"Stealing" redirects here. For other uses, see Steal.
"Thief" and "Thieves" redirect here. For other uses, see Thief (disambiguation).
For other uses, see Thievery (disambiguation) and Theft (disambiguation).
In common usage, theft is the taking of another person's property or services without that person's permission or consent with the intent to deprive the rightful owner of it. :1092–3 The word is also used as an informal shorthand term for some crimes against property, such as burglary, embezzlement, larceny, looting, robbery, shoplifting, library theft, and fraud (that is, obtaining money under false pretenses). In some jurisdictions, theft is considered to be synonymous with larceny; in others, theft has replaced larceny. Someone who carries out an act of or makes a career of theft is known as a thief. The act of theft is also known by other terms such as stealing, thieving, and filching.
Theft is the name of a statutory offence in California, Canada, England and Wales, Hong Kong,Northern Ireland, the Republic of Ireland, and the Australian states of South Australia and Victoria.
The actus reus of theft is usually defined as an unauthorized taking, keeping, or using of another's property which must be accompanied by a mens rea of dishonesty and/or the intent to permanently deprive the owner or the person with rightful possession of that property or its use.
For example, if X goes to a restaurant and, by mistake, takes Y's scarf instead of her own, she has physically deprived Y of the use of the property (which is the actus reus) but the mistake prevents X from forming the mens rea (i.e., because she believes that she is the owner, she is not dishonest and does not intend to deprive the "owner" of it) so no crime has been committed at this point. But if she realises the mistake when she gets home and could return the scarf to Y, she will steal the scarf if she dishonestly keeps it (see theft by finding). Note that there may be civil liability for the torts of trespass to chattels or conversion in either eventuality.
Section 322(1) of the Criminal Code provides the general definition for theft in Canada:
322. (1) Every one commits theft who fraudulently and without colour of right takes, or fraudulently and without colour of right converts to his/her use or to the use of another person, anything, whether animate or inanimate, with intent
- (a) to deprive, temporarily or absolutely, the owner of it, or a person who has a special property or interest in it, of the thing or of his property or interest in it;
- (b) to pledge it or deposit it as security;
- (c) to part with it under a condition with respect to its return that the person who parts with it may be unable to perform; or
- (d) to deal with it in such a manner that it cannot be restored in the condition in which it was at the time it was taken or converted.
Sections 323 to 333 provide for more specific instances and exclusions:
- theft from oyster beds (s. 323)
- theft by bailee of things under seizure (s. 324)
- exception when agent is pledging goods (s. 325)
- theft of telecommunications service (s. 326)
- possession of device to obtain telecommunication facility or service (s. 327)
- theft by or from person having special property or interest (s. 328)
- theft by person required to account (s. 330)
- theft by person holding power of attorney (s. 331)
- misappropriation of money held under direction (s. 332)
- exception for ore taken for exploration or scientific research (s. 333)
In the general definition above, the Supreme Court of Canada has construed "anything" very broadly, stating that it is not restricted to tangibles, but includes intangibles. To be the subject of theft it must, however:
- be property of some sort;
- be property capable of being
- taken (therefore intangibles are excluded); or
- converted (and may be an intangible);
- taken or converted in a way that deprives the owner of his/her proprietary interest in some way.
Because of this, confidential information cannot be the subject of theft, as it is not capable of being taken as only tangibles can be taken. It cannot be converted, not because it is an intangible, but because, save in very exceptional far‑fetched circumstances, the owner would never be deprived of it. However, the theft of trade secrets in certain circumstances does constitute part of the offence of economic espionage, which can be prosecuted under s. 19 of the Security of Information Act.
For the purposes of punishment, Section 334 divides theft into two separate offences, according to the value and nature of the goods stolen:
- If the thing stolen is worth more than $5000 or is a testamentary instrument the offence is commonly referred to as Theft Over $5000 and is an indictable offence with a maximum punishment of 10 years imprisonment.
- Where the stolen item is not a testamentary instrument and is not worth more than $5000 it is known as Theft Under $5000 and is a hybrid offence, meaning that it can be treated either as an indictable offence or a less serious summary conviction offence, depending on the choice of the prosecutor.
- if dealt with as an indictable offence, it is punishable by imprisonment for not more than 2 years, and,
- if treated as a summary conviction offence, it is punishable by 6 months imprisonment, a fine of $2000 or both.
Where a motor vehicle is stolen, Section 333.1 provides for a maximum punishment of 10 years for an indictable offence (and a minimum sentence of six months for a third or subsequent conviction), and a maximum sentence of 18 months on summary conviction.
Article 2 of the Theft Ordinance provides the general definition of theft in Hong Kong:
(1) A person commits theft if he dishonestly appropriates property belonging to another with the intention of permanently depriving the other of it; and thief and steal shall be construed accordingly.
(2) It is immaterial whether the appropriation is made with a view to gain, or is made for the thief’s own benefit.
Theft is a crime with related articles in the Wetboek van Strafrecht.
- Article 310 prohibits theft (Dutch: diefstal), which is defined as taking away any object that (partly) belongs to someone else, with the intention to appropriate it illegally. Maximum imprisonment is 4 years or a fine of the fifth category.
- Article 311 consists of the following:
- Part 1. Punishable with maximum imprisonment of 6 years or a fine of the fourth category is:
- 1. Theft of cattle;
- 2. Theft during certain emergency occasions;
- 3. Theft during night in a residence by someone who is there without knowledge or permission of the owner;
- 4. Theft by 2 or more organized people;
- 5. Theft, where the thief got access by means of violence, climbing in, using false keys or disguise;
- 6. Terroristic theft.
- Part 2. When theft if committed as in 3 with the situation of 4 and 5, the punishment is a maximum imprisonment of 9 nears or a fine of the fifth category.
- Part 1. Punishable with maximum imprisonment of 6 years or a fine of the fourth category is:
- Article 312 consists of the following:
- Part 1 prohibits robbery (Dutch: beroving), which is defined as taking away any object with violence or with threat of violence. Maximum imprisonment is 9 years or a fine with the fifth category
- Part 2 allows maximum imprisonment of 12 years or a fine of the fifth category when:
- 1. Robbery was committed during night, in a residence, on the public road or moving train;
- 2. Robbery was committed by 2 or more people;
- 3. Robbery was committed by violence, climbing in, false key or disguise;
- 4. Robbery caused severe injury;
- 5. Robbery was terroristic.
- Part 3 allows maximum imprisonment of 15 years instead of 12 when robbery caused death to the victim.
- Article 314 consists of the following:
- Part 1 prohibits poaching (Dutch: stroperij), which is defined as taking away without violence the following: clay, sand, earth, raw wood, fallen vegetables (see the source for a complete list). Maximum imprisonment is one month or a fine of the second category.
- Part 2 increases the maximum imprisonment to 2 months when the crime is committed again less than 2 years after the first time.
- Article 315 increases the maximum imprisonment and fine category when poaching is done with vehicles and draft animals. Maximum imprisonment is 3 years or a fine of the fourth category.
Republic of Ireland
Theft is a statutory offence, created by section 4(1) of the Criminal Justice (Theft and Fraud Offences) Act, 2001.
According to the Romanian Penal Code a person committing theft (furt) can face a penalty ranging from 1 to 20 years.
Degrees of theft:
- Article 208: Theft (1 to 12 years)—When a person steals an object, or uses a vehicle without permission and no aggravating circumstances apply.
- Article 209: Qualified theft (3 to 20 years)
- Aggravating circumstances (3 to 15 years): a) by two or more persons together; b) by a person in possession of a gun or a narcotic substance; c) by a masked or disguised person; d) against a person who cannot defend his or herself; e) in a public place; f) in a public transportation vehicle; g) during nighttime; h) during a natural disaster; i) through burglary, or by using an original or copied key; j) stealing national treasures; k) stealing official identity papers with the intention to make use of them; l) stealing official identity badges with the intention to make use of them.
- Aggravating circumstances (4 to 18 years): a) stealing petrol-based products directly from transportation pipes and vehicles or deposits; b) stealing components from national electrification, telecommunication, irrigation networks or from any type of navigational system; c) stealing a siren; d) stealing a public intervention vehicle or device; e) stealing something which jeopardises the safety of public transportation.
- Aggravating circumstances (10 to 20 years): when the consequences are extremely grave and affect public institutions or the material stolen is worth over 200,000 RON (approximately US$80,000).
England and Wales
In England and Wales, theft is a statutory offence, created by section 1(1) of the Theft Act 1968. This offence replaces the former offences of larceny, embezzlement and fraudulent conversion.
The marginal note to section 1 of the Theft Act 1968 describes it as a "basic definition" of theft. Sections 1(1) and (2) provide:
- 1.-(1) A person is guilty of theft, if he dishonestly appropriates property belonging to another with the intention of permanently depriving the other of it; and "thief" and "steal" shall be construed accordingly.
- (2) It is immaterial whether the appropriation is made with a view to gain, or is made for the thief’s own benefit.
Sections 2 to 6 of the Theft Act 1968 have effect as regards the interpretation and operation of section 1 of that Act. Except as otherwise provided by that Act, sections 2 to 6 of that Act apply only for the purposes of section 1 of that Act.
Section 3 provides:
(1) Any assumption by a person of the rights of an owner amounts to an appropriation, and this includes, where he has come by the property (innocently or not) without stealing it, any later assumption of a right to it by keeping or dealing with it as owner.
(2) Where property or a right or interest in property is or purports to be transferred for value to a person acting in good faith, no later assumption by him of rights which he believed himself to be acquiring shall, by reason of any defect in the transferor’s title, amount to theft of the property.
See R v Hinks and Lawrence v Metropolitan Police Commissioner.
Section 4(1) provides that:
"Property" includes money and all other property, real or personal, including things in action and other intangible property.
Edward Griew said that section 4(1) could, without changing its meaning, be reduced, by omitting words, to:
"Property" includes … all … property.
Sections 4(2) to (4) provide that the following can only be stolen under certain circumstances:
- Land or things forming part of land and severed from it (s. 4(2))
- Mushrooms growing wild on any land, or the flowers, fruit or foliage of plants growing wild on any land (s. 4(3))
- Wild creatures or the carcases of wild creatures (s. 4(4))
Confidential information and trade secrets are not property within the meaning of section 4.
The words "other intangible property" include export quotas that are transferable for value on a temporary or permanent basis.
Electricity cannot be stolen. It is not property within the meaning of section 4 and is not appropriated by switching on a current.Cf. the offence of abstracting electricity under section 13.
Belonging to another
Section 5 "belonging to another" requires a distinction to be made between ownership, possession and control:
- ownership is where a person is not legally accountable to anyone else for the use of the property:
- possession is where a person is only accountable to the owner for the use of the property; and
- control is where a person is only accountable to two people for the use of the property.
So if A buys a car for cash, A will be the owner. If A then lends the car to B Ltd (a company), B Ltd will have possession. C, an employee of B Ltd then uses the car and has control. If C uses the car in an unauthorised way, C will steal the car from A and B Ltd. This means that it is possible to steal one's own property.
In R v Turner, the owner removed his car from the forecourt of a garage where it had been left for collection after repair. He intended to avoid paying the bill. There was an appropriation of the car because it had been physically removed but there were two issues to be decided:
- did the car "belong to another"? The garage had a lien i.e. a "proprietary right or interest" in the car as security for the unpaid bill and this gave the garage a better right than the owner to possess the car at the relevant time.
- what was the relevance of Turner's belief that he could not steal his own property? The defence of mistake of law only applies if the defendant honestly believes that he has a right in law to act in the given way. Generalised and non-specific beliefs about what the law might permit are not a defence.
With the intention of permanently depriving the other of it
Section 6 "with the intent to permanently deprive the other of it" is sufficiently flexible to include situations where the property is later returned. For example, suppose that B, a keen football fan, has bought a ticket for the next home match. T takes the ticket, watches the match and then returns the ticket to B. In this instance, all that T returns is a piece of paper. Its value as a licence to enter the stadium on a particular day has been permanently lost. Hence, T steals the ticket. Similarly, if T takes a valuable antique but later repents and returns the goods, T has committed the actus reus with the mens rea. The fact that T's conscience forces a change of mind is relevant only for sentencing.
The offence created by section 12(1) of the Theft Act 1968 (TWOC) is available an alternative verdict on an indictment for theft.
Theft is an offence against property for the purposes of section 3 of the Visiting Forces Act 1952.
Mode of trial and sentence
Theft is triable either way. A person guilty of theft is liable, on conviction on indictment, to imprisonment for a term not exceeding seven years, or on summary conviction to imprisonment for a term not exceeding six months, or to a fine not exceeding the prescribed sum, or to both.
The only offence of aggravated theft is robbery, contrary to section 8 of the Theft Act 1968.
For the purposes of the provisions of the Theft Act 1968 which relate to stolen goods, goods obtain in England or Wales or elsewhere by blackmail or fraud are regarded as stolen, and the words "steal", "theft" and "thief" are construed accordingly.
Sections 22 to 24 and 26 to 28 of the Theft Act 1968 contain references to stolen goods.
Handling stolen goods
The offence of handling stolen goods, contrary to section 22(1) of the Theft Act 1968, can only be committed "otherwise than in the course of stealing".
Similar or associated offences
According to its title, the Theft Act 1968 revises the law as to theft and similar or associated offences. See also the Theft Act 1978.
In Northern Ireland, theft is a statutory offence, created by section 1 of the Theft Act (Northern Ireland) 1969.
In the United States, plenary regulation of theft exists only at the state level, in the sense that most thefts by default will be prosecuted by the state in which the theft occurred. The federal government has criminalized certain narrow categories of theft which directly affect federal agencies or interstate commerce. The Model Penal Code includes categories of theft by unlawful taking or by unlawfully disposing of property, theft by deception (fraud), theft by extortion, theft by failure to take measures to return lost or mislaid or mistakenly delivered property, theft by receipt of stolen property, theft by failing to make agreed disposition of received funds, and theft of services.:1090–3
Although many U.S. states have retained larceny as the primary offense, some have now adopted theft provisions.
Grand theft, also called grand larceny, is a term used throughout the United States designating theft that is large in magnitude or serious in potential penological consequences. Grand theft is contrasted with petty theft, theft that is of smaller magnitude or lesser seriousness.
Theft laws, including the distinction between grand theft and petty theft for cases falling within its jurisdiction, vary by state. This distinction is established by statute, as are the penological consequences. Most commonly, statutes establishing the distinction between grand theft and petty theft do so on the basis of the value of the money or property taken by the thief or lost by the victim, with the dollar threshold for grand theft varying from state to state. Most commonly, the penological consequences of the distinction include the significant one that grand theft can be treated as a felony, while petty theft is generally treated as a misdemeanor.
In some states, grand theft of a vehicle may be charged as "grand theft auto" (see motor vehicle theft for more information).
Repeat offenders who continue to steal may become subject to life imprisonment in certain states.
Sometimes the federal anti-theft-of-government-property law 18 U.S.C. § 640 is used to prosecute cases where the Espionage Act would otherwise be involved; the theory being that by retaining sensitive information, the defendant has taken a 'thing of value' from the government. For examples, see the Amerasia case and United States v. Manning.
When stolen property exceeds the amount of $500 it is a felony offense. If property is less than $500, then it is a Class A misdemeanor. Unlike some other states, shoplifting is not defined by a separate statute but falls under the state's general theft statute.
The Alaska State Code does not use the terms "grand theft" or "grand larceny." However, it specifies that theft of property valued at more than $1,000 is a felony whereas thefts of lesser amounts are misdemeanors. The felony categories (class 1 and class 2 theft) also include theft of firearms; property taken from the person of another; vessel or aircraft safety or survival equipment; and access devices.
Felony theft is committed when the value of the stolen property exceeds $1000. Regardless of the value of the item, if it is a firearm or an animal taken for the purpose of animal fighting, then the theft is a Class 6 Felony.
The Theft Act of 1927 consolidated a variety of common law crimes into theft. The state now distinguishes between two types of theft, grand theft and petty theft. The older crimes of embezzlement, larceny, and stealing, and any preexisting references to them now fall under the theft statute.
There are a number of criminal statutes in the California Penal Code defining grand theft in different amounts. Grand theft generally consists of the theft of something of value over $950 (including money, labor or property but is lower with respect to various specified property), Theft is also considered grand theft when more than $250 in crops or marine life forms are stolen, “when the property is taken from the person of another,” or when the property stolen is an automobile, farm animal, or firearm.
Petty theft is the default category for all other thefts.
Grand theft is punishable by up to a year in jail or prison, and may be charged (depending upon the circumstances) as a misdemeanor or felony, while petty theft is a misdemeanor punishable by a fine or imprisonment not exceeding six months in jail or both.
In general, any property taken that carries a value of more than $300 can be considered grand theft in certain circumstances.
In Georgia, when a theft offense involves property valued at $500 or less, the crime is punishable as a misdemeanor. Any theft of property determined to be exceeding $500 may be treated as grand theft and charged as a felony.
Theft in the first or second degree is a felony. Theft in the first degree means theft above $20,000 or of a firearm or explosive; or theft over $300 during a declared emergency. Theft in the second degree means theft above $750, theft from the person of another, or agricultural products over $100 or aquacultural products from an enclosed property.
Theft is a felony if the value of the property exceeds $300 or the property is stolen from the person of another. Thresholds at $10,000, $100,000, and $500,000 determine how severe the punishment can be. The location from which property was stolen is also a factor in sentencing.
KRS 514.030 states that theft by unlawful taking or disposition is generally a Class A misdemeanor unless the items stolen are a firearm, anhydrous ammonia, a controlled substance valued at less than $10,000 or any other item or combination of items valued $500 or higher and less than $10,000 in which case the theft is a Class D felony. Theft of items valued at $10,000 or higher and less than $1,000,000 is a Class C felony. Theft of items valued at $1,000,000 or more is a Class B felony, as is first offense theft of anhydrous ammonia for the express purpose of manufacturing methamphetamines in violation of KRS 218A.1432. In the latter case, subsequent offenses are a Class A felony.
In Massachusetts, theft may generally be charged as a felony alue of stolen property is greater than $250.
Stealing is a felony if the value of stolen property exceeds $500. It is also a felony if “The actor physically takes the property appropriated from the person of the victim” or the stolen property is a vehicle, legal document, credit card, firearm, explosive, U.S. flag on display, livestock animal, fish with value exceeding $75, captive wildlife, controlled substance, or ammonia. Stealing in excess of $25,000 is usually a class B felony (sentence: 5–15 years), while any other felony stealing (not including the felonies of burglary or robbery) that does not involve chemicals is a class C felony (sentence: up to 7 years). Non-felony stealing is a class A misdemeanor (sentence: up to 1 year).
Grand larceny consists of stealing property with a value exceeding $1000; or stealing a public record, secret scientific material, firearm, credit or debit card, ammonia, telephone with service, or motor vehicle or religious item with value exceeding $100; or stealing from the person of another or by extortion or from an ATM. The degree of grand larceny is increased if the theft was from an ATM, through extortion involving fear, or involved a value exceeding the thresholds of $3,000, $50,000, or $1,000,000.
Grand Larceny: Value of goods exceed $900 (13 V.S.A. § 2501)
Grand Larceny: Value of goods exceed $200 (Virginia Code § 18.2-95)
Theft of goods valued between $750 and $5000 is second-degree theft, a Class C felony. Theft of goods valued above $5000, of a search-and-rescue dog on duty, of public records from a public office or official, of metal wire from a utility, or of an access device, is a Class B felony, as is theft of a motor vehicle  or a firearm.
Theft is defined at s.72 of the Crimes Act 1958. The actus reus and mens rea are defined as follows:
Appropriation – defined at s.73(4) of the Crimes Act 1958 as the assumption of any of the owners rights. It does not have to be all the owner's rights, as long as at least one right has been assumed(Stein v Henshall). If the owner gave their consent to the appropriation there cannot be an appropriation(Baruday v R). However, if this consent is obtained by deception, this consent is vitiated.
Property – defined at s.71(1) of the Crimes Act 1958 as being both tangible property, including money and intangible property. Information has been held not be property (Oxford v Moss).
Belonging to another – s.73(5) that property belongs to another if that person has ownership, possession, or a proprietary interest in the property. Property can belong to more than one person. s.73(9) & s.73(10) deal with situations where the accused receives property under an obligation or by mistake.
Theft is defined at s.134 of the Criminal Consolidation Act 1935 (SA).
If a person deals with property dishonestly, without the owners consent and intending to deprive the owner of their property, or make a serious encroachment on the proprietary rights of the owner, they are guilty of theft.
Under this law, encroachment on proprietary rights means that the property is dealt with in a way that creates a substantial risk that the property will not be returned to the owner, or that the value of the property will be greatly diminished when the owner does get it back. Also, where property is treated as the defendants own property to dispose of, disregarding the actual property owner’s rights.
For a basic offence, a person found guilty of this offence is liable for imprisonment of up to 10 years.
For an aggravated offence, a person found guilty of this offence is liable for imprisonment of up to 15 years.
Intention to permanently deprive – defined at s.73(12) as treating property as it belongs to the accused, rather than the owner.
Dishonestly – s.73(2) creates a negative definition of the term 'dishonestly'. The section deems only three circumstances when the accused is deemed to have been acting honestly. These are a belief in a legal claim of right (s.73(2)(a)), a belief that the owner would have consented (s.73(2)(b)), or a belief the owner could not be found(s.73(2)(c))
In the British West Indies, especially Grenada, there have been a spate of large-scale thefts of tons of sand from beaches. Both Grenada and Jamaica are considering increasing fines and jail time for the thefts.
Main article: Islamic criminal jurisprudence
In parts of the world which govern with sharia law, the punishment for theft is amputation of the right hand if the thief does not repent. This ruling is derived from sura 5 verse 38 of the Quran which states As to the thief, Male or female, cut off his or her hands: a punishment by way of example, from Allah, for their crime: and Allah is Exalted in power. This is viewed as being a deterrent.
Specific forms of theft and other related offences
- ^ ab"Theft". Merriam-Webster. Retrieved October 12, 2011.
- ^ abcd"Theft". legal-dictionary.The freedictionary.com. Retrieved October 12, 2011.
- ^ abCriminal Law – Cases and Materials, 7th ed. 2012, Wolters Kluwer Law & Business; John Kaplan, Robert Weisberg, Guyora Binder, ISBN 978-1-4548-0698-1, 
- ^ ab"Cap. 210 THEFT ORDINANCE". legislation.gov.hk.
- ^"Section 4, Criminal Justice (Theft and Fraud Offences) Act, 2001". Irish Statute Book.
- ^"Section 134, Criminal Law Consolidation Act, 1935 (SA)".
- ^Criminal Code, RSC 1985, c c-45, s 322.
- ^ abR. v. Stewart,  1 S.C.R. 963. Full text of Supreme Court of Canada decision at LexUM
- ^Security of Information Act, R.S.C., 1985, c. O-5, s.19
- ^ abc€ 19,500
- ^"wetten.nl – Wet- en regelgeving – Wetboek van Strafrecht – BWBR0001854". overheid.nl.
- ^ abc€ 78,000
- ^"wetten.nl – Wet- en regelgeving – Wetboek van Strafrecht – BWBR0001854". overheid.nl.
- ^"wetten.nl – Wet- en regelgeving – Wetboek van Strafrecht – BWBR0001854". overheid.nl.
- ^€ 3,900
- ^"wetten.nl – Wet- en regelgeving – Wetboek van Strafrecht – BWBR0001854". overheid.nl.
- ^"wetten.nl – Wet- en regelgeving – Wetboek van Strafrecht – BWBR0001854". overheid.nl.
- ^"Penal Code of Romania, art. 208". Retrieved January 29, 2013.
- ^"Penal Code of Romania, art. 209". Retrieved January 29, 2013.
- ^Griew, Edward. The Theft Acts 1968 and 1978. Sweet and Maxwell. Fifth Edition. 1986. Paragraph 2-01 at page 12.
- ^The Theft Act 1968, section 1(3)
- ^Griew, Edward. The Theft Acts 1968 and 1978. Sweet and Maxwell. Fifth Edition. 1986. Paragraph 2-03 at page 13.
- ^Oxford v Moss (1979) 68 Cr App Rep 183,  Crim LR 119, DC
- ^R v Absolom, The Times, 14 September 1983
- ^Attorney General of Hong Kong v Nai-Keung  1 WLR 1339, PC
- ^Low v Blease (1975) 119 SJ 695,  Crim LR 513, DC
Cybercrime, or computer oriented crime, is crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Cybercrimes can be defined as: "Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as Internet (networks including but not limited to Chat rooms, emails, notice boards and groups) and mobile phones (Bluetooth/SMS/MMS)". Cybercrime may threaten a person or a nation's security and financial health. Issues surrounding these types of crimes have become high-profile, particularly those surrounding hacking, copyright infringement, unwarranted mass-surveillance, sextortion, child pornography, and child grooming. There are also problems of privacy when confidential information is intercepted or disclosed, lawfully or otherwise. Debarati Halder and K. Jaishankar further define cybercrime from the perspective of gender and defined 'cybercrime against women' as "Crimes targeted against women with a motive to intentionally harm the victim psychologically and physically, using modern telecommunication networks such as internet and mobile phones". Internationally, both governmental and non-state actors engage in cybercrimes, including espionage, financial theft, and other cross-border crimes. Activity crossing international borders and involving the interests of at least one nation state is sometimes referred to as cyberwarfare.
A report (sponsored by McAfee) estimates that the annual damage to the global economy is at $445 billion; however, a Microsoft report shows that such survey-based estimates are "hopelessly flawed" and exaggerate the true losses by orders of magnitude.[third-party source needed] Approximately $1.5 billion was lost in 2012 to online credit and debit card fraud in the US. In 2016, a study by Juniper Research estimated that the costs of cybercrime could be as high as 2.1 trillion by 2019.[third-party source needed]
Computer crime encompasses a broad range of activities.
Fraud and financial crimes
Main article: Internet fraud
Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:
- Altering in an unauthorized way. This requires little technical expertise and is common form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
- Altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions. This is difficult to detect;
- Altering or deleting stored data;
Other forms of fraud may be facilitated using computer systems, including bank fraud, carding, identity theft, extortion, and theft of classified information.
A variety of internet scams, many based on phishing and social engineering, target consumers and businesses.
Main article: Cyberterrorism
Government officials and information technology security specialists have documented a significant increase in Internet problems and server scans since early 2001. But there is a growing concern among government agencies such as the Federal Bureau of Investigations (FBI) and the Central Intelligence Agency (CIA) that such intrusions are part of an organized effort by cyberterrorists, foreign intelligence services, or other groups to map potential security holes in critical systems. A cyberterrorist is someone who intimidates or coerces a government or an organization to advance his or her political or social objectives by launching a computer-based attack against computers, networks, or the information stored on them.
Cyberterrorism in general can be defined as an act of terrorism committed through the use of cyberspace or computer resources (Parker 1983). As such, a simple propaganda piece in the Internet that there will be bomb attacks during the holidays can be considered cyberterrorism. There are also hacking activities directed towards individuals, families, organized by groups within networks, tending to cause fear among people, demonstrate power, collecting information relevant for ruining peoples' lives, robberies, blackmailing etc.
Main article: Extortion
Cyber-extortion occurs when a website, e-mail server, or computer system is subjected to or threatened with repeated denial of service or other attacks by malicious hackers. These hackers demand money in return for promising to stop the attacks and to offer "protection". According to the Federal Bureau of Investigation, cyber-extortionists are increasingly attacking corporate websites and networks, crippling their ability to operate and demanding payments to restore their service. More than 20 cases are reported each month to the FBI and many go unreported in order to keep the victim's name out of the public domain. Perpetrators typically use a distributed denial-of-service attack.
An example of cyberextortion was the attack on Sony Pictures of 2014.
Main article: Cyberwarfare
The U.S. Department of Defense (DoD) notes that the cyberspace has emerged as a national-level concern through several recent events of geo-strategic significance. Among those are included, the attack on Estonia's infrastructure in 2007, allegedly by Russian hackers. "In August 2008, Russia again allegedly conducted cyberattacks, this time in a coordinated and synchronized kinetic and non-kinetic campaign against the country of Georgia. Fearing that such attacks may become the norm in future warfare among nation-states, the concept of cyberspace operations impacts and will be adapted by warfighting military commanders in the future.
Computer as a target
These crimes are committed by a selected group of criminals. Unlike crimes using the computer as a tool, these crimes require the technical knowledge of the perpetrators. As such, as technology evolves, so too does the nature of the crime. These crimes are relatively new, having been in existence for only as long as computers have—which explains how unprepared society and the world in general is towards combating these crimes. There are numerous crimes of this nature committed daily on the internet:
Crimes that primarily target computer networks or devices include:
Computer as a tool
Main articles: Internet fraud, Spamming, Phishing, and Carding (fraud)
When the individual is the main target of cybercrime, the computer can be considered as the tool rather than the target. These crimes generally involve less technical expertise. Human weaknesses are generally exploited. The damage dealt is largely psychological and intangible, making legal action against the variants more difficult. These are the crimes which have existed for centuries in the offline world. Scams, theft, and the likes have existed even before the development in high-tech equipment. The same criminal has simply been given a tool which increases his potential pool of victims and makes him all the harder to trace and apprehend.
Crimes that use computer networks or devices to advance other ends include:
- Fraud and identity theft (although this increasingly uses malware, hacking or phishing, making it an example of both "computer as target" and "computer as tool" crime)
- Information warfare
- Phishing scams
- Propagation of illegal obscene or offensive content, including harassment and threats
The unsolicited sending of bulk email for commercial purposes (spam) is unlawful in some jurisdictions.
Phishing is mostly propagated via email. Phishing emails may contain links to other websites that are affected by malware. Or, they may contain links to fake online banking or other websites used to steal private account information.
Obscene or offensive content
The content of websites and other electronic communications may be distasteful, obscene or offensive for a variety of reasons. In some instances these communications may be legal.
The extent to which these communications are unlawful varies greatly between countries, and even within nations. It is a sensitive area in which the courts can become involved in arbitrating between groups with strong beliefs.
One area of Internet pornography that has been the target of the strongest efforts at curtailment is child pornography, which is illegal in most jurisdictions in the world.
See also: Cyberbullying, Online predator, Cyberstalking, and Internet troll
Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments at specific individuals focusing for example on gender, race, religion, nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties. Harassment on the internet also includes revenge porn.
There are instances where committing a crime using a computer can lead to an enhanced sentence. For example, in the case of United States v. Neil Scott Kramer, Kramer was served an enhanced sentence according to the U.S. Sentencing Guidelines Manual §2G1.3(b)(3) for his use of a cell phone to "persuade, induce, entice, coerce, or facilitate the travel of, the minor to engage in prohibited sexual conduct." Kramer argued that this claim was insufficient because his charge included persuading through a computer device and his cellular phone technically is not a computer. Although Kramer tried to argue this point, U.S. Sentencing Guidelines Manual states that the term computer "means an electronic, magnetic, optical, electrochemically, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device."
Connecticut was the U.S. state to pass a statute making it a criminal offense to harass someone by computer. Michigan, Arizona, and Virginia and South Carolina have also passed laws banning harassment by electronic means.
Harassment as defined in the U.S. computer statutes is typically distinct from cyberbullying, in that the former usually relates to a person's "use a computer or computer network to communicate obscene, vulgar, profane, lewd, lascivious, or indecent language, or make any suggestion or proposal of an obscene nature, or threaten any illegal or immoral act," while the latter need not involve anything of a sexual nature.
Although freedom of speech is protected by law in most democratic societies (in the US this is done by the First Amendment), it does not include all types of speech. In fact spoken or written "true threat" speech/text is criminalized because of "intent to harm or intimidate", that also applies for online or any type of network related threats in written text or speech. The US Supreme Court definition of "true threat" is "statements where the speaker means to communicate a serious expression of an intent to commit an act of unlawful violence to a particular individual or group".
Darknet markets are used to buy and sell recreational drugs online. Some drug traffickers use encrypted messaging tools to communicate with drug mules. The dark web site Silk Road was a major online marketplace for drugs before it was shut down by law enforcement (then reopened under new management, and then shut down by law enforcement again). After Silk Road 2.0 went down, Silk Road 3 Reloaded emerged. However, it was just an older marketplace named Diabolus Market, that used the name for more exposure from the brand's previous success.
- One of the highest profiled banking computer crime occurred during a course of three years beginning in 1970. The chief teller at the Park Avenue branch of New York's Union Dime Savings Bank embezzled over $1.5 million from hundreds of accounts.
- A hacking group called MOD (Masters of Deception), allegedly stole passwords and technical data from Pacific Bell, Nynex, and other telephone companies as well as several big credit agencies and two major universities. The damage caused was extensive, one company, Southwestern Bell suffered losses of $370,000 alone.
- In 1983, a nineteen-year-old UCLA student used his PC to break into a Defense Department International Communications system.
- Between 1995 and 1998 the Newscorp satellite pay to view encrypted SKY-TV service was hacked several times during an ongoing technological arms race between a pan-European hacking group and Newscorp. The original motivation of the hackers was to watch Star Trek re-runs in Germany; which was something which Newscorp did not have the copyright to allow.
- On 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically sent that document and a copy of the virus spread via e-mail to other people.
- In February 2000, an individual going by the alias of MafiaBoy began a series denial-of-service attacks against high-profile websites, including Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN. About fifty computers at Stanford University, and also computers at the University of California at Santa Barbara, were amongst the zombie computers sending pings in DDoS attacks. On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks.
- The Russian Business Network (RBN) was registered as an internet site in 2006. Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals. The RBN has been described by VeriSign as "the baddest of the bad". It offers web hosting services and internet access to all kinds of criminal and objectionable activities, with an individual activities earning up to $150 million in one year. It specialized in and in some cases monopolized personal identity theft for resale. It is the originator of MPack and an alleged operator of the now defunct Storm botnet.
- On 2 March 2010, Spanish investigators arrested 3[clarification needed] in infection of over 13 million computers around the world. The "botnet" of infected computers included PCs inside more than half of the Fortune 1000 companies and more than 40 major banks, according to investigators.
- In August 2010 the international investigation Operation Delego, operating under the aegis of the Department of Homeland Security, shut down the international pedophile ring Dreamboard. The website had approximately 600 members, and may have distributed up to 123 terabytes of child pornography (roughly equivalent to 16,000 DVDs). To date this is the single largest U.S. prosecution of an international child pornography ring; 52 arrests were made worldwide.
- In January 2012 Zappos.com experienced a security breach after as many as 24 million customers' credit card numbers, personal information, billing and shipping addresses had been compromised.
- In June 2012 LinkedIn and eHarmony were attacked, compromising 65 million password hashes. 30,000 passwords were cracked and 1.5 million EHarmony passwords were posted online.
- December 2012 Wells Fargo website experienced a denial of service attack. Potentially compromising 70 million customers and 8.5 million active viewers. Other banks thought to be compromised: Bank of America, J. P. MorganU.S. Bank, and PNC Financial Services.
- April 23, 2013 saw the Associated Press' Twitter account's hacked - the hacker posted a hoax tweet about fictitious attacks in the White House that they claimed left President Obama injured. This hoax tweet resulted in a brief plunge of 130 points from the Dow Jones Industrial Average, removal of $136 billion from S&P 500 index, and the temporary suspension of AP's Twitter account. The Dow Jones later restored its session gains.
- In May 2017, 74 countries logged a ransomware cybercrime, called "WannaCry"
Combating computer crime
This section needs expansion. You can help by adding to it.(January 2015)
Diffusion of cybercrime
The broad diffusion of cybercriminal activities is an issue in computer crimes detection and prosecution. According to Jean-Loup Richet (Research Fellow at ESSEC ISIS), technical expertise and accessibility no longer act as barriers to entry into cybercrime. Indeed, hacking is much less complex than it was a few years ago, as hacking communities have greatly diffused their knowledge through the Internet. Blogs and communities have hugely contributed to information sharing: beginners could benefit from older hackers' knowledge and advice. Furthermore, Hacking is cheaper than ever: before the cloud computing era, in order to spam or scam one needed a dedicated server, skills in server management, network configuration, and maintenance, knowledge of Internet service provider standards, etc. By comparison, a mail software-as-a-service is a scalable, inexpensive, bulk, and transactional e-mail-sending service for marketing purposes and could be easily set up for spam. Jean-Loup Richet explains that cloud computing could be helpful for a cybercriminal as a way to leverage his attack – brute-forcing a password, improve the reach of a botnet, or facilitating a spamming campaign.
A computer can be a source of evidence (see digital forensics). Even where a computer is not directly used for criminal purposes, it may contain records of value to criminal investigators in the form of a logfile. In most countriesInternet Service Providers are required, by law, to keep their logfiles for a predetermined amount of time. For example; a European wide Data Retention Directive (applicable to all EUmember states) states that all E-mail traffic should be retained for a minimum of 12 months.
- Methodology of cybercrime investigation
There are many ways for cybercrime to take place, and investigations tend to start with an IP Address trace, however that is not necessarily a factual basis upon which detectives can solve a case. Different types of high-tech crime may also include elements of low-tech crime, and vice-versa, making cybercrime investigators an indispensable part of modern law-enforcement. Methodology of cybercrime detective work is dynamic and is constantly improving, whether in closed police units, or in international cooperation framework.
Due to easily exploitable laws, cybercriminals use developing countries in order to evade detection and prosecution from law enforcement. In developing countries, such as the Philippines, laws against cybercrime are weak or sometimes nonexistent. These weak laws allow cybercriminals to strike from international borders and remain undetected. Even when identified, these criminals avoid being punished or extradited to a country, such as the United States, that has developed laws that allow for prosecution. While this proves difficult in some cases, agencies, such as the FBI, have used deception and subterfuge to catch criminals. For example, two Russian hackers had been evading the FBI for some time. The FBI set up a fake computing company based in Seattle, Washington. They proceeded to lure the two Russian men into the United States by offering them work with this company. Upon completion of the interview, the suspects were arrested outside of the building. Clever tricks like this are sometimes a necessary part of catching cybercriminals when weak legislation makes it impossible otherwise.
President Barack Obama released in an executive order in April 2015 to combat cybercrime. The executive order allows the United States to freeze assets of convicted cybercriminals and block their economic activity within the United States. This is some of the first solid legislation that combats cybercrime in this way.
The European Union adopted directive 2013/40/EU. All offences of the directive, and other definitions and procedural institutions are also in the Council of Europe's Convention on Cybercrime.
Penalties for computer related crimes in New York State can range from a fine and a short period of jail time for a Class A misdemeanor such as unauthorized use of a computer up to computer tampering in the first degree which is a Class C felony and can carry 3 to 15 years in prison.
However, some hackers have been hired as information security experts by private companies due to their inside knowledge of computer crime, a phenomenon which theoretically could create perverse incentives. A possible counter to this is for courts to ban convicted hackers from using the Internet or computers, even after they have been released from prison – though as computers and the Internet become more and more central to everyday life, this type of punishment may be viewed as more and more harsh and draconian. However, nuanced approaches have been developed that manage cyberoffender behavior without resorting to total computer or Internet bans. These approaches involve restricting individuals to specific devices which are subject to computer monitoring or computer searches by probation or parole officers.
As technology advances and more people rely on the internet to store sensitive information such as banking or credit card information, criminals are going to attempt to steal that information. Cyber-crime is becoming more of a threat to people across the world. Raising awareness about how information is being protected and the tactics criminals use to steal that information is important in today's world. According to the FBI's Internet Crime Complaint Center in 2014 there were 269,422 complaints filed. With all the claims combined there was a reported total loss of $800,492,073. But yet cyber-crime doesn't seem to be on the average person's radar. There are 1.5 million cyber-attacks annually, that means that there are over 4,000 attacks a day, 170 attacks every hour, or nearly three attacks every minute, with studies showing us that only 16% of victims had asked the people who were carrying out the attacks to stop. Anybody who uses the internet for any reason can be a victim, which is why it is important to be aware of how one is being protected while online.
As cybercrime has proliferated, a professional ecosystem has evolved to support individuals and groups seeking to profit from cybercriminal activities. The ecosystem has become quite specialized, including malware developers, botnet operators, professional cybercrime groups, groups specializing in the sale of stolen content, and so forth. A few of the leading cybersecurity companies have the skills, resources and visibility to follow the activities of these individuals and group. A wide variety of information is available from these sources which can be used for defensive purposes, including technical indicators such as hashes of infected files or malicious IPs/URLs, as well as strategic information profiling the goals, techniques and campaigns of the profiled groups. Some of it is freely published, but consistent, on-going access typically requires subscribing to an adversary intelligence subscription service.
- ^Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing.
- ^Warren G. Kruse, Jay G. Heiser (2002). Computer forensics: incident response essentials. Addison-Wesley. p. 392. ISBN 0-201-70719-5.
- ^ ab* Halder, D., & Jaishankar, K. (2011) Cyber crime and the Victimization of Women: Laws, Rights, and Regulations. Hershey, PA, USA: IGI Global. ISBN 978-1-60960-830-9
- ^Steve Morgan (January 17, 2016). "Cyber Crime Costs Projected To Reach $2 Trillion by 2019". Forbes. Retrieved September 22, 2016.
- ^"Cyber crime costs global economy $445 billion a year: report". Reuters. 2014-06-09. Retrieved 2014-06-17.
- ^"Sex, Lies and Cybercrime Surveys"(PDF). Microsoft. 2011-06-15. Retrieved 2015-03-11.
- ^"#Cybercrime— what are the costs to victims - North Denver News". North Denver News. Retrieved 16 May 2015.
- ^"Cybercrime will Cost Businesses Over $2 Trillion by 2019" (Press release). Juniper Research. Retrieved May 21, 2016.
- ^Gordon, Sarah (July 25, 2006). "On the definition and classification of cybercrime"(PDF). Retrieved January 14, 2018.
- ^Laqueur, Walter; C., Smith; Spector, Michael (2002). Cyberterrorism. Facts on File. pp. 52–53. Retrieved 5 December 2016.
- ^"Cybercriminals Need Shopping Money in 2017, Too! - SentinelOne". sentinelone.com. Retrieved 2017-03-24.
- ^Lepofsky, Ron. "Cyberextortion by Denial-of-Service Attack"(PDF). Archived from the original(PDF) on July 6, 2011.
- ^Mohanta, Abhijit (6 December 2014). "Latest Sony Pictures Breach : A Deadly Cyber Extortion". Retrieved 20 September 2015.
- ^Dennis Murphy (February 2010). "War is War? The utility of cyberspace operations in the contemporary operational environment"(PDF). Center for Strategic Leadership. Archived from the original(PDF) on 20 March 2012.
- ^"Cyber Crime definition".
- ^"Save browsing". google.
- ^"2011 U.S. Sentencing Guidelines Manual § 2G1.3(b)(3)".
- ^"United States of America v. Neil Scott Kramer". Retrieved 2013-10-23.
- ^"South Carolina". Retrieved 16 May 2015.
- ^"1. In Connecticut, harassment by computer is now a crime". Nerac Inc. February 3, 2003. Archived from the original on April 10, 2008.
- ^"Section 18.2-152.7:1". Code of Virginia. Legislative Information System of Virginia. Retrieved 2008-11-27.
- ^ abSusan W. Brenner, Cybercrime: Criminal Threats from Cyberspace, ABC-CLIO, 2010, pp. 91
- ^"We talked to the opportunist imitator behind Silk Road 3.0". 2014-11-07. Retrieved 2016-10-04.
- ^ abcWeitzer, Ronald (2003). Current Controversies in Criminology. Upper Saddle River, New Jersey: Pearson Education Press. p. 150.
- ^David Mann And Mike Sutton (2011-11-06). ">>Netcrime". Bjc.oxfordjournals.org. Retrieved 2011-11-10.
- ^"A walk on the dark side". The Economist. 2007-09-30.
- ^"DHS: Secretary Napolitano and Attorney General Holder Announce Largest U.S. Prosecution of International Criminal Network Organized to Sexually Exploit Children". Dhs.gov. Retrieved 2011-11-10.
- ^DAVID K. LI (January 17, 2012). "Zappos cyber attack". New York Post.
- ^Salvador Rodriguez (June 6, 2012). "Like LinkedIn, eHarmony is hacked; 1.5 million passwords stolen". Los Angeles Times.
- ^Rick Rothacker (Oct 12, 2012). "Cyber attacks against Wells Fargo "significant," handled well: CFO". Reuters.
- ^"AP Twitter Hack Falsely Claims Explosions at White House". Samantha Murphy. April 23, 2013. Retrieved April 23, 2013.
- ^"Fake Tweet Erasing $136 Billion Shows Markets Need Humans". Bloomberg. April 23, 2013. Retrieved April 23, 2013.
- ^hermesauto (13 May 2017). "Unprecedented cyber attacks wreak global havoc".
- ^Richet, Jean-Loup (2013). "From Young Hackers to Crackers". International Journal of Technology and Human Interaction. 9 (1).
- ^Richet, Jean-Loup (2011). "Adoption of deviant behavior and cybercrime 'Know how' diffusion". York Deviancy Conference.
- ^Richet, Jean-Loup (2012). "How to Become a Black Hat Hacker? An Exploratory Study of Barriers to Entry Into Cybercrime". 17th AIM Symposium.
- ^Kshetri, Nir. "Diffusion and Effects of Cyber Crime in Developing Countries".
- ^Northam, Jackie. "U.S. Creates First Sanctions Program Against Cybercriminals".
- ^Adrian Cristian MOISE (2015). "Analysis of Directive 2013/40/EU on attacks against information systems in the context of approximation of law at the European level"(PDF). Journal of Law and Administrative Sciences. Archived from the original(PDF) on December 8, 2015.
- ^"Managing the Risks Posed by Offender Computer Use - Perspectives"(PDF). December 2011.
- ^Bowker, Art (2012). The Cybercrime Handbook for Community Corrections: Managing Risk in the 21st Century. Springfield: Thomas. ISBN 9780398087289.
- ^"2014 Internet Crime Report"(PDF). Internet Crime Complaint Center (IC3). 2015. Retrieved 2017-10-31.
- ^Feinberg, T (2008). "Whether it happens at school or off-campus, cyberbullying disrupts and affects". Cyberbullying: 10.
- ^"Dridex: Tidal waves of spam pushing dangerous financial Trojan"(PDF). symantec.com.
- ^ ab"Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware « Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware". FireEye. Retrieved 2018-01-03.
- Balkin, J., Grimmelmann, J., Katz, E., Kozlovski, N., Wagman, S. & Zarsky, T. (2006) (eds) Cybercrime: Digital Cops in a Networked Environment, New York University Press, New York.
- Bowker, Art (2012) "The Cybercrime Handbook for Community Corrections: Managing Risk in the 21st Century" Charles C. Thomas Publishers, Ltd. Springfield.
- Brenner, S. (2007) Law in an Era of Smart Technology, Oxford: Oxford University Press