This paper examines the definition, scope, and global dimensions of cybercrime. Beginning with the distinction between "computer crime" and "cybercrime," the paper traces how criminal behavior has migrated into digital spaces while also generating entirely new categories of illegal activity. It surveys cybercrime statistics from the United Kingdom, reviews country-specific examples from Israel to Estonia, and outlines the Internet's technical infrastructure as context for understanding how attacks occur. The paper also catalogs the U.S. federal law enforcement agencies responsible for investigating specific cyber offenses and discusses why the absence of international borders makes cybercrime particularly difficult to prosecute. The analysis draws on sources including the U.S. Department of Justice, Encyclopædia Britannica, and academic legal journals.
The paper demonstrates systematic categorical classification as an analytical strategy. Rather than treating cybercrime as a monolithic concept, it draws on multiple authoritative sources — Parker, Furnell, the DOJ, and Piazza — to layer progressively sharper definitions, culminating in a two-part taxonomy (computer as target vs. computer as instrument) that organizes the discussion of law enforcement jurisdiction.
The paper opens with definitional groundwork, distinguishing computer crime from cybercrime and establishing the Internet's technical architecture. It then surveys global cybercrime activity by country before pivoting to U.S. federal law enforcement jurisdiction. A reference table maps crime types to responsible agencies. The paper closes by emphasizing that cybercrime's borderless nature demands unprecedented international cooperation, returning to the paper's core argument about the seriousness of the threat regardless of what it is called.
Similar to the contention Shakespeare proposes about the merit of the name "rose" — that even if a rose were titled by a different name the fragrance would "smell as sweet" (Bartlett, 2000) — this researcher contends that any other name for cybercrime still stinks. Computer crime, according to Donn Parker (1998, cited by Whittaker, 2004, p. 232), differs from cybercrime in the following ways:
In computer crime, the perpetrator utilizes particular knowledge about computer technologies. In cybercrime, the crime is committed utilizing the Internet or, in order to proceed, requires explicit knowledge about networked cyberspace (Whittaker, 2004, p. 232).
Cybercrime, also known as computer crime, according to Dennis (2008), constitutes "the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. Cybercrime, especially through the Internet, has grown in importance as the computer has become central to commerce, entertainment, and government" (Dennis, 2008). Cybercrime obviously differs from traditional criminal activity in that a digital computer is utilized. Technology alone, however, proves insufficient as a basis for any possible distinction between different realms of criminal activity. Criminals do not have to use a computer to traffic in child pornography and intellectual property, commit fraud, steal an identity, or violate a person's privacy. These crimes existed before the "cyber" prefix became omnipresent.
"Cybercrime, especially involving the Internet, represents an extension of existing criminal behaviour alongside some novel illegal activities" (Dennis, 2008). In his book Cybercrime (2002), Steven Furnell explains that in computer crimes — such as fraud and misuse of personal data — where the crimes pre-date the emergence of contemporary technologies, computers contribute a supporting role. Cybercrimes consist of crimes such as viruses or hacking, where the action involves a direct outcome of information technologies. During 2006, 3,237,500 cybercrimes — or one cybercrime every ten seconds — were reportedly committed in the UK alone (One Cybercrime, 2007).
Categories and numbers of cybercrimes committed in the UK in 2006 included: online identity theft (92,000); online financial fraud (207,000); online offences against the person (1,944,000); computer misuse offences (144,500); and online sexual offences (850,000) (One Cybercrime, 2007).
Researchers suspect, however, that as much as 90% of all cybercrime goes unreported. Many victims do not report cybercrime due to an assumption that it does not actually qualify as criminal because it occurred online, or that law enforcement would not be able or willing to become involved (One Cybercrime, 2007). Along with cyberspace's rapid development, crime online has also grown. A number of criminal activities — "such as breaking into networks or exploiting weaknesses in systems using applications designed to take advantage of such networks, could not exist before the invention of computers," Whittaker (2004, pp. 232–233) stresses. "Others, however, such as fraud, spying or even terrorism, are simply the extension of actions that existed long before information technologies broke into the realms of cyberspace."
The U.S. critical infrastructure consists of private and public institutions in the areas of food, water, energy, agriculture, public health, emergency services, government, defense industrial base, information and telecommunications, transportation, banking and finance, chemicals and hazardous materials, and postal and shipping. Cyberspace constitutes the nervous system of these segments — the control system of the country. "Cyberspace is composed of hundreds of thousands of interconnected computers, servers, routers, switches, and fiber optic cables that allow our critical infrastructures to work" (Computer Crimes, 2008). Consequently, for a country's security and economy to function at their best, cyberspace must function in a healthy manner.
Data sent from one computer to another across the Internet is broken into small packets of information containing addressing information as well as a portion of the total message. The packets travel across the Internet separately and are reassembled at the receiving computer. There are two primary protocols that enable these packets of data to traverse complex networks and arrive in an understandable format. These protocols are: (1) the Transmission Control Protocol (TCP), which decomposes data into packets and ensures that they are reassembled properly at the destination; and (2) the Internet Protocol (IP), which guides or routes the packets of data through the Internet. Together they are referred to as TCP/IP. IP is essential to almost all Internet activities, including sending data such as e-mail. Data is transmitted based on IP addresses, which are a series of numbers. The Domain Name System (DNS) was developed to simplify the management of IP addresses. The DNS maps IP numbers to recognizable sets of letters, words, or numbers by establishing domains and a structured hierarchical addressing scheme (Computer Crimes, 2008).
Due to the spread of cybercrime, the Internet frequently does not work the way it should. Also as a result of the increase in cybercrime, the modern lexicon now includes several new definitions for words such as "Trojan Horse," "worm," and "identity theft" (Katyal, cited by Jones, 2007). The name "cyber," a commonly used contemporary prefix, evolves from the Greek word for navigator (Pangaro, 2007). In this sense, the answer to this study's research question — Could cybercrime exist without computers? — evokes a definite "yes." On the other hand, information about various contemporary cybercrime components could also yield a "no" answer. In a number of countries, some cybercrimes could not be committed without the use of a computer, while others do not require one.
The following country-by-country examples illustrate the global scope of cybercrime:
Israel: In the first six months of 2007, Israel had the most malicious activity per Internet user. In 2005, investigators revealed that a "Trojan Horse" program had infiltrated some 60 companies, which became Israel's biggest corporate espionage scandal. A number of companies came under investigation for allegedly stealing information from rivals.
United States: Online fraud has overtaken viruses as the greatest source of financial loss in the U.S. According to California-based security firm Symantec, in the first six months of 2007 the U.S. accounted for 61 percent of worldwide denial of service (DoS) attacks, which attempt to make computer resources unavailable to their intended users.
Panama: In Panama — as well as Turkey, Malaysia, and Singapore — the Russian Business Network is alleged to operate servers. The locations are disparate, presumably in order to spread the risk of being permanently shut down by any one country's police force.
United Kingdom: Around 3 million Internet crimes were committed in the UK in 2007. One of the most common is identity theft. In 2004, two people were arrested over an Internet crime ring called the Shadow Crew, which allegedly planned to defraud consumers and financial institutions out of hundreds of millions of dollars.
Nigeria: Online fraud is a burgeoning business in Nigeria. One common trick is to lure potential victims into a scam via an unsolicited email. The unwitting recipients are promised a large commission on a multi-billion-dollar fortune and are persuaded to open an online account to which they contribute funds, never to be seen again.
Russia: The shadowy Russian Business Network was reportedly launched by young computer science graduates and registered as an Internet site in 2006. After a period of legitimate activity, it has since been linked by security firms to child pornography, corporate blackmail, spam attacks, and online identity theft across the globe.
China: Bots are software applications that run automated tasks over the Internet. China has 29 percent of the world's bot-infected computers, with Beijing hosting the majority. Bots are often benign but can be used for nefarious tasks, such as harvesting email addresses from address books to help distribute spam.
Estonia: In 2007, Russian web users launched a "cyber-war" on the Estonian government, infecting 1 million computers with bots. This overwhelmed the country's networks by requesting more information than they were designed to handle. The effect was equivalent to 5,000 clicks per second, and many websites were forced to shut down.
Canada: In 2004, U.S. Secret Service agents arrested members of the Shadow Crew in Canada, who were using a website to orchestrate document forgery and drug operations. In Vancouver, one of their number was just 17 years old; he reportedly saw online underworld activities as a "rebellion against authority" (Cybercrime: Uncovered, 2008).
Piazza (2006) posits that the cybercriminals committing the massive number of cybercrimes are increasingly becoming specialists, loitering in dark corners of the Internet as well as in chat rooms and on message boards. Through "social engineering," Piazza (2006) explains one particular cybercrime not necessarily completed entirely online: "phone services" are used by hackers when they take over financial accounts. In this scenario, "if a bad guy wants to take over an account, he'll have someone else speak in a different language in a different location, and that's all they do. Their expertise is calling financial institutions for social engineering" (Piazza, 2006). According to Piazza (2006), cybercrime consists of any crime a person commits by using a computer or computer technology. He classifies various types of cybercrime into four primary categories:
1. Unauthorized access to computer programs and files; 2. Unauthorized disruption; 3. Theft of identity; and 4. Carrying out of traditional offenses — such as distribution of child pornography — using a computer (Piazza, 2006).
Ditzion, Geddes, and Rhodes (2003) contend that due to the myriad of diverse computer-related offenses, nothing less than the definition provided by the U.S. Department of Justice (DOJ) would suffice. The DOJ generally defines computer crime as "any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution" (Ditzion, Geddes & Rhodes, 2003).
The term "computer crime" not only includes traditional crimes committed using a computer, but also numerous technology-specific criminal behaviors that technologies and the exponential expansion of the Internet have spawned. The Internet has also given rise to numerous "cyberthreats," which can broadly be defined as "using computer technology to engage in activity that undermines a society's ability to maintain internal or external order" (Brenner, 2007). As cyberspace creates opportunities for individuals and groups to remotely commission attacks, perpetrators usually maintain their anonymity. More often than not, cybercriminals are not apprehended and remain unidentified (Brenner, 2007).
Even though an increased awareness exists regarding the significance of international cybersecurity, along with measures taken to improve capabilities, cyber risks continue to underlie national and global information networks, as well as the critical systems they manage. Decreasing these risks requires unprecedented, active partnership among diverse stakeholders in countries around the globe (Computer Crimes, 2008) — no matter what name the crime is given.
You’re 73% through this paper. Sign up to read the remaining 2 sections.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.