What Is Cybercrime Training?
Cybercrime, [1] refers to the general term for an actor using computer technology to attack his system or information with the aid of the network, destroying or using the network for other crimes. This includes both the use of programming, encryption, and decoding techniques or tools by the actor to commit crimes on the network, and the use of software instructions by the actor.
Internet Crime
- Cybercrime, [1]
- In 1997, the revision of China's criminal law absorbed some of these crimes into the criminal code, and the theory of criminal law has long discussed this type of crime. But regardless of existing theoretical results or current
- Compared with traditional crimes, cyber crimes have some unique characteristics: low cost, rapid spread, and wide spread; high interactivity, concealment, and difficulty in obtaining evidence; serious social harm; cyber crimes are typical computer crimes [ 4].
- First, the cost is low, the spread is rapid, and the spread is wide. As far as e-mail is concerned, it costs much less than traditional mailing, especially for mail sent abroad. With the development of the Internet, you can send e-mails to many people in just a few seconds by typing a keyboard. Theoretically, the recipients are people from all over the world.
- Second, it is highly interactive and concealed, making it difficult to obtain evidence. The development of the Internet has formed a virtual computer space, which has not only eliminated national borders, but also broken social and spatial boundaries, making it possible for two-way, multi-directional communication and communication. The description of everything in this virtual space is just a bunch of cold password data, so whoever masters the password is equivalent to gaining control of property and other rights, and can log in to the website anywhere.
- Third, serious social harm. With the continuous development of computer information technology, from defense, power to banking and telephone systems are now digital and networked. Once these departments are invaded and destroyed, the consequences will be unimaginable.
- Fourth, cyber crime is a typical computer crime. At present, there are many views on what is the theory of computer crime. Among them, the dual theory (that is, the criminal act that the perpetrator uses the computer as a tool or the attack object) is more scientifically defined. Cyber crimes are more common crimes of peeping, copying, changing or deleting computer data and information, crimes of distributing destructive viruses, logic bombs, or placing backdoor programs, which are typical computer-based crimes. Insult, defamation and intimidation crimes, as well as crimes such as cyber fraud and abetment, are crimes committed by using a virtual space formed by a computer network as a criminal tool and a crime venue. [3]
- 1.Intelligence
- The technicality and specialization of the crime methods of computer crime make it extremely intelligent. For computer crimes, criminals need to have considerable computer skills. They need to have a high level of expertise in computer technology and be good at practical operations to escape.
- 1. Subject of crime
- The subject of crime refers to the natural persons and units that carry out acts that endanger society and should be held criminally responsible in accordance with the law. The author believes that the subject of cyber crime should be a general subject, which can be either a natural person or a legal person. Judging from the specific manifestations of cybercrime, the subjects of crime are diverse. People of all ages and professions can commit cybercrime, and the harm to society is not much different. Generally speaking, the subject of cyber crime must be an actor with a certain level of computer expertise, but a person with computer expertise cannot be considered a special subject. According to the prevailing opinions of the Chinese criminal law academics, the so-called special status of the subject refers to the personal qualifications, status, or status of the actor's criminal responsibility as provided for in the criminal law. People who have specific positions, engage in specific businesses, have specific positions, and have specific personal relationships are often considered special subjects. Although China has awarded engineers with professional titles in computer science and issued various computer grade qualification certificates, etc., judging from the case of cyber crimes, a considerable number of people are highly qualified without certificates or titles. At the same time, we should see that today, with the computer as the network, the requirements for so-called people with computer expertise will become higher and higher, and cyber crime will become more and more common. It is not accurate to use such standards as computer expertise . In addition, the development of the Internet has brought new vitality to the development of e-commerce. In order to compete for new market space for corporate legal persons, it should not be surprising that cyber crimes are the main body of legal persons.
- 2,
- (1) Types of crimes committed on the computer network: the crime of illegally hacking into a computer information system;
- There are several reasons for the formation of cybercrime psychology:
- (1) Curiosity and desire to express are important reasons for the formation of cybercrime psychology. Curiosity is human nature, and computers and networks provide an ideal space to satisfy people's curiosity. For information security, some networks only allow legitimate users to use, while illegal users use passwords to deny them access. Cyber hackers are those illegal users who are faced with unreadable data and their curiosity stimulates them to crack passwords or enter computer viruses. The desire to show is usually everyone's, and some black cell crimes are just to show the superb computer skills.
- (2) Talk about juvenile legal consciousness and serious lack of law-abiding habits make it easier for criminal psychology to form. Needless to say, the backwardness of China's legislation and law enforcement is a fact, and the legislation on computer crime is relatively behind the development of computer network technology. The first computer network crime found in China was in 1993, and the computer crimes listed in the Criminal Law were in 1997. China's network police team has just been established, and its team building and functions must be gradually carried out. The inadequate crackdown on cybercrime has undoubtedly contributed to the formation of cybercriminals' criminal psychology.
- (3) The physiological characteristics of the perpetrator. The age of the offenders is between 19-30 years. People of this age are very energetic and very capable of accepting new things. Computer network as a new thing is bound to be loved by young people. It is particularly fast to accept. Parents are clearly at a disadvantage in terms of the speed at which they can learn and accept computer network knowledge. In addition, many parents have no interest in learning computer networks themselves, or do not understand network knowledge at all, so they cannot educate and guide teenagers to use computer networks correctly. In this special national situation, social situation and family atmosphere, the use of the Internet by young people is also carried out in the absence of family supervision, and the results of its free development can be imagined. Moreover, people between the ages of 19 and 30 have basically been separated from family education and restraint, and their behavior is completely controlled by themselves. In addition, the convenience of using the Internet and weak legal awareness have transformed them from being calm before people to The fuse of the "villains in the network".
- (4) The psychological characteristics of computer cybercriminals are almost no guilt. The Internet is a virtual world, and all actions are performed in a very hidden personal environment. At the same time, many networks in China seldom consider security precautions at the initial stage of network construction. After the network was delivered and used, the level of network system management personnel could not be improved in time, which created opportunities for hackers. Hackers need only a computer, a telephone line, and a modem to commit crimes over long distances. Moreover, the use of computer network crimes leaves almost no trace, and the existing scientific and technological means are not easy to detect the whereabouts of hackers. All these make people who use the computer network to commit crimes lose their guilt, and promote the formation and externalization of their criminal psychology. [5]
- (I) Impact of hacker culture on cybercriminals
- Hackers have their own ethics. Its contents include:
- 1.The use of computers should be unrestricted and complete
- 2.All information should be free
- 3. Doubt authority and promote decentralization
- 4.You can create art and beauty on your computer
- 5. Computers will make your life better
- These moral principles originated from the ideas and spirit of young people in the 1960s to be free and unrestrained and to resist the existing system. Although hacking has only meant disruption to computer technology and information network technology, "hackers are pathological computer addicts who cannot control their irresponsible compulsive behavior." And, according to tradition, hackers are accustomed to seeing themselves as elites who dare to surpass the rules. All of them are ambitious and consider themselves to be the new electronic world
- Due to the particularity of cybercrime, the key to detecting cybercrime cases is to extract the electronic evidence left by cybercriminals. Electronic evidence is easy to delete, tamper with, and easy to lose. In order to ensure the originality, authenticity, and legality of electronic evidence, professional data replication and backup equipment should be used to copy and back up electronic evidence during the collection of electronic evidence. Data replication equipment is required to have read-only design and automatic calibration.
- At present, there are many electronic evidence collection equipment in China, including DataCopy King multi-function copy erasure detection integrated machine (DCK for short), Data Compass data compass (DC), network police computer forensics investigation box, etc. Which consists of
- Countries around the world have cracked down on cybercrime, but selling pirated CDs, posting obscene pictures, and hacking into other people's websites is still rampant. The main problem is the extremely low rate of cybercrime detection. The main reason is:
- 1. Defects of the Internet itself
- The predecessor of the Internet, ARPANET, was mainly developing a decentralized network system that was not damaged by war. Its purpose was to smoothly transfer information from the transmitting end to the destination. Therefore, data security or network security was not the purpose of ARPANET's design at the time. This is why business websites on the Internet are vulnerable to hacking.
- 2. The proliferation of hacking software
- At present, the operating systems on the network are mainly Microsoft Windows NT and UNIX. These operating systems or some software have more or less vulnerabilities. Some people use these vulnerabilities to design some attack programs and upload them to the network to spread everywhere. .
- 3 Cross-regional and cross-border nature of the Internet
- The Internet itself is cross-regional, national, and national, with no space restrictions. Therefore, online pornography cannot be eliminated. Even if pornographic websites in one country are banned, they cannot effectively ban pornographic websites in other countries. Network information spreads quickly, there is basically no space-time limitation, and the scope of influence is extremely wide and the levels are extremely numerous. On the Internet, the source website can be faked, the identity of the offender may be hidden, and the evidence of cybercrime is extremely limited, its proving power is greatly reduced, and it is extremely easy to be destroyed. Therefore, the issue of prosecution for crime becomes very critical.
- 4 The disadvantages of online commerce
- Judging from the past fraud cases of using credit cards to purchase products on websites, it is found that these websites do not use SET or SLL's online payment security mechanism. Users only need to enter the credit card number and the validity date of the credit card to replace the entity. Credit card process in the store. These two pieces of information are transmitted to the settlement center and require authorization, because there is no credit card process, and the credit card number and validity period can be easily obtained, which opens a convenient door for online fraud. According to a survey published by the British Trading Standard Institute, 25% of websites are not secure, and hackers can obtain customer credit card information and more. At the same time, I also found that online shopping has problems such as slow delivery and high prices. The agency also found that 38% of orders were not delivered on time and 17% of orders were not delivered.
- 5. Uncertainty of the nature of the Internet
- The nature of publishing information on the Internet is not at all covered by traditional ideas. Some people think that online service providers, similar to newspaper publishers, presumed that they had reviewed the content to be published like traditional publishers before the web page was published. These contents are the default. Some people think that this analogy is very inappropriate. However, I feel that Internet service providers like bookstores are only sellers of information and do not bear the responsibility of censorship. Both cases have emerged in the United States. However, their responsibilities are very different. For bookstores, the United States' Defamation Act provides great protection (Smith v. California, 1959). Some courts have applied this case law to online service providers, greatly reducing their liability.
- 6. Different judicial standards
- Many websites or pornographic websites that sell pirated CDs are legally located in countries where the law does not prohibit them. If these websites do not violate the laws of the country in which they are located, even if they violate the laws of other countries, the country where the server is located can neither handle nor provide legal assistance. Only when the content of the website violates the laws of the two countries can there be a basis for cooperation. In the case of different national judicial standards, the power to combat cybercrime is inadequate.
- There is a typical example in the United States. Due to the explosion of pornographic websites, the US Congress has sought to restrict pornographic content on the Internet, and passed the Communication Decency Act (CDA) in 1996 as part of the Electronic Communications Competition and Regulation Act. The CDA prohibits the transmission of obscene items to minors through computer networks or other electronic communication media. The law provides for up to five years in prison and a fine of $ 250,000 for intentional violators.
- (I) Governing the Network with Technology
- Cybercrime is a high-tech crime committed by using computer technology and network technology. Therefore, the prevention of cybercrime should first rely on technical means to govern the network with technology. The main measures are:
- Firewall technology. The software uses a set of user-defined rules to determine the legitimacy of the data package (Package), and thus decides to accept, drop or reject.
- Mobile devices will be new targets for cross-platform threats
- The three major mobile platforms targeted by cybercriminals include Windows 8, Android and iOS. Web-based cross-platform attacks will be more likely to occur. Microsoft mobile device threats will show the highest growth rate in 2013. Cybercriminals are like legitimate application developers, focusing on the most profitable platforms. With the removal of development barriers, mobile threats will be able to leverage vast shared link libraries. Also, attackers will continue to increase the use of social engineering to steal user data from mobile devices.
- Cybercrime uses detours to avoid sandbox detection
- More and more organizations are using virtual machine protection technology to test for malware and threats. As a result, attackers have also taken new steps to avoid detection by the virtual machine environment. Some potential methods try to identify sandboxes, just like previous attacks targeted the specific antivirus engines and turned them off. These advanced attacks will remain hidden until they determine that they are not in a virtual security environment.
- App stores will imply more malware
- More and more malicious apps will bypass the verification process. They will continue to pose a threat to organizations that implement the Bring Your Own Device (BYOD) policy. In addition, jail-broken or rooted devices and app stores without standard protection will pose serious risks to more and more companies that implement BYOD.
- Sponsored attacks will only increase as newbies join
- More governments are expected to engage in the Internet war. After several open Internet wars, many factors will prompt more countries to implement these strategies and tactics. Although it may be difficult to become another nuclear power, almost any country can pool talent and resources to develop Internet weapons. Both national and individual cybercriminals will have access to previously state-sponsored attack blueprints such as Stuxnet, Flame and Shamoon.
- Hackers will move towards new and complex technologies
- Some high-profile hacking incidents in recent years have prompted organizations to deploy increasingly strong detection and prevention policies, programs, and strategies. As a result, hackers will move towards new and complex technologies.
- The malicious email is back
- Time-sensitive and targeted spear-phishing email attacks and the increase in malicious attachments provide new opportunities for cybercrime. Malicious emails are set to storm again. Domain generation technology will also bypass existing security protections and improve the effectiveness of targeted attacks.
- Cybercrime will invade content management systems and web platforms
- WordPress's security weaknesses are frequently invaded by numerous attacks. With the popularity of other Content Management Systems (CMS) and service platforms, cybercriminals will frequently test the security of these systems. Attacks will continue to penetrate legitimate Web platforms, prompting CMS managers to pay more attention to updates, patches and other security measures. Cybercriminals have penetrated these platforms in order to implant their malware, infect users and invade organizations to steal data. [7]
Cybercrime Brazil
- In November 2012, the Brazilian Senate considered Internet crimes as criminal offences for the first time when it reviewed the new Criminal Code. The new law provides detailed instructions and convictions for hacking computers, stealing passwords, and illegally blocking websites, such as illegally hacking another person's computer and being sentenced to three months to one year in prison; remotely controlling computers to illegally steal private information, business and company secrets May be sentenced to six months to two years [8] .
- Brazil is doing this because cybercrime is rampant in recent years. According to statistics from the Brazilian Banking Federation, in 2011, criminal activities committed by criminals using the banking network service system increased by 60% over the previous year, resulting in economic losses of 1.5 billion reais for banks and customers (1 reais approximately 0 $ 5); and an investigation report shows that in 2012 cybercrime cost Brazil a total of 15.9 billion reais.
- In addition, hackers have invaded the website of the Brazilian Presidential Palace twice since 2011, and have "hacked" the websites of the Senate, the Ministry of Defense, the National Geographic Statistics Agency, and the Central Bank. Celebrity privacy has also been violated, such as hacking the computer of the famous Brazilian actress Carolina Dickman, stealing her personal information and exposing private photos.
- Brazilian experts believe that the lack of specific laws previously restricted the crackdown on cybercrime, and some judges were unable to rely on convictions and sentencing when handling cybercrime cases. At this moment, the Brazilian Parliament has not only added the content of combating cybercrime in the Criminal Law Code, but also stepped up its review of the Basic Law on Internet Administration submitted by the government to make clearer regulations on the quality of services, development goals and basic principles of the Internet.
Cybercrime Japan
- Japan had faced the same problem. When there is no special law to crack down on cybercrime, suspects such as those who produce and distribute computer viruses can only be convicted of "violating copyright laws" or "damaging artifacts" after being arrested.
- In response, the Plenary Session of the Japanese Senate passed a criminal law amendment in June 2011, criminalizing the production of viruses, and the law officially entered into force on July 14 of that year. The "crime of making virus" clause of this law stipulates that the act of creating or providing a virus for the purpose of maliciously infecting another person's computer is punishable by a prison term of less than three years or a fine of less than 500,000 yen; Acts of "acquiring" or "storing" viruses are punishable by imprisonment of less than two years or a fine of less than 300,000 yen.
Cybercrime Russia
- Russian legislation strengthens children's protection from inappropriate online information. The Russian parliament passed an amendment to the "Prevention of Children's Exposure to Information that is Harmful to Their Health and Development" in July 2012, and came into effect in November of that year. The law stipulates that the Russian Communications, Information Technology and Mass Media Supervision Bureau can blacklist websites that provide information on drug use, suicide and child pornography according to reports, and then commission telecommunications operators to notify website owners to immediately delete the relevant pages. If the website owner refuses to implement it, the regulatory authority has the right to prevent the transmission of information on the website by blocking the IP address or filtering the content.
- The new law has the support of the general public. The results of surveys conducted by the All-Russian Public Opinion Research Center, the Ledawa Center, and other polls show that 60% to 70% of Russians believe that it is necessary to restrict the spread of bad information on the Internet through laws. The online illegal information reporting website set up by the supervision department received more than 3,000 reports on the day of opening on November 1, 2012, and as a result, six illegal websites were included in the "blacklist".
- Russia is also actively advocating international regulation of the Internet by the state. In December 2012, the Russian delegation put forward initiatives such as "network sovereignty" at the ITU Conference in Dubai; previously in September 2011, Russia submitted international information security to the United Nations with Uzbekistan, Tajikistan, and China. The draft protection law proposes that the spread of information promoting terrorism, separatism and extremism on the Internet, destabilizing the economic, political, and social stability of other countries should be restricted, and an international network management system should be established. [9]
Cybercrime China
- In January 2019, the Supreme Law issued 5 guiding crime cases for severely punishing cybercrimes in accordance with the law, including crimes such as damaging computer information systems and opening casinos online. [10]
- The use of WeChat group gambling is common and serious. Guiding Case No. 105 "Hong Xiaoqiang, Hong Liwo, Hong Qingquan, Li Zhirong Opening a Casino Case" and Guiding Case No. 106 "Xie Jianjun, Gao Lei, Gao Erjing, Yang Zebin Opening a Casino Case" explicitly for profit, through invitation People who join the WeChat group to participate in gambling by betting size, single and double, or set gambling rules to "grab red packets", etc., use WeChat group control and management to continuously organize online gambling activities for a period of time, all of which fall under the criminal law. Open a casino. "