Analisis Peran dan Penanggulangan Kejahatan Siber: Studi Kasus Spearphishing
DOI:
https://doi.org/10.61682/restorative.v1i1.5Keywords:
analysis, case study, cybercrime, roles, spearphishingAbstract
The understanding of the mechanism, modus operandi, and actors involved in a cybercrime is a crucial early step to design cybercrime countermeasure strategies. This paper discusses a hypothetical case of spearphishing that involves the perpetrators, victims, as well as the unwitting participants of the committed cybercrime. Four approaches in cybercrime countermeasures are afterwards elaborated for the aforementioned hypothetical case. It is concluded that countermeasures based on education are the type of countermeasure most feasible and most crucial to be implemented; however, all types of countermeasures have their limitations and therefore have to continuously evolve and develop along with the increasingly sophisticated cybercrime.
Abstrak. Pemahaman mengenai mekanisme, modus operandi, serta pihak-pihak yang terlibat dalam kejahatan siber merupakan langkah awal yang penting untuk merancang strategi penanggulangan tindak kejahatan siber. Karya tulis ini membahas sebuah kasus hipotetis serangan spearphishing yang melibatkan pelaku, korban, beserta pihak-pihak lain yang tanpa disadari juga terlibat dalam kejahatan siber yang dilakukan. Empat jenis pendekatan dalam penanggulangan kejahatan siber dibahas untuk kasus hipotetis tersebut. Disimpulkan bahwa penanggulangan dengan pendekatan edukasi merupakan jenis penanggulangan yang paling memungkinkan dan paling penting untuk dilaksanakan; namun, setiap jenis penanggulangan memiliki keterbatasan dan harus terus dikembangkan seiring dengan juga kejahatan siber yang semakin canggih.
Kata kunci: analisis, kejahatan siber, peran, spearphishing, studi kasus
References
Anderson, R., Barton, C., Böhme, R., Clayton, R., Gañán, C., Grasso, T., Levi, M., Moore, T., & Vasek, M. (2019). Measuring the Changing Cost of Cybercrime. The 2019 Workshop on the Economics of Information Security
Brenner, S. W. (2011). Defining cybercrime: A review of federal and state law. Cybercrime: The Investigation, Prosecution, and Defense of a Computer-Related Crime, 15–104.
Caputo, D. D., Pfleeger, S. L., Freeman, J. D., & Johnson, M. E. (2014). Going Spear Phishing: Exploring Embedded Training and Awareness. IEEE Security & Privacy, 12(1), 28–38. https://doi.org/10.1109/MSP.2013.106
Clarke, R. V. (1995). Situational Crime Prevention. Crime and Justice, 19, 91–150. https://doi.org/10.1086/449230
Djanggih, H., & Qamar, N. (2018). Penerapan Teori-Teori Kriminologi dalam Penanggulangan Kejahatan Siber (Cyber Crime). Pandecta: Research Law Journal, 13(1), 10–23. https://doi.org/10.15294/pandecta.v13i1.14020
Furnall, S. (2010). Hackers, viruses, and malicious software. In Handbook of Internet Crime (pp. 173–193). Willan Publishing.
Gandotra, E., Bansal, D., & Sofat, S. (2016). Zero-day malware detection. 2016 Sixth International Symposium on Embedded Computing and System Design (ISED), 171–175. https://doi.org/10.1109/ISED.2016.7977076
Ghazi-Tehrani, A. K., & Pontell, H. N. (2021). Phishing Evolves: Analyzing the Enduring Cybercrime. Victims & Offenders, 16(3), 316–342. https://doi.org/10.1080/15564886.2020.1829224
Hasan, M. F., Al-Ramadan, N. S., & Professor, A. (2021). Cyber-attacks and Cyber Security Readiness: Iraqi Private Banks Case. In Social Science and Humanities Journal (Vol. 05).
Holt, T. J. (2018). Regulating Cybercrime through Law Enforcement and Industry Mechanisms. The ANNALS of the American Academy of Political and Social Science, 679(1), 140–157. https://doi.org/10.1177/0002716218783679
Ilchenko, O., Chumak, V., Kuzmenko, S., Shelukhin, O., & Dobrovinskyi, A. (2019). Fishing as a cybercrime in the Internet banking system: economic and legal aspects. Journal of Legal, Ethical and Regulatory Issues, 22, 1.
Kim, J.-Y., Bu, S.-J., & Cho, S.-B. (2018). Zero-day malware detection using transferred generative adversarial networks based on deep autoencoders. Information Sciences, 460–461, 83–102. https://doi.org/10.1016/j.ins.2018.04.092
Kirlappos, I., & Sasse, M. A. (2012). Security Education against Phishing: A Modest Proposal for a Major Rethink. IEEE Security & Privacy Magazine, 10(2), 24–32. https://doi.org/10.1109/MSP.2011.179
Kirwan, G., & Power, A. (2013). Cybercrime: The Psychology of Online Offenders. Cambridge University Press. https://books.google.co.id/books?id=U35HVJyADlEC
Li, L., Berki, E., Helenius, M., & Ovaska, S. (2014). Towards a contingency approach with whitelist- and blacklist-based anti-phishing applications: what do usability tests indicate? Behaviour & Information Technology, 33(11), 1136–1147. https://doi.org/10.1080/0144929X.2013.875221
Lin, T., Capecci, D. E., Ellis, D. M., Rocha, H. A., Dommaraju, S., Oliveira, D. S., & Ebner, N. C. (2019). Susceptibility to Spear-Phishing Emails. ACM Transactions on Computer-Human Interaction, 26(5), 1–28. https://doi.org/10.1145/3336141
Marshall, A. S. P. (2008). Identity and identity theft. In R. Bryant (Ed.), Investigating Digital Crime (pp. 179–193). Wiley.
Nield, D. (2017, January). 4 Computer Security Threats You Might Not Be Protecting Against. Https://Gizmodo.Com/4-Computer-Security-Threats-You-Might-Not-Be-Protecting-1791226612.
Raghavan, A. R., & Parthiban, L. (2014). The effect of cybercrime on a Bank’s finances. International Journal of Current Research & Academic Review, 2(2), 173–178.
Thomas, K., Huang, D., Wang, D., Bursztein, E., Grier, C., Holt, T. J., Kruegel, C., McCoy, D., Savage, S., & Vigna, G. (2015). Framing dependencies introduced by underground commoditization. Workshop on the Economics of Information Security.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 Restorative : Journal of Indonesian Probation and Parole System
This work is licensed under a Creative Commons Attribution 4.0 International License.
