While in no way comprehensive, this is a list of four types of computer crimes complete with real life examples of individuals involved:
My first case is a classic example of a salami attack (Samaha, 2008). A salami attack according to Samaha (2008) is when a series of smaller computer assisted thefts that are aggregated into a substantial monetary sum. It’s a tactic that has long been utilized amongst white collar criminals, for the simple reason that thousands of very minute transactions, such as $0.01 to $1 are less likely to raise suspicions than a single transaction of the same amount.
Between November and March of 2008, Michael Largent, a 21 year old of Plumas Lake, California wrote a program which allowed him to take advantage of the practice of challenge deposits which companies like Google, E*Trade, Charles Schwab, and other companies use to validate a clients bank account (Sparkes, 2008, US Federal News Service, 2008, US Federal News Service, 2009). The program set up more than 58,000 user accounts which resulted in challenge transactions between $0.01 to $2.00 to be sent to accounts belonging to Largent; the funds, amounting to somewhere between $40,000 and $50,000, were then transferred into other accounts belonging to Largent, which prevented the companies from recovering the challenge funds sent to Largent’s accounts (US Federal News Service, 2008, US Federal News Service, 2009). An important element of Largent’s fraud is that his program created accounts using fraudulent names and social security numbers which under 18 U.S.C. § 1343 constitutes wire fraud (US Federal News Service, 2008).
In 2009 Largent plead guilty to computer fraud and was sentence to 15 months in prison, $200,073.44 in restitution, and three years of restricted computer and internet use following his release from prison (US Federal News Service, 2009). At sentencing, Judge England commented that Largent’s scheme was sophisticated and was perplexed why Largent hadn’t utilized his talent for lawful gains (US Federal News Service, 2009).
Salami attacks most likely fit closest under McQuade’s (2006) definition of a fraudster or thieve in which he writes that fraudsters or thieves are those who “phish, spoof, spim, or otherwise deceive people for financial gain.” While this may have been a contemporary method of employing fraud via salami attack, it is not the first, nor is it likely the last; therefore, organizations who deal in challenge transactions should be especially vigilant for this form of abuse.
The first time I’d heard of software piracy was when my father had been purchasing programs from a website for well below market value. The programs always came as a download with the installation key provided within a simple text file. I had always expressed that I thought the company sounded illegitimate because I didn’t believe the claims that the savings were due to lack of packing and distribution needs. Eventually my suspicions proved correct when the organization decided to cut and run and began charging small amounts of money to each and every one of their former customer’s credit cards, which traced back to Russia. I have since learned that software piracy is a booming business around the globe, even within the United States.
In March of 2010 the father and son duo of Robert and Todd Cook plead guilty to the sale of an estimated million dollars worth of counterfeit computer software (DOJ, 2010, ICE, 2010). The Cooks began operating websites offering pirated software for purchase no later than July of 2006 and were were so brazen as to even purchase advertising credits with several search providers (DOJ, 2010). The guilty pleas marked the 45th and 46th convictions for the Department of Justice relating to the online sale of pirated software (DOJ, 2010). The Cooks without question fall within the realm of cybercriminals which McQuade (2006) referred to as “music, movie, and software pirates” which he goes on to explain are those who “use IT to violate copyright laws by illegally copying, distributing, downloading, selling, or possessing software applications, data files, or code.” Each stands a potential sentence of 5 years in prison, a fine of $250,000 and 3 years on supervised release (DOJ, 2010).
International software piracy constitutes a significant global threat as revealed by the study conducted by Cunningham, Goulka, Matthies, Ridgeway, Treverton, and Wong (2009). In the study, they revealed that criminal organizations are increasingly turning to piracy as a lower risk profit making venture to fund more serious criminal ventures such as terrorism, human trafficking, and drug trade (Cunningham, Goulka, Matthies, Ridgeway, Treverton, & Wong, 2009). Just as William Bratton reduced muggings and homicides within the New York subway system by aggressively policing crimes such as toll jumping, continued vigilance against what seems to many to be the harmless crime of intellectual property infringement can have significant impacts on criminal organizations (McDonald, 2002).
The year two thousand saw the proliferation of one of the most notorious viruses ever to be released. On May 4th of 2000, email inboxes of millions of email accounts received emails with attachments named “LOVE-LETTER-FOR-YOU.TXT.vbs” (Seltzer, 2010). Unfortunately at the time, Microsoft had left visual basic scripting turned on for Microsoft Outlook and had begun hiding file extensions; therefore, most recipients thought the attachment was a simple text file (Seltzer, 2010). Once opened however, the script proceeded to infect the host computer with a virus that overwrote files with copies of itself in order to reinfect the host should it be cleared, then continued it’s proliferation by sending the same visual basic script to all the contacts in Microsoft Outlook’s address book (Festa & Wilcox, 2000, Seltzer, 2010). The virus managed to bring email servers to their knees from the traffic generated. In 2003, the estimated global damage caused by the love letter virus in August of 2000 alone exceeded 8.75 billion U.S. Dollars (Gaudin, 2003).
It did not take long for an ISP in Manila to recognize that an astounding amount of data was suddenly being sent to and from a website hosted on their servers (Festa & Wilcox, 2000). The FBI and Phillipines Justice Department began investigating and were lead to a suspect, one Onel A. de Guzman, a 24 year old dropout from a local college computer program (Arnold, 2000). De Guzman was living in the home where the ISP had indicated the virus originated, and professors at de Guzman’s university indicated that they had rejected his proposal for a thesis in which he would create a commercial virus for the purpose of stealing internet passwords (Arnold, 2000).
De Guzman has never outright admitted to writing the virus; however, he has regularly hinted that he did in fact write the love letter virus (Landler, 2000). At the time of the crime there was no law against writing malicious code, so de Guzman has not been formally charged with any criminal conduct and likely will not be as any laws are now ex post facto (Landler, 2000, Seltzer, 2010).
De Guzman considers himself a hacker and admitted to enjoying a pastime of regularly cracking security systems (Landler, 2000); however the virus itself would indicate that de Guzman was a malicious code writer as McQuade (2006) defines malicious code writers as those who “create, copy, or release disruptive or destructive viruses, trojans, worms, or adware and spyware programs.” This is especially pertinent as there appears to have been additional code contained in the virus which allowed it to dial home and adapt as the author wished; theoretically, the virus could have been readily been given instructions to modify itself to steal passwords, credit card numbers, or other information (Festa & Wilcox, 2000). For this reason I believe that de Guzman and his actions fit much more squarely in the category of malicious code writers and distributors.
In 2010 a 64 year old Pittsburgh attorney by the name of James C. Kuhn III plead guilty to possession of child pornography (USAO, 2010). Kuhn, who’s successful law office had a reported annual revenue in excess of $120,000, had been purchasing access to child pornography websites for $79.99 on no less than eight occasions (Manta, 2010, USAO, 2010). Child pornography was traced back to Kuhn’s law office by ICE investigators where computers were found to contain between 150 to 300 images of child pornography (ICE, 2010). In August Kuhn was sentenced to 50 months in federal prison to be followed by 15 years of supervised release, there was no news as to whether or not Kuhn had been disbarred (ICE, 2010, USAO, 2010). Kuhn is one of nearly 12,800 individuals who have been arrested by ICE agents from an operation called Operation Predator that began in 2003 (ICE, 2010).
As can be seen from the number of arrests, pedophile contributed cybercrime is a significant issue. Kuhn is what Holmes and Holmes (2009) describe as a “perverse lover of children” and is described as a paraphilia. Given his age and occupation, we can come to a conclusion that Kuhn was likely a regressed pedophile, meaning that he had likely experienced emotional setbacks which resulted in him defaulting to children as his sexual interest (Holmes & Holmes, 2009). Pedophiles of the regressed type find children non threatening in that they do not judge issues such as sexual performance (Holmes & Holmes, 2009).
It is my belief that the internet actually effects what Jeremy Bentham (via Schmalleger, 2009) termed hedonistic calculus. Hedonistic calculus holds that rewards must outweigh risks for individuals to engage in the activity; the anonymity of the internet has a tendency to obfuscate the existence of risks, thereby increasing propensity to become involved in criminal behaviors (Brasswell, McCarthy, & McCarthy, 2008, Schmalleger, 2009). I do not believe regressed pedophiles, who tend to become offenders based on availability, such as Kuhn would be as likely to become engaged in child pornography if it were not for the internet; furthermore, as sexual sadists, including the mysoped child molester, require a large amount of mental conditioning through pornography and gratification, the existence of the internet expedites the progression of a mysoped child molester toward harming children (Holmes & Holmes, 2009, Johnson, 2010).
According to McQuade’s (2006) definitions, Kuhn falls into the category of “stalkers, pedophiles, and other sex offenders” as one who uses “online and/or in-person methods, when needed, to acquire illegal sexual pleasure from or power over people.”
Arnold, W. (2000). Technology: Philippines to drop charges on e-mail virus. Retrieved from http://www.nytimes.com/2000/08/22/business/technology-philippines-to-drop-charges-on-e-mail-virus.html
Braswell, M.C., McCarthy, B.J., McCarthy, B.R. (2008). Justice, crime, and ethics 6th ed. Newark, NJ: Lexis Nexis.
Cunningham, K. J., Goulka, J., Matthies, C., Ridgeway, G., Treverton, G. F., Wong, A. (2009). Film piracy, organized crime, and terrorism. Rand Corporation. Retrieved from http://www.rand.org/pubs/monographs/2009/RAND_MG742.pdf
DOJ. (2010). Father and son plead guilty to selling counterfeit software worth $1 million. Retrieved from http://www.justice.gov/criminal/cybercrime/cookPlea.pdf
Festa, P., Wilcox, J. (2000). Philippine ISP cooperating with FBI in virus probe. Retrieved from http://news.cnet.com/2100-1001-240089.html
Gaudin, S. (2003). Virus damage worst on record for August. Retrieved from http://www.internetnews.com/stats/article.php/3071051
Holmes, R.M., & Holmes, S.T. (2009). Profiling violent crimes: an investigative tool. Thousand Oaks, CA: Sage Publications, Inc.
ICE. (2010). Father and son plead guilty to selling counterfeit software worth $1 million. Retrieved from http://www.ice.gov/pi/nr/1003/100311washingtondc.htm
ICE. (2020). Pittsburgh attorney sentenced following child pornography conviction. Retrieved from http://www.ice.gov/pi/nr/1008/100831philadelphia.htm
Landler, M. (2000). Filipino linked to ‘love bug’ talks about his license to hack. Retrieved from http://www.nytimes.com/2000/10/21/business/a-filipino-linked-to-love-bug-talks-about-his-license-to-hack.html
Manta. (2010). James C. Kuhn III. Retrieved from http://www.manta.com/c/mtcq1n9/james-c-kuhn-iii
McDonald, P. P. (2002). Managing police operations: implementing the New York crime control model – compstat. Belmont, CA: Wadsworth.
Johnson, I.A. (2010). Profiling: understanding sexual sadism. Retrieved from http://www.justiceguy.com/?p=56
Samaha, J. (2008). Criminal law 6th edition. Belmont, CA: Thomson Learning.
Schmalleger, F. (2009). Criminology today:an integrative introduction. Columbus, Ohio: Pearson.
Seltzer, L. (2010). ‘I love you’ virus turns ten: what have we learned? Retrieved from http://www.pcmag.com/article2/0,2817,2363172,00.asp
Sparkes, M. (2008, May 28). Hacker takes $50,000 a few cents at a time. Retrieved from http://www.pcpro.co.uk/news/201252/hacker-takes-50-000-a-few-cents-at-a-time
USAO. (2010). Attorney sentenced to prison for possessing child pornography. Retrieved from http://www.justice.gov/usao/paw/pr/2010_august/2010_08_27_03.html
US Federal News Service. (2009). Information issued by U.S. Attorney’s Office for eastern district of California on Sept. 17: Plumas Lake man sentenced to one year and three months in prison for computer fraud. US Federal News Service, Retrieved from http://proquest.umi.com.ezproxy2.apus.edu/pqdlink?Ver=1&Exp=09-24-2015&FMT=7&DID=1863473801&RQT=309&cfc=1 doi: 1863473801
US Federal News Service. (2009). Information issued by U.S. Attorney’s Office for the northern district of California on June 24: Plumas Lake man charged with Google checkout fraud. US Federal News Service, Retrieved from http://proquest.umi.com.ezproxy2.apus.edu/pqdlink?Ver=1&Exp=09-24-2015&FMT=7&DID=1502338001&RQT=309 doi: 1502338001
US Federal News Service. (2009). Pluman Lake man pleads guilty to computer fraud. US Federal News Service, Retrieved from http://proquest.umi.com.ezproxy2.apus.edu/pqdlink?Ver=1&Exp=09-24-2015&FMT=7&DID=1737974261&RQT=309 doi: 1737974261
US Federal News Service. (2009). Plumas Lake man charged with Google checkout fraud. US Federal News Service, Retrieved from http://proquest.umi.com.ezproxy2.apus.edu/pqdlink?Ver=1&Exp=09-24-2015&FMT=7&DID=1506477301&RQT=309 doi: 1506477301
US Federal News Service. (2009). Plumas Lake man sentenced to one year, three months in prison for computer fraud. US Federal News Service, Retrieved from http://proquest.umi.com.ezproxy2.apus.edu/pqdlink?Ver=1&Exp=09-24-2015&FMT=7&DID=1862218651&RQT=309 doi: 1862218651