Computer Crime for Law Enforcement Professionals – a Glossary

6718984211_d587a5cc45

One would be hard-pressed to come up with a segment more under-prepared for their challenge than law enforcement professionals faced with the task of policing the world of computing. Detective work was much simpler when everybody and his mother didn’t have a computer. Herein, some basic terms to get you started.

HACKER: The meaning of the word hacker has been corrupted from its original intention. Originally, it meant somebody who was very good at programming. The members of the MIT labs, AT&T Bell labs, and Xerox Parc originally referred to themselves as ‘hackers’, in much the same way that a ranch worker would use the title ‘cowboy’. Not everybody who calls themselves ‘hacker’ today is admitting to criminal activity. Nevertheless, there has been much awareness of how the term has changed, so that now a security professional working in computers may designate their specialty with a hat color system: e. g. a ‘white hat hacker’ programs security and encryption software, a ‘black hat hacker’ practices overcoming security and encryption, etc. Outside of the security field, the term hacker has fallen widely out of use.

CRACKER: What the public actually means when they say ‘hacker’. A cracker breaks into networks and servers for all variety of crimes requiring access, ranging from identity theft to setting up a botnet. Contrary to the popular Hollywood image, a cracker in fact is not particularly adept at programming or computers in general, but is merely exploiting a widely-known (in the underground) security hole in a given system usually using a simple tool downloaded from a “hacking” website. A cracker is no more a computer wizard than a car thief is a master mechanic. In fact, the nature of breaking into computers and breaking into houses and cars is almost identical.

CYBERSTALKING: The most common complaint you will be dealing with in street police work. People will use the Internet to stalk and harass their intended victim. The tools for discovering personal details of someone are widely available on the web. It is suggested that you try to use online “people finder” services to see how much information there is available about yourself, for starters.

It is quite easy to find out last known address from a name, a name and location from a website address, a location and service provider for an IP address, personal details for a chat room screen nick or email address, and so on. A dedicated stalker will use every service at their disposal, compiling information from various sources until they at least have a way to contact their target, if not steal their target’s identity.

PIRACY: This can be anything from the ‘ripping’ (breaking copy protection) of commercial software which is then posted online for resale or ratio-download (called ‘warez’) to the copying and distribution of media (CDs, DVD movie, etc.). If you thought the war on drugs was out of hand, you’ll have a similar feeling about Internet piracy. There is effectively nothing that can be done to cure the problem, only half-measures to stifle it. The issue is mired in the international business and laws of the world, the hazy issue of how far copyright extends under what circumstances, the various definitions of fair use, and the blundering incompetency of such entities as the RIAA, which is more likely to harass innocent grandmothers (who accidentally received an unauthorized tune in their electronic greeting card) than go after a real pirate.

Furthermore, digital protections against piracy do nothing to stop real pirates, but are great for preventing you from watching the DVD movie that you paid for on your PC. It may be ten years yet before the world gets a handle on this. In the mean time, take piracy accusations with a grain of salt, and only pursue an investigation if you know the suspect is actually running a large-scale piracy operation for profit.

IDENTITY THEFT: Related to the above entry on cyber stalking, this has a different motive. Instead of the perpetrator having a personal grudge against the victim, this is for profit. Mainly credit card numbers and bank data are targeted, and then sold internationally for sums of money. The means of stealing the data can be anything from ‘dumpster diving’ for receipts and discarded paperwork, to theft of computers containing customer databases to online scams to con gullible users into surrendering personal data. A huge underground, international market exists for this activity, and it is even said that identity theft drives “the new mafia”.

PHISHING: The number-one method of online identity theft. Phishing is a very basic process: you just build a web site that looks just like a bank web site, spam emails to potential bank customers with a link to the fake site and some kind of story about how they need to come to it and re-enter their data (frequently the story is that the bank’s site crashed and they have to update their financial records), then record the data and sell it to the stolen identity market. A large segment of the population is shockingly trusting of phishing scams.

‘419’: This is the most common variety of online confidence scheme. Instead of posing as a bank site, the perpetrator poses as any variety of fanciful characters and tells a story hoping to get money out of the victim. The classic ‘419’ scam is to pose as a foreign price who has a huge amount of money they need to store, and offers to give some to the victim. The victim is then gradually coerced through subsequent online correspondence to send the perpetrator money for some made-up reason like ‘processing fees’.

This is also known as the ‘advance fee fraud’. The variations range as far as human imagination permits, and includes posing as a lottery authority notifying the victim that they’ve ‘won’, a lawyer notifying the victim of an inheritance from a distant relative, soap-opera-like kidnapping plots where the victim is persuaded that they’re rescuing a victim by paying a ransom, and highly fanciful plots worthy of a novel. In some countries, profits from ‘419’ scams actually count as a sizable portion of their gross domestic product!

BOTNET: This involves infecting the target computer with a virus whose purpose is to take over the target computer, turning it into the criminal’s puppet. These are always large-scale operations, with a global network of “zombie” computers operating at the criminal’s whim, who then unites the machines in a botnet and uses it to perpetrate another crime such as spamming, attacks against web servers, identity theft, and so on. The “master” of a botnet is sometimes referred to as a ‘herder’. The victim is never aware that their computer has become part of these zombie networks. This is again a part of the international cyber-crime scene.

Freelance writer for over eleven years.

Security Uniforms Formal Wear Uniform Scrubs

1020-20120118 Save the LOL Cats
internet piracy
Image by Chris Piascik
Daily Drawing #1019: Save the LOL Cats – bit.ly/x4o9JX #SOPA

Related Internet Piracy Articles

Media Piracy and Law Enforcement

7099106561_8ddf80db4a

Once upon a time, music played for free on the radio. And you could record a cassette if you wanted to, and you could listen to it as many times as you wanted to, and nobody thought you were a pirate if you shared it with your friends. In fact, this was seen as a way for new bands to break into the market; quite frequently receiving a mix tape would be motivation to buy the album of the band whose song was included.

What little concern there was over music piracy was restricted to “bootleg” tapes made at concerts. Even one of the most outspokenly liberal musicians ever, Frank Zappa, vented in vain at bootleg tapes of his music. He went so far as to include the tape of an interview expressing his anger with this practice at the beginning of his “As An Am” album, part of his “Beat the Boots” project. But even at its most vampiric, the bootleg recording industry was hardly able to suck off more than a single-digit percentage of profits.

But then the Internet happened. And suddenly, through it, the sharing of a home-made recording suddenly became something you could provide to thousands of people instead of one or two friends. Where even the recording of several purchased CDs onto cassette tape was only moderately a big deal before, now it is a major industry.

The media piracy issue is one of the most vitriolic hot-button issues in today’s Internet culture. The major factors being:

* The RIAA. The Recording Industry Association of America may live on in history as being one of the most ineffective measures of copyright protection the world has ever seen. Its methods have been draconian, never once catching a pirate, but relentlessly pursuing everyone from soccer moms to grandmothers to even dead people with a lawsuit for receiving a pirated tune, which in and of itself is not even a crime. Funded by the not-particularly successful record labels and armed with a battalion of lawyers, the RIAA’s practices have so far been futile at stopping piracy and harassing of legitamate users.

* Sony – became the laughing stock of 2006 with the Rootkit Fiasco. Sony included a malicious program on several music CDs, which installed a computer program called a “rootkit” on any computer you stuck them into, for the purposes of preventing unauthorized copying. The attempt backfired two ways: not only did it do nothing to prevent copying, but it crippled the software on the computer by compromising its security layer; any hacker looking to break into a computer need only look for the rootkit and they were in! Sony faced consumer lawsuits for this attempt and had to distribute an uninstaller for the rootkit, which itself was another botch in that it introduced more security holes into the system after patching its own rootkit. Sony lost millions of customers with this fiasco, many of whom swore publicly that they would never trust Sony again.

* The DMCA. The Digital Millennium Copyright Act is the United States copyright law which both criminalizes production and dissemination of technology, devices, or services that are used to circumvent measures that control access to copyrighted works and criminalizes the act of circumventing an access control, even when there is no infringement of copyright itself. This law has since endured no end to controversy, and is in the process of being reformed. The DMCA is said to be anti-competitive; because it gives copyright holders and the technology companies (including the ones convicted of monopolistic practices under anti-trust laws) that distribute their content the legal power to create closed technology platforms and exclude competitors from inter-operating with them. Once again, DRM technologies are clumsy and ineffective; they inconvenience legitimate users but do nothing to stop pirates.

The whole problem with copyright protection stems from the haziness of defining at what point someone has broken the law. Say I bought an album on tape cassette, brought it home, and played it on my stereo so that my whole family can hear it. I’m not a pirate yet. I upgraded my stereo to a new model and copied that album to a compact disk so that my new stereo can play it. Obviously, I haven’t stolen anything here, but now I might be breaking a law intended to stop me from copying it for piracy purposes. If I play it so my whole family can hear it in the living room, that should be no different from if I made a separate CD copy for each member of my family so they can all listen to it in their bedrooms with their headphones on. Am I a pirate now?

The further problem is that digital protections against copyright are platform and player-specific. There has been a whole quagmire of different devices such as the Apple iPod, Microsoft Zune, handheld game consoles, cell phones, and other devices capable of recording, storing, and playing back music. These features are sold to us as benefits of the device, and yet when we get them home we find that we have to pay for the song some six times to be able to listen to it on each device – if indeed (as is seldom the case) the song has even been ported to that platform! Subscribing to a DRM-protected device further restricts the user’s freedom to switch to a different device – you’re locked in, and would be breaking the law if you moved the media from one device to another – even if you, yourself, wrote and recorded that song at home!

The turmoil over media piracy isn’t likely to end any time soon. Fortunately, the legal system has so far left the enforcement of copyright concerns to private industry, which isn’t doing such a hot job of enforcing copyright anyway. Consider that any country in the world can host any media pirate and in fact several countries do just that, with no laws to stop them. Pirated media is very big business in some countries, not because they want to steal, but simply because they want that media to play on their own independently produced digital devices. Remember when you could just buy a record and drop it on any record player and it would just play?

Freelance writer for over eleven years.

Uniforms Formal Clothing Uniform Scrubs

CISPA – The solution is the problem
internet piracy
Image by DonkeyHotey
CISPA – another bad law that undermines citizen rights while purporting to solve a problem.

"They" won’t be satisfied until they completely bypass the 4th Ammendment. "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." This is part of a never ending rain of over broad legal maneuvers designed to limit citizen’s rights of property and free speech including: SOPA, PIPA, ACTA, the DMCA, Sonny Bono Act and more.

Read more about it: CISPA Isn’t ‘Son of SOPA’ (But That’s Not Saying Much) by Brock N. Meeks on Wired Threat Level.

The source image for the truck in this cartoon is a Creative Commons licensed photo from Joelk75’s Flickr Photostream.

More Internet Piracy Articles