The Organized Crime Marketplace in Canada

Characteristics and Methods

Technology and Crime

Threat Issue

Crimes facilitated through technology encompasses a wide variety of offences that pose different levels of threat to consumers, businesses, and, more generally, society at large.There are two broad categories: new crimes committed with and born out of new technology and traditional crimes committed with new technology. Newer crimes include hacking and “spoofing”websites², while traditional crimes using technology, particularly the Internet, include identity theft, extortion and fraud.

Overview of Criminal Activity

The growth in the number and variety of technology-related crimes, particularly computer-related crimes, echoes the exponential increase in the number of Internet users and the expansion of e-commerce globally. Organized crime groups are broadening their exploitation of technological vulnerabilities by targeting individuals and businesses that rely on technology, e-commerce and the on-line storage of valuable personal, financial and intellectual property data.

Computer-related crimes pose significant and growing threats globally because many are sophisticated, effective and malicious. For example, spam has evolved from a time- and resource-wasting nuisance to a medium through which individuals can distribute malicious software programs, also known as “malware.” Individuals now increasingly use unsolicited e-mail, or spam, to distribute viruses,worms,³ spyware⁴ and Trojan horse software.⁵ Spam directed at computer programs/files, instant messaging systems,weblogs and cellular phones makes these tools vulnerable to worms, viruses, and fraud. Some viruses facilitate the illicit access of the personal or sensitive data stored on the devices. For cellular phones, new text messaging technology enables senders to conceal their identity, allowing impersonated messages that can facilitate spam, fraud and viruses. Malware enables criminals to use the cellular phone without the user’s knowledge or gain access to the phone’s personal data.The exploitation of these technologies is expected to increase in the next year. Spam also poses a threat to wireless game consoles, personal data assistants (PDA) andVoice over Internet Protocol (VoIP).

In Internet “pharming,” hackers exploit vulnerabilities in the domain name system (DNS) server software and then illicitly redirect Internet traffic to targeted websites.⁶ Pharming can also occur when a user’s computer system is compromised by malware. As a result, when users wish to access a legitimate site, they are unknowingly redirected. Redirected false sites are used for phishing.⁷ Pharming poses an ongoing threat to consumers and businesses as it can target a broad number of financial institutions’ users and wait within the computer for the user to access financial services.

Criminals are forming more and larger botnets, or networks of computers with broadband Internet connections that are compromised by malware and are thus “software robots or zombies.”These remotely-controlled attack networks undertake a variety of crimes: sending spam or phishing e-mails, hosting spoofed websites for pharming scams, and distributing viruses or trojan horse software to facilitate on-line extortion or compromise more home computers for larger botnets.

Individuals involved in on-line “carder networks” illegally buy and sell stolen personal and financial information. Some networks sell blank credit cards, the algorithms necessary to encode a credit card’s magnetic strip or lists of botnets.These networks facilitate counterfeit credit card manufacture and identity theft. In Operation FIREWALL for example, 28 individuals were arrested from eight U.S. states and several countries who were involved in selling about two million credit card numbers in two years, causing losses of over US$4 million.

In a newer version of traditional extortion, criminals hack computer systems containing valuable and/or sensitive data, like credit card numbers.The data are then either ransomed back to the company or the criminal offers to exchange silence regarding the vulnerability for a fee.An increasingly popular extortion scheme involves either threatening to launch or actually launching denial-of-service (DoS) attacks or directed denialof- service (DDoS) attacks against businesses.These attacks, often undertaken through botnets, involve overloading computer networks/servers with enormous amounts of data to disrupt or interrupt service to users. Corporate or intellectual property information is also vulnerable to espionage. In May 2005 for example, a number of middlelevel managers and private investigators from several companies in Israel were charged with planting trojan horse software in competitors’ computers to access confidential information.

Internationally, some criminal groups, according to the United Kingdom’s National High-Tech Crime Unit, are also showing increasing interest in using the Internet for pay-per-view child pornography.

Certain technologies and innovations have facilitated the production and distribution of child pornography. For example, computer software can digitally alter images of child pornography to enhance or change the image, for example sexualizing content by removing clothing. Similarly, in contrast to software that digitally ages missing children, images of child pornography can be created by “de-aging” images of adult pornography. With developments in animation, digitally-created child pornography may become widespread. Criminals have been known to use steganography to conceal information, like child pornography, and distribute it in a secure fashion.

Technology facilitates increasingly secure, anonymous and rapid communication, through tools like encryption software, wireless devices, encrypted cellular phones and anonymous re-mailers that forward e-mails without revealing their origins. Criminal groups exploit tools like this to plan and undertake criminal activities, such as drug trafficking, without physical interactions, thereby reducing the risks of detection and prosecution.

Organized crime can also use technology to intimidate criminal rivals, or instill fear in communities to prevent the reporting of organized crime-related activities or testifying to a witnessed crime. For example, individuals can use e-mail, the Internet or other electronic communications devices, like cellular phones with cameras, to slander, threaten, harass or “cyberstalk” another person.Threats can be posted in chat groups and personal information can be manipulated or simply released to violate personal privacy.With technology to enable anonymity and security in communication, this type of intimidation poses challenges to law enforcement.

Negative Socio-economic Effects

The scope and extent of technology and crime within Canada or globally is difficult to determine, partly due to chronic non- or under-reporting. Compounding the complexity of technology-related crime is the lack of standard definitions, either in Canada or globally. Despite these gaps, the number of computer-related crimes are increasing rapidly as are associated financial costs.

It is increasingly expensive and difficult to respond to evolving threats from computer-related crime as well as to update protective software continually – firewalls, encryption and anti-virus and anti-spam protection. Businesses face increased costs from malware ranging from lost worker productivity, degraded network performance, security risks and waste of technical support resources to expensive, time-consuming repairs and upgrades. For example, the Canadian Banking Association reports that the banking industry in Canada spends more than $100 million annually to prevent, detect and deter fraud and other crimes against banks, including activity related to identity theft.

Technology simultaneously provides opportunities and challenges for law enforcement. Crimes facilitated by technology are often costly, complex,multi-jurisdictional (or even multi-national) and committed by individuals who are difficult to investigate and often harder to prosecute.The criminal activities are often under-reported and require investigator expertise, as well as sophisticated tools to identify, gather and evaluate evidence. On the other hand, law enforcement uses technological advancements to target criminal groups and exploit criminal groups’ vulnerabilities to detect, deter and reduce their criminal activities. It is essential that law enforcement, the private sector and the public work together to promote awareness of technologically-related crimes, to encourage the reporting of all crimes and to discuss ways to reduce the threats.

²Website ‘spoofing’ involves duplicating a genuine website with a fraudulent website with a similar internet address.

³A worm is an independent program that self-replicates by sending itself to other networked computers, such as through the e-mail program’s address book. Once created, it does not require human involvement to propagate.

⁴ Spyware gathers information about people without their knowledge, often by tracking an individual’s Internet activity, in many cases to deliver targeted advertising. It can enter computers via a virus. Cookies, which also gather personal information, are not considered spyware because they are not hidden.

⁵ A Trojan horse is malware that conceals itself as a legitimate program. Once executed, it can allow someone to control the computer system illicitly and remotely.

⁶When a user enters a web address it is converted into a numeric Internet Protocol address in a process that is known as name resolution and this task is performed by Domain Name System servers that store tables with the IP address of each
name.

⁷ Phishing occurs when criminals posing as a legitimate person or representing an institution send unsolicited e-mails and asks the unsuspecting victim to provide personal financial information, such as credit card account numbers.

Criminal Markets