Detection and Prevention of Internet Crimes
This chapter introduces the reader to the various methods to aid in Internet crime detection and prevention. Specifically covered are means by which the investigator can identify that Internet crime is occurring within their communities. It is again stressed that Internet crime is no different than traditional crimes and that allowing it to continue unabated adds to the online criminal’s erroneous belief that they can’t be caught. Also discussed are the methods investigators can employ to prevent Internet-related crime. These methods can include public education and interaction at various levels. Finally, available training to hone skills and knowledge for Internet investigators is presented.
Key Words
Cyberethics; cybercommunity coalitions; prevention education; security awareness programs; technological detection/blocking; National Cybersecurity Alliance; United Kingdom Council for Child Internet Safety; UK Safer Internet Centre; Insafe; Safer Internet Day; National Internet Safety Month; International Consumer Protection Enforcement Network; Internet Watch Foundation
…despite the serious problems being posed by the Internet to police everywhere, traditional, off-line evidence gathering and investigation will remain the primary tools of law enforcement.
Hiroaki Takizawa, Assistant Director, Economic and Financial Crime Sub-directorate, Interpol; Ghosh, 1997
Perception of law enforcement on the Internet
Cybercrime and its investigation is not new. The 1970s saw the first modern technology crimes when hacking the traditional telephone network with a cereal box whistle1 was thought to be high tech. This was well before the creation of today’s Internet or the World Wide Web. Their development ushered in an expansion in the scope and sophistication of criminal behavior. Clarke (1998) noted that “For law enforcement agencies to provide a credible threat against criminals, they need a number of capabilities; or at least they need to be perceived by potential criminals to have them.” He further stated that “…a critical aspect of control over criminal activities is the credibility of law enforcement agencies’ capabilities to detect and to investigate.” The Internet has grown incredibly since that comment, bringing forth a corresponding explosion of high-tech crimes.
In Chapter 1, we provided a broad cybercrime definition as a criminal offense that has been created or made possible by the advent of technology, or a traditional crime which has been transformed by technology’s use. We further defined Internet crimes as offenses committed or facilitated through Internet. In Chapter 2, we also explored how there is a convergence of online crime techniques and terrorist philosophies.
One thing that must be realized is that the Internet provides individuals bent on criminal activity or acts of terror, additional opportunities to fail without consequences. If the cyber terrorist/criminal fails in their attempt to commit the crime today, they do not automatically get arrested or die. They do however learn from what did not work, and they can use that knowledge against you and your community again and again. We must remove these “free passes” for criminal experimentation. This chapter will focus on preventing Internet crimes from being successful and hopefully minimizing the criminal experimentation that targets our citizens, businesses, and governments.
Contributing factors to the problem
Increases in online crime are tied to three factors. First, there is a growing Internet dependence in our society. This dependence not only increases the victim pool but means more of a societal impact if a key service or organization is adversely effected by online criminal acts. Second, the Internet and technology have made committing crime much easier. Obviously, technology has made the actual commission much simpler. Online offenses, such as hacking, previously required a basic knowledge of programming and command line operations. Now there are downloadable programs that automatic Domain Name System (DNS) attacks. Additionally, the Internet has literally created a venue for worldwide fraud schemes, which even a novice can execute. Technology has clearly made offenses simpler to commit from an operational standpoint. However, its effect goes beyond just making execution easier.
The Internet’s environment frequently reduces ethics or morals that might prevent such crimes from occurring in an “offline” environment. Consider the illicit trading and downloading of copyrighted software, music, and movies. Individuals are usually unwilling to go into a store to shoplift merchandise. However, many of these same individuals have no issue with downloading pirated materials. Even those who do understand it is wrong will still justify their actions by claiming as long as they don’t download too much it is somehow okay. This is akin to saying it is okay to steal occasionally, just don’t take too much.
Internet harassment is another example. Some offenders would not engage in such conduct if it required them to interact with their victim in the real world. The Internet provides an imaginary “shield of invincibly” reducing many individual's inhibitions to criminally act out. The same can be said about cybersex offenses. Countless sex offenders rationalize and minimize their illicit conduct by claiming it was merely “fantasy.” The erroneous belief that Internet crime is not real provides a moral crutch, allowing some individuals to proceed with online criminal behavior.
The mere presence of law enforcement has long been held to be a deterrent to criminal behavior. One prong to US insanity defenses is the issue of “irresistible impulse,” also known as the policemen at the elbow test (Frontline PBS, 2002). Basically, if an individual can’t refrain from committing a criminal act based upon a mental illness, even in the presence of policemen, they may be found innocent by reason of insanity. Unfortunately, the Internet is perceived by many to lack that “policemen at the elbow.” This perception translates into there being no restraint on illegal Internet conduct but for the user’s morals and ethics.
The last contributing factor is a lack of general understanding of Internet security risks by the public, including some in law enforcement. No one would walk through a dangerous neighborhood, blind folded, while carrying a large bundle of $100 bills. However, countless individuals go online blindly, with unprotected computers containing credit and bank account information, as well as identifiers and passwords to access their entire financial wealth. Similarly, no one walks up to a stranger on the street, holding a sign that reflects the name of their financial institution and hands over cash for a deposit. Yet, countless phishing victims go to bogus websites and willing provide criminals access to their entire bank account.
The catalyst that aggravates these factors is an inadequate cohesive national strategy in the United States, let alone the world. We have discussed several groups, such as the Internet Crime Complaint Center (IC3) and past guidance from the White House on dealing with cybercrime. However, the IC3 data is based upon self-reported crimes by victims and does not come near to encapsulating the entirety of Internet offenses. In addition, it is US crime centric and does not cover the magnitude of the online crime internationally. In the United States, the White House Comprehensive National Cybersecurity Initiative has historically been the document referenced when the administrations talk about cybercrime response. This document reflects the following major goals designed to help secure the United States in cyberspace:
• “To establish a front line of defense against today’s immediate threats by creating or enhancing shared situational awareness of network vulnerabilities, threats, and events within the Federal Government—and ultimately with state, local, and tribal governments and private sector partners—and the ability to act quickly to reduce our current vulnerabilities and prevent intrusions.
• To defend against the full spectrum of threats by enhancing U.S. counterintelligence capabilities and increasing the security of the supply chain for key information technologies.
• To strengthen the future cybersecurity environment by expanding cyber education; coordinating and redirecting research and development efforts across the Federal Government; and working to define and develop strategies to deter hostile or malicious activity in cyberspace.” (Executive Office of the President of the United States, pp. 1–2).
However well-intentioned the document is regarding cybersecurity, it does not address the response to all Internet crimes. Specifically, the document effectively outlines the US national response to cybersecurity and infrastructure protection but fails to give guidance on how law enforcement at all levels should respond to nonhacker-type Internet crimes. Finally, the document is a US-based perspective on the worldwide problem of cybercrime. We do not want to minimize the impact of a DNS attack against a website and hacker intrusions into corporation and government systems. These are serious acts. But the vast majority of Internet crime affects individuals on a personal level, such as cyberfraud, identity theft, stalking/harassment, and sexual exploitation offenses. Law enforcement and corporations need to prepare and educate their citizens and/or customers to those Internet crimes they are more likely to fall victim. The current strategy is like providing a plan to survive an earthquake while ignoring preparations for tornadoes, hurricanes, floods, fire, etc. Law enforcement and corporations need to educate their respective constitutes for all manner of online crime they may encounter. This education process will help prevent the successful completion of Internet crime. Additionally, the process will provide an avenue for investigators to interact and learn from their constituents. Overtime, these efforts will help establish that investigators are competent to handle these cases and demonstrate to the community that law enforcement has not abandoned the online world to criminals.
Law enforcement’s response to internet crime
In the United States, the responses to Internet crime comes at many levels. Most of them are uncoordinated and make no unified effort to address online crime. The only exception is the US Internet Crimes Against Children (ICAC) Task Forces. We have mentioned them in previous chapters because they are the only real example in the United States of a coordinated response to any of the cybercrime issues. The reason is the common goals, policy, and coordination of the investigations. No other Internet crime has the same law enforcement response. The US federal agencies mainly focus on terrorism and the response to cybercrimes that affect businesses and the US infrastructure. Federal agencies also are recognizing the need to recruit engineers and computer scientists for their critical skills that can add to an effective response. Agencies, such as the FBI and Secret Service, are learning to deal with cybercrime by dedicating more agents to the problem and creating more task forces focused on cybercrime investigations.
State and local law enforcement agencies responses are very different. The response depends on the locale, its leadership’s understanding of problem and funding. Beyond the ICAC’s narrow focus (sex crimes against children), there is no consistent federal funding for the cybercrime problem. As a result, the nonchild cybercrime investigations are dependent on local funding sources. Recall in Chapter 11, the law enforcement perception frequently is that the “Internet is not our jurisdiction.” With such an erroneous perception, it is little wonder that local agencies do not seek funding for a problem they consider someone else’s concern.
Are there “broken windows” in cyberspace?
Recall in Chapter 1 our discussion of the “Broken Windows Theory.” The question for us in the Internet’s context is, does the theory apply? Just how different is policing the Internet from policing our own communities? Aside from the physical location being different, the Internet is a set of communities. Particularly with social media, the emphasis is with the community. They differentiate themselves by how one site builds its community’s existence. For example, Internet Relay Chat has its own community identity different than those found on Google+. So, evaluating the “Broken Windows” theory in relationship to the Internet we have to accept that the online world has its own communities. Bill Siebert spoke on the need for law enforcement to invest in Internet investigations paraphrasing a description of this theory by noting: “Ignoring or just non-management of Internet crime sends a signal to certain elements that crime is safe because nobody cares, and soon it builds up to all sorts of crime.” Given this approach, we can look at online crime in a very different way. Policing the Internet should be no different than policing the real world. Approaching Internet policing with this in mind, we can affect a positive change to make the online world safer. In this context, law enforcement needs to:
• Identify the communities to police.
• Contact the community members.
• Isolate the community’s problems.
• Help set standards for the community.
If law enforcement reaches out to the online communities that serve their real-world community members they can effect change and reduce crime. The benefit to law enforcement will be a better understanding of the technology in use by its citizens. Additionally, law enforcement gains the opportunity to interact with the community and build relationships that allow the citizens to feel comfortable enough to report Internet crimes if they become victims.
Detection methods
How do we detect Internet crime? Well, the obvious answer is how we learn about most crime, via a victim compliant. We spoke in previous chapters about the need to take a report and the need to interview victims and get detailed information about the crime. There are other places that the investigator can get information about Internet crimes committed in their jurisdiction. Beyond receiving reports and proactive investigations, we note the following additional sources to detect Internet crime.
Internet Crime Complaint Center
Previously in Chapters 1 and 2, we discussed how the IC3 provides statistical data on cybercrime from receiving victim reports. However, they do not just collect, gather, and disclose data for annual reports. They provide victims a convenient and easy-to-use mechanism for reporting their victimization. These complaints are maintained in a central referral location, and they are eventually reviewed and forwarded to the appropriate law enforcement agency. However, for a law enforcement agency to receive such a report, it must first sign up with IC3. Signing up for these reports will alert law enforcement to how many of their citizens are becoming Internet crime victims. Additionally, it will help them detect patterns that may reflect a local nexus as opposed to one from across the globe. For instance, if five victims in a community all report a similar Internet crime occurred to them, a follow-up interview may reveal they all have some piece of information that points to a local suspect. Remember, just because a crime involves the Internet, doesn’t mean that the suspect doesn’t live near the victim. Finally, report collection which identifies local victims may be used as justification to secure additional resources or funding to address a problem that is affecting the agency’s own community.
National Center for Missing and Exploited Children
National Center for Missing and Exploited Children’s (NCMEC’s) mission is to help prevent child abduction and sexual exploitation, find missing children, and assist victims of child abduction and sexual exploitation, their families, and the professionals who serve them. Additionally, it provides a cybertip line, allowing the public and electronic service providers the ability to report Internet-related child sexual exploitation (www.cybertipline.com). These cybertips are forwarded to participating law enforcements agencies, mainly ICAC participants. Finally, the NCMEC provides numerous resources which may be used to tailor Internet safety presentations.
US Federal Trade Commission
The Federal Trade Commission’s (FTC’s) mission is “… to prevent business practices that are anticompetitive or deceptive or unfair to consumers; to enhance informed consumer choice and public understanding of the competitive process; and to accomplish this without unduly burdening legitimate business activity.” (FTC, 2013) The FTC has become very active with Internet cases where companies or individuals have engaged in deceptive or fraudulent practices online. Their first Internet case was FTC v. Corzine, CIV-S-94-1446 (E.D. Cal. filed September 12, 1994) and involved misrepresentations on America Online, that a “credit repair kit” would fix an individual’s credit problems. Since that time, they have had numerous Internet cases including business opportunity scams, goods advertised but not furnished, pyramid schemes, hacked modem scams, bogus health products, and deceptive domain name registrars. Additionally, FTC is very active in identifying theft, providing the following:
• Resources to learn about identity theft, including detailed information to help individuals deter, detect, and defend against identity theft.
• An online location where consumers can file identity theft complaints.
• Maintenance of the FTC’s Identity Theft Data Clearinghouse.
FTC investigations begin in a variety of ways, such as consumer or business letters, Congressional inquiries, or articles on consumer or economic subjects. If the FTC believes a law violation has occurred, they can obtain voluntary compliance by entering into a consent order with the company or individual. Additionally, they can issue an administrative complaint which results in a formal hearing. If a violation is found, a cease and desist order or other appropriate relief may be issued. In some circumstances, the FTC will go directly to court and obtain an injunction, civil penalties, or consumer redress. In this way, the FTC can stop a fraud before too many consumers are injured.
FTC frequently works with law enforcement agencies who can also pursue criminal cases against the investigative targets. Checking with the FTC can alert law enforcement to other victims in their community who may have contacted them directly. The FTC is a powerful investigative ally. They have the ability to issue cease and desist orders and obtain injunctions, which can stop deceptive and fraudulent online conduct from continuing while the frequently longer criminal investigation progresses to its proper conclusion. Additionally, the FTC may be able to obtain consumer redress to citizens in your community, regardless of whether criminal charges are filed.
International Consumer Protection and Enforcement Network and E-Consumer
The FTC is not the only agency of its kind in the world. There are a multitude of similar consumer protection agencies in other countries, such as the Australian Competition and Consumer Commission, Competition Bureau Canada, and the United Kingdom Office of Fair Trading, to name a few. The International Consumer Protection and Enforcement Network (ICPEN) is made up of 50 such agencies.2
In April of 2001, 13 ICPEN agencies came together to respond to multinational Internet fraud and to enhance consumer protection and consumer confidence in e-commerce. The result was econsumer.gov, a joint effort to gather and share cross-border e-commerce complaints. Today, 28 countries3 participate in this initiative. The econsumer.gov website allows consumers to report complaints about online and related transactions with foreign companies. These reports are entered into Consumer Sentinel, a database maintained by the FTC. The database is accessible to certified government law enforcement and regulatory agencies in all ICPEN member countries.
Methods of prevention
So far we discussed investigating Internet crimes but we have not talked about the methods that can be used to prevent them. Like any crime there are many things we can do to approach the problem and prevent people from being victims. Clarke (1998) describes two kinds of Internet prevention methods, hard and soft, the latter being the more successful. This chapter will explore both methods in detail. For now, hard prevention is the use of technology to prevent Internet crime. Clarke (1998) advises that soft prevention comprises “… disincentives against criminal activity, and in particular:
• clear definition of criminal offenses;
• public awareness-raising and education;
• the perceived likelihood of discovery;
Hard prevention: using technology to stop internet crime
Hard prevention uses technical means, such as “… architecture, protocols and software that preclude, or render difficult, actions of a criminal nature from being performed.” (Clarke, 1998) This is the building of better and safer computers, software, and hardware that will automatically prevent crime—a pretty neat idea but impractical for the vast majority of Internet crimes. Obviously, building more secure computers and systems can be done, but that will not have any impact on their direct use to commit a crime. Clarke (1998) observes that online, most criminal activities are only differentiated from noncriminal ones on the basis of the content or purpose of transmitted data. He concludes that designing Internet architecture or protocols in order to ensure that the Internet simply cannot be used for any criminal purposes is therefore problematic at best.
However, technological detection/blocking methods do have some successes. For years, corporations and governments have used block lists to prevent malicious websites from interacting with their systems. But methods are also being employed beyond just systems under an agency or corporations direct control. This is occurring particularly in the area of online child exploitation offenses. Technology is being deployed to detect child pornography on Internet Service Provider (ISP) networks or to block access at the national level of blacklisted websites or those which are found to contain images which match the hash values of known child pornography. Countries such as the United Kingdom, Norway, Sweden, Denmark, Canada, Switzerland, Italy, the Netherlands, Finland, New Zealand, and France have gotten ISPs to block child pornography from coming into their countries from known contraband sites. Additionally, large ISP companies such as Google (search results), AOL (email attachments), and Facebook (uploaded images) have developed their own systems to detect child pornography images (McIntyre, 2013).
In 2008, New York passed the Electronic Securing and Targeting of Online Predators Act (e-STOP) law, which requires convicted sex offenders to register all of their e-mail addresses, screen names, and other Internet identifiers with the state. In turn, this information is shared with various ISP, who purge these potential predators from their networks. It was first used to remove sex offenders from social media networks, and in 2012, it was expanded to online gaming platforms. Thousands of registered sex offenders in New York have had their accounts on these networks closed as the result of e-STOP.
It would be naive to think sex offenders would not use technology (use of proxy servers, changing one bit to overcome hash value detection, etc.) as well as other methods, such as lying on forms to bypass these detection/blocking methods. However, these initiatives do make some areas of the Internet safer and provide a barrier of sorts, making it harder for sex offenders to operate freely.
Blocking questionable websites is not limited to just child pornography. In the United Kingdom, various ISPs under court order are maintaining an antipiracy block list and initiating a proxy blockade against torrent sites found to trade in pirated music (Ernesto, 2013). Some may argue that this smacks of being too much like “Big Brother”, particularly if the blocking is done under direct government control. From a pragmatic point of view, such methods only work until the site relocates or the end users employ one of the techniques noted in this book to access the website from another location. These “blacklists” of websites and IP addresses that are potentially used by criminals are increasingly the method of choice for ISPs to block potential criminal activity. However, useful and noncriminal sites added to these lists find it difficult to get themselves removed if they are put on the list through no fault of the owner. As such, constant vigilance is needed to keep the block lists up-to-date and accurate.
Soft prevention: education
Regardless of the investigative approach taken, both law enforcement and civil investigators need to understand that education helps prevent their communities from being victims. Preventive education hardens targets and helps provide disincentives against criminal activity. Clearly defining criminal offenses within the community allows the citizens to understand when they have been victimized. Education prevention helps raise public awareness to Internet crime issues and the perceived likelihood of its discovery. Education also leads to more effective investigations, which leads to a greater likelihood of a successful prosecution. Recall from Chapter 2 that a knowledgeable victim can be an asset to closing a case successfully. The investigator, either law enforcement or within their company, can conduct education prevention. Education outreach can also occur in various groups of online users.
We traditionally think about educating children of the dangers of certain Internet activities, but there are other groups needing attention. Parents need to understand how the technology and the Internet can pose a risk to their children. Businesses need to be informed of the risk technology can pose to the business and how to prevent the possibility of victimization. The elderly are an often overlooked group who need education on Internet hazards especially as they seek out and use more social media. Even local computer repair shops are a source requiring education. They may understand the technology, but they frequently don’t understand their requirements for reporting certain behavior such as possession of contraband. Other places to educate and liaison include libraries, universities, and other areas which provide computers with open Internet use. Providing them tips for making sure their computers are not used for illegal purposes, such as locating computers in open public areas, can make criminals less likely to use their systems. Additionally, placing these computers in areas away from children reduces the chances that they will be exposed to inappropriate, if not illegal material.
Existing programs
There is a plethora of Internet sites dealing with online safety and/or security. Most are focused on educating children or providing information and guidance to parent/guardians and teachers. In addition, many of these sites provide instructional material and/or presentations for law enforcement to keep children safe online. Other sites are very specific, focusing exclusively on crimes such as cyberstalking or identity theft. Some sites focus on providing preventive information in a text format. Many have multimedia files for viewing and/or material for downloading, such as handouts or presentations. Still others are interactive, providing users the ability to take tests, play informative games, or post messages. Some sites are a webpage or two, off a main website, devoted to other endeavors, such as law enforcement or providing commercial goods or services. Many are stand-online websites devoted entirely to Internet safety/prevention. Sites tend to provide material for an entire country/region, although those focusing on a particular community or city are starting to appear. Online safety/prevention sites can generally be categorized by how they are supported, such as if they are government or business supported or a stand-alone entities such as a nonprofit corporation or private initiatives. Accordingly the following are five general online safety programs/sites:
1. Major law enforcement or other government agencies: Some examples include Cybersmart (http://www.cybersmart.gov.au/); FBI Safe Online Surfing (https://sos.fbi.gov/); IC3 Internet Crime Prevention Tips (http://www.ic3.gov/preventiontips.aspx); NCMEC Netsmartz (http://www.netsmartz.org/); Royal Canadian Mounted Police Internet Safety Resources (http://www.rcmp-grc.gc.ca/is-si/index-eng.htm); The Security and Exchange Commission’s The Internet and Online Trading Safety Site (http://www.sec.gov/investor/online.shtml); and ThinkUknowNow (http://www.thinkuknow.co.uk/).
2. Nonprofit entities: ConnectSafely (http://www.connectsafely.org/); i-SAFE, Inc.(http://isafe.org); KidsSMART (http://www.kidsmart.org.uk/); SafeKids (http://www.safekids.com/); Web Wise Kids (http://www.webwisekids.org/); and Wise Kids (http://www.wisekids.org.uk/).
3. Corporations: Microsoft’s Safety & Security Center (http://www.microsoft.com/security/family-safety/childsafety-steps.aspx); Google’s Good To Know A Guide to Staying Safe and Secure Online (http://www.google.com/goodtoknow/); and Sprint’s 4NetSafety (http://www.sprint.com/4netsafety/).
4. Private initiatives: Examples include Digital Stalking—Supporting Victims of Stalking, Harassment and Bullying (http://www.digital-stalking.com/); KL Greer Consulting, LLC (http://www.klgreer.com/); and Yoursphere Media, Inc.(http://internet-safety.yoursphere.com/).
5. Blended (two or more supporters): GetNetWise (http://www.getnetwise.org); Internet Keep Safe Coalition (iKeepSafe) (http://www.ikeepsafe.org/); OnGuardOnline.gov (http://www.onguardonline.gov/); United Kingdom Council for Child Internet Safety (UKCCIS) (https://www.education.gov.uk/childrenandyoungpeople/safeguardingchildren/b00222029/child-internet-safety); UK Safer Internet Centre (http://www.saferinternet.org.uk/); and Insafe (http://www.saferinternet.org/).
Developing your own prevention initiative
With all the wealth of resources available, the question now becomes why would anyone think about developing their own program? Having your own initiative, even if it is merely to provide regular presentations, reflects to your community that your agency is involved and engaged on the cybercrime front. This translates into more willingness to report Internet crime and to alert your agency to troubling cybertrends in your community. By all means, use the available resources with the understanding that may have some dated material. Consider them as the foundation that you will build on, not the final product. Also don’t forget to check for “offline” resources, such as books. We now will focus on two types of initiatives you might consider.
Presentations
Preparing an Internet safety presentation is not a hard task, particularly with the number of available online sites noted. Some of these sites contain “canned” presentations or material that can be used, provided one tailors them to their audience and insures they are up-to-date. Presentations can be given in person or via webinars. They also can be recorded and made available for later viewing. Obviously, presentations focusing on keeping children safe online is a must, but also consider other venues and special topics, such as online fraud/identity theft; juvenile sexting, and gaming safety. Presentations should be available at any time of the year. However, special attention should be given to scheduling presentations to coincide with designated safety/presentation events. For instance, in the European Union, there is Safer Internet Day, held in February of each year. In the United States, there is National Internet Safety Month, held in June and the National Cyber Security Awareness Month, held in October. Also be aware of nonspecific cyberevents, such as the United States National Stalking Awareness Month held in January to provide presentations on cyberstalking as well as ICPEN’s Fraud Prevention Month. Additionally, be prepared to provide presentations in the event there is a spike in online victimization among your constituents. Generally, the presentations should follow the below guidelines to maximize their effectiveness:
• Limit to 45–60 minutes in length and provide ample opportunity for questions.
• PowerPoint slides should contain no more than three “bullet-points,” avoiding lengthy sentences as much as possible.
• For in person presentations, make sure material can be shown regardless of Internet access or audiovisual equipment.
• All presentations should include contact details for requesting additional information or to report a cyberincident.
• Make sure the presenter knows the material.
• Use plain language and avoid jargon.
• Limit the number and volume of handouts. If possible, provide links to presentation material as a way to establish and continue contact with the attendees.
Basic children online safety education
Children online safety programs should include educating children that they should not give out identifying information such as name, home address, school name, or telephone number while online. Additionally, ensure they understand not to give photographs to anyone online without first checking or informing parents/guardians. Children should also not respond to messages, which are suggestive, obscene, belligerent or threatening, and not arrange a face-to-face meeting without telling parents or guardians. The training should also ensure that children understand that people online might not be who they seem. Also, stress that inappropriate online behavior is not limited to strangers. “Trusted” individuals, such as teachers, coaches, relatives, and so on have incorporated online communications as a way to groom victims. Additionally, it should be covered that digital images have an extremely long shelf life and are easily distributed. Finally, children online safety programs should include a component stressing cyberethics, to help develop good “netcitizens.” The sidebar “Delivery Tips for Talking to Child Audiences” provides guidelines for tailoring presentations to children.
Basic parent online safety education
Basic parental online education should include a brief discussion on the need to keep software updated and to use antivirus and anti-spyware programs, and firewalls. Additionally, parents should be informed about the pros and cons of content filtering and/or monitoring software to protect children from pornography, gambling, hate speech, etc. Education should also cover where to locate computers in the home, establishing time controls for their use. Providing information on how to check their children’s online activities is also important. However, no amount of filtering, monitoring, or searching will prevent a child from obtaining unsupervised Internet access. As a result, the most important point to convene to parents is that they need to have and maintain open communication with their children.
Facebook and Twitter as well as other social networking sites can obviously also be used by criminals. Both children and adults therefore need to understand how social networking can be secured and that privacy settings need to be periodically reviewed and updated as social media providers frequently change settings and services.
Employer security awareness programs
Any large organization, such as a corporation or government agency, should have an acceptable computer use policy in place, which all employees must acknowledge and adhere to on a continuing basis. However, these agreements are only part of the answer. Increasing employees are engaging in bringing your own device (BYOD) to the workplace. A Logicalis Group (2012) study found 57% of full-time employees engaged in some form of BYOD. These devices pose additional risks and challenges for employers. Unfortunately, the same study found that 17.7% of respondents noted that their employer’s IT department was unaware of this practice and 28.4% actively ignored it. Clearly, computer use policies must now incorporate BYOD components. An employee’s online safety, particularly when they are engaging in BYOD practices, now becomes more important to the employer. The theft of data from the employee may not be limited to just their identity but the employer’s assets as well. Therefore, it becomes imperative that employers couple acceptable use policies with online safety and security awareness programs. The National Security Institute (2010) provides the following three essential ingredients to creating an effective security awareness program:
1. The program must convincingly demonstrate that security breaches don’t just adversely affect the organization, but also harm individual employees.
2. It must focus and consistently reinforce strong security practices in different and creative ways.
The National Security Institute further notes that effective awareness programs can transform employees from a company’s “greatest risk to greatest asset” by (1) continuous exposure to appropriate awareness training; (2) consistent positive reinforcement through well-articulated security messages, which are easily understood, digested, and applied to employees’ everyday lives at work and at home; and (3) management ensuring that employees receive needed training and are motivated to use it. “Only when security becomes as second nature as buckling up your seatbelt, will it really be effective.” (National Security Institute, p. 8).
Employer security awareness will naturally center on good work place practices. However, we would argue that those same practices are also important for employees to adopt at home to keep safe from identity theft, cyberfraud, and other online crimes. As such, employers need to stress to their employees that they should adopt the same preventive measures at home. Additionally, employers should likewise consider scheduling major awareness training events at the work site to coincide with online safety preventions occurring in their communities. Consider the impact of employees attending such training at the same time their children are receiving online safety tips at their school. This may very well enhance the retention of presented information by both the employees and their children because they have a shared learning experience they can talk about.
Online presence
An online presence can be as simple as just listing cybersafety tips on a webpage. More complicated endeavors, such as creating a website or social media presence, require planning and resources. Who is the effort trying to reach and what will be the focus (a general Internet safety tips or a specific online crime)? What are the resources to create, maintain, and keep current the effort? Is the endeavor going to be merely a listing of tips or will it contain material that can be downloaded (handouts, presentations, etc.) or viewed online (multimedia)? Will the online presence be interactive and if so who will engage the target population? The sidebar, “Tips for Online Presence” provides some basic guidance on the pros and cons of the various elements to creating an online safety presence. One final consideration: Is it to be an in-house project or a collaborative effort with other interested parties?
Cybercommunity coalitions
The National Cybersecurity Alliance, Infragard, and the Multi-State Information Sharing & Analysis Center have created a guide for building cybercommunity coalitions to help secure the Internet. The guide includes steps such as developing a vision/mission statement, getting buy-in from stakeholders and who to initially invite to participate in the coalition. The guide also provides a coalition website plan example, invite templates and agendas for first meeting, a defined framework with deliverables, and speaker ideas. Two noteworthy examples of cybercommunity coalitions are Washtenaw County Cyber Citizenship Coalition (http://washtenawcybercoalition.org/) and Securing Our eCity (http://securingourecity.org/).
The latter, located in Michigan, is being used as a model for such coalitions by the National Cyber Security Alliance. Securing Our eCity, located in San Diego, California, was recognized in 2010 along with My Maine Privacy, as the “Best Local/Community Plan” by Departments of Homeland Security and Commerce and the White House Cybersecurity Coordinator (Figures 16.1 and 16.2).
Investigator cybercrime education
Training on how to investigate Internet crimes is a must. You are starting that journey by reading this book and implementing its recommendations. However, hands-on training is always a good addition to any text. There are groups that the law enforcement as well as corporate investigators can attend that can provide the basic skills needed to prepare for Internet investigations as well as to educate their constituents. Some law enforcement supported training will allow police from other countries to attend their programs. Additionally, in the United States, many states have their own police training academies which offer very good courses on Internet investigations. College programs tend to offer degrees or certificates that are focused on computer forensics but nevertheless offer courses which are helpful for Internet investigations. We have provided a sidebar with a listing of some locations to receive such training.
What can you do to detect and prevent online crime?
Within your company or agency, setting up a dedicated cybercrime investigation team should be a priority. The prevention of the various cybercrimes needs a dedicated and regular response. This is true for law enforcement as well as companies large enough to support a team. All investigators should be trained in how to investigate online crimes. Because the skill set for investigating Internet crimes is different than the digital forensic examiner, the two units should not be housed together. They certainly work in concert but the two functions are different. Unfortunately, for many years within law enforcement, the two functions have been done by the same individuals. No longer can the department’s “computer guy” do everything technical. Internet investigations and digital forensics are different in their approach. The investigator familiar with digital forensics may certainly understand the Internet investigative process. However, maintaining currency in the field of Internet investigations requires going online and honing skills that frequently change due to the nature of the Internet. This is no different than as the digital forensic investigator who has to update and maintain their skills when it comes to understanding operating system changes and program updates. These Internet investigation units should likewise liaison and network on a regular basis with other similar units in their geographic area. Again HTCIA (htcia.org) provides a great venue to not only network but receive quality training at the same time.
What can you do to detect and prevent online crime? Well, the first thing is to encourage the reporting of Internet crimes. Whether it is in a law enforcement agency or a company, getting the victims to report the crimes is significant. If the crime is not reported, it can’t be investigated. If you do not have an organized response in your agency or business, prepare a plan to address the issue and present it to your supervisor. Compare the cost of Internet crime to the cost of not investigating online crime by your agency or company. Include the expense of providing a response, such as personnel, equipment, and training costs. Provide the end result of committing to dealing with Internet crimes which can include the protection of your community and business assets as well as the potential for prevention of further crimes against your citizens or employees. The final point here is that if you are not addressing the investigation of Internet related crimes, you can’t respond to the problems associated with it.
Conclusions
Detecting and preventing Internet crime should be an integral part of the investigator’s standard processes. Early detection minimizes the number of victims that may be affected as well as leads to more successful prosecutions. Prevention initiatives provide a method to exchange information with an agency’s constituents. This enhances trust and leads to more communication and cooperation. Additionally, it helps keep an agency up-to-date on the online risks facing those they serve. This chapter has provided both suggestions and resources for developing presentations and an online presence to educate and prevent Internet crime. One thing that we must continue to remind our communities is if it isn’t reported law enforcement does not know it occurred!!! This lack of knowledge means resources will not be devoted to the problem and a viscous cycle begins. No one reports Internet crime because it is believed no one can do anything about it. The result is the criminals gain ground in the online world. Finally, we stressed that Internet investigators need to receive regular training to keep up-to-date on their skills as well as educate their constituents about emerging online threats.
Further reading
1. A Crime of Insanity—Insanity on Trial. (2002, October 2). Frontline PBS. Retrieved from <www.pbs.org/wgbh/pages/frontline/shows/>.
2. Attorney General Cuomo, Senate Majority Leader Joseph Bruno And Assembly Speaker Sheldon Silver Announce Bill To Protect New Yorkers From Sex Predators On The Internet | Eric T. Schneiderman. (n.d.). Eric T. Schneiderman | New York State Attorney General. Retrieved from <http://www.ag.ny.gov/press-release/attorney-general-cuomo-senate-majority-leader-joseph-bruno-and-assembly-speaker-1>.
3. Clarke,R. (1998, February 16). Technological aspects of internet crime prevention. Australian Institute for Criminology’s Conference on ‘Internet Crime’. Presented at Australian Institute for Criminology, Melbourne University, Melbourne, Australia. Retrieved from <http://www.rogerclarke.com/II/ICrimPrev.html/>.
4. CJU 4030—Internet Crimes—Acalog ACMS™. (n.d.). Alliant International University. Retrieved from <http://catalog.alliant.edu/preview_course_nopop.php?catoid=19&coid=28315>.
5. Code of Responsible Computing, Computer Learning Foundation (2000). The advent of the computer delinquent. FBI Law Enforcement Bulletin, 69(12), 7–11. Retrieved from <http://www.fbi.gov/stats-services/publications/law-enforcement-bulletin/2000-pdfs/dec00leb.pdf>.
6. College of Policing: Covert Internet Investigations. (n.d.). College of Policing. Retrieved from <http://www.college.police.uk/en/578.htm>.
7. Commission Enforcement Actions Involving the Internet and Online Services. (2003). Washington, DC: Federal Trade Commission.
8. CybercrimeSurvival.com—Learn the Investigative Tools You Need to Succeed. (n.d.). Vere software. Retrieved from <http://www.cybercrimesurvival.com>.
9. Digital Evidence Class. (n.d.). Central Piedmont Community College. Retrieved from <http://www.cpcc.edu/aaaf/digital-evidence/classes-offered>.
10. Digital Forensic Science Courses. (n.d.). Defiance College. Retrieved from <http://www.defiance.edu/pages/BASS_CF_courses.html>.
11. Digital Stalking—Supporting Victims of Stalking, Harassment and Bullying. (n.d.). Digital-stalking. Retrieved from <http://www.digital-stalking.com/>.
12. econsumer.gov—Your site for cross-border complaints. (n.d.). econsumer.gov. Retrieved from <http://ECONSUMER.GOV>.
13. Enough is Enough. (n.d.). InternetSafety101.org. Retrieved from <http://www.internetsafety101.org/>.
14. Ernesto. (2013, June 11). UK ISPs secretly start blocking torrent site proxies. torrentfreak.com. Retrieved from <torrentfreak.com/uk-isps-secretly-start-blocking-torrent-site-proxies-130611/>.
15. Explorer (RT) (n.d.). Web security: tips to protect kids online. Microsoft Protect. Microsoft Corporation. Retrieved from <http://www.microsoft.com/security/family-safety/childsafety-steps.aspx>.
16. Family Safe Computers—Home. (n.d.). Family safe computers. Retrieved from <http://www.familysafecomputers.org/>.
17. FBI—Internet Fraud. (n.d.). FBI. Retrieved from <http://www.fbi.gov/scams-safety/fraud/internet_fraud>.
18. Federal Trade Commission—About Us. (n.d.). Federal Trade Commission. Retrieved from <http://www.ftc.gov/ftc/about.shtm>.
19. GetNetWise | You’re one click away. (n.d.). GetNetWise. Retrieved from <http://www.getnetwise.org>.
20. Ghosh, R. (1997, October 31). Exclusive: Interpol’s top internet crimefighter speaker out. The American Reporter.
21. Google’s Good to Know a Guide to Staying Safe and Secure Online. (n.d.). Google. Retrieved from <http://www.google.com/goodtoknow>.
22. Hetherington Group—Training. (n.d.). Hetherington Group. Retrieved from <http://hetheringtongroup.com/training.shtml>.
23. High-Tech Crime Investigation: Loss Prevention and Cybercrime Certificate Program.(n.d.) The College of Continuing and Professional Education, California State University, Long Beach. Retrieved from <http://www.ccpe.csulb.edu/continuinged/course_listing/programdescription.aspx?Group_Number=236&Group_Version=2>.
24. High Technology Crime Investigation Association (HTCIA). (n.d.). High Technology Crime Investigation Association. Retrieved from <http://htcia.org>.
25. Home CEPOL—European Police College. (n.d.). CEPOL—European Police College. Retrieved from <https://www.cepol.europa.eu/>.
26. Home | CPC Canadian Police College. (n.d.). Canadian Police College/Collège canadien de police. Retrieved from <http://www.cpc.gc.ca/en/home>.
27. Home ConnectSafely. (n.d.). ConnectSafely. Retrieved from< www.connectsafely.org/>.
28. Home: Cybersmart. (n.d.). Cybersmart. Retrieved from <http://www.cybersmart.gov.au/>.
29. Home-KL Greer Consulting. (n.d.). KL Greer Consulting. Retrieved from <http://www.klgreer.com/>.
30. Home—Metropolitan Police Service. (n.d.). Metropolitan Police Service. Retrieved from <http://content.met.police.uk/>.
31. ICAC Training and Technical Assistance. (n.d.). ICAC Training and Technical Assistance. Retrieved from <http://www.icactraining.org/>.
32. iKeepSafe Home.(n.d.). iKeepSafe. Retrieved from <http://www.ikeepsafe.org/>.
33. Improving Security from the Inside Out. (2010). Medway, MA: National Security Institute. Retrieved from <http://www.nsi.org/pdf/improvingSecurity_InsideOut.pdf>.
34. Insafe. (n.d.). www.saferinternet.org. Retrieved from <http://www.saferinternet.org/>.
35. International Consumer Protection and Enforcement Network (ICPEN) Home. (n.d.). International Consumer Protection and Enforcement Network (ICPEN). Retrieved from <https://icpen.org/>.
36. Internet Crime Complaint Center (IC3) | Prevention Tips. (n.d.). Internet Crime Complaint Center (IC3). Retrieved from <http://www.ic3.gov/preventiontips.aspx>.
37. Internet Fraud Information. (n.d.). USA.gov: The U.S. Government’s Official Web Portal. Retrieved from <http://www.usa.gov/Citizen/Topics/Internet-Fraud.shtml>.
38. Internet Investigation. (n.d.). Cranfield University. Retrieved from <http://www.cranfield.ac.uk/cds/postgraduatestudy/forensiccomputing/page15415.html>.
39. Internet Safety Resources—Royal Canadian Mounted Police. (n.d.). Royal Canadian Mounted Police—gendarmerie royale du Canada—Bienvenue. Retrieved from <http://www.rcmp-grc.gc.ca/is-si/index-eng.htm>.
40. Kidsmart Welcome. (n.d.). Kidsmart. Retrieved from <www.kidsmart.org.uk/>.
41. Kovalchik, K. (2008, August 30). True Crime: John Draper, the original whistle blower. Mental Floss. Random, Interesting, Amazing Facts—Fun Quizzes and Trivia | Mental Floss. Retrieved from <http://mentalfloss.com/article/19484/true-crime-john-draper-original-whistle-blower>.
42. Logicalis Commissions White Paper Study into BYOD. (2012, November 28). Global IT Partner. Global IT Services, Solutions from Logicalis Group. Retrieved from <http://www.logicalis.com/news-and-events/news/logicalis-white-paper-byod.aspx#.UfUb89LVC8C>.
43. McIntyre T. Child abuse images and cleanfeeds: Assessing internet blocking systems. Research handbook on governance of the internet Cheltenham: Edward Elgar; 2013; pp. 277–308.
44. National Center for Missing and Exploited Children. (n.d.). National Center for Missing and Exploited Children. Retrieved from <http://www.missingkids.com/>.
45. National Cyber Security Alliance | StaySafeOnline.org. (n.d.). National Cyber Security Alliance |StaySafeOnline.org. Retrieved from <http://staysafeonline.org/>.
46. NCFI—Home. (n.d.). National Computer Forensics Institute. Retrieved from <www.ncfi.usss.gov/ncfi/>.
47. NetSmartz: Parents & Guardians. (n.d.). NCMEC NetSmartz. Retrieved from <http://www.netsmartz.org/>.
48. Novielli. M. Delivery tips for talking to child audiences (2004). HTCIA Internet Safety For Children Campaign, High Technology Crime Investigation Association (HTCIA).
49. NW3C Home. (n.d.). National White Collar Crime Center. Retrieved from <http://www.nw3c.org/>.
50. Ohio ICAC.org. (n.d.). Ohio Internet Crimes Against Children Task Force. Retrieved from <http://www.ohioicac.org/>.
51. OnGuard Online Home.(n.d.). OnGuard Online. Retrieved from <http://www.onguardonline.gov/>.
52. Online Computer Forensics—Bachelor’s Degree. (n.d.). Champlain College. Retrieved from <http://www.champlain.edu/cyber-security/online-computer-forensics-digital-investigation-degree>.
53. Online Open Source Intelligence eLearning - Toddington International. (n.d.). Toddington International Inc. Retrieved from <http://toddington.com/etraining/>.
54. Program: Forensic Computer Investigation Certificate. (n.d.). University of New Haven. Retrieved from <http://catalog.newhaven.edu/preview_program.php?catoid=4&poid=510>.
55. Programs in Digital Forensics. (n.d.). University of Central Florida. Retrieved from <http://www.cs.ucf.edu/csdept/info/gccf/index.htm>.
56. Protect Your Computer from Cyber threats and Learn How to be Safe Online. (n.d.). Securing Our eCity®. Retrieved from <http://www.securingourecity.org/>.
57. RCFL: Regional Computer Forensics Laboratory. (n.d.). RCFL: Regional Computer Forensics Laboratory. Retrieved from <http://www.rcfl.gov/>.
58. Report Child Sexual Abuse Content to the Internet Watch Foundation (IWF). (2013). Internet Watch Foundation (IWF). Retrieved from <http://www.iwf.org.uk/>.
59. SafeKids.com: Digital Citizenship, Online Safety & Civility. SafeKids.com. Retrieved from <http://www.safekids.com/>.
60. Safe Online Surfing. (n.d.). FBI SOS. Retrieved from <https://sos.fbi.gov/>.
61. A.G. Schneiderman’s “Operation Game Over” Continues With Thousands Of Additional Sex Offenders Purged From Online Gaming Platforms | Eric T. Schneiderman. (n.d.). Eric T. Schneiderman | New York State Attorney General. Retrieved from <http://www.ag.ny.gov/press-release/ag-schneiderman%E2%80%99s-%E2%80%9Coperation-game-over%E2%80%9D-continues-thousands-additional-sex-offenders>.
62. SEARCH: The Online Resource for Justice and Public Safety Decision Makers. (n.d.). SEARCH. Retrieved from <http://www.search.org>.
63. Sprint™ 4NetSafety™. (n.d.). Sprint. Retrieved from <http://www.sprint.com/4netsafety/>.
64. The Carnegie Cyber Academy—An Online Safety site and Games for Kids. (n.d.). The Carnegie Cyber Academy. Retrieved from <http://www.carnegiecyberacademy.com/>.
65. The Comprehensive National Cybersecurity Initiative (2010). Washington, D.C: Executive Office of the President of the United States.
66. The Internet and On-Line Trading. (n.d.). U.S. Securities and Exchange Commission. Retrieved from <http://www.sec.gov/investor/online.shtml/>.
67. The Leaders in E-Safety Education. (n.d.). i-SAFE. Retrieved from <http://isafe.org/>.
68. thinkuknow. (n.d.). Thinkuknow—home. Retrieved from <www.thinkuknow.co.uk/>.
69. Training/Cybercrime/Crime areas/Internet/Home—INTERPOL. (n.d.). Internet/Home—INTERPOL. Retrieved from <http://www.interpol.int/Crime-areas/Cybercrime/Training/>.
70. UK—Safer Internet Centre. (n.d.). UK—Safer Internet Centre. Retrieved from <http://www.saferinternet.org.uk/>.
71. United Kingdom Council for Child Internet Safety (UKCCIS). (n.d.).UK Department of Education. Retrieved from <https://www.education.gov.uk/childrenandyoungpeople/safeguardingchildren/b00222029/child-internet-safety>.
72. USDOJ: CRM: About the Criminal Division. (n.d.). United States Department of Justice. Retrieved from <http://www.justice.gov/criminal/fraud/websites/i/>.
73. Washtenaw County Cyber Citizenship Coalition - Online Security. (n.d.). Washtenaw County Cyber Citizenship Coalition. Retrieved from <http://washtenawcybercoalition.org/>.
74. Web Wise Kids. (n.d.). Web Wise Kids. <http://www.webwisekids.org/>.
75. WISE KIDS: Promoting Innovative, Positive and Safe Internet Use. (n.d.). WISE KIDS. Retrieved from <http://www.wisekids.org.uk/>.
76. Yoursphere for Parents—Helping Families Live Healthy Digital Lives. (n.d.). Yoursphere. Retrieved from <http://internet-safety.yoursphere.com/>.
1John Draper, aka “Captain Crunch” discovered the give-away whistle in cereal boxes reproduces a 2600 Hz tone, allowing him to make free toll calls. (Kovalchik, 2008)
2Australia, Austria, Azerbaijan, Barbados, Belgium, Bulgaria, Canada, Chile, China, Colombia, Costa Rica, Cyprus, Czech Republic, Denmark, Dominican Republic, El Salvador, Egypt, Estonia, European Commission, Finland, France, Germany, Greece, Hungary, Ireland, Israel, Italy, Japan, Republic of Korea, Latvia, Lithuania, Luxembourg, Malta, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Panama, Papua New Guinea, Philippines, Poland, Portugal, Seychelles, Slovakia, Spain, Sweden, Switzerland, Turkey, United Kingdom, United Nations, the United States, and Vietnam.
3Australia, Belgium, Canada, Costa Rica, Chile, Denmark, Dominican Republic, Egypt, Estonia, Finland, Hungary, Ireland, Italy, Japan, Latvia, Lithuania, Mexico, the Netherlands, New Zealand, Norway, Poland, South Korea, Spain, Sweden, Switzerland, Turkey, United Kingdom, and the United States.