Please note! This essay has been submitted by a student.
Technology reaches every aspects of our lives from entertainment to finance to even the most ordinary activities. Within this technological framework lies the opportunity for anyone with the slightest know-how to take advantage of our reliance on computers and the internet to commit cybercrimes. This essay will look specifically at cyber crimes and how effective law enforcement and regulators in Canada are dealing with it. The essay will start with a definition of cyber crimes followed by an outline of various methods commonly used. It will continue financial institutions as an example of how cybercrimes can affect both businesses and customers if not addressed properly by governments and the law enforcement and how effective current legislation and practices are in combating cybercrime. This essay will then look at new policies, strategies, and reforms taken by domestic governing bodies in conjunction with global organizations to keep up with the ever-changing cyber threats.
As with any new territory there is no set definition for cybercrime. The Government of Canada and the Canadian police college uses the following definition: “a criminal offence involving a computer as the object of the crime, or the tool used to commit a material component of the offence (Valiquet, 2011). This definition is broad and has the potential to be used for crimes that are not necessarily cybercrimes. As such the term cybercrime can therefore be subdivided into two further categories. First, pure computer crimes where a computer is used as the object of a crime such as hacking, implementation of computer viruses, and denial of service attacks. Second, computer supported crimes where a computer is used as the instrument such as child pornography, fraud, money laundering, and trafficking (Valiquet, 2011).
Cybercrimes themselves can be committed in various ways. The most common are phishing, identity theft, cyberstalking and cyberterrorism (Gordon,2012). Each type is generally associated with a specific action or software or hardware used to commit the crime. Phishing, where criminals attempt to gain access to sensitive information such as passwords, financial information or personal information by impersonating a trusted entity, is usually done through electronic communication such as email whereas more direct identity theft is usually associated with keyloggers (Gordon,2012). While the new age if the internet and telephone banking has made access to funds easier for businesses and individuals, it has also created a new avenue for criminals to take advantage of loopholes and vulnerabilities within the existing frameworks that leave financial institutions struggling to keep up.
Securities and investment fraud, credit card fraud, and insider fraud are prevalent within Canadian institutions and are often perpetrated through internet (Smyth & Carleton, 2012). Just how prevalent, however, is difficult to determine due to a lack of reporting by victims and lack of data available (Smyth & Carleton, 2012). Each type of cyber crime can have drastic effects on both private and public sector organizations. Phishing specifically targets clients into unknowingly divulging personal information that can later be used to impersonate them. This action can lead to loss of revenue for financial institutions, private businesses, citizens and government ministries as they may be responsible for reimbursement of any lost funds, loss of work hours as employees investigate and loss of revenue due to customers leaving due to trust issues (UNODC). Denial of service attacks can contribute to loss of revenue as institutions spend time and funds fixing loopholes, implementing greater security measures at a higher financial cost, loss of revenue as clients move their assets elsewhere due to loss of trust in the institution (UNODC, n.d). identity theft using keyloggers can contribute to a loss of trust in employees and harsher work environments, as well as loss of trust from clients and loss of revenue (Department of justice Canada, 2005). In 2003, Canadians spent over $3 billion through electronic commerce (Clough,2010). The increase in online spending means an increase in potential targets. In 2003 alone, losses to banks and credit card issuers was $1.2 billion (Department of justice, 2005).
In 2010, public safety Canada established Canada’s cyber security strategy to make cyberspace more secure for all Canadians (Public Safety Canada, n.d.). because the economic health of a country is directly tied to the stability of financial institutions it is within the best interest of governments to regulate and assist in the fight against cybercrime. The government of Canada, along with private sector companies and non-profit organizations have developed the STOP.THINK. CONNECT strategy to facilitate the alignment of public awareness of cybercrimes (Public Safety Canada, n.d.) financial institutions in Canada fall under Pillar II of the action plan that develops and implements actions in conjunction with private sector companies (Public Safety Canada, n.d.).
Combating cybercrime in Canada comes under the jurisdiction of the office of Critical Infrastructure protection and emergency preparedness (OCIPEP) a division of public safety of Canada. Under the OCIPEP umbrella is the cyber security division responsible for the Canadian cyber incident response centre (CCIRC), Cyber security in the Canadian federal government.
Interac, Canada’s national debit card system which includes email money transfers and other computer related reports that losses due to fraud skimming have dropped 62 percent from $142 million in 2009 to $7.3 million in 2013 due to the implementation of chip technology. It should be noted that even though interact cites a decline in looses, not all of those losses have to do with cybercrime and Interac does not break down losses to show the numbers of fraud cases involving cybercrime compared to non-cybercrime (Interac,2014). There is definite need for more systematic data to be collected on the nature and extent of internet fraud in Canada (Smyth,2011).