NCJ Number
224442
Journal
Global Crime Volume: 9 Issue: 3 Dated: August 2008 Pages: 262-272
Date Published
August 2008
Length
11 pages
Annotation
After discussing how computer systems and data transmission are used as “cyber weapons” for criminal purposes, this article reviews legislative policy options for controlling their abuse and argues for enacting “cyber weapons” laws.
Abstract
“Cyber weapons” are essentially software programs that have been weaponized to target a wide variety of computer-based systems. Their destructive effects can range from disrupting services to the complete destruction of data and data-processing functions. Cyber weapons also include certain types of computer hardware that enable the launching of these software-based attacks. Perpetrators range from young cyber vandals to transnational criminals and international terrorists. Because of their volume, frequency, and pervasive presence, governments cannot realistically address the problem by responding to individual attacks. They must address the existence of cyber weapons themselves. This requires legislative reform. The first issue to be addressed is which weapons to target. Like firearms, there are offensive and defensive cyber weapons and some weapons that function as both. Purely offensive cyber weapons include the thousands of computer viruses that circulate across the Internet each year, as well as worms, Trojan horses, logic bombs, and programs that execute denial of service attacks and exploit scripts and programs that take advantage of vulnerabilities in operating systems. Cyber weapons for defense include antivirus programs, antispam programs, antispyware programs, firewalls, e-data shredders, system log cleaners, “cookie” cleaners, and encryption programs. This article proposes a legislative philosophy regarding cyber weapons that strikes a middle ground between no regulation whatsoever and total prohibition of defined hardware and software deemed to be weapons. Laws that distinguish between classes of cyber weapons and between legitimate users and those with malicious intent would provide a legal structure for police to take action against unlawful possession and use of specified cyber weapons. 38 notes