THE GROWING GLOBAL THREAT OF CYBER CRIME: IMPLICATIONS FOR INTERNATIONAL RELATIONS BY FRANCISCA DUAH (10200387) THIS DISSERTATION IS SUBMITTED TO THE UNIVERSITY OF GHANA, LEGON, IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE AWARD OF THE MASTER OF ARTS DEGREE IN INTERNATIONAL AFFAIRS LEGON JULY 2013 University of Ghana http://ugspace.ug.edu.gh i DECLARATION I hereby declare that this dissertation is the result of an original research conducted by me under the supervision of Professor A. Essuman- Johnson and that apart from other works, which are duly acknowledged, no part of it has been submitted anywhere else for any other purpose. ………………………………………. …………………………………… FRANCISCA DUAH PROF. A. ESSUMAN-JOHNSON (STUDENT) (SUPERVISOR) DATE………………………. DATE…………………………. University of Ghana http://ugspace.ug.edu.gh ii DEDICATION This work is dedicated to my parents, Mr. and Mrs. Francis Duah; my uncle Mr. Duah Dankwah and his wife for their support and advice all these years; to my fiancé Joseph Ofori Appiah for his love and support and finally to my beloved brother Francis Boakye Duah, I say thanks for your prayers and assistance. University of Ghana http://ugspace.ug.edu.gh iii ACKNOWLEDGEMENTS Thanks to the Almighty God for making all things possible and with whom this dissertation has seen the light of day. I am most grateful to Professor A. Essuman- Johnson for his patience, guidance and direction in supervising this work. I wish to also thank Mr Alex Amponsah and Mr. Eric Amartey for their support in diverse way. I further want to acknowledge the support of the Ministry of Foreign Affairs and Regional Integration for giving me this opportunity. I am grateful. To other friends - Sammy, Joshua, Clarebel and Grace, I say thanks for your encouragement when things were tough. Finally, I accept responsibility for the views expressed in this essay. University of Ghana http://ugspace.ug.edu.gh iv LIST OF ABBREVIATIONS AND ACRONYMS ASEAN Association of Southeast Asian Nations C&C Command and Control CD Compact Disk CEMAC Economic and Monetary Community of Central Africa CEOP Communications Electronics Security Group CERT Computer Emergency Response Team CLPC Cyberspace Law and Policy Centre CoE Council of Europe CSIS Centre for Strategic and International Studies DDoS Distributed Denial of Service DNS Domain Name System DOJ Department of Justice EAC East African Community EC European Commission ECOWAS Economic Community of West African States ECT ACT Electronic Communication and Transaction Act EFCC Economic and Financial Crimes Commission EU European Union FBI Federal Bureau of Investigation FRANCOPOL France-Polish FTC Federal Trade Commission University of Ghana http://ugspace.ug.edu.gh v GAF Ghana Armed Forces GDP Gross Domestic Product GNP Gross National Product IBM International Business Machines IC3 Internet Crime Complaint Centre ICT Information Communication Technology INTERPOL International Criminal Police Organization IPV6 Internet Protocol Version 6 IRC Internet Relay Chat ISSER Institute of Statistical, Social and Economic Research ITU International Telecommunication Union KPMG Klyneld Peat Marwick Goerdeler LECIAD Legon Centre for International Affairs and Diplomacy NASA National Aeronautics and Space Administration NATO North Atlantic Treaty Organization NHTCU National High Tech Crime Unit OECD Organization for Economic Cooperation and Development SADC Southern African Development Community SCO Shanghai Cooperation Organization SOCA Serious and Organized Crime Agency UAE United Arab Emirates UK United Kingdom UNODC United Nations Office on Drugs and Crime University of Ghana http://ugspace.ug.edu.gh vi USA United States of America US-CERT United States Computer Emergency Team WIPO World Intellectual Property Organization WTO World Trade Organization WW1 Web War 1 WWW World Wide Web University of Ghana http://ugspace.ug.edu.gh vii TABLE OF CONTENTS DECLARATION … … … … … … … … … i DEDICATION … … … … … … … … … ii ACKNOWLEDGEMENTS … … … … … … … iii ACRONYMS AND ABBREVIATIONS … … … … … … iv TABLE OF CONTENTS … … … … … … … … vii ABSTRACT … … … … … … … … … xi CHAPTER ONE: RESEARCH DESIGN 1.0 Background of the Study … … … … … … … 1 1.1 Statement of the Research Problem … … … … … … 4 1.2 Objectives of the Research … … … … … … … 6 1.3 Significance of the Study … … … … … … … 6 1.4 Scope of the Study … … … … … … … … 6 1.5 Hypothesis … … … … … … … … … 7 1.6 Conceptual Framework … … … … … … … 7 1.7 Literature Review … … … … … … … … 8 1.8 Rationale of the Study … … … … … … … 13 1.9 Research Methodology and Sources of Data … … … … 13 1.10 Arrangements of Chapters … … … … … … … 13 Endnotes … … … … … … … … … 14 University of Ghana http://ugspace.ug.edu.gh viii CHAPTER TWO: OVERVIEW OF CYBER CRIME 2.0 Introduction … … … … … … … … … 16 2.1 Origin of Cyber Crime … … … … … … … 17 2.1.1 Cybercrime before Internet … … … … … … 17 2.1.2 Cybercrime after the Emergence of Internet … … … … 19 2.2 Definitions of Cyber Crime … … … … … … … 21 2.3 Types of Cybercrimes … … … … … … … 25 2.3.1 Hacking … … … … … … … … 25 2.3.2 Computer Virus … … … … … … … 25 2.3.3 Malicious Software (Malware) … … … … … 25 2.3.4 Botnets… … … … … … … … … 27 2.3.5 Spam … … … … … … … … … 29 2.3.6 Phishing … … … … … … … … 30 2.3.7 Scams … … … … … … … … 31 2.3.8 DNS Based Attacks … … … … … … … 34 2.3.9 Spoofing … … … … … … … … 35 2.3.9.1 Cyber Terrorism … … … … … … … 35 Endnotes … … … … … … … … … 36 CHAPTER THREE: IMPLICATIONS FOR INTERNATIONAL RELATIONS 3.0 Introduction … … … … … … … … … 38 3.1 Internet and Cybercrime … … … … … … … 38 3.2 Social Implications … … … … … … … … 39 University of Ghana http://ugspace.ug.edu.gh ix 3.3 Economic Implications … … … … … … … 41 3.4 Implications on Market Value … … … … … … 45 3.5 National Security Implications … … … … … … 47 3.6 Challenges of the Law Enforcement Regulations and the Need for Collective Security in the World … … … … … … 51 3.7 Cybercrime in Africa … … … … … … … … 53 3.8 Current legislation and legislative efforts on Cyber Crime in Africa … … 53 3.8.1 Nigeria … … … … … … … 53 3.8.2 South Africa … … … … … … … … 56 3.8.3 Kenya … … … … … … … … 57 3.8.4 Cameroon … … … … … … … … 59 3.9 Cybercrime Legislation and Cooperative Alliances in the United States, United Kingdom and Australia … … … … … … 59 3.9.1 United States … … … … … … … … 59 3.9.2 United Kingdom … … … … … … … 61 3.9.3 Australia … … … … … … … … 62 3.10 Legislations and Regulations on Cyber Crime: Case study of selected countries 64 3.11 Collective Security in the Fight Against Cyber Criminals … … … 67 Endnotes … … … … … … … … … 71 CHAPTER FOUR: SUMMARY OF FINDINGS, CONCLUSIONS AND RECOMMENDATIONS 4.0 Introduction … … … … … … … … … 74 4.1 Summary of Findings … … … … … … … … 74 4.2 Conclusions … … … … … … … … 77 University of Ghana http://ugspace.ug.edu.gh x 4.3 Recommendations … … … … … … … … 77 Endnotes … … … … … … … … … 81 Bibliography … … … … … … … … 82 University of Ghana http://ugspace.ug.edu.gh xi ABSTRACT The emergence of modern technology has brought about advancement in globalization. Computers and the internet have brought advancement with respect to the way people work, play and interact with each other. However computers and the internet have presented new ways to engage traditional crimes such as theft, fraud and piracy in the 21st century. These crimes due to the internet have become organized and sophisticated, leading to what is currently known as Cybercrime. The study therefore sought to analyze the implications of cybercrime, which has become an international problem. It further discussed on the weaknesses and challenges of existing laws and regulations. The qualitative method of analyzes was used in conducting the research work. The method focused on using secondary sources related to cybercrime and mainly sourced secondary materials such as existing books, articles and journal articles. The study found out that the implications of cybercrime have been witnessed in areas such as the economies of companies, governments, societal behaviour, the market value and the national security of nations. The study recommended that in order to prosecute cybercrime, a common framework must be created to punish criminals irrespective of where the crimes were committed. Even though most countries have enacted cybercrime laws, there is the need for a collective approach to fight the menace. The international community needs to revisit the issue of sovereignty since this has become a major standing block in the fight against cybercrime. University of Ghana http://ugspace.ug.edu.gh 1 CHAPTER ONE RESEARCH DESIGN 1.0 Background of the Study The emergence of modern technology has brought about advancement in globalization. This has caused many countries to develop and expand their communication network which enables a faster and easier networking and information exchanges.1In 2011 there were over 2 billion internet users and over 5 billion mobile phone connections worldwide 2 and over “294 billion emails and 5 billion phone messages are exchanged every day.”3 Most of the world‟s population now depend on constant access to the internet for survival. Due to the over dependence on digital networks by businesses, societies and governments, criminals on the other hand have also come to the realization of changing their ways of operations. Crimes have become more organized and advanced with the help of technology, leading to what is now known as cybercrimes. According to Douglas W. Thomas and Brian D. Loader, “computer-mediated activities which are either illegal or considered illicit by certain parties and can be executed through global electronic networks.”4 Over the past few years, the global cybercrime background has changed immensely with criminals employing greater knowledge in cyber fraud, hacking, cyber terrorism, cyber pornography and money laundering which are destructive in all countries. During the past twenty years, smart computer users have fascinated the world and generated a strange feeling composed of admiration and fear by using their machines to commit crimes.5 University of Ghana http://ugspace.ug.edu.gh 2 While the internet serves as a good cause for mankind in the form of faster and cheaper way of conducting global affairs, at the same time it frustrates such efforts. Crimes in cyber space bring together offenders, victims and targets situated in different countries and continents and so the offence goes beyond national territories and boundaries.6 The activity of cyber criminals have gone beyond minimal cyber hacking into activities which have not only crippled security systems of countries, but also the legislative and socio-economic wellbeing of states worldwide. The Chairperson of the National Crime Authority in Australia, Tom Sherman, stated that “criminals have begun to use technological advances to create new form of criminal activities many of which have taken an international dimension.”7 Cyber crime caught the attention of the forty-three member Council of Europe and its Observers such as the United States, Canada, Israel and Japan who drafted the first International Treaty regulating cybercrime. The treaty was voted on in June 22, 2001 and later approved and opened for signature in November 2001.8 This was necessitated after the following series of incidence occurred;  March 2000 saw a joint operation by the Federal Bureau of Investigations (FBI) and the United Kingdom (UK) police, who arrested a computer hacker called “curador”. The hacker stole details of 26,000 credit cards from e-commerce websites worldwide. The man was identified as Raphael Gray, 18 years old. The cost of his activities was estimated at $3million (£1.8million).9  Another incident was in May 4, 2000, when a “worm” called the „Love Bug‟ rapidly affected computers worldwide.10 The process was such that affected machines were used to email it, „worm‟ to other users, corrupting files on computers as it went. Within hours, millions of computers were affected including that of the United Kingdom (UK) and United States of University of Ghana http://ugspace.ug.edu.gh 3 America (USA) government agencies. The damage caused was alleged to have ranged from an estimated $7million to $10 billion dollars. The prime suspect was Onel de Guzman, a 24 year old college dropout from the Philippines. 11 In August 2000, all charges against de Guzman were dropped because the Philippines did not have laws that covered computer hacking under which he could have been convicted.12 The Director of the Federal Bureau of Investigations (FBI) Robert Mueller in February 2003 at a USA senate meeting two years after the September 11 attacks is reported to have confirmed grounds made by cyber criminals. He is quoted as saying that “cyber terrorism is a growing threat to the US national security”.13 He stated that Al-Qaeda and other terrorist groups were increasingly becoming computer confident and would in future have greater chances to strike by targeting critical computer systems using electronic tools.14 In 2008 and 2011, hackers hacked into the systems of the Pentagon and made away with 24,000 files from the Defence Industry networks within a single invasion. This was confirmed by the Deputy Secretary of Defence, William Lynn.15 A cyber attack on Estonia in 2007, blocked websites and paralyzed the country‟s entire internet infrastructure. At the peak of the crisis, bank cards and mobile-phone networks were temporarily frozen.16 Cybercrimes have also become predominant on the African continent with countries like Nigeria, Cameroun and Ghana experiencing cybercrime activities.17 In Ghana, two middle aged Nigerians were on 11th November 2012, arrested for allegedly hacking into the mail server of the Ghana Armed Force (GAF) in an attempt to divert §13,978 belonging to the Ghanaian Peace keepers.18Peter Gottschalk in his book titled “Policing Cybercrimes”, cited Nigeria as a University of Ghana http://ugspace.ug.edu.gh 4 hub for financial crimes.19 He further stated that 122 countries at an INTERPOL meeting complained about Nigerian‟s involvement in financial fraud popularly referred to as “Advanced Fee Fraud” (419) in their countries.20 1.1 Statement of the Research Problem Cyber crime like other forms of crime is multi-faceted and an ever changing problem. In the 21st century, where there is advancement in technology, criminals are no more confined to their own countries but have crossed boundaries without fear. Offenders are not likely to be recognized physically by security authorities or even their victims because of the advancement in using the internet in communication. Criminals operate from country to country, taking advantage of the weaknesses of investigative tools of cybercrime in most countries. They hack the systems of businesses, individuals and governments making cybercrime transnational, which knows no boundaries. Globalization, to a considerable degree, has created an interface that facilitates international trade, finance, political cooperation, security arrangements, among others. It is apparent that globalization has benign attributes, such as the proliferation of technology, merging of cultures, and the prevalence of international finance, among others. Consequently, it is tempting to presume that globalization has no dysfunction. However, in recent times, the globalization of insecurity points to a number of contending issues that the international community must grapple in the light of globalization. Of interest to this research, among others, is the prevalence of cyber crime, a product of globalization that has the potential to undermine the security profile of states and their relationship among each other. University of Ghana http://ugspace.ug.edu.gh 5 For both developed and developing countries, the far-reaching implications of globalization have been witnessed in the area of security, where the widespread nature of cybercrime threatens to undermine the security profile of states and their interaction with each other. Cyber activities such as hacking, cyber pornography, fraud and many others have increased in sophistication due to advancement in technology. States are cautious when conducting businesses through the internet due to the infiltration of networks by cyber criminals. This research explores the various dimensions of cyber crime and the need of combating the menace in the wake of advancement in technology. In this regard, the key research questions the study seeks to answer are:  What policy measures have been adopted in the International system to address cyber security in the wake of globalization?  What is the level of cooperation between states in the wider international community against the background that international cooperation is critical to ameliorating cyber crime?  And what is the state of implementation of these policy measures if any? 1.2 Objectives of the Research Considering the importance of the subject matter to the international community, this research seeks to do the following:  Examine the policy measures available in curbing or stopping cyber crimes in the world in the wake of globalization.  To know the level of cooperation between states in the fight against cyber crime. University of Ghana http://ugspace.ug.edu.gh 6  Assess how effectively the policy measures adopted are being implemented by States.  To recommend appropriate responses if any to help curb or stop the cyber crime menace. 1.3 Significance of the Study The study gives readers an understanding of what cybercrime is and how its emergence has the ability to disrupt security setups, economies, societies, market values of organizations and inter relations among states. 1.4 Scope of the Study This study focuses primarily on the role and use of the internet in perpetrating crimes in the world and its implications for international relations. In addition countries such as Nigeria, South Africa, Kenya, Cameroon, United States of America, United Kingdom and Australia reported to have high cases of cybercrime would be discussed. Their legislative efforts in combating the menace would also be discussed. 1.5 Hypothesis The emergence of technology has brought advancement in globalization and the overall drive towards development but a further increase in cybercrimes which threaten individual, national and global security. University of Ghana http://ugspace.ug.edu.gh 7 1.6 Conceptual Framework This study is situated within the concept of globalization, a concept that conceives the world as a whole niche which has many similarities and links that cut across political boundaries, national identities, and cultural differences. For the purpose of this study, Thomas Friedman‟s definition of globalization is used. He defines the concept as “not a mere phenomenon, but an overarching international system shaping the domestic politics and foreign relations to virtually every country.”21 Globalization has brought together various facets of issue areas, such as international trade, finance, telecommunication, religion, the merging of cultures, among others. In essence, globalization conveys the notion of a single community that is inextricably linked by a web of interactions. For instance, trade has accelerated, leading to the establishment of global institutions such as the World Trade Organization (WTO), to safeguard the overall interests of states in international trade. International finance is on the ascendancy, migration has accentuated as people move across borders in search of improved welfare. Health has assumed global dimensions, a fact evidenced by the rapid manner in which diseases move quickly across national borders. Technology has made it possible to communicate thousands of miles apart as the world is said to be “at one‟s fingertips”. Environmental issues have become global as corrosion in the environmental profile of one state, such as emission of greenhouse gases, has a snowballing effect on other states. Globalization analysts such as Joseph Stiglitz, James Mittelman, Thomas Friedman, Bhagwati Jagdish, among others, have explained the nuances of globalization, pointing both the positive dimensions and dysfunctions of globalization. There is a considerable University of Ghana http://ugspace.ug.edu.gh 8 degree of consensus that globalization presents both opportunities and risks. Obviously, globalization is a formidable tool for socio-economic and political development of states. Of concern to this research is that idea that globalization has the potential to trigger a universal pillage, a concept that denotes the exacerbation of insecurity in the light of globalization. At the heart of this research is the fact that globalization can also trigger insecurity globally. This is evidenced by the use of technology for criminal adventures, including defrauding, cyber terrorism, and computer hacking. It is in the light of the security implications of globalization that this research seeks to interrogate policy set up in response in the area of cyber crimes. 1.7 Literature Review Authors of various books who write on cybercrime have alluded to the fact that there is an obvious link between the concept of globalization and cybercrime. Susan W. Brenner explains in her book, Cyber Crime; Criminal Threats from Cyberspace that crimes carried out by cyber criminals often reflect the emotions of persons in the society. She further mentions greed, obsession and the desire for revenge as reasons why many crimes are committed. She explains that the amazing fact about cybercrime is the realization that victims may be at a distance or a world away from each other. A Twilight Zone episode aired in 1960 according to Brenner depicts how two aliens fiddled with the technology of residents of Maple Street resulting in humans turning against each other.22 She further argues that the only entities that could have implemented the said scenario in the Twilight Zone episode were utility companies. This perception currently does not hold as the present University of Ghana http://ugspace.ug.edu.gh 9 human population uses cyber space in an essential and irreversible way. The most significant aspect of cyber space according to her is that, access to it erodes the monopolization of power by governments and corporations. The book recounts the first reports of computer related crimes in the 1960s when large mainframe systems were used without the internet.23 It states that computer crimes committed without the internet were not so much of an international problem but on a company-to-company basis committed by staff. The writer further talks of the emergence of computer expertise commonly known as hackers. They often make secured areas accessible to anyone with the requisite computer knowledge. The activities of hackers have been the backbone of all cyber attacks in recent times. Yar Majid, in his work “Cybercrime and Society” views cybercrime as “not so much of a single, distinctive, kind of criminal activity; but more to a varied range of illegal and illicit activities that share in common the unique electronic environment (cyber space) in which they take place.”24 He argues that cybercrime is a phenomenon that affects a wide range of disciplines including criminology, sociology, law, socio-economy, cultural, media studies, science and technology business management and computing. Consequently, he states that different academic contributions tend to focus on some selected aspects of the cybercrime problem to the detriment or neglect of others.25 Yar talks about the effects of a non-consistent definition of cybercrime which to him affects law enforcement agencies and their ability to prosecute offenders. The author further in the book gives some reasons why cybercrime offences remain unreported. He states that in some cases victims consider the offence inadequately “serious” to warrant an arrest or they may feel that there is little likelihood of a satisfactory resolution. He classifies cyber crimes into two; the “computer-assisted” crimes which existed before the internet but takes on a University of Ghana http://ugspace.ug.edu.gh 10 new life in cyber space such as fraud, pornography, money laundering, theft and sexual harassment. The “computer –focused” crimes on the other hand without the internet could not have worked. These crimes consist hacking, viral attacks and website defacement.26 It is evident that the writer agrees with the fact that laws on cybercrimes are either limited or nonexistent and therefore the arrest and conviction of offenders would prove difficult. However he fails to identify cooperation among law enforcement agencies. According to George Curtis, cybercrime laws in recent times have experienced difficulty in keeping pace with advances in technology. He explains that this often affect any attempts to resolve issues relating to cybercrime. As a result, law enforcement agencies often attempt to solve issues relating to cybercrime by drawing some analogy to traditional crime. Curtis mentions that prior to 1984, crimes involving computers were prosecuted in federal courts under existing provision of the Federal Criminal Code dealing with other crimes, typically wired fraud. He further states that the first Federal Statute specifically addressing computer crime was the Counterfeit Access and Computer Fraud Act of 1984.27 Peter Gottschalk, in his book “Policing Cybercrime” describes cybercrimes as a global issue affecting almost all countries. The author agrees with Adam Salifu that the internet is a “double- edge sword that provides many opportunities for individuals and organizations to develop and prosper, but at the same time opportunities to commit crime.”28 Gottschalk mentions Nigeria, as a hub for cybercrimes.29 He explains that Advanced Fee Fraud is the most perpetrated offence by Nigerians. He states that cybercrime is a de-territorialized phenomenon that has surfaced with globalization. In his book, he classifies computer crimes as financial crimes and gives examples University of Ghana http://ugspace.ug.edu.gh 11 as fraud, theft, manipulation and corruption. He defines financial crimes as crimes against property, involving the unlawful possession of materials belonging to another and for one‟s own selfish gains.30 According to Gottschalk, cybercrime has gone beyond hacking into areas such as the development of fake websites which generates billions of dollars for offenders. The growth of these websites transcends countries and governments.31 In his view, most victims of these crimes are not to be blamed because development of fake websites are designed and made to appear as though they were original. This makes it difficult for users to identify it manually.32 He believes that people should be educated on what he terms as „fraud cues knowledge‟ which he explains as the basic designed elements unique to all websites. To him the unavailability of such elements automatically disqualifies a particular website. He believes these could serve as indicators for victims.33 1.8 Rationale of the Study It is hoped that this research raises awareness about the various trends of cybercrimes and its alarming rate of increase. It further looks at the implications for international relations and seeks to provide valuable information for policymakers, civil society groups and the media on the need to regulate and implement extensive policies to help combat the menace through global cooperation. University of Ghana http://ugspace.ug.edu.gh 12 1.9 Research Methodology and Sources of Data The study uses mainly qualitative data analysis in conducting the research work. This method focuses on using secondary sources related to cybercrime. The study mainly sourced secondary materials such as existing books, articles and journal articles from the Balme library, ISSER library and the LECIAD library. Materials were also sourced from the internet. 1.10 Arrangements of Chapters This study is divided into four chapters: Chapter one of the studies constitutes the Research Design. Chapter Two reviews the origin, history and types of cybercrime. Chapter Three looks at the implications of Cybercrimes for international relations and further discusses the laws and strategies put in place by global security agencies and governments in curbing cybercrime activities. Chapter four is a summary of the findings, conclusions and recommendations. University of Ghana http://ugspace.ug.edu.gh 13 ENDNOTES 1KPMG International Cooperative; Cybercrime: „Growing Challenge for governments‟, Issues Monitor Vol.8, July 2011, p. 2. 2ibid., p. 2. 3ibid., p. 2. 4Douglas W. Thomas and Brian D. Loader as cited by Yar M., Cyber Crime and Society, (London: SAGE Publications, 2005), p. 9. 5 Parton T., „Cyber Crime: Protecting Against the Growing Economic Crime‟, PWC Crime Survey, Nov.2011, p. 5. 6Sherman, T., „The Internationalization of crime and the World community‟s Responses in Action against Transnational Criminality‟, Papers from the 1993 Oxford Conference on International and White Collar Crime, Vol. II (Oxford: Commonwealth Secretariat, 1993.). 7 ibid. 8Kshetri N., The Global Cybercrime Industry: Economic, Institution and Strategic Perspective (New York: Springer Heidelberg Dordrecht, 2010). 9Yar M., Cyber Crime and Society, (London: SAGE Publications Ltd, 2006). p. 9. 10ibid., p. 2. 11ibid., p. 3. 12ibid., p. 3. 13 US Department of State, 2003 as cited by Yar Majid op.cit p.3. 14ibid., p. 3. 15 ibid., p. 3. 16KPMG International Cooperative., p. 9. 17 Warner Jason., „Understanding Cybercrime in Ghana: A view from Below‟, International Journal of Cyber Criminology (IJCC) ISSN Vol. 5, No.1, Jan-July 2011, p. 738. 18www.BBCnews.com (2012). 19 Gottschalk P., Policing Cyber Crime, (Peter Gottschalk and Ventus Publishing APS. 2010), P. 14. 20ibid., p. 14. 21 Friedman. T., The Lexus and the Olive Tree: Understanding Globalization, (New York: Harper Collins, 2000), p.7. 22 Brenner .W. S., Cybercrime: Criminal Threats from Cyber Space. (Santa Barbara, California: Greenwood publishing group 2010). P. 2. 23ibid., p. 2. 24Yar Majid., p. 5. 25ibid., p. 5. 26ibid., p. 10. 27 Curtis G., The Law of Cybercrimes and their Investigations. (Boca Raton, Florida: CRC Press, by Taylor and Francis Group, LLC. 2012). 28Adam S., „The impact of internet crime on development‟, Journal of Financial crime, Vol.15, No.4, 2008 as cited by Gottschalk P., Policing Cyber Crime. (Peter Gottschalk and Ventus Publishing APS,2010), p. 8 29 ibid., p. 14. 30ibid., p. 14. 31ibid., p. 17. 32ibid., p. 17. 33ibid., p. 17. University of Ghana http://ugspace.ug.edu.gh 14 CHAPTER TWO OVERVIEW OF CYBER CRIME 2.0 Introduction This chapter reviews the origin, history and development of cybercrime. The history is divided into two parts comprising history of cybercrime before the advent of internet and after the advent of internet. It has been argued by many scholars that cybercrime took the shape of a more skilled and sophisticated crime after the emergence of internet technology in the 1990s.The other part of the chapter further discusses the different definitions of cybercrime by scholars which helps understand the phenomenon better. The concluding part of this chapter focuses on the types of cybercrime which are commonly committed in the world. Since the advancement of technology and the emergence of the internet that brought about cybercrime, it has been referred to as crimes that happen specifically over networks. Cybercrime is the third top priority under the Federal Bureau of Investigations (FBI) in the United States of America. According to the FBI‟s estimation, cybercrime in the USA cost industries about US$400 billion in 2004.1 At the international level, cybercrime is one of INTERPOL‟S top five priorities.2 It is therefore of utmost importance to discuss how far the actions of cyber criminals have caused implications for international relations. 2.1 Origin of Cyber Crime According to Professor Susan W. Brenner, in her book titled “Cybercrime: Criminal Threats from Cyber Space”, she divided the origin of cybercrime into two phases, firstly from the time of University of Ghana http://ugspace.ug.edu.gh 15 mainframe computers to the 1990s when the internet and private computers were becoming more sophisticated and universal.3 The second phase according to the same book originates from 1990 to the present times. These two phases can further on be divided into two periods; prior to the emergence of the internet and the emergence of the internet.4 2.1.1 Cybercrime before Internet In the 1960s when computers were largely mainframe systems, the first imprint news of computer crimes were committed.5 Several companies in 1946 began working on a commercial mainframe and by 1951, the UNIVersal Automatic Computers (UNIVAC), created by a company of the same name was used by the Census Bureau.6 The importance of the UNIVAC (UNIVersal Automatic Computers) was known when in 1951 CBS TV Network used a UNIVAC to forecast the results of the Presidential elections in the United States of America7. This incidence also led to the popularization of the new technology. The world as at this period was introduced to a new type of computer which had a new set of multiprocessing and operational system. These were the mainframe computers which had no internet. In 1960, a typical IBM Mainframe cost several million dollars and also needed an entire room to house it.8 This type of computers required a special air conditioning system to ensure that its vacuum tubes would not overheat and fry the data in the computer.9 Computer crimes in the 1960s and 1970s differed from the cybercrime we deal with today. There were no internet and mainframes were not networked to other computers.10 It must be emphasized that at this period, only a selected group of researchers were allowed to use a University of Ghana http://ugspace.ug.edu.gh 16 mainframe. According to Brenner W. Susan, to access a mainframe, a researcher had to give the data to a key punch operator who used a machine to punch holes in “manila cards”.11 The holes code the researcher‟s data into a form the machine can read. The cards are then given to another operator who feds it into a machine that transmits the information to the mainframe. At some point, the researcher would receive a printout showing the machine‟s analysis of his data. Mainframes were expensive and not easy to be used due to the processes one had to go through. Only a few people could utilize it. Due to the fact that mainframes were not networked with other computers, only a few people were in the position to commit computer crimes.12 Those who had the opportunity to commit crimes were employees who had access to mainframes. The most common type of computer crimes in this era was financial crimes, whereby an employee uses his access to a mainframe computer to improve his life. An example of such an incident was committed in the mid-1960s, by Val Smith (an alias), an accountant who used UNIVAC to automate billing processes to dummy companies he had set up to provide imaginary services to his employer. He is reported to have made $250,000 a year.13 In California, a teller used his access to a bank‟s computer to steal more than $100,000 from his employers.14 The crimes committed before the emergence of the internet had one thing in common. The victims were a company, an institution or a government agency who could afford to buy the mainframe computers.15 However one must know that these crimes were generally incapable of inflicting “harm” on an individual. In the 1970s, the use of computer systems and computer data increased further.16 At the end of the decade, an estimated number of 100,000 mainframe computers were operating in the United States.17 University of Ghana http://ugspace.ug.edu.gh 17 2.1.2 Cybercrime after the Emergence of Internet The Internet‟s rapid growth has far outpaced methods of regulatory control, and this has led to the emergence of new criminal opportunities and presented important challenges for policing across all corners of the globe.18 In the 1980s, personal computers became popular with an increasing interest in the development of software by the youth at the time and also researchers. This period also saw the emergence of the first forms of software piracy and crimes related to copyright.19 The 1990‟s saw an era whereby the internet growth was tremendously fast due to globalization. This was the time when personal computers and internet were becoming sophisticated and criminals emerged to take advantage of the opportunities and vulnerability both offered.20 The emergence of networking during this time enabled offenders to enter a computer system without being present at the crime scene. The period came with an opportunity which allowed culprits to spread malicious and computer viruses.21 The 1990s saw the introduction of the graphical interface (“www”) followed by a rapid growth in the number of internet users which led to new challenges. With the help of the internet in the 1990s, local crimes such as theft, fraud, money laundering and others committed in the 1960s and 1970s became rated as transnational crimes because they defiled boundaries of countries. Further, information legally made available in one country was made available globally-even in countries where the publication of such information was criminalized.22 In December 1995 there was an estimated 16 million people who could use the internet worldwide. The figure rose to over 580 million by May 2002 which was almost 10 percent of the world‟s total population.23 University of Ghana http://ugspace.ug.edu.gh 18 The 21st century came with its highly advanced methods of committing crimes such as “phishing”24 and botnet attacks.25 The spread of internet- related crimes was more frequent in areas like the USA, Canada, Europe, Australia and Japan.26 The internet crimes that emerged during this period were known as hacking and not cybercrime as now called. Hackers interfered with the systems they invaded and has been established as one of the crimes that come within the domain of cybercrimes. The most notorious hacker of the 1990s was Kevin Mitnick. He grew up in Southern California and was a phone phreak. In 1988, he hacked a computer at the NASA Jet Propulsion Laboratory and the same year FBI agents arrested him for hacking the Digital Equipment Corporation and stealing prototype operating system software valued at $1million. The company alleged that it spent $4million tracking Mitnick‟s invasion into their system.27 Other hackers such as Edwin Pena and Robert Moore in 2006 were arrested by the FBI for hacking into phone services to resell for profit. They were further accused of hacking the networks of 15 communications providers and hundreds of businesses.28 Today‟s crimes cause humiliations to individuals, institutions and governments in general because of the dependency on electronic devices. Currently people handle their businesses in their homes just with a click of a button. The over dependency on the internet has led criminals to re-strategise their ways of operations. 2.2 Definitions of Cyber Crime The term cyber is derived from the word cybernetic, taken from the Greek word “kybernetes”.29 The term was invented in 1948 by a United States Mathematician Norbert Wiener, the originator of cybernetics who defined it as “a formalization of the ideas of feedback, with many University of Ghana http://ugspace.ug.edu.gh 19 implications for engineering, systems control, computer science, biology, philosophy and the organization of society”.30 Wiener saw cybernetics as a research tactic which was to help bring all disciplines together in researching. The United States Department of Justice in an attempt to define cybercrime summaries the definition in a three-stage classification:  Crimes in which the computer or computer network is the target of the criminal activity. For example, hacking, malware and Dos attack.  In an existing offence where the computer is a tool used to commit the crime. For instance child pornography, stalking, criminal copyright, violations and fraud.  Crimes in which the use of the computer is an incidental aspect of the execution of the crime but may help generate evidence of the crime. For example, addresses found in the computer of a murder suspect, or phone records of conversations between an offender and a victim before a homicide. In such cases the computer is not significantly implicated in the commission of the offence, but is more of a repository for evidence.31 Cybercrime is defined as crimes committed through illegal use of computer systems. The United Nations Congress on the Prevention of Crime and Treatment of Offenders, at its tenth workshop devoted to the issues of crimes related to computer networks, defined cybercrime in two sub categories: Cybercrime in a narrow sense and cybercrime in a broader sense.  Cybercrime in a narrow sense is related to any illegal behaviour operated by using the electronic medium which targets the safety of computer systems and the data processed by them. University of Ghana http://ugspace.ug.edu.gh 20  In a broader sense, it is also defined as any illegal behaviour committed using a computer system or networks. It includes crimes like illegal possession and distributing of information using a computer system or networks.32 Another definition is by Pavan Duggal, a cyber law expert who states that, “any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cybercrime.”33 In his view, every crime committed on a computer connected to the internet is always a cybercrime. Douglas Thomas and Loader Brian describes cybercrimes as “computer-mediated activities which are either illegal or considered illicit by certain parties and which can be conducted through global electronic networks.”34 They further explain that, the global connectivity of the internet makes it much easier for criminals to act beyond national boundaries to conduct their illegal affairs. In the same way, the United States Department of Justice (DOJ) defines computer crimes as “any infringement of criminal law that involves knowledge of computer technology for their perpetuation, investigation or prosecution.”35 The Department further expands the definition of cybercrime to include, any activity that uses a computer for the storage of evidence. With this definition the DOJ sees cybercrimes as crimes that are committed with the sole intention of using the computer system for an unlawful operation. Another view of what is cybercrime is more easily expressed by David Wall who categories cybercrimes into four established legal grouping: a) Cyber-trespass which implies the crossing of boundaries to possess people‟s property and further causing harm. He gives examples of such activities as hacking and the spreading of defacement viruses. University of Ghana http://ugspace.ug.edu.gh 21 b) Also deception in cyber space and thefts or stealing of either money or property using credit cards or piracy is considered as cybercrime. c) Cyber pornography is also another illegal breach of the law. It defiles the morality and decency in the society. d) Cyber-violence and the causing of psychological harm to a person is a cyber offence. Wall further explains that rousing up physical harm against others, thereby violating laws relating to the protection of the person is a cybercrime. The practicing of hate speeches and stalking on the internet is also prohibited. This definition confirms the views of scholars that cybercrime does not take into account the boundary limitations of a country.36 The Council of Europe‟s Convention on Cybercrime‟s definition of cybercrime has also come to be of legal standing. The Convention which was established in 2001 is aimed at protecting society against cybercrime by adopting appropriate legislations and fostering international co- operations. The Convention defines cybercrime in four main categories according to its nature. a) Offences against the privacy, integrity and availability of computer data and systems. This is mentioned in Article 2 to 6 of the Convention; b) Computer-related offences which include computer related forgery and fraud. Articles 7 and 8; c) Content-related offences; this contains certain provisions for offences related to child pornography. Article 9 is important to it; University of Ghana http://ugspace.ug.edu.gh 22 d) Offences related to the infringement of copyrights and related rights, this explained in Article 10 of the Convention.37 2.3 Types of Cybercrimes According to scholars these are the most committed cybercrimes in the world: 2.3.5 Hacking Hacking has been a very frequent form of cybercrime in recent times. It can be referred to as the testing and exploring of computer systems, highly skilled computer programming or the practice of accessing and changing other people‟s computer. It is often intended to disrupt the normal behaviour of network connections and connected systems. Hacking may be carried out with honest aims or with criminal intent.38 2.3.6 Computer Virus A computer virus is a computer program that connects to an application program or other system software which subsequently activates, causing severe damages to computer systems or files.39 2.3.7 Malicious Software (Malware) Malware (for “malicious software”) is a general term for software designed to damage or subverts a computer or information system.40 Some malicious software includes viruses, worms, Trojan horses, backdoors, spyware, and programming that gather details about a computer user without permission.41 Brief explanations to these Malicious Software  Spyware- Spyware is any technology that helps in getting information about a person or an organization without them knowing. It can also be programmed into someone's computer to assist in obtaining secret information about the owner of the computer. The information obtained is sometimes passed on to advertisers or other interested parties. University of Ghana http://ugspace.ug.edu.gh 23 Spyware can get in a laptop as a software virus or as the result of installing a new program.  Virus- A virus is a program or programming code that continuously repeats itself when copied or initiating its copying to another program, computer boot sector or document. Viruses can be spread as attachments to an e-mail note or in a downloaded file and are most often present on diskettes or compact disks (CD).  Worm- Worms are self-replicating viruses that do not change files but duplicates it. Worms are commonly noticed only when their uncontrolled replication guzzles system resources, slowing or halting other tasks.  Logic bomb- A logic bomb is a programming code which is mostly inserted either secretly or deliberately. It is designed to execute its functions under circumstances such as the drop of a certain amount of time or the failure of a program user to react to a program command. It can also be referred to as a delayed-action computer virus or Trojan horse. When a logic bomb gets to its peak of destruction it displays or prints out false messages, delete or corrupt data and can have other undesirable effects.  Trojan (Trojan horse) - A Trojan horse is a program where malicious or harmful codes are contained inside. This is seen as harmless programming or data which can be controlled. Trojan horses can ruin certain areas on a hard disk and may be generally redistributed as part of a computer virus.42 University of Ghana http://ugspace.ug.edu.gh 24 FIGURE 1 How malicious software affects computers Source: www.blogs.technet.com 2.3.4 Botnets A botnet is a gathering of internet-connected programs that correspond with other similar programs in order to perform tasks.43 This can be normal as keeping control of an Internet Relay Chat (IRC) which is a procedure for live interactive internet text messaging (chat). It can be used to send spam email or take part in a distributed denial of Service attack (DDos).44 Computers can be co-opted into a botnet when they execute malicious software. These enable a cyber criminal to remotely control an infected computer over a network.45 Such an affected computer is often called a “robot” or “bot” computer. When several computers are affected with a backdoor ;( a University of Ghana http://ugspace.ug.edu.gh 25 category of malware) and become a bot, they can be simultaneously controlled from a single remote „command and control‟(C&C) mechanism.46 These remotely controlled networks of bot computers are known as “botnets” FIGURE 2 The biggest botnets for 2009 Source :MessageLabs, MessageLabs Intelligence:2009 Annual Security report, December,2009 p.8 as quoted in Hackers, Frausters and Botnets: Tackling the Problemof Cybercrime report by the Parliament of Australia in 2010 According to the Cyberspace Law and Policy Centre (CLPC), from the University of New South Wales,botnets are considered to be one of the biggest enablers of cybercrime. The Law further states that almost every major online crime being committed in the world can be traced to botnets.47 University of Ghana http://ugspace.ug.edu.gh 26 FIGURE 3: Initiation,growth and function of a botnet Source: OECD Committee for Information, Computer and Communications Policy, Malicious Software (Malware): A Security Threat to the Internet Economy, OECD, June 2008 p.23 2.3.5 Spam A spam is the electronic equivalent of a “useless mail” which is unwanted and usually sent in bulk to thousands or even millions of people as messages at a time. Spam impedes the flow of legitimate internet messaging around the world. A spam is executed by the computerized University of Ghana http://ugspace.ug.edu.gh 27 harvesting of email accounts and by spyware. Some spam advertises unwanted products which are often harmless.48 2.3.10 Phishing Phishing is the making of an effort to acquire information such as usernames, passwords, and credit card details through illegal means masquerading as a trustworthy entity in an electronic communication.49 The Australian Institute of Criminology in its High Tech Crime Brief, Canberra, 2006 provided an example of a Phishing website which shows how a website has been forged. The Figure 4 shows the top section of a web page which appears to be from the legitimate “Bank of the West” website. Figure 4: Example of phishing. Source: Australian Institute of Criminology, Exhibit No.5, and p.8 as quoted in in Hackers, Frausters and Botnets: Tackling the Problemof Cybercrime report by the Parliament of Australia in 2010. However, in Figure 5 shown below it would be proven how, upon a closer view of the web address in the top bar of the browser, it can be seen that the „W‟ in the “Bank of the West” has been replaced with two „V‟s to give the appearance of a W. University of Ghana http://ugspace.ug.edu.gh 28 Figure 5 close up of the web address in Phishing website. Source: Australian Institute of Criminology, Exhibit No.5, and p.8 as quoted in in Hackers, Frausters and Botnets: Tackling the Problemof Cybercrime report by the Parliament of Australia in 2010. 2.3.11 Scams Online scams have become another profitable activity for cyber criminals. Some of the scams are romance scams, Advanced Fee Scams, fake lottery and ticketing or online shopping scams.50 The Federal Trade Commission(FTC)51 have listed some commonly used scams being used by scammers. The Commission is however of the view that these listed scams are merely “recycled scams” that where being used before the emergence of emails and which have now become the predominantely used approaches by scammers. The List includes;52  Bogus business opportunities  Chain letters  Health and diet scams  419 Advanced Fee Fraud and;  “Free” goods scam The following sections describe some common fraud schemes initiated through email: University of Ghana http://ugspace.ug.edu.gh 29 Bogus Business Opportunities The work of these scammers is to promise their victims of an opportunity beyond their wildest dreams which is expected to make them a great deal of money within the shortest time. It is the responsibility of these scammers to entice their victims with headline emails such as “Be your own boss”, “Make $100 a day”, “Work only 8 hours a week” and “Work from home.” These emails can further have subjects lines that look like the following;  Get Rich Quick  Use the Internet to make money  Make your Computer Work for you very efficiently!  Succeed by Using the Internet. These scammers mostly provide their victims with addresses or websites from which one can for a fee acquire an “information kit” or a form to fill. Health and Diet Scam This type of scammers play on the emotions of their victims who feel insecure either about their figure or health status. Such victims are persons who find it difficult to discuss their problems with doctors,families and also find it financially difficult to afford drugs. The scammers offer them solutions which seem to be easily accessible and cheaper. The emails have subject titles that read like the following:  DECERASE YOUR WEIGHT FAST,  Feel Healthy and younger  Enhance your Sexual Performance Drastically  Fight Cancer at the lowest cost University of Ghana http://ugspace.ug.edu.gh 30 While these drugs have testimonies online by supposed users, they are in most cases fake. 419 Advanced Fee Fraud The term „419‟ is taken from the section of the Nigerian Penal code that addresses fraud. These type of scam have been associated with Nigerian citizens across the world. 419 scams are identifiable by their subject lines like URGENT REPLY NEEDED and Re: Pleased to meet you! A „419‟ Advance Fee Fraud comes in the form of an email that looks like this Date: Wednesday, August 24, 2008 5:55 PM -0700 From: "Mr. Henry BasseyUdoma" To: mrtarget@example.com Subject: From: Henry (Regarding Dr. H. Paul Jacobi) From: Henry (Regarding Dr. H. Paul Jacobi) Hello, I am sending you this private email to make a passionate appeal to you for assistance. Kindly accept my apology for contacting you this way and forgive me if this is not acceptable to you. My name is Henry Bassey Udoma; I am an auditor at one of the Nigerian Banks. On Tuesday, 19 January, 2006, one Dr. H. Paul Jacobi a foreigner, made a numbered time (Fixed) Deposit, valued at £10,550,000.00 (Ten Million, Five Hundred and Fifty Thousand Pounds) for twelve calendar months in my Bank Branch. Upon Maturity, we sent a routine notification to his forwarding address but got no reply. After a month, we sent a reminder and finally we discovered from his company that Dr. Paul A. Jacobi was aboard the Egypt Air Flight 990, which crashed into the Atlantic Ocean on October 31, 2006. After further investigation, it was discovered that he died without making a WILL and all attempts to trace his next of kin proved abortive…53 With this the scammers try to get the victim to sympathize with them, and then slowly convince the victim of the legitimacy of their deals with usually forged documents to back their claims. After the necessary verifications, the perpetuators further request that the victims make advance money to pay bogus fees or bribes to get the transactions through. 2.3.12 DNS Based Attacks The Domain Name System (DNS) decodes web and e-mail addresses into arithmetical strings, serving as a kind of telephone directory for the internet. Every internet request has to go through University of Ghana http://ugspace.ug.edu.gh 31 a DNS Server and DNS is one of the foundations of the internet. Thus, the DNS enable users have easy access to computers that host web pages without the need for complicated codes. Cyber criminals subvert the DNS in a number of ways, such as „domain hijacking‟ where a cyber criminal takes control of a domain name by stealing the identity of a domain name owner. The hacker then uses this domain name to host a malicious website. DNS hijacking needs the serves of a Trojan that changes the settings on a user‟s computer to access the DNS server instead of legitimate ISP server, thus enabling users to be diverted to false websites.54 Figure 6 shows how DNS works: Source: www.bustathief.com accessed on 10th June 2013 University of Ghana http://ugspace.ug.edu.gh 32 2.3.13 Spoofing The word “spoof” means to hoax, trick, or deceive. In the IT world, spoofing refers to tricking or deceiving computer systems or computer users. This is typically done by hiding one‟s identity or faking the identity of another user on the internet.55 2.3.13.1 Cyber Terrorism According to Dorothy Denning, a security expert, cyber terrorism is “politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage.”56 University of Ghana http://ugspace.ug.edu.gh 33 ENDNOTES 1Alkaabi, A.O.S., „Combating Computer Crime: An International Perspective‟, An Information Security Institute Paper, Queensland of Technology University, October 2010. 2Kshetri N., „The Simple Economics of Cyber crimes‟, IEEE Security and Privacy, 2006. 4, No.1, pp.33-39. 3Brenner S. W., Cybercrime: Criminal Threats from Cyber Space.(Santa Barbara, California: Greenwood Publishing group 2010), p. 46. 4ibid p. 46. 5ibid p. 46. 6Campbell-Kelly M. and Aspray W., Computer: A History of the Information Machine, Second Edition, (Boulder: West view Press, 2004) p. 100-121. 7ibid. 8 Levy S., Hackers: Heroes of the Computer Revolution (New York: Doubleday, 1984), p. 19. 9ibid p. 19. 10Brenner Susan W., p. 10. 11 A manila card is a type of paper from a semi-bleached wood fibre which has better printing qualities. It originates from the Philippines and can be referred to as „vanilla paper‟ and given to children to draw their art. 12Ibid., p. 11. 13Ibid., p.10. 14ibid., p. 12. 15ibid., p.12. 16Quinn, Michael J, „Computer Crime: A Growing Corporate Dilemma‟, The Maryland Law Forum, Vol. 8, 1978, p. 48. 17Stevens, M.. L., „Identifying and Charging Computer crimes in the Military‟, Military Law Review, Vol. 110, 1985 p. 59 as quoted in an Gercke, Marco „Understanding Cybercrime: Phenomena, challenges and legal response‟ ITU Publication, , 2012. 18Smyth S. and Carleton R., „Measuring the Extent of Cyber Fraud in Canada- A Discussion Paper on potential Methods and Data Sources‟, Organized Research Brief, Public Safety Canada, 2011. 19Bloom Becker, J, (ed.) „The Trial of Computer Crime‟, Jurimetrics Journal, Vol. 21, 1981, p. 428. 20Brenner Susan W., p. 23. 21 Malicious software is a general term for software designed to damage or subverts computer or information systems. A computer virus is a computer program that connects to the application or other system software which subsequently activates, causing severe damages to a computer system or a file. 22Sofaer A. and Goodman S. (eds.), Cybercrime and Security-The Transnational Dimension, (Stanford, California: Hoover Institution Press, 2001), p. 7. 23Yar M., Cyber crime and Society, (London: SAGE Publication Ltd, 2006), p. 7. 24The term “phishing” describes an act that is carried out to make the victim disclose personal/secret information. The term originally described the use of e-mails to “phish” for passwords and financial data from sea of Internet users. 25Botnets is a short term for a group of compromised computers running software that are under external control. 26Khadam N., „Insight to Cybercrime‟, available at http:// www.hanyang.ac.kr/home-news/H5EAFA/002/101/2012. 27Mitnick Kevin‟s, history is taken from these sources, cyber punks, Hafner Katie and Markoff John and Cyber crime, Brenner, Susan W. as quoted by Khadam, Nadia‟s; Insight to Cybercrime p. 65. 28 Brenner Susan W. p. 30. 29http://en.wiktionary.org/wiki/cybernetics accessed on 5th June 2013. 30Ibid. 31Computer Crime and Intellectual Property Section, US Department of Justice, The National Information Infrastructure Protection Act of 1996, Legislative Analysis (1996). Available at www.cybercrime.gov/1030analysis.html. 32The UN Congress on the Prevention of Crime and the Treatment of Offenders, Vienna, 10-17 April, 2000. P. 5 33http://www.rediff.com/netguide/index.html. University of Ghana http://ugspace.ug.edu.gh 34 34 Douglas T. and Loader B., (eds.); Cybercrime : Law enforcement, Security and Surveillance in the Information age, (London: Routledge, 2000), p. 3. 35Sheri A. D. et al., Note, Computer Crimes, 35 Am. crim.L. Rev.503, 505 (1998) (defining computer crime) (quoting national institute of justice, U.S Dept‟s of Justice, computer crime: Criminal Justice Resource Manual 2 (1989). 36Wall D., Cybercrime: The Transformation of crime in the information age, (Cambridge: Polity Press .2007), pp. 3- 7. 37Council of Europe Convention on Cybercrime, (Budapest, 23.XI.2001). 38Urbas.G and Choo. K.R, “Resource material on technology-enabled crime”, AIC, Canberra, 2008, p. 83 39Baiden,J..E.,“CyberCrimes”,Final Paper, Central University College, 2011.Electronic copy available at http://SSRN.com/abstract-id1873271 40Urbas G. and Choo K.R, op. cit. 41www.starstandard.org/guidelines/DIG2012v1/ch11s03.html.accessed on 10th June 2013. 42ibid. 43https://en.wikipedia.org/wiki/Botnet. 44ibid. 45„Hackers, Fraudsters and Botnets- Tackling the Problem of Cybercrime‟, The Report of the Inquiry into cybercrime.House of Representatives Standing Committee on Communication, Canberra, Commonwealth of Australia .Html version).2010. 46ibid. 47Cyberspace Law and Policy Centre(CLPC), submission 62, p.3 from http://www.cyberlawcentre.org/index.html. 48AIC, High Tech Crime Brief: More malware-adware, spyware, spam and spim, AIC, Canberra, 2006, p.1. 49www.en.wikipedia.org/wiki/phishing. 50AIC, Submission 41, p.4; Mr. Scott Gregson, Australian Competition and Consumer Commission (ACCC), Transcript of Evidence, 18 November 2009,p.1: ACCC,Exhibit 16, p.10. 51http://www.ftc.gov/opa/1998/07/dozen.shtm. 52US-CERT: „Recognizing and Avoiding Email scam‟, produced a government organization for cyber security tips, 2005 and updated 2008. 53 www1.villanova.edu/villanova/publicsafety/crime/recognizing_and_avoiding_email_s.html. 54Hacquebord F. and Lu.C, „Rogue Domain Name System Servers‟, Trend Labs Malware Blog, Trend Micro, 27 March 2007, viewed 6 June,2013http://blog.trendmicro.com/roguedomain-name-system- servers-5breposted5d. 55Spoofing, http:// www.techterms.com/definition/spoofing accessed on 11th June 2013. 56Denning D., „Activism, Hackism, and Cyber terrorism: The Internet as a tool for Influencing Foreign Policy‟ in John Aquilla and David Ronfeldt, (eds.), Networks and Net wars, (Rand Corporation, 2001) p. 241. University of Ghana http://ugspace.ug.edu.gh 38 CHAPTER THREE IMPLICATIONS FOR INTERNATIONAL RELATIONS 3.0 Introduction This chapter tests the hypothesis which shows how the emergence of globalization has brought advancement in technology but a further increase in sophisticated cybercrimes which threatens individual, national and global security and the overall drive towards international development. In sum the chapter looks at the social, economic, market value and national security implications of these cybercrimes. The work also looks at the challenges or weaknesses faced by security agencies and governments in enforcing laws and regulations which makes them powerless in arresting the situation. The chapter further discusses the need for a collective approach in dealing with the cybercrime menace. 3.1 Internet and Cybercrime The development of advanced computer crime in the 21st century is due to the use of the internet. The term internet can be defined as the gathering of millions of computers that provide a network of electronic connections between the computers.1 In 2011, at least 2.3 billion people, equivalent to more than one third of the world‟s total population had access to the internet.2 The United Nations Office on Drugs and Crime (UNODC) report of 2013 stated that as at 2011, 62 per cent of all internet users were in developing countries. It further reported that some 45 per cent of the world‟s internet users were below the age of 25 years.3 These statistics show the dependence of society on the internet. However the emergence of the internet has brought up a new twist known as the cybercrime. The weightiness of the emergence of cybercrime was more evident when the University of Ghana http://ugspace.ug.edu.gh 39 Love Bug virus of 2000, damaged millions of Windows personal computers and was estimated to have cost computers worldwide $ 3 billion and $15 billion.4 Organized crime groups are using the internet for major fraud and theft activities. There are trends indicating organized crime involvement in white collar crimes. As criminals move away from traditional methods of criminal activities, internet-based crime is becoming more prevalent. Internet- based fraud has earned criminals millions per year leading to loss of investors making it a productive area for such crimes. Cybercrime like other crimes has its different effects on the respective society and the world at large. By the observation of cybercrime and its phenomenon it is revealed that like other crimes it has affected negatively on the social, economies, market value and the national security setup of governments of states in the world. This chapter therefore seeks to outline the implication of cybercrime on International Relations. 3.2 Social Implications As today‟s consumer has become increasingly dependent on computers, networks and the information these are used to store and preserve, the risk of being subjected to cybercrime is high. Cybercrime has social implications on developed and developing countries. Despite the fact that cybercrime affects developed countries, it has a more rippling effect on developing and under developed countries that turn to have a high financial cost in handling cases with respect to investigations and prosecuting of fraudsters. These developing countries most often have to budget for the fighting of cybercrimes and ignore other important social projects for the advantage of the society. Nations and individuals put up with two main disadvantages of cybercrimes: one being target of cybercrime and secondly the allocation of national funds for its University of Ghana http://ugspace.ug.edu.gh 40 prevention, ignoring any other national problem or program that might be of great importance to them. One other social impact is described by Elgie McFayden Jr. in his paper “Implications of White collar crime”, that in some part of the world the youth perceive white collar crimes as a way of getting quick wealth for themselves and their families.5 During this period, they fail to recognize the implications of these acts. The emergence of online social networks, including Twitter and Face book, has also provided a ready supply of millions of prospective scam or fraud victims. According to reports sponsored by the Better Business Bureau Online, over 80 per cent online shoppers cited security as a primary worry when conducting business over the internet. About 75 per cent of online shoppers stop an online transaction when asked for their credit card details. The view that the internet is an avenue for widespread credit card fraud and security hazards is growing. This has been a problem for e-commerce. Consumer perception can be just as powerful or damaging. Hence users concerns over fraud prevent many online shoppers from transacting business. Concern over the credibility of an e-business in terms of being unsafe or cluttered makes a shopper reluctant to transact business. Even the slightest perception of insecurity seriously hinders potential business.6 3.3 Economic Implications Information and Communication Technology (ICT) plays an important role in the economic aspects of every company and state. The advancement in ICTs helps improve a person‟s access to information and provides a faster, cheaper and a more reliable means of communication. It has University of Ghana http://ugspace.ug.edu.gh 41 further contributed to the improvement of products in terms of their design, reproduction and also their distribution process. The internet has helped economies of states to move to the international scene with their domestic products by helping to advertise their products. Unfortunately, the internet is a double edge sword which has introduced cybercrimes that negatively affects the economy of a country. It affects the Gross Domestic Product (GDP), the Gross National Product (GNP), income levels, inflation levels and the economic structure of an economy.7 The financial costs to economies from cyber attacks consist of the loss of intellectual property, financial fraud, low productivity and damage to reputation of a business.8 The loss of revenue and low productivity, make up a large proportion of the reported cost of cyber attacks and viruses.9 Other businesses also face damages from financial fraud and theft of intellectual property over the internet. As the economy increases its reliance on the internet, it is exposed to all threats posed by cyber criminals. In modern times, stocks and bank transactions are performed by the use of the internet. Currently purchases of goods have moved from shops to the use of credit card. All instances of fraud in such transactions impact the financial state of the affected company and hence the economy of the state. According to a 2011 Norton report on cybercrime, over 74 million people in the United States were victims of cybercrime in 2010. The report further stated that these criminal acts resulted in $32 billion in direct financial losses. The subsequent 2012 Norton report on cybercrime also stated that the global price tag of consumer cybercrime has risen to US$110 billion annually. With the interdependence of the world‟s economic system, the disruption in one region or country of the world will have ripple effects in other regions. Hence any disruption of these University of Ghana http://ugspace.ug.edu.gh 42 markets such as that in the United States could send shock waves to the other markets globally.10 The world through the attacks from worms, viruses, botnets and others has productivity at risk. Machines of factories could perform more leisurely; servers might be difficult to get to, networks might be blocked and so on.11Such instances of attacks affect the productivity of the user, the organization, and the economy of a state. In addition, user concern over potential fraud prevents a substantial cross-section of online shoppers from transacting business. This can also result in the loss of a considerable portion of e-commerce revenue generation among states. Table 3.1 Global Statistics on Incidence of Cybercrime Hacking In 2008, Verizon Communication Inc. observed the compromise of over 180 million business records due to hacking. Malware Symantec Corporation, American global computer security software corporations detected a total of approximately 2.6 million different malware programs 60 per cent of which were detected in 2008. Malware Infection via legitimate sites web A 2007 study of 4.5 million web pages by Google found that one out of every ten websites contained malware. Botnets - McAfee estimates that nearly 40 million computers were recruited to botnets in the first three quarters of 2009. - The internet society of Australia submitted that estimates of the number of bot computers range from five percent of all computers connected to the internet. (over 250 million) DDoS attacks Telstra Corporation Limited in Australia submitted that the size of the largest DDoS attacks increased a hundred folds between 2001 and 2007, from 0.4 gigabits per second to 40 gigabits per second. University of Ghana http://ugspace.ug.edu.gh 43 Cybercrime industry Verizon reports that 91 per cent of the data breaches it observed in 2008 were linked to organized criminal networks. Phishing and Spam - In the year 2008, Symantec noticed a 349.6 billion spam messages across the internet. - Symantec claims that in 2008 approximately 90 per cent of spam was sent via botnets. - The Anti-Phishing Working Group, an international consortium of organizations against phishing identified over 210 thousand unique phishing websites in the first half of 2009. Source: Verizon Business, 2009 Data Breach Investigations Report. Verizon Business, 2009, p.2; Australian Communication and Media Authority, Submission 56, pp.4-7; Symantec Corporation, Symantec Global Internet Security Threat Report: Trends for 2008, Symantec Corporation, April 2009, pp.10, 16-90; McAfee Inc, McAfee Threats Report Third Quarter 2009, McAfee Inc, 2009, p.3; Internet Society of Australia, Submission 45, pp.3-4; Telstra, Submission 43.1, p.2; Anti-Phishing Working Group, Phishing Activity Trends Report: 1st Half 2009, APWG, 2009, p.3; BBC News, Google searches web’s dark side, online news article, 11 may 2007, viewed,