In 1938, German engineer, Zuse Conrad, assembled the first computer called the Z1. The computer was created to work and calculate mathematical problems. As the years went by, computers became electronically enabled and extremely functional to the level that programs and software offered people the capacity to store digital information and aid in daily tasks. The government and private establishments embraced what computers could hence adopted the technology. This enabled the organizations to enjoy the dependable capabilities of computers. In today’s societal model, the world circles around the functionality of the computer and internet connections, which allow for communication, business, running security systems and sharing information (Poulsen, 2011). Cybercrimes range from white collar crimes, exploitation, malicious coding and viruses, obscenity on the web, anarchy, hate over the web and stalking, among others.
With the increasing use and dependence on the computer and internet connectivity, hackers and digital criminals emerged committing offences over the internet. For instance, Max Ray Butler served the US government under the FBI as a computer consultant, but changed into a computer criminal later. A major crime he committed was hacking into the systems of American express and Citibank in 2003 stealing credit card identities and forcing members to conduct business with him, over his website. He was later arrested in 2007 and charged at Pittsburg, Pennsylvania and sentenced for 13 years. The charge was hacking and stealing credit card information. This only serves to show the depth of computer crime and cyber terrorism, which often goes undetected, or untraceable (Poulsen, 2011).
The relevance of investigations and digital forensics in digital crime and terrorism
Computer forensics emerged as a reaction to the increasing number of the crimes committed over computer systems, whether it involved an instrument used to commit a crime, an object of crime, or a repository of evidence of a criminal activity. The operations of computer forensics can be traced as early as 1984 when the FBI, among other law enforcement groups, began creating programs to evaluate computer evidence. Since then, agencies like the National Institute of Justice (NIJ) have ventures in computer forensic science. However, despite the development of these agencies, computer crimes are on the increase (Palmer, 2001).
Unfortunately, less than 2% of the crimes reported to the authorities end up with the conviction of the offenders (Jaishankar, 2008). This is mainly the case, as the methodology adopted in conducting digital forensics determines the outcomes of the investigation. During the execution of the forensics exercise, overlooking one step or interchanging any of the phases of the process may lead to the capture of incomplete or inconclusive findings, which lead to non-factual conclusions and inferences. Such an outcome will lead to a case where the criminal is not detected, or an innocent suspect suffers the consequences of the criminal activity. As a result, there is a need to develop a forensics model. The perfection of the digital investigations system used is also essential, if only cybercrimes are to be eliminated effectively (Noblett, Pollitt and Presley, 2000).
Cause theories associated with cybercrime and cyber terrorism
Jaishankar (2007) identifies the need for a theory to explain the causes of cybercrimes, which led to the formulation of the ‘Space transition theory’. The formulation of this theory was guided by the evident inadequacies in the general theoretical models used to explain the causes of these crimes. The theory focuses on explaining the nature of the behavior of the person that displays their non-conforming or conforming behavioral patterns within the cyber space as well as the physical space. Space transition insists that the members of society adopt different behavioral patterns when moving from one space to another (Jaishankar, 2008).
The theoretical model explains the causes of cybercrime and cyber terrorism through the following assumptions:
Individuals with inhibited criminal inclinations within the physical space tend to commit criminal activities on the cyberspace, which they would not commit within the physical environment because of their position and status.
Identity suppleness; dissociative anonymity and the absence of a way to control them at the cyberspace allows these offenders the choice to commit criminal activities
The criminal behavior of cybercriminals can be shifted to the physical environment, which can also be imported from the physical environment to the cyberspace and vice versa.
The sporadic ventures of these criminals into the cyber environment and the vibrant nature of cyberspace allows them the chance to escape possible tracking.
Strangers are much likely to bond at the cyber environment to carry out criminal activities within the physical environment. Criminal associates within the physical environment are likely to collude to commit criminal activities on the cyber platform.
Individuals from relatively closed communities are likely to commit crimes on the cyber environment than those from open and liberal communities.
Conflicts in the norms and values supported in the physical environment and those for the cyber environment may push individuals into cybercrimes.
Following the recent view of cyber criminology as an emerging center of criminal activity, a new theoretical model is required to explain the increasing incidence of cybercrimes and why they occur. The space transition model presented above explains the rising shift to cybercrime (Jaishankar, 2008).
The sociological theory of cybercrime and cognitive restructuring, according to Bartol & Bartol (2008) explains that criminal behavior as a social construction can be explored using different sociological perspectives. Based on such a blend of sociological theories, the causes of crime as well as the patterns of such crime can be exposed. The rationale for using the blend of theories is the fact that the complexity of crime does not allow for grouping criminal inclinations into a single theory. Using the differential association theory and the strain theory, cybercrime can be explained as a product of the shift to culture and the structural society delivered by the cyberspace, which different people are responding to, and the changing perception of the new world where information and crime can be committed anywhere.
The new perceptions of the new cyberspace include the anonymity of offenders, the ability to reach distant systems or societies, and the rapid development of the cyberspace. Using the differential association theory, cybercrime can be explained as a result of the acquisition of new messages and values from other people engaged in cybercrimes. The issues under the theory include the criminals they are associating with, the duration, the frequency and the closeness of the association.
With reference to the two theoretical models, inferences can be drawn that cybercrime and cyber terrorism are on the increase, mainly because the cyberspace offers the right environment for committing criminal activities anonymously. Also, the restrictions to crime imposed on the physical world, which have not yet been observed at the cyberspace, compel criminals into cybercrime. Further, the entry of criminals into cybercrime and the exposure of different people and their association with cybercrimes and cybercriminals pushes more people into cybercrime. Therefore, these theoretical models can be used to explain the increasing rates of cybercrime (Bartol & Bartol, 2008; Jaishankar, 2008).
Strategies for reducing or eliminating cybercrime and cyber terrorism
One strategy to reduce or stop cybercrime and cyber terrorism can be drawn from the cooperative strategy expressed through the initiative adopted by different countries, namely Canada, Australia, New Zealand, USA and the UK. The strategy involved the sharing of intelligence systems, strengthening and synchronizing the laws on cybercrime and swapping best practices and the tools used to handle cases of cybercrime. The strategy was launched in September 2006 at the FBI headquarters. Among the strategies discussed as useful, towards addressing these crimes include (FBI, 2008):
The collective creation of a comprehensive outline on the transnational cyber threat, identifying areas of vulnerabilities, and exposing current and upcoming trends, as well as the adoption of strategic initiatives by the partners.
Developing a special online law enforcement center, where intelligence and information can be shared. The partnership uses the FBI secure internet portal.
Launching of information bulletins to give information on emerging trends and threats; for the partnership; they drafted a bulletin on peer-to-peer and P2P file sharing programs, which prevent the leaking of vital information.
The exchange of cyber experts to serve in joint task forces, from where the experts can learn the investigative techniques of each other, for national use.
Offering training curriculums and workshops on international cyber professionals, who can develop ways of addressing the threat of cybercriminals.
Another strategy to prevent cybercrime will involve the creation of an Integrated Digital Investigation Project/Model (IDIP), which incorporates available strategies and upcoming strategies, towards ensuring that it exposes areas of crime and allows for effective investigations. The model can be developed by nations, organizations or even private establishments, to ensure their safety from cybercrime and crime terrorism (Noblett et al., 2000).
The readiness phase, despite the agency employing the model, will include training staff on dealing with incidents; and ensuring infrastructural readiness through ensuring that all required infrastructure are sufficient.
The deployment stage deals with the provision of a mechanism to detect and confirm any cybercrime incidents. This includes the detection of the incident and the appropriate staff or the groups notified. The second area under this stage is confirmation and authorization, where the reported incident is confirmed and authorization given through legal systems allowing for search warranting.
The physical crime investigation stage deals with the collection and analysis of evidence to recollect the events that took place during the incident. This stage involves the preservation of evidence, the survey phase where evidence is identified, and documentation involving capturing evidence at the crime scene. Next is the search and collection of physical evidence, which allows for the commencement of digital crime investigations. The previous stage is followed by reconstruction which involves organizing the findings from the analysis to develop a mold for the incident. Lastly, there is presentation, where the digital and physical evidence pieces are presented at corporate management or a court (Noblett et al., 2000)
Next is the digital crime investigations stage, which primarily involves the stages explained at the physical crime investigation stage, although the focus of this stage is on the collection of digital evidence only. Lastly, there is the review stage, where a review of the entire investigation is done, and the areas that could be improved identified. However, all these processes should be updated continually and matched with the evolving nature of cybercrime, which will allow for the effective address of the cybercrime and cyber terrorism threat (Noblett et al., 2000).
References
Bartol, C. R., & Bartol, A. M. (2008). Glossary In Criminal Behavior: a psychosocial approach (8th ed.). Upper Saddle River, New Jersey: Pearson Education, Inc. Pp. 637-652
FBI. (2008). Cyber Solidarity: Five nations, one mission. The Federal Bureau of Investigations. Accessed Sep 5, 2012 from: http://www.fbi.gov/news/stories/2008/march/cybergroup_031708
Jaishankar, K. (2007). Establishing a Theory of Cyber Crimes. International Journal of Cyber Criminology Vol 1, Issue 2, p. 7.
Jaishankar, K. (2008). Space Transition Theory of cybercrimes. In Schmallager, F., & Pittaro, M. (Eds.), Crimes of the Internet. Upper Saddle River, NJ: Prentice Hall. Pp.283-301
Noblett, M., Pollitt, M. and Presley, L. (2000). Recovering and Examining Computer Forensic Evidence. Forensic Science Communications, Vol 2, No 4.
Palmer, G. (2001). A Road Map for Digital Forensic Research. Technical Report DTR-T0010-01, DFRWS. Report for the First Digital Forensic Research Workshop (DFRWS).
Poulsen, K. (2011). Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground? New Jersey: Crown Publishers. p. 2.
