Cyberspace Crime is Closer To You Than You Think
The world is a dangerous place. Muggers are poised to jump you if you walk down the wrong darkened alley, con artists are scheming to relieve you of your retirement fund, and co-workers are out to ruin your career. Organized crime syndicates are spreading corruption, drugs, and fear with the efficiency of Fortune 500 companies. There are crazed terrorists, nutty dictators, and uncontrollable remnants of former superpowers with more firepower than sense. And if you believe the newspapers at your supermarket’s checkout counter, there are monsters in the wilderness, creepy hands from beyond the grave, and evil space aliens carrying Elvis’s babies. Sometimes it’s amazing that we’ve survived this long, let alone built a society stable enough to have these discussions.
The world is also a safe place. While the dangers in the industrialized world are real, they are the exceptions. This can sometimes be hard to remember in our sensationalist age — newspapers sell better with the headline “Three Shot Dead in Random Act of Violence” than “Two Hundred and Seventy Million Indians have Uneventful Day”— but it is true. Almost everyone walks the streets every day without getting mugged. Almost no one dies by random gunfire, gets swindled by flimflam men, or returns home to crazed marauders. Most businesses are not the victims of armed robbery, rogue bank managers, or workplace violence. Less than one percent of online transactions—unmediated long- distance deals between strangers—result in any sort of complaint. People are, on the whole, honest; they generally adhere to an implicit social contract. The general lawfulness in our society is high; that’s why it works so well.
(I realize that the previous paragraph is a gross oversimplification of a complex world. I am writing this in India in the year 2012. I am not writing it in Kabul, Karachi, or Baghdad. I have no experiences that can speak to what it is like to live in such a place. My personal expectations of safety come from living in a stable democracy. This book is about the security from the point of view of the industrialized world, not the world torn apart by war, suppressed by secret police, or controlled by terrorist organisations and criminal syndicates. This book is about the relatively minor threats in a society where the major threats have been dealt with.)
Attacks, whether criminal or not, are exceptions. They’re events that take people by surprise, that are “news” in its real definition. They’re disruptions in the society’s social contract, and they disrupt the lives of the victims.
THE UNCHANGING NATURE OF ATTACKS
If you strip away the technological buzzwords and graphical user interfaces, cyberspace isn’t all that different from its flesh-and-blood, bricks – and-mortar, atoms-not-bits, real-world counterpart. Like the physical world, people populate it. These people interact with others, form complex social and business relationships, live and die. Cyberspace has communities, large and small. Cyberspace is filled with commerce. There are agreements and contracts, disagreements and torts.
And the threats in the digital world mirror the threats in the physical world. If embezzlement is a threat, then digital embezzlement is also a threat. If physical banks are robbed, then digital banks will be robbed. Invasion of privacy is the same problem whether the invasion takes the form of a photographer with a telephoto lens or a hacker who can eavesdrop on private chat sessions. Cyberspace crime includes everything you’d expect from the physical world: theft, racketeering, vandalism, voyeurism, exploitation, extortion, con games, fraud. There is even the threat of physical harm: cyberstalking, attacks against the air traffic control system, etc. To a first approximation, online society is the same as offline society. And to the same first approximation, attacks against digital systems will be the same as attacks against their analog analogues.
This means we can look in the past to see what the future will hold. The attacks will look different—the burglar will manipulate digital connections and database entries instead of lockpicks and crowbars, the terrorist will target information systems instead of airplanes—but the motivation and psychology will be the same. It also means we don’t need a completely different legal system to deal with the future. If the future is like the past—except with cooler special effects—then a legal system that worked in the past is likely to work in the future.
In olden days robbers robbed banks because that was where the money was – and they still do. Today, though the real money isn’t in banks; it’s zipping around computer networks. Every day, the world’s banks transfer billions of dollars among themselves by simply modifying numbers in computerized databases. Meanwhile, the average physical bank robbery grosses a little over fifteen hundred dollars. And cyberspace will get even more enticing; the dollar value of electronic commerce gets larger every year.
Where There’s money, There Are Criminals.
Walking into a bank or a liquor store wearing a ski mask and brandishing a .45 isn’t completely passé, but it’s not the preferred method of criminals drug-free enough to sit down and think about the problem. Organized crime prefers to attack large-scale systems to make a large-scale profit. Fraud against credit cards and check systems has gotten more sophisticated over the years, as defenses have gotten more sophisticated. Automatic teller machine (ATM) fraud has followed the same pattern. If we haven’t seen widespread fraud against Internet payment systems yet, it’s because there isn’t a lot of money to be made there yet. When there is, criminals will be there trying. And if history is any guide, they will succeed.
Privacy violations are nothing new, either. An amazing array of legal paperwork is public record: real estate transactions, boat sales, civil and criminal trials and judgments, bankruptcies. Want to know who owns that boat and how much he paid for it? It’s a matter of public record. Even more personal information is held in the 20,000 or so (in the United States) personal databases held by corporations: financial details, medical information, lifestyle habits.
Investigators (private and police) have long used this and other data to track down people. Even supposedly confidential data gets used in this fashion. No private investigator has survived half a season with out a friend in the local police force willing to look up a name or a license plate or a criminal record in the police files. Police routinely use industry databases. And every few years, some bored IRS operator gets caught looking up the tax returns of famous people.
Marketers have long used whatever data they could get their hands on to target particular people and demographics. Mostly personal data do not belong to the person whom the data are about, they belong to the organization that collected it. Your financial information isn’t your property, it’s your bank’s. Your medical information isn’t yours, it’s your doctor’s. Doctors swear oaths to protect your privacy, but insurance providers and HMO’s do not. Do you really want everyone to know about your heart defect or your family’s history of glaucoma? How about your bout with alcoholism, or that embarrassing brush with venereal disease two decades ago?
Privacy violations can easily lead to fraud. In the novel Paper Moon, Joe David Brown wrote about the Depression-era trick of selling bibles and other merchandise to the relatives of the recently deceased. Other scams targeted the mothers and widows of overseas war dead —“for only pennies a day we’ll care for his grave”—and people who won sweepstakes. In many areas in the country, public utilities are installing telephone-based systems to read meters: water, electricity, and the like. It’s a great idea, until some enterprising criminal uses the data to track when people go away on vacation. Or when they use alarm monitoring systems that give up-to-the-minute details on building occupancy. Wherever data can be exploited, someone will try it, computers or no computers.
Nothing in cyberspace is new. Child pornography: old hat. Money laundering: seen it. Bizarre cults offering everlasting life in exchange for your personal check: how déclassé. The underworld is no better than business people at figuring out what the Net is good for; they’re just repackaging their old tricks for the new medium, taking advantage of the subtle differences and exploiting the Net’s reach and scalability. Sounds Scary doesn’t it?
But this is something that the individual in the modern world will gradually have to learn to start to live with. If you are on Facebook you are willingly sharing details about your life with the world and there is no way that you can protest later that where you are, what you do and where you go to work and play is confidential information. The world is now not only yours but everybody’s playground. Just use your common sense and keep your mind on high alert all the time in the online world and do not be silly enough to give out confidential information about your finances, passwords, etc. And if ever you are in doubt that you may have unknowingly given away confidential information or you sense that there is something amiss do not hesitate to instantly call upon trusted friends and family or contact trusted private detectives and investigators to track the issue before it gets too late.
Note: Feel free to republish this article on your own blog or website but please copy paste the below ‘Author Credits’ and include it at the bottom of your post or page. Thank you.
Amit Sen, a commercial pilot by training, has over 15 years experience in the space of corporate investigations, handling Copyright & Trademark infringement cases, Pre – employment verification Industrial Espionage investigations, Asset & Net – Worth assessment assignments and vendor / supplier verification cases, among others. Co-founder of Alliance One Detectives – the best marriage investigation detectives Mumbai, apart from specializing in marital investigations, Amit has also successfully completed assignments in a wide range of sectors, including the machine tools industry, pharmaceutical industry, hospitality sector, specialized equipment (Oil & natural gas sector, aviation industry etc.), telecom industry & the IT & ITes sectors. These cases have all involved both offline and online investigations.