Information Technology and Ethics/Who commits cyber crimes?

Cyber Criminals

edit

There are criminals who commit cyber crimes for different reasons. Some of them steal from companies and private citizens for financial gain, while others steal secrets from not only companies, but governments and private citizens. Some of the perpetrators aim to disrupt the infrastructure of the government or company. Hackers test the limits of information systems for the challenge of doing so. Some believe that hackers perform a service by exposing security risks. "Crackers" break into networks and systems to deface websites, crash computers or networks, or spread harmful programs and/or hateful messages.

Malicious insiders are employees or officers of a business, institution, or agency that carry out activities intended to cause harm to the organization. Malicious insiders are not always employees. They can be consultants and contractors that have special access to sensitive information. It is difficult to detect and/or stop malicious insiders. They are authorized to access the systems they abuse. Most systems are vulnerable to these malicious actors because they were designed to keep intruders out. Insiders know how the systems work and how to circumvent them. The organization may be able to take steps to reduce these attacks. Industrial spies steal trade secrets to gain competitive advantage. Hacktivists and cyber-terrorists attack systems in order to promote their ideologies and intimidate governments in order to achieve their goals.

Internet Stalkers

edit

Whereas stalking was once an act requiring the physical tracking of an individual's movements, it has since transcended the boundaries of reality and entered into the virtual worlds we tend to think of as private. Internet stalkers are similar to real-world stalkers; in simplest terms, their behavior can be considered harassment. An online stalker's behavior can take on many forms, dependent on their motive to stalk their chosen victim. These behaviors can include impersonating another individual to gain information or build a relationship with their victims and bullying by posting content that the victim might consider embarrassing or private to express power. Internet stalkers tend to blackmail their victims by threatening to release personal or intimate content or information. This is especially true if the cyber stalkers' motive for targeting their victims is financial gain or simply generalized anger towards the victim. Behaviors can also include harassment on social media platforms and continuous messaging from anonymous accounts. Although internet stalkers target individual victims, companies and large organizations can be a byproduct of risk for a stalker attempting to gain information about the victim. Statistics show that a majority of cyberstalking victims actually know their stalkers and report being a stalker for over a year.[1] What is most frightening, however, is that only 12% of cyberstalking incidents are reported to law enforcement, making it harder to accurately deduce the true extent of the issue.

Social Engineers

edit

One of the best methods cybercriminals use is social engineering, which includes using psychological manipulation to trick individuals into revealing private information. Cybercriminals use social engineering methods since they are frequently simpler and more compelling than conventional hacking techniques. As opposed to attempting to find weaknesses in a computer system or organization, social engineering assaults focus on the human shortcomings of the people in question. Social engineering methods can sidestep even the most potent safety efforts, like firewalls or antivirus programming, by fooling clients into intentionally giving their sensitive information. Moreover, social engineering assaults can be sent off for an enormous scope, making it feasible for cybercriminals to focus on a considerable number.

Hacktivists

edit

Hacktivism consists of a group using their computer hacking skills to create a political statement towards the government, power institutions, and other targets as a form of political activism[2]. It's mainly done anonymously to ensure the safety of the activists and make it harder for the government and institutions to retaliate against the hacktivists[2]. Hacktivists are extremists who have a strong sense of justice. They transcend the line of peaceful protest and being seen. Hacktivism is a theatrical statement, making the groups go to extreme lengths. Hacktivists use many methods: data theft, distributed denial of service (DDoS) attacks, spreading awareness via social media for doxing, website defacement, and more. Data theft and DDoS attacks are used as ransom to get the victim's attention to comply or do as the hacktivists state. Spreading awareness via social media can lead to helping people know the truth about the government or institution or dox the victims to expose them in hopes of change[3]. Lastly, website defacement brings a message about the importance of hacktivists' political activism by posting it in front of the site.

The Cult of the Dead Cow (cDc), started in 1984, is also known as one of the oldest computer hacking organizations. They rose to fame for their hacktivist campaigns and for starting Hohocon, one of the first hacker conventions. The cDc was involved in various causes, such as targeting the Church of Scientology in the mid-1990s. Their goal was to promote human rights along with freedom of information to ensure not only could Chinese citizen but anyone who has been silenced and lack information due to censorship.[3]

Anonymous started in 2003 on the online message board 4chan doing their best to keep the internet transparent.[3] They're well known for concealing their face with Guy Fawkes masks and using voice changers or text-to-speech programs. Anonymous has attacked multiple countries, most notably: the United States, United Kingdom, Australia, India, and many others. They seemed to have diminished from the public in 2018; however, they came back in 2020 to support the Black Lives Matter Movement.

DkD[|| also started in 2003 like Anonymous; however, they are a Frech hacktivist known for website defacing. They are notorious for defacing the U.S. Navy site because they promote political views and specifically spread messages against U.S. military policies.[3] Allegedly DkD[|| was a 17-year-old teen boy causing many to believe he was trying to show off his skills and less express political viewpoints.[3]

Identity Thieves

edit

Identity theft is one of the oldest cyber crimes in history.[4] Identity theft is when someone uses your personal or financial information without your permission.[4] These identity thieves are a group of people or individuals who try to gain access to other people's personal information, such as names, addresses, phone numbers, emails, bank accounts, social security numbers, credit card information, and even bank information. Once identity thieves get ahold of the victim's personal information, they can access anything with your information. They can make new accounts under your name, make or commit fraudulent transactions, or cause damage to your bank account. With the latest technology and techniques today, many identity thieves can hack into corporations' databases and steal a high volume of personal information and identities.

Deep fake technology is the new technology that uses artificial intelligence (AI)  to create realistic pictures or videos of anything or anyone. Deep fakes have been well-known in the film industry to bring dead actors back to life or make actors look younger. Impersonating someone's face for entertainment purposes. Deep fakes are now being used to commit cybercrime - identity theft.

With the improved technology, committing identity theft is easier for criminals now. Apps and software have been created so anyone can easily make deep fakes. They can impersonate another person's voice and face and use it for videos, pictures, or even voice messages.

Types of frauds:

edit
  • Ghost fraud: Criminals can use deep fake technology to steal the data of a deceased person and impersonate the person for their financial gain. They can access credit cards and loan accounts with their stolen identity.
  • New account fraud: This is also known as application fraud when criminals use stolen identities to open new bank accounts. Severe financial damage can happen because criminals will max out their credit cards and take out loans under your name without paying them back.
  • Synthetic identity fraud: Criminals mine information from multiple people and combine the information to make a fake person that doesn’t exist. They would create new credit card accounts and max out the accounts.
  • Hiring fraud: Also known as recruitment fraud, is when criminals offer a person a fake job with unsolicited emails, text messages, and recruitment website links. They will try to gain your personal information through these applications and possibly set you up for illegal jobs.

Signs of identity thieves:

edit
  • Suspicious transactions in bank statements
  • Mail stops coming to your house
  • Debt collection calls for accounts you didn’t open

How to prevent:

edit
  • Don’t answer phone calls, text messages, or emails from people or numbers you don’t recognize.
  • Do not share personal information like your Social Security number, bank account, or date of birth.
  • Review bank statements often and watch for suspicious transactions.
  • Store personal information in a safe place.

Cyber Terrorists

edit

Cyberterrorists are terrorists who primarily have their acts of terrorism done through some form of cyberspace. Acts of cyberterrorism are politically inspired cyber attacks in which the cyber criminal attempts to steal data and/or corrupt corporate or government computer systems and networks, harming countries, businesses, organizations, and even individuals. Cyberterrorists have been a larger concern due to society's already developed fear of random, violent victimization, combined with the distrust, anxiety, and unfamiliarity of computer technology. This creates an amalgamation of two worries that concern the people and creates a larger unknown threat.[5]

Cyberterrorists differentiate themselves from other cybercriminals as their actions are often politically motivated rather than seeking financial gain. This usually allows cyberterrorists to be in the public eye more than just cybercriminals, as cyberterrorists' actions are often used to disturb the peace and seek media attention to spread awareness of the politics, which goes against the cyberterrorists' beliefs/standpoint.

Recent discussions have argued about what qualifies as "cyberspace" and what qualifies as "an act of terrorism." This has caused debate over different events if, in certain instances, an event qualifies as cyberterrorism. Dorothy Denning, a professor of computer science, made the adopted unambiguous definition of cyberterrorism. From her numerous articles on the subject and in her testimony before the House Armed Services Committee in May 2000, she defined cyberterrorism as: The convergence of cyberspace and terrorism. This refers to unlawful attacks and threats against computers, networks, and information belonging to such. These actions may be done to intimidate or coerce a government or its people in furtherance of political or social objectives. And in order to qualify as cyberterrorism, an attack should result in violence against persons or property, or at least cause enough harm to generate fear."[6]

By going off this definition, attacks that lead to death or bodily injury, explosions, or severe economic loss would be examples of cyberterrorist attacks. Serious attacks against critical infrastructures could also be acts of cyberterrorism, depending on their impact. However, attacks that disrupt nonessential services or are mainly a costly nuisance would not.

Recently, there has been an enormous upward spike when it comes to terrorist groups committing acts of terrorism through cyberspace. This has been thanks to the growing dependence of our societies on information technology has created a new form of vulnerability, giving terrorists a chance to approach targets that would otherwise be unassailable. This includes national defense systems, air traffic control systems, government data centers, etc. This allows infrastructural damage to a business or society and has shown that the more technologically developed a country is, the more vulnerable it becomes to cyberattacks. Terrorist groups have also flocked towards cyberterrorism as many protective measures have not been put in place against cyberterrorism as of this moment (due to its more recent development), as well as the many benefits that the digital world brings for criminal activities. There have been five significant benefits for these terrorist groups to switch their activities from physical terrorism to cyberterrorism. These include price, anonymity, ease of access to targets, all the benefits of remote work, and the ability for the act of terrorism to be even bigger than planned.[6]

Cyber Crime and the Healthcare System

edit

In today’s “high-tech” world, both wireless and software-controlled technologies are commonplace throughout the medical world. From the bustling cities of Washington D.C. and Chicago, Illinois to the various small town “one-stoplight” places around this country, the advancement in medical technology has in some way shape or fashion affected all of us in many different ways. Even the normal “checkup” visit to the doctor brings us face-to-face with some form of software-controlled devices such as “surgical and anesthesia devices, ventilators, drug infusion pumps, patient monitors and external defibrillators” [7]. Most devices used in hospitals today are controlled via software and are either connected to the Internet via a hospital Intranet or have the capability to be connected via wireless technology.

And that is where one of the many problems arises——on the Internet. Most, if not everything, can be found, viewed, used, and exploited as long as it is connected to the Internet. As long as there is something of value out there in cyberspace, there will always be someone who tries to “hack” it, manipulate it or take it. Whether that is for the good of mankind or the selfishness of one, people will always try to use the internet to their advantage.

The healthcare industry is no stranger to cyber-crime. For the last ten years or so, most cyber-crimes against the healthcare system were for monetary reasons whether that be through extortion or by stealing someone’s identity.

Within the last few years there have been numerous security studies, conferences and demonstrations on the topic of cybersecurity vulnerabilities relating to “internet-connected implanted medical devices” [8], “hard-coded password vulnerabilities” [9] or “by the introduction of malware into the medical equipment or unauthorized access to configuration settings in medical devices and hospital networks.” [10]

Implanted devices have been around for decades, but only in the last few years have these devices become virtually accessible. While they allow for doctors to collect valuable data, many of these devices were distributed without any type of encryption or defensive mechanisms in place. Unlike a regular electronic device that can be loaded with new firmware, medical devices are embedded inside the body and require surgery for “full” updates. One of the greatest constraints to adding additional security features is the very limited amount of battery power available.[8]

There have been some health-care security related events in the past few years.

Anthem Blue Cross

edit

On February 4, 2015, Anthem, Inc. experienced a data breach where more than 37.5 million records were stolen by hackers. Anthem, Inc, is a US health insurance giant. In December of 2014, Anthem employees noticed suspicious database queries. At the end of January of 2015, investigators confirmed unauthorized data queries on the company’s servers. In total, almost 80 million Americans have had their personal information exposed to hackers. This information includes: full names, addresses, SSNs, birthdays, etc. The truth about the Anthem hack is that they failed to encrypt their files. [11]

Advocate Health Care

edit

In July of 2013, there was a burglary from an office of Advocate Medical Group in Illinois which involved the theft of four unencrypted desktop computers. This burglary may have exposed information of about 4 million patients. [12] The information that may have been stolen on the Advocate computers involve names, addresses, date of births, SSN, etc. While the Advocate computers were password protected, they were not encrypted.

Community Health Systems

edit

In July of 2014, Community Health Systems confirmed its computer network was the target of an external criminal cyber-attack in April and June 2014. The data taken includes names, addresses, birthdates, SSNs, etc. The intruder was able to bypass the company’s security measures and successfully copy and transfer some data existing on the company’s systems. [13]

References

edit
  1. "The Most Surprising Cyber Stalking Statistics And Trends in 2023 • GITNUX". 2023-04-05. Retrieved 2023-04-25.
  2. a b Sorell, Tom (November 2015). "Human Rights and Hacktivism: The Cases of Wikileaks and Anonymous, Journal of Human Rights Practice". Journal of Human Rights Practice. 7 (3).
  3. a b c d e "Hacktivism: An overview plus high-profile groups and examples". us.norton.com. Retrieved 2023-04-25.
  4. a b "Who Are Cyber Criminals?". Norwich University Online. Retrieved 2023-04-25.
  5. "Who Are Cyber Criminals?". Norwich University Online. Retrieved 2023-04-25.
  6. a b Weimann, Gabriel (December 2004). "Cyberterrorism: How Real Is The Threat?" (PDF). United States Institute of Peace.
  7. Pierson, R. and Finkle, J. (2013, June 13). “FDA urges protection of medical devices from cyber threats.” Reuters. Retrieved June 18, 2013 from http:// www.reuters.com
  8. a b Wadhwa, T. (2012, December 06). “Yes, You Can Hack A Pacemaker (And Other Medical Devices Too).” Forbes. Retrieved June 18, 2013 from http://www.forbes.com
  9. Alert (ICS-ALERT-13-164-01): Medical Devices Hard-Coded Passwords. (2013, June 13). In Industrial Control Systems Cyber Emergency Response Team. Retrieved June 18, 2013 from https://ics-cert.us-cert.gov
  10. FDA Safety Communication: Cybersecurity for Medical Devices and Hospital Networks. (2013, June 13). In U.S. Food and Drug Administration. Retrieved June 18, 2013 from http://www.fda.gov
  11. Article in "Infosec Institute", "InfoSec Institute"
  12. Advocate Medical Breach: No Encryption?, "Data Breach Today"
  13. Data Breach Notification, "Community Health Systems""