as an afterthought. A final consideration is that programmers are not taught to think like felons and don’t see their code as also having potentially exploitable features. For b-viruses to continue, they need a reservoir where they do little or no harm and continue to survive. For example, a human virus infection transmitted via mosquitoes, its reservoir, does so by overwintering in the nonfreezing sewers of New York City, an unintended disadvantage of civilization. There is a similar computer concept. Connecting an unprotected and un-patched computer directly to the Internet is courting disaster because of what has been described by Steve Gibson as IBR—Internet Background Radiation. The Internet unintentionally acts as a computer virus reservoir because many computers are not updated with security patches and/or cleansed of malware yet remain connected to the Internet. Microsoft indicated in their semiannual report on Internet security ending in the first half of 2010 that close to a third of machines are infected in one fashion or another. Thus the large number of computers makes it impractical to consider fixing and exasperating for anyone worrying about the enormity of the problem. B-viruses also trend in the direction of becoming benign, at least for their reservoir hosts, otherwise they risk eliminating all their hosts and hence themselves. Computer viruses are not designed as such. The biological answer is inoculation with an appropriate vaccine or quarantine. But just as some countries can’t afford to inoculate all of their citizens, not everyone can afford to patch their computers or run antivirus programs. China apparently has millions of illegal copies of Microsoft Windows running on computers which therefore aren’t able to get patches from Microsoft. Currently the simplest manner of creating malware is to take advantage of a software crash, an all-too-prevalent occurrence. Once observed, the nature of the defective code can be determined and exploited. Microsoft attempted to address some of these problems by instituting Data Execution Prevention (DEP) which as defined was intended to prevent data from being executed. Unfortunately, in some cases it was not turned on by default and was also creatively circumvented. Additional patches and greater compliance may allow DEP to be more effective but inevitably code that can be exploited will be exploited. Another notable difference, related to evolution, is that computer viruses and malware thus far do not evolve in the biological fashion. Virus evolution is a new area but suffers from limitations, notably that computers have relatively limited systems unlike the complexity of biological systems. While variations of computer viruses quickly follow their initial release, they are also quickly identified. Progressively better antivirus heuristics may speed their discovery, thus reducing the possibility of catastrophic copycat computer viruses. Although b-viruses are generally regarded in a negative way, they are likely beneficial to life. Like any parasite, the intent of the virus is to continue to exist and if it purposely helps the infected organism, it also enhances its ability to exist. The singer Yul Brenner lived 11 years with lung cancer which normally causes death very quickly. It’s believed his longevity can be attributed to the trichinosis he contracted from eating at a restaurant. The parasite was competing for the same resources as the cancer and it increased its chances of propagation by reducing the viability of the cancer. However, computer viruses don’t have a positive side; even when computer viruses are specifically designed to destroy harmful viruses, they nevertheless tend to be more problematic and are generally illegal. Parasites like the trichinosis convey another important point: although living via another organism, they require more genes than so-called free-living organisms. Although the host organism provides for their needs, they must circumvent various systems meant to protect that host from invaders or parasites. Similarly, malware needing to modify or evolve in another computer may need to use additional programs to protect themselves from antiviral/malware programs, all of which make the “invasive” program larger and probably more noticeable. In the first half of 2011, Apple users suffered a major problem with malware, the OakRidge National Laboratory experienced an Internet break-in, the security company RSA lost control of its certificate keys, and the Playstation network endured a sustained outage. Unfortunately, that is just some highlights. These incidents might suggest that we are losing the war against computer malware, but that need not be the case. Companies producing antimalware continue to develop better software. They now systematically track malware across the globe and utilize ever-more sophisticated honey-pots to capture nascent malware. Recently network hardware has been focusing on the problem and may circumvent many problems. Another technique which is beginning to be used is white-listing applications. White-listing or black-listing e-mail either allows or blocks e-mails from a given user, company, or ISP. Likewise, white-listing of applications allows only those program files to execute. A computer might therefore be riddled with malware but because those files are not white-listed, they cannot run. Another new method can protect unpatched programs from exploitation. And perhaps the most important lesson being learned is that computer security is not an option if you care about your users and customers. Perhaps the biggest problem is the way we approach malware. Companies, universities, government entities, and individuals are essentially barricading themselves against malware. While some would suggest starting over, the answer may be the Internet equivalent of quarantine. A faster, virus-free Internet or protected Internet, necessarily monitored, is one answer. By disconnecting perpetrators as soon as they are detected having any involvement with malware including spam, the result would produce dramatically less traffic and benefit Internet commerce. A simpler place to start is with secure e-mail—spam would dramatically decrease and the required software is already available. Ransomware and the Kidnapping of Information In recent years, ransomware, a new type of malware, has come to the attention of law enforcement authorities. Although it originally surfaced in late 1989 with the PC CYBORG/AIDS Information Trojan, it remained largely under the surface to both criminals and law enforcement until 2005.17 Ransomware may be defined as a malware program which encrypts or otherwise renders computer or digital resources inoperable or inaccessible in furtherance of the illegal compulsion of an action or exchange. Unlike the majority of malware, whose survival is almost entirely contingent upon concealment, ransomware proclaims its existence at inception. Ransomware is solely designed to further criminal interests and is used most often to extort money from its victims. The success of ransomware hinges on a variety of factors, including, but not limited, to user education, sophistication of product, victim urgency, and secure method of payment. • • • • • User education—Ransomware is most successful when the applicable victim lacks knowledge of or is apathetic to system security. For example, users may protect themselves from potential extortion efforts simply by employing good backup policies or by implementing system restoration software. • Sophistication of product—Ransomware is most successful when the level of data destruction caused by sabotage is not recoverable using commercially available software or simple backup practices. For example, ransomware which incorporates itself into a machine’s operating system would require payment by the victim. • Victim urgency—In order for ransomware to be successful, the compromised data must have some worth to the victim. For example, a victim may be unwilling to pay a ransom for the return of vacation photos, but may be willing to pay a small fortune for the return of taxrelated documents on April 14. • Secure method of payment—The ultimate goal of ransomware (i.e., the collection of ransom) can only be realized in situations where a secure method of payment is available. Necessarily, such a method must be both readily accessible to the victim and the perpetrators and disguisable from authorities. Herein lies the proverbial rub for many ransomware developers. Although payment aggregators, like PayPal, have been successfully employed by cybercriminals, they may only be utilized by account holders. As victims may not have access to such sites, alternative methods like e-cash, wire transfers, and such might be more viable. At the same time, each of these methods inherently contains some risk of discovery. Thus, new forms of payment have emerged. Just as with traditional ransoms, the greatest risk of discovery in ransomware cases always concerns the transfer of money. Due to these risks, some developers are devising complex schemes to facilitate their economic windfall. Some of these perpetrators, for example, will funnel illegal funds through legitimate companies, thereby hiding the criminal act and laundering the funds at the same time. These companies may be either willing accomplices or secondary victims. Sophisticated criminals may develop multiple levels of concealment through the development of e-shell companies. To further insulate themselves from detection and prosecution, some ransomware developers will not accept a direct payment to themselves under any circumstances. Instead, they may direct the victim to a legitimate online merchant with whom they have established a referral-based system of commissions.18 Ransomware—Notable Examples • • • PC CYBORG/AIDS Information Trojan—This Trojan was distributed through the U.S. Postal Service in a socially engineered package which contained a seemingly innocuous floppy. Once installed, the Trojan operated by replacing the autoexec. bat file. Upon the 90th reboot of the machine, directories were hidden and file names encrypted. At the same time, the victim was informed of the action and prompted to pay a $378 renewal of license fee to recover the data. • GPCoder—Although this Trojan originally surfaced in May 2005, updated versions have consistently appeared. These updated versions of GPCoder, distributed via e-mail, employed complex RSA encryption to predetermined file extensions. Upon execution, victims were instructed to visit a particular site to purchase a decoder. • • CryZip—Surfacing in March 2006, CryZip attached itself to all running processes in the form of a DLL file. It was similar to GPCoder, except that it collected all affected files into a password-protected zip file and utilized an e-gold account for ransom collection. THEFT OF INFORMATION, DATA MANIPULATION, AND WEB ENCROACHMENT While most American scholars (and citizens) recognize the impact of the Industrial Revolution on American culture, norms, and means of production, they seem resolutely opposed to embracing the concept of the Information Revolution. Without question, the introduction of global communications, digital automation, and transnational commerce has brought profound changes to every facet of American life. In this new age, traditional physical objects have been transformed into virtual concepts, and tangible commodities have been replaced by things far less concrete. In this new age, information has become the black market’s platinum currency. In this section, we will discuss the criminal theft of information or data manipulation. However, the crime of identity theft will be discussed in detail in the following chapter. Traditional Methods of Proprietary Information Theft Whether the motivation is personal, economic, or political, the method of theft of information has remained remarkably unchanged over the past several decades. While many individuals struggle to understand, for example, how President Clinton’s e-mail was compromised at least twice during his presidency, security experts point to White House employees as the likely culprit. Criminals usually prey on systemic vulnerabilities or employee weaknesses to steal or gain unauthorized access to privileged information. While the first may seem the first line of attack, research indicates that uninformed or careless employees may pose the greatest threat. In fact, research indicates that data security and adequate training of personnel are a low priority for all levels of institutions, including government entities. Unfortunately, the lack of prioritization enables criminals to steal passwords and enter even the most complex systems almost at will. Perhaps the easiest, and therefore the most popular, method for stealing passwords involves social engineering. Using deceptive practices, criminals employ traditional confidence scams to gain access to company computers or telephone systems. Most commonly acting as representatives for a vendor’s security system or the company’s IT section, criminals persuade employees to voluntarily provide their user names, passwords, or both! Information thieves may also gather personal information about an employee from the employee themselves or their coworkers, as many, many individuals personalize their passwords despite the advice of their supervisor or IT security administrator. Hometowns, birthdates, anniversaries, alma maters, school mascots, nicknames, social security numbers, and maiden, children’s, spouse’s, or pets’ names are commonly used as passwords. (So, if Ellen Burnstein is single with two cats, chances are her password won’t be hard to figure out.) Either of these approaches has little danger of exposure and allows criminals to begin attempts at breaching security measures immediately. Remember, employees (even honest ones) are a company’s biggest liability in terms of data security. Even if institutional security measures preclude personalized passwords, employees still pose a risk to data and system security due to their lack of regard (often due to naiveté) for its importance. Failing to appreciate the value of the data in their control, many employees will often post their passwords in conspicuous places— sometimes taping them to their computer monitors! (Ironically, this may be most common in situations where system administrators are attempting to tighten system security by routinely changing passwords, requiring multiple or multilevel passwords, or preventing their personalization.) In other cases, employees will be susceptible to shoulder-surfing (i.e., literally watching over someone’s shoulder as he or she inputs a password). Employees who fail to follow proper security procedures for disposing of personal correspondence and company paperwork also pose a security risk to an institution’s digital technology. Just as criminals of old would search trash containers for discarded credit card receipts, payroll records, and the like, hackers often resort to diving through corporate trash sites. Unfortunately, unwitting administrators and employees routinely dump sensitive information into the nearest trash receptacle. Information such as old technical manuals, internal phone lists, and organizational charts and correspondence provide a wealth of information for the malicious hacker. Recent studies indicated that the emergence of cloud computing and removable media is increasingly responsible for theft of information or breaches in digital security. In fact, many businesses have or are beginning to institute policies concerning the use of instant messaging and e-mail, and many have prohibited the use of removable media, like thumb drives.19 These policies have become increasingly necessary due to the increase in insider theft of proprietary information and destruction of data, both in the United States and abroad. More sophisticated approaches to gaining unauthorized access to “secured” data may be employed by computer hackers. One approach involves systemic vulnerabilities created by vendors in which remote access is allowed to perform routine maintenance, such as updating, on their systems. Hackers may target these back doors in an attempt to gain superstar privileges. In addition, some successful hacking attacks may be attributed to a system administrator’s negligence. Some system administrators, for example, never change the defaults in their networks once they are installed! By utilizing lists of default passwords, readily available on the Net, unauthorized users are able to gain root access by simply using traditional network defaults. Trade Secrets and Copyrights The increasing commercialization of knowledge has exponentially increased the theft and trafficking of proprietary information. While some criminals have chosen to actively extort money from an organization by compromising their data, others have recognized the value inherent in the sale of such information. Such perpetrators have ranged from corporate insiders to crackers to organized cybergangs. For example, one employee at Gillette Company in Boston was caught using company equipment to solicit bids for the design specifications for Gillette’s Mach-3 razor.20 However, such practices are not limited to common criminals or corporate insiders. It can also be committed by industry competitors or even government entities! Such government agencies (and agents) engage in such behavior for personal gain and/or use patriotic arguments to justify their behavior. For example, the former head of the French Secret Service admitted on American television that his organization had planted electronic eavesdropping devices on Air France flights from New York to Paris. Information collected was then forwarded to the French corporation French Mirage. This information enabled the company to undercut the bid of an American corporation. This multi-million-dollar contract was directly attributed to the actions of their state-run intelligence service! This type of behavior, he argued, was necessary for smaller countries who wished to compete in today’s global economy.21 Political Espionage Technology has also escalated the potential for sophisticated attacks on a country’s national security and public infrastructure. The most obvious, but not the most insidious, of such attacks continues to be the theft of information. Like their corporate counterparts, government entities have not invested adequate resources to protect secrets technologically stored or created. In fact, many would argue that national security issues in general have become all but obscured since the end of the Cold War. Unfortunately, there appears to be no such apathy on the part of foreign governments. Indeed, the FBI estimates that at least 120 foreign governments are actively working on intelligence operations currently targeting the United States.22 It has been widely reported, for example, that the F-35 fighter jet program was plagued with spiraling costs associated with Chinese hackers who illegally obtained confidential information on the plane’s design.23 These threats are not only real but are also increasingly sophisticated. CASE STUDY NASA & Compromised Secrets In a report to the Subcommittee on Commerce, Justice, Science, and Related Agencies (housed within the Committee on Appropriations) on January 25, 2012, Inspector General Paul K. Martin outlined some examples of the loss of information, trade secrets, and even, equipment.24 • • • • • Between 2004 and 2005, NASA networks were compromised six times by a Swedish hacker causing the agency to suffer $1 million in supercomputing downtime. • An RL-10 Rocket Engine that had been posted on an online auction was recovered by the Office of the Inspector General (OIG). The rocket engine was valued at approximately $200,000. • An OIG investigation revealed that a Chinese national had compromised seven NASA systems, leaving a significant amount of data vulnerable to unauthorized access and theft. • An OIG investigation was initiated after an individual who had purchased a Space Shuttle Thermal Protection system from an online auction site requested information from NASA as to the origin of the tile. The investigation revealed that the contractor responsible for the theft had sold 12 Shuttle tiles on eBay for prices ranging from $41 to $912. The theft of information using technological means is not a new phenomenon. In 1998, while Benjamin Netanyahu was Israel’s prime minister, intelligence agents infiltrated Telrad (subcontracted by Nortel, an American telecommunications conglomerate). By installing undetectable chips during the manufacturing process, agents were granted access to top-secret and otherwise classified information. Such data included communications between President Clinton and senior staff officials within the National Security Council. This arrangement, which included weekly reports to Tel Aviv, was made possible due to a multi-million-dollar contract to replace communications equipment between Nortel, Telrad, and the Israeli Air Force. Curiously, contract specifications granted access to manufacturing areas by members of the Israeli Air Force to protect government secrets! As disconcerting as these activities may be, they are by no means the most insidious. In fact, a simpler, far more popular, method of technological espionage involves the physical theft of data storage containers (i.e., CPUs, diskettes, etc.). Like most inventions created to increase the efficiency and effectiveness of corporate and government employees, the introduction of laptop computers was heralded as the solution to employee angst. Designed to facilitate home-based work environments, laptops were intended to empower overburdened workers, enabling them to work at home, on vacation, or at the dentist’s office. However, their introduction has not been accomplished without a myriad of associated problems. In fact, their sheer portability, often seen as their greatest strength, is also their greatest weakness, making them prime targets for the burgeoning data black market. Neither corporate nor government entities have been unscathed, and all areas of the globe have experienced this pattern of criminal activity. In London, for example, two government laptops filled with topsecret or classified information were stolen from the same railway station over a period of two months. During the Gulf War, American officials were forced to tighten security measures after a laptop containing secrets of the Allies’ war plans was stolen from an official car while the wing commander it was assigned to was car shopping. In fact, a variety of laptops have been stolen in recent times, usually as a result of employee carelessness (one was left in a taxi after a night of heavy drinking!). One location which has proven to be particularly popular among thieves is airports—a new variant of the classic briefcase switch. Simply replacing the targeted laptop with one of their own, thieves often escape detection and leave few clues for investigators. Another method which has proven successful involves a pair or team of thieves. While one thief stands at the end of the electronic scanner located at security checkpoints, another intentionally creates a diversion in front of the owner after the laptop has been placed on the moving belt. This method, however, poses greater risk to the perpetrator as the likelihood of detection increases. Regardless, both of these methods are only possible through an individual victim’s carelessness. Thus, employers must address the vulnerability and subsequent security of laptops during training. Unfortunately, other incidents are a result of systemic vulnerabilities. These thefts, while just as costly, are more preventable once identified, as traditional methods of physical security may be employed. This lesson was recently learned by the State Department after an audit by the Office of the Inspector General revealed that the agency did not have an accurate accounting for (and had not encrypted) all of the classified and unclassified laptop computers in the bureaus included in the audit. This included the offices in the District of Columbia. Additional results of the audit indicated that 27 laptops were missing, 35 were not available for inspection, and 57 had been disposed of!! Of the 215 that were physically inspected, 172 were not encrypted.25 TERRORISM Recent events have forced the realization and recognition of the country’s physical vulnerability to religious and/or political zealots. In the wake of the events of September 11, 2001, American citizens clamored for immediate retaliation against shadow targets. Unfortunately, such shadows have proven to be extremely elusive, and undeterred in their fanaticism. However, the disaster did awaken the American public and its corresponding government institutions to the dangers posed by terrorism—a danger long recognized by leaders from other areas of the globe. In fact, such hazards from extremists have existed for centuries. Traditionally, terrorist actions involved physical actions directed at physical or human targets. Intending to create chaos, public disorder, and, ultimately, government instability, terrorist factions have long fantasized upon striking a mortal blow to their targets—temporarily shutting down the entire society and causing widespread fear. With the possible exception of the World Trade Center/Pentagon attacks of 2001, however, these sorts of “successes” have proven unobtainable, especially in First World countries. In fact, many individuals, academics, and institutions alike have declared that the positive environment (i.e., the rebirth of patriotism, community solidarity, and government resolve) born in the wake of the 9/11 tragedy has all but negated any victory which Bin Laden’s group may have originally claimed. Such American resiliency has astounded residents across the globe, but several experts have suggested that the phenomenon may be attributed primarily to the magnitude of human loss and the broadcasting of the entire event, including clean-up and rescue. They suggest that a pattern of smaller attacks may have been more successful in disrupting the targeted society, as the sheer magnitude of destruction all but anesthetized the American public, releasing a collective rage at those responsible. Thus, it may be argued that traditional notions (and methods) of terrorism, focusing on mass mayhem and physical destruction, may be supplanted by a more sophisticated, subtler approach. Similar to their counterparts involved in organized criminal activity, international terrorist groups are increasingly using advances in technology to increase their effectiveness and efficiency. They are using the Internet, for example, to formulate plans, spread propaganda, elicit funding, communicate, and terrorize their intended target. The Internet, in particular, is a wonderful tool for creating fear because the potential for victimization increases. In addition, the threat feels more real to individuals who were not directly involved than in a traditional attack. The widescale, sustained panic that has resulted from a variety of recent computer viruses, for example, had far more impact on daily behavior and individual awareness than the events of September 11, 2001. Thus, a new day of terrorism which involves the theft or manipulation of data has dawned. Cyberterrorism Cyberterrorism may be defined as a deliberate, politically or religiously motivated attack against data compilations, computer programs, and/or information systems which is intended to disrupt and/or deny service or acquire information which disrupts the social, physical, or political infrastructure of a target. This general definition encompasses the complex myriad of possibilities involving the implementation of computer technology in terrorist activities. Like other activities involving the theft or manipulation of data, computers may be incidental to the activity or serve as the target or the instrument or all of the above. It is anticipated that most cyberterrorist acts will employ technology to target information systems, data, or the like. Thus, in this sort of activity, computers will be both targets and weapons. Such instrumentality is necessary to facilitate the acquisition of sensitive data, while the targeted device acts at best as an information server and, at worst, as a self-imploding weapon of mass destruction. Such implementation may take various forms, including, but not limited to, hacking, denial of service attacks, and viruses or worms. Any of these forms could be successfully directed at critical national and/or international infrastructures, causing electric blackouts, disrupted communications, and the like. While not nearly as sensational as traditional weapons of mass destruction, these targeted strikes could actually pose a greater danger to the American public, due to the interconnectivity and ultimate reliance on public switch telecommunications. Think of the devastation that could result from a simple (but sustained) electric blackout in Los Angeles. Water purification systems, telecommunications, 911 emergency and central dispatch systems, fuel outlets, financial institutions, public GPS systems, and so on could all become useless, creating an untenable situation for public safety officials and health providers and destroying public trust and social integrity. Web of Hate and Destruction One month after the Oklahoma City bombing, the Antiterrorism and Effective Death Penalty Act of 1996 (AEDPA), providing for the study of terrorist-type information, was enacted. Subsequent research conducted by the Department of Justice (1997) revealed a virtual plethora of bomb-making information in both traditional publishing venues (e.g., Guerilla’s Arsenal: Advanced Techniques for Making Explosives and Time Delay Bombs, Deadly Brew: Advanced Improvised Explosives, The Anarchist Cookbook, The Anarchist Arsenal, etc.) and electronic media. The proliferation of electronically accessible information is especially troubling, as the sheer availability and affordability (i.e., free) creates a broader, less traditional audience, which includes disgruntled teens and incarcerated felons. This information includes, but is not limited to, instructional sites for a variety of bombs (thermite, pipe, mail, etc.), and newsgroups and BBSs for exchanging information and soliciting advice. Imagine the loss of life that could result if hackers successfully penetrated and manipulated data sets located at major research centers or the Centers for Disease Control. Surreptitiously altering a small portion of a formula for a vaccination, changing the labeling instructions for biological contaminants, or systematically removing years of priceless research or patient records could result in tens of thousands of deaths. The introduction of a computer virus or worm could also wreak unforeseen havoc on public health, as officials across the globe have recently discovered. In Britain and Italy, for example, computer viruses wiped out vital information from lengthy hematology studies and one year’s worth of AIDS research. While in the United States, one large hospital in the northeast lost over 40 percent of its patient records due to a particularly destructive virus. In addition to these highly focused attacks, terrorist organizations across the world are increasing in strength by propagandizing their radical rhetoric to a global audience. Like many domestic groups (e.g., Aryan Nations, White Aryan Resistance (WAR), Nation of Islam, etc.), international organizations have found a safe, virtual platform where they can spew their venomous dogma without fear of physical discovery or attack. These groups have also effectively used the Internet to solicit funds and recruit new members—streamlining the hate industry and reducing propaganda expenditures. In addition, groups such as Osama bin Laden’s al Qaeda, Hezbollah, and Hamas are actively exchanging e-mail and utilizing strong encryption algorithms to support their organizations. (In fact, Ramzi Yousef, one of the designers of the first World Trade Center bombing, stored detailed plans to destroy U.S. airliners on encrypted files on his laptop computer.) Other approaches include the launching of massive denial of service attacks and defacement of Web sites against foreign governments.26 These attacks are perpetrated by amateurs and professionals alike. The “Internet Black Tigers,” a group allegedly affiliated with the Tamil Tigers, have repeatedly attacked official sites of numerous governments, while a variety of Chinese hacktivists announced their intention to launch massive DoS attacks against American financial and government sites in the wake of a crash involving a U.S. surveillance plane and a Chinese fighter. While American hackers vowed to fight back, the long-term effects of such activity are often trivialized by officials, who claim that tightened site security will eliminate the successes of such actors. They fail to recognize the international conflicts or nuclear implications which may arise from the actions of cyberpunks. Unfortunately, hacking activities appear to be gaining in popularity as how-to information is freely distributed via the Internet (discussed in detail in Chapter 6). NEOTRADITIONAL CRIME: OLD WINE IN NEW BOTTLES While Internet scams and the like have taken on a variety of appearances and may appear quite innovative to the untrained investigator, many of them are simply new tricks from an old dog. Get-rich-quick and work-at-home schemes have simply found a new home on the information superhighway. Job, scholarship, and loved-one searches requiring advance fees have replaced the sometimes nefarious gumshoes of the past. In fact, individuals and entities which have traditionally preyed on the vulnerable within society have simply developed new, more sophisticated modes of operation. Dissemination of Contraband or Offensive Materials Perhaps one of the most common, and certainly the most disturbing, criminal activities facilitated through cyberspace is the sexual exploitation of children. From the onset of electronic bulletin boards, pedophiles and child pornographers flourished with relative immunity in the virtual world. The introduction of the World Wide Web has only increased the prevalence of such activity, and a virtual explosion of child pornography has resulted. While traditional mechanisms for enforcement against such persons included federal and state regulations, the virtual nature of cyberspace has protected peddlers from traditional measures and has raised questions regarding the legality of prohibitions. In addition, it has hampered law enforcement efforts by insulating those inclined from enforcement by negating traditional methods of distribution which exposed perpetrators to third parties. CHILD PORNOGRAPHY As stated previously, the Web’s advantages of increased knowledge, potential for self-education, and global connectivity have been accompanied by significant disadvantages as well, and an atmosphere most conducive to criminal networking has been a by-product. Where else could pedophiles or child pornography peddlers meet and exchange information with little or no threat of prosecution? Many individuals with deviant tendencies have found others similarly stimulated via posting services or electronic bulletin boards, and they are protected under the umbrella of the First Amendment because of their capability of performing “common carrier” functions— like the telephone company or the post office. Such judicial perception, coupled with the increase in Internet communications, has resulted in an explosion of child pornography and the exploitation of children. In fact, this apathy has all but encouraged the development of associations dedicated to the exploitation of children. NAMBLA (the National Association of Men and Boy Lovers of America), for example, is an organization which proudly proclaims that its mission is to forge relationships between men who love boys! Sponsoring a Web site, this organization is no longer forced underground, but has an established presence on the Web. Unfortunately, they are not alone. Numerous bulletin boards, newsgroups, Web sites, and chat rooms are dedicated to this type of behavior, and remain hidden behind the First Amendment. The possession or distribution of child pornography is jurisdictionally illegal in all 50 states and in all territories under the umbrella of the United States. Apart from state statutes, it is also illegal on the federal level. Although the Supreme Court ruled that the Child Pornography Prevention Act was unconstitutional, the PROTECT Act has withstood constitutional challenges. Additionally, there are other federal statutes that may be employed. To address the increasing proliferation of online child pornography, the federal government has created the CyberTipline (www.cybertipline.com), which is operated by the National Center for Missing and Exploited Children, and the Innocent Images project which is coordinated by the Federal Bureau of Investigation. It has also provided funding for collaborative efforts at the local level. However, the definitions and parameters of child pornography legislation vary across jurisdiction, judicial interpretation, and time. Nambla—North American Man/Boy Love Association In the 1970s, many civil rights advocates argued that the age of sexual consent be either lowered or completely eradicated, as they argued that homosexual youths were being unfairly targeted by law enforcement and society. In 1978, Tom Reeves convened a meeting titled “Man/Boy Love and the Age of Consent.” At that time, David Thorstad and over two dozen men and boys formed an organization known as the North American Man/Boy Love Association. While other groups associated with gay rights originally championed the group’s efforts, they eventually abandoned NAMBLA when it became clear that the organization’s stated agenda tended to portray all homosexuals as child predators. (Harry Hay, a leader and pioneer of the gay rights’ movement, originally protested the group’s exclusion from various gay rights marches and platforms.) In fact, by the 1980s NAMBLA supporters had disappeared, and many gay rights organizations openly rejected them and their platform. In 2001, an undercover FBI agent joined the organization. Over a period of several years, the agent met with various members and attended organizational gatherings. During the course of the investigation, FBI agent Robert Hamer had various conversations with members involving the illegal exploitation of minors, including some with the defendant regarding the development of a travel agency that catered to trips to facilitate the sexual contact between NAMBLA members and minors. Defendant Mayer was subsequently convicted of travel with intent to engage in illicit sexual conduct in violation of 18 U.S.C. § 2423(b). On appeal, Mayer argued that the investigation was initiated based upon his membership in NAMBLA—an action that violated his First Amendment right to free speech and association. In addition, Mayer argued that the agent’s undercover persona and subsequent actions violated his Fourth and Fifth Amendment rights. Although the Ninth Circuit has a reputation of being “liberal,” they ruled that his claims were without merit. According to the Office of Juvenile Justice and Delinquency Prevention (OJJDP) and the National Center for Missing and Exploited Children (NCMEC), almost all possessors of child pornography are white males who are older than 25. The vast majority of them (83 percent) had images of prepubescent children in a situation depicting sexual penetration. More than one-fifth of these images depicted sexual violence to children, including bondage, torture, and rape. In addition, more than 50 percent of the cases investigated by law enforcement were a result of third party information. While the possession of child pornography cases mainly originated from state and local agencies (60 percent), others were initiated by federal and international authorities. Most frightening, however, is the fact that 40 percent of those arrested for child pornography were considered to be “dual offenders” who had also sexually victimized children, and an additional 15 percent had attempted to sexually victimize children by soliciting undercover investigators who had posed online as minors.27 Unfortunately, the statistics revealed in the National Juvenile Online Victimization Study are but the tip of the iceberg. It is important to remember that they were based solely on those arrested for possession of child pornography. Statistics that reveal the true extent of the online victimization and exploitation of children via the Internet are all but impossible to estimate. A Sampling of Teen Acronyms and Codes for Texting and Messaging OMG—oh my God LOL—laugh out loud IDK—I don’t know 411—information ASL—age, sex, location BF/GF—boyfriend and girlfriend BRB—be right back W/E—whatever CD9—Code 9, parents are around PAW—parents are watching PRW—parents are watching POS—parent over shoulder MOS—mom over shoulder PIR—parent in room (L)MIRL—let’s meet in real life GNOC—get naked on webcam NIFOC—naked in front of computer TDTM—talk dirty to me Motivations for child pornography possession vary widely, ranging from sexual gratification to economic gain. For the most part, however, the literature reveals four primary motivations for such possession: • • • • • pedophilia or hebephilia—possession is designed to satisfy sexual fantasies or provide gratification for those individuals who are sexually interested in prepubescent children or adolescents • sexual miscreants—possession is designed to satisfy a desire for new and different sexual stimuli • curiosity seekers—possession is undertaken to satisfy a peculiar curiosity • criminal opportunists—possession, and subsequent distribution, is designed for economic profit. International Efforts to Control Online Child Pornography Among other things, the U.S. Constitution and Bill of Rights protect American citizens from unreasonable searches and seizures and grants them the ability to freely express their thoughts, ideas, and expressions. Without question, these guarantees provide Americans with the highest degree of freedom without hindering quality of life aspirations. However, these same protections allow many online criminals to advertise and sell illicit materials, as it is virtually impossible for American authorities to monitor electronic communications within these parameters. In fact, any attempts have resulted in wide-scale backlashes, hacktivism, and online blackouts. The best example of such occurred over the introduction of the Stop Online Piracy Act (SOPA) and the PROTECT IP ACT (PIPA). On January 18, 2012, thousands of Web sites, including heavyweights Google and Wikipedia, went dark in a formal protest against the proposed legislation which clearly advocates online censorship. However, other countries have successfully combated child pornography through the passage of legislation which censors online content. In 2007, Swedish authorities announced that Picsearch, a popular Internet search engine, would delete all current and future links to sites containing child pornography. In addition, the company agreed to provide a listing of sites to law enforcement authorities. Swedish authorities believe that a reduction in accessibility to such sites will reduce the proliferation of child pornography and physical child exploitation. CASE IN POINT The Death of Somer Thompson In early 2012, Jarred Harrell pled guilty to the rape and murder of second grader Somer Thompson. The seven-year-old victim had been abducted as she walked home from school with her twin brother and older sister. She was last seen near a vacant house located just 500 yards from her house. Authorities discovered her body days later in a landfill. More than three months and thousands of leads later, Jarred Harrell, her former neighbor, was arrested on charges of child pornography after his former roommates turned his computer over to the authorities. He later pled guilty to her murder. Although all child pornography possessors are a concern for society in general, and law enforcement in particular, those posing the greatest immediate threat to the physical safety of children are those motivated by pedophilia or hebephilia. Fortunately, pedophiles and hebephiles may be the easiest to catch for law enforcement as they often find it necessary to maintain trophies or visual stimuli of their victims and may graphically articulate elaborate fantasies through writings or such. CHILD ENTICEMENT/EXPLOITATION Child pornography is insidious on its face, as the relationship between the possession of child pornography and child molestation has been well documented both in the academic literature and judicial opinions. In fact, almost 40 percent of arrested offenders who met victims online possessed child pornography.28 It is used as both a tool for sexual gratification and, more disturbingly, as a means to seduce or groom (i.e., overcome inhibitions about sexual activity) potential victims. Just as the Web has streamlined the availability of and accessibility to such materials, it has provided a social environment in which predators scan the landscape for potential targets. Their typical prey includes those individuals who express frustration with parental controls or who appear particularly naïve or vulnerable. These include children who are confused about their own sexuality or who express feelings of ostracism. Typically, the victims are youngsters who enjoy access to unsupervised computer communications. While many of them are actively seeking associations with adult suitors, others are unsuspectingly lured into fictional relationships that encourage dangerous liaisons. Such was the case with a Connecticut teen who was raped by Francis Kufrovich, a California man posing as a teenager. Unfortunately, it is anticipated that this type of behavior will increase in pace with the availability of Internet communications. However, proactive law enforcement initiatives may result in the identification and prosecution of offenders. In 2002, David Westerfield was charged with the murder of seven-year-old Danielle Van Dam. During the trial, prosecutors introduced evidence from Westerfield’s computer of images of female children being raped. Westerfield was found guilty and sentenced to death by a California judge. The case made headlines across the country. Unfortunately, the significance of Westerfield’s predilection for child pornography was largely overlooked by the popular media who focused on the lifestyle of the victim’s parents, avowed swingers who were engaging in sexual activity with strangers the night of the child’s disappearance. (Pool/Getty Images) Although many pedophiles searching the Internet for victims usually practice with the expectation of limited enforcement, proactive, cursory investigations may allow investigators to surprise the unsuspecting predators. Fortunately for law enforcement, many of these perpetrators assume that (1) the individuals to whom they are communicating are accurately representing themselves, and (2) their behavior is hidden behind a Web of anonymity. In fact, these perceptions have proven to be shortsighted as even noncriminals mask their identity, and the First Amendment does not protect anonymous communications. These characteristics may be exploited by proactive law enforcement agencies like the San Jose Police Department, who may create fictitious organizations or identities to seduce the seducer. (In addition, law enforcement agencies may find evidentiary support in the forensic analysis of seized media from the suspect’s home as most child pornographers keep their collections within arm’s reach.) ONLINE PHARMACIES The emergence of a worldwide marketplace and the lack of applicable regulations have resulted in an explosion of questionable capitalist enterprises. Online pharmacies, for example, benefit consumers by encouraging competitive pricing with noncyber outlets, but offer little protection against fraud. Virtually all of the available online pharmacies claim legitimacy, arguing that transactions require valid prescriptions. However, many of these sites operate illegally, maintaining no license at all or dispensing medicines in states in which they are not licensed. Some do not even require a valid prescription, prescribing medicine to individuals who complete short questionnaires, while others simply dispense medicine upon demand. Federal Statutes: Child Pornography and Exploitation Mandatory Maximum Minimum Penalty 15 years—1st 30 years—1st offense offense Section Prohibits 18 U.S.C. § 2251(a) Employing, using, or enticing a minor to engage 25 years— in sexually explicit conduct for the purpose of 2nd offense producing a visual depiction of that conduct 18 U.S.C. 2251(b) 18 U.S.C. § 2251(c) 18 U.S.C. § 2251(d) 18 U.S.C. § 2251A(a) 18 U.S.C. § 2251A(b) 18 U.S.C. § 2252(a)(1) Parent or guardian permitting a minor to engage in sexually explicit conduct for the purpose of producing a visual depiction of that conduct Employing, using, or enticing a minor to engage in sexually explicit conduct outside the United States to produce a visual depiction of that conduct for the purpose of transporting it to the United States Advertising to receive, trade, buy, or distribute a visual depiction of a minor engaging in sexually explicit conduct or to participate in any act of sexually explicit conduct with a minor for the purpose of producing a visual depiction of that conduct Parent or guardian selling or transferring custody of a minor knowing or intending that the minor will be portrayed in a visual depiction of sexually explicit conduct, or offering to do so Purchasing or obtaining custody of a minor, knowing or intending that the minor will be portrayed in a visual depiction of sexually explicit conduct, or offering to do so Transporting a visual depiction of a minor engaging in sexually explicit conduct 50 years—2nd offense 35 years— 3rd offense Life—3rd offense Same as above Same as above Same as above Same as above Same as above Same as above 30 years Life Same as above Same as above 5 years—1st 20 years—1st offense offense 40 Mandatory Minimum 15 years— 2nd offense Same as above Section Prohibits 18 U.S.C. § 2252(a)(2) Receiving or distributing a visual depiction of a minor engaging in sexually explicit conduct Selling, or possessing with intent to sell, a visual Same as depiction of a minor engaging in sexually explicit above conduct None—1st offense Possessing a visual depiction of a minor engaging in sexually explicit conduct 10 years— 2nd offense 5 years—1st offense Transporting child pornography 15 years— 2nd offense Same as Receiving or distributing child pornography above Reproducing child pornography for distribution, or advertising material as an obscene visual Same as depiction of a minor engaging in sexually explicit above conduct or as a visual depiction engaging in sexually explicit conduct Selling, or possessing with intent to sell, child Same as pornography above None—1st offense Possessing child pornography 10 years— 2nd offense 18 U.S.C. § 2252(a)(3) 18 U.S.C. § 2252(a)(4) 18 U.S.C. § 2252A(a)(1) 18 U.S.C. § 2252A(a)(2) 18 U.S.C. § 2252A(a)(3) 18 U.S.C. § 2252A(a)(4) 18 U.S.C. § 2252A(a)(5) Maximum Penalty years—2nd offense Same as above Same as above 10 years—1st offense 20 years—2nd offense 20 years—1st offense 40 years—2nd offense Same as above Same as above Same as above 10 years—1st offense 20 years—2nd offense Like other areas of traditional commerce which have been impacted by the emergence of the Internet, the sale of pharmaceutical drugs is changing dramatically. Although many Americans shop at local drugstores for convenience in the processing of insurance claims, many argue that there are a variety of reasons why they prefer the online sites. These include the following: • • • • • the privacy and convenience of ordering medications from their homes • greater availability of drugs for shut-in people or those who live far from the pharmacy • the ease of comparative shopping among many sites to find the best prices • greater convenience and variety of products • • easier access to written product information and references to other sources than in traditional storefront pharmacies. In 2005, a multiagency task force which included the Drug Enforcement Administration and the Federal Bureau of Investigation arrested individuals in Canada, India, and 11 American cities for operating a fraudulent online pharmacy that sold $20 million worth of controlled drugs to individuals across the globe. Physically located in India, the Internet ring supplied drugs for 200 Web sites. Authorities involved in Operation Cyber Chase seized $7 million from various banks and over 7 million doses of drugs. The pharmacy, which did not require a prescription, sold Schedule II–V pharmaceutically controlled substances, including anabolic steroids, amphetamines, and the painkiller Vicodin. In 2010, federal authorities closed down two pharmacies responsible for shipping 30,000 packages of prescription drug in the first six months of 2010. The majority of the prescriptions were authorized by a sole Utah physician who had not seen or even talked with buyers. In March 2012, Senator Charles E. Schumer championed the SAFE DOSES Act, which would target illegal drug dispensation. ONLINE GAMBLING American society has had a perverse relationship with gambling since the colonial period. While some colonies, like the Puritan-led Massachusetts Bay Colony, treated it as a tool of the devil, others viewed it as a harmless diversion. As such, early laws regarding gambling were inconsistent, both in substance and application. However, even those colonies that outlawed gaming relied on state-sponsored lotteries to raise revenue. (In fact, lottery revenues are directly responsible for the development of some of the nation’s most prestigious universities, including Harvard and Yale.) Eventually, even state-sponsored gambling became largely illegal as lottery scandals and a religious zealotry swept the nation.29 Thus began the nation’s love/hate relationship with the activity. By the 1920s, state attitudes toward gambling had become entrenched. While some states, especially those in the South, outlawed the activity in its entirety, other states developed more selective approaches to prohibition, allowing parimutuel wagering in horse racing or church-run bingo. Casinos, slot machines, and table games were prohibited in most areas, and organized crime groups quickly stepped in to fill the public’s demand. Since that time, organized crime has found a way to insinuate itself into all types of gaming and all geographic areas, even those outside the United States. In 1995, Internet Casinos, Inc. (ICI), launched the first online casino with 18 games. Since that time, Internet gaming has been increasing exponentially, fueled in part by the increasing visibility and idolatry of international poker stars. In 2005, one study estimated that the revenues from online gambling were close to $10 billion.30 By 2015, that number is expected to rise to over $180 billion31. In fact, the phenomenal success achieved by online gaming sites have been duly noted by politicians, labor unions, and community groups. In 2013, for example, the New Jersey legislature passed a bill (AS 2578) which would legalize Internet gambling. The bill was proposed after Rational Group US Holdings, the parent company of online powerhouses PokerStars and Full Tilt Poker, announced that it would consider the purchase of the Atlantic Club. If successful, the acquisition would mark the first merger of an American based casino with an online-gaming company32. There are several factors which make online gaming attractive to consumers. These are the same factors which may increase the dangers of addiction, bankruptcy, and crime. These include, but are not limited to, the following: • • • • • The lack of physicality and geographical location makes online casinos accessible to any user with a computer, PDA, or cell phone. Users can access a gambling site from home, hotel rooms, libraries, sporting events—anywhere. • The continuous operation of online casinos makes them accessible 24 hours a day. • The accessibility to minors increases the consumer base for online gambling, as proper age verification is not attempted. • The increase in e-banking allows users to access and add funds without even leaving their chair. This lack of a cooling off period is exacerbated by the psychological intangibility of ecash and encourages customers to overspend. In addition to the dangers to individuals, online gambling is also detrimental to American society as a whole as they fail to create jobs or other revenue, and provide avenues for money laundering. Threatening and Harassing Communications Combating Illegal Online Gambling through Denial of Financing Long before the passage of the Unlawful Internet Gambling Enforcement Act (UIGEA), eight of the largest banks had implemented policies to deny payment authorization of Internet gambling transactions.33 While such strategies were initially successful, gaming operators developed mechanisms for avoiding blockages—some legal, some not. • • • Fraudulent methods: miscoding of transactions, development of third party companies, submission through nongambling merchants, and so on. • Legal methods: online payment aggregators, wire transfers, online debit cards, and e-cash. Irrespective of motivation, the proliferation of Internet communications has provided criminals with a safer, more effective environment in which to threaten their victims. Perceived anonymity and the convenience of online communication have resulted in a virtual explosion of online victimization. While many of the criminals involved in such activity have simply altered their method of exploitation or harassment, the increase in the same suggests that the medium has created an entirely new breed of perpetrators. In either category, aggressors are engaged in activities which promote fear and insecurity among those targeted. Victims of harassment and stalking are overwhelmingly females or children, while most stalkers are white males between the ages of 18 and 35.34 Although motivations of individual stalkers vary, there are four general categories. The first, and most common, are known as obsessional stalkers. On average, these individuals seek to re-establish a relationship with an unwilling partner and are considered to be the most dangerous of stalkers. In fact, their pattern of intimidation, coercion, and harassment are almost parallel to that of the perpetrators of domestic violence. The second most common category involves individuals who have low self-esteem and target a victim whom they hold in high regard. An example of this love-obsession stalker is John Hinkley, Jr.—who shot President Reagan to gain the attention of actress Jodie Foster. The third category of stalkers is referred to as erotomaniacs. These stalkers are delusional and believe that their victim is in love with them or has had a previous relationship with them. When arrested, these individuals often garner much media attention, as their intended targets are often celebrities or high-profile people. Perhaps the best example of this type of stalker was Margaret Mary Ray, a middle-aged mother who repeatedly broke into David Letterman’s home. Ray, a diagnosed schizophrenic, told investigators and responding officers that Letterman was her husband. While it is not clear what motivates this particular group of stalkers, academics suggest that mental illness or tragic events precipitate this sort of behavior. (Ray eventually ended her own life by placing herself in front of a locomotive.) The final category of stalkers is the newest and most unique. Unlike the previous categories, the vengeance or terrorist stalker does not seek or fantasize about a personal relationship with the victim. Rather, these individuals are motivated by either economic gain or revenge.35 CYBERSTALKING AND CYBERHARASSMENT In addition to increasing the viability of vice crimes to assorted individuals, computers have also provided the means for many individuals to more effectively stalk and harass their targeted victims. Just as its real-world counterpart, the insidious nature of this type of activity has remained unrecognized. In fact, individuals were free to verbally, physically, and sexually harass and terrorize objects of their attentions. However, Congress enacted a legislation in 1994 which prohibited this type of behavior, due primarily to the attention garnered in the wake of the stalking and murdering of actress Rebecca Shaeffer in 1990. In the most general sense, stalking may be defined as the willful, malicious, and repeated following and/ or harassing another person in an effort to inflict or cause fear of actual harm through words or deeds. By extension, cyberstalking is the same form of activity committed via electronic communications. Cyberharassment, on the other hand, focuses on actual harm suffered, including defacement of character, and the like. In fact, the distinctions between the two are subtle at best. In a general sense, the primary differences between the two involve actual harm suffered. Cyberstalking statutes, for example, are directed at activities which may be threatening or may result in injury. Cyberharassment statutes, on the other hand, focus on activities that are threatening, harassing, or injurious on their face. Due to the lobbying of many Hollywood heavyweights, stalking is often treated more harshly and is usually treated as a felony. Fortunately, federal authorities and many state legislators have passed antistalking legislation. However, both have failed to fully incorporate all of the activities which may be committed in this increasingly sophisticated age. For example, the Interstate Stalking Punishment and Prevention Act of 1996 (18 U.S.C. § 2261A) made it a federal offense to travel across a State line or within the special maritime and territorial jurisdiction of the United States with intent to injure or harass another person, and in the course of, or as a result of, such travel places that person in reasonable fear of, or serious bodily injury to… that person or a member of that person’s immediate family shall be punished as provided in section 2261 of this title. Although this has been used successfully, other federal legislation directly targeting online stalking have not passed congressional muster (two bills, introduced in the 103rd and 104th Congress, died in committee). These bills would have amended the Federal Telephone Harassing Statute to include communications by modem or other two-way wire and would have forbidden anonymous interstate or foreign communications made with the intent to annoy, abuse, threaten, or harass any person at the called number. In the past several years, most states have attempted to modernize traditional statutes, and 44 states specifically incorporate electronic communications in their stalking and harassment statutes.36 In addition, other states have passed legislation or rendered traditional statutes technology-neutral. However, there appears to be a lack of consensus regarding the insidious nature of harassment and stalking activities overall, and third-party harassment and/or stalking has not been addressed. Thus, new legislation at all levels is desperately needed as online stalking will almost certainly outpace offline stalking due to the perceptions of confidentiality and the empowerment of anonymity. Many individuals, including both law enforcement and civilians, continue to perceive that cyberstalking is less dangerous than physical stalking. However, cyberstalking has the potential to be far more insidious and pervasive as the popularity of remailers, anonymizers, ease of access, mass distribution capability, and the like increase. As with other crimes, individuals who may not be tempted to engage in physical retribution or stalking of a particular victim may be lured into cyberstalking. In addition, such activities may lead to physical or real-world stalking activities. Eight percent of women and 2 percent of men in America are stalked each year. In the general public, these numbers would represent over 1 million women and 370, 990 men in the United States every year.37 However, the LAPD District Attorney’s Office and NYPD’s estimates of cases that include physical stalking predicated on previous electronic communications are 20 percent to 40 percent, respectively. (In Great Britain, the figures were 58 percent of men and 41 percent of women as victims.) Generally speaking, empirical e...
Purchase answer to see full attachment