FORMATIVE ASSESSMENT $1[100$ MARKS$]$

Read the case scenario below and answer ALL questions that follow

Cybercrime: The Flipside Of Technology$$s Beauty

While technological advancements have without doubt contributed to global economic wellbeing, and in many ways, a collectively improved quality of life for global citizens, it has also been accompanied by a curse and scourge of its own. CYBERCRIME. Cybercrime simply put, is any form of criminal activity that is constructively accomplished by the use or abuse of technology. Common examples of cybercrime include the unleashing of malware onto networks to cripple them and their constituent nodes, just as an act of sheer malice, hacking into networks and individual computers to steal or alter data, breaking security codes and illegally accessing networks to encrypt data and then demanding a ransom to guarantee the release of the data so captured.

What global business$/$es and governments need to firmly inculcate into their collective psyche is the fact that cybercrime is no longer what tech$-$criminals and miscreants do just for fun. It has evolved into a global industry, and for those involved it is business. In $2011,$ the FBI conducted a survey across $24$ countries and the survey concluded that the cyber underworld as a collective economy in those $24$ countries alone was worth $$388$ Billion. In the same year Russia, which boasts a thriving cyber underworld had a cybercrime economy the size of which was $$1\mathrm{.}9$ Billion. These figures are apparently underestimated since most victims of cybercrime do not report incidents of hits for various reasons ranging from avoiding reputational damage to fear of triggering a general lack of confidence in customers which can damage their bottom line. Business organizations which experience cybercrime are therefore generally left in a decision quandary as to whether to report the incidents thereby giving stakeholders the impression that their Information Security Protocols are lax, or just find an internal solution and move on with business and life.

Most countries including South Africa have made an effort to craft legislation in order to help combat and therefore minimize cybercrime. The biggest problem each country has faced in the common sense is that technology has razed down physical borders and the significance of territories as legal jurisdictions. Cybercriminals do not only target victims who are in the same territory as them. The ubiquity and power of technology enable them to target anyone anywhere as long as the reward for their effort is appealing enough. This presents a problem which almost immediately invalidates the application of legal frameworks across jurisdictions as there is always a lack of congruence in terms of how the law and its nuances are interpreted across different territories and jurisdictions. Further to this, even if there is a semblance of willingness between parties to carry out a collaborative investigation, the time it takes to put together all the required legal formalities and logistics across many territories in order to initiate an investigation is quite long which allows criminals time enough to erase any trace of their footprints along the path$/$s or loci of the crime$/$s committed.

Time lag issues are not only a characteristic of inter$-$territorial investigations. Even if it is established that the address of the machine which initiated a cybercriminal act is a territorially local one, it still takes long to pool together resources to carry out an investigation, long enough for the criminal$/$s to successfully temper with the $$crime scene$.$ For this reason, business organizations resort to employing their own Information Security and cybercrime investigating teams as a mechanism of self$-$defense. This may be part of the wider reason why most incidents of cybercrime go unreported as organizations seek a quick resolution to the problem in a way that enables them to rather quickly go back to business than endure the frustration resulting from the red tape associated with officially reporting cybercrime incidents.

The ubiquity of technology compounded by the fact that technology itself has matured fully to the extent that people need little to no training in order to harness it in crime, means therefore that the threshold related to the cost of perpetrating an act of cybercrime is quite low. The cost being that low is great encouragement for criminals, especially cyber$-$extortionists whose initial outlay is negligibly low compared to the possibility of $$scoring$$ a few hundred thousand dollars after locking a company$$s access to its data before demanding a ransom for its release, for example.

Innovation unfortunately and inadvertently creates a catch$-22$ situation when viewed from the perspective of combating cybercrime. As technology continues to advance, especially with Artificial Intelligence being a major enabler, the cybercrime industry also harnesses these uber$-$technologies to achieve th