Introduction to Cybercrime

What is Cybercrime?

• Any criminal behavior involving a computer, a networked device, or a network is referred to as cybercrime. 
• While the majority of cyber-crimes are committed to make money for the perpetrators, some are committed to harm or disable computers or devices directly, while others use computers or networks to transmit malware, illegal information, photos, or other things.
• Some cyber-crime targets computers in order to infect them with a computer virus, which is then disseminated to other computers and, in some cases, entire networks.
• Cyber-crime has a major financial impact; it can include a wide range of profit-driven criminal activity, such as ransomware attacks, email and internet fraud, identity fraud, and efforts to steal financial account, credit card, or other payment card information.
• Individuals' personal information, as well as corporate data, may be targeted by cybercriminals for theft and selling.

Cyber Crime

Defining Cyber-crime

Cyber-crime is divided into three categories by the US Department of Justice (DOJ):

Crimes in which the computing device is the target.

• for example, to gain network access;

Crimes in which the computer is used as a weapon 

• for example, to launch a denial-of-service (DoS) attack; and

Crimes in which the computer is used as an accessory to a crime

• for example, using a computer to store illegally obtained data.

1. The United States is a signatory to the Council of Europe Convention on Cyber-crime, which defines cyber-crime as a wide variety of hostile acts, including illegal data interception, system interference that compromises network integrity and availability, and copyright infringements.
2. Because the criminal does not need to be physically present when committing a crime, the accessibility of internet connectivity has facilitated an increase in the volume and tempo of cyber-crime activities. 
3. Because of the internet's speed, convenience, anonymity, and absence of boundaries, computer-based versions of financial crimes such as ransomware, fraud, and money laundering, as well as stalking and bullying, are becoming more common.
4. Individuals or small organizations with little technical talent may engage in cyber-criminal behavior, as well as highly organized global criminal networks that may include competent coders and others with relevant knowledge. 
5. Cyber-criminals frequently prefer to operate in nations with weak or non-existent cyber-crime legislation in order to lower their chances of being detected and prosecuted.

How Cyber-crime works

• Cyber-crime can start everywhere there is digital data, opportunity, or motivation. Cybercriminals range from individual users who participate in cyberbullying to state-sponsored actors such as China's intelligence services. 
• Cyber-crime does not happen in a vacuum; it is, in many respects, a distributed phenomenon. 
• That is, cybercriminals typically rely on other actors to complete the crime, whether it's a malware creator selling code on the dark web, an illegal pharmaceuticals distributor using cryptocurrency brokers to hold virtual money in escrow, or state threat actors stealing intellectual property using technology subcontractors (IP).
• Cybercriminals utilize a variety of attack vectors to carry out their cyber attacks, and they are always looking for new ways to achieve their objectives while evading notice and prosecution.
• Malware and other sorts of software are frequently used by cybercriminals, but social engineering is often a key component in the execution of most types of cybercrime. 
• Phishing emails are a key component of many sorts of cybercrime, but they're especially vital in targeted operations like business email compromise (BEC), in which an attacker impersonates a firm owner via email in order to persuade employees to pay fake invoices.

Different types of Cyber-crimes

• As previously stated, there are many different sorts of cyber-crime. The majority of cyber-crime is carried out with the expectation of financial benefit by the attackers, though the methods by which cyber-criminals seek payment can vary. 
• The following are examples of certain types of cybercrime:

Cyber extortion: 

• An attack or threat of an attack that is followed by a demand for money to cease the attack. 
• The ransomware attack is one type of cyber extortion in which an attacker gains access to an organization's networks and encrypts its documents and files — everything of potential value — rendering the material inaccessible until a ransom is paid, generally in bitcoin or another cryptocurrency.

Cryptojacking: 

• An exploit that employs scripts to mine bitcoins without the user's permission within browsers. Cryptojacking assaults may entail the victim's computer being infected with cryptocurrency mining software. 
• However, many attacks rely on JavaScript code that performs in-browser mining if the user's browser has a tab or window open on the malicious site; no virus is required because the in-browser mining code is executed when the infected page is loaded.

Identity theft: 

• An attack in which a person gains access to a computer in order to obtain personal information about a user, which they then use to steal that person's identity or gain access to their valuable accounts, such as banking and credit cards. 
• On darknet markets, cybercriminals buy and sell identity information, including financial accounts and other types of accounts such as video streaming services, webmail, video and audio streaming, online auctions, and more. 
• Identity thieves frequently target personal health information as well.

Credit card fraud: 

• An attack in which hackers gain access to a retailer's computer systems in order to steal their customers' credit card and/or financial information. 
• On darknet markets, hackers who have stolen large volumes of credit cards earn by selling them to lower-level cybercriminals who profit from credit card fraud against individual accounts.

Cyberespionage: 

• A cybercrime in which a cybercriminal hacks into a government's or other organization's systems or networks in order to get access to private information. 
• Profit or ideology may be the driving force behind an attack. 
• Cyberespionage activities can include any type of cyberattack to gather, modify, or destroy data, as well as the use of network-connected devices, such as webcams or closed-circuit television (CCTV) cameras, to spy on a targeted individual or group and monitoring communications, such as emails, text messages, and instant messages.

Software piracy: 

• An attack involving the unauthorized copying, dissemination, and usage of software programs for commercial or personal gain. 
• This sort of cyber-crime is frequently related with trademark infringements, copyright infringements, and patent infringements.

Exit scam: 

• Not unexpectedly, the dark web has spawned a digital counterpart of an ancient fraud known as the exit scam. 
• Dark web administrators now transfer virtual cash kept in marketplace escrow accounts to their own accounts, thus stealing from other criminals.

Common examples of Cyber-crime

• Distributed DoS (DDoS) assaults, which are often used to bring down systems and networks, are one of the most popular Cyber-crime attacks. 
• By overloading a network's ability to react to connection requests, this sort of attack turns the network's own communications protocol against it. 
• DDoS assaults are often carried out maliciously or as part of a cyber extortion plan, but they may also be used to divert the victim organization's attention away from another attack or exploit.
• Infecting systems and networks with malware is an example of a system-damaging or user-harming assault. 
• This can be accomplished by causing damage to the system, software, or data stored on it. 
• Ransomware attacks are comparable to ransomware assaults in that the software encrypts or shuts down target computers until a ransom is paid.
• Phishing campaigns are used to infiltrate corporate networks by sending phishing emails to workers, persuading them to open files or click on links that deliver viruses or malware to their computers and, as a result, to the networks of their employers.
• When a cybercriminal attempts to steal or guess user IDs and passwords for the victim's systems or personal accounts, this is known as a credentials attack. 
• They can be carried out by using brute-force assaults, installing key logger software, or exploiting software or hardware flaws that might reveal the victim's credentials.
• Cybercriminals may also attempt to hijack a website in order to edit or remove content or gain unauthorized access to or modify databases. For example, an attacker may use a SQL injection exploit to inject malicious code into a website's database, allowing a hacker to access and try to interfere with records or gain unauthorized access to sensitive information and data, such as customer passwords, credit card numbers, and personally identifiable information.
• Illicit gambling, the selling of illegal products such as guns, narcotics, or counterfeit goods, and the soliciting, creation, possession, or dissemination of child pornography are all instances of Cyber-crime.

Effects of Cyber-crime on businesses

• It's impossible to estimate the actual cost of cybercrime. McAfee issued a research on the economic effect of cybercrime in 2018, estimating a cost to the global economy of almost $600 billion per year, up from $45 billion in 2014.
• While financial damages from cybercrime can be considerable, criminal hacks can also have other devastating effects for organizations, including the following:

1. Investor perception damage from a security breach can lead to a reduction in a company's value.
2. In addition to potential share price drops, businesses may also face increased costs for borrowing and greater difficulty in raising more capital as a result of a cyberattack.
3. Loss of sensitive customer data can result in fines and penalties for companies that have failed to protect their customers' data. Businesses may also be sued over the data breach.
4. Damaged brand identity and loss of reputation after a cyberattack undermine customers' trust in a company and that company's ability to keep their financial data safe. 
5. Following a cyberattack, firms not only lose current customers, but they also lose the ability to gain new customers.

Effects of Cyber-crime on national defense

• Because cybercrime has the potential to affect public health and national security, it is one of the Department of Justice's top objectives. 
• The Federal Bureau of Investigation's (FBI) Cyber Division is the agency within the Department of Justice responsible with fighting cyber-crime in the United States. 
• Strengthening the security and resilience of cyberspace is an essential homeland security objective for the Department of Homeland Security (DHS), and organizations like the US Secret Service (USSS) and US Immigration and Customs Enforcement (ICE) have particular sections dedicated to combatting cybercrime.
• The USSS's Electronic Crimes Task Force (ECTF) looks into instances involving electronic crimes, such as attacks on the country's financial and vital infrastructures. 
• The National Computer Forensics Institute (NCFI) is a division of the USSS that offers computer forensics training to state and local law enforcement, judges, and prosecutors. 
• The FBI, the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA) have formed a collaboration to receive online complaints from victims of cyber crimes or interested third parties.

How to prevent Cyber-crime

While it may not be feasible to entirely eradicate cybercrime and assure total internet security, companies may mitigate their risk by implementing an efficient cyber-security plan that employs a defense-in-depth approach to safeguarding systems, networks, and data.

The following are some actions to take to combat cybercrime:

1. Create a set of clear standards and processes for the company and its workers.
2. To complement these policies and procedures, develop cyber-security incident response management strategies.
3. A description of the security procedures in place to secure systems and business data.
4. Apps that need two-factor authentication (2FA) or physical security keys should be used.
5. When feasible, use two-factor authentication on all online accounts; verbally check the legitimacy of money transfer requests by speaking with a financial manager.
6. Establish intrusion detection system (IDS) rules that identify emails with extensions that are similar to those used by your organization.
7. Examine any email requests for money transfers carefully to see whether they are unusual.
8. Employees should be trained on cyber-security policies and procedures as well as what to do in the case of a security breach on a regular basis.
9. Maintain all software release updates or patches up to date on websites, endpoint devices, and systems.
10. Routinely back up data and information to minimize the impact of a ransomware attack or data breach.
11. Encrypting all computers' local hard drives and email platforms, utilizing a virtual private network (VPN), and using a private, protected domain name system (DNS) server can all help to improve information security and resistance to cyber-attacks.

Cyber-crime legislation and agencies

• As previously stated, a number of government entities in the United States have been formed to deal especially with the monitoring and control of cyber-crime assaults. 
• The FBI's Cyber Division is the federal agency in charge of responding to cybercriminals, terrorists, and foreign enemies. 
• The Cybersecurity and Infrastructure Security Agency is part of the Department of Homeland Security (CISA). To preserve vital infrastructure, this group collaborates between commercial sector and government entities.