Cybercrime

A cybercrime is understood as a culpable unlawful act (an action or omission) committed by a subject in cyberspace using computer networks, which is prohibited by current legislation under the threat of punishment.

The Russian scholar I. M. Rassolov, in his works, points out the following characteristics of cybercrimes:

1. The use of computer networks and international information exchange, which constitutes the principal distinguishing feature of a crime in the sphere of high technologies. In this case, the computer and its networks act as the object of the crime, the instrument of the crime, or the means on which unlawful acts are prepared.
2. The transnational nature of the crimes under consideration (they are committed in the global information space) and the international character of the participants in the criminal community.
3. A stable tendency toward the "organized" nature of cybercrimes and their expansion beyond national boundaries.
4. The presence of a criminal pyramid consisting of at least three levels of interaction.^[7]

Computer crime encompasses a broad range of activities, including computer fraud, financial crimes, scams, cybersex trafficking, and ad-fraud.^[8][9]

A proposed taxonomy classifies cybercrime into two top-level groups: pure-technology cybercrime and cyber-advanced crime. Pure-technology cybercrime "targets or victimizes the computer technology ecosystem" to "disrupt the confidentiality, integrity, or availability of a computer-technology ecosystem", while cyber-advanced crime "uses computer technology to target or victimize natural persons, governments, business entities, or property" in order to "deprive, disrupt or damage entities or assets."^[10]

Computer fraud is the act of using a computer to take or alter electronic data, or to gain unlawful access to a computer or system.^{[11][failed verification]} Computer fraud that involves the use of the Internet is also called internet fraud. The legal definition of computer fraud varies by jurisdiction, but typically involves accessing a computer without permission or authorization.

Forms of computer fraud include hacking into computers to alter information, distributing malicious code such as computer worms or viruses, installing malware or spyware to steal data, phishing, and advance-fee scams.^[12]

Other forms of fraud may be committed using computer systems, including bank fraud, carding, identity theft, extortion, and theft of classified information. These types of crimes often result in the loss of personal or financial information.^[13]

Digital arrest is a form of online fraud where perpetrators impersonate law enforcement officials to deceive victims. This scam typically involves contacting individuals via phone, falsely claiming they are implicated in criminal activity related to a parcel containing illegal goods, drugs, counterfeit documents, or other contraband. In some variations, scammers target the victim's relatives or friends, falsely stating the victim is in custody due to criminal involvement or an accident. Victims are then coerced into remaining on camera and isolating themselves, while the fraudsters extract personal and financial information under the guise of an official investigation, ultimately transferring the victim's assets to money mule accounts.^[14]

To detect and prevent the fraud, be wary of unsolicited calls from supposed law enforcement demanding immediate payment or personal information. Legitimate law enforcement agencies rarely conduct investigations in this manner. Verify the identity of the caller independently by contacting the relevant agency directly through official channels. Remember, the government agencies never put anyone under digital arrest, it's not permissible.^[14]

A fraud factory is a collection of large fraud organizations, usually involving cyber fraud and human trafficking operations.

The term cyberterrorism refers to acts of terrorism committed through the use of cyberspace or computer resources.^[15] Acts of disruption of computer networks and personal computers through viruses, worms, phishing, malicious software, hardware, or programming scripts can all be forms of cyberterrorism.^[16]

Government officials and information technology (IT) security specialists have documented a significant increase in network problems and server scams since early 2001. In the United States there is an increasing concern from agencies such as the Federal Bureau of Investigation (FBI) and the Central Intelligence Agency (CIA).^[17]

Cyberextortion occurs when a website, e-mail server, or computer system is subjected to or threatened with attacks by malicious hackers, often through denial-of-service attacks. Cyber extortionists demand money in return for promising to stop the attacks and provide "protection". According to the FBI, cyber extortionists are increasingly attacking corporate websites and networks, crippling their ability to operate, and demanding payments to restore their service. More than 20 cases are reported each month to the FBI, and many go unreported in order to keep the victim's name out of the public domain. Perpetrators often use a distributed denial-of-service attack.^[18] However, other cyberextortion techniques exist, such as doxing and bug poaching. An example of cyberextortion was the Sony Hack of 2014.^[19]

Ransomware is a type of malware used in cyberextortion to restrict access to files, sometimes threatening permanent data erasure unless a ransom is paid. Ransomware is a global issue: 153 countries were affected by this type of attack in 2024.^[20]The number of attacks is constantly growing, with 5,263 attacks in 2024.^[21] And this is the number of large and successful attacks with serious consequences, the total number of attacks and attempted attacks, including in automatic mode in 2021 amounted to more than 300 million attacks worldwide.^[22] Nearly a third of the major attacks (1,424) in 2024 targeted industrial enterprises (up 15% by 2023), affecting critical infrastructure and services, causing severe losses.^[21] In some cases, attacks on medical facilities also resulted in human casualties. Between 2016 and 2021 ransomware caused the deaths of between 42 and 67 patients Medicare due to the treatment difficulties created,^[23] in 2024 an attack on UK pathology provider Synnovis resulted in thousands of surgeries and appointments being canceled.^[24] Ransom amounts in attacks are also continuously and significantly increasing. According to the 2022 Unit 42 Ransomware Threat Report, in 2021, the average ransom demand in Norton cases was $2.2 million (up 144%), and the number of victims whose personal data ended up in the dark web's information dumps increased by 85%.^[25] Losses in 2021 and 2022 are nearly $400 million.^[26] In 2024, the average ransom amount is $5.2 million, with the two largest ransoms demanded from healthcare organizations - $100 million from India's Regional Cancer Center (RCC) and $50 million from Synnovis.^[24]

Cybersex trafficking is the transportation of victims for such purposes as coerced prostitution or the live streaming of coerced sexual acts or rape on webcam.^{[27][28][29][30]} Victims are abducted, threatened, or deceived and transferred to "cybersex dens".^[31][32][33] The dens can be in any location where the cybersex traffickers have a computer, tablet, or phone with an internet connection.^[29] Perpetrators use social media networks, video conferences, dating pages, online chat rooms, apps, dark web sites,^[34] and other platforms.^[35] They use online payment systems^[34][36][37] and cryptocurrencies to hide their identities.^[38] Millions of reports of cybersex incidents are sent to authorities annually.^{[39][failed verification]} New legislation and police procedures are needed to combat this type of cybercrime.^[40]

There are an estimated 6.3 million victims of cybersex trafficking, according to a recent report by the International Labour Organization.^[41] This number includes about 1.7 million child victims. An example of cybersex trafficking is the 2018–2020 Nth room case in South Korea.^[42]

According to the U.S. Department of Defense, cyberspace has emerged as an arena for national-security threats through several recent events of geostrategic importance, including the attack on Estonia's infrastructure in 2007, allegedly by Russian hackers. In August 2008, Russia again allegedly conducted cyberattacks against Georgia. Fearing that such attacks may become a normal part of future warfare among nation-states, military commanders see a need to develop cyberspace operations.^[43]

When an individual is the target of cybercrime, the computer is often the tool rather than the target. These crimes, which typically exploit human weaknesses, usually do not require much technical expertise. These are the types of crimes which have existed for centuries in the offline world. Criminals have simply been given a tool that increases their pool of potential victims and makes them all the harder to trace and apprehend.^[44]

Crimes that use computer networks or devices to advance other ends include:

• Fraud and identity theft (although this increasingly uses malware, hacking or phishing, making it an example of "computer as target" as well as "computer as tool")
• Information warfare
• Phishing scams
• Spam
• Propagation of illegal, obscene, or offensive content, including harassment and threats

The unsolicited sending of bulk email for commercial purposes (spam) is unlawful in some jurisdictions.

Phishing is mostly propagated via email. Phishing emails may contain links to other websites that are affected by malware.^[45] Or they may contain links to fake online banking or other websites used to steal private account information.

The content of websites and other electronic communications may be distasteful, obscene, or offensive for a variety of reasons. In some instances, it may be illegal. What content is unlawful varies greatly between countries, and even within nations. It is a sensitive area in which the courts can become involved in arbitrating between groups with strong beliefs.

One area of internet pornography that has been the target of the strongest efforts at curtailment is child pornography, which is illegal in most jurisdictions in the world.^{[citation needed]}

Ad-frauds are particularly popular among cybercriminals, as such frauds are lucrative and unlikely to be prosecuted.^[46] Jean-Loup Richet, a professor at the Sorbonne Business School, classified the large variety of ad-frauds committed by cybercriminals into three categories: identity fraud, attribution fraud, and ad-fraud services.^[9]

Identity fraud aims to impersonate real users and inflate audience numbers. The techniques used for identity fraud include traffic from bots (coming from a hosting company, a data center, or compromised devices); cookie stuffing; falsification of user characteristics, such as location and browser type; fake social traffic (misleading users on social networks into visiting the advertised website); and fake social media accounts that make a bot appear legitimate.

Attribution fraud impersonates the activities of real users, such as clicks and conversations. Many ad-fraud techniques belong to this category: the use of hijacked and malware-infected devices as part of a botnet; click farms (companies where low-wage employees are paid to click or engage in conversations); incentivized browsing; video placement abuse (delivered in display banner slots); hidden ads (which will never be viewed by real users); domain spoofing (ads served on a fake website); and clickjacking, in which the user is forced to click on an ad.

Ad-fraud services include all online infrastructure and hosting services that might be needed to undertake identity or attribution fraud. Services can involve the creation of spam websites (fake networks of websites that provide artificial backlinks); link building services; hosting services; or fake and scam pages impersonating a famous brand.

The examples and perspective in this section may not represent a worldwide view of the subject. You may improve this section, discuss the issue on the talk page, or create a new section, as appropriate. (March 2016) (Learn how and when to remove this message)

Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments at specific individuals, often focusing on gender, race, religion, nationality, or sexual orientation.

Committing a crime using a computer can lead to an enhanced sentence. For example, in the case of United States v. Neil Scott Kramer, the defendant was given an enhanced sentence according to the U.S. Sentencing Guidelines Manual §2G1.3(b)(3) for his use of a cell phone to "persuade, induce, entice, coerce, or facilitate the travel of, the minor to engage in prohibited sexual conduct." Kramer appealed the sentence on the grounds that there was insufficient evidence to convict him under this statute because his charge included persuading through a computer device and his cellular phone technically is not a computer. Although Kramer tried to argue this point, the U.S. Sentencing Guidelines Manual states that the term "computer" means "an electronic, magnetic, optical, electrochemical, or other high-speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device."

In the United States, at least 41 states have passed laws and regulations that regard extreme online harassment as a criminal act. These acts can also be prosecuted on the federal level, because of US Code 18 Section 2261A, which states that using computers to threaten or harass can lead to a sentence of up to 20 years.^[47]

Several countries besides the US have also created laws to combat online harassment. In China, a country with over 20 percent of the world's internet users, in response to the Human Flesh Search Engine bullying incident, the Legislative Affairs Office of the State Council passed a strict law against cyberbullying.^[48][49] The United Kingdom passed the Malicious Communications Act, which states that sending messages or letters electronically that the government deems "indecent or grossly offensive" and/or language intended to cause "distress and anxiety" can lead to a prison sentence of six months and a potentially large fine.^[50][51]  Australia, while not directly addressing the issue of harassment, includes most forms of online harassment under the Criminal Code Act of 1995. Using telecommunication to send threats, harass, or cause offense is a direct violation of this act.^[52]

Although freedom of speech is protected by law in most democratic societies, it does not include all types of speech. Spoken or written threats can be criminalized because they harm or intimidate. This applies to online or network-related threats.

Cyberbullying has increased drastically with the growing popularity of online social networking. As of January 2020, 44 percent of adult internet users in the United States had "personally experienced online harassment".^[53] Online harassment of children often has negative and even life-threatening effects. According to a 2021 survey, 41 percent of children develop social anxiety, 37 percent develop depression, and 26 percent have suicidal thoughts.^[54]

The United Arab Emirates was found to have purchased the NSO Group's mobile spyware Pegasus for mass surveillance and a campaign of harassment of prominent activists and journalists, including Ahmed Mansoor, Princess Latifa, Princess Haya, and others. Ghada Owais was one of the many high-profile female journalists and activists who were targeted. She filed a lawsuit against UAE ruler Mohamed bin Zayed Al Nahyan along with other defendants, accusing them of sharing her photos online.^[55]

Darknet markets are used to buy and sell controlled substances online. Some drug traffickers use encrypted messaging tools to communicate with drug mules or potential customers. The dark web site Silk Road, which started operations in 2011, was the first major online marketplace for drugs. It was permanently shut down in October 2013 by the FBI and Europol. After Silk Road 2.0 went down, Silk Road 3 Reloaded emerged. However, it was just an older marketplace named Diabolus Market that used the Silk Road name in order to get more exposure from the Silk Road brand's earlier success.^[56]

Darknet markets have had a rise in traffic in recent years for many reasons, such as the anonymous purchases and often a system of reviews by other buyers.^[57] There are many ways in which darknet markets can financially drain individuals. Vendors and customers alike go to great lengths to keep their identities a secret while online. Commonly used tools for hiding their online presence include virtual private networks (VPNs), Tails, and the Tor Browser. Darknet markets entice customers by making them feel comfortable. Although people can easily gain access to a Tor browser, actually gaining access to an illicit market is not as simple as typing it in on a search engine, as one would with Google. Darknet markets have special links that change frequently, ending in .onion as opposed to the typical .com, .net, and .org domain extensions. To add to privacy, the most prevalent currencies on these markets are Bitcoin and Monero, which allows transactions to be anonymous.^[58][59]

A problem that marketplace users sometimes face is exit scamming.^[60] In cases of individual vendors, a vendor with a high rating acts as if they are selling on the market and has users pay for products they never receive.^[61] The vendor then closes their account after receiving money from multiple buyers and never sending what was paid for. Any vendor on a darknet market, all of which are involved in illegal activities, has no reason not to engage in exit scamming when they no longer want to be a vendor. In 2019, an entire market known as Wall Street Market allegedly exit scammed, stealing $30 million in bitcoin.^[62]

The FBI has cracked down on these markets. In July 2017, the FBI seized one of the biggest markets, commonly called Alphabay, which re-opened in August 2021 under the control of DeSnake, one of the original administrators.^[63][64] Investigators pose as buyers and order products from darknet vendors in the hope that the vendors leave a trail the investigators can follow. In one case an investigator posed as a firearms seller, and for six months people purchased from them and provided home addresses. The FBI was able to make over a dozen arrests during this six-month investigation.^[65] Another crackdown targeted vendors selling fentanyl and opiates. With thousands of people dying each year due to drug overdose, investigators have made internet drug sales a priority.^[66] Many vendors do not realize the extra criminal charges that go along with selling drugs online, such as money laundering and illegal use of the mail.^[67] In 2019, a vendor was sentenced to 10 years in prison after selling cocaine and methamphetamine under the name JetSetLife.^[68] But despite the large amount of time investigators spend tracking down people, in 2018 only 65 suspects who bought and sold illegal goods on some of the biggest markets were identified.^[69] Meanwhile, thousands of transactions take place daily on these markets.

• One of the highest-profile banking computer crimes occurred over a course of three years beginning in 1970. The chief teller at the Park Avenue branch of New York's Union Dime Savings Bank embezzled over $1.5 million from hundreds of accounts.^[70]
• In 2014, the Sony Pictures Entertainment hack not only exposed sensitive company data but also led to extortion demands, marking one of the most publicized corporate cyberattacks to date.
• A hacking group called MOD (Masters of Deception) allegedly stole passwords and technical data from Pacific Bell, Nynex, and other telephone companies as well as several big credit agencies and two major universities. The damage caused was extensive; one company, Southwestern Bell, suffered losses of $370,000.^[70]
• In 1983, a 19-year-old UCLA student used his PC to break into a Defense Department International Communications system.^[70]
• Between 1995 and 1998 the Newscorp satellite pay-to-view encrypted SKY-TV service was hacked several times during an ongoing technological arms race between a pan-European hacking group and Newscorp. The original motivation of the hackers was to watch Star Trek reruns in Germany, which was something which Newscorp did not have the copyright permission to allow.^[71]
• On 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically emailed that document and a copy of the virus to other people.
• In February 2000, an individual going by the alias of MafiaBoy began a series of denial-of-service attacks against high-profile websites, including Yahoo!, Dell, Inc., E*TRADE, eBay, and CNN. About 50 computers at Stanford University, along with computers at the University of California at Santa Barbara, were among the zombie computers sending pings in the distributed denial-of-service attacks. On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers.
• The Stuxnet worm corrupted SCADA microprocessors, particularly the types used in Siemens centrifuge controllers.
• The Russian Business Network (RBN) was registered as an internet site in 2006. Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and to offer its services to criminals. The RBN has been described by VeriSign as "the baddest of the bad".^[72] It provides web hosting services and internet access to all kinds of criminal and objectionable activities that earn up to $150 million in one year. It specializes in personal identity theft for resale. It is the originator of MPack and an alleged operator of the now defunct Storm botnet.
• On 2 March 2010, Spanish investigators arrested three men suspected of infecting over 13 million computers around the world. The botnet of infected computers included PCs inside more than half of the Fortune 1000 companies and more than 40 major banks, according to investigators.^[73]
• In August 2010, the US Department of Homeland Security shut down the international child sex ring Dreamboard. The website had approximately 600 members and may have distributed up to 123 terabytes of child pornography (roughly equivalent to 16,000 DVDs). To date this is the single largest US prosecution of an international child pornography ring; 52 arrests were made worldwide.^[74]
• In January 2012, Zappos.com experienced a security breach compromising the credit card numbers, personal information, and billing and shipping addresses of as many as 24 million customers.^[75]
• In June 2012, LinkedIn and eHarmony were attacked, and 65 million password hashes were compromised. Thirty thousand passwords were cracked, and 1.5 million eHarmony passwords were posted online.^[76]
• In December 2012, the Wells Fargo website experienced a denial-of-service attack that potentially compromised 70 million customers and 8.5 million active viewers. Other banks thought to be compromised included Bank of America, J. P. Morgan, U.S. Bank, and PNC Financial Services.^[77]
• On 23 April 2013, the Twitter account of the Associated Press was hacked. The hacker posted a hoax tweet about fictitious attacks on the White House that they claimed left then-President Obama injured.^[78] The hoax tweet resulted in a brief plunge of 130 points in the Dow Jones Industrial Average, the removal of $136 billion from the S&P 500 index,^[79] and the temporary suspension of AP's Twitter account. The Dow Jones later restored its session gains.
• In May 2017, 74 countries logged a ransomware cybercrime called "WannaCry".^[80]
• Illicit access to camera sensors, microphone sensors, phonebook contacts, all internet-enabled apps, and metadata of mobile telephones running Android and iOS was reportedly provided by Israeli spyware that was found to be in operation in at least 46 nation-states around the world. Journalists, royalty, and government officials were among the targets.^[81][82][83] Earlier accusations that Israeli weapons companies were meddling in international telephony^[84] and smartphones^[85] have been eclipsed by the 2018 Pegasus spyware revelations.
• In December 2019, US intelligence officials and The New York Times revealed that ToTok, a messaging application widely used in the United Arab Emirates, is a spying tool for the UAE. An investigation revealed that the Emirati government was attempting to track every conversation, movement, relationship, appointment, sound, and image of those who installed the app on their phones.^[86]
• On February 5, 2025, La Razon reported the arrest of a young man known as 'Natohub' who is suspected of hacking and selling information from Spanish government computer systems, NATO, United Nations, U.S. Army and other international computer systems from his home in Alicante, Spain.^[87]

Due to cybercriminals using the internet for cross-border attacks and crimes, the process of prosecuting cybercriminals has been difficult. The number of vulnerabilities that a cybercriminal could use as points of opportunity to exploit has also increased over the years. From 2008 to 2014 alone, there has been a 17.75% increase in vulnerabilities across all online devices.^[88] The internet's expansive reach causes the damage inflicted to people to be magnified since many methods of cybercrime have the opportunity to reach many people. The availability of virtual spaces^[89] has allowed cybercrime to become an everyday occurrence.^[90] In 2018, the Internet Crime Complaint Center received 351,937 complaints of cybercrime, which led to $2.7 billion lost.^[91]

In a criminal investigation, a computer can be a source of evidence (see digital forensics). Even when a computer is not directly used for criminal purposes, it may contain records of value to criminal investigators in the form of a logfile. In many countries,^[92] Internet Service Providers are required by law to keep their logfiles for a predetermined amount of time.

There are many ways for cybercrime to take place, and investigations tend to start with an IP Address trace; however, that does not necessarily enable detectives to solve a case. Different types of high-tech crime may also include elements of low-tech crime, and vice versa, making cybercrime investigators an indispensable part of modern law enforcement. Methods of cybercrime detective work are dynamic and constantly improving, whether in closed police units or in the framework of international cooperation.^[93]

In the United States, the FBI^[94] and the Department of Homeland Security (DHS)^[95] are government agencies that combat cybercrime. The FBI has trained agents and analysts in cybercrime placed in their field offices and headquarters.^[94] In the DHS, the Secret Service has a Cyber Intelligence Section that works to target financial cybercrimes. They combat international cybercrime and work to protect institutions such as banks from intrusions and information breaches. Based in Alabama, the Secret Service and the Alabama Office of Prosecution Services work together to train professionals in law enforcement at the National Computer Forensic Institute.^[95][96][97] The NCFI provides "state and local members of the law enforcement community with training in cyber incident response, investigation, and forensic examination in cyber incident response, investigation, and forensic examination."^[97]

Investigating cyber crime within the United States and globally often requires partnerships. Within the United States, cyber crime may be investigated by law enforcement, the Department of Homeland Security, among other federal agencies. However, as the world becomes more dependent on technology, cyber attacks and cyber crime are going to expand as threat actors will continue to exploit weaknesses in protection and existing vulnerabilities to achieve their end goals, often being data theft or exfiltration. To combat cybercrime, the United States Secret Service maintains an Electronic Crimes Task Force which extends beyond the United States as it helps to locate threat actors that are located globally and performing cyber related crimes within the United States. The Secret Service is also responsible for the National Computer Forensic Institute which allows law enforcement and people of the court to receive cyber training and information on how to combat cyber crime. The United States Immigration and Customs Enforcement is responsible for the Cyber Crimes Center (C3) providing cyber crime related services for federal, state, local and international agencies. Finally, the United States also has resources relating to Law Enforcement Cyber Incident Reporting to allow local and state agencies to understand how, when, and what should be reported as a cyber incident to the federal government.^[98]

Because cybercriminals commonly use encryption and other techniques to hide their identity and location, it can be difficult to trace a perpetrator after a crime is committed, so prevention measures are crucial.^[90][99]

The Department of Homeland Security also instituted the Continuous Diagnostics and Mitigation (CDM) Program.^[100] The CDM Program monitors and secures government networks by tracking network risks and informing system personnel so that they can take action. In an attempt to catch intrusions before the damage is done, the DHS created the Enhanced Cybersecurity Services (ECS).^[101] The Cyber Security and Infrastructure Security Agency approves the private partners that provide intrusion detection and prevention services through the ECS.^[101][102]

Cybersecurity professionals have been skeptical of prevention-focused strategies.^[103] The mode of use of cybersecurity products has also been called into question. Shuman Ghosemajumder has argued that individual companies using a combination of products for security is not a scalable approach and has advocated for the use of cybersecurity technology primarily at the platform level.^[104] Law enforcement agencies often struggle with applying traditional policing methods to digital crimes, which evolve faster than investigative practices.^[105]

On a personal level, there are some strategies available to defend against cybercrime, such as:^[106]

• Keeping one’s software and operating system update to benefit from security patches
• Using anti-virus software that can detect and remove malicious threats
• Using strong passwords with a variety of characters that aren't easy to guess
• Not opening/downloading attachments from spam emails
• Not clicking on links from scam emails
• Not giving out personal information over the internet unless one can verify that the destination is safe
• Contacting companies about suspicious requests of one’s information

Because of weak laws, cybercriminals operating from developing countries can often evade detection and prosecution. In countries such as the Philippines, laws against cybercrime are weak or sometimes nonexistent. Cybercriminals can then strike from across international borders and remain undetected. Even when identified, these criminals can typically avoid being extradited to a country such as the US that has laws that allow for prosecution. For this reason, agencies such as the FBI have used deception and subterfuge to catch criminals. For example, two Russian hackers had been evading the FBI for some time. The FBI set up a fake computing company based in Seattle, Washington. They proceeded to lure the two Russian men into the United States by offering them work with this company. Upon completion of the interview, the suspects were arrested. Clever tricks like that are sometimes a necessary part of catching cybercriminals when weak laws and limited international cooperation make it impossible otherwise.^[107]

The first cyber related law in the United States was the Privacy Act of 1974 which was only required for federal agencies to follow to ensure privacy and protection of personally identifiable information (PII). However, since 1974, in the United States other laws and regulations have been drafted and implemented, but there is still a gap in responding to current cyber related crime. The most recent cyber related law, according to NIST, was the NIST Small Business Cybersecurity Act, which came out in 2018, and provides guidelines to small businesses to ensure that cybersecurity risks are being identified and addressed accurately.^[108]

During President Barack Obama's presidency three cybersecurity related bills were signed into order in December 2014. The first was the Federal Information Security Modernization Act of 2014, the second was the National Cybersecurity Protection Act of 2014, and the third was the Cybersecurity Enhancement Act of 2014. Although the Federal Information Security Modernization Act of 2014 was just an update of an older version of the act, it focused on the practices federal agencies were to abide by relating to cybersecurity. While the National Cybersecurity Protection Act of 2014 was aimed toward increasing the amount of information sharing that occurs across the federal and private sector to improve cybersecurity amongst the industries. Finally, the Cybersecurity Enhancement Act of 2014 relates to cybersecurity research and education.^[109]

In April 2015, then-President Barack Obama released an executive order that allows the US to freeze the assets of convicted cybercriminals and block their economic activity within the United States.^[110]

The European Union adopted cybercrime directive 2013/40/EU, which was elaborated upon in the Council of Europe's Budapest Convention on Cybercrime.^[111]

It is not only the US and the European Union that have been introducing measures against cybercrime. On 31 May 2017, China announced that its new cybersecurity law was taking effect.^[112]

In Australia, legislation to combat cybercrime includes the Criminal Code Act 1995, the Telecommunications Act 1997, and the Enhancing Online Safety Act 2015.

Penalties for computer-related crimes in New York State can range from a fine and a short period of jail time for a Class A misdemeanor, such as unauthorized use of a computer, up to 3 to 15 years in prison for a Class C felony, such as computer tampering in the first degree.^[113]

However, some former cybercriminals have been hired as information security experts by private companies due to their inside knowledge of computer crime, a phenomenon which theoretically could create perverse incentives. A possible counter to this is for courts to ban convicted hackers from using the internet or computers, even after they have been released from prison – though as computers and the internet become more and more central to everyday life, this type of punishment becomes more and more draconian. Nuanced approaches have been developed that manage cyber offenders' behavior without resorting to total computer or internet bans.^[114] These approaches involve restricting individuals to specific devices which are subject to monitoring or searches by probation or parole officers.^[115] A 2023 GAO report noted that the United States lacks coordination and sufficient resources to effectively counter growing cybercrime threats.^[116]

Cybercrime is becoming more of a threat in our society. According to Accenture's State of Cybersecurity, security attacks increased 31% from 2020 to 2021. The number of attacks per company increased from 206 to 270. Due to this rising threat, the importance of raising awareness about measures to protect information and the tactics criminals use to steal that information is paramount. However, despite cybercrime becoming a mounting problem, many people are not aware of the severity of this problem. This could be attributed to a lack of experience and knowledge of technological issues. There are 1.5 million cyber-attacks annually, which means that there are over 4,000 attacks a day, 170 attacks every hour, or nearly three attacks every minute, with studies showing that only 16 percent of victims had asked the people who were carrying out the attacks to stop.^[117] Comparitech's 2023 study shows that cybercrime victims have peaked to 71 million annually, which means there is a cyberattack every 39 seconds.^[118] Anybody who uses the internet for any reason can be a victim, which is why it is important to be aware of how to be protected while online.

As cybercrime proliferated, a professional ecosystem evolved to support individuals and groups seeking to profit from cybercrime activities. The ecosystem has become quite specialized, and includes malware developers, botnet operators, professional cybercrime groups, groups specializing in the sale of stolen content, and so forth. A few of the leading cybersecurity companies have the skills and resources to follow the activities of these individuals and groups.^[119] A wide variety of information that can be used for defensive purposes is available from these sources, for example, technical indicators such as hashes of infected files^[120] and malicious IPs/URLs,^[120] as well as strategic information profiling the goals and techniques of the profiled groups. Much of it is freely available, but consistent, ongoing access typically requires a subscription. Some in the corporate sector see a crucial role for artificial intelligence in the future development of cybersecurity.^[121][122]

Interpol's Cyber Fusion Center began a collaboration with key cybersecurity players to distribute information on the latest online scams, cyber threats, and risks to internet users. Since 2017, reports on social engineering frauds, ransomware, phishing, and other attacks have been distributed to security agencies in over 150 countries.^[123]

The increasing prevalence of cybercrime has resulted in more attention to computer crime detection and prosecution.

Hacking has become less complex as hacking communities disseminate their knowledge through the internet.^{[citation needed]} Blogs and social networks have contributed substantially to information sharing, so that beginners can benefit from older hackers' knowledge and advice.

Furthermore, hacking is cheaper than ever. Before the cloud computing era, in order to spam or scam, one needed a variety of resources, such as a dedicated server; skills in server management, network configuration, and network maintenance; and knowledge of internet service provider standards. By comparison, a software-as-a-service for mail is a scalable and inexpensive bulk e-mail-sending service for marketing purposes that could be easily set up for spam.^[124] Cloud computing could help cybercriminals leverage their attacks, whether brute-forcing a password, improving the reach of a botnet, or facilitating a spamming campaign.^[125]

• ASEAN^[126]
• EUROPOL
• INTERPOL

• Australia: Australian High Tech Crime Centre
• Denmark: National Special Crime Unit
• Greece: Cyber Crime Unit (Hellenic Police)
• India: Cyber Crime Investigation Cell (Greater Mumbai Police)
• Japan: Cyber Police Department (National Police Agency of Japan)
• Philippines:
  • Anti-Cybercrime Group (Philippine National Police)
  • Cybercrime Division (National Bureau of Investigation)
  • Cybercrime Investigation and Coordinating Center (Office of the President)
  • Office of Cybercrime (Department of Justice)
• South Korea: Cyber Terror Response Center (Korean National Police Agency)
• Turkey: Anti-Cybercrime Department (General Directorate of Security)
• United Kingdom: National Cyber Crime Unit
• United States:
  • Federal Bureau of Investigation Cyber Division
  • National Security Agency
  • National White Collar Crime Center