Cybercrime

Cybercrime, also called computer crime, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. Cybercrime, especially through the Internet, has grown in importance as the computer has become central to commerce, entertainment, and government.It’s predicted that by 2021 cybercrime will cost the world a figure in excess of $6 trillion. It is the fastest growing crime in the US and as it grows the attacks are increasing in size, sophistication and cost, making them all the more terrifying for their targets.The cybersecurity industry is rapidly growing every day. Although more resources are being deployed to counter cyber attacks, the nature of the industry still has a long way to go before we can, as a whole, catch up with these threats. 

Most cybercrime is an attack on information about individuals, corporations, or governments. Although the attacks do not take place on a physical body, they do take place on the personal or corporate virtual body, which is the set of informational attributes that define people and institutions on the Internet. In other words, in the digital age our virtual identities are essential elements of everyday life: we are a bundle of numbers and identifiers in multiple computer databases owned by governments and corporations. Cybercrime highlights the centrality of networked computers in our lives, as well as the fragility of such seemingly solid facts as individual identity.

91% of attacks begin with email phishing Email phishing attacks are engineered to trick their unsuspecting targets into providing sensitive data and information. The majority of phishing attacks will be sent via spam which is why it’s so important that you implement effective anti-spam software such as MailCleaner for your business.

There is a hacker attack every 39 seconds A Clark School study at the University of Maryland is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access— every 39 seconds on average, affecting one in three Americans every year —and the non-secure usernames and passwords we use that give attackers more chance of success.

 Cybercrime, also called computer crime, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. Cybercrime, especially through the Internet, has grown in importance as the computer has become central to commerce, entertainment, and government.

The average cost of an American corporate data breach is almost $8 million. Because of the early and widespread adoption of computers and the Internet in the United States, most of the earliest victims and villains of cybercrime were Americans. By the 21st century, though, hardly a hamlet remained anywhere in the world that had not been touched by cybercrime of one sort or another.

New technologies create new criminal opportunities but few new types of crime. What distinguishes cybercrime from traditional criminal activity? Obviously, one difference is the use of the digital computer, but technology alone is insufficient for any distinction that might exist between different realms of criminal activity. Criminals do not need a computer to commit fraud, traffic in child pornography and intellectual property, steal an identity, or violate someone’s privacy. All those activities existed before the “cyber” prefix became ubiquitous. Cybercrime, especially involving the Internet, represents an extension of existing criminal behaviour alongside some novel illegal activities.

Most cybercrime is an attack on information about individuals, corporations, or governments. Although the attacks do not take place on a physical body, they do take place on the personal or corporate virtual body, which is the set of informational attributes that define people and institutions on the Internet. In other words, in the digital age our virtual identities are essential elements of everyday life: we are a bundle of numbers and identifiers in multiple computer databases owned by governments and corporations. Cybercrime highlights the centrality of networked computers in our lives, as well as the fragility of such seemingly solid facts as individual identity.

An important aspect of cybercrime is its nonlocal character: actions can occur in jurisdictions separated by vast distances. This poses severe problems for law enforcement since previously local or even national crimes now require international cooperation. For example, if a person accesses child pornography located on a computer in a country that does not ban child pornography, is that individual committing a crime in a nation where such materials are illegal? Where exactly does cybercrime take place? Cyberspace is simply a richer version of the space where a telephone conversation takes place, somewhere between the two people having the conversation. As a planet-spanning network, the Internet offers criminals multiple hiding places in the real world as well as in the network itself. However, just as individuals walking on the ground leave marks that a skilled tracker can follow, cybercriminals leave clues as to their identity and location, despite their best efforts to cover their tracks. In order to follow such clues across national boundaries, though, international cybercrime treaties must be ratified.

In 1996 the Council of Europe, together with government representatives from the United States, Canada, and Japan, drafted a preliminary international treaty covering computer crime. Around the world, civil libertarian groups immediately protested provisions in the treaty requiring Internet service providers (ISPs) to store information on their customers’ transactions and to turn this information over on demand. Work on the treaty proceeded nevertheless, and on November 23, 2001, the Council of Europe Convention on Cybercrime was signed by 30 states. The convention came into effect in 2004. Additional protocols, covering terrorist activities and racist and xenophobic cybercrimes, were proposed in 2002 and came into effect in 2006. In addition, various national laws, such as the USA PATRIOT Act of 2001, have expanded law enforcement’s power to monitor and protect computer networks.

Cybercrime ranges across a spectrum of activities. At one end are crimes that involve fundamental breaches of personal or corporate privacy, such as assaults on the integrity of information held in digital depositories and the use of illegally obtained digital information to blackmail a firm or individual. Also at this end of the spectrum is the growing crime of identity theft. Midway along the spectrum lie transaction-based crimes such as fraud, trafficking in child pornography, digital piracy, money laundering, and counterfeiting. These are specific crimes with specific victims, but the criminal hides in the relative anonymity provided by the Internet. Another part of this type of crime involves individuals within corporations or government bureaucracies deliberately altering data for either profit or political objectives. At the other end of the spectrum are those crimes that involve attempts to disrupt the actual workings of the Internet. These range from spam, hacking, and denial of service attacks against specific sites to acts of cyberterrorism—that is, the use of the Internet to cause public disturbances and even death. Cyberterrorism focuses upon the use of the Internet by nonstate actors to affect a nation’s economic and technological infrastructure. Since the September 11 attacks of 2001, public awareness of the threat of cyberterrorism has grown dramatically.

Identity theft and invasion of privacy

Cybercrime affects both a virtual and a real body, but the effects upon each are different. This phenomenon is clearest in the case of identity theft. In the United States, for example, individuals do not have an official identity card but a Social Security number that has long served as a de facto identification number. Taxes are collected on the basis of each citizen’s Social Security number, and many private institutions use the number to keep track of their employees, students, and patients. Access to an individual’s Social Security number affords the opportunity to gather all the documents related to that person’s citizenship—i.e., to steal his identity. Even stolen credit card information can be used to reconstruct an individual’s identity. When criminals steal a firm’s credit card records, they produce two distinct effects. First, they make off with digital information about individuals that is useful in many ways. For example, they might use the credit card information to run up huge bills, forcing the credit card firms to suffer large losses, or they might sell the information to others who can use it in a similar fashion. Second, they might use individual credit card names and numbers to create new identities for other criminals. For example, a criminal might contact the issuing bank of a stolen credit card and change the mailing address on the account. Next, the criminal may get a passport or driver’s license with his own picture but with the victim’s name. With a driver’s license, the criminal can easily acquire a new Social Security card; it is then possible to open bank accounts and receive loans—all with the victim’s credit record and background. The original cardholder might remain unaware of this until the debt is so great that the bank contacts the account holder. Only then does the identity theft become visible. Although identity theft takes places in many countries, researchers and law-enforcement officials are plagued by a lack of information and statistics about the crime worldwide. Cybercrime is clearly, however, an international problem.

In 2015 the U.S. Bureau of Justice Statistics (BJS) released a report on identity theft; in the previous year almost 1.1 million Americans had their identities fraudulently used to open bank, credit card, or utility accounts. The report also stated that another 16.4 million Americans were victimized by account theft, such as use of stolen credit cards and automatic teller machine (ATM) cards. The BJS report showed that while the total number of identity theft victims in the United States had grown by about 1 million since 2012, the total loss incurred by individuals had declined since 2012 by about $10 billion to $15.4 billion. Most of that decline was from a sharp drop in the number of people losing more than $2,000. Most identity theft involved small sums, with losses less than $300 accounting for 54 percent of the total.

Internet fraud

Schemes to defraud consumers abound on the Internet. Among the most famous is the Nigerian, or “419,” scam; the number is a reference to the section of Nigerian law that the scam violates. Although this con has been used with both fax and traditional mail, it has been given new life by the Internet. In the scheme, an individual receives an e-mail asserting that the sender requires help in transferring a large sum of money out of Nigeria or another distant country. Usually, this money is in the form of an asset that is going to be sold, such as oil, or a large amount of cash that requires “laundering” to conceal its source; the variations are endless, and new specifics are constantly being developed. The message asks the recipient to cover some cost of moving the funds out of the country in return for receiving a much larger sum of money in the near future. Should the recipient respond with a check or money order, he is told that complications have developed; more money is required. Over time, victims can lose thousands of dollars that are utterly unrecoverable.

In 2002 the newly formed U.S. Internet Crime Complaint Center (IC3) reported that more than $54 million dollars had been lost through a variety of fraud schemes; this represented a threefold increase over estimated losses of $17 million in 2001. The annual losses grew in subsequent years, reaching $125 million in 2003, about $200 million in 2006, close to $250 million in 2008, and over $1 billion in 2015. In the United States the largest source of fraud is what IC3 calls “non-payment/non-delivery,” in which goods and services either are delivered but not paid for or are paid for but not delivered. Unlike identity theft, where the theft occurs without the victim’s knowledge, these more traditional forms of fraud occur in plain sight. The victim willingly provides private information that enables the crime; hence, these are transactional crimes. Few people would believe someone who walked up to them on the street and promised them easy riches; however, receiving an unsolicited e-mail or visiting a random Web page is sufficiently different that many people easily open their wallets. Despite a vast amount of consumer education, Internet fraud remains a growth industry for criminals and prosecutors. Europe and the United States are far from the only sites of cybercrime. South Korea is among the most wired countries in the world, and its cybercrime fraud statistics are growing at an alarming rate. Japan has also experienced a rapid growth in similar crimes.

ATM fraud Computers also make more mundane types of fraud possible. Take the automated teller machine (ATM) through which many people now get cash. In order to access an account, a user supplies a card and personal identification number (PIN). Criminals have developed means to intercept both the data on the card’s magnetic strip as well as the user’s PIN. In turn, the information is used to create fake cards that are then used to withdraw funds from the unsuspecting individual’s account. For example, in 2002 the New York Times reported that more than 21,000 American bank accounts had been skimmed by a single group engaged in acquiring ATM information illegally. A particularly effective form of fraud has involved the use of ATMs in shopping centres and convenience stores. These machines are free-standing and not physically part of a bank. Criminals can easily set up a machine that looks like a legitimate machine; instead of dispensing money, however, the machine gathers information on users and only tells them that the machine is out of order after they have typed in their PINs. Given that ATMs are the preferred method for dispensing currency all over the world, ATM fraud has become an international problem.

Malware attack is the most costly cyber attack Malware is software that has been designed to gain access to or cause damage to a computer without the knowledge of the operator. It’s normally sent via email as a link or an attachment. With a $2.4 million dollar average cost for companies, this is the most costly form of cyber attack.

Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes As if a pandemic wasn’t scary enough, hackers leveraged the opportunity to attack vulnerable networks as office work moved to personal homes.

File sharing and piracy Through the 1990s, sales of compact discs (CDs) were the major source of revenue for recording companies. Although piracy—that is, the illegal duplication of copyrighted materials—had always been a problem, especially in the Far East, the proliferation on college campuses of inexpensive personal computers capable of capturing music off CDs and sharing them over high-speed (“broadband”) Internet connections became the recording industry’s greatest nightmare. In the United States, the recording industry, represented by the Recording Industry Association of America (RIAA), attacked a single file-sharing service, Napster, which from 1999 to 2001 allowed users across the Internet access to music files, stored in the data-compression format known as MP3, on other users’ computers by way of Napster’s central computer. According to the RIAA, Napster users regularly violated the copyright of recording artists, and the service had to stop. For users, the issues were not so clear-cut. At the core of the Napster case was the issue of fair use. Individuals who had purchased a CD were clearly allowed to listen to the music, whether in their home stereo, automobile sound system, or personal computer. What they did not have the right to do, argued the RIAA, was to make the CD available to thousands of others who could make a perfect digital copy of the music and create their own CDs. Users rejoined that sharing their files was a fair use of copyrighted material for which they had paid a fair price. In the end, the RIAA argued that a whole new class of cybercriminal had been born—the digital pirate—that included just about anyone who had ever shared or downloaded an MP3 file. Although the RIAA successfully shuttered Napster, a new type of file-sharing service, known as peer-to-peer (P2P) networks, sprang up. These decentralized systems do not rely on a central facilitating computer; instead, they consist of millions of users who voluntarily open their own computers to others for file sharing.

Understanding the cyber terminology, threats and opportunities is critical for every person in every business across all industries. By providing advanced cyber training and education solutions in all departments of your business, from marketing and sales to IT and InfoSec, you are investing in your company’s protection against cyber threats.

Categories: News