Michigan State University

Ask a Librarian | Hours | Account     Support MSU Libraries


Criminal Justice Resources :

Cybercrime


 


Cybercrime is regarded as computer-mediated activities which are either illegal or considered illicit by certain parties and which can be conducted through global electronic networks. This web page includes resources related to cyberstalking, electronic crime, high-tech crime, internet crime, etc. Separate pages have also been created to focus on fraud and identity theft.
Cyber crime entry from the Encyclopedia of Crime and Punishment, Volume 1, 2002.
Provides commentary on Criminalizing The Internet, Computers As Targets Or Criminal Tools, Page-jacking, Internet Fraud, Online Child Pornography, Sale Of Prescription Drugs And Controlled Substances, Online Sale Of Firearms, Online Gambling, Online Encryption, Internet Securities Fraud, Intellectual Property Theft, Cyberstalking, and Challenges For Law Enforcement.


"International estimates indicate that cybercrime costs approximately $50 billion annually. More specifically, cybercrime costs the United States more than $5 billion per year. In England, cybercrime is estimated to cost approximately 250 million pounds or $417.7 million annually..."

"In fact, only about 10% of all cybercrimes committed are actually reported and fewer than 2% result in a conviction. This is primarily due to two reasons. First, businesses and financial institutions feel that they have more to lose by reporting computer security breaches. They argue that customers will lose confidence in the company if business and financial transactions are know to be insecure. Second, a majority of cybercrime victims do not report crimes against them, assuming that law enforcement will provide little or no assistance...."

"Cybercrime: Facts & Figures Concerning the Global Dilemma", an article by Chris Hale appearing in Crime & Justice International, Vol. 18, no. 65, September 2002, pp. 5-6, 24-26.


Cyber-crime has reached epidemic proportions. More than 90 percent of the corporations and government agencies responding to a recent survey reported computer-security breaches in 2001. Disgruntled employees and hackers commit many cyber-crimes, and others are committed by con artists using the Web to perpetrate auction fraud, identity theft and other scams. Credit-card users are only liable for the first $50 of fraudulent charges, but financial institutions get hit hard. Identity thefts cost them $2.4 billion in losses and expenses in 2000. Some policymakers, wary of Internet-facilitated terrorist attacks, call for tough, new laws to prevent computer crimes. Others fear that such initiatives will trample on civil liberties. Still others want legislation to make Microsoft and other computer-software companies liable for damages caused by their software-security failures. Article by Brian Hansen, CQ Researcher, Vol. 12, no. 14, April 12, 2002. Note: Access restricted to MSU faculty and students and other subscribers of CQ Researcher.
According to the U.S. Department of Justice, the Internet “provides unparalleled opportunities for socially beneficial endeavors—such as education, research, commerce, entertainment, and discourse on public affairs—in ways that we may not now even be able to imagine. By the same token, however, individuals who wish to use a computer as a tool to facilitate unlawful activity may find that the Internet provides a vast, inexpensive, and potentially anonymous way to commit unlawful acts …” (The Electronic Frontier: The Challenge of Unlawful Conduct Involving the Internet, 2000).
 

Web Sites | Articles and Publications | Telephone Hotlines


Web Sites

Anti-Phishing Working Group
http://www.antiphishing.org/
"Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them." This interest Group' mission is to "to provide a resource for information on the problem and solutions for phishing and email fraud."
(Last checked 09/22/09)

Avoid Fraud
http://www.avoid-fraud.com/
A new web site which aims to teach people how to discover, to avoid, to fight and to protect from any kind of fraud and scams, particularly online fraud.
(Last checked 09/22/09)

Computer Crime and Intellectual Property Section
Criminal Division
U.S. Department of Justice
see Cybercrime.gov

Computer Crime Research Center (CCRC)
http://www.crime-research.org/
Founded in 2001, the Computer Crime Research Center (CCRC) is an independent institute dedicated to the research of cyber crime, cyber terrorism and other issues of computer crimes and internet fraud phenomena. The CCRC is a non-profit organization composed of professionals dedicated to education in the field of computer crimes and cyber terrorism prevention and investigation. CCRC members represent Ukrainian and International researchers. From January 2004, CCRC became a part of World Anticriminal and Antiterrorist Forum (WAAF) in Ukraine.
(Last checked 09/22/09)

Computer Forensics World
http://www.computerforensicsworld.com
(Last checked 09/22/09)

Corporate Crime Reporter
http://www.corporatecrimereporter.com/index.html
Online version of the legal newsletter, which focuses on what used to be termed "white collar" crime, that is crimes committed without the direct threat of violence. The newsletter investigates and publishes information about what it terms "financial crimes," and attempts to illegally curry favor with the government and its politicians and, thus, to illegally influence political actions.
(Last checked 09/22/09)

Critical Infrastructure Protection
http://www.iwar.org.uk/cip/
The Critical Infrastructure Protection directive (PDD-63) calls for a national effort to assure the security of the increasingly vulnerable and interconnected infrastructures of the United States. Such infrastructures include telecommunications, banking and finance, energy, transportation, and essential government services. The directive requires immediate federal government action including risk assessment and planning to reduce exposure to attack. It stresses the critical importance of cooperation between the government and the private sector by linking designated agencies with private sector representatives. This web site provides links to: Essential Documents, Articles, News Watch, etc.
(Last checked 09/22/09)

CyberAngels
http://www.cyberangels.org/
Dedicated to educating Internet users about problems of safety and security online.
(Last checked 09/22/09)

Cybercop Portal
https://cybercop.esportals.com
Cybercop’s mission is to provide individuals an ultra-secure web-based environment to promote and facilitate the sharing of sensitive information among a cohesive network of law enforcement, first responders, homeland defense and law enforcement related professionals from all levels of government; international, federal, state, local and the private sector, regardless of department affiliation and jurisdictional boundaries. Note: Access restricted; participation is by invitation only. For more information, contact Kevin Manson, Co-Founder, Cybercop Portal.
(Last checked 09/22/09)

Cybercrime.Gov
http://www.cybercrime.gov/
The U.S. Justice Department has found a new way to help prevent cybercrimes -- hit them right at the source. To fight hackers, pirates, encryptors and snoops, the Justice Department unveiled a new Web site -- cybercrime.gov -- where it will publish press releases, speeches, testimony to Congress, legal texts and Justice Department reports, according to a Reuters report. Also included on the Web site is a link to the Justice Department's list of "Do's and Don'ts," to help educate parents and children on keeping safe on the Internet.
(Last checked 09/22/09)

Cybercrime Research Centera http://www.cyberbullying.us/
An information clearinghouse for parents, teachers, researchers, and others concerned about adolescent aggression carried out online maintained by Sameer Hinduja (Florida Atlantic University) and Justin W. Patchin (University of Wisconsin-Eau Claire).
(Last checked 09/22/09)

Cyber Criminals Most Wanted LLC
http://www.ccmostwanted.com/
(Last checked 09/22/09)

DigiCrime, Inc.
http://www.digicrime.com/dc.html
Advice on hacking, shoplifting, phone-tapping and money laundering. . . Or is it? A satirical look at crime on the Internet.
(Last checked 09/22/09)

FindLaw's Cyberspace Law : Computer Crime
http://www.findlaw.com/01topics/10cyberspace/computercrimes/sites.html
In addition to providing general web links on cyber crime, this site also compiles web links on child pornography, cryptography, cyberfraud, cyberstalking, cyberterrorism, cybertheft, economic espionage, software infringement, and other topics.
(Last checked 09/22/09)

The Global State of Information Security 2005
http://www.cio.com/archive/091505/global.html
A worldwide study by CIO and PricewaterhouseCoopers reveals a digital landscape ablaze, with thousands of security leaders fighting the flames. But amid the uncertainty and crisis management, there’s an oasis of strategic thinking. Scott Berinato. CIO Magazine, September 2005.
(Last checked 09/22/09)

High Technology Crime Investigation Association (HTCIA)
http://htcia.org/
Web site contains membership information, conference information, computer crime web links, and information about commercial forensic training and/or software for high tech investigators.
(Last checked 09/22/09)

High Tech Crime Network
http://www.htcn.org/
(Last checked 09/22/09)

How to Report Internet Crime
http://www.usdoj.gov/criminal/cybercrime/reporting.htm
Report Internet-related crime, like any other crime, to appropriate law enforcement investigative authorities at the local, state, federal, or international levels, depending on the scope of the crime. This Department of Justice site tells you how.
(Last checked 09/22/09)

Information Security Oversight Office
http://www.archives.gov/isoo/
(Last checked 09/22/09)

Internet Crime Complaint Center
http://www.ic3.gov/
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). IC3's mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. Formerly called Internet Fraud Complaint Center.
(Last checked 09/22/09)

Internet Fraud Watch Site
National Fraud Information Center
http://www.fraud.org/ifw.htm
The Internet Fraud Watch maintains a website on which registered users can leave comments about e-commerce transactions and other related issues. The site, which is operated by the National Consumer League, has links to United States Federal Government consumer related departments, selected state government and state private agency consumer issue websites, as well as links to a few Canadian, a few international and a few organization websites. There is a feature article and an archive of past articles on consumer fraud issues.
(Last checked 09/22/09)

Internet ScamBusters Ezine
http://www.scambusters.org/
A free electronic newsletter (zine) to help you protect yourself from Internet scams, misinformation and hype. Web site has information on how to subscribe as well as selections from back issues.
Also listed under Fraud
(Last checked 09/22/09)

Internet Security Threat Report
http://enterprisesecurity.symantec.com/content.cfm?articleid=1539
The Symantec Internet Security Threat Report (Volume VIII, September 2005) is an analysis and discussion of Internet security activity over the past six months. It covers Internet attacks, vulnerabilities, malicious code, and future trends. This edition of the Threat Report, covering the first six months of 2005, marks a shift in the threat landscape. Attackers are moving away from large, multipurpose attacks on network perimeters and towards smaller, more focused attacks on client-side targets. The new threat landscape will likely be dominated by emerging threats such as bot networks, customizable modular malicious code, and targeted attacks on Web applications and Web browsers. Unlike traditional attack activity, many current threats are motivated by profit. They often attempt to perpetrate criminal acts, such as identity theft, extortion, and fraud. Earlier volumes are also available from this web page.
(Last checked 09/22/09)

McWhortle Enterprises (SEC Scam Site)
http://www.mcwhortle.com/
Web site for a fictitious company called McWhortle Enterprises. Claiming to have invented a revolutionary biohazard detection device, the company announces a stock investment opportunity which will return 400 times the original investment. In reality the site was created by the Securities and Exchange Commission to warn investors about fraudulent investment sites on the Internet. The site drew 150,000 hits in 3 days. Source: College of William and Mary New Government Publications January 2002.
(Last checked 09/22/09)

National Fraud Information Center
Internet Fraud Watch Site
http://www.fraud.org/
Created by the National Consumers League to counter telemarketing and Internet fraud, the National Fraud Information Center (NFIC) web site offers tips for consumers to avoid common telemarketing and Internet fraud. The site also provides a list of the most popular telemarketing scams. There is also a special section with tips to help the elderly avoid fraud. At the site, visitors may submit questions and report suspected cases of fraud.
Also listed under Fraud.
(Last checked 09/22/09)

Nigerian Fraud E-Mail Gallery
http://potifos.com/fraud/
A collection of over 400 scam letters by Larry Kestenbaum from the University of Michigan The bait is the fictional millions of dollars described in each one of these letters. The goal is to get you to come up with money for the "expenses" required to transfer those millions to you.
(Last checked 09/22/09)

Operation Cyber Sweep (FBI)
http://www.fbi.gov/cyber/cysweep/cysweep1.htm
Provides a nice round-up of current cyber crime enforcement actions.
(Last checked 09/22/09)

Project Safe Childhood
http://www.projectsafechildhood.gov/
The Project Safe Childhood Web Site provides information to help federal, state, and local law enforcement officials investigate and prosecute Internet crimes against children. In addition to other resources, the Web site includes guidelines for law enforcement and other partners on how to implement Project Safe Childhood. (OJP)
(Last checked 09/22/09)

Security-Focus.Com
http://www.securityfocus.com/
SecurityFocus.com is designed to facilitate discussion on security related topics, create security awareness, and to provide the Internet's largest and most comprehensive database of security knowledge and resources to the public. It also hosts the BUGTRAQ mailing list.
(Last checked 09/22/09)

Takedown
http://www.takedown.com/
Everything you need to know about the capture of Kevin Mitnick, "America's most wanted computer outlaw."
(Last checked 09/22/09)

www.cybercrime.gov
http://www.usdoj.gov/criminal/cybercrime/index.html
Topics covered include: computer crime such as hacking, intellectual property crime, and related topics. Sponsored by the Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the U.S. Department of Justice. Also includes breaking news.
(Last checked 09/22/09)


Articles, Speeches, or Publications

50 Ways to Protect Your Information Assets When Cruising the Internet
http://www.all.net/journal/50/cybercop.html
CyberCops are particularly vulnerable to exploitation when they are doing investigations on the Internet. To help them, and others who want to be safer when cruising the Internet, Fred Cohen and CyberCop.org (Kevin Manson) provide this list of the 50 ways to protect your information assets when cruising the Internet. Courtesy of Fred Cohen & Associates: Strategic Security Intelligence.
(Last checked 09/22/09)

2004 Deloitte Global Security Survey
http://www.deloitte.com/dtt/cda/doc/content/GFSISE.pdf
"The goal of [the survey] is to help participants assess the state of information security within their organization relative to other comparible financial institutions around the world..." Areas covered include: governance, investment, value, risk, responsiveness, use of security technologies, quality of operations, and privacy. Respondents include: "31 of the top global financial institutions ranked by 2002 assets; 23 of the top global banks ranked by 2002 tier-1 capital; 10 to the top 50 global insurers ranked by 2002 assets." 83% of respondents indicated they had experienced security breaches this year, up from 33% in 2003. 36pp.
Also listed under Corporate Security.
(Last checked 09/22/09)

2005 Deloitte Global Security Survey
http://www.deloitte.com/dtt/cda/doc/content/dtt_financialservices_2005GlobalSecuritySurvey_2005-07-21.pdf
Deloitte's third annual Global Security Survey was produced with input from Chief Security Officers and security management teams from financial services industry organizations around the world. It attempts to provide broad insight around the question: How does the information security of my organization compare to that of my counterparts? Congratulations are in order for all of the respondents whose technology has been so strengthened that their organizations are far less attractive to security breaches from hackers who target their systems. But the silver lining has a cloud: since fraudsters will always target what they perceive to be the weakest link, their efforts are now focused on the human factor. In particular, phishing and pharming (luring people to disclose sensitive information by using bogus emails and websites) are two new security threats that financial institutions faced in the past year.
(Last checked 09/22/09)

2006 Deloitte Global Security Survey
http://www.deloitte.com/dtt/cda/doc/content/Deloitte%202006%20Global%20Security%20Survey(2).pdf
Leading financial institutions experienced a huge surge in the number of security attacks over the past year according to the Deloitte 2006 Global Security Survey released today. More than three-quarters (78%, up from 26% in 2005) of the world’s leading 150 institutions surveyed confirmed a security breach from outside the organization. "Almost half (49%, up from 35% in 2005) experienced at least one internal breach – confirming last year’s survey findings that internal breaches are an increasing threat." The fourth annual survey found that the top three most common attacks the global financial industry experienced over the past 12 months, both externally and internally, aimed to extort some form of monetary gain. "Phishing and pharming accounted for more than half (51%) of the external attacks, followed by spyware or malware utilisation (48%). "Insider fraud (28%) and leakage of customer data (18%) were cited by respondents among the top three most common internal breaches."
(Last checked 09/22/09)

Agencies, Companies Urged To Set Guidelines for Fighting Cyberterrorism
http://www.govexec.com/dailyfed/1102/110102td1.htm
The war on cyberterrorism requires law enforcement agencies and the private sector to develop guidelines and protocols for sharing information about network vulnerabilities and cyber attacks, according to government and industry leaders. "Face-to-face relationships are great, but we need to go beyond that," Chris Painter, deputy chief of the Justice Department's Computer Crime and Intellectual Property Section (CCIPS), said during a cyber-security forum at Computer Sciences Corp. headquarters in Falls Church, Va. Scott Charney, Microsoft's chief security strategist, said information sharing would improve if law enforcement and industry worked together to establish "recognized procedures" about how cybersecurity information would be handled. Article by Molly M. Peterson, GovExec.com, Nov. 1, 2002.
(Last checked 09/22/09)

CIO Cyberthreat Response and Reporting Guidelines
http://www.csoonline.com/response/index.html
CIO Magazine worked with the Secret Service, the FBI and industry leaders to create guidelines for reporting security incidents — what to report, who to report it to, and how. This valuable document includes phone numbers of Federal and local law enforcement agencies and a reporting form that you can use at your organization.
(Last checked 09/22/09)

Clinton Addresses Cyberterrorism
http://www.epic.org/security/infowar/clinton-infowar-199.html
On January 22nd, President Clinton proposed a $1.46 billion initiative designed to protect the U.S. against attacks from cyber, biological and chemical terrorism. The President's Cyber Corps plan will be included in his fiscal 2000 budget proposal to be submitted in February. If approved by Congress, the plan will help fund four new initiatives: 1) a research project to detect intruders trying to break into critical computer systems; 2) building crime detection networks, starting with the Department of Defense; 3) creating information centers in the private sector to encourage private-government cooperation on cyberthreats; and 4) bolstering the government's ranks of computer experts able to prevent and respond to computer crises. Source: Bytes in Brief, February 1999.
(Last checked 09/22/09)

Clinton Pushes National Cyberterrorism Center
http://www.govexec.com/dailyfed/0199/012799t2.htm
President Clinton will unveil a national center for warning of, and responding to, attacks on computers that control Wall Street, banking, utilities and air traffic by early March, the president's chief cyberterrorism adviser told National Journal's Technology Daily January 26, 1999.
(Last checked 09/22/09)

Computer Attack and Cyber Terrorism: Vulnerabilities and Policy Issues for Congress
http://www.fas.org/irp/crs/RL32114.pdf
CRS report by Clay Wilson, October 17, 2003.
(Last checked 09/22/09)

Computer Crime
http://www.state.nj.us/sci/
The State Commission of Investigation and the Attorney General of New Jersey have released a joint report on Computer Crime defining the wide scope of criminal activities that have proliferated with the explosive growth of the Internet and other forms of computer and telecommunications technology, including child sexual abuse, fraud, identity theft, hacking, and espionage. June 2000.
(Last checked 09/22/09)

Computer Crime and Comprimised Commerce
http://www.aph.gov.au/library/pubs/rn/2003-04/04rn06.pdf
Australia, House of Commons, Department of the Parliamentary Library, Research Note no. 6, August 11, 2003.
(Last checked 09/22/09)

Computer Crime and Security : LC Science Tracer Bullet TB 94-1, March 1994
http://lcweb2.loc.gov/sctb/
A compilation of resources from the Library of Congress. To retrieve item, type in "computer crime and security" in tracer bullets title box.
(Last checked 09/22/09)

Corporate America Now on Front Lines of War on Terror
http://er.lib.msu.edu/alpha_all.cfm?type=Electronic%20Journal&letter=C
Choose ComputerWorld, then Sept. 9, 2002 issue. Note Restricted to MSU faculty and students.
Proponents of critical-infrastructure protection, particularly in the area of cybersecurity, face many of the same challenges that terrorism experts encountered prior to Sept. 11: Few in the private sector perceive that there's an imminent threat to the digital homeland, and fewer still acknowledge terrorists' ability to and willingness to adapt their tactics to take advantage of America's digital Achilles' heel - its information networks. The reality of the threat to the nation's critical infrastructure, particularly in the areas of power, telecommunications and emergency services, was demonstrated in June when the federal government cosponsored an exercise known as Blue Cascades. Dozens of government and private-sector representatives from five US. states in the Pacific Northwest and three Canadian provinces confronted the very real potential for cascading infrastructure failures resulting from combined physical and cyberterrorist incidents. Article by Dan Verton appearing in Computerworld, vol. 36, issue 37, Sep 9, 2002, p.7.
(Last checked 09/22/09)

Critical Infrastructure Protection:
Efforts of the Financial Services Sector to Address Cyber-Threats
http://www.gao.gov/new.items/d03173.pdf
The General Accounting Office released a report in January that looked at the general nature of threats to cyber-security in the U.S. financial services. The report also examined the steps taken by the private sector to address threats, vulnerabilities, and incidents as well as the relationships between public- and private-sector groups involved in addressing the threat. The report concluded that the financial services sector faces threats similar to those faced by other critical infrastructure sectors with regard to a cyber-attack. However, the potential for monetary gains and economic disruptions may increase its attractiveness as a target.
(Last checked 09/22/09)

CSI/FBI Computer Crime and Security Survey
http://www.gocsi.com/awareness/fbi.jhtml
8th or 2003 survey
7th or 2002 survey
Courtesy of the Computer Security Institute.
(Last checked 09/22/09)

CyberAge Stalking
http://www.llrx.com/features/cyberstalking.htm
Barabara Fullerton documents the growth in, and implications of cyberstalking, associated state and federal laws, as well suggestions and resources to protect yourself against, and how to respond if you become a victim of this crime. LLRX, Dec. 22, 2003
(Last checked 09/22/09)

Cyberbullying and State Law
http://knowledgecenter.csg.org/drupal/system/files/CR_FF_Cyberbullying.pdf
Although bullying has long been a problem educators have faced, we are now seeing tragic results of taunting and bullying through social networking Websites, text messages and other electronic means that were not available just a few years ago. School systems and state policymakers are beginning to look at measures to prevent cyberbullying and punish those who engage in it. Council of State Governments, December 2010.
(Last checked 09/22/09)

Cyber Crime...and Punishment:
Archaic Laws Threaten Global Information, December 6, 2000
http://web.archive.org/web/20020611051642/
http://www.mcconnellinternational.com/services/CyberCrime.htm

This 52 country survey and report, conducted by a global policy and technology management consulting firm (McConnell International), states that "Undeterred by the prospect of arrest or prosecution, cyber criminals around the world lurk on the Net as an omnipresent menace to the financial health of businesses, to the trust of their customers, and as an emerging threat to nations' security."
(Last checked 09/22/09)

Cyber Crime Pays a Call
http://web.archive.org/web/20040718055119/http://charitychannel.com/article_11865.shtml
Hildy Gottlieb, Help4Nonprofits, Jul 12, 2004, writing for E-Philanthropy and Technology Review.
(Last checked 09/22/09)

Cybercrime, Transnational Crime, and Intellectual Property Theft
http://www.house.gov/jec/hearings/03-24-8h.htm
Prepared statements for Joint Economic Committee Hearing, Washington, D.C., March 24, 1998.
(Last checked 09/22/09)

Cyber Protests: The Threat to the U.S. Information Infrastructure
http://web.archive.org/web/20040405204200/
http://www.nipc.gov/publications/nipcpub/cyberprotests.pdf

Discusses the growing threat of cyber protests and provides examples of recent events. National Infrastructure Protection Center, 2001. 6pp.
(Last checked 09/22/09)

Cyber-Predators
http://library2.cqpress.com/cqresearcher/
Can Internet child sexual exploitation be controlled? Pedophiles and child pornographers are increasingly using the Internet to victimize minors. Of the estimated 28 million American children who use the Internet, nearly one out of five say they have been sexually harassed or solicited while online, usually in Internet chat rooms or via instant messaging and e-mail. Last year, the FBI opened more than 1,500 cases involving Internet child sexual exploitation, compared with only 113 cases in 1996. Law-enforcement agencies say it is difficult to investigate and prosecute Web-based sex crimes against minors due to aggressive defense tactics, a dearth of computer forensic specialists and other resources, poorly designed laws and a reluctance by some judges to treat crimes against children seriously. Meanwhile, civil libertarians worry that police “sting” operations entrap otherwise law-abiding citizens. Article by Brian Hansen, CQ Researcher, Vol. 12, no. 8, March 1, 2002. Note: Access restricted to MSU faculty and students and other subscribers of CQ Researcher.
(Last checked 09/22/09)

Cybersecurity Spending Estimated to Grow to $7.1 billion by 2009
http://www.govexec.com/dailyfed/0305/031705p1.htm
An information technology consulting firm predicted this week that the federal government will spend $7.1 billion on cybersecurity in fiscal 2009, an increase of 27 percent over the $1.9 billion for fiscal 2005. The report estimates that increased attention to homeland security will cause the government cybersecurity market to grow 5 percent annually. The forecast from the Reston, Va.-based IT consulting firm INPUT is another in a series of reports that show cybersecurity is a rising concern among agency leaders. Source: Article by Daniel Pulliam, GovExec.Com, March 18, 2005.
(Last checked 09/22/09)

Cyberstalking: A New Threat for Law Enforcement and Industry
A Report from the Attorney General to the Vice President, August 1999
http://www.usdoj.gov/criminal/cybercrime/cyberstalking.htm
The new millennium is fast approaching, and the information superhighway is undergoing rapid growth. The Internet and other telecommunications technologies are promoting advances in virtually every aspect of society and every corner of the globe: fostering commerce, improving education and health care, promoting participatory democracy in the United States and abroad, and facilitating communications among family and friends, whether across the street or around the world. Unfortunately, many of the attributes of this technology - low cost, ease of use, and anonymous nature, among others - make it an attractive medium for fraudulent scams, child sexual exploitation, and increasingly, a new concern known as "cyberstalking."
(Last checked 09/22/09)

Cyber-Stalking:
Obsessional Pursuit and the Digital Criminal
http://www.trutv.com/library/crime/criminal_mind/psychology/cyberstalking/1.html
Cyberstalking, which is simply an extension of the physical form of stalking, is where the electronic mediums such as the Internet are used to pursue, harass or contact another in an unsolicited fashion. Wayne Petherick. 1999.
(Last checked 09/22/09)

Cyber Storm Exercise Report
http://www.dhs.gov/xlibrary/assets/prep_cyberstormreport_sep06.pdf
"The first Government-led, full-scale, cyber security exercise of its kind, Cyber Storm was a coordinated effort between international, Federal and State governments, and private sector organizations to exercise their response, coordination, and recovery mechanisms in reaction to simulated cyber events."
(Last checked 09/22/09)

Defending America's Cyberspace: National Plan for Information Systems Protection (Government Document) The White House: Office of the National Coordinator for Security, Infrastructure Protection, and Counter-Terrorism. 159pp. Government Documents Library (Basement East) PR42.2:C99
Contains proposals from the White House for combatting computer crimes.

Electronic Crime Needs Assessment for State and Local Law Enforcement
http://www.ncjrs.org/pdffiles1/nij/186276.pdf
http://www.ncjrs.org/txtfiles1/nij/186276.txt
State and local perspective on electronic crime, types of e-crime & investigation needs, systems vulnerability, forensic evidence collection, legal issues and training. Hollis Stambaugh, David S. Beaupre, David J. Icove, Richard Baker, Wayne Cassaday, and Wayne P. Williams. National Institute of Justice Research Report, March 2001. 77pp.
(Last checked 09/22/09)

Electronic Crime Scene Investigation: A Guide for First Responders
http://www.ncjrs.org/pdffiles1/nij/187736.pdf
http://www.ncjrs.org/txtfiles1/nij/187736.txt
The Internet, computer networks, and automated data systems present an enormous opportunity for committing criminal activity. Computers and other electronic devices are being used increasingly to commit, enable, or support crimes perpetrated against persons, organizations, or property. Whether the crime involves attacked against computer systems, the information they contain, or more traditional crimes such as murder, money laundering, trafficking, or fraud, electronic evidence increasingly is involved. It is no surprise that law enforcement and criminal justice officials are being overwhelmed by the volume of investigations and prosecutions that involve electronic evidence. July 2001. NCJ187736.
(Last checked 09/22/09)

Electronic Frontier: The Challenge of Unlawful Conduct Involving the Use of the Internet
http://www.cybercrime.gov/unlawful.htm
A Report of the President's Working Group on Unlawful Conduct on the Internet, March 2000.
(Last checked 09/22/09)

FBI Congressional Statements: 2002
http://www.fbi.gov/congress/congress02.htm
(Last checked 09/22/09)

Federal Law Officers Weigh Online Privacy Issues
http://www.govexec.com/dailyfed/0101/011201td.htm
Law enforcement experts and industry representatives Thursday said balancing enforcement and privacy interests in the cyber world is becoming increasingly difficult, especially given the recent heated debates over surveillance systems such as Carnivore and pending international treaties that could set the standard of how cyber crimes are treated abroad. Article by Liza Porteus, National Journal's Technology Daily.
(Last checked 09/22/09)

Fraud Phishing and Financial Misdeeds
http://fraudwar.blogspot.com/
Fraud news and prevetion blog.
(Last checked 09/22/09)

Georgia Tech Information Security Center
Emerging Cyber Threats for 2009
http://www.gtiscsecuritysummit.com
The top five IT-related security threats in 2009 will include or relate to malware, cyberwarfare, Voice over Internet Protocol (VoIP), mobile devices, and botnets, according to the Georgia Tech Information Security Center. Read other predictions in the center’s annual Emerging Cyber Threats Report.
(Last checked 09/22/09)

Government Computers Top Target for Cyberattacks
http://www.govexec.com/dailyfed/0805/080505p1.htm
Cyberattacks on computer systems escalated in the first half of 2005 and government agencies were targeted more than any other business sector, according to a new report. Attacks on the government, financial services, manufacturing and health care industries have risen 50 percent since the beginning of the year, according to IBM's Global Business Security Index Report. In the first half of 2005, there were more than 237 million security attacks worldwide, with 54 million directed at the U.S. government. The manufacturing sector received about 36 million attacks, followed by the financial services industry with 34 million and health care with 17 million.
(Last checked 09/22/09)

Government Grants Scam
Yeesh. The Nigerian scam apparently wasn't enough for the con artists who troll the Internet and roam the nation's phone systems. Now they're telling people they're from the "Government Grant Association" or the "Federal Government Grant Information Center," and if you only fork over $250, you'll get an $8,000 grant from Uncle Sam. Please don't be suckered by this. Source: GovExec.com FedBlog, Dec. 23, 2004.

Hack Attacks
http://www.govexec.com/features/0897s2.htm
Security concerns are on the rise as hackers violate federal web sites. An article from Government Executive.
(Last checked 09/22/09)

Hackers Shift Focus to Financial Gain
http://www.cnn.com/2005/TECH/internet/09/26/identity.hacker/index.html
Internet criminals want your computer, your money and your identity. And their tactics are becoming increasingly refined and organized, according to security experts. The prime objective for hackers and online thieves has shifted from largely hitting major corporate networks to gaining control of home desktops, both to steal data and collect processing power. "Attackers are increasingly seeking financial gain rather than mere notoriety," said Vincent Weafer, senior director at Symantec Corp. "During the past year we have seen a significant decrease in the number of large scale global virus outbreaks and, instead, are observing that attackers are moving towards smaller, more focused attacks." Source: Daniel Sieberg, CNN.com, September 26, 2005.
(Last checked 09/22/09)

How To Avoid Being Stalked
http://www.datehookup.com/content-how-to-avoid-being-stalked.htm
Advice from DateHookUp.com
(Last checked 09/22/09)

Information Security: Emerging Cybersecurity Issues Threaten Federal Information Systems
http://www.gao.gov/docdblite/details.php?rptno=GAO-05-231
Federal agencies are facing a set of emerging cybersecurity threats that are the result of increasingly sophisticated methods of attack and the blending of once distinct types of attack into more complex and damaging forms. Examples of these threats include spam (unsolicited commercial e-mail), phishing (fraudulent messages to obtain personal or sensitive data), and spyware (software that monitors user activity without user knowledge or consent). To address these issues, GAO was asked to determine (1) the potential risks to federal systems from these emerging cybersecurity threats, (2) the federal agencies' perceptions of risk and their actions to mitigate them, (3) federal and private-sector actions to address the threats on a national level, and (4) governmentwide challenges to protecting federal systems from these threats.
Spam, phishing, and spyware pose security risks to federal information systems. Spam consumes significant resources and is used as a delivery mechanism for other types of cyberattacks; phishing can lead to identity theft, loss of sensitive information, and reduced trust and use of electronic government services; and spyware can capture and release sensitive data, make unauthorized changes, and decrease system performance. The blending of these threats creates additional risks that cannot be easily mitigated with currently available tools. Agencies' perceptions of the risks of spam, phishing, and spyware vary. In addition, most agencies were not applying the information security program requirements of the Federal Information Security Management Act of 2002 (FISMA) to these emerging threats, including performing risk assessments, implementing effective mitigating controls, providing security awareness training, and ensuring that their incident-response plans and procedures addressed these threats. Several entities within the federal government and the private sector have begun initiatives to address these emerging threats. These efforts range from educating consumers to targeting cybercrime. Similar efforts are not, however, being made to assist and educate federal agencies. Although federal agencies are required to report incidents to a central federal entity, they are not consistently reporting incidents of emerging cybersecurity threats. Pursuant to FISMA, the Office Management and Budget (OMB) and the Department of Homeland Security (DHS) share responsibility for the federal government's capability to detect, analyze, and respond to cybersecurity incidents. However, governmentwide guidance has not been issued to clarify to agencies which incidents they should be reporting, as well as how and to whom they should report. Without effective coordination, the federal government is limited in its ability to identify and respond to emerging cybersecurity threats, including sophisticated and coordinated attacks that target multiple federal entities. GAO-05-231 May 13, 2005.
(Last checked 09/22/09)

Insider Threat Security: Computer System Sabotage in Critical Infrastructure Sectors
http://www.secretservice.gov/ntac/its_report_050516.pdf
A new report from the Secret Service and the Carnegie Mellon Software Engineering Institute’s CERT found that most acts of insider sabotage on computer systems in critical infrastructure sectors were perpetrated by former employees--motivated at least in part by a desire to seek revenge--who were granted system administrator or privileged access when hired. U.S. Secret Service, National Threat Assessment Center, and Carnegie Mellon University. May 2005. 45pp.
(Last checked 09/22/09)

International Journal of Cyber Security
http://www.cybercrimejournal.co.nr/
a peer reviewed online (open access) interdisciplinary journal published biannually and devoted to the study of cyber crime, cyber criminal behavior, cyber victims, cyber laws and cyber investigations. IJCC will focus on all aspects of cyber/computer crime: Forms of Cyber Crime, Impact of Cyber crimes in the real world, Policing Cyber space, Cyber-terrorism, International Perspectives of Cyber Crime, developing cyber safety policy, intrusion investigations, information security, Cyber Victims, Cyber Psychopathology, Geographical aspects of Cybercrime, Cyber offender behavior, cyber crime law, Cyber Pornography, Physical Computer Security, Privacy & Anonymity on the Net, Internet Fraud & Identity Theft, Mobile Phone Safety, Online Gambling, Copyright and Intellectual property Law, and Detection of Distributed Denial of Service Attacks. As the discipline of Cyber Criminology approaches the future, facing the dire need to document the literature in this rapidly changing area has become more important than ever before. The IJCC will be a nodal centre to develop and disseminate the knowledge of cyber crimes to the academic and lay world. The journal publishes theoretical, methodological, and applied papers, as well as book reviews.
(Last checked 09/22/09)

Internet Crime Complaint Center
2003 report : http://www.ic3.gov/media/annualreport/2003_IC3Report.pdf
2004 report : http://www.ic3.gov/media/annualreport/2004_IC3Report.pdf
2005 report : http://www.ic3.gov/media/annualreport/2005_IC3Report.pdf
2006 report : http://www.ic3.gov/media/annualreport/2006_IC3Report.pdf
2007 report : http://www.ic3.gov/media/annualreport/2007_IC3Report.pdf
Formerly called the Internet Fraud Complaint Center.
(Last checked 09/22/09)

Internet Crime Report, 2008
http://www.nw3c.org/downloads/2008_IC3_Annual%20Report_3_27_09_small.pdf
The Internet Crime Complaint Center (IC3), a partnership between the FBI and the National White Collar Crime Center (NW3C), today released the 2008 Annual Report on the number of Internet crime complaints received. A total of 275,284 complaints were received in 2008­up from 206,884 (33 percent) over 2007. Total dollar loss reported in 2008 was $265 million­up from $239 million in 2007. The average individual loss was $931.
(Last checked 09/22/09)

Internet Fraud Complaint Center
Annual Fraud Report
2001 report : http://www.ic3.gov/media/annualreport/2001_IFCCReport.pdf
2002 report : http://www.ic3.gov/media/annualreport/2002_IFCCReport.pdf
(Last checked 09/22/09)

Investigations Involving the Internet and Computer Networks (NCJ 210798) (137 pp.)
http://www.ncjrs.gov/pdffiles1/nij/210798.pdf
Developed by NIJ's Technical Working Group for the Investigation of High Technology Crimes as a resource for individuals responsible for investigations involving the Internet and other computer networks.
(Last checked 09/22/09)

Lessons Learned by Consumers, Financial Sector, Firms, and Government Agencies During the Recent Rise of Phishing Attacks
http://web.archive.org/web/20040727053824/
http://www.treas.gov/offices/domestic-finance/financial-institution/cip/pdf/fbiic-fsscc-report-2004.pdf

Describes the extent and cost of recent web fraud involving the spoofing of financial sector web sites and strategies adopted by business and government agencies. From the Treasury Department. May 2004. 8pp.
(Last checked 09/22/09)

Michigan Computer Crime Units Created
Computer crime is growing so fast that new state police unit created to fight it already faces a six-month backlog of cases. The Michigan State Police Computer Crimes Unit will handle any type of case involving computers and includes members from the FBI and Drug Enforcement Administration. Unit staff members are trained to investigate any crimes involving a computer, including cyberstalking, distribution of child pornography, drug trafficking, fraud, money laundering, and Internet gambling.
State Attrorney General Jennifer Granholm formed a High Tech Crime unit within her department in 1999. She said computer crimes grew from tenth to first between 1999 and 2000, with more than 1,000 criminal and civil complaints.
Source: "New Cybercrime Unit Inundated", Lansing State Journal, Feb. 19, 2001, p.B1.

Michigan Internet Criminal History Access Tool (ICHAT)
http://apps.michigan.gov/ICHAT/Home.aspx
The Internet Criminal History Access Tool (ICHAT) allows the search of public records contained in the Michigan Criminal History Record maintained by the Michigan State Police, Criminal Justice Information Center. All felonies and serious misdemeanors that are punishable by over 93 days are required to be reported to the state repository by law enforcement agencies, prosecutors, and courts in all 83 Michigan counties. Suppressed records and warrant information are not available through ICHAT. Also not included are federal records, tribal records, and criminal history from other states. A search for a record that may be in another state requires that you correspond with that state directly. Anyone can perform a search through ICHAT. At a minimum, the full name of the person and his/her date of birth is required. A fee of $10 is charged for each search.
(Last checked 09/22/09)

Michigan State University Cybersecurity Institute
http://www.ccs.msu.edu/
CyberSecurity at Michigan State University is a team of world-class, interdisciplinary researchers from across the campus working from state-of-the-art laboratories in collaboration with industry and government to lead the state and the country in cybersecurity research.
(Last checked 09/22/09)

Nigeria Enlists Microsoft to Fight 419 Scammers
http://software.silicon.com/security/0,39024655,39153344,00.htm
Microsoft is to work with the Nigerian government to help track down and prosecute criminals involved in 419 email scams and other internet-based fraud originating from the African country. Microsoft will provide technical expertise, training and other security resources to Nigeria's Economic and Financial Crimes Commission (EFCC), which is tasked with fighting cyber crime in the country. Nigeria was initially slow to respond to the problem of 419 email scammers operating in the country who were duping innocent internet users out of thousands of pounds by promising a share of the secret multimillion pound fortune of a deposed African dictator. The EFCC is now at the forefront of that battle and has arrested more than 1,000 people, brought 300 prosecutions and seized a billion dollars in assets - but that has still only resulted in 17 convictions to date. Source: Andy McCue, Silicon.com Security Strategy, Oct. 14, 2005.
(Last checked 09/22/09)

Practices for Securing Critical Information Assets
http://www.infragard.net/library/pdfs/securing_critical_assets.pdf
Critical Infrastructure Assurance Office. January 2000.
(Last checked 09/22/09)

Prosecuting Intellectual Property Crimes Manual
http://www.cybercrime.gov/ipmanual.htm
Courtesy of the U.S. Department of Justice, Computer Crime and Intellectual Property Section, January 2001.
(Last checked 09/22/09)

Protect Yourself Against Phishing
http://www.networksecurityjournal.com/2007/01/the_fight_again.html
Phishing, carding, brand spoofing, web spoofing—call it what you will, there’s no escaping the fact that the threat of this swindle is getting more dangerous by the day. You don’t necessarily have to be tech-savvy to protect yourself from phishing attacks; it’s enough if you keep your wits about you, are aware that not all sites on the internet are the genuine article, and follow one or a combination of the following 44 tips.... Network Security Journal, Jan. 9
(Last checked 09/22/09)

Protecting America's Freedom in the Information Age
http://www.markletaskforce.org/
October 7, 2002 - Washington, DC -- A new report released today by the Markle Foundation Task Force on National Security in the Information Age recommends that a new Department of Homeland Security (DHS) rather than the FBI should take the lead in shaping domestic information and intelligence priorities to inform policymakers. The report calls for a networked information technology system that effectively shares information among local, state, regional and federal agencies and the private sector, and sets forth a blueprint for how such a system can be established under a set of Presidential guidelines.
(Last checked 09/22/09)

Quatloos! Cyber-Museum of Scams & Frauds
http://www.quatloos.com/
Quatloos.com is a public educational website covering a wide variety of financial scams and frauds, including wacky “prime bank” frauds, exotic foreign currency scams, offshore investment frauds, tax scams, “Pure Trust” structures and more...
(Last checked 08/15/05)

Schooled in security
http://news.com.com/Schooled+in+security/2100-7347_3-5837352.html
For universities, network security is a tricky balancing act. Academic institutions want to maintain the free exchange of ideas and information between faculty, students and researchers, both on campus and from university to university. That presents a challenge for keeping networks secure. Unlike businesses, schools can't rely on using the typical firewall to keep threats out. By Dawn Kawamoto.
(Last checked 08/18/05)

Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations
http://www.usdoj.gov/criminal/cybercrime/searching.html
An increasing number of criminals use pagers, cellular phones, laptop computers and network servers in the course of committing their crimes. In some cases, computers provide the means of committing crime. For example, the Internet can be used to deliver a death threat via e-mail; to launch hacker attacks against a vulnerable computer network; to disseminate computer viruses; or to transmit images of child pornography. In other cases, computers merely serve as convenient storage devices for evidence of crime. For example, a drug kingpin might keep a list of who owes him money in a file stored in his desktop computer at home, or a money laundering operation might retain false financial records in a file on a network server.
The dramatic increase in computer-related crime requires prosecutors and law enforcement agents to understand how to obtain electronic evidence stored in computers. Electronic records such as computer network logs, e-mails, word processing files, and “.jpg” picture files increasingly provide the government with important (and sometimes essential) evidence in criminal cases. The purpose of this publication is to provide Federal law enforcement agents and prosecutors with systematic guidance that can help them understand the legal issues that arise when they seek electronic evidence in criminal investigations. Computer Crime and Intellectual Property Section, Criminal Division, United States Department of Justice. July 2002.
(Last checked 09/22/09)

Security Directors on Computer Crime (article)
http://www.cj.msu.edu/~outreach/security/secdir.html
A survey paper by Dr. David Carter of the MSU School of Criminal Justice.
(Last checked 09/22/09)

Security News from the Michigan Department of Information Technology
http://www.michigan.gov/cybersecurity/0,1607,7-217-35900---,00.html
(Last checked 09/22/09)

Software is the New Tool for Catching Crooks
http://www.govexec.com/dailyfed/0100/012700t4.htm
Online article by Drew Clark appearing in GovExec.Com, January 27, 2000.
(Last checked 09/22/09)

State and Local Law Enforcement Needs to Combat Electronic Crime (NCJ 183451)
http://www.ncjrs.org/pdffiles1/nij/183451.pdf
http://www.ncjrs.org/txtfiles1/nij/183451.txt
Identifies issues and obstacles that interfere with effective investigation of cybercrime and summarizes 10 critical law enforcement needs in this area. Among these are uniform training and certification courses, development of electronic crime units, and investigative and forensic tools. Acquiring appropriate investigative hardware and software poses one of the biggest problems, according to this Research In Brief, as such tools are often beyond the budgets of most law enforcement agencies. Findings indicate a large gap between the expertise and resources of many cybercriminals and the agencies that investigate them. Hollis Stambaugh, David Beaupre, David Icove, Richard Baker, Wayne Cassaday, and Wayne P. Williams. August 2000.
(Last checked 09/22/09)

State Cybercrime Legislation in the United States: A Survey
http://web.archive.org/web/20010802194821/
http://www.richmond.edu/jolt/v7i3/article2.html

Susan W. Brenner, Richmond Journal of Law and Technology, Vol. VII, Issue 3, Winter 2001. Still available courtesy of the Internet Archives
(Last checked 09/22/09)

A Study on Cyberstalking: Understanding Investigative Hurdles
http://www.fbi.gov/publications/leb/2003/mar03leb.pdf
Federal Bureau of Investigation, 2003. 35pp.
(Last checked 09/22/09)

Tougher Computer Crime Laws Needed
http://www.govexec.com/dailyfed/0100/012500b3.htm
By Drew Clark, National Journal's Technology Daily, appearing in GovExec.Com.
(Last checked 09/22/09)

United Nations Manual on the Prevention and Control of Computer-Related Crime
http://www.uncjin.org/Documents/irpc4344.pdf
UN report on the history and extent of computer crime, international security, and preventive measures.
(Last checked 09/22/09)

U.S. Computer Emergency Readiness Team
http://www.us-cert.gov/nav/report_phishing.html
Report phishing to this federal agency.
(Last checked 09/22/09)

U.S. Customs Debuts Cybersmuggling Center
http://www.govexec.com/dailyfed/1000/100400j1.htm
The U.S. Customs CyberSmuggling Center is an outgrowth of Customs' child pornography investigations, said Customs spokeswoman Layne Lathram. During the investigations, Customs agents began to see evidence of other kinds of crimes committed on the Internet, such as money laundering, intellectual property theft and the trafficking of weapons of mass destruction. GovExec.Com Daily Briefing, October 4, 2000.
(Last checked 09/22/09)

U.S. Department of Justice Criminal Division
Computer Crime and Intellection Property Section (CCIPS)
see Cybercrime.gov

Verizon Enterprise Solutions
2013 Data Breach Investigations Report
http://www.verizonenterprise.com/DBIR/
This year’s DBIR combines the expertise of 19 organizations from around the globe. Download the report to discover stats that might surprise you—from the percentage of espionage-related attacks to the astonishing length of time it often takes to spot a security breach. By knowing today’s threats, you can better protect your organization tomorrow.
(Last checked 09/22/09)

Why Hackers Escape
Organized, Well-Financed Criminals Stay a Step Ahead of the Law
http://news.com.com/2009-1017-912708.html?tag=fd_lede
(Last checked 09/22/09)

For additional materials on computer crime, search Magic: The MSU Libraries Online Catalog


Telephone Hotlines

Michigan Cyber-Tip Hotline
1-800-5CYBER3
The Michigan State Police and the Michigan Attorney General's Office are launching a 24-hour, toll-free, cybertip hotline. The hotline will assist law enforcement authorities in uncovering and prosecuting criminals who use the Internet to commit cyber-crimes against children. Anyone with information, or who witnesses child sexual exploitation including: online enticement of children for sexual acts, child prostitution, or child-sexual molestation, will be asked to contact the state police toll-free. Source: Michigan Librarian, Sept./Oct. 2000

 

Google
WWW http://staff.lib.msu.edu/harris23/crimjust/
 

Ownership Statement
Jon Harrison : Page Editor
Criminal Justice Specialist
Social Sciences Collections Coordinator
Michigan State University Libraries
366 W. Circle Drive
E. Lansing, MI 48824-1048
harris23@mail.lib.msu.edu
Last revised 09/22/09

Phone: 1-800-500-1554 and 1-517-355-2345.  100 Library, East Lansing, MI 48824 USA.  Email us: comments@mail.lib.msu.edu

© 2006 Michigan State University Board of Trustees. MSU is an affirmative-action, equal-opportunity employer.

Michigan State University Acceptable Use Policy of Computing & Digital Networks