Glossary

American Society of Industrial Security (ASIS) is a network of 34,000 members that extends to more than 250 chapters and members in 158 countries. ASIS continues to expand its global reach and has added 3 new chapters so far in 2021: Bajio (Mexico), Kolkata (India) and Chandigarh (India). Our transition into communities continues to progress and bring new members into the conversation—with now almost 7,000 members participating in at least one of the 35 Subject-Area Communities.

Behavioral theory or behaviorism is the second major psychological theory. This theory maintains that human behavior is developed through learning experiences. The hallmark of behavioral theory is the notion that people alter or change their behavior according to the reactions this behavior elicits in other people (Bandura, 1978).

Carter’s classification – (1) the target of the crime, (2) the instrument of the crime, (3) incidental to the crime, and also (4) crimes associated with the prevalence of computers

Computer Crime describes is a broad range of offenses that are like traditional forms of the same non-computer offense, e.g., larceny or fraud. Sam McQuade III (2006) describes computer crime as “Traditional crime committed in a non-traditional way” or as what Peter N. Grabosky refers to as, “The same old wine in new bottles” (OJP, 2000). Some of them are the same as non-computer offenses, such as larceny or fraud, except that a computer or the Internet is used in the commission of the crime. Others, like hacking, are uniquely related to computers. Read on to find out what kinds of activities are considered computer crimes and how to protect yourself from them.

Cybercrime is any criminal offense (e.g., fraud, theft, or distribution of child pornography [CP]) committed using a computer specially to access without authorization, transmit, or manipulate data via the Internet or otherwise aided by various forms of computer technology, such as the use of online social networks to bully others or sending sexually explicit digital photos with a smart phone.

Cybercriminology combines coursework in Criminal Justice and Computer Science to study the growing problem of computer crime.

Cyber victimization is one consequence of technology use. Cyber victimization is defined as experiencing aggressive behaviors via information and communication technologies, such as the internet, gaming consoles, and mobile phones. Gordon and Ford two-category scheme – a two-category scheme to classify cybercrimes into (a) Type I offenses and (b) Type II offenses.

Deep Web is an umbrella term for parts of the internet not fully accessible using standard search engines such as Google, Bing and Yahoo. The contents of the deep web range from pages that were not indexed by search engines, paywalled sites, private databases and the dark web.

Economic espionage is defined by the Economic Espionage Act (Title 18 U.S.C. §1831), economic espionage is (1) whoever knowingly performs targeting or acquisition of trade secrets to (2) knowingly benefit any foreign government, foreign instrumentality, or foreign agent. In contrast, the theft of trade secrets (Title 18 U.S.C. Section 1832) is (1) whoever knowingly misappropriates trade secrets to (2) benefit anyone other than the owner.

Historically, economic espionage has targeted defense-related and high-tech industries. But recent FBI cases have shown that no industry, large or small, is immune to the threat. Any company with a proprietary product, process, or idea can be a target; any unprotected trade secret is vulnerable to theft by those who wish to illegally obtain innovations to increase their market share at a victim company’s expense.

Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.

Industrial espionage – The term industrial espionage refers to the illegal and unethical theft of business trade secrets for use by a competitor to achieve a competitive advantage. This activity is a covert practice often done by an insider or an employee who gains employment for the express purpose of spying and stealing information for a competitor. Industrial espionage is conducted by companies for commercial purposes rather than by governments for national security purposes.

Information Security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.

Insider threats are the source of many losses in critical infrastructure industries. Additionally, well-publicized insiders have caused irreparable harm to national security interests. An insider threat is defined as the threat that an employee or a contractor will use his or her authorized access, wittingly or unwittingly, to do harm to the security of the United States. Although policy violations can be the result of carelessness or accident, the primary focus of this project is preventing deliberate and intended actions such as malicious exploitation, theft or destruction of data or the compromise of networks, communications or other information technology resources. The Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T) Insider Threat project is developing a research agenda to aggressively curtail elements of this problem.

Malicious data files are non-executable files—such as a Microsoft Word document, an Adobe PDF, a ZIP file, or an image file—that exploits weaknesses in the software program used to open it. Attackers frequently use malicious data files to install malware on a victim’s system, commonly distributing the files via email, social media, and websites.

National Insider Threat Task Force’s (NITTF) primary mission is to develop a Government-wide insider threat program for deterring, detecting, and mitigating insider threats, including the safeguarding of classified information from exploitation, compromise, or other unauthorized disclosure, taking into account risk levels, as well as the distinct needs, missions, and systems of individual agencies.

Privacy is the state of being free from unwanted or undue intrusion or disturbance in one’s private life or affairs; freedom to be let alone.

Ransomware is a type of malware that infects computer systems, restricting users’ access to the infected systems. Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert. Typically, these alerts state that the user’s systems have been locked or that the user’s files have been encrypted. Users are told that unless a ransom is paid, access will not be restored. The ransom demanded from individuals varies greatly but is frequently $200–$400 dollars and must be paid in virtual currency, such as Bitcoin.

Rational choice in criminology adopts a utilitarian belief that humans are reasoning actors who weigh means and ends, costs and benefits, in order to make a rational choice. This method was designed by Cornish and Clarke to assist in thinking about situational crime prevention.

Routine Activities Theory– According to Cohen and Felson, crime occurs when there is a convergence in time and space of three factors: (1) motivated offender, (2) suitable target, and (3) the absence of a capable guardian, e.g., inadequate software protection.

Security breach notification laws data breach notification laws are laws that require individuals or entities affected by a data breach, unauthorized access to data, to notify their customers and other parties about the breach, as well as take specific steps to remedy the situation based on state legislature.

Social theory is an empirically tested set of ideas within the social sciences, e.g., social process, that views criminality as a function of people’s interactions with various organizations, institutions, and processes in society; people in all walks of life have the potential to become criminals if they maintain destructive social relationships.

Theory is an attempt to answer the question of “Why?” within the framework of established propositions that provide the basis for an empirical examination.

Transnational organized crime groups are self-perpetuating associations of individuals who operate, wholly or in part, by illegal means and irrespective of geography. They constantly seek to obtain power, influence, and monetary gains. There is no single structure under which TOC groups function—they vary from hierarchies to clans, networks, and cells, and may evolve into other structures. These groups are typically insular and protect their activities through corruption, violence, international commerce, complex communication

Trojan Horses are computer programs that are hiding a virus or a potentially damaging program. It is not uncommon that free software contains a Trojan horse making a user think they are using legitimate software, instead the program is performing malicious actions on your computer.

US-CERT / Cybersecurity & Infrastructure Security Agency (CISA) provides secure means for constituents and partners to report incidents, phishing attempts, malware, and vulnerabilities.

Virus and malicious code are unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses (CISA, 2021). Viruses can damage or destroy files on a computer system and are spread by sharing an already infected removable media, opening malicious email attachments, and visiting malicious web pages.

Worms are a type of virus that self-propagates from computer to computer. Its functionality is to use all your computer’s resources, which can cause your computer to stop responding.