The Dark Side of the Internet: Cybercrime
Annette Hübschle considers the implications of the radical growth of the Internet, social networking sites and email platforms on computer-related or cybercrimes.
Annette Hübschle, Senior Researcher, Organised Crime and Money Laundering, ISS Cape Town Office
By the end of 2010, an estimated 1,97 billion people around the world were using the Internet. Of these, about 111 million were in Africa.
With the recent events in Tunisia, Egypt and Libya, this number is likely to have grown substantially in the past few months. Close to 18 million Africans were using Facebook by August 2010 – this constitutes 16% of the total number of Facebook users worldwide, according to http://www.internetworldstats.com
As many as 68,5 million people use twitter on a daily basis. In the third week of January 2011, 122 319 crisis related tweets were sent from North Africa and Yemen, by the following week this number had increased to 1 317 233.(‘How Egyptians used Twitter during the January crisis’, http://mashable.com/2011/02/01/egypt-twitter-infographic). And 2,8 million emails per second are sent out every day, an estimated 70% of which are spam.
The power of the Internet is undeniable: most sectors of society rely and depend on it. The ‘digital divide’ between the developed and developing world is increasingly ‘bridged’. It is therefore important to examine the implications of the radical growth of the Internet, social networking sites and email platforms on computer-related crimes.
The nature of computer-related crimes has changed since the introduction of transistor-based computers in the 1960s. Back then, criminalisation of offences focused on the physical damage of computer systems and stored data. By the 1970s, there was a shift from property crimes against computers to new forms of crime relating to the use of computers. This included the illegal use of computer systems, the manipulation of electronic data and computer-related fraud. With the introduction of personal computers and the wider distribution of computer systems in the 1980s, computer technologies and software grew in importance. Tied to this was the emergence of software piracy and patents- related crimes. The growing interconnection of computer systems enabled criminals to conduct criminal business without being present at the crime scene. Myriad new forms of crime followed when the World Wide Web hit computer screens in the 1990s.
The distribution of child pornography morphed from a physical exchange of books and audiovisual materials to online distribution through website and Internet services. Most importantly, the Internet gave computer-related crimes a transnational dimension. Cybercrime today comprises a collection of offences ranging from illegal content to some forms of economic crime. Hacking, phishing, spamming, cracking, sniffing and the production and dissemination of malicious code were unknown before the computer age. Meanwhile ‘ancient’ crimes such as fraud, identity theft, economic crime and the distribution of child pornography have increased incrementally, aided and abetted by various platforms on the Internet. According to the United Nations Office on Drugs and Crimes’ Terrorism Prevention Branch, terrorists use the Internet to propagate, recruit, train and finance their activities. Increasingly, criminals and terrorists use Internet – based email interfaces and social media for covert communication.
What is the extent of the problem? International crime analysts rely on national crime statistics and surveys but these fail to reflect the international dimensions of the problem. Moreover, statistics only list crimes that have been both detected and reported. There are valid concerns that the number of unreported cases may be significant. Consider the example of advance fee fraud where the victim is tricked into advancing sums of money with the hope of realizing great financial gain. Also known as 419 scams (the number ‘419’ refers to the article of the Nigerian Criminal Code dealing with fraud), the scams depend on the likelihood that victims are too embarrassed to report the crime.
Financial institutions and banking institutions tend to under-report computer-based fraud, industrial espionage, viruses and hacking as this may negatively affect their reputation. As a result there is less data than there should be on cybercrime in South Africa, the region and the continent. A report released by the Southern African Banking Risk Information Center (SABRIC) in 2010 ranks South Africa as the 3rd most victimized country, after the US and UK, with regards to online banking manipulation or phishing. Nigeria is considered the source of most malicious Internet activity in Africa.
Cyber crime is now recognized to be a priority crime by law enforcement agencies, business and banking associations in the region. The Directorate of Priority Crime Investigations (the Hawks) in South Africa regards it as a priority crime, as does the Southern Africa Regional Police Chiefs Cooperation Organisation (SARPCCO). The United Nations Office on Drugs and Crime has been commissioned to conduct a comprehensive study on the problem of cybercrime, which may lead to the drafting of an international convention on cybercrime.
When it comes to combating cybercrime, legislative, investigative and judicial shortcomings have been noted. The effective investigation and prosecution of cybercrime may require the establishment of new offences. As the cybercriminal could be anywhere in the world, international co-operation is critical. South Africa’s Electronic Communications and Transactions Act of 2002 only empowers so-called ‘cyber inspectors’ to search, seize and arrest within the borders of South Africa. They cannot act beyond the borders of South Africa. The outlook for the rest of Southern Africa is as bleak with most countries lacking basic legal frameworks against cybercrime.
As a basic step, law enforcement officials need to cooperate with the inventors and patent holders of computer technologies such as computer hardware and software companies, reformed hackers and others. Computer users have to be educated on the risks as the lack of awareness and negligence of end users is propelling cybercrime. Data protection and personal responsibility for what is communicated in cyberspace may assist in curbing the tide. While it is necessary for states to implement measures against cybercrime, a careful balance has to be struck between policing cyberspace and allowing freedom of expression, access to information and basic privacy rights. We should condemn any attempts by the state or criminals to shutdown the Internet, or specific domains lest there be evidence of a serious threat. In borrowing from a controversial campaign for a different criminal activity: the fight against cybercrime starts on our own computers, laptops and handsets.
