The main phenomenon that influenced the formation of the current society in the 21st century, the active improvement of information and telecommunication technologies began, it is believed that a new period in the history of human civilization has come. But the improvement of network technologies has led not only to the acceleration of the formation of society, but also to the expansion of sources of threat to it.
Experts have already called crime in the information environment one of the threats that have a significant impact on the national security of the Russian Federation. Such concern is absolutely justified: the study of this area illustrates to us that a complex system of criminogenic factors is being created in global computer networks.
The growing problem of low security of global networks from illegal actions is multifaceted and contains a number of elements affecting the range of interests of many. In this regard, foreign scientists have been conducting intensive research on the effects of technological advances on social processes, on the formation of law and the change in crime for quite some time.
When studying international Internet crime statistics, it can be concluded that over the past years Russia has become one of the leaders in the number of cyber attacks worldwide (followed by the United States, China and India).
The following prerequisites may be behind this:
weak legislative framework that regulates the problems of cyberspace and criminal encroachments in it;
complexity of investigation and disclosure;
the complexity of the collection of evidence and the process of proof, due to the emergence of such a definition as a “virtual footprint”;
the lack of generalized judicial and investigative practice for the work of this category;
the lack of a unified program to prevent and combat cybercrime.
There are a number of difficulties in uncovering cybercrimes, one of them is the reluctance of Russians to report a computer offense committed against them to the police, and in addition, the legal illiteracy of people who have encountered computer crime. Another problem of disclosure and prevention of cybercrimes is the significantly high qualification of cybercriminals who do not leave traces of their presence and stay at the place of the committed offense. Often, the “injured party” does not even think about the crime committed in any way, and by the time of detection a large amount of time passes, so all possible traces by which it was possible to reach the offender completely disappear.
The development of computer technologies, new mechanisms aimed at the implementation of Internet crimes and the emergence of a new group of criminals, namely hackers, cybercriminals, was quite ahead of the legislation of the Russian Federation and did not make it possible to quickly create a legal area that would correct the relations formed in the cyber environment and increased the possibility of committing unpunished offenses.
Until now, there is no definition of “cybercrime” in the Criminal Code of the Russian Federation, many experts and scientists have attempted to define this concept. According to V.A. Nomokonov, T.L. Tropina, “cybercrime is more extensive than computer crime and accurately describes such a phenomenon as crime in the information space.” The most complete definition reflecting the nuances of this negative phenomenon is proposed in the article by D.N. Karpova “cybercrime is an act of social deviation with the aim of causing economic, political, moral, ideological, cultural and other types of damage to an individual, an organization, the state through any technical means with Internet access.”
Of the public ways of committing cybercrimes, 2 types can be noted: social engineering and virus programs.
In the book “Social Engineering and Social Hackers” by M.V. Kuznetsov, I.V. Simdyanova, social engineering is described as “manipulation of a person or a group of people in order to hack security systems and steal important information.” The first type consists of a telephone or computer attack on a person in order to obtain personal data. Resorting to the peculiarities of personality psychology, scammers impersonate another person, thereby misleading a person. This psychological method is used by a narrow circle of specialists in the field of information security in order to describe ways of “fishing out” personal data, which is based on knowledge of the peculiarities of human psychology, with the use of blackmail and abuse of trust. The most popular method of social engineering is considered to be fraudulent phishing, or “fishing out” of illiterate Internet users of their confidential information.