South African Centre for Information Security: Leading Information Security Consulting Firm

What is cyber crime?

Cybercrime is a term used broadly to describe activity in which computers or networks are a tool, a target, or a place of criminal activity. These categories are not exclusive and many activities can be characterized as falling in one or more categories.

what is cybercrime

Although the term cybercrime is usually restricted to describing criminal activity in which the computer or network is an essential part of the crime, this term is also used to include traditional crimes in which computers or networks are used to enable the illicit activity.

:: Examples of cybercrime in which the computer or network is a tool of the criminal activity include spamming and criminal copyright crimes, particularly those facilitated through peer-to-peer networks.

:: Examples of cybercrime in which the computer or network is a target of criminal activity include unauthorized access (i.e, defeating access controls), malicious code, and denial-of-service attacks.

:: Examples of cybercrime in which the computer or network is a place of criminal activity include theft of service (in particular, telecom fraud) and certain financial frauds.

:: Finally, examples of traditional crimes facilitated through the use of computers or networks include Nigerian 419 or other gullibility or social engineering frauds (e.g.,[ hacking ] "phishing"), identity theft, child pornography, online gambling, securities fraud, etc. Cyberstalking is an example of a traditional crime -- harassment -- that has taken a new form when facilitated through computer networks.

Additionally, certain other information crimes, including trade secret theft and industrial or economic espionage, are sometimes considered cybercrimes when computers or networks are involved.

Cybercrime in the context of national security may involve hacktivism (online activity intended to influence policy), traditional espionage, or information warfare and related activities.

Another way to define cybercrime is simply as criminal activity involving the information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud.

Crimeware

The software tools used in cybercrime is sometimes referred to as crimeware. Crimeware is software that is:

used in the commission of the criminal act
not generally regarded as a desirable software or hardware application
not involuntarily enabling the crime

Like cybercrime itself, the term crimeware covers a wide range of different malicious, or potentially malicious software.

However, it is important to remember that not all software used in the commission of a computer-based or computer-facilitated crime can be defined as crimeware. For example, while IM client may be used in the commission of a cybercrime¹, the instant messaging application software itself is not considered crimeware. FTP clients may be used in the commission of crimes²; however, they are not considered crimeware.