Cyber Crime
Cyber crime is any criminal activity that involves a computer, networked device
or a network. While most cyber crimes are carried out in order to generate profit
for the Cyber criminals, some cyber crimes are carried out against computers or
devices directly to damage or disable them, while others use computers or
networks to spread malware, illegal information, images or other materials.
Some cyber crimes do both -- i.e., target computers to infect them with viruses,
which are then spread to other machines and, sometimes, entire networks.
A primary impact from cyber crime is financial, and cybercrime can include many
different types of profit-driven criminal activity, including ransom ware attacks,
email and internet fraud and identity fraud, as well as attempts to steal
financial account, credit card or other payment card information. Cyber
criminals
may target private personal information, as well as corporate data for theft and
resale.
Defining cyber crime
The U.S. Department of Justice divides cybercrime into three categories: crimes
in which the computing device is the target, for example, to gain network
access; crimes in which the computer is used as a weapon, for example, to launch
a denial-of-service (DoS) attack; and crimes in which the computer is used as an
accessory to a crime, for example, using a computer to store illegally obtained
data.
The Council of Europe Convention on Cyber crime, to which the United States is a
signatory, defines cyber crime as a wide range of malicious activities, including
the illegal interception of data, system interferences that compromise network
integrity and availability, and copyright infringements. Other forms of
cyber crime include illegal gambling, the sale of illegal items, like weapons,
drugs or counterfeit goods, as well as the solicitation, production, possession
or distribution of child pornography.
The ubiquity of internet connectivity has enabled an increase in the volume and
pace of cyber crime activities because the criminal no longer needs to be
physically present when committing a crime. The internet's speed, convenience,
anonymity and lack of borders make computer-based variations of financial
crimes, such as ransom ware, fraud and money laundering, as well as hate crimes,
such as stalking and bullying, easier to carry out.
Cyber criminal activity may be carried out by individuals or small groups with
relatively little technical skill or by highly organized global criminal groups
that may include skilled developers and others with relevant expertise. To
further reduce the chances of detection and prosecution, Cyber criminals often
choose to operate in countries with weak or nonexistent cyber crime laws.
How cyber crime works
Cyber criminals use a number of attack vectors to carry out their cyberattacks
and are constantly seeking new methods and techniques for achieving their goals,
while avoiding detection and arrest.
Here are common types of attacks Cyber criminals have been known to use:
# Distributed DoS attacks are often used to shut down systems and
networks. This type of attack uses a network's own communications protocol
against it by overwhelming its ability to respond to connection requests. DoS
attacks are sometimes carried out simply for malicious reasons but they may also
be used to distract the victim organization from some other attack or exploit
carried out at the same time.
# Infecting systems and networks with malware is used to damage the
system or harm users by, for example, damaging the system, software or data
stored on the system. Ransomware attacks are similar, but the malware acts by
encrypting or shutting down victim systems until a ransom is paid.
# Phishing campaigns are used to infiltrate corporate networks by
sending fraudulent email to users in an organization, enticing them to download
attachments or click on links that then spread viruses or malware to their
systems and through their systems to their company's networks.
# Credentials attacks, where the cybercriminal aims to steal or guess
user IDs and passwords for the victim's systems or personal accounts, can be
carried out through the use of brute force attacks by installing key sniffer
software or by exploiting vulnerabilities in software or hardware that can
expose the victim's credentials.
# Cyber criminals may also attempt to hijack a website to change or
delete content or to access or modify databases without authorization. For
example, an attacker may use an SQL injection exploit to insert malicious code
into a website, which can then be used to exploit vulnerabilities in the
website's database, enabling a hacker to access and tamper with records or gain
unauthorized access to data, such as customer passwords, credit card
numbers, personally identifiable information (PII), trade secrets, intellectual
property and other sensitive information.
Cyber criminals often carry out their activities using malware and other types of
software, but social engineering is often an important component for executing
most types of cybercrime. Phishing email is an important component to many types
of cybercrime, but especially so for targeted attacks, like business email
compromise (BEC), in which the attacker attempts to impersonate, via email, a
business owner in order to convince employees to pay out bogus invoices.
Where does cyber crime come from?
Cyber crime can begin wherever there is digital data, opportunity, and motive.
Cyber criminals include everyone from the lone user engaged in cyber bullying to
state-sponsored actors, like China’s intelligence services. Cyber crimes
generally do not occur in a vacuum; they are, in many ways, distributed in
nature. That is, cyber criminals typically rely on other actors to complete the
crime, whether it’s the creator of malware using the dark web to sell code, the
distributor of illegal pharmaceuticals using cryptocurrency brokers to hold
virtual money in escrow, or state threat actors relying on technology
subcontractors to steal intellectual property.
Types of cyber crime
There are many different types of cybercrime; most cybercrimes are carried out
with the expectation of financial gain by the attackers, though the ways
Cyber criminals aim to get paid can vary.
For example:
# Cyber extortion is crime involving an attack or threat of attack
coupled with a demand for money to stop the attack. One form of cyberextortion
is the ransomware attack, in which the attacker gains access to an
organization's systems and encrypts its documents, files -- anything of
potential value -- making the data inaccessible until a ransom is paid, usually
in some form of crypto currency, such as bitcoin.
# Crypto jacking attacks use scripts to mine cryptocurrencies within
browsers without the user's consent. Such attacks may involve loading
cryptocurrency mining software to the victim's system. However, many attacks
depend on JavaScript code that does in-browser mining as long as the user's
browser has a tab or window open on the malicious site; no malware needs to be
installed as loading the affected page executes the in-browser mining code.
# Identity theft occurs when an attacker accesses a computer to glean a
user's personal information that they can then use to steal that person's
identity or access bank or other accounts. Cyber criminals buy and sell identity
information on darknet markets, offering financial accounts, as well as other
types of accounts, like video streaming services, webmail, video and audio
streaming, online auctions and more. Personal health information is another
frequent target of identity thieves.
# Credit card fraud occurs when hackers infiltrate retailers' systems to
get the credit card and/or banking information of their customers. Stolen
payment cards can be bought and sold in bulk on darknet markets, where hackers
who have stolen mass quantities of credit cards profit by selling to lower-level
Cyber criminals who profit through credit card fraud against individual accounts.
# Ransomware is a form of cyberextortion in which the victim device is
infected with malware that prevents the owner from using the device or the data
stored on it. To regain access to the device or data, the victim has to pay the
hacker a ransom. Ransomware can be inadvertently downloaded by opening an
infected email attachment, visiting a compromised website or clicking on a
pop-up ad.
# Cyber espionage occurs when a cyber criminal hacks into systems or
networks to gain access to confidential information held by a government or
other organization. Attacks may be motivated by profit or by ideology, and
cyberespionage activities can include every type of cyberattack to gather,
modify or destroy data, as well as using network-connected devices, like webcams
or closed-circuit TV (CCTV) cameras, to spy on a targeted individual or groups
and monitoring communications, including email, text messages and instant
messages.
# The dark web not surprisingly has given rise to the digital form of an
old crime known as the "
exit scam." In today’s form, dark web administrators
divert virtual currency held in marketplace escrow accounts to their own
accounts -- essentially, criminals stealing from other criminals.
Impact of cyber crime on businesses
The true cost of cybercrime is difficult to accurately assess. In 2018, McAfee
released a report on the economic impact of cybercrime that estimated the likely
annual cost to the global economy was nearly $600 billion, up from $45 billion
in 2014.
While the financial losses due to cybercrime can be significant, businesses can
also suffer other disastrous consequences as a result of criminal cyberattacks,
including:
# Damage to investor perception after a security breach can cause a drop
in the value of a company. In addition to potential share price drops,
businesses may also face increased costs for borrowing and greater difficulty in
raising more capital as a result of a cyberattack.
# Loss of sensitive customer data can result in fines and penalties for
companies that have failed to protect their customers' data. Businesses may also
be sued over the data breach.
# Damaged brand identity and loss of reputation after a cyberattack
undermine customers' trust in a company and that company's ability to keep their
financial data safe. Following a cyberattack, firms not only lose current
customers, they also lose the ability to gain new customers.
Businesses may also incur direct costs from a criminal cyberattack, including
the cost of hiring cybersecurity companies to do incident response and
remediation, as well as public relations and other services related to an attack
and increased insurance premium costs.
Impact of cyber crime on national defense
Cybercrimes may have public health and national security implications, making
computer crime one of the Department of Justice's top priorities. In the United
States, at the federal level, the FBI's Cyber Division is the agency within the
Department of Justice that is charged with combating cybercrime. The Department
of Homeland Security (DHS) sees strengthening the security and resilience of
cyberspace as an important homeland security mission, and agencies such as
the U.S. Secret Service (USSS) and U.S. Immigration and Customs Enforcement
(ICE) have special divisions dedicated to combating cybercrime.
The Secret Service's Electronic Crimes Task Force (ECTF) investigates cases that
involve electronic crimes, particularly attacks on the nation's financial and
critical infrastructures. The Secret Service also runs the National Computer
Forensics Institute (NCFI), which provides state and local law enforcement,
judges and prosecutors with training in computer forensics. The Internet Crime
Complaint Center (IC3), a partnership between the FBI, the National White Collar
Crime Center (NW3C) and the Bureau of Justice Assistance (BJA), accepts online
complaints from victims of internet crimes or interested third parties.
How to prevent cyber crime
While it may not be possible to completely eradicate cybercrime, businesses can
reduce their exposure to it by maintaining an effective cybersecurity strategy
using a defense in depth approach to securing systems, networks and data.
Some steps for resisting cyber crime include:
# develop clear policies and procedures for the business and employees;
# outline the security measures that are in place about how to protect
systems and corporate data;
# use two-factor authentication apps or physical security keys: Activate
two-factor authentication on every online account when possible;
# verbally verify the authenticity of requests to send money by talking
to a financial manager;
# create intrusion detection system rules that flag emails with
extensions that are similar to company emails
# carefully scrutinize all email requests for transfer of funds to
determine if the requests are out of the ordinary.
What cyber crime means
# create a cybersecurity incident response management plans to support
these policies and procedures;
# continually train employees on cybersecurity policies and procedures
and what to do in the event of security breaches;
# keep websites, endpoint devices and systems current with all software
release updates or patches; and
# back up data and information regularly to reduce the damage in case of
a ransomware attack or data breach.
Written By:- Hardik Soni (student), KR Mangalam University,Haryana
Email:
[email protected]
Please Drop Your Comments