What is cybercrime?
May 12, 2021
Extortion, identity theft, international data heists: these are the realities of the cybercriminal underworld. Hiding behind online anonymity, thieves and hackers can extort money from victims on the other side of the planet. What is cybercrime? How is it committed? And is there anything we can do to prevent it?
What is cybercrime?
A cybercrime is a criminal act that targets or utilizes a computer, smartphone, or other connected device. It’s a crime that is committed online.
Cybercriminals attack a wide variety of targets using different methods depending on the victim. Some online criminals focus on extorting money from individuals, while others target databases of businesses and corporate organizations. While most are motivated by wealth, certain hackers also double as political activists, attacking government bodies they deem corrupt.
However, a broad definition of cybercrime isn’t particularly helpful when trying to understand the wide array of criminal acts this term encompasses. Vague phrases like “hacking” — bypassing security restrictions to access private data — refer to an almost limitless variety of actions. Let’s focus on the specific tools, tactics, and intentions of the modern cybercriminal.
Malware delivery and infection
Malware is a useful catch-all term for different forms of malicious software, but it doesn't refer to one specific kind of virus or attack. Specific types of malicious software are involved in almost every type of cybercrime. If an attacker exploits a weakness in an operating system, spies on a user’s keystrokes, or remotely hijacks a device, they're probably using malware.
To benefit from malware, the attacker must first find a way to install it on the target device. This is often referred to as infection, and there are several popular ways to do this:
As a malware delivery method, phishing makes use of social engineering and deception. Disguising themselves as a trusted contact or a legitimate business, the attacker will send an email containing a malicious download link.
A website can be used as a malware host, infecting any visitors who view the page. To this end, perpetrators design their own domains, building a malicious download function directly into the site. To reach more victims, criminals may send page links in phishing emails, or use a similar domain name to a popular website.
Malvertising uses online ads, coded to install malware or redirect users to infectious websites. Cybercriminals try to sneak their pop-ups and banner ads onto legitimate sites, and even if people don’t click on them, some can run automatically as soon as the page loads. A victim may not notice they’ve been targeted; the malvertisement can quietly install its malware and users will continue to browse on their devices, unaware of the infection.
But infection is often just a prelude to the main act of a cybercrime. Having installed malware onto a device, the next step will likely involve some form of theft, with money or data (or both) as the trophy.
Cybercriminals employ a range of techniques to steal, scam, and extort money from their victims. For example, they may use keylogging malware or Wi-Fi spying techniques to secretly view the victim’s browsing traffic and steal their banking credentials when those are inputted on a compromised device.
Targeting both individuals and, increasingly, corporations, some criminals use ransomware — a type of malware that locks the user’s access to a device or database. Once access has been restricted, the perpetrator demands a ransom. With companies paying an average of $370,000 per attack, the global cost of ransomware crime is expected to reach $20 billion next year.
For criminals who don’t rely on malware, social engineering tactics can still convince people to part with their money online willingly. While the notorious Nigerian Prince scam is relatively well known, there are many similar pretexting frauds that have seen people send huge sums of money to criminals posing as businessmen, long-lost family members, and prospective lovers.
For an increasing number of cybercriminals, the way to make real money online is through data theft, rather than directly targeting the victim’s bank account with malware or social engineering. When it comes to this type of cybercrime, businesses and corporations are tempting targets.
Large-scale data breaches will see a company’s private files hacked and their customer information exposed. User passwords, credit card numbers, and other sensitive data can prove incredibly valuable to an attacker, paving the way for more acts of cybercrime in the future.
The average employee in the US has access to around 1,000 sensitive files, and many now work from home, where security protocols may not be properly enforced. By successfully compromising just one employee’s device, a cybercriminal could access a treasure trove of private data, which can then be sold on the dark web or used to facilitate identity theft and further extortion.
Disruption and hacktivism
Not all cybercrime focuses on financial rewards, however. Some criminal acts may be politically motivated, or simply intended to cause disruption.
A disrupted denial of service (DDoS) attack, for example, is an illegal procedure in which the attacker overwhelms a website or application with traffic until it is unable to service legitimate users. In practice, that could mean forcing an entire website to go offline, or just disabling specific page features and functions.
The rise of hacktivism — politically-charged cyberattacks that often target government or corporate bodies — has seen DDoS attacks widely used as a form of protest. Other acts of hacktivism involve defacing official websites with messages and slogans, or exposing government or corporate data through leaks.
Governments have also faced accusations of cybercrime, with China coming under particular scrutiny. When nations and military organisations resort to hacking, they stray into the realm of cyberwarfare.
Who investigates cybercrime?
Cybercrime can be investigated by different agencies at various levels, depending on the nature, severity, and location of the incident. Because perpetrators may not be in the same country as their victims, law enforcement agencies like the FBI in the United States work closely with their international counterparts overseas.
Inter-governmental organisations like Interpol are particularly effective in tracking and apprehending cybercriminals, because they can draw from resources in multiple nations and jurisdictions. They can also train and educate local authorities in different regions on the nuances of responding to cybercrime.
Local police forces may struggle to deal with cybercrime due to a number of reasons, like the complexity of the methods used, the difficulties in tracking online perpetrators, and the lack of legal guidance. However, as cybercrime is becoming ever more present in the 21st century, this will have to change.
How to prevent cybercrime: 5 simple steps
Use antivirus software. While a virus is just one form of malware, antivirus software can be a dynamic and multifunctional tool. A good antivirus firewall detects malicious software and blocks high-risk downloads. Consider using an ad-blocker as well to bolster security and reduce the threat of malvertising.
Protect your passwords. Ensure that you're using long, complex passwords without any detectable patterns or words. Combine characters, numbers, and symbols to protect yourself against brute-forcing software. Avoid using the same login credentials across multiple accounts and find a password manager to simplify the process.
Be wary of email links. Emails and social media messages may contain infectious links, even if the sender seems trustworthy. The best way to guard against these scams is to exercise caution whenever you're asked to click something online. Before engaging with an email, confirm the sender's authenticity: call the company’s helpline, or search online for news of similar scams. Human caution is a strong defense against phishing tactics.
Update your software. Out-of-date software can provide the weak-spots that malware takes advantage of. Anything from a browser extension to your operating system could be the target. Individuals and companies should regularly check for new software patches or set their systems to update automatically.
Use a VPN. A virtual private network (VPN) encrypts the device's browsing data, limiting the risks of Wi-Fi spying and endpoint data breaches. With just one NordVPN account you can enjoy end-to-end encryption on six separate devices. For businesses with a network of hardware to protect, the NordLayer service offers an effective corporate security solution. Start enjoying VPN protection today.
Read the original blog post on NordVPN.