Cybercrime and Digital Technology in China

I discussed the topic of cybercrime and its preventive measures in context of China in this research paper.

INTRODUCTION

In this brave new era, the Internet has disruptively brought about socio-economic changes to human lives. People are becoming more dependent on and nations are constantly implementing this technology to their prosperity. China is not an exception. Its steadfast approach has resulted in positive outcomes. As of December 2015, there are 668 million Chinese users, increasing the penetration rate to 50,3% (China Internet Network Information Center (CNNIC), 2016). Chinese enterprises are also doing phenomenally in maneuvering the Net. Almost all companies (95,2%) use the Internet, “32.6% [...] engaged in online sales and [...] 33.8% launched online marketing and promotional activities” (CNNIC, 2016), raising the Internet economy up to 1,144.5 billion Yen (iResearch, 2017).

At the same time, this economic powerhouse is highly susceptible to cybercrime. According to CINIC (2016), in 2015, three most common crimes include virus attacks, stolen identities and online consumption fraud, with the first two reduced while the last increased when compared to the year before. However, the situation is not left unattended. China has implemented a variety of engines such as Geographic Information System (GIS), digital forensic, cyber crowdsourcing, mass surveillance and framework suggestions to identify, combat and eventually reduce misconducts. Each tool has unique characteristics, strengths and weaknesses that can either do the job or damage the very intention the Chinese are striving for.

In that light, this paper is dedicated to analysing those ups and downs of the four tools mentioned in context of China. The paper starts by explaining the criminal typology. Then, it moves on to discuss the socio-economic characteristics of Chinese cybercrime with regards to the already defined  classification. After that, the essay introduces and carefully analyses a series of preventive and detective measures: GIS, digital forensics, cyber-crowdsourcing, and, prevention framework. It finally concludes by summarizing all the sections covered and seeks to provide a direction for better implementation.   

CRIMINAL TYPOLOGY

The fundamental task when analysing Chinese cybercrime landscape is dissecting its typology. Nonetheless, this errand proves to be easier said than done. Within this paper, the author only suggests three major intertwining aspects covering the most ground to analyse. They include: the perpetrators’ motivation, the organization of miscreants and their exploiting means. The first constituent, motivation, raises the question of whether cybercrime is extrinsically motivated or intrinsically motivated (Kshetri 2013). Meaning that the culprits carry out the wrongdoings for external gains such as monetary rewards and intellectual property (extrinsically motivated) or for their own satisfaction, motivation and belief (intrinsically motivated). The second component comprises of two factions: individuals and groups with the latter ranging from medium entities to international bodies. Finally, there are a wide variety of tricks for cyber criminals to gain benefit from such as spamming, pharming, phishing (Norden 2013), virus and Trojan malware (CINIC 2016), botnets and toolkits (Chan & Wang 2015).

Most Chinese cyber criminals seek to make quick fortune (Chan & Wang 2015), in other words, they are extrinsically motivated bounty hunters. However, there is a significant portion of culprits aiming for secretive intellectual properties, much more than their Eastern European counterparts, whose goal is profit from toxic malware (Kshetri 2013). Interestingly, Chinese intrinsic hackers hack for some noble causes such as patriotism, political and communal obligations (Kshetri 2013). Typical Chinese perpetrators are overwhelmingly males working individually. They are young amateurs, mostly 17 to 45 years old, with some still in junior high-school. They use toolkits, botnets predisposed online for petty crimes. Contrast to common belief, most don’t receive good education, usually high-school students, unemployed individuals, low-rank employees or manual workers. Group based cyber crimes, on the other hand, are more complicated. These groups are highly specialized, diversely scattered and horizontally organized. They are tailored to specific task-for-hire such as creating botnets or releasing Trojan malware. Their members are located across China and work as equal with little to none hierarchical order. The interconnectedness and space-time boundlessness of cyber-world help them expand greatly, even passing through sovereign borders with one incident when Chinese hackers attacked the US conglomerate DuPont somewhere between 2009 and 2010. Due to the wild success of online frauds, many traditional criminal organizations have switched to Internet based operations. Some online groups go further and get backed up by legitimate corporations seeking extra profit under the table (Chan & Wang 2015).

CYBERCRIME LANDSCAPE ANALYSIS

Analysing Chinese cybercrime landscape is just as complex as classifying them. One factor requiring investigation is gender gap among offenders, similar to global trend. Therefore, Donner (2016) posits two explanations: gender upbringing difference and cyber-immersion. Within Chinese context, these trends are amplified by the heavily rooted Confucian ideal. In general, Chinese girls are brought up to be caring homemakers who don’t inflict harm. Boys, in contrast, grow up with a mindset of self-interest and home dominance. Furthermore, multiple studies have concluded, for many reasons, boys go online longer than girls, and the time online increases perpendicularly with the likelihood of involving in digital wrongdoings. In China, many boys spend days wandering online forums socializing or chatting, which, in turn, can lure them into online deviance.

​

As for the overview breakdown, some political, socio-economic factors can unlock the mysteries. One factor that accounts for cyber-misconducts is the unstable digital penal law. Although China has somewhat thorough cyber-security law, there are many loopholes identified by Li (2015) that infiltrators can utilize. They include the overlap of provisions, missing of referred regulations and laws, narrow criminalization, narrow constituents, and laggard penalties. Not stopping, Kshetri (2013) also criticized Chinese legislation for focusing on cyber-control rather than cyber-security.

Other socio-economic elements can help understand digital crime better (Das & Nayak 2013). One factor is unemployment. Although the unemployment rate is low, 3.95% (Reuters 2017), it still makes up of 60 million people, a large pool for cybercrime activities since the impoverished life can cause many to turn to cybercrime for quick cash. Other variants include quality education and generation gap. Due to volatile incidents in the 50s and 60s, the older generations didn’t have access to good education, making them more prone to cyber attacks. While youngsters nowadays have unlimited access to knowledge with only a click away, explaining why the majority of hackers are still green in life. Finally, high penetration rate, daily dependence and dense population in urban areas expound the notion of urban concentrated crimes (Kshetri 2013).

International dimension of cybercrime, also, should not left unmentioned. The tension between China and the US have lead to many heated accusations on cyber-wars [cite]. Therefore, pacifist hackers feel responsible, even obliged to join cyber wars and attack the Western power. This directly answers the astonishing cybercrime rates and accounts for the positive hacking connotations in China, which, ultimately, inspire young ones and create better hacking generations. Moreover, Yong (2011) notices that China has no agreement with any foreign countries on ‘cybercriminal combating judicial cooperation’, hence multinational gangs still roam Chinese virtual world.  

CYBERCRIME PREVENTION

However, ICT specialists and cyber-security professionals have implemented a plethora of powerful tools and thoughtful frameworks to combat the situation.

• Digital forensics

Digital forensics (DF), in its essence, is the use of technological advancements, scientific methods to conduct a series of six structured processes with the main goal of anticipating, preventing, and solving virtual criminal activities. These steps consist of ‘evidence identification, data acquisition, evidence examination, evidence analysis, documentation and evidence presentation’ (Raghavan 2013). Each step requires different personnel with specific skillsets and intellects in digital forensics (Ozel, Yavuzcan, Bulbul 2013). For instance, highly trained DF manpower should involve in all processes to oversee and assure data integrity and inspection, while untrained personnel accidently work on a cybercrime case should only be included in the first step of evidence identification, meaning finding physical devices containing clues or data (Ozel, Yavuzcan, Bulbul 2013).

Up to now, digital forensics is the best means to recover wide variety of lost or deleted data including cloud storage, image, computer, etc all while analyzing them rapidly and carefully. On the downside, it is expensive, requires immense knowledge and might not be admitted in trials. Yet the biggest dilemma is ‘the volume problem’. Meaning that, with all engines and capabilities, digital forensics still can’t keep up with the load of volume it has to go through (Raghavan 2013).  

Digital forensics has become a hot topic in Chinese cyber-security schema in recent years. Although DF has been around since 2000, it wasn’t until the ICT boom recently that ICT get the spotlight. The means has proven its capability in thorough data recovery and efficient data analysis through empirical cases of Tarantula mobile phone forensic program (DFM 2012) and DESK forensic tool for popular applications like QQ or Foxmail (Yang et al 2010). These successes contribute to the rising popularity of the tool. One DF firm, Xiamen Meiya Pico Information, reports hit revenue in 2014 of up to $700 million Yuan, along with 50% growth rate (Feifei 2015).  Additionally, the downside of court nonadmissibility is not a concern in China due to the legal adoption of electronic data in ‘The Civil Procedure Code’ in 2014. In near future, Chinese DF firms should incorporate better structure and technology to overcome the global challenge of overloading data volume. It is a tough objection, but definitely a rewarding one when succeeded.

• Geographic Information System (GIS)

Geographic Information System terminology is interpreted differently in different literatures (Foote 1995). However, in general, GIS is the use of digital technologies to combine, analyse, interpret geographic and other related information onto one virtual map for wide selections of purposes including traditional crime prevention, urban mapping, or water quality management (Foote 1995) (Zhong et al 2011). Unfortunately, cybercrime prevention and detection is not the focus point of this channel. Luckily, in current years, with advancements in both technological and manpower capabilities, there have been suggestions for GIS in cybercrime.

(ESRI 2015) has proposed a cyber defense model of four steps for using the geospatial tool. The paper explains the initial action is gathering dispersed data to create a ‘geodatabase’ comprised of multiple informational layers, then maps out device locations and analyse data flow through each layer. The final mission is to distribute the geospatial map to specialists to keep track and identify cyber threats.

After researching, the author has found no evidence of Chinese GIS implementation in cybercrime. However, Zhong et al (2011) reports GIS usage in mapping out traditional crime in Shanghai metropolitan. This paper takes a closer look at crime distributions in Shanghai to provide information aiding policy makers and police in crime prevention. The authors carry out their work by comparing property and violent criminal data in three levels: macro, meso, and micro through Geographical Information System (GIS) and police records. The results conclude that both crimes cluster in city centers and emphasize strongly on correlations between criminal activities and population, land usage.

Besides, the Chinese government can use the plan mentioned for their cyber defense in major cities. They can combine pre-made GIS maps about population, power grids, computer locations to create extensive cybercrime map and analyse the data flow to anticipate upcoming attacks. Although this is only a theoretical proposal, with careful and detailed organization, it can become a powerful tool in anti-cyberattack arsenals.

• Framework

ICT tools are useless without properly crafted framework to maximize their capabilities. Therefore, the importance of a master plan is inarguable and unmeasurable. The author cross-examines two frameworks proposed by Chan and Wang (2015); and NIST to facilitate combined usage.

The first structure of Chan & Wang focuses on cybercrime prevention by dividing into three different target groups: victim-oriented, solution-oriented and offender-oriented with three escalating stages: primary, secondary, and tertiary. Offender-oriented paradigm views the public as potential offenders, thus focusing on cybercrime dissuasion and punishment. The second plan, solution-oriented, intends to ‘make cybercrime more difficult and costly to potential offenders’ (Chan & Wang 2013) public cyber education and international cooperations. This plan specifically gives prominence to joint forces and collaborations, which is crucial and helpful for Chinese cyber-security police. Finally, the last target group regards all as potential victim so it aims to promote cyber-security measures, technological education and crime reports. The first two aims not only aid in cyber prevention but also increases Chinese collective Internet intelligence.  

The United States’ NIST framework also comes in handy. The system deals with risk management, communication and strategic alignment between federal agencies and cyber-security agencies. It posits eight ‘federal cyber security risk management needs’ in three different levels. This program benefits Chinese master work in many ways. First, it dwells on the relationship between federal agencies, which is missing in Chan’s plan. Then, its cyber management and evaluation methods can strengthen implementation of cyber-security methods. However, NIST can be a wasteful integrating attempt if China’s Great Firewall have protected these agencies or there has been a pre-existing plan to cope with the problem.

• Human flesh search (Cyber-crowdsourcing)

The process by which netizens on digital platforms or communities collaboratively shed lights on a common cause through researching online and offline. A common cause can vary in cases such as social unrest, authority bias, criminal activities or even counter-terrorism. In Chinese, the term means ‘Human flesh search’ (HFS) or ‘renrou sousou’ and mostly involves cases regarding social justice, corruption and nationalism (Chang & Leung 2015) (Gorman 2012). Both papers mention many positive instances such as ‘Shenzhen Official’ corruption, ‘Wang Fei’ social justice but also negative ones such as ‘Grace Wang’ extreme nationalism. In short, HFS can bring light to the public, promote good deeds but can also facilitate wrongful online vigilantism or extreme nationalism. However, there are little mentions of cyber-security within Chinese borders.

On the other hands, the US is very voluble in implementing cyber-crowdsourcing for cyber defense. Infosec Institute (2015) mentioned ‘three methods may help raise information security awareness’ through cyber - crowdsourcing: crowdsourced reporting, crowdsourced security testing, and shared intelligence. Furthermore, president Obama highlighted ‘the importance of integrating intelligence in order to combat cyber threats’ (Basulto 2015). Not stopping, a security crowdsourced startup received $7.5 millions to develop (Lev-Ram 2014), showing the Americans’ efforts in realizing crowdsourced cyber security.

Accordingly, with significant and rising Internet population and penetration (CNNIC 2015), Chinese authorities should take action and test this model of cyber security. This tool advances due to the great number of participants, therefore, it can help out with the volume problem of digital forensics. However, basic digital forensics training is utmost required beforehand. Also, through its sharing intelligence and knowledge feature, this tool can gather intel on basic IT education, hence helping the framework of victim orientation mentioned above.

SUMMARY & DIRECTION

China cybercrime landscape’s interconnectedness with critical dimensions of politics, economy and society support vastly in comprehending its overall picture.  We now understand that the Neo-Confucian cultural impact have created such distant gender gap in cyber crime perpetrators. Unemployment, education quality and loose regulation create perfect opportunities for common cyber offends such as online frauds for virus attacks. Finally, international tension explain quite roundly the Chinese hacking sympathy and hacking culture.

However, series of anti-criminal measures can help Chinese authority in solving this dilemma. Until now, digital forensics is the most valuable tool in crime prevention as it can sort and go through mountains of data quickly and efficiently. The Chinese regulations are aiding the use of this tool for cyber investigation. As for geographic information system, since it has proven its resourcefulness in mapping traditional crimes and advances in the firm, it is very likely that China will implement this tool in near future. The same scenario can apply for cyber crowdsourcing as there are countless successful cases.  Lastly, all three should be implemented into certain connected frameworks to maximize their capacities.

There are some suggestions from the author to unify these four models. We can add in GIS, cyber crowdsourcing and digital forensics into Chan’s solution oriented framework. The first phase mostly targets general public to educate, hence, sharing intelligence through cyber crowdsourcing can be put to good use. Crowdsourcing should also be implemented in the third phase, during/after a case, as it can help share intel between agencies and utilize outer sources to quickly maneuver the attack. GIS can record suspicious activities with its maps to help cyber police determine risk groups in the second phase. And finally, digital forensics is applied in the last phase to retrieve and examine evidence.

REFERENCE

Basulto, D 2015, ‘Crowdsourcing America’s cybersecurity is an idea so crazy it might just work’, The Washington Post, February 5th, viewed September 10th 2017, <https://www.washingtonpost.com/news/innovations/wp/2015/02/05/crowdsourcing-americas-cybersecurity-is-an-idea-so-crazy-it-might-just-work/?utm_term=.ad7c5ada6400>.

Bulbul, H I, Yavuzcan C, & Ozel, M 2013, ‘Digital forensics: An Analytical Crime Scene Procedure Model (ACSPM)’, Forensic Science International, vol. 233, no. 1-3, pp. 244-256, ScienceDirect database.

Chan, D & Wang, D 2015, ‘Profiling cybercrime perpetrators in China and its policy countermeasures’, in Smith, R, Cheung, R, & Lau, L (eds), Cybercrime risks and responses Eastern and Western perspectives, Palgrave Macmillan Publishing company, London/New York, pp. 206-221.

Chang, L & Leung, A 2015, ‘An Introduction to Cyber Crowdsourcing (Human Flesh Search) in the Greater China Region’, in Smith, R, Cheung, R, & Lau, L (eds), Cybercrime risks and responses Eastern and Western perspectives, Palgrave Macmillan Publishing company, London/New York, pp. 240-252.

CNNIC 2016, Statistical Report on Internet Development in China, CNNIC, viewed August 28th, 2017, <https://cnnic.com.cn/IDR/ReportDownloads/201507/P020150720486421654597.pdf>.

Das, S & Nayak, T 2013, ‘Impact of Cyber Crime: Issues and Challenges’, International Journal of Engineering Sciences & Emerging Technologies, vol. 6, no. 2, pp. 142-153, viewed September 3rd, 2017, <www.ijeset.com/media/0002/2N12-IJESET0602134A-v6-iss2-142-153.pdf>.

Digital Forensics Magazine (DFM) 2012, ‘EDEC Digital Forensics and Teel Technologies Offer Certification in Chinese Phone Forensics’, Digital Forensics Magazine, March 27th, viewed September 3rd 2012, <http://www.digitalforensicsmagazine.com/index.php?option=com_content&view=article&id=782:edec-digital-forensics-and-teel-technologies-offer-certification-in-chinese-phone-forensics&catid=1:latest-news&Itemid=50>.  

Donner, C 2016, ‘The Gender Gap and Cybercrime: An Examination of College Students Online Offending’, Victim and Offenders: An International Journal of Evidence-based Research, Policy and Practice, vol. 11, no. 4: How the Internet Facilitate Deviance, pp. 556-577, Taylor & Francis Online database.    

Edsel, G 2014, ‘China crime stats’, Nation Master, April 6th, viewed July 30th 2017, < http://www.nationmaster.com/country-info/profiles/China/Crime>.  

ESRI, ‘The Geospatial Approach to Cybersecurity: Implementing a Platform to Secure Cyber Infrastructure and Operations’, ESRI, viewed September 7th 2017, <http://www.esri.com/library/whitepapers/pdfs/geospatial-approach-to-cybersecurity.pdf>.

Feifei F 2015, ‘Digital Forensics set for rapid growth in China’, China Daily, December 21st, viewed September 3rd 2017, <http://www.chinadaily.com.cn/business/2015-12/21/content_22759989.htm>.

Foote K & Margaret L 1995, ‘Geographic Information System as an Integrating Technology: Contexts, Concepts, and Definitions’, The Geographer’s Craft Project, Department of Geography, The University of Colorado at Boulder, viewed September 2nd 2017, <http://www.colorado.edu/geography/gcraft/notes/intro/intro.html>.

Gorman, P 2012, ‘Human Flesh Search: The Governmentality of Mass Surveillance in China’, Carleton University (Canada).

InfoSec Institute 2015, ‘Crowdsourcing Cybersecurity: How to Raise Awareness Through Crowdsourcing’, InfoSec Institute, September 22nd, viewed September 11th 2017, <http://resources.infosecinstitute.com/crowdsourcing-cybersecurity-how-to-raise-security-awareness-through-crowdsourcing/#gref>.

Kshetri, N 2013, ‘Cybercrime and cyber-security issues associated with China: some economic and institutional considerations’, Electronic Commerce Research, vol. 13, no. 1, pp. 41-69, SpringerLink database.

Law, F, Chow, K P & Mai, Y H 2014, Understanding Computer Forensics Requirements in China via The “Panda Burning Incense” Virus Case’, Journal of Digital Forensics, Security and Law, vol. 9, no. 2, pp. 51-58, SemanticScholar database.

Lev-Ram, M 2014, ‘For crowdsourced security startup, a carrot and a hack’, Fortune, April 24th, viewed September 11th 2017, <http://fortune.com/2014/04/24/for-crowdsourced-security-startup-a-carrot-and-a-hack/>.

Li, X 2015, ‘Regulation of Cyber Space: An Analysis of Chinese Law on Cyber Crime’, International Journal of Cyber Criminology, vol. 9, no. 2, pp. 185-204, Open Access database.

National Institute of Standards and Technologies (NIST), ‘The Cybersecurity Framework: Implementation Guidance for Federal Agencies’, NIST, Gaithersburg, viewed September 9th 2017, <http://csrc.nist.gov/publications/drafts/nistir-8170/nistir8170-draft.pdf>.

Norden, S 2013, ‘How The Internet Has Changed The Face of Crime’, Master of Science thesis, Florida Gulf Coast University, Florida, viewed September 1st 2017, <https://fgcu.digital.flvc.org/islandora/object/fgcu%3A21423/datastream/OBJ/view/How_the_Internet_has_Changed_the_Face_of_Crime_.pdf>.

Positive Article, ‘Pro and Con of Digital Forensics’, Positive Article, viewed September 11th, 2017, <http://positivearticles.com/blog/4240/pros-and-cons-computer-forensics/>.

Raghavan, S 2013, ‘Digital forensic research: current state of the art’, CSI Transaction on ICT, vol. 1, no. 1, pp. 91-114.

Reuters, ‘China’s unemployment rate falls below 4 percent at the end of first quarter’, Reuters.com, April 25th, viewed September 4th, <http://www.reuters.com/article/us-china-economy-jobs/chinas-unemployment-rate-falls-below-4-percent-at-end-of-first-quarter-idUSKBN17R0JN>.

Smith, R, Cheung, R, & Lau, L 2015, ‘Introduction: Cybercrime risks and responses Eastern and Western perspectives’, course notes for COMM2383 New Media New Asia, RMIT University, Saigon South, viewed 29th July 2017, Blackboard@RMIT.  

​

Yang, Y, Chow, K-P, Hui, L, Wang, C, Chen, L, Chen, Z, Chen, J 2010, ‘Forensic Analysis of Popular Chinese Internet Applications’, Advances in Digital Technologies, pp. 285-295, SpringerLink database.   

Yong, P 2011, ‘China New Criminal Legislation in the Progress of Harmonization of Criminal Legislation against Cybercrime’, China Legal Science, vol. 4, viewed September 3rd 2017, <https://rm.coe.int/16803042f0>.

​

Zhong, H, Yin, J, Wu, J, Yao, S, Wang, Z, Ly, Z, & Yu, B 2011, ‘Spatial Analysis for Crime Pattern of Metropolis in Transition Using Police Records and GIS: a Case Study of Shanghai, China’, International Journal of Digital Content Technology and its Applications, vol. 5, no. 2, pp. 93-105.