Cybercrime: Recognising and preventing malicious activities online

With the advent of digital banking and digital technologies, new pathways to criminal and illicit activities have opened up. This post discusses cybercrime, and analyses its impact and potential prevention measures that might be applied to avoid online malicious activities.

Cybercrime vs traditional crime

Digital technologies have: introduced new modalities in the commission of illegal activities; amplified the reach of criminals, giving them almost limitless global access; obliged potential victims (citizens, companies, governments) to find new ways to protect themselves; and have even allowed for the emergence of new crimes.

Although cybercrime is an increasingly prevalent phenomenon in modern society, its definition presents difficulties. We could attempt to define it broadly as every illicit activity carried out by means of an internet-enabled computer. However, this definition seems too vague and does not reflect the legal complexities and the diversity of activities encompassed by the concept of cybercrime. Instead of defining the concept, the UN Office for Drugs and Crime (UNODC) has established categories of activities that constitute a cybercrime, which include:

1. offences against the confidentiality, integrity, and availability of computer data and systems
2. computer-related offences
3. content-related offences
4. offences related to infringements of copyright and related rights

David S. Wall has proposed a similar distinction referring to:

1. crimes against the machine (hacking, denial-of-service (DDoS) attacks, etc.)
2. crimes using the machine (traditional crimes, like fraud and theft, carried out with new technologies)
3. crimes in the machine (pornography, hate speech, etc.)

Whatever definition we take, there is no doubt that new technologies have pushed traditional criminal activities to evolve, and adapt to the new digital environment where economic and social interactions are increasing. Fraud, deception, identity theft, money laundering, extortion, and the purchase of illicit goods or products are traditional crimes that have been facilitated by digital technologies. 

Compared to traditional crimes, computer-enabled crimes can be committed from anywhere to anywhere, as long as there is a connection to the internet at both ends. One person can commit several crimes against several victims located in different countries at the same time. As put by David S. Wall, ‘cybercrime can be committed at a distance, much more quickly and in much greater volume than offline crime‘.

Another important difference is that online criminal activities require certain technological expertise to deceive the victims, to gain access to their information, to use this information to generate a profit, but also to hide and erase digital traces. The larger the victim or the offense, the bigger the expertise of the offenders needs to be.

If traditional crime was able to adapt and transition to the digital world, the development of new technologies has also allowed the development of new criminal activities that would not exist without the internet, such as hacking, DDoS attacks, ransomware, malware, etc. These new illegal activities will probably have a greater economic impact in the future than traditional crime has had in the past.

Impacts of cybercrime

As most modern daily activities become increasingly internet dependent (including those in the fields of medicine, transport, entertainment, finance, and education), cybercrimes have negative social impacts in numerous and unsuspected ways.

Recent attacks have shown that a group of hackers can paralyse a hospital only to obtain financial gain. According to a recent report, in 2020, 560 healthcare organisations were victims of ransomware attacks, costing these organisations US$20.8 billion. Another report states that a data breach costs an average of US$9.23 million per incident, with healthcare leading as the top industry for the most expensive data breach costs. And these numbers are only the tip of the iceberg.

Cybercrime also affects regular people who fall into criminal traps. In 2019, the FBI received 467,361 complaints (an average of nearly 1,300 every day), and recorded more than US$3.5 billion in losses to individual and business victims. Among the most reported crimes were phishing and similar ploys, non-payment/non-delivery scams, and extortion. The most financially costly complaints included business email compromise, and romance or confidence fraud.

Preventing cybercrime

Given the potential harm caused by cybercrime and the challenges that law enforcement agencies face bringing offenders to justice, prevention seems to be the primary tool to counter cybercrime. However, in the context of cybercrime, prevention has different meanings, as preventive measures need to be adapted to the type of crime and its potential victims (e.g. individuals vs big companies). These measures will also depend on the type of activity that is being prevented. For ‘crimes with the machine’ (e.g. fraud), the focus shall be on raising awareness so people avoid falling into criminal scams. For ‘crimes against the machine’ (e.g. DDoS, ransomware), prevention will require investing in technological and human resources to improve cybersecurity. For content-related offenses, there has to be a mix of these two types of measures.

These approaches to prevention are of course oversimplified, as it is clear that preventing cybercrimes requires a multiplicity of complex and innovative strategies and technological tools that go from educating users to protecting critical infrastructure.

In conclusion, the words of S.B. Hoar from 2005 retain their relevance today: ‘As long as profitable opportunities for cybercrime exist, cybercrime will threaten our privacy and prosperity. It is imperative that we invest the resources to increase the security of computer systems that comprise the Internet. It requires individual and organizational responsibility. It also requires cooperation and resources from both government and private industry.’

Guillaume Michel is a Mexican diplomat specialised in legal and multilateral affairs. He currently serves as head of Legal Affairs at the Embassy of Mexico in the United States.

Browse through our alumni blog posts at Diplo Alumni Blog.