The name Vladimir Levin is yet to acquire the underworld chic of Al Capone, Ronnie Biggs or Chopper Read. There is nothing obviously glamorous about a mathematician, his tech-litearate associates, a few computers, and hours of painstaking programming. Except Levin masterminded the theft of over US$10 million from Citibank, which was transferred to accounts in several countries on two continents a decade ago.
|
|
|
Professor Peter Grabosky:
"Every new application of digital technology provides new opportunities [for cyber crime].
|
Although he had been based in his native Russia at the time of the transfers, Levin was eventually apprehended while travelling and extradited from London to New York. He was sentenced to three years’ in prison and ordered to pay back hundreds of thousands of dollars.
Couched in the terms of an international heist in the style of The Italian Job, Levin’s virtual crime, and others like it, appear worthy of detailed attention. But, until recently, there had been scant academic consideration paid to the investigation and prosecution of cyber criminals.
Three Australian experts have collaborated on the first in-depth scholarly study of how investigators, lawyers, and policy makers around the world have gone about catching and prosecuting cyber criminals. Their credentials in the field are considerable. Professor Peter Grabosky, who heads up the Security 21 group at the ANU Regulatory Institutions Network, is internationally recognised as a leading thinker in the field of virtual crime. Dr Gregor Urbas, from the ANU College of Law, has written extensively on the legal aspects of cybercrime. They have both previously worked for the Australian Institute of Criminology, where collaborator
Dr Russell Smith is Principal Criminologist.
The American Society of Criminology has just recognised Smith, Grabosky and Urbas for writing the best international book in the field for 2005, called Cyber Criminals on Trial, published by Cambridge Press in 2004. In it, the trio detail case studies and draw on discussions with experts from around the globe about such major cybercrimes as identity fraud, information theft, virtual heists and virus dissemination. Grabosky says the problems are growing exponentially as
technology advances.
“How many advance fee fraud solicitations did you receive today?” he says. “How many viagra advertisements? I bet it was more than this time last year. The basic principle is that crime follows opportunity.
|
|
|
Dr Gregor Urbas:
"Prosecutors have to follow an electronic trail from the bank’s account back to a particular computer that was used by the alleged offender."
|
|
“The problem with cybercrime is that the take-up of digital technology is
providing more and more people with the tools of crime. There are more and
more targets out there, both individuals like you and me, and financial institutions and other e-commerce sites. Every new application of digital technology provides new opportunities.”
Despite this constant progression, the experts say there have not been any radical changes to how officials bring cases against cyber criminals. Like all prosecutions, the decision whether or not to take the perpetrators of virtual crimes to trial will depend on the strength of the evidence, and consideration of whether the prosecution would serve the greater public good. But Urbas says cybercrimes do start to present specific difficulties when it comes to questions of proof.
“When there is a normal physical offence, like a bank robbery, it’s quite easy to understand the kind of evidence that will identify the person involved, whether that’s visual identification, or physical evidence such as fingerprints or DNA.
“When the same amount of money is stolen from a bank by way of hacking into its databases, the evidentiary questions are completely different in that the prosecutors have to follow an electronic trail from the bank’s account back to a particular computer that was used by the alleged offender. That can be quite difficult. There is a problem in trying to prove beyond reasonable doubt that a particular person sent a particular message. When people are trying to disguise their identity, it’s even harder.”
Harder still are the cases, like Levin’s, that cross national jurisdictions, raising serious questions about which authorities are responsible for the investigation
and prosecution.
“The real challenge is deciding where the crime was committed,” Grabosky says.
“Whether this is in country A where the offender was located, in country B where the victim was situated, or in countries C, D or F, where the criminal communication was routed on the way from A to B. Who is going to prosecute? It’s very costly to extradite people, and very cumbersome to enlist the support of investigative and prosecutorial authorities in other countries.”
But the authors have found that policy makers everywhere are making greater efforts to enact more harmonious, cyber-specific laws to deal with multi-national offences, and there are ever fewer instances where offenders get away with it because the jurisdiction in which they live lacks adequate laws. Smith says Australia’s efforts in this regard compare favourably to other countries, but reforms here have taken place amidst a global climate of cooperation.
|
|
|
Dr Russell Smith:
"It’s a field in which you have to keep up to date all the time."
|
“There has been very great development over the last few years in harmonising legislation around the world. We’ve seen some international conventions that can be used as the basis for countries to reform their own legislation. But there has also been a continuing and ever-evolving development in the types of crime that occur.
“Since this book was written, we’ve seen new developments, such as the ‘phishing’ attacks, where spam emails are sent to people to try to trick them into revealing their banking information. Spam itself is an ongoing development that we didn’t extensively cover in the book, as it wasn’t such a prevalent issue at the time. I think there are abundant opportunities for further research. It’s a field in which you have to keep up to date all the time, because there is new legislation coming through, and types of crimes being committed.”
Smith says this continual game of cat and mouse means that there remains plenty to study. He suggests a future collaboration with his co-authors could consider the psychology of cyber offenders, looking at what drives individuals to the world of virtual crime.
Urbas says lawmakers and enforcers are constantly playing catch-up, and that increasing responsibility for policing cyber crime will also rely on the private sector, whether it is the development of greater security systems by software companies, or more vigilance among individual users.
Is it possible to have a last word when talking about a field that is constantly evolving? Despite the potential for it all to seem overwhelming, Grabosky says most people who are involved with studying and policing cyber crime remain optimistic.
“What we’re experiencing is like an arms race between the good guys and the bad guys. Motivated offenders exist in abundance. Many of them are very clever indeed, and they will use their skills to develop new ways of exploiting digital technology for criminal purposes.
“At the same time, the capacity of government is improving. It was initially a steep learning curve, but they’re improving very significantly. This will continue.”
Back to top
Back to Reporter home |
|
Search Marketing & Comm.
Home
