Some reports show that computers are used in as many as 80% of all crimes. Either a computer is used as a tool to commit the crime, a computer or network is the victim of a crime, or the computer is used in planning, tracking, and controlling the crime. So, although more computers are involved in the criminal process, it's commonly thought that only one-tenth or so of all the crimes committed against and using computer systems are detected.
How could this be true? It is difficult to develop accurate numbers regarding the detection and reporting of computer crime. Many crimes go undetected, and others that are detected are never reported to law-enforcement agencies or the general public. Some companies are worried about a possible negative image; others are afraid that it might make them appear vulnerable. Another big issue with computer crime is determining who has jurisdiction. If a user in country A hacks a computer in country B to attack a company in country C, who has the right or ability to prosecute the crime? The United States has proposed legislation that will claim jurisdiction over any criminal activity that travels through a U.S.-controlled portion of the Internet, regardless of starting or destination country.
Software Piracy
The unauthorized copying and sharing of software is considered software piracy, which is illegal. Don't think that the copy of that computer game you gave a friend is hurting anyone? Software piracy is big business. The International Intellectual Property Alliance (IPPA) says that major U.S. copyright industries claimed in 1996 alone a loss of more than $2.8 billion domestically due to piracy. Internationally, the losses were more than $18 billion.
Major software companies are fighting back and have formed the Software Protection Association, which is one of the primary bodies that actively fights to enforce licensing agreements. Microsoft and others are also actively fighting to protect their property rights. The Business Software Alliance and The Federation Against Software Theft are both international groups targeting software piracy.
Terrorism
It would be hard to include a section such as this and not talk about terrorist attacks. These individuals are definitely in a category of their own. Their attacks typically target innocent civilians. Although not all terrorists directly target networked devices, known as cyberterrorism, most use computers in preparing their deeds. Attacks can also be carried out remotely, which means they are harder to detect and deter. In the end, no one knows exactly how terrorists will use the Internet in their next attack or exploit, but they likely will use computer systems in some way.
Pornography
Although some debate might arise on the legality of adult porn, child pornography is illegal in the United States and most other countries. Child porn is not specifically a computer crime, but the Internet allows it to be distributed, so this falls under a computer crime activity. The individuals who deal in child porn are pedophiles and are directly tied to violent crime.
Child pornography is just part of the problem. Some reports have indicated that more than 200,000 individuals in the United States are hopelessly addicted to Internet porn. If that statistic doesn't capture your attention, this should: The same sources also found that about 70% of Internet porn traffic occurs between 9 a.m. and 5 p.m. This raises the question of acceptable use policies (AUPs). U.S. law requires companies to provide a safe workplace where employees are free from sexual harassment and offensive behavior. Therefore, companies that fail to enforce AUPs could find themselves in legal hot water.
The CISSP Cram Sheet
A Note from Series Editor Ed Tittel
About the Author
Acknowledgments
We Want to Hear from You!
Introduction
Self-Assessment
The CISSP Certification Exam
Physical Security
Security-Management Practices
Access-Control Systems and Methodology
System Architecture and Models
Telecommunications and Network Security
Applications and Systems-Development Security
Operations Security
Business Continuity Planning
Law, Investigations, and Ethics
Cryptography
Practice Exam 1
Answers to Practice Exam 1
Practice Exam 2
Answers to Practice Exam 2