While technological advancements have without doubt contributed to global economic wellbeing, and in many ways, a collectively improved quality of life for global citizens, it has also been accompanied by a curse and scourge of its own. CYBERCRIME. Cybercrime simply put, is any form of criminal activity that is constructively accomplished by the use or abuse of technology. Common examples of cybercrime include the unleashing of malware onto networks to cripple them and their constituent nodes, just as an act of sheer malice, hacking into networks and individual computers to steal or alter data, breaking security codes and illegally accessing networks to encrypt data and then demanding a ransom to guarantee the release of the data so captured.
What global business/es and governments need to firmly inculcate into their collective psyche is the fact that cybercrime is no longer what tech-criminals and miscreants do just for fun. It has evolved into a global industry, and for those involved it is business. In 2011, the FBI conducted a survey across 24 countries and the survey concluded that the cyber underworld as a collective economy in those 24 countries alone was worth $388 Billion. In the same year Russia, which boasts a thriving cyber underworld had a cybercrime economy the size of which was $1.9 Billion. These figures are apparently underestimated since most victims of cybercrime do not report incidents of hits for various reasons ranging from avoiding reputational damage to fear of triggering a general lack of confidence in customers which can damage their bottom line. Business organizations which experience cybercrime are therefore generally left in a decision quandary as to whether to report the incidents thereby giving stakeholders the impression that their Information Security Protocols are lax, or just find an internal solution and move on with business and life.
Most countries including South Africa have made an effort to craft legislation in order to help combat and therefore minimize cybercrime. The biggest problem each country has faced in the common sense is that technology has razed down physical borders and the significance of territories as legal jurisdictions. Cybercriminals do not only target victims who are in the same territory as them. The ubiquity and power of technology enable them to target anyone anywhere as long as the reward for their effort is appealing enough. This presents a problem which almost immediately invalidates the application of legal frameworks across jurisdictions as there is always a lack of congruence in terms of how the law and its nuances are interpreted across different territories and jurisdictions. Further to this, even if there is a semblance of willingness between parties to carry out a collaborative investigation, the time it takes to put together all the required legal formalities and logistics across many territories in order to initiate an investigation is quite long which allows criminals time enough to erase any trace of their footprints along the path/s or loci of the crime/s committed.
Time lag issues are not only a characteristic of inter-territorial investigations. Even if it is established that the address of the machine which initiated a cybercriminal act is a territorially local one, it still takes long to pool together resources to carry out an investigation, long enough for the criminal/s to successfully temper with the “crime scene”. For this reason, business organizations resort to employing their own Information Security and cybercrime investigating teams as a mechanism of self-defense. This may be part of the wider reason why most incidents of cybercrime go unreported as organizations seek a quick resolution to the problem in a way that enables them to rather quickly go back to business than endure the frustration resulting from the red tape associated with officially reporting cybercrime incidents.
The ubiquity of technology compounded by the fact that technology itself has matured fully to the extent that people need little to no training in order to harness it in crime, means therefore that the threshold related to the cost of perpetrating an act of cybercrime is quite low. The cost being that low is great encouragement for criminals, especially cyber-extortionists whose initial outlay is negligibly low compared to the possibility of “scoring” a few hundred thousand dollars after locking a company’s access to its data before demanding a ransom for its release, for example.
Innovation unfortunately and inadvertently creates a catch-22 situation when viewed from the perspective of combating cybercrime. As technology continues to advance, especially with Artificial Intelligence being a major enabler, the cybercrime industry also harnesses these uber-technologies to achieve their nefarious ends. Stealth technologies which can enter networks without detection are on the rise, and even if they are detected, they have built-in mechanisms which enable them to mutate and metamorphose in order to throw off network defenses and security protocols.
Faced with challenges of this nature and more, it means that company and national cybersecurity budgets are naturally very high. Only a few countries can afford these high and prohibitive budgets which surely need constant upward revision since cyber threats are spawned literally on a daily basis. This requires global consensus on legal frameworks which promote the civil and cogent use of technology while allowing for swift collaborative efforts among disparate legal jurisdictions in the effort to actively combat all incidents of cybercrime.

QUESTION 1 (25 Marks)

The case scenario above indicates that it is difficult for nations to meaningfully collaborate in an effort to combat cybercrime across different legal jurisdictions. Develop a firm and concrete argument as to why this perspective is true and propose a strategy which makes it possible for different legal jurisdictions to effectively collaborate against cybercrime.

QUESTION 2 (25 Marks)

From your reading of the case scenatio above, identify and critically analyse the factors that you feel are currently stoking cybercrime.

QUESTION 3 (25 Marks)

As an Information Systems expert, you have been asked to deliver a presentation relating to Espionage as a cybersecurity. Your presentation is aimed at users of Information Technology who are not IT professionals. Your brief is to explain to them what Espionage is, how it is carried out and what sort of IT professionals are likely to carry out Espionage. In particular produce a document which you will use as a basis of your presentation and in the document break down and clarify the specific roles that perpetrators of espionage play in this criminal act in order to clear all confusion relating, especially to the different skill sets in the hacker community.

QUESTION 4 (25 Marks)

Provide an analysis of why it has become so difficult for global legislation against cybercrime to be effective.

Answers to Above Case Study Questions

Answer 1: There are many challenges associated with managing the cyber crime across International boundaries and one such challenge is different legal jurisdiction. Because of the lack of congruence with respect to interpreting laws across different boundaries, it is often a problem and a challenge in resolving cyber crime issues across international boundaries.