Safer Internet: Let’s kick off the conversation

When we talk about technology and crime, or technological crime, we probably refer to crimes using new technologies, that is information and communication technologies (ICTs).

Toufique Imrose Khalidibdnews24.com
Published : 29 August 2015, 06:44 AM
Updated : 30 August 2015, 05:16 PM

It is very difficult to define, as new technologies continue to emerge and the examples become redundant. In some cities in some countries, burglary is a forgotten thing, thanks to burglar alarms.

Closed-circuit TV cameras solve a lot of problems but they create quite a few. Surveillance helps, serving as a powerful deterrent. But all these prying eyes of cameras installed in the name of security become a huge nuisance for some of us; citizens’ groups often raise their voice about invasion into our privacy.

At times, these surveillance cameras have caught images not authorised by the law. We have one recent example in Bangladesh. Grooming and other personal service provider, Persona, was allegedly, going beyond limits and suddenly found itself in the news headlines.

Carjacking once became very common even in countries where the car population outstripped the human population. There came the technology – alarms, tracking devices, keys with ability to read its owner’s fingerprints – to supplement all the other existing ways of finding or tracking down a stolen car.

For someone who is neither a techie, legal professional, nor a law enforcer but merely a newsgatherer and publisher, the perspective is different. In my struggle to put something together in this particular case, I consulted my colleagues and friends who take interest in such matters.

The first thing that came to mind in most cases was: The tragedy at Ramu.

My colleagues worked overnight to tell the story to the world – the Prime Minister was then out of the country. In New York, meeting world leaders, the Prime Minister ordered immediate response to support the victims and find out the culprits.

But no one had any idea what triggered the incident. Very soon, it emerged that someone used his Facebook page to say something that provoked the angry outbursts of zealots. Then it was confirmed that a certain someone did exist but the Facebook page in particular had not been created by that someone. Yes someone else had done it. This was a clear case of incitement of religious hatred using the opportunities created by cyberspace.

And then, how can anyone forget the ill-fated blogger Ahmed Rajib Haider?

 

The slain blogger was called all sorts of names by the fanatics. That he was an atheist and that he had committed blasphemy, defamed the Prophet through his blog posts.

A colleague of mine did some investigation to prove that the blog site which was claimed to be Rajib’s was not in fact his, and that the posts were uploaded after his death.

Someone or a group of people with a terrible mind did it all. They used technology and committed a crime.

A female colleague came up with this as I asked her for a few examples, especially on whether she had any personal experiences.

Shamima Binte Rahman studied archeology at Jahangirnagar University and became a journalist working for some of the top news outlets in Bangladesh for the last 15 years or so. She’d just returned from India, having finished a second two-year Master’s degree there.

Sometime in October, 2014, she received this on her Facebook inbox.

“BlackBerry riots”

Some of you may remember riots in England just over four years ago.

Between the 6th of August and the 11th of August 2011, thousands of mostly youths rioted in several districts in London and in cities and towns across England. The chaos that ensued led to looting, arson, and mass deployment of police. The events were called "BlackBerry riots" because people used mobile devices and social media to organise them.

Now look at the way the law-enforcement mechanism responded.

Two Facebookers jailed

Jordan Blackshaw, 20, set up an "event" called Smash Down in Northwich Town for the night of August 8 on the social networking site but no one apart from the police, who were monitoring the page, turned up at the pre-arranged meeting point outside a McDonald’s restaurant. Blackshaw was arrested instantly. Two young men, including Blackshaw, were jailed for four years.

The UK’s Crown Prosecution Service said in a statement that the men's posts on Facebook "caused significant panic and revulsion in local communities as rumours of anticipated violence spread."

Hacking

Last year, Apple Inc.’s iCloud storage service in China was attacked by hackers trying to steal user credentials, according to a Chinese web monitoring group.

Using what is called a “man-in-the-middle” (MITM) attack, the hackers interposed their own website between users and Apple’s iCloud server, intercepting data and potentially gaining access to passwords, iMessages, photos and contacts, Greatfire.org wrote in its blog post.

This was a clear case of invasion of privacy and data piracy. If you are not careful about how you handle your iCloud account, you could be in trouble. Around the same time as the China incident, several top celebrities paid a heavy price.

Defining technological crime

The disturbing link between technology and crime continues to gain new dimensions almost every day. Quite justifiably, the experts do not agree on what should be included in the definition of technological crime. According to some, cybercrime includes only a pure computer dimension – electronic networks, virtual space, hacking etc. Others advocate a broader range as long as there is a technological or computer component involved.

In the absence of a specific definition, attempts have been made to classify technological crimes to better understand and differentiate them. There are two categories of crimes, which can be referred to as technological crimes while law-enforcers in various countries try to grapple with the constantly-evolving nature of offences committed by intelligent perpetrators.

One is of course "pure" computer crimes – the ones that cannot be committed without computer technology. The advent of electronic networks and digital data has created new criminal opportunities. And this new virtual world has certain vulnerabilities, which criminals have tried to exploit.

Such crimes include stealthily accessing computer systems, altering digital data, and hacking into electronic network. The exploitation of these vulnerabilities could adversely affect the targeted institutions or companies and result in substantial losses.

The second is "traditional" crimes involving a technological component. New information and communications technologies have redefined modern society, becoming an integral part of our daily lives. This means that almost any crime can now involve the use of technology. For instance, intimidation can now be done online and is often called "cyber-intimidation". Preachers and rogue politicians – using online tools – can now provoke people into violence and vandalism. There are also cyberbullying and harassment.

For criminals, the tools that new technologies provide are new ways to commit crimes – whether old crimes with a modern twist or newly invented crimes.

The information technologies have created a world of virtually unlimited possibilities. First, certain properties of the Internet – the perceived anonymity for instance – and computer technology have given rise to new offenders who would have not otherwise committed a crime. This category also includes offenders targeting computers directly, such as hackers. Second, some offenders will use these technologies to improve their criminal performance. They use information technologies to maximise their profits, increase their efficiency and reduce their risks. It is also believed that some criminals could even give up their traditional criminal ways to focus exclusively on cybercrime.

The comparison, as defined by crime-fighters in the developed world, between traditional crimes and their new virtual counterparts illustrates the difference between traditional crime and technological crime.

Traditional v. Technological

The virtual versions of traditional crimes offer many advantages to criminals:

1. Criminals no longer need to be physically present to commit crime;


2. Crimes are often cross-border activities;

3. Computer-facilitated crimes are committed automatically at high speed and target many victims at once, making it more difficult to localise and prosecute criminals.

Extortion v. Virtual extortion

Traditionally, business owners had to pay organised crime groups to purchase protection services against criminal harm. Today, with evolving technology, criminals make online stores pay protection money against virtual attacks.

Robbery v Hacking

Traditionally, criminal gangs would rob money from banks and secured vans. Today, criminals hack into bank computer systems and transmit money electronically to payment systems.

Credit card theft v. Credit card theft online

Traditionally, criminals went through people’s garbage to steal their credit card statements and utility bills and then make fraudulent use of their victims’ identity. Today, cybercriminals steal thousands of credit card numbers at once by hacking into the databases of companies.

Boiler room share scam v. Pump-and-dump share scam

This is a Western phenomenon. Traditionally, criminals posing as brokers sold company stocks by phone at artificially inflated prices. Today, these criminals buy company stocks and then issue falsified financial statements on shared sites to inflate stock prices and sell them for profit.

Fraudulent calls v. Phishing

Traditionally, criminals called their victims posing as their bank security personnel to obtain their personal information. Today, criminals send fraudulent emails which are deceptive replicas of emails from legitimate financial institutions to get users to disclose their personal information.

Burglars v. Malware or Computer viruses

Traditionally, burglars knocked directly at their victim’s door to create a diversion while an accomplice went in through the back door and stole valuables. Today, the same process is used online with malware used to access a computer and infect it with a virus.

So there are quite a few key words – which define non-social media crimes.

Cybercrime, hacking, blackmailing, fraud, theft and extortion – all these can be performed through phishing, malware, or malicious software, which are often called computer contaminant in legal parlance, and badware – a term referred to both malware and software not intended for harmful use but one that ends up being used harmfully.

There is another thing called click fraud – this is a type of fraud that occurs on the Internet in pay per click online advertising. bdnews24.com is perhaps the biggest victim of this in Bangladesh. 

Let’s try to explain this. When a person or user, automated script or computer programme imitates a legitimate user of a web browser clicking on an advert, for the purpose of generating a charge per click without having actual interest in the target of the advert's link. Click fraud is the subject of some controversy and increasing litigation due to the advertising networks being a key beneficiary of the fraud. In Bangladesh, a quite well-known newspaper tries to do that and gets banned by Google quite often. They change their domain name frequently and the publicly known web address when being uploaded gets redirected to that changed domain name or web address.

Cookies are another major issue.

Although cookies cannot carry viruses, and cannot install malware on the host computer, tracking cookies and especially third-party tracking cookies are commonly used to compile long-term records of individuals' browsing histories – a privacy concern that triggered action from European and US lawmakers four years ago.

Cookies can also store passwords and form content a user has previously entered, such as a bank card number or an address. When a user accesses a website with a cookie function for the first time, a cookie is sent from server to the browser and stored with the browser in the local computer. Later when that user goes back to the same website, the website recognises the user because of the stored cookie with the user's information.

Criminals tried to intimidate individuals such as my colleague through Facebook, attempted to malign blogger Rajib and probably created the case for his killing by the murderous zealots, propagated against the state’s fundamental policies or political opponents, sought to incite hatred against individuals, religious or ethnic minorities. All these have had far-reaching impact on their targets.

The BIG question is: How do we fight these tech-aided crimes?

There are technological options such as using tracking devices and putting up firewalls. And then, there are regulatory options such as surveillance, and updated or upgraded counter-measures. When mobile phones were used to detonate bombs in Madrid many years ago, the regulatory authorities slapped new restrictions and required phone service providers to store all user data for at least a year.

Educating users seems to be more important than anything; awareness is the key.

Do help enforcers do their job – document cyberbullying.

Keep a record of any online activity – emails, web pages, social media posts, etc., including relevant dates and times. Keep both an electronic version (screenshots) and a printed copy.

If possible or available, set the privacy and security settings to create your own comfort zone. Limit how much you want to share and with whom.

Behave responsibly; post only about those who you’ll allow to post about yourself.

Our behaviour in the cyber society has the potential to affect everyone – at home, at work, and around the entire global digital community and even the wider world.

Let’s continue the discussion.

The article is based on a lecture Toufique Imrose Khalidi gave in November, 2014, at the Department of Criminology, Dhaka University. The audience ranged from the young first-year students to professionals pursuing their Master’s in Criminology degree to senior professors and young lecturers from different disciplines.