Crime in Global Information Network
(High-Tech Crime[1])
Robert Brumnik prof. dr. Iztok Podbregar
Abstract
Purpose - With this research we will find out relation between worldwide countries which have been updated Convention on Cyber crime[2] (Cyber Crime Laws and Terrorism Acts) up to y.2006, and Cyber attacks done up to y.2006. The primary research questions is; What is Cyber attacks impacts on Countries with Cyber Crime Laws and Terrorism Acts updated, comparative to Countries which not update Cyber Crime Laws and Terrorism Acts. Are Countries with updated Laws and Acts considerable less exposure to attacks, from Countries witch haven’t Laws and Acts updated.
Design/Methodology/Approach - A mixed research method approach was used.
Findings - Research results shown on decreasing index (percent) of Cyber attacks in U.S. of America which have updating Cyber Crime Law and Terrorism Acts in years 2000.
Research limitations/Implications - In this comparison research we based on pre-research data’s. Responders from second part of research (attack impact from y.2000 to y.2006) were from close base of U.S.-based members of the Computer Security Institute (CSI), information security professionals. Research conclusions in this paper are summarizing from one country U.S. of America.
Practical Implications - In article we examine how activists, hacktivists, and Cyber terrorists use the Information Technologies and what impacts they have been to exert on government and nongovernmental, Information Security Law. Article describes modern Cyber attacks, Netwar techniques, and offer worldwide overview methods of modern Warfare.
Originality Value - The techniques that have been developing to disrupt the “Cybercriminal” are now being implementing in the “War on Terrorism”. This has greatly increased the burden on, and risks for, all in the government and commercial sector, together with their professional advisers.
Key-words - Netwar,Spyware, Electronic Warfare[3], Hi-Tech Crime, Hacktivists
Paper type - Research Paper

1 Hi-tech Crime
Computer crime we can defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud.
Botnets are very popular hi-tech criminals because they can put to so many different uses. The slaves or bots in a botnet can be use to send out spam or phishing e-mails. They can become the seeding network for a new virus outbreak or act as a distributed data storage system for all kinds of illegal data. Spammers, phishing gangs, and others often rent a botnet to use for their own ends. When we put computer online it was, on average, hit by a potential security assault on average every 15 minutes.

2 Netwar
The first war on the Internet (Netwar[4]) was characterizing by the conflict in Kosovo. In April 1999, the Los Angeles Times wrote that the Kosovo conflict was turning cyberspace into anethereal war zone where the battle for the hearts and minds is being waged through the use of electronic images, online discussion group postings, and hacking attacks. Government and nongovernmental actors used the net to disseminate information, spread propaganda, demonize opponents, and solicit support for their positions. Also hackers used it to voice their objections to both NATO and Yugoslav aggression by disrupting service on government computers. Hackers took over their web ******* Individuals used it to tell their stories of fear and horror inside the Networks. Conflict zone, while activists exploited it to amplify their voices and reach a wide, international audience. And people everywhere used it to discuss the issues and share text, images, and video clips that were not available through other media. NetWare we can define as postmodern war which is not mainly about weapon technology. Good information technology sure makes a difference to conventional war methods. In these Netwar operations social activists seem the most effective actors. Our analytic approach should prove conceptually sound for era to come. Typical Netwar actors or groups include transnational terrorists, criminal organizations, activist groups, and social movements that employ decentralized, flexible network structures. The term is proposed in order to focus specifically on the spread of network based organizational structures throughout the low intensity of societal conflict. It is argued that other terms applied to information age conflict, such as ‘information warfare,’ are inadequate, focusing too narrowly on technological issues while missing the broader social transformation enabled by technological advances

3 Hi-Tech Crime and Netwar Techniques

3.1 Spoofing and Sniffing-How it is done?
Spoofing is an active security attack in which one machine on the network masquerades as a different machine. As an active attack, it disrupts the normal flow of data and may involve injecting data into the communications link between other machines.
Devices that incorporate sniffing are useful and necessary. However, their very existence implies that a malicious person could use such a device or modify an existing machine to snoop on network traffic. Sniffing programs could be use to gather passwords, read inter-machine e-mail, and examine client-server database records in transit. Besides these high-level data, low-level information might be use to mount an active attack on data in another computer system. In a shared media network, such as Ethernet, all network interfaces on a network segment have access to all of the data that travels on the media. Each network interface has a hardware-layer address that should differ from all hardware-layer addresses of all other network interfaces on the network.

3.2 Sniffing tools
Esniff.c[5] is a simple 300-line C language program that works on SunOS 4.X. When run by the root user on a Sun workstation, Esniff captures the first 300 bytes of each TCP/IP connection on the local network. It is quite effective at capturing all usernames and passwords entered by users for telnet, rlogin, and FTP.
TCPDump[6] is a common, more sophisticated, and more portable Unix sniffing program written by Van Jacobson, a famous developer of high-quality TCP/IP software.
NetMan[7] contains a more sophisticated, portable Unix sniffer in several programs in its network management suite. EthDump[8] is a sniffer that runs under DOS.

3.3 Denial of Service Attack
Denial of service is about without permission knocking off services, for example through crashing the whole system. Another definition that conform more to this paper is that denial of service is seeing to that someone do not get what they paid for.Denial of service attacks are easy to launch and it is hard to protect a system against them. The basic problem is that Unix assumes that users on the system or on other systems will be well behaved.
3.4 Cyber Espionage
Cyber espionage involves the unauthorized probing to test a target computer’s configuration or evaluate its system defenses, or the unauthorized viewing and copying of data files. However, should a terrorist group, nation, or other organization use computer hacking techniques for political or economic motives. Their deliberate intrusions may also qualify them, additionally, as Cyber criminals. If there is disagreement about this, it is likely because technology has outpaced policy for labeling actions in cyberspace. In fact, industrial cyber espionage may now be consider a necessary part of global economic competition, and secretly monitoring the computerized functions and capabilities of potential adversary countries may also be consider essential for national defense.


Figure 1. Diagram of Purported Echelon[9] Spy System
U.S. counterintelligence officials reportedly have stated that about 140 different foreign intelligence organizations regularly attempt to hack into the computer systems of U.S. government agencies and U.S. companies. Cyber espionage, which enables the exfiltration of massive amounts of information electronically, has now transformed the nature of counterintelligence.

3.5 Biometric spoofing
With developing of Biometric Tehnology we must aware that criminal parallel Biometric spoofing become very sofisticated. Different biometrics may be attacked in different ways. For example, researchers was successfully trick fingerprint systems with fake fingers made of gelatine in the past. Similarly, thieves could try to spoof facial recognition systems with photos, videos or facial disguises in order to get access to the systems or information they protect.
Currently it's only researchers that are doing spoofing and copying. It's not a mainstream activity - but it will be. It's just human nature; if it can be done it will be done if you can achieve some benefit from it.
Part of the problem is that many of the biometrics used by these systems are easily visible. Many people are trying to consider biometrics as secret but we must to know they aren't. Our characteristics such as faces and irises are visible and our voices may be recorded. We left fingerprints and DNA everywhere we go and it's been proved that these are real threats.
To avoid such as spoofing biometric producers offer tighter security biometric systems - for example to check that a real iris is being presented rather than a photo or that a finger has a pulse.

3.6 Information Theft
With growing infirmation technnology usage there have been also growing number of cases of information theft over the past few years. While more and more electronic security measures have been going up to protect people's possessions and information, these new technologies have bugs and design flaws that are opening up whole new worlds for the technologically advanced criminal.

3.7 Identity theft
Botnets[10] and other examples of malicious code can operate to assist Cyber criminals with identity theft. Identity theft occurs when a criminal uses another person's personal information to take on that person's identity. Identity theft is much more than misuse of a Social Security number-it can also include credit card and mail fraud. Malicious code can scan a victim’s computer for sensitive information, such as name, address, place, and date of birth, social security number, mother’s maiden name, and telephone number. We can buy and sell in online markets with full identities obtained this way. False identity documents can then be creating from this information using home equipment such as a digital camera, color printer, and laminating device, to make official-looking driver’s licenses, birth certificates, reference letters, and bank statements.
4 Research[11] of most significant Cyber attacks on worldwide government’s infrastructure in y.2007

GERMANYGermany’s respected weekly, Der Spiegel, reported that China was thought to have hacked into the computer systems of Germany’s chancellery as well as systems at three ministries, infecting the networks with spy programs. The alleged attacks occurred just before Chancellor Angela Merkel visited Beijing. Computers in the chancellery and the foreign, economics and research ministries were targeted. The German Federal Office for the Protection of the Constitution (BfV) conducted a comprehensive search of
government IT installations and prevented a further 160 gigabytes of information from being transferred to China. They described it as “the biggest digital defense ever mounted by the German state.” The information was being siphoned off
almost daily by hackers in Lanzhou (northern China) in Canton Province and in Beijing. The scale and nature of the stolen data suggested that the operation could have been steered by the state.
The Chinese Embassy in Berlin described the accusation of the state-steered hacking as “irresponsible speculation without a shred of evidence.”


UNITED STATES In June 2007, a Pentagon computer network was hacked into by China-based perpetrators in “one of the most successful cyber attacks” on the US Department of Defense. While
it is questionable how much sensitive information was stolen, the incident succeeded in raising concerns to a new level as it highlighted how systems could be disrupted at critical times. Many were quick to point the finger at the Chinese military, but a Chinese Foreign Ministry spokesperson dismissed the allegations as groundless.”













NEW ZEALAND & AUSTRALIA Asia Pacific News reported that Chinese hackers had allegedly tried to hack into highly classified government computer networks in Australia and New Zealand as part of a broader international operation to glean military secrets from Western nations. According to news.com.au, Canberra refused toeither confi rm or deny that its agencies, including the Defense Department, had been subject to cyber attack. New Zealand Prime Minister Helen Clark confirmed that foreign intelligenceagencies had tried to hack into government computer networks but had not compromised top-secret data banks. The Chinese government has denied any involvement.


INDIA The National Informatics Centre (NIC) was reportedly attacked from dial-up Internet connections in China. Key intelligence officials claimed that hackers broke into the e-mail accounts of 200 ministers, bureaucrats and defense officials and continue to raid Indian servers at the rate of three to four a day.vi China has denied all claims that it is behind the attacks.


ESTONIA In April 2007, Estonia experienced distributed denial-of-service (DDoS) attacks on government, and bank servers for several weeks. The incidents followed the removal of a Soviet statue from a central Tallinn Square to the outskirts of the city. At the height of these attacks, 20,000 networks of compromised computers werelinked, and analysis of the malicious traffic showed that computers from the United States, Canada, Brazil, Vietnam and others were involved. “It was a political campaign induced by the Russians; a political campaign designed to destroy our security and destroy our society. The attacks had hierarchy and co-ordination,” said Mikhel Tammet, director of the Estonian communication and information technology department. It was a probing attack from which attackers and defenders both learned a great deal. Russian officials deny that claim. Kremlin representative Dmitri Peskov called it “out of the question” that the Russian government was involved in the attacks.










5 Research for updating[12] Cyber Law and Terrorism Act up to y.2006

In this section (See Figure 2) we research countries approach to Cyber Convention updated in y. 2000. We can see that only 10 countries have fully updated Cyber Conventtion in y. 2000.

Figure[13] 2: Progress on Updating Cyber Crime Laws in y.2000

For furthure research (Chapter 5.1) we deside to fully researh U.S. of America from y.2000 to y.2006 cause of well-formed Information Technology. Our supposition is that U.S. of America have highly developed Information Technology from all of updated country in y.2000 so we can resume on competent research case.

5.1 About the Methodology, Respondents[14] and Organizations
Information on the organizations that responded we can find in figure 2. There are, organizations covered by the survey include many areas from both the private and public sectors. The sectors with the largest number of responses came from finance (17 %), followed by consulting (14%), information technology (11 %) and manufacturing (9%). The portion coming from government agencies (combining federal, state and local levels) was 14 %, and educational institutions accounted for 8 % of the responses. The diversity of organizations responding was also reflected in the 11 % designated as “other.” The proportion of respondents coming from the various sectors remains roughly the same as in previous years.
All shared information about occasions when their defenses were overrun and, in particular, to provide data regarding financial damages, the survey is conducted anonymously. A necessary result of this is that direct longitudinal analyses are not possible.
Figure 2: Respondents by industry sector (y.2006, 615 respondents)
For nearly all categories of attacks or misuse, (See figure 3) shows, the trend of such attacks detected appears to be decreasing over the years. However, there have been some small increases of reported attacks involving system penetration, financial fraud, sabotage, Web site defacement and misuse of public Web applications. Attacks involving unauthorized access to information and theft of proprietary information were reported at virtually the same levels as reported for 2005.
TYPE OF ATTACKS 2006

Virus 65%

Laptop/mobile theft 47%

Insider abuse of Net 42%
Access

Unauthorized access 32% to information

Denial of service 25%

System penetration 15%

Abuse of wireless 14%
network

Theft of proprietary 9% information

Financial fraud 9%

Telecom fraud 8%

Misuse of public Web 6%
Application

Web site defacement 6%

Sabbotage 3%




Figure[15] 3: Types of attack or misuse detected up to y.2006 by
percentage respondents (615 respondents)
6 How avoid to unexpected scenarios?
To avoid many malicious possibilitys it is today's research and development task to produce the crime-resistant products of the future. So we must take every opportunity we can to use science and technology to reduce crime and improve the quality of our lives.
In order for a wide implementation of this technology, standards must be developed that will allow for their consistent use. The International Organization for Standards ISO/IEC JTC1 is the governing body of international biometric standards, but this standardization is still in progress. Also there are many International Standards such us ISO/IEC 19794-5to define Image Quality Requirements and BS7799 covering ten major sections, each a different area as a Business Continuity Planning , System Access Control, System Development and Maintenance, Physical and Environmental Security, Compliance, Personnel Security, Security Organisation, Computer & Network Management, Asset Classification and Control, Security Policy to maximum protect Information System and personal informations.
In the future, fixed biometric standards will be in place to guide vendors and developers in the areas of biometric application profiles, interfaces, and system performance. Along with standardization there should be certain privacy issues addressed by law such as privacy and specific use guarantees as well as checks and balances to conduct audits to ensure compliance with these guarantees. This is a good reason that encryption and digitalization are recommended by leading industry organizations such as International Biometrics Industry Association (IBIA) and the BioAPI Consortium.

7 Conclusion-Future Challenges
Global security trend identified by security experts consulted is the emergence of an entire economy geared to outfit criminals with the tools for Cyber crime.
Reliance on terrestrial laws is an untested approach.
Despite the progress being made in many countries, most countries still rely on standard terrestrial law to prosecute Cyber crimes. The majority of countries are relying on archaic statutes that predate the birth of cyberspace and have not yet been tested in court.
Weak penalties limit deterrence.
The weak penalties in most updated criminal statutes provide limited deterrence for crimes that can have large-scale economic and social effects.
Self-protection remains the first line of defense.
The general weakness of statutes increases the importance of private sector efforts to develop and adopt strong and efficient technical solutions and management practices for information security.
A global patchwork of laws creates little certainty.
Little consensus exists among countries regarding exactly which crimes need to be legislated against. Figure 2 illustrates the kinds of gaps that remain, even in the 19 countries that have already taken steps to address Cyber crime. In the networked world, no island is an island. Unless crimes are define in a similar manner across jurisdictions, coordinated efforts by law enforcement officials to combat Cyber crime will be complicated.
A model approach is need.
Most countries, particularly those in the developing world, are seeking a model to follow. These countries recognize the importance of outlawing malicious computer-related acts in a timely manner in order to promote a secure environment for ecommerce. But few have the legal and technical resources necessary to address the complexities of adapting terrestrial criminal statutes to cyberspace. A coordinated, public-private partnership to produce a model approach can help eliminate the potential danger from the inadvertent creation of cyber crime havens.

8 Discussion
Law Is Only Part of the Answer.
Extending the rule of law into cyberspace is a relative critical step to create a trustworthy environment for people and businesses. Because that extension remains a work in progress, organizations today must primarily defend their own systems and information from attack, be it from outsiders or from within. They may rely only secondarily on the deterrence that effective law enforcement can provide. To provide this self-protection, organizations should focus on implementing Cyber security plans addressing people, technology, and process issues. A common example is, when a person starts to steal information from sites, or cause damage to, a computer (network). In this research we can see that law is only part of Cyber security progress. There are many other parameters implicate to Security Plan.
Organizations need to commit the resources to educate employees on security practices, develop thorough plans for the handling of sensitive data, records and transactions, and incorporate robust security technology-such as firewalls, anti-virus software, intrusion detection tools, and authentication services throughout the organizations' computer systems.
For example, where the offense requires proof of a trick or deception as the operative cause of the theft, this may require the mind of a human being to change and so do or refrain from doing something that causes the loss. Increasingly, computer systems control access to goods and services. Issues surrounding hacking, copyright infringement through warez, child pornography, and child grooming, have become high-profile. But this emphasis fails to consider the equally real but less spectacular issues of obscenity, graffiti appearing on websites and "cyberstalking" or harassment that can affect everyday life. There are also problems of privacy when confidential information is lost, say, when an e-mail is intercepted whether through illegal hacking, legitimate monitoring (increasingly common in the workplace) or when it is simply read by an unauthorized or unintended person.

Literature and sources:
Erbschloe, M. (2007): A Computer Security Professional’s Guide to Malicious Code, USA.
Granger, S., Social Engineering Fundamentals, Part I: Hacker Tactics, URL: http://www.securityfocus.com/infocus/1527 (15.05.2008).
Hicklin A., Watson C., Ulery B.,(2005): The Myth of Goats: How many people have
fingerprints that are hard to match?, NIST Interagency Report 7271.
Hicklin, R. A., and Khanna, R, (2006): The Role of Data Quality in Biometric Systems
Jain, A. K., Bolle, R. and Pankanti S., (1999): BIOMETRICS: Personal Identification in Networked society, Kluwer Academic Publishers.
Maltoni, D., Maio, D., Jain, A. K. and Prabhakar, S., (2003): Handbook of Fingerprint
Recognition, Springer Verlag.
Nadel, L., (2006), On the Future of Biometrics – Research, Applications, and Social
Challenges, IEEE CVPR 2006.
National Institute of Standards and Technology, Data Encryption Standard (DES), Federal
Information Processing Standards Publication 46-2, 1993.
Ratha N.K., Connell J.H., Bolle R.M., (2001): An analysis of minutiae matching strength,
Proc. 3rd AVBPA, Halmstad, Sweden.
Russian Password Crackers: Fastest, tested password recovery utilities.
URL: http://www.password-crackers.com/ (14.05.2008)
S. Meagher, A. Hicklin, (2005): Extended Fingerprint Feature Set, ANSI/NIST ITL 1-2000
Standard Workshop II, 6 December.
Umut Uludag, Anil K. Jain, (2003): Multimedia Content Protection Via Biometrics-Based
Encryption International Conference on Multimedia and Expo (ICME 2003), Baltimore, Maryland, USA.
TERENA's Guide to Network Resource Tools: Smart Card Types. URL: http://gnrt.terena.nl/content.php?section_id=131 (12.05.2008)

Authors’ addresses
Robert Brumnik, B.Sc.; University of Maribor, Faculty of Criminal, Justice and Security Sciences, Kotnikova 8, Ljubljana, Slovenia.
Iztok Podbregar, Ph.D., Assoc. Prof.; University of Maribor, Faculty of Criminal, Justice and Security Sciences, Kotnikova 8, Ljubljana, Slovenia.




[1]Computer Crime, Cyber Crime, e-Crime, Hi-Tech Crime or Electronic Crime generally refers to criminal activity where a computer or network is the source, tool, target, or place of a crime. These categories are not exclusive and many activities can be characterized as falling in one or more category URL: http://en.wikipedia.org/wiki/Computer_crime (15.05.2008).

[2]Cybercrime convention; http://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=185&CM=8&DF=18/06/04&CL=ENG.

[3] Electronic Warfareinvolves the widespread use of highly advanced technology. As a term, it is generally associated with technologically advanced weaponry and tactics. is the use of the electromagnetic spectrum to effectively deny the use of this medium by an adversary, while optimizing its use by friendly forces. Electronic warfare has three main components: electronic support, electronic attack, and electronic protection URL: http://en.wikipedia.org/wiki/Electronic_warfare (12.05.2008). Also See CRS Report RL31787, Information Warfare, and Cyber war: Capabilities and Related Policy Issues, by Clay Wilson.


[4]Netwar is a term developed by RAND researchers John Arquilla and David Ronfeldt to describe an emergent form of low intensity conflict, crime, and activism waged by networked actors URL: http://www.reference.com/browse/wiki/Netwar (12.05.2008).

[5]Esniff.c;URL: http://www.hoobie.net/security/exploits/hacking/Esniff.c(14.05.2008)

[6]TCPDump 3.0.2; use the libpcap library for portably interfacing with promiscuous mode network interfaces. The most recent version is available via anonymous FTP to ftp.ee.lbl.gov.

[7]NetMan ,the latest version of is available via anonymous FTP to ftp.cs.curtin.edu.au in the directory /pub/netman.

[8]EthDump can be obtain via anonymous FTP from ftp.eu.germany.net in the directory /pub/networking/inet/ethernet/.

[9]Echelon is a name used in global media and in popular culture to describe a signals intelligence collection and analysis network operated on behalf of the five signatory states to the UKUSA agreement; Australia, Canada, New Zealand, the United Kingdom and the United States, known as AUSCANZUKUS. ECHELON was capable of interception and content inspection of telephone calls, fax, e-mail and other data traffic globally through the interception of communication bearers including satellite transmission, public switched telephone networks and microwave links.
The UKUSA intelligence community is assessed by the European Parliament to include the Signals Intelligence organizations of each of the member states viz United States National Security Agency, United Kingdom Government Communications Headquarters, Canada Communications Security Establishment, Australia Defence Signals Directorate and New Zealand Government Communications Security Bureau. The EP report concludes that it seems likely that ECHELON is a method of sorting captured signal traffic, rather than a comprehensive analysis tool.

[10] Botnets, or “Bot Networks,” are made up of vast numbers of compromised computers that have been infected with malicious code, and can be remotely-controlled through commands sent via the Internet.


[11] Some details of Researh are summarized from McAffe »Virtual Criminology Report« from y.2007 and from URL:http://www.timesonline.co.uk/tol/news/world/asia/article2388375.ece (12.05.2008), URL:http://www.guardian.co.uk/china/story/0,,2162161,00.html (12.05.2008), URLhttp://news.zdnet.co.uk/security/0,1000000189,39290289,00.htm (12.05.2008), URL:http://www.washingtonpost.com/wp-dyn/content/article/2007/05/18/AR2007051802122_2.html(12.05.2008),URL:http://www.csmonitor.com/2007/0914/p01s01-woap.html(12.05.2008), URL: http://seattletimes.nwsource.com/html/nationworld/2003886833_chinahack16.html(12.05.2008).


[12] Over fifty national governments responded with recent pieces of legislation, copies of updated statutes, draft legislation, or statements that no concrete course of action has been planned to respond to a cyber attack on the public and private sector. Countries were provided the opportunity to review the presentation of the results in draft, and this report reflects their comments.

[13] Figure 2, McConnell International website, www.mcconnellinternational.com , for each of the countries.

[14] Respondents are drawn from a pool of U.S.- based members of the Computer Security Institute (CSI), 33-year-old professional organization for information security professionals. Details on survey methodology can be found in URL: http://americas.utimaco.com/encryption/fbi_csi_2006_p6.html (15.05.2008).


[15]Figure 3 issummarized from CSI/FBI Computer Crime and Security Survey 2006. Source: Computer Security Institute URL:http://americas.utimaco.com/encryption/fbi_csi_2006_p3.html (14.05.2008)