This says it all:
At the end of the day, cybercriminal activity is not all that different
from more traditional forms of organized crime. Obviously, the way the
crime is perpetrated is new, but the ways in which cybercriminals
operate is not all that different from anything that has gone on before.
Heck, once upon a time there was no telegraph, no "Royal Mail" (or whatever the equivalent in your state/nation). But when those came along they offered new opportunities for fraud. Most places have laws in place again fraud perpetrated by mail or telegraph and telegraph
includes the telephone.
And this is where I get to wonder at how our politicians work, the knee-jerk "something must be done NOW" attitude.
Here in Canada we have a criminal code. It covers fraud. We don't need new laws to deal with cybercrime because the ways our laws are written they are general and not reductionist. They specify the crime, not the technology used.
I get the impression that in the USA (and possibly other places) its the other way round. That's why they need lots of new laws to address every fine-grained detail as the technology advances. Personally I don't think this is a good way of working since it piles laws upon laws.
In science we was that in astronomy before Newton. The classical "Ptolemaic" system piled epicycles upon epicycles as corrections because the underlying model based on a geocentric approach and the idea of 'perfect spheres' was fundamentally flawed. Piling human laws upon human laws to deal with special cases of what is really a general
situation is no less flawed in approach.
Fraud is fraud is fraud. It doesn't matter if its perpetrated by a hustler in person as in the scenes in "Paper Moon", by mail, over the phone or using the Internet. Fraud is fraud is fraud.
We don't need new laws; we just need a better understanding of how criminals use technology. We perhaps we security droids don't, perhaps the public, the police, the legislators and the managers of the firms and organizations impacted by such criminals need that understanding.
But that's not what detailed, reductionist legislation is going to achieve, is it?
- Guarding your business against cybercrime (premierlinedirect.co.uk)
- Interpol Promises New Center to Fight the E-Mob (spectrum.ieee.org)
- Russian Cybercrime pays! (toinformistoinfluence.com)
- Cybercrime 'cannot be stopped entirely' (premierlinedirect.co.uk)
- Former National Cyber Czar Creates Cybercrime TV (prweb.com)
- There's no business like Cybercrime business! (blog.bt.com)
- Impact of cybercrime underestimated as most crimes go unreported|Network security (c24.co.uk)
- European Commission wants a cybercrime centre (h-online.com)
- Everything you thought you knew about cybercrims is WRONG (go.theregister.com)
- FBI finds scammers impersonating the FBI now one of worst online threats (theneteconomy.wordpress.com)
- Educate Customers on Mass Marketing Fraud (ibaeducationblog.com)
- Cybercriminals offer bogus fraud insurance services (zdnet.com)
Posted by Anton Aylward
I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity