Crime, Terror and War on the Internet Threats and Risk Management

Bachelor Thesis, 2015

81 Pages, Grade: 1,3


Table of Contents

Table of Contents

List of Figure(s)

1 Purpose

2 Introduction

3 How it all began: The history of criminal activities in Cyberspace
3.1 Definitions of crime, terror and warfare on the Internet
3.1.1 Hacking and Hackers
3.1.2 Whitehats. greyhats and blackhats

4 The very beginning
4.1 Hacking alliances start to form

5 Attack vectors
5.1 Malware and Carding

6 Terrorism in Cyberspace

7 The cost of Cybercrime
7.1 Countermeasures

8 Activism through interconnectivity – “Hacktivism.”
8.1 Hacktivism and Hacking
8.2 Protest 2.0: Hacktivism: A new form of protest in the 21st century
8.3 Protest without Borders
8.4 Is Hacktivism a genuine form of protest?
8.4.1 Is Hacktivism effective?
8.4.2 Can hacktivism be seen as a legitimate form of protest?
8.5 Where does activism end and terror begin?

9 The “Deep Web”
9.1 The hidden Internet and how this key infrastructure works
9.1.1 Criminal hacker forums
9.1.2 ShadowCrew Cybercrime Forum
9.2 The structure of cybercriminal associations and underground forums
9.2.1 Leading Cybercrime locations
9.3 Examples of how crime benefits from the Deep Web
9.3.1 Human Trafficking
9.3.2 “The Armory” – The Deep Web’s gun shop
9.4 “SilkRoad” – How Drug Trafficking flourishes in the Deep Web
9.4.1 Ross Ulbricht, Silk Road’s mastermind

10 Cyber Warfare - The new battlefield of the 21st Century
10.1 Fear versus Reality: Cyber Warfare in the Press and in Reality
10.2 How Governments get engaged
10.2.1 The Key Players in Cyber Warfare

11 A grim outlook into the future of Terror and War on the Internet
11.1 Internet of Things Dangers
11.1.1 Hacking the home
11.2 Taking over industrial controls, power systems and SCADA Systems

12 Conclusion


List of Figure(s)

Figure 1: Cost of different types of cybercrime

1 Purpose

The intention of this thesis is to provide its reader with a tangible idea about the rapidly changing landscape of the internet. The reader furthermore is presented with an insight into the highly criminal and complex world of the deep web, the internet hidden from the publicly accessible internet.

Various threats, how political activism works on the internet, cybercrime on the normal internet and the deep web are explained amongst others. In order to create a thorough thesis this work starts from the historical beginnings of the early hacking community and then gradually moves on to contemporary developments within the internet. Additionally, the involvement of states and terrorist activities are examined. Originally it was planned to include information in the form of screenshots and text about deep web drug markets and forums. However, this would have led to this thesis becoming rather sensationalistic than scientific. Therefore it is restricted to Silk Road as a representative example for ille- gal activities on the Deep Web.

Information gathered in this work stems from scientific articles, journals, books, newspa- per articles, websites and personal observations.

2 Introduction

In a world so reliant on ever increasing and developing interconnectivity, losses imposed by internet criminals have reached gigantic proportions. What has once begun as a great technological evolution also brought unintended side effects with it. Perpetuated by the rise of globalization, the internet has proven itself as a perfect hotbed to accelerate this process even more. Businesses and individuals engage in worldwide trade without any physical restrictions, with huge cash flows exchanging hands via the internet every day. As great as the opportunities are that come with it, so are the downsides. Credit card fraud has seen a dramatic increase in cases1 over the past few years stimulated by how easy it is to carry out, and the rampant availability of stolen credit card data on the shadowy places of internet and the hidden internet. Losses to businesses ranging from small to big are just as commonly observed as those to individuals. The problems of cyberspace in- creasingly become problems of the real world, too. Recognizing the tremendous danger stemming from criminal activities on the internet, Interpol has listed cybercrime as one of its top five priorities.2 However, threats originating from cyberspace are not merely limited to economic aspects. The same as cyber criminals realized the internet’s potential for illicit undertakings, so did terrorists, political activists, and even governments them- selves. States already are engaged in a constant battle on cyberspace, accompanied by large investments into further developing related technology as well as training future experts in the craft of cyberwar. Political activists, or better known online as “Hacktiv- ists”, have extended their protest onto the world wide web. Some hacktivists pursue a rather “violent” approach by hacking or temporarily disrupting online presences or ser- vices of those under their attack. Besides such aggressive tactics, social media platforms such as “Facebook” and “Twitter” have proven to be effective tools in communicating political messages and/ or organizing protests in the real world. This has led to the Arab Spring being nicknamed the “Facebook Revolution”3 and several regimes blocking access to popular social media websites. Furthermore, “Wiki Leaks” contributed to a new level of transparency by hosting classi- fied leaked cables, causing several scandals and generating huge never seen before public and media attention.4

3 How it all began: The history of criminal activities in Cyberspace

Crime, warfare and terrorism in cyberspace in its contemporary shape are relatively new phenomenas, evolving with rapid speed due to the proliferation of technology worldwide and the ever increasing importance and interconnectivity of the internet. In our current times services, administrative issues and even infrastructure become more and more reli- ant and interconnected on as well as with cyberspace. This indeed had pleasant effects. The government of Estonia has been the first State within the European Union to establish a very well designed “E-Governance System”, allowing administrative issues to be dealt with in a more efficient manner.5 Digitalization and interconnectivity of the Computer age didn’t only introduce positive aspects, as those were accompanied by negative side effects. By preying on the weak- nesses of this interconnected world, Cyber criminals find a huge variety of opportunities to exploit from. Identity theft has significantly increased, with credit card fraud represent- ing the lions share. Political activists, “Hacktivists”, launch cyberattacks against their tar- gets. Nation states are important actors in Cyberwar, with dramatic incidents like “Stux- net” demonstrating their level of sophistication.6 In order to develop a deeper understanding of how this new, fascinating digital environment also became a hotbed for Crime, Terrorism and Information Warfare between governmental actors, it is best to start by taking a look at the early beginnings.

3.1 Definitions of crime, terror and warfare on the Internet

Cyber crime as a term applies to illegal activities conducted via means of computers and/ or the internet. Cyber criminals are motivated by possible monetary gains from committed crimes.

Cyber terrorists pursue ideological or political goals on the internet by means of hacking, spreading malware or launching large scale attacks.7 The term Cyber terrorism is broadly defined, as there exists no authoritative definition for it.

Cyber war differs from Cyber terror insofar as states are the main actors. Given the fact that states have access to greater resources and research capabilities than terrorists this leads to highly advanced operations of next generation warfare such as “Stuxnet”.

3.1.1 Hacking and Hackers

Hacking, despite all the negativity attached to it, started out as a noble cause and still is. The meaning of what a hacker is saw a great change with rising public and media atten- tion. A hacker in its original definition is someone fascinated by computers and the way they function.8 Hackers of the first hour harbored no harmful intent. This fact is under- scored by the publication of the “Hacker Manifesto”.9 However, not every hacker sticks with the recommended ethics of hacking. Therefore hackers are divided into subgroups.

3.1.2 Whitehats. greyhats and blackhats

Whitehat hackers always draw a clear line between themselves and Blackhat hackers.10 Whitehats differ from their counterpart as they do not act with malicious intentions.11 Individuals hailing from the legal category of the Hacker community only find flaws in systems to report these for the purpose of preventing future damage to the vulnerable system. Their efforts can be either completely driven by curiosity or as part of a researchcontract with a company, putting them on the hunt for vulnerabilities.

Those whitehats operating without any company contracts to back them up often can find incentives or expect rewards from the firms running susceptible systems. For example, Google12 and Facebook13 both have such incentive programs offering anyone monetary benefits and a place in their “hall of fames” who reports software flaws to them.

Blackhats, also known as crackers, ignore legal boundaries and operate with the sole intention of monetizing vulnerabilities they have detected.

Once this Cybercriminal has managed to gain access to a system they proceed to stealing, modifying or even completely destroying data. Furthermore, it is not uncommon for blackhats to leave behind backdoors in systems, with the purpose that once their activities are detected and countermeasures are put in place, they can retain the chance of obtaining access once more through the backdoor left behind. An example of a black hat operation frequently seen is traffic hijacking. Blackhats test websites that do have a certain traffic volume for common vulnerabilities which can be easily exploited. Once a weak website is identified and hacked, a “clickjacking script” is uploaded to the server hosting the web- site. A clickjacking script deploys opaque layers (best understood as fully transparent pop ups) onto the compromised website. While the average website visitor does not realize what is happening, as the website continues to look and function as normal, his clicks are used for different purposes. E.g. the user could click on “Contact us” on the websites mainframe, but while he is being redirected to the requested page as usual, his click can potentially be used for advertisements to generate revenue for the black hat.14 Hackers self-identifying as black hats together form what is known as “cybercriminal gangs”.

Greyhats are a unique and not always easy to define type of hacker.15 Exact definitions vary slightly, but they can neither without any doubt be identified as purely white hat nor black hat.16

For example, a greyhat hacker might discover a serious system flaw, but in stark contrast to a white hat he won’t disclose how he managed to uncover and exploit the vulnerability as he did but neither will a greyhat proceed to turn his finding into monetary profit like black hats do.

However, grey hats are also described as ethical security researchers that act on their own accord. A whitehat hacker is given the permission from his employer to try to breach security systems, in this scenario a black hat would take the opposite position and not have any legal authorization for penetrating systems, whereas a greyhat hacker has no legal permission, but also no malicious intent for his doing.

Thus greyhat hackers acting all on their own face possible legal consequences, as by legal definition they committed a violation against computer laws even if they acted for the sole purpose of improving a systems security.17 As a consequence greyhats might recon- sider reporting flaws to avoid maneuvering themselves into legal trouble.

4 The very beginning

To fully comprehend actual developments in cyberspace it is necessary to review the early start of hacking and the mindset that originated from it. Hacking in its earliest began as “Phreaking”. Phreaking, as the pioneers in this field named it, refers to the act of studying, exploring and experimenting with telecommunication lines or networks.18 The roots of Phreaking are rather vague, but early reports suggest that Phreaking was discovered at first by an American 8-year old blind boy with the perfect pitch, Joe Engressia, in or around 1957.19 He discovered the flaw by complete coincidence. Every time he whistled that sound into the telephone the ongoing phone call would drop. Joe Engressia figured out that if he dials any number and reproduces the 2600 Hertz sound, not only domestic but also worldwide, it allows him to place that call for no charge.20

In the year 1971 John “Cap’n Crunch” Draper became an iconic figure for the Phreaking community and inspired future hackers.21 His rise to fame starts with discovering a plastic toy whistle included in a cereal carton from the “Cap’n Crunch” company.

It was the name of this carton which inspired him to use “Cap’n Crunch” as a nickname for himself. Coincidentally this very whistle could produce the 2600 Hertz sound.

He constructed the first phreaking device known under the nickname “Blue Box”, which was introduced by himself under the pseudonym “Gilbertson” in an Esquire magazine article.22 To increase understanding of Phone Phreaking it is necessary to point out that it could only be exploited because the signaling system and the normal voice line were not separated. Therefore, it was possible to directly communicate with the signaling system. Phreaking separated lines would largely be introduced throughout 1983, which effec- tively curbed phreaking by putting an end to this vulnerability.23

John Draper was arrested in 1972 and incarcerated for abusing the communication sys- tems of the telephone company, as engaging in activities related to Phreaking were out- lawed. His jail term failed its purpose and couldn’t deter him from committing wire fraud, a crime for which he has been jailed once more in 1976.24 The first documented abuse of computers for financial gain took place in 1973, merely two years after John Drapers “blue box”. One high-ranking, but mischievous teller work- ing for the Union Dime Savings Bank in New York in a high function embezzled around 1,5$ Million while working his job.25 He started embezzling in 1970 and only got caught when police launched an investigation into an illegal gambling ring, to which he was connected.26

The first hacker to generate a lot media attention was Kevin Mitnick. During his pre-teens the aspiring hacker used “Social Engineering” to figure out a way of riding the public transportation system for free.27 Social Engineering refers to a technique of luring indi- viduals exercising certain functions to give away information that should remain confi- dential by impersonation or other means. Mitnicks evolution from free riding busses to exploiting electronic systems didn’t need long. In High School Mitnick became active in phone phreaking, the field that John Draper a few years earlier pioneered in. Kevin Mit- nick accompanied by two friends physically broke into the offices of Pacific Bell in 1981, in order to steal technical manuals.

These sensitive documents were stolen from a room that many phone companies relied on, due to the fact that recordkeeping operations were taken care of for those enter- prises.28 29 Fortunately for Mitnick himself, he was a mere 17-year old at that time. Fol- lowing his and the arrests of his friend, Kevin Mitnick only had to serve a three months sentence in detention center for minors. This did not deter him. In fact, Mitnick got caught red-handed whilst sitting at a computer at the University of Southern California.

It was through this computer that he got himself access to “ARPANET”, an early version of the internet in use by the Army.30 It was in 1992 when he went into hiding to avoid an arrest warrant issued in connection with a company hack he committed. What ensued was a three year long chase with the FBI, that later inspired the movie “Takedown” 31 which illustrates Mitnicks hacker development and him going into hiding. Mr. Mitnick was caught after he harassed security expert Tsutomu Shimomura, who then helped the FBI in their investigation.32

It was only in 1995 that this young technical genius was tracked down by the FBI. Given his record of prior offenses he wasn’t to expect any mercy from the law this time. Mitnick was held without the chance of bail for 5 years and spent 8months in solitary confinement, a measure that was unusual to be used for hacker. With regards to his story that caused much public attention a movie titled “Takedown” dedicated to his daring escape from the authorities has been produced, contributing to stylizing Kevin Mitnick into a famous rep- resentative of the Hacking Community. The Blackhat eventually was released from prison in 2000, under the condition of him not being allowed to touch any computer without prior consent, even if the computers had no modem attached to it. Today, he makes a living by selling computer exploits. 33

4.1 Hacking alliances start to form

One of the very first groups of hackers to establish a formation named itself the “Legion of Doom” (LOD), commencing their activities as early as 1984.34

It is worth mentioning that LOD primarily functioned as a group consisting of likeminded individuals with the desire to further deepen their technological understanding, and had no intention to unleash chaos. Neither did it have a specific underlying political agenda. Nevertheless, some of its members didn't necessarily abide by the ethical standards im- posed from the LOD leadership which consequently expelled all those who violated the rules. In general, the American authorities had their very own ideas about rules to be followed. With hacking into critical infrastructure such as the “Bell South’s Telephone Networks” the hackers of the first hours prompted the authorities to go after them and track them down, leading to the very first “Hacker crackdown” in the year of 1989.35 This very loose formation of young and highly motivated hackers of the first hour focused their initial efforts on phreaking, the art of manipulating and seizing control of telephone systems.

But just as political groups in the real world give birth to splinter groups, the Legion of Doom as well hasn't been immune to this. A more radical and mischievious group, calling themselves the “Masters Of Deception” emerged from the Legion.

Standing in stark contrast to the Legion of Doom, the “Masters of Deception” didn't ad- here to ethical standards. Arrested members had to face court on charges such as computer wire fraud, computer tampering and even conspiracy.36

5 Attack vectors

5.1 Malware and Carding

Malware, an abbreviation for malicious software, with its ability to rapidly infect com- puters and its ever increasing complexity is what causes great ongoing concern for the integrity of computer systems. Malware comprises of Trojan Horses, Spyware, Viruses, Worms and virtually every piece of software that is specifically designed to cause harm or to overtake the system it is targeting.37

Trojan Horses are designed to operate just as their historical role model.

They often are attached to executable files that the perpetrator uses as the wooden horse, once the user runs the program or file the malicious payload of the Trojan is injected into the system. Once this has been done, it allows the attacker to seize control without the user suspecting anything.

Contemporary Trojan horses contain features to even monitor the victims screen in real time, access and manipulate all files on the system and even activate a connected webcam to spy on the user. The early Trojan horses were largely crafted by amateurs holding an interest in exploring opportunities software holds, but the development has largely shifted to skilled programmers, creating this type of malware for monetary gain.38

Virus – A computer virus is the “traditional” malware. Viruses replicate themselves once installed on the target systems and cause either minor interferences or completely disable the attacked computer.39 They are almost always attached to executable (“.exe”) files.

Worms – This malware operates just like Viruses do. The difference between those two is that Worms don’t necessarily require human interaction to spread, but can do so through vulnerabilities.40

Phishing and spoofed emailing – Phishing emails and website are modeled to pretend legitimacy. A phishing attack occurs in the form of massive spamming, targeting as much emails as possible, but can also be targeted. A scenario for a targeted attempt could see the attacker employ spoofing techniques to feign his sending address as Security@face-, emailing specific users with instructions to reset their passwords for security purposes. If clicked on the link provided, the victim will be redirected to a fake facebook website belonging to the blackhat where it would enter its login credentials. Phishing is often used for purposes of identity theft, infecting users with malware41, or even attempt-ing fraud.

Distributed Denial of Service Attacks, or DDoS, is not a form of hacking nor malware, but yet an effective, affordable and widely adopted method42 to temporarily shut websites or individual computers down. This is an attribute that grants it huge popularity to every- one from cyberterrorists, criminals and online trouble makers, or “Trolls” in internet slang. During a DDoS attack the target is bombarded with a huge amount of requests.

Due to the excess of requests reaching the server it will eventually give into the pressure and cease functioning properly, as it subsequently also can’t handle requests from legiti- mate users. Such an attack is made possible by interconnecting compromised computers as well as servers. On a technical level, the blackhat rents a server from an offshore pro- vider he trusts on which he then proceeds to setup a script that keeps track of all infected systems. To ensure availability, the script communicates with all its zombies, a slang term used to describe infected machines, in a certain time interval. Furthermore, compromised users generally are completely unaware of them involuntarily contributing to such a net- work.

Once the cybercriminal decides on a target to attack, it suffices to send a command through the script to command all or a specified number of zombies to commence the attack. A botnet is furthermore used for purposes of spamming. Operators of botnets often rent out their services, therefore individuals wishing to launch DDoS attacks or engage in illicit mass-mailing don’t have to own a botnet themselves. Anirban Banerjee, co-founder of cybersecurity company Stopthehacker stated in an article for the International Business Times that if a serious blackhat were to budget 10,000 US Dollars he could simply acquire a botnet that exceeds the vast majority of defensive capabilities put in place by companies or others.43

Carding is a common online fraud. Carders use illegally obtained credit card data to either order goods online or employ techniques to extract the money out of one. This online fraud doesn’t require any in-depth knowledge or special skills. Stolen cards and instructions on how to commit this type of crime are widely available on carding forums and on the deep web.

It is important to mention that cyber criminals don’t restrict themselves to these attack vectors only. The attack vectors mentioned above are the most popular ways criminals commit their digital crimes.

6 Terrorism in Cyberspace

Cyberterrorism comes with the intention of making use of technology, especially the in- ternet, to inflict damage on computers or servers and cause disturbances of communica- tion systems. This is primarily done for political or ideological motives. Cyberterrorists can also be found among the ranks of “Trolls”, whose sole motivation stems from causing trouble for pleasure. Theoretically speaking the relative ease with which attacks can be launched also grants the possibility for “Rogue states”44 to shift their terrorist activities into cyberspace and away from the real world.

Cyberterrorism commenced in the 1990’s. An early incident of cybercrime is reported to have taken place in 1996, when a white supremacist45 managed to temporarily interfere with a Massachusetts based internet provider, followed by a threat that more severe cyberattacks are to be expected.46

Cyberterrorism in itself is a threat to be taken serious, but currently it hasn’t been the cause for any threatening incidents such as the hacking of vital infrastructure. While in December 2014 a South Korean nuclear reactor had been hacked, it fell short of posing any real security threat.47 Due to the undeniable fact that interconnectivity and depend- ency on technology is only bound to take up an ever increasing importance in all our lifes, the thought and possible dangers have received huge coverage from the media.48 Whilst this leads to an increased awareness of potential threats, it also contributes to an exagger-ation of the actual state.

This type of terrorism shares its attack vectors with cyberwar and crime. They occur through email, either as spamming or in the form of a spoofed or phishing mail, hacking, as Trojan horses, and as DDoS attacks. Spamming and DDoS are temporary attacks that consume a certain amount of time and resources depending on the intensity of it.

Since powerful DDoS attacks can be completely outsourced, it offers terrorist organiza- tions as well as state actors the possibility of either making use of this attack vector for pursuing their political goals and to engage in a sort of hit-and-run guerilla tactic that extends into the spheres of cyberspace. Notable incidents happened in 2011 and 2014. In 2011, the hacktivist group “Anony- mous” included PayPal49 in its ongoing “Operation Payback” for disallowing donations to Wikileaks.50 The hacktivist operation was an ongoing attack that initially targeted anti- piracy firms. In December 2014 the “Lizard Squad” commenced an attack on Christmas eve, targeting the extremely frequented gaming platforms of Sony and Microsoft.51 They did so for no particular reason, but used the attention for highlighting weak cybersecurity. Both incidents were carried out as DDoS attacks.

7 The cost of Cybercrime

Businesses and citizens are affected by the rise of cybercrime in various ways. Most at- tacks are done by outsiders (a surveyed 72%), but insiders are not uncommon.52

It appears that countries with a well-built internet infrastructure are very often both: sources of Cyber Crime and most affected by it. The United States take up the lion’s share of 23% in source of attacks, followed by China with 9%.53

Renowned computer security company McAfee stated in a report they published, that the internet outputs an annual gain of 2-3 Trillion US Dollars and that Cybercrime was to be held accountable for siphoning off 15-20% from that number.54

Estimation of total losses is hampered by the circumstance of most intrusions going un- reported, however the Center for Strategic and International Studies in cooperation with McAfee assumes the known losses to be between at least 375 and at worst 575 Billion USD, with naturally the most high-income economies suffering the greatest damage.55

The majority of companies victimized by Cyberattacks choose not to file a report56 and pursue the case, but often act with the purpose of minimizing negative publicity.57 34 Fortune 500 enterprises suffered from Cyber related attacks. Only two of those, amongst them Google, chose to report the incident. The second company provided no insightful details at all. To underline the secrecy around Cyberattacks it is worth mentioning that only through a document sent to WikiLeaks more details surrounding this high-level in- trusion have become public.58 Cybercrime therefore poses to be a huge problem that de- velops just as rapidly as the digital world itself. In the same report McAfee suggests that countries tend to ignore malicious activity from Cybserspace, given it doesn’t rise above 2% of the respective nations GDP. Such lax handling of a threat this dangerous stems from the issue that defending against it is too expensive. Implementing cyberdefenses only becomes feasible when internet crime becomes too widely spread.Losses occurring through Intellectual Property (IP), including patents, are responsible for a major share of damages done to companies, followed by espionage.59

Abbildung in dieser Leseprobe nicht enthalten


In an attempt to craft an innovative product companies expect an adequate return of in- vestment.

If their costly research gets copied by an intruder the expected revenue is lowered dra- matically, as the competitor can reduce the price for its product since no research expenses have to be compensated. If losses exceed a certain level, repercussions can potentially be expected to lead to decreasing employment. Therefore it is not of surprise to find that IP theft is estimated to cause an every year damage ranging between 200-250 Billion US Dollars to companies in the United States, and an estimated figure of 445 Billion USD worldwide. According to a report published by the Department for Business, Innovation and Skills of the United Kingdom 93% of what it defines as large organizations already had suffered from a security breach last year.60 Furthermore, the report states that 57% of breaches happened due to staff-related failures. It is natural to assume that this trend won’t reverse or even come to a halt under consideration of the 42% figure that finds large organizations to neglect cybersecurity aspects by failing to provide for any continuous and updated training of their employees. The careless handling and unawareness of threats from cyberspace will continue to almost guarantee riskless profit to be extracted by black- hats as such neglect is vulnerable to social engineering practices. Nevertheless the extent to which cybercrime is successful might seem to be unexpected, as 76% of large organi-zations claimed that cyberdefense is considered a priority. The 2014 US State of Cyber- crime report stated that affected companies don’t merely suffer from one or two incidents, but a mean of 135 attacks for every organization was counted.61 This average is only providing an estimation, as the dark figure of incidents going by unnoticed can’t be in- cluded in the calculation. Not reporting incidents isn’t necessarily always a strategic move to avoid bad PR, but also stems from the unknowingness if one has been compromised. In fact, around 3000 companies remained oblivious before being contacted by the FBI.62 The extent to which companies prioritize implementing counter measures varies by the sector. Technological, governmental institutions, and enterprises working in finance are well aware of cyberthreats. Since these kinds of organizations would face terrible conse- quences if hacked it is of high importance to prevent that from happening. Entertainment, leisure and travel companies have been found to have lower levels of defenses.63

Norton estimates that cyber criminals cause around 274 billion USD in damages world- wide to individuals based on the time they had to spend on fighting cybercrime on an annual basis. Persons most at risk are those located in Emerging Markets with an infection rate of 80%, as well as Users that rely heavily on the internet with 79%.64

7.1 Countermeasures

Countermeasures implemented against Cybercrime are of technical and political nature. In 2001 the Council of Europe introduced the very first international convention aimed at curbing cybercrime. Ratified in 2004 it now holds 45 parties to it, including non-EU key players the United States and Canada.65 G8 nations furthermore have formed a network containing 49 members to combat cybercrime, by having permanently available contact points through which members of the network can submit requests.66 They key functions of the 2004 treaty are to ensure an international cooperation against cybercrime-related offenses and to create relatively homogeneous domestic laws concerned with defining electronic crimes. The convention has little chance of preventing internet offenses from happening or spreading, as seen in the dramatic rise of incidents. It however decreases legal international barriers to increase cooperation amongst nations to launch investiga- tions regardless of national borders. This is a necessary action, considering the fact that threats from cyberspace don’t respect borders. Interpol is very aware of this gap between the cybercriminals and the authorities.

Mr. Nakatani, Executive Direct at the INTERPOL Global Complex for Innovation, stated during a conference in 2013 that budget constraints of law enforcement agencies and bu- reaucracy pose a great obstacle to effectively combat cybercrime. Furthermore, he added the need for a broad cooperation between all sectors to curb impacts.67

The European Union has a binding instrument to combat malicious cyber activities in place since 2005. It demands of all member states to ensure the permanent availability of contact points through the already existing G8 network, which can be contacted by other members in case high-tech crime.68

Developed European nations have extensive and satisfying laws, whereas states from the Americas, Africa, Asia and Oceania overwhelmingly lack proper legislation with merely half in this group planning to further tackle this issue.69

European citizens victimized by cybercrime have the possibility to submit complaints online via a EUROPOL portal to their respective domestic authorities.70

Very frequently the threat of terror from cyberspace is portrayed at having the capability to backstab a country and cause severe blows to the economy. While theoretically all of this would be possible, from a technical aspect it seems to be the case that those horror scenarios can be prevented by running the critical components as so called “air-gapped” machines, meaning that they would have no connection to the public internet and could only be messed with if the perpetrator were to be physically present on site.71

In conclusion the best way to protect oneself from online harm is to be an aware individual or employee respectively, bearing in mind all the possible dangers ensuing from poten- tially hacked websites and file attachments. Steps are already being taken in the right direction by educating personnel on correct behavior in cyberspace environments to pre-vent economic losses or even worse scenarios from happening.

However, much more needs to be done. Espionage and governmental cyber warfare are everything but hypothetical at this point, and are poised to increase even more. In reali- zation of this very fact governments are seemingly investing more into improving their cyberspace capabilities, anticipating the unstoppable rise of the internet as the next bat- tlefield.

8 Activism through interconnectivity – “Hacktivism.”

Hacktivism primarily refers to hacking computer systems for political aims.72 Capitalizing on the pervasiveness and power of the internet, hacktivists try to exploit its access points in order to gain publicity and spread information about their opinions. 73 Social media empowers them to a great extent.74 Hacktivism is not a completely new phenomena as one might assume.

For instance, to protest the enactment of the 1996 Communications Decency Act, a hacker defaced the website of the Justice Department with commentary and images: “Free speech in the land of the free?...It is hard to trick hundreds of millions of people out of their freedoms, but we should be complete within a decade.”75 Moreover, as the Jester76 and Anonymous77 behavior demonstrates, hacktivism is normally used by all sides in an ar- gument.78 As the internet has evolved, the tools used by hacktivists to pursue their ideo- logical objectives have also evolved. In addition, an individual’s goal and opinion will likely determine his hacktivism form. Hacktivism forms manage the gamut from those explicitly covered by existing anti-hacking laws such as DoS attacks, site defacements and redirects to forms such as virtual sit-ins whose legality is less certain.79

8.1 Hacktivism and Hacking

Despite hacktivism having its origins in both activism and hacking, distinguishing be- tween hacking and hacktivism is not straightforward. From one point of view, the two practices have divergent motives: hacking is often carried out of the hacker’s self-interest whereas hacktivism is usually carried out to achieve a political or social goal.80 However, the term hacking has not always been utilized to describe the conduct of a cyber criminal. Originally, it described an innovative utilization of technology to solve an issue. Addi- tionally, hacking is predominantly practiced in defense of a unique set of norms that have come up as part of the culture of the internet.81 For present purposes, on the other hand, hacktivism can be differentiated from hacking, in that hacking does not have political objectives. Most of the hacking attempts are motivated by fraudulent and nefarious aims, and hackers are responsible for fraud, identity theft, commercial espionage as well as other crimes with a yearly cost in the trillions of dollars.

The Forensic Bureau of Investigation has various times declared that cybercrime is the most prevalent criminal threat facing the US, and that anti-cyber warfare efforts are considered as priority behind counterterrorism and counterintelligence.82

Furthermore, cyber war waged by hackers on behalf of non-state and state actors is per- ceived as the next evolutionary step of threats posed to national security.83 In this light, this hacking species is arguably motivated by political goals. The main difference, how- ever, from hacktivism is that hacking in cyber warfare can be analogized to operations in the battlefront whereas some hacktivism forms are more analogous to sit-ins or other nonviolent forms of civil disobedience.84 Law enforcement officials have the fear that cyber-attacks on the network crucial to the country’s infrastructure.

For instance, electric grids, air traffic control systems as well as water purification sys- tems could have more catastrophic consequences. On the contrary, hacktivism tends to be motivated by political issues that are at least partly focused on offline issues.


1,. 2015. 'How Dynamic CVV Is Impacting The Rising Tide Of Credit Card Fraud'. Accessed April 18. 2015.

2 Broadhurst, Roderic. 2006. Developments In The Global Law Enforcement Of Cyber-Crime. Ebook. P.21.

3 The New York Times,. 2012. 'Spring Awakening - How An Egyptian Revolution Began On Facebook'.

4,. 2015. 'Wikileaks'. Accessed April 25. 2015.

5,. 2015. 'E-Estonia - Estonia.Eu'. Accessed March 11. 2015.

6 http://www. Print Edition: Leaders, The Economist. 2010. 'The Meaning Of Stuxnet'.

7,. 2015. 'How Does It Work? | Cyberterrorism-Project.Org'. Accessed April 26. 2015.

8 Hess, Ken, and Ken Hess. 2011. 'What Is A Hacker? | Zdnet'. Zdnet.

9 Blankenship, L. 1986. 'The Hacker's Manifesto'. P.1.

10 SearchSecurity,. 2015. 'What Is White Hat? - Definition From Whatis.Com'. Accessed April 26. 2015.

11,. 2015. 'What Is A White Hat Hacker? - Definition From Techopedia'. Accessed April 26. 2015.

12 Google,. 2015. Accessed March 11. 2015.

13 Facebook,. 2015. Accessed March 12. 2015.

14 About The Open Web Application Security Project,. 2014. 'Clickjacking - OWASP'.

15 SearchSecurity,. 2015. 'What Is Gray Hat (Or Grey Hat)? - Definition From Whatis.Com'. Accessed April 26. 2015

16,. 2015. 'Hacker Hat Colors Explained: Black Hats, White Hats, And Gray Hats'. Accessed April 26. 2015

17 Electronic Frontier Foundation,. 2008. 'A "Grey Hat" Guide'

18,. 2015. 'Phreaking Definition'. Accessed March 17. 2015.

19 Project Gutenberg,. 2015. 'Phreaking'. Accessed March 13. 2015.

20 King, M. (Producer). (2002). The Secret History of Hacking [Motion picture]. England: September Films for Channel 4 TLC

21 Draper, John. 2015. 'Who Is John Draper AKA Captain Crunch | Webcrunchers'. Webcrunchers.Com. Accessed April 26. 2015.

22 Rosenbaum, Ron. 1971. Secrets Of The Little Blue Box. PDF. 1st ed. Esquire.

23 Encyclopedia Britannica,. 2014. 'Phreaking | Communications'.

24 Garfinkel, Simson. 2002. The FBI's Cybercrime Crackdown. PDF. 1st ed. Technology Review.

25 Meister, Darren. 2013. 'Rethinking Banking Rules'. Businessworld.

26 Crimmins, Falk, Fowler, Gravel, Kouremetis, Poremski, Sitarz, Sturgeon, and Zhang. 2014. U.S. Bank Of Cyber: An Analysis Of Cyber Attacks On The U.S. Financial System. Purdue University.

27 Gots, Jason. 2011. 'Hacker For The Hell Of It: The Adventures Of Kevin Mitnick | Big Think'. Big Think.

28,. 2015. 'Kevin Mitnick'. Accessed March 15

29 Freeman, Edward H. 2001. 'The Legend And Legacy Of Kevin Mitnick'. Information Systems Security

30 Aguila, Nicolas. 2008. 'Kevin Mitnick Enters The Pentagon - The Fifteen Greatest Hacking Exploits'. Tom's Hardware.

31 'Takedown (2000)'. [Motion Picture] Imdb.

32 Dwivedi, Rahul. 2015. C yber Crime: Brief Histoy Of Cyber Crime. Ebook. 1st ed.

33 Mitnick, Kevin. 2015. 'Absolute Zero-Day™ Exploit Exchange | Premium Marketplace'. Mitnicksecurity.Com. Accessed March 14. 2015.

34,. 2015. '.:: Phrack Magazine ::.'. Accessed April 27. 2015.

35 Powers, Jeffrey. 2014. 'July 22, 1988: Arrests Of Atlanta Three, Legion Of Doom, Fry Guy'. Day In Tech History - Daily Tech History Podcast Blog 365 Days A Year.

36 MARY B. W. 1992. 'Computer Savvy, With An Attitude; Young Working-Class Hackers Accused Of High-Tech Crime'. New York Times

37,. 2003. 'Defining Malware: FAQ'.

38 Brenner, Susan W. 2010. C ybercrime. Santa Barbara, Calif.: Praeger. P.63

39,. 2015. 'Computer Virus: What It Is And What It Does'. Accessed April 23 2015.

40,. 2015. 'Worm Definition'. Accessed April 30. 2015.

41 SearchSecurity,. 2015. 'What Is Phishing? - Definition From Whatis.Com'. Accessed April 30. 2015.

42 Richmond, Riva. 2005. 'Firms Join Forces Against Hackers'. The Wall Street Journal.

43 Love, Dylan. 2014. 'Why Microsoft And Sony Couldn’T Stop Lizard Squad Attack Despite Warnings'. In ternational Business Times.

44 States that are violating international laws and pose security threats. The U.S. defines Iran, North Korea, Syria and Sudan as such.

45 Merriam Webster dictionary: “a person who believes that the white race is better than all other races and should have control over all other races”

46 Maggio, Edward J. 2009. Private Security In The 21St Century. Sudbury, Mass.: Jones and Bartlett Publishers., p.224

47 Cho, Meeyoung. Jack Kim, 2015. 'South Korea Nuclear Plant Operator Says Hacked, Raising Alarm'. Reuters.

48 Jarvis, Lee, Stuart Macdonald, and Andrew Whiting. 2015. 'Constructing Cyberterrorism As A Security Threat: A Study Of International News Media Coverage'. Perspectives On Terrorism 9 (1).

49 Aamoth, Doug. 2010. 'Operation Payback: Who Are The Wikileaks ‘Hactivists’?'. Time.

50 Leyden, John. 2013. 'Paypal 13 Plead Guilty To Launching Ddos Attacks'. The Register.

51 Bernstein, Lenny. 2014. 'Playstation And Xbox Gamers Face Christmas Outages'. The Washington Post.

52 '2014 US State Of Cybercrime Survey'. 2014. Carnegie Mellon University.

53 King, Rachael. 2009. 'Countries With The Most Cybercrime: Malware Run Amok - Businessweek'. Businessweek

54 McAfee,. 2014. Net Losses: Estimating The Global Cost Of Cybercrime. Economic Impact Of Cybercrime II.

55 Also McAfee,. 2014. Net Losses: Estimating The Global Cost Of Cybercrime. Economic Impact Of Cybercrime II.

56 Greenhalgh, Shannon. 2015. '£12Bn Worth Of Cyber Crime Goes Unreported'. Misco.

57 Voigt, Kevin. 2011. 'Analysis: The Hidden Cost Of Cybercrime'. Edition Cnn.

58 Also McAfee,. 2014. N et Losses: Estimating The Global Cost Of Cybercrime. Economic Impact Of Cybercrime II

59 Figure 1 Cost of different types of cyber crime based on estimates and assumptions of financial damages. Source: DETICA, BRITISH OFFICE OF CYBER SECURITY AND INFORMATION ASSURANCE IN THE CABINET OFFICE,. 2011. The Cost Of Cyber Crime. Detica.

60 The Department for Business, Innovation and Skills (BIS),. 2013. 2013 INFORMATION SECURITY BREACHES SURVEY.

61 PWC, United States Secret Service,. 2014. 2014 US State Of Cybercrime Survey.

62 Also PWC, United States Secret Service,. 2014. 2014 US State Of Cybercrime Survey.

63 Also The Department for Business, Innovation and Skills (BIS),. 2013. 2013 INFORMATION SECURITY BREACHES SURVEY.

64,. 2012. 'Norton Cybercrime Report 2012 | Norton United Kingdom'.

65 Council Of Europe,. 2015. 'Convention On Cybercrime'. Accessed March 21.

66 Verdelho, Pedro. 2008. The Effectiveness Of International Co-Operation Against Cybercrime: Examples Of Good Practice. PDF. 1st ed. Council Of Europe.

67,. 2013. 'PR039 / 2013 / News / News And Media / Internet / Home - INTERPOL'.

68 Also Verdelho, Pedro. 2008. The Effectiveness Of International Co-Operation Against Cybercrime: Examples Of Good Practice. PDF. 1st ed. Council Of Europe.

69 United Nations, Comprehensive Study on Cybercrime. 2013.

70,. 2015. 'Report Cybercrime Online | Europol'. Accessed March 26. 2015.

71 Zetter, Kim. 2014. 'Hacker Lexicon: What Is An Air Gap? | WIRED'. WIRED.

72 Rouse, Margaret. 2015. 'What Is Hacktivism? - Definition From Whatis.Com'. Searchsecurity. Accessed April 28. 2015.

73 Noah C.N. Hampson, Hacktivism: A New Breed of Protest in a Networked World, 35 B.C. Int'l Comp. L. Rev. 511 (2012)

74 Cammaerts, Bart. "Social Media and Activism."The International Encyclopedia of Digital C o mmunication and Society (2015).

75 Adams, Joshua. "Decriminalizing Hacktivism: Finding Space for Free Speech Protests on the Internet." Available at Social Science Research Network 2392945 (2013).

76 A single Hacktivist supporting the U.S. government on his own accord.

77 Hacktivist collective.

78 Hurst, Shannon. "Examining Hacktivism as Performance Through the Electronic Disturbance Theater and Anonymous." (2013).

79 Galloway, Samuel. "Anonymous Action, Anti-Social Affect: Cruising Virtually Queer Political Currents." In APSA 2014 Annual Meeting Paper. 2014.

80 PytlikZillig, Lisa M., Shiyuan Wang, Leen-Kiat Soh, Alan J. Tomkins, Ashok Samal, Tonya K. Bernadt, and Michael J. Hayes. "Exploring Reactions to Hacktivism Among STEM College Students A Preliminary Model of Hacktivism Support and Resistance."Social Science Computer Review (2014):0894439314546815.

81 Adams, Joshua. " Available at

82 McCaughey, Martha, and Michael D. Ayers, eds. Cyberactivism: Online Activism in Theory and Practice: Online Activism in Theory and Practice. Routledge, 2013.

83 Noah C.N. Hampson,Hacktivism: A New Breed of Protest in a Networked World, 35 B.C. Int'l Comp.L. Rev. 511 (2012),

84 Auty, Caroline. "Political hacktivism: tool of the underdog or scourge of cyberspace?." In Aslib proceedings, vol. 56, no. 4, Emerald Group Publishing Limited, 2004. pp. 212-221.

Excerpt out of 81 pages


Crime, Terror and War on the Internet Threats and Risk Management
Rhine-Waal University of Applied Sciences
Catalog Number
ISBN (eBook)
ISBN (Book)
Darknet, Bitcoin, Cryptography, Silk Road, Kryptowährung, Cyberwar, Cyberkrieg, Spionage, DDoS, Cybercrime
Quote paper
Michael Schönbeck (Author), 2015, Crime, Terror and War on the Internet Threats and Risk Management, Munich, GRIN Verlag,


  • No comments yet.
Read the ebook
Title: Crime, Terror and War on the Internet Threats and Risk Management

Upload papers

Your term paper / thesis:

- Publication as eBook and book
- High royalties for the sales
- Completely free - with ISBN
- It only takes five minutes
- Every paper finds readers

Publish now - it's free