Cybercrime Investigation Essay Example

The internet has become an essential aspect in almost every aspect of everyday life. In turn, such a phenomenon has resulted in the development of an information society that cannot do much without the internet (Mathew, Al Hajj, & Al Ruqeishi, 2010). The advancement of ICT and the information society has offered many opportunities and advantages such as online banking, dating and shopping as well as unconstrained access to information that has greatly supported democracy. However, the advancement of the information society has also been accompanied by serious threats. Attacks against the internet and other information infrastructure have become common in the modern world. Hacking attacks and online fraud are some of the major computer-related crimes that have become common in everyday life. Such cybercrimes result in enormous financial losses to the company in addition to other damages and inconveniences (Mathew et al. 2010). Some of the major cases of cyber crimes include the Ashley Madison hacking incident and the Stuxnet worm attack on Iran. Understanding the type and nature of the crimes and how they can be investigated is important as it will allow for the development of efficient methods to prevent future computer-related crimes.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Ashley Madison Hacking Incident

One of the cyber crimes that made headlines recently is the Ashley Madison hacking incident. The hackers claimed that they had two motivations when carrying out the incident (Mansfield-Devine, 2015). First, they criticized the core mission of Ashley Madison which was to arrange affairs between individuals who were married. Secondly, the hackers did not like the assertion by Ashley Madison that they are a secure site and that users had to pay $19 for the company to delete all the data associated with them. However, as it turned out, the company did not scrub all the data. The hackers claimed that they had customer data and that they would release it publicly if Ashley Madison was not shut down within a stipulated time frame (Mansfield-Devine, 2015). However, Ashley Madison did not give in to the hackers demands making them release sensitive user information to the public.

Fraudulent Activities of Ashley Madison

It is undoubtedly clear that the actions of the hacker were illegal. However, when it comes to Ashley Madison, it becomes a complicated scenario. Though the core services of the company were not illegal, they were morally questionable. The major niche of the site is for people who are in serious relationships but are interested in having other affairs (Mansfield-Devine, 2015). Most people would consider individuals who are in a relationship and have affairs outside the relationship as committing a morally wrongful act. So, the crime of the users may seem obvious at first glance. In many countries, such infidelity is not considered a legal crime since people have long abandoned the idea of criminalizing most sexual encounters between adults.

Though the core services of Ashley Madison were legal but morally questionable, other business practices of the company were outright illegal. One such business practice is the company is the creation of fake female profiles aimed at luring more men to the site. The hackers claimed that the website is a scam that contains many fake female profiles (Gardner, 2015). According to them, males constitute between 90 and 95 percent of the total users of the site. Such assertions were supported by a former employee of Ashley Madison who claimed that the company created thousands of fake female profiles to lure more men into signing up. Doriana Silva, who joined the Ashley Madison in March 2011, alleged that the company told her to put together about 1,000 fake female profiles in three weeks time (Gardner, 2015). If these claims were true, then they directly contradicted the assertions by Noel Biderman, the former CEO of Ashley Madison, that the company had almost an equal number of male and female users. The use of fake female profiles was a lucrative fraud that saw many men paying for credits to interact with women on the website.

Some female profiles were not the only things that were fake on Ashley Madison but also the use of fake winks to entice men into paying more money to interact with the accounts where the winks originated. Essentially, these winks show that a member likes another user of the site hence creating an opportunity to initiate a conversation. When questioned about the fake winks, the company claimed that they only use them for marketing research purposes (Mansfield-Devine, 2015). However, many people believe that it is legally and morally wrong to use fake posts to entice customers to pay for certain services. Undoubtedly, this can also be viewed as a fraud that the company used to make more money. The fake female profiles and winks together made members pay up to $290 for them to interact with people who did not exist (Mansfield-Devine, 2015). Clearly, tricking users into paying for fake things is a fraudulent activity.

Another fraudulent issue with regards to the Ashley Madison case is that the company claimed that they would wipe out customers data when the paid a $19 fee. However, the company did not delete all the information associated with a user account as revealed by the hack (Smith, 2015). The hackers were able to obtain critical information such as transaction details that made it possible to link a user account to a certain person. The company claimed that it maintained its promise by removing information which was outlined in the policies. The information to be removed included the real name, email address, username, and profile information (Smith, 2015). Transaction data from the company database was not a part of the promise. Therefore, the company claimed that it was not guilty of maintaining such data in its database.

Finally, the company may be considered to have committed fraud by not authenticating the email addresses that people used to sign up to the site. Lack of verification enabled many people to create profiles using fake email addresses as one of the ways to protect their identities. However, such a system also allowed users to sign up for the site using email addresses of other people. After the hacking incident, some people claimed that their email addresses were used for registering up for the site without their consent (Mansfield-Devine, 2015). Even if this was the case, a person had to pay $19 for the site to remove any information associated with them. Thus, people who had never used Ashley Madison could be implicated for actions they did not commit. In turn, they may experience certain problems such as reputational damage, divorce, or even loss of employment.

Accountability of Ashley Madison on the Hacking Incident

Ashley Madison should be held accountable for the hacking incident. There are two main reasons for such a stand. First, the company should be held responsible for its security failures and secondly, the business questionable business practices of the company were among the main factors that contributed to the hacking incident. Ashley Madison always bragged about being a secure platform to the press from time to time (Mansfield-Devine, 2015). The very nature of the operations of the company implies that the company should have taken security as the most important thing. However, with the hacking incident, it became clear that this was not the case. Unlike other companies, with Ashley Madison, the consequence of the incident is not only identity theft but also the destruction of the personal lives of many people. Compounding this problem is that the victims have very little option aside from lawsuits which may end up not being successful.

Based on the information about the hacking incident it is clear that Ashley Madison had two options: Either shutting down the site or refuse and hope the hackers do not release sensitive information about users. The company chose not to heed to the demands of the hackers which eventually led to the release of a huge amount of sensitive customer information (Mansfield-Devine, 2015). When companies do not take the threat of hacking seriously, then it would be difficult to stop the hackers. Therefore, companies need to be held responsible for their security and hefty fines be put in place for companies that do not follow the best security practices. If reputational damage of a company is not enough then maybe a hefty fine will stir up things.

The second reason why Ashley Madison should be held accountable for the hacking incident is because of the questionable business practices such as using fake female profiles. The hackers indicated such practices while maintaining that Ashley Madison was a scam that used the pain of others to build its business (Gardner, 2015). Apart from the morality question, it seems that the questionable business practices of the company also contributed to the hacking incident. Therefore, if the company did what it had promised to customers such as deleting all information associated with their accounts after payment, using real user profiles for interaction, and be a strongly secure platform, then the chances of hacking would be minimal.

Likely Views of People on the Ashley Madison Hacking Incident

People are not likely to condone the Ashley Madison hacking incident since it caused a lot of damage to many people, even those who were not associated with the site. The hacking put at risk the reputation of millions of people, their friendships marriages and even jobs (Mansfield-Devine, 2015). The worst part of it is that some customers used other peoples email address thereby putting their life in unwanted situations despite not ever accessing the website. Though the hackers claimed that they committed such an act on moral grounds, the real-life impact of their actions on individuals may be devastating (Mansfield-Devine, 2015). Also, people might not approve the hacking incident since such a move may set a precedent for other hackers who do not approve the principles or practices of other companies no moral grounds. If the hacker group was successfully in hacking Ashley Madison because they viewed their operations as immoral, then approving such an incident would encourage people to hack business with products or services they dislike, despite them not being illegal or unethical.

The Stuxnet Worm

The Stuxnet worm was the first known malware that targeted programmable logic controllers (PLCs). Programmable Logic Controllers run various industrial plants, electric power plants and transmission and distribution systems in different parts of the world. Although these systems have been compromised in many countries, the Stuxnet worm specifically targeted Iranian systems because of the way they operate (Kerr, Rollins, & Theohary, 2010). The worm seeks out Windows computer systems running specific configurations of PLC software manufactured by Siemens. Iran uses such software to monitor and control process at their various industrial facilities including the Bushehr nuclear power plant. The Stuxnet worm is thought to have infected at least 30,000 IP addresses in Iran, and new versions of the worm are still spreading (Kerr et al., 2010).

Nature and Type of the Stuxnet Worm and its Operation

The Stuxnet worms aim was to cause system interference. Computer worms are self-replicating and harm a system by initiating numerous data transfer processes. They can affect computer systems by hindering their smooth operation and use system resources to multiply thus causing, even more, damage (Fosnock, 2005). Computer worms influence whole computer networks thus compromising the operation of critical infrastructure. If offenders are successful in preventing smooth operations of computer systems, such an act can result in...