Cyber-crime years. Cyber-crimes have become a real threat

Cyber-crime is a crime in which computer is used as a tool to commit
the offence.It’s a most common offence all over the world especially in HKfor recent
years. Cyber-crimes have become a real threat today and are quite different
from old-school crime, such as robbing, mugging or stealing. The criminals can
use their knowledge to gain benefits quickly and easily without having to do an
honest day’s work and even physical presence. In this essay, I would like to focus
on cyber deception in cyber-crime and discuss whether traditional law
enforcement agencies equipped well to deal with cyber-crime.


Laptops and smart devices, such as mobile phones and tablets, bring
us a convenient access to the internet. With the high penetration rate of
mobile devices, it’s without doubt that cyber-crime has become one of the most common
types of criminal cases nowadays. Cyber-crime can be in various forms, very
dangerous and complicated,such as social media deception, identity or
information theft, E-banking fraud, ransomware attack targeting hospital,
government or large business, network intrusion to hack competitor’s website and
even cyber-terrorism. Recently, there was an information breachcase in a famous
local travel agency, in which 20,000 customers informationwas stolen due
toransomware attack.1The
law enforcement agencies in Hong Kong handle more than thirtythousandcrime cases
every year.

Best services for writing your paper according to Trustpilot

Premium Partner
From $18.00 per page
4,8 / 5
Writers Experience
Recommended Service
From $13.90 per page
4,6 / 5
Writers Experience
From $20.00 per page
4,5 / 5
Writers Experience
* All Partners were chosen among 50+ writing services by our Customer Satisfaction Team


According to the statistics from the Info Security Office of the government2,
the total number of computer crime cases in Hong Kong grew rapidly for the past
eight years. In 2009, there were 1506 cases related to cyber-crime in Hong Kong.
The figure gradually increased to around 1600 next year and kept an average 35%
increment the following two years. There were 3015 cases recorded in total in
2012, which was double the total number of cases in 2009. The trend was even
worse after 2012.  There were 5133 cases
in 2013, 6778 cases in 2014, 6862 cases in 2015 and 5939 cases in 2016. The
dramatic growth on the­­­­­ case numbers shows us that the computer crime is
getting more and more common in recent years.Though the number becomes steady now,
it’s still putting high pressure on the law enforcement units.The portion of cyber-crime
cases is weighing a lot and needs our great concern.


Apart from the statistics on total
number of cases, ­­we should be aware of the huge financial loss every year due
to these technology offences. In 2009 & 2010, there was only 45.1 and 60.38
million Hong Kong dollars financial loss caused by cyber-crime. Later in 2011
and 2012, the total financial loss was doubling the previous year. In 2013, it
was 916.9 million dollars, even triple of 2012. Then in the following years,
the amount of financial loss was worsening, 1200.68 million dollars in 2014,
1828.9 million dollars in 2015 and 2301 million dollars in 2016.


The above figures reveal that cyber-crime is truly affecting our
society and puts high demand on the law enforcement agencies.The traditional
law enforcement targeting crime3involves
answering calls from the 999 hot-line and patrolling our communities looking
for occurring crimes, which have been working in Hong Kong for decades.
However, it is obvious that cyber-crime cannot be noticed while patrolling in
the communities. The traditional policing is mainly effective in the real


Due to the continuous growth on the cyber-crime rate, the government
and law enforcement agencieshave adopted various strategies to combat those
deception cases occurred in HK. The Cyber Security and Technology Crime Bureau
(CSTCB) is established, updatedfrom the former Technology Crime Division,to
tackle with cyber security issues and carry out technology crime
investigations, computer forensic examinations and prevention of technology
crime.4 CSTCB
is also responsible for maintaining close liaison with local and overseas law
enforcement agencies for combating cross-border technology crime. There are now
238 people working in CSTCB to maintain the cyber security level. CSTCB
involves in crime investigation depending on the complexity of the technology
cases. For high-end and complex technologies crimes, CSTCB performs a leading role
in the investigation. But for those with low level of technological elements,
CSTCB only provides assistance in collecting technological evidence or advises
on technological issues. It is interesting that CSTCB also performs cyberpatrolling
on the internet to address cyber-crime. Cyber patrol is mainly for searching information
through public platforms on the internet. CSTCB will not retain any statistical
figures of the web pages browsed. They conduct professional search for via social
platforms according to their operational priorities and analyze the possible
crime-related information got.


Technology changes the
life we live, also brings transformationto traditional crime. One of the
easiest ways to take advantages of the online world is deception. The deception
cases in first ten months of 2017 weighs more than 12% of the overall crime
rate.5Cyber deception
has no boundaries and requires less cost.It becomes one of major offencesrecently.
For example,an employee of logistic company received phone and email
communications from an existing trusted vendor. The vendor asked them to make a
payment on several invoices to a new account at a different bank. When the
company transfers the money to a new account which is from a fraudster who had
hacked the vendor’s email account, then the business will lose all the money. Even
they report the case to the police, it’s hard to chase the fraudster because of
physical location and the difficulties of identifying the real offender of the


Through network investigation, IP address of the offender’s computer
can be captured in routing traffic on various servers. The IP address only
helps on finding the computer, but not the offender’s identity. Since it’s
common for a family to share the same computer and the targeting IP could be
from an internet cafe which means even harder to spot the offender. If the IP
address is from overseas, then the investigation will depend on the severity
level of the crime. Hong Kong Police solely responsible for enforcing laws
inside the territory, any crimes beyond the boundary require assistance from
local police force. Laws differ from country to country so that geographic jurisdiction
is such a big issue while handling cyber deception.


Another point we need to consider is the difficulties of
investigation and prosecution in the cyber world, which is more sophisticated
compared to real world crime. Most ordinances in Hong Kong under existing law
legislation can be applied to the cyber world of the internet. There are five
relevant legislation targeting on cyber criminals, i.e. Access to computer with
criminal or dishonest intent, Destroying or damaging property, Unauthorized
access to computer by telecommunicationscontrol of obscene and indecent
articles ordinance and Prevention of Child Pornography Ordinance.6The
law protects our citizens’ human right with the presumption that a person is
innocent until proven guilty in a fair trial. Then the burden of proof falls to
the prosecution.As we can imagine, it’s always hard to find any witness of
cyber-crimes. Therefore, it’s imperative to keep the integrity of the digital evidence
to convict somebody of an offence beyond reasonable doubt. Digital evidence can
be obtained from the examination by an investigator. However, when it comes to
the original structure of digital evidence, its binary format is just a series
of one and zero represented by magnetization, radio and light pulses. This
nature of digital evidence makes it fragile, easy to amend and even lost. For
sophisticated criminals, they may have the ability to setup automatic program
to destroy the evidence while third person access is detected.


Finally, the high workload of the forensic examination unit is
another factor.All the searched digital devices from the criminals are not
allowed to be switched on by the investigators alone because of the chance to
affect the evidence. The examination requires special forensic software and
equipment to maintain the integrity of the evidence.7It
demands CSTCB, the only department with adequate knowledge and tools, to handle
the digital evidence.When all the digital exhibits go to CSTCB, we can imagine
how heavy their workload is. As we know, there are around two hundred staff in
CSTCB. Other than those responsible for cyber patrolling, analyzing statistics,
training and coordination, not many left for forensic verification. It is usual
to wait for months for the forensic examination to take place. The queuing
sequence varies by the severity of the crime cases and according to the court
date of the trial.Cyber-crime always require fast response on case handling to
minimize the impact or loss. If there are more human resources put on the work
of forensic verification, the digital evidence examination will be performed
faster to have an earlier investigation on the cyber-crime, thus reducing the
financial loss every year.Currently CSTCB opens recruitment once every 1-2
years. It is obviously that the headcounts in this unit should be increased to
meet the rapid growth of technology crime rate.


By the way, Anti-Deception-Coordination-Centre
(ADCC) was established in July 2017 and set up a 24hours enquiry hotline “Anti-ScamHelpline
18222” for the public to provide immediate consultation.8 Other
than serving the public, the center also supports frontline units of the force
in handling suspicious deception cases. They have tackled 200 frauds complaints
and successfully foiled 50 scams in the first two months of their
establishment. The payments amount of sixty million Hong Kong dollars has been
halted to local and international fraudsters.9 


We can see that the police force has working hard to combat
technology crimes. However, the investigation work is getting harder than
expect. Technology change rapidly in the past decade and we believe that it
will go even faster in the future. The police force must be prepared for the
new challenges in the cyber world. Continuous training should be providedpinpointing
to the newest technology and crime trend.Like other countries, analytical software
is now used in Hong Kong toanalyze the criminal pattern, recognize the
connection between various cases and potentially predict the next crime.10Relevant
training will be provided to the crime teams. If they can make good use of the
system, it will help targeting the criminals more effectively. Compared to the traditional
reactive case handling, intelligence driven is the new trend for investigation.On
the other hand, theexisting technology courses in the force is solely targeting
particular working fields such as the forensic team. Other police constables,
after leaving the training school, may not have the chance to have proper training
on the newest technology. Actually, every police should have up-to-date
knowledge on technology and increase their awareness of cyber security, for
example how to protect their personal information in cyber world and how to search
for information they need through social platform11.
Thus, there is a need to provide regular on-job training or set up a channel to
update all frontline officers with the hottestcyber issues.Enhancing the
technology knowledge of the whole team is the way better equipping for future


above discussion shows the difficulties about dealing with technology crimes
and there are only one unit handling digital forensic in Hong Kong. To recall, geographical
locationand perception of anonymity are challenges incyber-crime investigation.
Technical requirements on preserving integrity of digital evidence brings
constrain to the case handling. Also, digital evidence always takes long time
to examine due to the limited resources. Though the force is doing a lot, it is
always difficult to enforce law with cyber-crime. Thus, I would say the
traditional law enforcement agencies in Hong Kong is yet equipped to deal with
cyber-crime. We are here to recommend that more resources should be given to CSTCB
to strengthen the forensic investigation team. Internal recruitment should be
opened more frequently to attract more talents joining. Although training a
crime investigator into a professional forensic examiner may take lots of time
and money, this investment is worthyas they will become asset of the force.
Also, technology trainingshould be offered from time-to-time to cover wider
range of positions within the police force. The law enforcement agencies should
keep updatingthemselves for the rapid changing cyber world. The way is still far
to go.

1South China Morning Post. (2017). How hackers stole 20,000 people’s
card details from Hong Kong firm. online Available at:
Accessed 4 Dec. 2017. (2017). InfoSec – Statistics.
online Available at:
Accessed 25 Nov. 2017. (2017). online Available at:
Accessed 3 Dec. 2017. (2017). Cyber Security and Technology Crime Bureau
(CSTCB) | Hong Kong Police Force. online Available at: Accessed 3 Dec. 2017. (2017). Crime Statistics Comparison | Hong Kong
Police Force. online Available at: Accessed 30 Nov.
2017. (2017). Technology Crime Division(TCD)
| Hong Kong Police Force. online Available at:
Accessed 25 Nov. 2017.

7Moore, R.
(n.d.). Cybercrime: Investigating High-Technology Computer Crime. Chapter
11, an introduction to computer forensic (2017). ???? | ??????? (ADCC) | ?????. online Available at: Accessed 18Nov.

9South China Morning Post. (2017). How a new police unit foiled
scam cases totalling HK$60 million. online Available at:
Accessed 28 Nov. 2017.

10Solar, P. and Solar, P. (2017). How Technology Is Changing Law
Enforcement. online TechCo. Available at:
Accessed 4 Dec. 2017

11 MURALI, S.P. (2017). Detecting Cyber Bullies on Twitter using Machine
Learning Techniques. International Journal of Information Security and
Cybercrime, 6(1), 63-66.