| |
| |
| Preface | |
| |
| |
| Foreword | |
| |
| |
| |
| Acknowledgments | |
| |
| |
| |
| Understanding Cybercrime | |
| |
| |
| |
| Cybercrime: A New High-Tech Crime Paradigm | |
| |
| |
| |
| Introduction: What Is Cybercrime? | |
| |
| |
| |
| Understanding Human Behavior in Evolving Social and Technological Contexts | |
| |
| |
| |
| Relatively Normal versus Deviant Behavior | |
| |
| |
| |
| Normal versus Deviant Use of Information Technology | |
| |
| |
| |
| Inappropriate Use of Cell Phones in Public | |
| |
| |
| |
| Normalcy, Deviancy, and Crime in Cyberspace | |
| |
| |
| |
| High-Tech Crime Constructs and Terms | |
| |
| |
| |
| White Collar, Financial, and Organized Crime | |
| |
| |
| |
| The Emergence of Computer-Related Abuse and Crime | |
| |
| |
| |
| Policing without Desktop and Laptop Computers and Other IT Devices | |
| |
| |
| |
| Technology Fusion Brings about Cybercrime | |
| |
| |
| |
| Policing with Desktop and Laptop Computers and other IT Devices | |
| |
| |
| |
| The Importance of Defining and Understanding Crime Terms | |
| |
| |
| |
| What Is Cybercrime and Why Should We Care about It? | |
| |
| |
| |
| Definitional Constructs of High-Tech Crime | |
| |
| |
| |
| Creating, Complying with, and Enforcing Laws and Regulations | |
| |
| |
| |
| Research and Justice Systems Improvement | |
| |
| |
| |
| Why Definitions of Crime Matter: State of New York v. Robert Versaggi | |
| |
| |
| |
| Principles for Better Understanding Cybercrime and Future Crime Labels | |
| |
| |
| |
| Recognize and Accept that Views of Cybercrime Differ | |
| |
| |
| |
| Education and Training Helps Professionals Stay Informed | |
| |
| |
| |
| The Inter and Multidisciplinary Nature of Cybercrime and Organization of the Text | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Information and Other Assets in Need of Assurance | |
| |
| |
| |
| Introduction: What Are We Protecting? | |
| |
| |
| |
| Technology, Information, and Data in Justice and Security Management | |
| |
| |
| |
| Six Primary Characteristics of Information | |
| |
| |
| |
| Six Primary Characteristics of Data | |
| |
| |
| |
| Data versus Knowledge Management | |
| |
| |
| |
| Additional Knowledge and Data Considerations | |
| |
| |
| |
| Information Assurance | |
| |
| |
| |
| The Basic Prescription for What Is Needed: CIA | |
| |
| |
| |
| Becoming Pragmatic about Information Assurance | |
| |
| |
| |
| Who Can You Trust? Credit Card Fraud by "Friends" | |
| |
| |
| |
| Attack Dimensions | |
| |
| |
| |
| Cyber versus Physical Attacks and Security Systems | |
| |
| |
| |
| Insider versus Outsider Threats to Assets | |
| |
| |
| |
| A Phone Service-Scamming Prison Warden | |
| |
| |
| |
| A Collective of Money-Laundering Professionals | |
| |
| |
| |
| A Double Rip-off Mortgage Scheme | |
| |
| |
| |
| Diagnosing and Responding to Threats and Attacks | |
| |
| |
| |
| Critical Infrastructure Protection | |
| |
| |
| |
| What are Critical Infrastructures and Critical Information Infrastructures? | |
| |
| |
| |
| Conceptual and National Differences in Infrastructures | |
| |
| |
| |
| Critical Information Infrastructure Protection | |
| |
| |
| |
| Can the Net Be Taken Down? | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| IT-Enabled Abuse, Attacks, and Crimes | |
| |
| |
| |
| Introduction: How Are Information Technologies Misused? | |
| |
| |
| |
| Types of Abuse, Attacks, and Crime | |
| |
| |
| |
| Writing and Distributing Malicious Code | |
| |
| |
| |
| Differences between Computer Viruses, Worms, and Trojans | |
| |
| |
| |
| Fraudulent Schemes and Theft | |
| |
| |
| |
| How One Student Avoided Being Defrauded Online | |
| |
| |
| |
| A Student Victim of Credit Card Fraud | |
| |
| |
| |
| Interfering with and Disrupting Computer Services | |
| |
| |
| |
| How One Student Fought Fraud with Fraud | |
| |
| |
| |
| Suckered as the Result of Porn Curiosity | |
| |
| |
| |
| Denial-of-Service Attacks Hit Gaming Website | |
| |
| |
| |
| Computer Spying and Intrusions | |
| |
| |
| |
| Free and Illegal Phone Phreaking | |
| |
| |
| |
| The Infamous Back Orifice Remote Control Tool | |
| |
| |
| |
| Unauthorized and Illegal File Sharing | |
| |
| |
| |
| Abuse of Computers and Electronic Devices in Academia | |
| |
| |
| |
| Mass-Distributed Illegal File Sharing | |
| |
| |
| |
| Online Harassment and Computer-Enabled Sex Crimes | |
| |
| |
| |
| Online Harassment via a Website Soliciting Sex | |
| |
| |
| |
| Cyberstalking Star Trek Voyager's Seven of Nine | |
| |
| |
| |
| Evolving Forms of Cybercrimes, Attacks, and Conflict | |
| |
| |
| |
| Emerging Crime and Attack Trends | |
| |
| |
| |
| Futuristic Forms of Cyber Conflict | |
| |
| |
| |
| Installation of Multiple Alien Servers | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Computer Abusers and Cybercriminals | |
| |
| |
| |
| Introduction: Who Commits Computer Abuse and Cybercrime? | |
| |
| |
| |
| Behavioral and Social Traits of Abusers, Attackers, and Criminals | |
| |
| |
| |
| Social Engineering Tactics | |
| |
| |
| |
| Victimized by a Social Engineering Friend | |
| |
| |
| |
| The Adversarial SKRAM Model | |
| |
| |
| |
| Three Friends, of Whom Two Were Hackers | |
| |
| |
| |
| Juvenile Geek Paid for Corporate Espionage and Sabotage | |
| |
| |
| |
| What Cybercriminals Fear | |
| |
| |
| |
| SKRAM Needed to Create and Use Fake Ids | |
| |
| |
| |
| Categorizing Cyber Abusers, Attackers, and Criminals | |
| |
| |
| |
| Stereotypical and Other Adversary Profiles | |
| |
| |
| |
| Who Are Cybercriminals Really? | |
| |
| |
| |
| A More Comprehensive Categorization Schema | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Theoretical and Social Perspectives on Cybercrime | |
| |
| |
| |
| Theories of Computer-Enabled Abuse and Crime | |
| |
| |
| |
| Introduction: Why Do People Commit Cyber Abuse and Crime? | |
| |
| |
| |
| Theories: The Building Blocks of Knowledge and Understanding | |
| |
| |
| |
| The Practicality of Good Theories | |
| |
| |
| |
| The Process of Knowledge-Building | |
| |
| |
| |
| General Criminological Explanations of Cybercrime | |
| |
| |
| |
| Classical/Choice Theory | |
| |
| |
| |
| Rational Choice Theory | |
| |
| |
| |
| General Deterrence Theory | |
| |
| |
| |
| People Can and Sometimes Do Choose to Change Their Criminal Ways | |
| |
| |
| |
| Routine Activities Theory | |
| |
| |
| |
| Trait Theory | |
| |
| |
| |
| Major Strengths and Limitations of Classical Criminology | |
| |
| |
| |
| Arousal Theory | |
| |
| |
| |
| Cognitive Theory | |
| |
| |
| |
| Behavioral Theory | |
| |
| |
| |
| Social Process Theory | |
| |
| |
| |
| Major Strengths and Limitations of Trait Theories | |
| |
| |
| |
| Social Control Theories | |
| |
| |
| |
| Social Learning Theories | |
| |
| |
| |
| Neutralization Theory | |
| |
| |
| |
| Labeling Theory | |
| |
| |
| |
| Differential Enforcement | |
| |
| |
| |
| Major Strengths and Limitations of Social Process Theories | |
| |
| |
| |
| Negative Labels as Badges of Honor | |
| |
| |
| |
| Social Structure Theory | |
| |
| |
| |
| General Social Structure Theory | |
| |
| |
| |
| Social Disorganization Theory | |
| |
| |
| |
| Strain Theories | |
| |
| |
| |
| Cultural Deviance Theory | |
| |
| |
| |
| Conflict Theory | |
| |
| |
| |
| Major Strengths and Limitations of Social Structure Theories | |
| |
| |
| |
| General Conflict Theory | |
| |
| |
| |
| Marxist Criminology | |
| |
| |
| |
| The Case of Unabomber Ted Kaczynski | |
| |
| |
| |
| The Presidential Pardoning of Financier Mark Rich | |
| |
| |
| |
| Other Conflict Theories of Crime | |
| |
| |
| |
| Making an Example of Martha Stewart? | |
| |
| |
| |
| Integrated and Technological Theories | |
| |
| |
| |
| Overview of Integrated Theories | |
| |
| |
| |
| Major Strengths and Weaknesses of Conflict Theory | |
| |
| |
| |
| Which Theories Help Explain This Criminal Behavior? | |
| |
| |
| |
| Technology-Enabled Crime, Policing, and Security | |
| |
| |
| |
| New Crime: Fictitious Characters Socially Engineer Real-World Stabbing | |
| |
| |
| |
| Strengths and Limitations of Integrated and Technological Theories | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| The Social and Economic Impacts of Cybercrime | |
| |
| |
| |
| Introduction: Who Is Harmed and by How Much Cybercrime? | |
| |
| |
| |
| The Human and Financial Costs of Computer Abuse and Cybercrime | |
| |
| |
| |
| Victimization Concepts | |
| |
| |
| |
| How Victimization Can Lead to Cybercrime | |
| |
| |
| |
| Harm Experienced by Victims of Cybercrime | |
| |
| |
| |
| Cybercrime as Nonviolent Property Crime | |
| |
| |
| |
| How Much Cybercrime Is There? | |
| |
| |
| |
| Primary Means of Generating Crime Statistics | |
| |
| |
| |
| An Examination of Early Uniform Crime Reports | |
| |
| |
| |
| Overview of Major IT-Enabled Abuse and Crime Studies | |
| |
| |
| |
| Research by U.S. Organizations that Track Cybercrime | |
| |
| |
| |
| Economic Estimates and Impact Studies of Cybercrime | |
| |
| |
| |
| A Worldwide Online Auction Scam | |
| |
| |
| |
| What Are the Economic Impacts of Spam? | |
| |
| |
| |
| Why Research the Nature and Extent of Cybercrime? | |
| |
| |
| |
| The General State of Research on Cybercrime | |
| |
| |
| |
| Types of Research Needed on Cybercrime | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Emerging and Controversial Cybercrime Issues | |
| |
| |
| |
| Introduction: How is IT Creating New Opportunities for Cybercrime? | |
| |
| |
| |
| Emerging Potential for IT-Enabled Abuse and Cybercrime | |
| |
| |
| |
| Transformations in Academic Education and Professional Training | |
| |
| |
| |
| Online Banking and E-Commerce | |
| |
| |
| |
| Benefits and Risks of Online Auctions | |
| |
| |
| |
| Meeting and Courting Significant Others Online | |
| |
| |
| |
| IT-Enabled Democratization | |
| |
| |
| |
| An Obsessive Cyber Spooning Love Affair | |
| |
| |
| |
| Controversial Cybercrime-Related Issues | |
| |
| |
| |
| The Computer Hacker Subculture | |
| |
| |
| |
| How the Movie Hackers Inspired One Student to Abuse Computers | |
| |
| |
| |
| The Open Source Community | |
| |
| |
| |
| The Death of Cyberpunk | |
| |
| |
| |
| Electronic Gaming Enclaves | |
| |
| |
| |
| Online Pornography | |
| |
| |
| |
| Information Privacy Protections and Infringement | |
| |
| |
| |
| A Discredited Study on the Amount of Internet Pornography | |
| |
| |
| |
| Real-Time Electronic Surveillance, Tracking, and Recording Capabilities Relative to Behavioral, Investigative, and Security Functions | |
| |
| |
| |
| Basic Principles for Safeguarding Information Privacy | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Managing Cybercrime | |
| |
| |
| |
| Cyber Laws and Regulations | |
| |
| |
| |
| Introduction: How Does Society Prohibit Cybercrime? | |
| |
| |
| |
| The Rationale and Reach of Cyber Laws and Regulations | |
| |
| |
| |
| Legal Philosophies | |
| |
| |
| |
| Concepts of Due Process and Legal Jurisprudence | |
| |
| |
| |
| International Agreements for Managing Cybercrime | |
| |
| |
| |
| Determining Jurisdiction in Cyber Suits: Zippo Manufacturing v. Zippo.com | |
| |
| |
| |
| Operation Buccaneer Targets International Warez Groups | |
| |
| |
| |
| Bodies of Law Pertaining to IT and Cybercrime Issues | |
| |
| |
| |
| International Computer Gaming Bust | |
| |
| |
| |
| Constitutional Law and Case Law | |
| |
| |
| |
| The U.S. Constitution and its Amendments | |
| |
| |
| |
| ACLU v. Reno: Striking Down of the Communications Decency Act | |
| |
| |
| |
| Criminal Law | |
| |
| |
| |
| Administrative and Regulatory Law | |
| |
| |
| |
| Code Writer Faces Federal Prosecution | |
| |
| |
| |
| Intellectual Property (IP) Law | |
| |
| |
| |
| Tort Law | |
| |
| |
| |
| Types of Intellectual Property Law Protections | |
| |
| |
| |
| How Laws and Regulations Are Created and Administered | |
| |
| |
| |
| Legislative Bills and Executive Approval | |
| |
| |
| |
| Implementation and Enforcement of Laws and Regulations | |
| |
| |
| |
| Federal Regulatory Agencies with InfoSec Oversight Responsibilities | |
| |
| |
| |
| Key Federal Cybercrime Laws and Information Security Regulations | |
| |
| |
| |
| Laws Specifying Illegal Use of Computers and Electronic Devices | |
| |
| |
| |
| Laws that Facilitate or Limit Cybercrime Investigations | |
| |
| |
| |
| Laws Protecting Children from Online Pornography | |
| |
| |
| |
| Laws Specifying Information Security Requirements | |
| |
| |
| |
| Laws Affording Privacy Protections | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Investigating and Prosecuting Cybercrime | |
| |
| |
| |
| Introduction: What Happens When Cybercrime Laws Are Broken? | |
| |
| |
| |
| Collaborative Criminal Justice System Responses to Cybercrime | |
| |
| |
| |
| Roles of Public Law Enforcement and Private Security | |
| |
| |
| |
| Dedicated Cybercrime Investigation and Prosecution Units | |
| |
| |
| |
| Key Investigative and Technical Assistance Agencies | |
| |
| |
| |
| Legal Issues Governing Investigative Procedures | |
| |
| |
| |
| Evidentiary Challenges Faced by Investigators and Prosecutors | |
| |
| |
| |
| Physical and Cyber Monitoring, Surveillance, and Investigative Operations | |
| |
| |
| |
| Mapp v. Ohio Results in Nationwide Exclusionary Rule | |
| |
| |
| |
| Crime Scene Processing and Evidence Management | |
| |
| |
| |
| Responding to and Protecting the Crime Scene | |
| |
| |
| |
| Typical Crime Scene Processing Equipment | |
| |
| |
| |
| Searching for Physical and Electronic Evidence of Counterfeiting | |
| |
| |
| |
| Collecting and Preserving Physical and Electronic Evidence | |
| |
| |
| |
| Controversy and Evidentiary Challenges of Child Porn Morphing | |
| |
| |
| |
| The Challenge of Putting a Cybercriminal Behind a Keyboard | |
| |
| |
| |
| Interviewing Victims, Witnesses, and Cybercriminals | |
| |
| |
| |
| Prosecuting Cybercriminals | |
| |
| |
| |
| Pretrial Procedures and Hearings | |
| |
| |
| |
| Trial Procedures and the Art of Presenting Evidence | |
| |
| |
| |
| Trial Verdicts, Sentencing Policies, and Appeals | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Preventing Cybercrime with Information Security | |
| |
| |
| |
| Introduction: How Can We Better Protect our Computer Systems and Data? | |
| |
| |
| |
| Personal and Organizational Information Security | |
| |
| |
| |
| What Every Person Should Know about Information Security | |
| |
| |
| |
| A Security Lesson about Purchasing Inferior Technology | |
| |
| |
| |
| A Case of Sloppy Password Administration | |
| |
| |
| |
| Software Firewall Programs May Not Provide Complete Protection | |
| |
| |
| |
| The Importance of Patch Management | |
| |
| |
| |
| Backup Data Only on Trusted Media! | |
| |
| |
| |
| Broadband Connectivity: Learn to be a Savvy ISP Customer | |
| |
| |
| |
| Avoid Being Swindled in Online Auction Fraud | |
| |
| |
| |
| A Security Conscious Traveling Executive | |
| |
| |
| |
| Assuring Protection of Information in Organizations | |
| |
| |
| |
| Advancing the Security Posture of Organizations | |
| |
| |
| |
| Security Change Procedures | |
| |
| |
| |
| Risk Management | |
| |
| |
| |
| Due Care and Diligence | |
| |
| |
| |
| The Need for Computer Use and Security Policies | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Future Opportunities for Managing Cybercrime | |
| |
| |
| |
| Introduction: Where Can We Go from Here? | |
| |
| |
| |
| What More Can Government Do to Prevent Cybercrime? | |
| |
| |
| |
| Preparing to Manage Cybercrime | |
| |
| |
| |
| Actions Government Can Take to Prevent and Control Cybercrime, Improve Information Security Capabilities Nationally, and Protect Critical Information Infrastructure | |
| |
| |
| |
| Getting Set and Moving Forward | |
| |
| |
| |
| Information Insecurity at ChoicePoint | |
| |
| |
| |
| Computer Ethics Education and Intolerance of Cybercrime | |
| |
| |
| |
| The Philosophy of Ethics | |
| |
| |
| |
| Get Ahead by Joining a Professional Membership Association | |
| |
| |
| |
| Not Everyone Likes Using Computers | |
| |
| |
| |
| Classical Ethics Theories | |
| |
| |
| |
| Unethical Employment Practices: Don't Get Burned! | |
| |
| |
| |
| Computer Ethics | |
| |
| |
| |
| Is It Ethical to Use a Work Computer for Personal Reasons? | |
| |
| |
| Key Terms and Concepts | |
| |
| |
| Critical Thinking and Discussion Questions | |
| |
| |
| References and Endnotes | |
| |
| |
| |
| Cyber Stakeholders and Online Resources | |
| |
| |
| Index | |