THE CYBER CRIMES: WHY WE HARD TO MINIMIZE THESE CRIMES

By Muhamad Khairul B.
Introduction

Talking of information and communication technologies, at least until the recent time, can not be
separated with cyberspace. The development of information and communication technology, have
influenced many aspects of our society life, among others in the field of commerce (e-commerce),
government (e-government), and even the behavior of society that is initially based on paper media
(paper based) now become an electronic system (electronic based). The term cyberspace refers to
an electronic space (electronic space), which is a virtual community formed through communication
that exists within a computer network.

Every time we talk about information technology, it is difficult to separate it to network or internet.
There is no an aspect that no influenced by internet. Like how you communicate (email, chatting);
how you trade (ecommerce, online auction); how you search a job (online job, online employment)
and how you study (online learning).

Advanced technologies in information and communication technology, has enhanced the emergence
of application of business transactions and step by step wipe out old ways of business. One of the
main driving factors of developing information and communication technology in the field of
commerce (e-commerce) is characterized by globalization of trade in goods and services. Global
trade agreements have been accepted as the world, including Indonesia, which has ratified the
Marrakesh agreements and the establishment of the World Trade Organization (WTO) by Act No. 7
of 1994 on Agreement Establishing the World Trade Organization. Currently almost all countries
have joined the World Trade Organization (WTO).

Because information and communication technology interest many parties, like companies,
universities and governments development of this tremendous technology become more advanced
continually. It lead to provide more types of transactions more and more, increasingly sophisticated
and increasingly rapid process of completion.

As all technology has a dialectics attitude1, ICT also has vulnerability effects. Those vulnerable effects
are some business crimes (cyber threats, cyber crimes), such as violation of privacy, pornography,
counterfeiting, defamation, hackers, drug cartel, cyber squatting, international money laundering.
These negative effects lead many parties raises legal perspective, among others, civil law, criminal,
governance, public administration and international, and from the perspective of specialization in
law is the law of capital markets, banking, intellectual property rights, and taxes.

Problems in the Investigation of Cybercrimes

According to (Charney, 2009), the cyber threat is difficult to assess and mitigate for six reasons as
follows:

a) There are many malicious actors. Low cost computer technology, widespread Internet
connectivity, and the ease of creating or obtaining malware means that almost anyone can
engage in malicious activity. Indeed, the Internet is a great place to commit crime because it

1
A dialectics attitude means a technology, whatever it is, has two characteristics including benefit and
vulnerability. For example, a nuclear technology benefit us as an alternative energy as well as endanger us by
its radioactive wastes.
 provides global connectivity, anonymity, lack of traceability, and rich targets. Malicious actors
include individuals, organized crime groups, terrorist groups, and nation-states, and actions
that might serve to deter one group may be less effective against another.

b) There are as many motives as there are (many) actors. These motives may relate to traditional
areas of criminal activity (for example, fraud or the distribution of child pornography),
economic espionage, military espionage, or cyber warfare.

c) There are many different but commonly used attack vectors. Leaving aside supply chain and
insider threats, which pose their own challenges, remote attackers might take advantage of
product vulnerabilities, system misconfigurations, and social engineering. Because different
actors may use similar techniques, the nature of the attack might not yield reliable clues about
the identity of the attacker or the attacker’s motives. This fact, combined with anonymity and
lack of traceability, means that attributing attacks is very difficult, and punishment for
malicious activity is unlikely.

d) The Internet is a shared and integrated domain. It is shared by citizens, businesses, and
governments in a manner that makes it difficult to segregate one group from another.
Moreover, free speech, commercial transactions, espionage activities, and cyber warfare may
be occurring in this shared and integrated domain, all at the same time and over the same
transport medium. With a limited ability to parse actors and activities, tailored responses to
specific threats are extremely hard to craft.

e) The potential consequences of an attack are very difficult to predict. Certain nefarious activity
such as network scans or unauthorized system access may be a prelude to information theft, a
data integrity breach, or a disruption of service. Moreover, the complex interrelationships
between systems suggest that there may be unanticipated cascading effects, some which may
be more severe than even the intended effect. Finally, while some attacks may be obvious (for
example, a denial of service attack against a critical infrastructure) and generate a quick
response, other attacks may be hard to detect. Much has been written about the exfiltration
of data from sensitive systems; a more disconcerting scenario might be a critical alteration of
data. Not only can this be difficult to detect, but it may be difficult to discern when the data
was changed without authority, thus making it difficult to “roll back” to a known good state.

f) The worst-case scenarios are alarming. In the popular press, policy space, and think tanks,
these scenarios include disrupting critical infrastructure services, impeding key economic
functions, or imperiling public safety and national security (thus explaining oft-repeated
references to an “electronic Pearl Harbor”). The complexity of these scenarios, which results
part from massive interconnectivity and dependencies between systems that are not always
well understood, has made it difficult to develop a consensus regarding the probable
consequences of an attack. As for our ability to recover quickly from such an attack, society’s
increasing dependence on information technology systems and the data they contain may that
there is no longer an existing manual process with trained people to fall back on.

Because there many parties and motives included in cyber crimes, a question of “who” and “why”
cyber crimes do isn’t a crucial question. The most important question might how we manage this
rising phenomenon. Based on above points, we can simply conclude that cyber crimes have the
following characteristics:

a. High uncertainties. Because cyber crimes have many involved motives and actors. These
means we’ve difficulties to predict how much costs, time and other resources will be
provided to handle a cyber crime.
 b. Evolution of cyber crimes. Many papers have shown that internet activities are increasing in
many aspects of our lives, it also means that cyber crimes have tremendous benefits /
funding to steal away. This will invite the smartest crime criminals to do their acts in many
ways including combining or evolving many available techniques – lead to evolution cyber
crime techniques.

c. Decentralized resources. ICT, especially internet, can be accessed by many people around
the world including users from developing countries. Almost all developing countries lack on
skilled people, low funding and weak law enforcements and these contrary to those matters
in developed countries. This lead to a situation in which decentralized resources exist to
mitigate cyber crimes.

Conclusions

Mitigating cyber crimes is our great concerns because their high uncertainties, many interest parties
and lack resources to handle crime cases. In order to optimize cyber crimes handling we shall do the
following acts:

a. Involving many parties to minimize negative effects of ICT. It is an important step to involve
government(s); think thanks (universities, research units) and businesses. This act will
provide better resources including funding, knowledge and skilled people;

b. Providing training to developing country people. This act leads us to enhance developing
countries capabilities to handle cyber crimes;

c. Building world rescue teams to minimize and catch the cyber crimes. This team will
exchange some resources including criminal databases, cyber crime techniques as well as
law enforcement acts.
The Literatures.

CERT.org., some statistics on Cybercrime Cases.

Charney, Scott., Rethinking the Cyber Threat A Framework and Path Forward © 2009
Microsoft Corp. All rights reserved.

Norton’s Cybercrime Report.