Cybercrime is an absolutely new type of crime that has appeared with the creation and of the Internet. A term cybercrime means a crime that is made with the use of computer technologies but it includes a few categories, such as: unauthorized access to the computer/computers network of organization or individual; disruption; another category of the cybercrime is a very popular nowadays theft of identity; and finally the traditional offenses that include the child’s pornography, and other similar cases. (Youm, 2003)
According to Jones (2006) the Internet age has bring a new aspect into relations of technology and the law. It’s important to understand that the major change happened to the flow of the information, because there is a virtually limitless stream of information now that can be accessed all around the globe. The development of the e-commerce is tremendous and so it’s obvious that the cases of cybercrime in the e-commerce aren’t rare.
I would like to research the issue of the e-commerce crime which is very common nowadays and causes significant damage to the US and other countries. It is known the cybercrime creates a loss of the US economy in the amount of $100 – $250 billion per year.
The development of the e-commerce in the recent years was accompanied by the development of the e-commerce cybercrime. Nowadays it is a substantial part of the marketing activity of any company/corporation and the websites of these organizations often become the targets of for the cyber criminals.
The websites connected with the electronic networks and the cases of cybercrime towards the websites may result in the total disruption of the company’s business activity and may seriously harm its reputation and profits. In brief, even the business itself may be lost due to the actions of cyber criminals.. Among the consequences of the cybercrime is the loss and damage of many companies’ reputations.
I should indicate that the risk of the e-commerce crime may be decreased by establishing effective control measures. The effective measures include the issuing of various levels of assurances. The major task for any of these measures is to save the trust of customers because the trust is a crucial and the most important condition of success for any e-commerce activity. Therefore it’s critically important to prevent, detect, investigate, and prosecute this type of crimes. The protection and defence of the marketing information systems against any possible internal and external intrusion or threat includes the protection of the information processing. That is why one of the most top-rated issues in the e-commerce crimes prevention is the information security management.
The major problem related to the legislation that may be applicable to the cybercrime is that there is some kind of the disconnect between the real world and real business and the cyberspace. That is why it is not a surprise that these technological advances have caused the serious problems for the policymakers who have worked on closing the gap in the legislation that would allow to regulate not only the real world but also the technological world.
Of course, it’s an attractive opportunity for the criminals who may try their luck in the new technological environment and therefore the types of these crimes evolve and the new definitions for these crimes even appear, for instance, ‘identity theft’ or ‘phishing’.
The traditional law enforcement model often doesn’t serve that effective in the case of the cybercrime as it helps in the cases of traditional crime (crime that happens in the real space of the physical world). Therefore each investigation of the cybercrime case allows the crime professionals to improve their knowledge and skills in this complex field.
The case of First Data Corp (2000)
First case of the e-commerce crime that I would to present is the attack made by the private hacker on the Western Union branch of First Data Corp. It happened in 2000 and was one of the first cases of e-commerce crimes with a big number of victims. Over 15,700 customers have suffered because of this perpetrator who hacked the First Data Corp website. The company has informed the authorities about the crimes immediately. (Smith & Smith, 2011)
The cyber crime in the present case included an unauthorized access and disruption and the theft of identity and financial information.
The forensic methods that were utilized in the case included the typical forensic analysis which is a manual review of material on the media (the team search the topics that were similar to the mentioned crime, they looked for the keyword searches for topics related to this e-commerce crime and extracted the electronic data and correspondence for check). The team has used the forensic software and applied the basics of digital evidence analysis.
It should be noted that the forensic investigation teams included both FBI and CIA, Finally, they have come to conclusion that the e-commerce crime in the present case happened during a routine maintenance process. The files of the Western Union branch of First Data Corp customers were left unprotected by the worker of this branch and therefore were available for the cyber attack. (Smith & Smith, 2011)
The financial loss wasn’t counted in the full amount but it has caused serious damage to the reputation of the First Data Corp. (Smith & Smith, 2011) Such cyber crime attacks allow hackers to make the purchases by using the stolen credit-card information.
Besides the obvious direct losses from the cybercrime, the major loss is the customers loyalty to the company and their confidence in the safety. As the result, the investors, analysts and creditors are seriously concerned with the situation, because the market value and image of the organization that has suffered from the cybercrime may become much weaker.
The case of City Newsstand Inc (2010)
The cyber crime causes serious damage not only to the multinational corporations but to small firms as well. As an example, I would like to suggest discussing the case of City Newsstand Inc that took place in 2010, which was not a famous case but nevertheless it may become a problem for many small businesses in the US and that is why it’s crucial to investigate such cases. (Fowler & Worthen, 2011)
Chicago-based company has lost $22,000 as the result of the cyber attacks that were made on the payment system of the company’s shops. The information that included customer credit-card details was received by the criminals in Russia. The whole investigation was held at the expense of the owner of City Newsstand Inc, because the MasterCard Inc required the detailed investigation of this case. (Fowler & Worthen, 2011)
The cyber crime towards the small business is so easy to implement, because these companies often have weak security systems and no IT staff. These are the major reasons why the small companies have become one of the most attractive targets for the cyber criminals. (Fowler & Worthen, 2011)
In the case of City Newsstand there was no IT staff, only the owner who had some experience with computers. The outside technology consultant found the hacking software that was removed from the company’s computer system. The next step of the owner was the hiring of the forensic investigators from the local company the Trustwave Inc. (Fowler & Worthen, 2011)
The forensic investigators made the thorough review of the computer system, and aprogram was found in the result of the investigation. This program made the credit-card numbers available to the hackers from Russia and it appeared that it had been acting since 2009 till that moment it was found in 2010. (Fowler & Worthen, 2011)
Unfortunately in this case the investigation didn’t have any result and there was no support for this small company from the local law enforcement authorities. Chicago police did not provide the comments for City Newsstand case.
The establishment of the intrusion detection techniques such as tripwires, configuration-checking tools, and anomaly detection systems is the most important condition of the defense against the cybercrime. In any case the research of the existing cases of different types of cybercrime is required in order to prevent the future cases. (Schwabe, Davis & Jackson, 2001)