Internet in criminal activity.

The Internet in Criminal Activity.

The Internet in Criminal Activity

The emergence and development of the global Internet, which has united hundreds of thousands of individual computers, currently opens up the most effective way of using information technology for criminal purposes. In this article, the Internet is considered as an object that provokes criminal activity, as a tool and environment for committing illegal acts. The author points out those areas of the economy and finance that are most attractive to criminals

The takeover of Russia by the Internet with the development of a multi-level information infrastructure and the growth of the fleet of modern computer systems refutes the prevailing opinion that the use of information technology in criminal activity will not pose a pressing problem for law enforcement agencies in our country for many years to come.

Currently, the Internet network consists of millions of computers distributed throughout the world and connected by means of telecommunications. These computers represent various systems operating on the basis of various hardware and software platforms. Undoubtedly, the Internet has opened a new era in the field of information exchange and created previously unknown forms of communication, which objectively contributes to the democratization of social relations. But these same unlimited possibilities also have a downside.

The gigantic virtual cyberspace of the Internet has become a kind of reflection of the real world. Its users represent a certain community of people, comparable in numbers to a large country. And, like any country, the Internet is populated by a variety of people: unfortunately, among them are scammers and extortionists, murderers and rapists. In whose hands a new tool for committing crimes has appeared.

Currently, the Internet allows criminals to exchange information of a criminal nature with the efficiency and reliability that was previously available only to the special services of superpowers with space technology and satellite communications.

There are several main prerequisites for the expanding use of information technology in criminal activity. Firstly, information itself has acquired value and is becoming an increasingly valuable commodity, which leads to the creation of various methods of influencing computer systems both for the purpose of stealing or destroying information, and for the purpose of modifying it. The spectrum of crimes here is from blackmail to espionage, from unfair competition to property crimes. Secondly, electronic settlements and payments, electronic money have appeared, which immediately entailed the development of various methods of their «electronic» theft. Thirdly, computer systems are included in the control circuits of life support systems at various levels: from an individual (on the operating table) to state-scale systems — energy, transport, weapons. Even random failures in the functioning of computers can cause unpredictable situations up to man-made disasters or the unauthorized use of weapons of mass destruction. Deliberate information attacks can lead to even more serious consequences.

In addition, the Internet has another feature: this network essentially does not belong to anyone in particular (with the exception of China, some countries of the Persian Gulf, and partly France), as a result of which there is no practice of government regulation, censorship, or any control over the information circulating in it.

Potentially, criminality is also inherent in the initial openness of the network structure. Regardless of the type of platform, all Internet users must comply with certain common standards to ensure their own compatibility with the system. Such a standard is represented by the TCP/IP protocol family, on the basis of which all the main types of service are organized.

These protocols describe the details of message formats, indicate how to organize network information processes and implement their interaction.

However, the protocol stack is practically devoid of built-in protection mechanisms (from the transport to the application level), which allows them to be used as gateways for information impacts.

According to foreign media, in the US alone, the annual economic damage from illegal manipulation of information contained in electronic media was more than $100 billion in the 1990s. According to a sociological survey conducted in early 1997 on the Internet, 58% of respondents said they had suffered from computer hacking, of which about 18% reported that they had lost more than $1 million in information attacks. More than 22% of attacks were aimed at industrial secrets or documents of interest primarily to competitors.

Let's consider the main types of attacks in the economic sphere that can be carried out using the Internet.

The simplest case is the violation of copyright and other related rights. Such crimes include illegal copying and selling of computer programs obtained from hacker sites. This group also includes the illegal production of pirated copies of laser audio and video compact discs (with the spread of digital recording, they are now created using computer technology), as well as the illegal production of printed products using computer mini-printing houses.

Another group consists of crimes related to the unpaid receipt of goods and services. In particular, the illegal use of telephone company services is most often based on excellent knowledge of the structure and functioning of modern automatic telephone exchanges.

The hacker Shadow Runner created 17 voicemail boxes at a US East Coast telephone company that provided free phone calls and even advertised the service on the Internet. He exploited a feature of Samsung Telecommunications America's telephone systems that by default generate up to 100 unused voicemail boxes that are accessible using a company password.

Those interested in hacking various telephone systems can get instructions in the Phrack electronic journal. Other methods of illegal use of services are based on the modification of information about them in the databases of the relevant companies by hacking the protection of computer systems. In this case, either information about the provided service is destroyed in the relevant database, or information about the legitimate consumer of the already paid service is modified, with the aim of obtaining it by criminals.

For example, if you ordered expensive household appliances and already paid for them in the store, then changing the owner's name and home address in the database will result in someone else receiving the appliances, not you.

Along with the illegal receipt of services, there are other types of fraud: illegal organization of gambling (electronic casino, lottery, sports betting), organization of financial pyramids, fictitious marriage agencies, employment agencies, firms providing mythical services, selling «air», etc.

Modern entities in the credit and financial sphere cannot exist without mutual information exchange, as well as without constant communication between their territorially remote divisions and branches, for which the Internet is often used.

For criminals, the greatest interest is in information about banking, commercial secrets, deposit secrets, information about the financial position of the bank itself and its clients, as well as information that allows determining the investment and credit policy of a particular bank and the direction of its further development.

The object of criminal attacks is sometimes official information required by the bank in the course of its daily activities. Its destruction may pursue the goal of causing material damage to the bank, since even if the information is valuable only to its owner, it nevertheless has a cost equal to the cost of its restoration. The destruction of such information can be either one of the ways of displaying unfair competition, or a way of influencing the bank's management for the purpose of extortion and blackmail.

For example, due to the high labor intensity of assessing the degree of trust in a potential creditor, such operations are automated in most banks in developed industrial countries. At the same time, even the algorithms for making such decisions are kept secret in order to exclude cases of reporting false information. It is easy to imagine what consequences not only knowledge of such algorithms, but also their modification for criminal purposes can lead to.

Another type of computer crime in the banking sector is associated with the emergence of electronic interbank settlements, that is, in fact, electronic money. There are several methods of electronic theft.

Firstly, this is unauthorized access to electronic bank accounts and modification of information displaying non-cash finances. Moreover, in order not to disturb the overall balance of banking operations, information displaying finances is rewritten from the accounts of bank clients to accounts accessible to criminals, where “non-existent” finances are credited.

Secondly, it is possible to modify the algorithms that determine the functioning of the system for processing information on non-cash bank payments. One of such methods is to change the exchange rate conversion factor. The currency is recalculated for bank clients at a reduced rate, and the difference is credited to the criminals' account.

Thus, today, in order to steal a lot of money, in many cases it is enough to just have a computer, a modem, a telephone line and a little luck, since all the necessary information and software is already available on the Internet.

Technological progress does not stand still, and in addition to electronic non-cash finances that exist in the form of records in the computer memory, so-called electronic cash has appeared for trading on the Internet. Along with the emergence of a new type of money, new types of fraudulent transactions have also appeared.

At least two types of electronic cash are known.

Firstly, this is cash that exists in the form of debit plastic cards. It is used both to receive traditional paper cash and to make purchases of goods and pay for services using special equipment.

Secondly, these are «electronic coins» (cyber coins), which are mainly used only on the Internet.

In addition, credit cards are used on the Internet to make purchases in virtual stores and carry out banking transactions.

Currently, the illegal use of credit cards has become widespread in Russia.

According to the press center of the Ministry of Internal Affairs, the total number of credit cards in Russia is about 2 million. Criminals counterfeit both cards of international companies (Visa, American Express, Mastercard/Eurocard, etc.) and cards of Russian payment systems (Union Card, STB Card, Zolotaya Korona), which are already used by several hundred banks.

Credit cards, which are an integral part of electronic payments, are of particular interest to fraudsters.

In the first eight months of 1996, 40 criminal cases were opened and are being investigated, the damage amounting to 5 million dollars. In one of them, in Moscow, an organized criminal group of 25 people is being held criminally liable for committing more than 300 thefts using credit cards and counterfeit slips for a total of about 600 thousand dollars. The quality of the counterfeiting of one of the cards literally amazed foreign experts, it was so high.

To ensure compatibility of plastic card payment systems, the card authorization process most often consists of analyzing the correspondence between the credit card number and the so-called PIN code (Personal Identification Number). The credit card number usually corresponds to the customer's account number, and the PIN code is obtained from it based on a well-known algorithm using the DES encryption standard and an offset (Offset), which is different for each bank.

The method of stealing goods and services on the Internet using counterfeits is known as «phantom card use.» It is based on identifying the algorithm for obtaining a PIN code from a credit card number, which is then assigned to a counterfeit card. It is used to make financial transactions with ATMs (point of sale terminals) operating offline or online.

Information on the operating principles of such algorithms and even their software implementation are available on hacker sites on the Internet.

Several different payment schemes have been developed for using credit cards on the Internet, which open up new opportunities for committing crimes.

a) Clear text exchange — when ordering by phone on the Internet, all the information necessary to make a purchase using a credit card is transmitted in clear text: card number, name and address of the owner, expiration date of the card. All this information can easily be intercepted with the help of special filters and used for fraudulent purposes.

b) Exchange of encrypted messages — the necessary information cannot be intercepted during transmission, but can be accessed from the seller's server and even the buyer's in the manner described below.

c) Use of IDs — the necessary information, in addition to encryption, is provided with digital signatures of the seller and buyer, excluding non-fulfillment of the terms of the transaction (refusal to purchase, transfer goods or services, etc.).

d) Clearing settlement systems — the basic idea is that the customer does not give his real details to the seller when making a purchase. Instead, he gives a virtual name and credit card number. The store authorizes the credit card not at the bank, but at the clearing house. In fact, the system guarantees payment to the store. The customer gives his identification data to the clearing house once in a reliable way, for example by mail. The customer's money is deposited from the bank in the clearing house in one of the ways accepted in the system. This can be done on the basis of knowledge of the customer's credit card details, it can also be done by transfer, check, etc.

d) Using a smart card. Recently, Fischer International Systems Corp. announced the release of a device capable of transferring money from a bank account to a smart card via communication channels. Thus, the first electronic «home» ATM appeared. A similar device can also be used to transfer funds from a smart card to a seller in an online store.

With regard to the reliability of encryption-based methods, the following considerations must be taken into account.

A research group at First Virtual has developed and demonstrated a «preemptive encryption» program that completely undermines the security of any known encryption mechanism. In one version, a program belonging to the snifter class can intercept and analyze every keystroke on a computer keyboard, mouse click, and even messages sent to the monitor screen. It connects to the keyboard driver and reads the keystrokes as they are typed before they can be encrypted. The data stream is easily identified. Strings of known length (for example, 13 or 16 bytes for VISA), with known prefixes and checksum (33 or 37 for AMEX) are selected. The program uses published operating system functions that are required to implement keyboard macros and other important program modules. The current version runs on all flavors of Windows (Windows 3.11, Windows 95, Windows NT) and Apple Macintosh. It can easily be rewritten for UNIX, due to its much weaker multitasking protection.

This program information can be easily transferred to criminals using standard TCP/IP stack protocols. Given the small volume (credit card number and PIN code), this information will be transferred leaving virtually no trace.

Despite the fact that credit cards are widely used to pay for medium (from 10 to 100 US dollars) and large (over 100 US dollars) purchases, they are not suitable for making small purchases and have a number of other disadvantages. In the process of overcoming them, a kind of alternative was developed — digital cash such as Cyber ​​coin (literally — cybernetic coins). Several such systems already exist: CyberCash, DigiCash, NetCash, which are, in fact, digital wallets or electronic purses. Despite the fact that now with the help of electronic cash on the Internet you can make a purchase of up to 20 US dollars, there are no guarantees that this limitation will remain in the future, but even now attackers have ways to use it illegally.

The presented material could be considered as some kind of fantastic inventions and funny cases, if the pages of the Russian press did not increasingly contain messages like this: «Commercial bank «FINVESTBANK» and investment corporation «SPHINX» reported the opening of a bill trading system in the Internet computer network. Electronic trading takes place daily on the Central Russian Universal Exchange from 14.00 to 15.00.

In addition, it is necessary to take into account the following forecasts. The number of companies in the world engaged in electronic commerce in 1996 was 111 thousand and will increase in 2000 to 435 thousand (data from VOLPE, WELTRY&CO). At the same time, the total money turnover of the Internet will increase from 9.5 billion US dollars in 1996 to 196 billion US dollars in 2000 (data from FOREST RESEARCH, Inc.). Internet retail sales will grow from $500 million in 1996 to $7 billion in 2000.

If these considerations have not impressed the reader enough, we will add that one of the most inventive parts of humanity is used as a brain center by organized crime. In this context, the data presented seems to be only the tip of the iceberg in the variety of possible methods of using the Internet environment to implement criminal intentions.