Essay/Term paper: Computer crime in the 1990's

Essay, term paper, research paper:  Information Technology

Computer Crime In The 1990's


We're being ushered into the digital frontier. It's a cyberland with
incredible promise and untold dangers. Are we prepared ? It's a battle between
modern day computer cops and digital hackers. Essentially just think what is
controlled by computer systems, virtually everything.
By programming a telephone voice mail to repeat the word yes over and over
again a hacker has beaten the system. The hacker of the 1990's is increasingly
becoming more organized very clear in what they're looking for and very, very
sophisticated in their methods of attack.. As hackers have become more
sophisticated and more destructive, governments, phone companies and businesses
are struggling to defend themselves.

Phone Fraud

In North America the telecommunications industry estimates long distance
fraud costs five hundred million perhaps up to a billion every year, the exact
the exact figures are hard to be sure of but in North America alone phone fraud
committed by computer hackers costs three, four maybe even up to five billion
dollars every year. Making an unwitting company pay for long distance calls is
the most popular form of phone fraud today. The first step is to gain access to
a private automated branch exchange known as a "PABX" or "PBX". One of these can
be found in any company with twenty or more employees. A "PABX" is a computer
that manages the phone system including it's voice mail. Once inside a "PABX" a
hacker looks for a phone whose voice mail has not yet been programmed, then the
hacker cracks it's access code and programs it's voice mail account to accept
charges for long distance calls, until the authorities catch on, not for a few
days, hackers can use voice mail accounts to make free and untraceablecalls to
all over the world. The hackers that commit this type of crime are becoming
increasingly organized. Known as "call cell operators" they setup flyby night
storefronts were people off the street can come in and make long distance calls
at a large discount, for the call cell operators of course the calls cost
nothing, by hacking into a PABX system they can put all the charges on the
victimized companies tab. With a set of stolen voice mail access codes known as
"good numbers" hackers can crack into any phone whenever a company disables the
phone they're using. In some cases call cell operators have run up hundreds of
thousands of dollars in long distance charges, driving businesses and companies
straight into bankruptcy. Hacking into a PABX is not as complicated as some
people seem to think. The typical scenario that we find is an individual who has
a "demon dialer" hooked up to their personal home computer at home that doesn't
necessarily need to be a high powered machine at all but simply through the
connection of a modem into a telephone line system. Then this "demon dialer" is
programmed to subsequently dial with the express purpose of looking for and
recording dialtone. A demon dialer is a software program that automatically
calls thousands of phone numbers to find ones that are connected to computers. A
basic hacker tool that can be downloaded from the internet. They are extremely
easy programs to use. The intention is to acquire dialtone, that enables the
hacker to move freely through the telephone network. It's generally getting more
sinister. We are now seeing a criminal element now involved in term of the
crimes they commit, the drugs, money laundering etc. These people are very
careful they want to hide their call patterns so they'll hire these people to
get codes for them so they can dial from several different calling locations so
they cannot be detected.
The worlds telephone network is a vast maze, there are many places to hide
but once a hacker is located the phone company and police can track their every
move. The way they keep track is by means of a device called a "DNR" or a dial
number recorder. This device monitors the dialing patterns of any suspected
hacker. It lists all the numbers that have been dialed from their location, the
duration of the telephone call and the time of disconnection. The process of
catching a hacker begins at the phone company's central office were thousands of
lines converge to a main frame computer, the technicians can locate the exact
line that leads to a suspected hackers phone line by the touch of a button. With
the "DNR" device the "computer police" retrieve the number and also why the call
was made and if it was made for illegal intention they will take action and this
person can be put in prison for up to five years and be fined for up to $
7500.00.
The telephone network is a massive electronic network that depends on
thousands of computer run software programs and all this software in theory can
be reprogrammed for criminal use. The telephone system is in other words a
potentially vulnerable system, by cracking the right codes and inputting the
correct passwords a hacker can sabotage a switching system for millions of
phones, paralyzing a city with a few keystrokes.
Security experts say telephone terrorism poses a threat, society hasn't
even begun to fathom ! You have people hacking into systems all the time. There
were groups in the U.S.A in 1993 that shutdown three of the four telephone
switch stations on the east coast, if they had shutdown the final switch station
as well the whole east coast would have been without phones. Things of this
nature can happen and have happened in the past. Back in the old days you had
mechanical switches doing crossbars, things of that nature. Today all telephone
switches are all computerized, they're everywhere. With a computer switch if you
take the first word "computer" that's exactly what it is, a switch being
operated by a computer. The computer is connected to a modem, so are you and all
the hackers therefore you too can run the switches.
Our generation is the first to travel within cyberspace, a virtual world
that exists with all the computers that form the global net. For most people
today cyberspace is still a bewildering and alien place. How computers work and
how they affect our lives is still a mystery to all but the experts, but
expertise doesn't necessarily guarantee morality. Originally the word hacker
meant a computer enthusiasts but now that the internet has revealed it's
potential for destruction and profit the hacker has become the outlaw of
cyberspace. Not only do hackers commit crimes that cost millions of dollars,
they also publicize their illegal techniques on the net where they innocent
minds can find them and be seduced by the allure of power and money. This vast
electronic neighborhood of bits and bytes has stretched the concepts of law and
order. Like handbills stapled to telephone polls the internet appears to defy
regulation. The subtleties and nuances of this relatively new form to the words
"a gray area" and "right and wrong". Most self described hackers say they have
been given a bad name and that they deserve more respect. For the most part they
say hackers abide by the law, but when they do steal a password or break into a
network they are motivated by a helping desire for knowledge, not for malicious
intent. Teenagers are especially attracted by the idea of getting something for
nothing.
When system managers try to explain to hackers that it is wrong to break
into computer systems there is no point because hackers with the aid of a
computer possess tremendous power. They cannot be controlled and they have the
ability to break into any computer system they feel like. But suppose one day a
hacker decides to break into a system owned by a hospital and this computer is
in charge of programming the therapy for a patient there if a hacker inputs the
incorrect code the therapy can be interfered with and the patient may be
seriously hurt. Even though this wasn't done deliberately. These are the type
of circumstances that give hackers a bad reputation. Today anyone with a
computer and a modem can enter millions of computer systems around the world. On
the net they say bits have no boundaries this means a hacker half way around the
world can steal passwords and credit card numbers, break into computer systems
and plant crippling viruses as easily as if they were just around the corner.
The global network allows hackers to reach out and rob distant people with
lightning speed.
If cyberspace is a type of community, a giant neighborhood made up of
networked computer users around the world, then it seems natural that many
elements of traditional society can be found taking shape as bits and bytes.
With electronic commerce comes electronic merchants, plugged-in educators
provide networked education, and doctors meet with patients in offices on-line.
IT should come as no surprise that there are also cybercriminals committing
cybercrimes.
As an unregulated hodgepodge of corporations, individuals, governments,
educational institutions, and other organizations that have agreed in principle
to use a standard set of communication protocols, the internet is wide open to
exploitation. There are no sheriffs on the information highway waiting to zap
potential offenders with a radar gun or search for weapons if someone looks
suspicious. By almost all accounts, this lack of "law enforcement" leaves net
users to regulate each other according to the reigningnorms of the moment.
Community standards in cyberspace appear to be vastly different from the
standards found at the corner of Markham and Lawrence. Unfortunately, cyberspace
is also a virtual tourist trap where faceless, nameless con artists can work the
crowds.
Mimicking real life, crimes and criminals come in all varieties on the
internet. The FBI's National Computer Squad is dedicated to detecting and
preventing all types of computer -related crimes. Some issues being carefully
studied by everyone from the net veterans and law enforcement agencies to
radical crimes include:

Computer Network Break-Ins

Using software tools installed on a computer in a remote location,
hackers can break into any computer systems to steal data, plant viruses or
trojan horses, or work mischief of a less serious sort by changing user names or
passwords. Network intrusions have been made illegal by the U.S. federal
government, but detection and enforcement are difficult.

Industrial Espionage

Corporations, like governments, love to spy on the enemy. Networked
systems provide new opportunities for this , as hackers-for-hire retrieve
information about product development and marketing strategies, rarely leaving
behind any evidence of the theft. Not only is tracing the criminal labor-
intensive, convictions are hard to obtain when laws are not written with
electronic theft in mind.

Software Piracy

According to estimates by U.S. Software Publisher's Association, as much as
$7.5 billion of American software may be illegally copied and distributed
worldwide. These copies work as well as the originals, and sell for
significantly less money. Piracy is relatively easy, and only the largest rings
of distributors are usually to serve hard jail time when prisons are overcrowded
with people convicted of more serious crimes.

Child Pornography

This is one crime that is clearly illegal, both on and off the internet.
Crackdowns may catch some offenders, but there are still ways to acquire images
of children in varying stages of dress and performing a variety of sexual acts.
Legally speaking, people who provide access to child porn face the same charges
whether the images are digital or on a piece of paper. Trials of network users
arrested in a recent FBI bust may challenge the validity of those laws as they
apply to online services.

Mail Bombings

Software can be written that will instruct a computer to do almost anything,
and terrorism has hit the internet in the form of mail bombings. By instructing
a computer to repeatedly send mail (email) to a specified person's email address,
the cybercriminal can overwhelm the recipient's personal account and potentially
shut down entire systems. This may not be illegal , but it is certainly
disruptive.

Password Sniffers

Password sniffers are programs that monitor and record the name and
password of network users as they log in, jeopardizing security at a site.
Whoever installs the sniffer can then impersonate an authorized user and log in
to access restricted documents. Laws are not yet up to adequately prosecute a
person for impersonating another person on-line, but laws designed to prevent
unauthorized access to information may be effective in apprehending hackers
using sniffer programs. The Wall Street Journal suggest in recent reports that
hackers may have sniffed out passwords used by members of America On-line, a
service with more than 3.5 million subscribers. If the reports are accurate,
even the president of the service found his account security jeopardized.

Spoofing

Spoofing is the act of disguising one computer to electronically "look" like
another computer in order to gain access to a system that would normally be
restricted. Legally, this can be handles in the same manner as password sniffers,
but the law will have to change if spoofing is going to be addressed with more
than a quick fix solution. Spoofing was used to access valuable documents stored
on a computer belonging to security expert Tsutomu Shimomura (security expert of
Nintendo U.S.A)

Credit Card Fraud

The U.S secret service believes that half a billion dollars may be lost
annually by customers who have credit card and calling card numbers stolen from
on-line databases. Security measures are improving and traditional methods of
law enforcement seem to be sufficient for prosecuting the thieves of such
information. Bulletin boards and other on-line services are frequent targets for
hackers who want to access large databases or credit card information. Such
attacks usually result in the implementation of stronger security systems.
Since there is no single widely-used definition of computer-related
crime, computer network users and law enforcement officials most distinguish
between illegal or deliberate network abuse versus behavior that is merely
annoying. Legal systems everywhere are busily studying ways of dealing with
crimes and criminals on the internet.


TABLE OF CONTENTS

PHONE FRAUD.................................Pg1
NETWORK BREAK-INS...........................Pg6
INDUSTRIAL ESPIONAGE........................Pg7
SOFTWARE PIRACY.............................Pg7
CHILD PORNOGRAPHY...........................Pg7
MAIL BOMBING................................Pg8
PASSWORD SNIFFING...........................Pg8
SPOOFING....................................Pg9
CREDIT CARD FRAUD...........................Pg9