Considerable progress on information and communication technologies has promoted the interconnection of a global society which has unfortunately giving birth to new crimes of different caliber: Cyber criminality. An analysis of a phenomenon of great concern!

Considerable progress on information and communication technologies has promoted the interconnection of a global society which has unfortunately giving birth to new crimes of different caliber: Cyber criminality. An analysis of a phenomenon of great concern!

Cyber criminality

1. What is cyber criminality?

It is an activity that consists in using systems, computer networks in general and the Internet in particular to perpetuate crimes prohibited by law.

Cyber criminality: genesis of the neologism

The term "cyber criminality" was invented in the late nineties when people saw the coming of the Internet in North America. The subgroup of G8 countries was formed following a meeting in Lyon and France to study new forms of crimes encountered and carried out on the Internet. This "Lyon Group" then employed "cyber criminality" to be described in a relatively vague manner as all sorts of offences committed on the internet. Thus, it was used to refer to new problems that arise due to the performances of computers, by reducing communications cost and the Internet which are most often confronted by the police and security intelligence agencies.

Cyber pornography - i.e. the exchange of pictures violating the laws of certain countries (not every country) relative to unacceptable pornography and exploitation of persons is one of the new types of crimes which brought about the concept of cyber criminality.  Since the Internet has no frontiers, it has become much easier to disseminate content from abroad which are sometimes anonymous. Entering into computer systems, or "hacking", is also a new crime although many countries do not consider it as a criminal offence.

Cyber criminality: The concept

Cyber criminality is the term used to denote a set of criminal offences committed via computer networks and through the Internet especially. These crimes include piracy, pornography, hatred telemarketing fraud etc. It has become more rampant because of the increasing development of Information and Communication Technologies.

According to the European Commission, the term "cyber criminality" includes three categories of criminal activities:

-  Traditional forms of crime, such as computer fraud and forgery (scams, fake payment cards, etc.)

- Broadcasting illegal content through electronic means (for example, those related

 to sexual violence against children or incitement to racial hatred).

- Electronic networks, i.e. specific attacks on information systems, denial of service and hacking.

 Economic actors are the targets of these criminals. Public administrations and even citizens are no longer immune to these virtual practices that are prohibited by law.

Cyber criminality: A technological form of employment

There are four main categories of attacks: attacks through access, attacks by change, attacks by service denial, repudiation attacks.

1 - Access attacks: it is an attempt to get access to people’s information without their knowledge. This type of attack concerns confidentiality of information.  These attacks include:

(a) Sniffing : This attack is used by hackers to get  passwords. You can get access to all files that circulate on a network even those that do not belong to you thanks to a software called packages (sniffer) software. For example, when connecting through "telnet" the password of the user will pass clearly on the network. It is also possible to know at any moment the web page people connect to on the network.

b) Trojans

Trojan horses are computer programs that are hidden in other programs. This name originated from the Greek legend of Trojan decision-making using a wooden horse filled with soldiers who once attacked the city. In general, the purpose of a Trojan horse is to create a backdoor (backdoor) so that a hacker could easily get access to a computer or computer network. It can also steal passwords, copy data and perform harmful actions.

c) Backdoor

When a hacker gets access to a server using one of the techniques presented in this section, he would like to return there without having to start all over again. In order to do this, backdoors will be left there that will permit it to easily take control of the computer system. There are different types of backdoors:

-          Creating a new administrative account with a password chosen by the attacker.

-          Creating a ftp account (file transfer protocol): Protocol of exchange of files;

-          Modify firewall rules to permit external connections.

In this case, the administrator loses control of the computer system. The hacker can then retrieve the data he or she wishes. He steals passwords or even destroys the data.)

D) Social engineering

Social engineering (social engineering in French) is not really a virus attack. It is rather a method used to obtain information on a system or password. It is aimed at rendering someone who is not (in general, one of the administrators of the server you want to hack in to) asking for personal information (login, passwords, access, numbers, data...) by coming up with a reason (the network crash, modifying it.). It is done through a mere phone call or email.

E) Password cracking

Cracking involves numerous tests until you find the correct password. It involves two methods:

• The use of dictionaries: The tested word is taken from a predefined list which has the most common passwords and variants. (Backwards with a digit at the end...). Present dictionaries containing 50,000 words are able to do a great part of these variants; • Brutal method: possibilities are made to find the right solution.

2 - Attacks by changes

A 'change' attack is a method used by an attacker to attempt to modify information. This type of attack is geared towards tarnishing the integrity of information. Here are some examples of this type of attack.

(a) Viruses, worms, and Trojan horses: There are different types of viruses. One can however define them as programs that hide on one another thereby infecting other programs or computers. The damage ranges from a simple program that displays a message on the screen and a program that formats the hard disk after which it will be multiplied. This does not however classify worms following their damages, but according to their mode of propagation and multiplication: •

- Worms that are capable of spreading in the network;

- 'Trojan horses' creating vulnerabilities in a system;

-  Bombs due to an event of the system;

- Hoaxes sent by mail.

3. Service denial attacks: These are computer attacks that involve sending thousands of messages from dozens of computers, to servers of a society, there by paralyzing its Web site for hours and thus block access to Internet users. They block access to the sites without touching the content. There exist different attacks by saturation.

1. Flooding: This attack consist of sending to a machine large IP packages. The target machine will not be able to treat all the packages and as such will eventually disconnect from the network.

1. TCP - SYN flooding: The TCP - SYN flooding is a variant which relies on the TCP protocol. It sends a large number of connection applications to the server (SYN) from several machines. The server will then send a large number of SYN - ACK packet and awaits in response an ACK packet that may never come back. If it sends packets faster than the timeout of the «half-connexions» (authorized connection but incomplete), the server gets saturated and eventually disconnects.

(c) A smurf:  A smurf is an attack that relies on broadcast servers. In order to pass to a target machine, we have to forge its IP address. After that, it sends a ping to a broadcast server which will then flood under the packages and disconnect eventually.

(d) Buffer overflow: It is an attack that occurs as a result of a fault in the IP protocol. It is sent to the data of target machines that are larger than the capacity of the package. There will be an overflow of the internal variables at this moment. As a result of this overflow, several incidents may occur: the machine crashes, restarts, as if it’s not enough, writes on the memory’s code.

4 - Repudiation attacks: Repudiation is an attack that is against responsibility. In other words, repudiation is trying to give false information denying that a transaction or an event actually took place. An example of this type of attack is IP SPOOFING, which involves getting access to another machine by forging its IP address. It is quite complicated as a matter of fact. Variants exist because you can also spoofer email addresses, DNS or NFS servers.