FREE ESSAY ON SOCIAL CONTROL OF CYBER SPACE

SOCIAL CONTROL OF CYBER SPACE

Social Control of Cyberspace B. Pereyra
Our nation's infrastructure is daily becoming much more of an abstract environment due to
the use of organized cyber criminals hacking away at our super computer information
systems. They are generating unpredictable challenges for law enforcement in discovering
the unethical abuse on computer systems and a concentration on the young topic of cyber
terrorism threatening our criminal justice system. Our law enforcement continues to
invent newer methods to function and learn from this new social phenomenon and define
cyber terrorism activity as motivation by the rapid growth of technology as a challenge,
dominance, and as pleasure to obtain privileged information for illegal use to
intentionally harm others and our information networks as well. Therefore, it is of
relevance to explore the behavior of a computer hacker and a cracker; including the
control, response, and the appropriate measures to combat this new crime wave, and how
the academic community, courts, police, and the scientific government are approaching
this radical form of crime. 
On October 25th, 1983, a hearing was formed by the U.S. Congress on the issue of computer
security in the federal government and the private sector. The hearing discussed the
level of importance on how serious the United States Government must become in learning
to monitor the use of computers and Internet through several knowledgeable witnesses.
Susan H. Nycum, an attorney representing Gaston, Snow and Ely Barlett firm's computer
high technology group defined computer crime as: …any illegal act where a special
knowledge of computer technology is essential for its perpetration, investigation, or
prosecution" (Nycum, 15). Nycum also added before the committee that computer abuse falls
into four categories that follow.
The first category is abuse like financial fraud and theft, incidents of theft of money
from financial institutions or goods from businesses. The second is information fraud and
theft. Information can be data, such as business secrets stored in computer systems,
valuable to computer programs and data about individuals. The third category is theft of
services. For example, systems hackers who use computer time to look around or employees
who run entire profitable computer enterprises, such as service bureaus on the company or
agency computer systems are examples of this kind of abuse. Lastly, vandalism, where
computers have been damaged or destroyed as have databases and programs to perpetrate
crimes. In addition, Nycum also points out that computers are involved in several ways as
tools or objects for an attack. For example, international terrorists have used bombs and
submachine guns to attack at least 28 computer centers of multi national companies and
government agencies in Italy and France over the past years. A misguided employee of a
U.S. company firebombed a computer of a competing company for the purpose of giving his
employer a competitive business advantage. Furthermore, a computer can be the subject of
crime by providing the automated mechanism to modify and manipulate new forms of assets,
such as computer programs and information representing money. For example, bank frauds
have been accomplished by manipulating the system to transfer small amounts of money from
one account, which is later withdrawn. This is known as the salami effect, where near the
end, after slicing the intruded account, the complete account is exhausted by all the
small transfers or withdrawals. Bogus accounts have been created in computerized delivery
or accounts payable systems to which goods have been shipped or money paid by financial
institutions and retailers. Changes to computerized data have resulted in inflation of
inventories in credit ratings, employment reviews, college and school grade records, etc.
Lastly, a person can use a computer as an instrument for conducting or planning a crime.
A perpetrator modeled his crime on a computer to alert him to the amount of activities he
could engage in without attracting attention to his deeds, and later used the computer as
a management tool to keep track of the activity, or even aid a stockbroker to produce
forged investment statements to show huge profits to deceive his client and steal
millions. Thus, the cyber criminal can only use the symbol of the computer to intimidate
or deceive others. An example would be to convince his victim that he possess a very
unique money making program or application able to do wonders like to hack classified
information. 
Amazingly, it is difficult for agencies, institutions, or the private sector to know the
extent of computer crime and abuse. Like other crimes, cyber terrorism is very difficult
to detect until it has already struck, causing millions, if not billions of dollars, or
even life. 
In June 1999, tens of thousands of computer systems in several major U.S. companies
(including AT&T, Boeing, and General Electric) had their files infected, damaged, or
destroyed by a software virus, Explore. Zip worm. This file-destroying but, first
detected in Israel, arrived as an e-mail message and utilized MAPI commands and Microsoft
Outlook on Windows systems to propagate itself. It has been estimated that damages from
the Explore. Zip worm and other viruses (e.g., Melissa macro virus) topped $7 billion
during the first two quarters of 1999. By the end of the year, computer intrusions will
cost private industry more than $20 billion (Alexander & Swetnam, 4).
It may seem Internet bandwidth connections have advanced way beyond what the program
creators of File Transfer Protocol (FTP) ever imagined. Complete files can be sent across
the globe at the click of a mouse into other hard-drives in less than 45 million bits per
second on a T-3 connection. Currently, the T-3 is one of the fastest digital lines
available for any person who could cast an effective attack in less than 0.06 seconds.
Scary, don't you think? Unbelievably so, attacks did come about during the Kosovo War.
Serb entities attempted to overwhelm NATO computers by ping attacks which establish
communication with a target computer and occupies its functions by continuing to stay
linked and feeding the computer system information. Recently, similar attacks were made
towards the online auction website EBAY, and other electronic commerce websites using the
same technique. Devices, such as an amplifiers assist the hacker in resending the signal
repeatedly, causing vulnerable servers to lag or crash, making it disabled for blameless
users to visit the website for the information they seek justifiably. 
Whether or not the attempts by the user are to just visit the website or surf unto the
information and cause a crime, it is difficult to really suspect them in committing an
illegal operation or an attempt to cause major inner structural damage to the providers
server until it has already been done. For instance, in 1970 Susan Nycum was director of
Stanford University's Computer Facility when her office was entered by a person saying, I
think we are about to have a problem. In her own words, What had happened was that
someone from a remote terminal using telephone lines had attempted to enter the vast
campus computer facility system to destroy the volume table of contents of all the data
that was stored in that facility" (Nycum, 4). Luckily, an alert operator forestalled the
attack and they were not damaged, but if they had been, $50,000 in 1970 U.S. dollars
would have been necessary for the repairs towards the system and recovery of modified or
lost data. Since then, institutions around the United States have scattered for solutions
to protect themselves from unlawful intrusions and the borderless threats from cyber
space.
In 1991, the Computer Emergency Response Team at Carnegie Mellon University, also known
as C.E.R.T., reported more than 500 incidents of computer account attacks. Five years
later, Carnegie Mellon University would report 2,500 incidents of such attacks.
Frightening enough, University of Delaware faced its first experience of cyber crime with
nearly 2,000 students' and professors' passwords were compromised and had to be changed.
This matter was reported to C.E.R.T. security specialists and it was later discovered
these attacks were part of a larger pool of experienced online vandals, which involved
other computers around the country terrorizing databases and fragile unsecured networked
computer systems. Now, not only the schools, banks, businesses, and the military are
feeling this terror, but also the federal agencies and local police departments are
experiencing the work of computer attacks. Awareness grew of a new form of crime striking
the nervous system of courts and the criminal justice sector. A push for secure software
protection became the solution for most law enforcement agencies, corporations, and the
government. Firewall programs were developed to protect server Internet protocol or
"i.p." numbers to secure the integrity of data. Unfortunately, programs can only protect
specific intrusions, but still, there are forms of viruses that exploit systems by
transferring codes through wireless, phone, and fiber optic cable connections. For
example, e-mail acceptance of an effected file can cause an over-depended system to
become paralyzed, disabling total access and reconstruction of a network. Usually this
form of an attack is produced with the intention to break a system, test, or challenge in
search of flaws in the application or system by a hacker. Very knowledgeable computer
engineers or skilled users write programs like viruses or exploit codes. We can simply
call them hackers because they have successfully broken into a file or the gate that
secures company information. Those who have broken through this gate and have altered
this data are considered crackers because they have not just successfully broken into the
system, but have exposed malicious behavior on their property. Examples of a cracker is
negligence to deface a website, alter, or erase valuable information from their file
management, and/or sell, transfer information, such as funds into other accounts for
withdrawal. Therefore, crackers are considered dangerous, possess a lack of computer
skills, knowledge, and usually are profiled as juveniles by federal authorities.
Recently, authorities apprehended a 16-year-old cracker who perpetrated the CNN database
deleting files, also known as a procedure in hacker lingo as modifying the residue in the
kernel memory of the system. The juvenile cracker is believed to have struck several
worldwide websites, dropping Dow Jones for more than 500 points and losing more than tens
of millions of investment dollars. This case is an example by the U.S. Justice Department
to send a message across to the hacker community -announcing the act will no longer be
tolerated. As authorities heighten their investigations, more and more companies like
Sprint, MCI, Abovenet, and Exds are all working together to put the flow of suspicious
information together. Furthermore, they are able to assist law enforcement agencies in
correlating information from a number of different sources as logging access lists off
layer four connections and routers to pin point who recently visited the network system
(Master, 1). As well, information off chat rooms, direct i.p to i.p. matchmaking, unique
remote file transfers, and suspicious transactions made by users over cyber space are
being reported. This is all possible by the advancement of technology and the
participation of all government agencies and private corporations coming together. 
No doubt, authorities have had to adjust to two decades of a new crime trend by educating
themselves and hiring knowledgeable computer specialist to assist them in controlling the
intrusions and wrongful acts caused by cyber criminals. As more cyber crimes surface,
supreme court judges will have to depend on the severity of the crime and carefully
interpret the law giving the proper consequence for the illegal act. In addition,
governmental control over Internet usage can only go so far. This has been noticed
recently when three judges on the U.S. Court of Appeals for the Sixth Circuit in
Cincinnati ruled in favor that computer encryption programs are a form of expression and
therefore are protected by the First Amendment. Does this mean it protects virus programs
and or applications that can do harm to computer information systems? Chief Judge, Boyce
F. Martin Jr. of the Sixth Circuit wrote in favor stating that this protects computer
programs:
Because computer source code is an expressive means for the exchange of information and
ideas about computer programming, we hold that it is protected by the First Amendment"
(Kiernan, 2).
Shockingly, now, composers of computer programs are protected by actual case laws for
reasons that it falls under free speech, and raising the possibility that restrictions on
such programs may be deemed unconstitutional. If three judges on the U.S. Court of Appeal
ruled that computer programming is a form of expression, then where are we headed?
Certainly, we have two points of the spectrum attempting to circumvent the issue, and the
other side protecting the technological epidemic. 
In conclusion, we clearly see the social control in our society of how our government
whose interest is to protect information, contradicts itself by saying it is right to
produce computer scripts or program codes that increases harm to our nation's
infrastructure. Furthermore, I am convinced the crimes of tomorrow (cyber perpetrating),
and its consequences are not fully enforced, but I accept that we as a nation are doing
our best to learn from this fascinating transgression of events. We are learning from it
and we are creating limitations, while at the same time, out-dates the rapid advancement
of technology making today's legislation obsolete while the hacker's vulnerability
assessment tools become more sophisticated. Lastly, our hopes, as the criminal justice
community, is to quickly detect and predict these modernistic attacks, investigate
individually, and circumvent this new trend of cyber criminology and understand its
sociological behavior.
Class: Social Control (Sociology 313)
Grade: A+
Bibliography
(1) Alexander, Yonah. Swetnam, Michael. Cyber Terrorism and Information 
Warfare. [Vol.1,2,3,4] Oceana, New York: Dobbs Ferry, 1999. 
(2) Kiernan, V. Appeals Court Rules That First Amendment Protects Computer Encryption.
The Chronicle of Higher Education. 5 Apr. 2000: 1 of 3
Internet: . 
(3) Master, Web. Is Mafiaboy Real or a Creation of the Media? News. 20 Apr. 2000: 1
Online Internet. 24 Apr. 2000. Internet: . 
(4) United States, Congress. Senate. Committee on Governmental Affairs. Computer Security
in the Federal Government and the Private Sector. Washington: U.S. G.P.O., Ninety-Eighth
Congress, First Session, October 25, 1983.
(5) United States, Congress. Senate. Committee on Governmental Affairs. Security in Cyber
Space. Washington: U.S. G.P.O., Hundred Fourth Congress, Second Session, May 22, 1996.