Computer Crime Can Be Classified

Computer Crime can be classified into two categories: crimes that use the computer as the primary instrument for felonies like identity theft or piracy; and crimes that use the computer and its related systems as the target such as systems hacking or viruses. Therefore, computer crime is a relatively broad designation. Criminal activities like operating black market economies in pharmaceuticals or for unauthorized distribution of copyrighted material do not depend on computers, however. For clarification the definition of computer crime should focus more clearly on the crimes that directly involve computers and their systems as targets. Viruses and hacking are two of the most well-known and potentially harmful types of computer crimes, or cybercrimes. From the teenager experimenting with rebellious software coding to the former FBI agent wreaking havoc on government systems, computer crimes can cause serious damage to property or human liberty. Because Internet banking has become commonplace, cybercrimes that involve identity theft can potentially affect hundreds of thousands of individuals. Viruses can destroy valuable data, and a hacker can conduct acts of terror by disrupting the computerized controls of a city's nuclear power plant. Because of the potential severity of cybercrimes, the Federal Bureau of Investigation and other law enforcement organizations are working to prevent and combat instances of computer crime.

Cybercrime, like terrorism, crosses international boundaries. A British man was recently busted for trying to hack into the FBI's computer systems, one of many examples of why computer crimes need to be investigated and dealt with differently than other types of crime. However, remote access to closed and secure systems is nearly impossible to arrange. Most sensitive data stored by government agencies or private corporations is not kept on servers that are connected to the Internet. Although Hollywood might make it seem that an eight-year-old kid with a PC can hack into the CIA's database, in reality such crimes are almost impossible to commit. Ex-employees, however, and disgruntled current employees can wreak enormous havoc. These inside jobs are of particular concern for all organizations with sensitive data.

Some computer crimes are less focused, driven by less specific motives. For example, computer viruses usually do not target one company or organization. Like the biological systems they are named for, computer viruses harm indiscriminately. A virus may spread relatively rapidly, invading computer systems worldwide and affecting individuals as well as organizations. Some hackers who code viruses intend to destabilize operating systems to expose inherent weaknesses, whereas others are far more mischievous and nefarious crimes. A BBC (2004) report describes most hackers as being harmless, even heroic. "Most hackers don't aim to cause problems, but they might send an anonymous email to the person in charge warning them of their security problem. Amongst other hackers, there is much honour to be gained by those who can 'crack the uncrackable' programs." Sometimes the media portrays hackers as genius geeks who relish being able to usurp the hegemony of Microsoft Windows.

Virus coding is sometimes less noble and is occasionally profit-motivated. Lovet (2007) notes that virus coders "can make a few hundred dollars for every criminal activity they engage in." Writing simple programs like Trojans does not require a degree in rocket science, either. Many coders are young and only have a few years' worth of computing experience. The BBC (2004) notes that "virus authors are normally 14- to 26-year-old males who spend a lot of time on their computers" and computer criminologists sometimes refer to them simply as kids," (Lovet, 2007).

Other types of computer crime include mail "bots" and large-scale SPAM endeavors that can disable ISPs by hogging bandwidth. Some computer criminals focus on identity theft. For example, some cybercafe owners use keystroke monitoring software to grab usernames and passwords that clients use to log into their bank accounts, or to grab credit card numbers. Phishing is another criminal technique used to cull bank account or credit card information. Lovet (2007) describes how simple and potentially lucrative phishing can be: "the total costs for sending out 100,000 phishing emails can be as little as $60. This kind of 'phishing trip' will uncover at least 20 bank accounts of varying cash balances, giving a 'market value' of $200 - $2,000 in e-gold." Most incidents of phishing and identity fraud are more easily carried out in countries with less lax laws regarding computer crime, fraud, embezzlement, and identity theft than in the United States (Lovet, 2007). However, one of the largest cases of consumer identity theft was carried out in the United States this year, when "at least 45.7 million credit and debit cards was stolen by hackers," (Swetenham, 2007).

Especially since September 11, law enforcement officials in the United States have been increasingly concerned about the possibility of cyberterrorism: the use of computer systems to harm or kill people. No act of cyberterror has been documented. However, all major public systems currently rely on computerized control systems and databases that, if tampered with, could cause serious damage. For example, hydroelectric dams are controlled and monitored by computers. Public transportation systems also depend on computer controls and monitoring. A terrorist who hacked into one of these systems could cut off a city's power, or trap millions of passengers in public transportation vehicles.

In 2004, the Council of Europe enacted a trans-national treaty regarding the prevention and prosecution of computer crime. The United States agreed to get on board with the convention in January 2007. The treaty largely targets organized crime and was designed to "protect citizens against computer hacking and Internet fraud, as well as crimes involving electronic evidence, including child sexual exploitation, organized crime and terrorism," (McCormack, 2006). The treaty does not address the problems of hacking and cracking directly, unless those activities are designed to perpetrate fraud or organized criminal activities and especially when those crimes crossed national boundaries.