Category Archives: Computer Crimes

The Rise of Bitcoin

Image result for bitcoin

 of The Washington Times claims that the value of the shadowy digital currency known as Bitcoin has jumped to record highs this month, sending shock waves through America’s defense and intelligence agencies, which fear its growth signals a surge in use by terrorists, drug kingpins, white-collar criminals and Russian cybercriminals who don’t want to be tracked by the world’s governments.
BACKGROUND ON BITCOIN
For those who don’t know, Bitcoin is a worldwide cryptocurrency and digital payment system invented by an unknown programmer, or a group of programmers, under the name Satoshi Nakamoto. It was released as open-source software in 2009. The system is peer-to-peer, and transactions take place between users directly, without an intermediary. These transactions are verified by network nodes and recorded in a public distributed ledger called a blockchain. Since the system works without a central repository or single administrator, bitcoin is called the first decentralized digital currency.

Besides being created as a reward for mining, Bitcoin can be exchanged for other currencies, products, and services in legal or black markets.

As of February 2015, over 100,000 merchants and vendors accepted bitcoin as payment. According to research produced by Cambridge University in 2017, there are 2.9 to 5.8 million unique users using a cryptocurrency wallet, most of them using Bitcoin.

The currency’s unique power comes from its independency and lack of reliance on any single government for its legitimacy. Unlike regular money, digital or cryptocurrencies are not connected to banks or governments and allow anonymous purchases or money exchanges completely outside the realm of banks, credit card firms or other third parties. Instead, the coins exist because users “mine” them by lending their computing power to verify other users’ transactions.

CYBER TERRORISM & BITCOIN

In Britain, screenshots on social media showed National Health Service computer screens with messages demanding $300 worth of Bitcoin to regain access to files.

While cyberattacks have increasingly targeted businesses around the world, Bitcoin ransom attacks, especially in the U.S., are skyrocketing. The FBI’s Internet Crime Complaint Center reported it received 2,673 ransomware incidents last year — nearly double the  figure from 2014.

Despite Moscow’s denials of meddling in the U.S. presidential election, major investigations also continue into Russian hackers suspected of using cyberattacks to undermine or influence the vote.

WORLD GOVERNMENTS STRIKE BACK AGAINST CYBER CRIMES AND BITCOIN
This summer, the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), the Department of Justice and scores of European illicit finance law enforcement officials have fought back with a wave of operations against Russian cybercriminals. Late last month, they shuttered AlphaBay and Hansa — two of the biggest “dark web” contraband marketplaces rife with the illegal sale of guns, drugs and other forbidden merchandise.

In an even more startling sign of the battle raging around Bitcoin, a FinCEN-led international illicit financing task force arrested a Russian “mastermind of organized crime” on a small beachside village in northern Greece less than two weeks ago.

 Alexander Vinnik, who is accused of laundering more than $4 billion worth of illegal funds using Bitcoin accounts, operated BTC-e, one of the world’s oldest Bitcoin exchanges.

U.S. authorities accuse Mr. Vinnik of facilitating crimes including drug trafficking, public corruption, hacking, fraud, identity theft and tax refund fraud.

“Just as new computer technologies continue to change the way we engage each other and experience the world, so too will criminals subvert these new technologies to serve their own nefarious purposes,” Brian Stretch, U.S. attorney for the Northern District of California, said about BTC-e.

Mr. Vinnik was arrested amid worldwide cyberhavoc triggered by massive WannaCry’s Bitcoin ransomware attacks in May and June. The attacks forced a production shutdown at Renault auto plans, crashed computers at Britain’s National Health Service and targeted India’s ATM network.

A little-noticed provision of the law passed by Congress and signed by President Trump this month imposing new sanctions for North Korea, Iran and Russia mandated the formulation of a national security strategy to combat “the financing of terrorism and related forms of illicit finance.” Among those forms, according to the text of the law, were “so-called cryptocurrencies and other methods that are computer, telecommunications, or internet-based” for cybercrime.

America’s defense and intelligence agencies, FinCEN in particular, pride themselves on the U.S. government’s ability to track and disrupt the illicit financial networks that work through traditional banks and finance channels.

This summer’s crackdowns on illicit Bitcoin activity has been considerable, but the dramatic surge in the currency’s overall value poses even more challenges.

WHAT IS A BITCOIN WORTH NOWADAYS?

Over the past month, Bitcoin prices are up more than 30 percent. According to the CoinDesk Bitcoin Price Index, a bitcoin traded for more than $3,000 — a record high — this past weekend.

The surge follows a spinoff another cryptocurrency, Bitcoin Cash. Anticipation of the spinoff sent bitcoin values spiraling last month as market analysts predicted a “civil war” with the rival. The opposite appears to have occurred with the spinoff driving up Bitcoin’s value. Market analysts say the value surge demonstrated bitcoin’s resiliency in addition to a growing public appetite for cryptocurrencies.

On Thursday, bitcoins traded at $3,439.55 per coin, driving the overall market value of all existing bitcoins to $56 billion. Adding Bitcoin’s overall value to other cryptocurrencies such as Ethereum and Litecoin and the total market capitalization of such digital cash is roughly $120 billion.

HOW DO WE RESPOND TO THE INCREASED USE OF CRYPTOCURRENCIES?

Yaya Fanusie, a former counterterrorism analyst for the CIA, is credited with identifying the first verifiable instance of a terrorist organization attempting to use bitcoin to raise funds. He now runs analysis for the Center on Sanctions and Illicit Finance at the Foundation for Defense of Democracies and told The Washington Times in an interview that the increased volume of bitcoin trading in itself is not the concern.

“The national security concern is not that criminals will use this type of technology — they use all technologies,” Mr. Fanusie said. “The policy question is: How do you deal with something that governments can’t control?” He said the U.S. needs to engage with the cryptocurrencies as much as possible and pointed to Defense Department procurement experiments already underway.

“Bitcoin is like a rebellious teenager,” he said. “It wants to do its own thing. So what do you do? Do you ban it? No, you want to have a good relationship with it and influence how it develops.”

BUILDING A CRIMINAL DEFENSE 

Virtual currencies like Bitcoin can play a central role in more traditional types of crime. Bitcoin trading enables some types of unlawful purchases that may be serious offenses, such as illegal purchases of weapons or drugs. One such high-profile case is that of Silk Road’s alleged owner, Ross Ulbricht, whose Bitcoin assets of over $28 million were seized in a criminal investigation into alleged illegal drug sales.

Even ordinary cash has a history of being used for nefarious ends, but digital currency transactions can make the courtroom defense of criminal charges more complex. When facing the possibility of fines, forfeiture, or even incarceration, it is best to find an attorney with the experience it takes to build a nuanced, creative defense.

Sex Offenders & Cyberspace

Image result for Sex Offenders & Social Media

In Packingham v. North Carolina, the United State Supreme Court outlawed a North Carolina statute that makes it a felony for a registered sex offender to access a commercial social networking web site. The statute restricts lawful speech in violation of the First Amendment.

BACKGROUND FACTS

In 2008, North Carolina enacted a statute making it a felony for a registered sex offender to gain access to a number of websites, including commonplace social media websites like Facebook and Twitter. North Carolina has prosecuted over 1,000 people for violating this law.

The Defendant was charged after posting a statement on his personal Facebook profile about a positive experience in traffic court. The trial court denied petitioner’s motion to dismiss the charges on the ground that the law violated the First Amendment. He was convicted and given a suspended prison sentence. On appeal, the State Court of Appeals struck down the statute on First Amendment grounds, however, the North Carolina Supreme Court ended up reversing the decision.

The United States Supreme Court granted review on the issue is whether the Carolina Statute was permissible under the First Amendment’s Free Speech Clause, applicable to the States under the Due Process Clause of the Fourteenth Amendment.

COURT’S ANALYSIS & CONCLUSION

The U.S. Supreme Court held that the statute impermissibly restricts lawful speech in violation of the First Amendment.

First, the Court reasoned that the First Amendment allows all persons have access to places where they can speak, listen, reflect, speak and listen once more. Today, one of the most important places to exchange views is cyberspace, particularly social media, which offers “relatively unlimited, low-cost capacity for communication of all kinds to users engaged in a wide variety of protected First Amendment activity on any number of diverse topics. Reno v. American Civil Liberties Union, 521 U. S. 844, 870. The Court stated that the Internet’s forces and directions are so new, so protean, and so far reaching that courts must be conscious that what they say today may be obsolete tomorrow. Indeed, the Court expressly proceeded very carefully in its analysis:

“Here, in one of the first cases the Court has taken to address the relationship between the First Amendment and the modern Internet, the Court must exercise extreme caution before suggesting that the First Amendment provides scant protection for access to vast networks in that medium.”

That said, the Court bluntly reasoned that the statute is not narrowly tailored to serve a significant governmental interest.  Like other inventions heralded as advances in human progress, the Internet and social media will be exploited by the criminal mind. It is also clear that sexual abuse of a child is a most serious crime and an act repugnant to the moral instincts of a decent people, and that a legislature may pass valid laws to protect children and other sexual assault victims.

“Two assumptions are made in resolving this case,” said the Court. First, the law applies to commonplace social networking sites like Facebook, LinkedIn, and Twitter. Second, the First Amendment permits a State to enact specific, narrowly-tailored laws that prohibit a sex offender from engaging in conduct that often presages a sexual crime, like contacting a minor or using a website to gather information about a minor.

However, the Court reasoned that even with these assumptions, the North Carolina statute enacts unprecedented prohibitions in the scope of First Amendment speech it burdens:

“Social media allows users to gain access to information and communicate with one another on any subject that might come to mind. With one broad stroke, North Carolina bars access to what for many are the principal sources for knowing current events, checking ads for employment, speaking and listening in the modern public square, and otherwise exploring the vast realms of human thought and knowledge.”

The Court said that even convicted criminals might receive legitimate benefits from the social media for access to the world of ideas, particularly if they seek to reform and to pursue lawful and rewarding lives.

Consequently, the Court reasoned that North Carolina failed to prove that its sweeping law was necessary or legitimate to serve its purpose of keeping convicted sex offenders away from vulnerable victims. “No case or holding of this Court has approved of a statute as broad in its reach.” With that, the U.S. Supreme Court reversed and remanded Mr. Packingham’s criminal conviction.

My opinion? Excellent decision. Granted, nobody wants anyone using the internet for predatory purposes. Nevertheless, its simply unconstitutional to totally prohibit people – even convicted sex offenders – from using the internet and social media. There’s plenty of spyware, child molestation sting operations and government internet monitoring happening on the internet to reduce the risk of predatory behavior. There’s no need for the Government to make statutes which violate Constitutional rights.

Good decision.

Cell Phone Spying Is Unlawful

Image result for mobile spy software

In State v. Novick, The WA Court of Appeals Division II held the Defendant committed Computer Trespass in the First Degree when he installed “Mobile Spy” software on the victim’s cell phone and sent commands to activate the recording feature of the program in order to intentionally record the victim’s private communications.

David Novick and Lisa Maunu began dating in December 2013. Novick bought her a new mobile phone on March 11, 2014, and set it up for her. Unbeknownst to Maunu, Novick installed an application called Mobile Spy on Maunu’s new phone. The application allowed a person to log onto the Mobile Spy website and monitor the phone on which the application was installed.

From the Mobile Spy website, a user could access all the information stored on the monitored phone, including text messages, call logs, and e-mails. The versions of Mobile Spy software also permitted a user to send commands to the targetted phone from a “live control panel” on the website. One such command allowed a user to activate the phone’s microphone and recording features and record audio into a file that could then be downloaded from the website.

Eventually, Novick was caught after his girlfriend Maunu became suspicious. In short, Maunu became concerned because Novick expressed specific knowledge about Maunu’s health conditions, medications, doctors’ appointments, and private conversations.

With the assistance of Novick’s employer, it was discovered that Novick had downloaded over 500 audio files from Mobile Spy, searched for GPS (global positioning system) locations, and searched for particular telephone numbers.

The State charged Novick with eight counts of Computer Trespass in the First degree and eight counts of Recording Private Communications based on Novick’s use of Mobile Spy to record Maunu’s conversations. At trial, Novick was convicted on all charges.

Novick appealed on arguments that (1) the State failed to provide sufficient evidence that he intentionally recorded a private communication, and (2) entry of eight convictions of each crime violated his right against double jeopardy because the correct unit of prosecution covers the entire course of conduct.

Ultimately, the Court of Appeals disagree with Novick and affirmed his convictions.

  1. THE PROSECUTION SHOWED SUFFICIENT EVIDENCE OF COMPUTER TRESPASS FIRST DEGREE.
First, the Court explained that Computer Trespass in the First Degree occurs when a person intentionally gains access without authorization to a computer system or electronic database of another and the access is made with the intent to commit another crime. The Court further reasoned that here, the underlying crime was Recording Private Communications. A person commits the crime of recording private communications when he intercepts or records private communications transmitted by any device designed to record and/or transmit said communications.
Second, the Court reasoned that a forensic review of Novick’s computer activity revealed that he intentionally logged into Mobile Spy’s webiste and sent commands from the website to Maunu’s phone. Also, Novick’s computer records showed that he visited the live control panel on Mobile Spy’s website, downloaded audio files collected from Maunu’s phone and intentionally recorded Maunu’s private communications.
Accordingly, the Court held that the State presented sufficient evidence that Novick committed the crime of Recording Private Communications, and with that, committed Computer Trespass First Degree.
2. NO EVIDENCE OF DOUBLE JEOPARDY.
Next, the Court rejected arguments that Novick’s multiple convictions for Computer Trespass and Recording Private Communications violated the prohibition against Double Jeopardy because the correct unit of prosecution for each crime covers the entire course of Novick’s conduct.
The Court began by saying the Fifth Amendment to the United States Constitution provides that no “person be subject for the same offense to be twice put in jeopardy of life or limb.” Similarly, article I, section 9 of the Washington Constitution says, “No person shall . . . be twice put in jeopardy for the same offense.” In short, explained the Court, these double jeopardy provisions prohibit multiple convictions for the same offense.
Furthermore, when a defendant is convicted for violating one statute multiple times, the proper inquiry is, “What unit of prosecution has the Legislature intended as the punishable act under the specific criminal statute?” The Court explained that in order to determine whether there is a double jeopardy violation, the question becomes “what act or course of conduct has the Legislature defined as the punishable act?” Consequently, the scope of the criminal act as defined by the legislature is considered the unit of prosecution.
The Court explained that the first step is to analyze the statute in question. If the statute does not plainly define the unit of prosecution, we next examine the legislative history to discern legislative intent. Finally, a factual analysis is conducted to determine if, under the facts of the specific case, more than one unit of prosecution is present.
Ultimately, the Court was not persuaded by Novick’s “plain language of the statute” argument the if the legislature intended a single unit of prosecution based on a course of conduct, it could have said so plainly.
“What matters is not what the legislature did not say, but what it did say,” said the Court. “The plain language of the statutes support the conclusion that the units of prosecution . . . are each separate unauthorized access and each recording of a conversation without consent.” The Court further reasoned that while Novick’s actions were somewhat repetitious, they were not continuous:
“On at least eight separate and distinct times, Novick logged onto Mobile Spy’s website, accessed Maunu’s phone by issuing a command through the live control panel, and downloaded at least eight different recordings of conversations between Maunu and various other people. Each access was separated by time and reflected a separate intent to record a separate conversation.”
The Court concluded that the State proved that Novick intentionally recorded eight private communications. Additionally, Novick’s actions constituted multiple units of prosecution, and therefore, his multiple convictions did not violate double jeopardy principles. Thus, the Court affirmed Novick’s convictions.
My opinion? On the one hand, it’s shocking that citizens can be convicted of felonies by accessing mainstream computer software. Shouldn’t the software itself be outlawed instead? On the other hand, I see how parents can legally using the same software to track their minor children’s whereabouts, conversations and activities. That type of activity os not illegal.
This case presents a very good example of an atypical computer crime. We see that Computer Trespass First Degree is very similar to standard Burglary charges in that the State must prove the Defendant intends to commit a crime once they gain access to the victim’s computer system or electronic database. Recording Private Communications is a crime.  Therefore, if a defendant records private communications after gaining access, they can be found guilty of Computer Trespass in the First Degree. Simple.
Computer crime cases require experts and/or lay witnesses who are competent in discussing these matters. Speaking for the defense, it’s usually best to hire experts familiar with computer forensics to determine if/when the said access was unlawful and/or intentional. Again, the State must prove intent.