When you hear the word “cybercrime”, what comes to mind? Credit card numbers theft? Hacking into your computer? There are several different types of cybercrime, and they are growing at an alarming rate.
Hackers are no longer some anti-social loners who crack the code for bragging rights – hacking came of age and is maturing with interest in business, politics, and social disruption. There is a plethora of tools available for novice and established hacker alike. There are even organizations dedicated to hacking and online criminal activities, where multiple users knowingly and consistently take advantage of the cyberworld – for social, political, and financial gain. Darknet or “deep web” forums are favored by criminals, where they not just offering and procuring cybercrime services, but also use it for despicable crimes not to be mentioned in the business paper.
It is very important, especially in a small business computer security services. Let’s discuss the seven trends that are a must-know for any organization.
The Dirty 7 Cybercrime Trends Businesses Should Look Out For
Crime-As-a-Service model of cybercrime is blooming. With new complexities of criminal activities in the computer world, not everyone is aware of different trends in cybercrime to look out for. It is especially important to consider when it comes to protecting business data and business computer network security.
1 Social Engineering
Social Engineering is defined as “Any act that influences a person to take an action that may or may not be in their best interest.” Here are the two examples of common social engineering techniques:
Phishing is a technique obtaining private information through fraudulent methods. Most common example of phishing would be an e-mail that appears to come from a legitimate resource — a social network, a services company, or a financial institution such as your bank or credit card company — requesting “confirmation” or “verification” of your account by providing sensitive information. It often contains threats or warnings of some drastic consequence if the information is not supplied (such as suspension of your account). The e-mail usually instructs to click on a link to a (fraudulent) website that simulates a legitimate site. It typically urges you to submit a form that is intended to collect your sensitive info, such as username and password, or your card number, ATM card’s PIN a home address. Phishers spam millions of email addresses, counting on their phishing message being received and read by some people who might have accounts at the organization the phishers pretend to represent. They ultimately count on some people to fall for their scam — and because most of us are wired to trust others, and believe in official institutions, many people do fall prey to the phishing scam.
Remember the story of the Trojan horse? Baiting is a cyber-version of that famous method of infiltration. It employs physical media (USB flash drive is a great example) and relies on the curiosity or greed of the potential victim. In this attack, attackers leave malware-infected discs, flash cards, or USB flash drives in places people will find the devices – coffee house, public bathroom, even a parking lot. Baiters count on people being intrigued by legitimate and enticing labels (such as corporate logo and the titles such as “Free Version – Developer Copy”, or “Company Downsizing Employee List 2016”, “Proposed Salaries Restructure”, or “Expected Stock Performance Summary 2017 – Confidential”,) and hope for the victims to pick up and use the media, and BAM! — It compromises PCs “auto-running” media and installs malware, giving attackers access not just to the victim’s desktop, but potentially to the whole organization’s internal computer network. In case of the virus distribution, inserting the malicious media may result in infecting the host computer and any associated networks
Criminals often abuse legitimate anonymity and crypto tools and services, obfuscating their presence and complicating law enforcement investigations. In cryptography, “encryption is the process of encoding messages or information in such a way that only authorized parties can read it.” [Wikipedia]
Encryption does not mean the inability to intercept the message; it obscures the content of the intercepted message. An encryption scheme usually uses a pseudo-random encryption key generated by an algorithm, with intent to allow only the authorized user to decrypt the message using the key.
The point of encryption is to make sure that only those with authorization to access data (in this example, a cybercriminal) to be able to read it, using the decryption key. It would be impossible for somebody who is not intended to read the content (in this case, law enforcement agents) to read the encrypted information. This makes cybercriminals harder to catch – and it gives them more room and time to operate, wreaking havoc in the business world.
Encryption is a major factor in the current exponential growth rate of Ransomware, – a sophisticated method of extorting from businesses and consumers using untraceable digital money as a form of payment.
In a ransomware attack, victims computer gets infected by malicious ransomware code (usually through some form of Social Engineering, as described in section 1). Once the system is infected, the virus encrypts files and folders on local or, any attached drives, and sometimes other computers on the connected network. Victims are typically not able to access data, and presented with a message on the screen with instructions to provide a ransom payment in exchange for a decryption key that may restore access to and decrypt the data. The ransom payment is usually accepted in bitcoins because of the anonymity this digital currency can provide. That brings us to the next segment, cryptocurrency.
A cryptocurrency, a subset of alternative digital currencies, is an online medium of exchange using cryptography. It allows securing the transactions and to control the creation of additional units of the currency. Use of cryptocurrency is difficult to trace, and that allows criminals to procure and offer services and extort money using bitcoins on a much larger scale than in the past since Bitcoin, in particular, continues to be favored for paying for cybercrime services or extorting victims.
4 Data Theft, or Exfiltration
Traditionally attackers were focused on stealing financial data, however, in recent years a growing trend emerged where other data types, such as personal health, medical, or other sensitive data or intellectual property are being targeted and compromised.
A data breach is defined as the intentional or unintentional release of secure information to an untrusted entity. Traditionally data breach was thought of as someone accessing the database for personal gains – such as a salesperson taking company leads data before moving on to the next job. Today, hackers organize massive data breaches to access and resell the valuable data. You may remember a historic data breach at Anthem Insurance where up to 80 million records of personally identifiable information were put at risk. Hackers breached information on tens of millions of records of the insurance company Anthem Inc., stealing data such as patient’s birthdays, medical IDs, social security numbers, mailing and e-mail addresses and more.
5 Distributed Denial-of-Service (DDoS)
If you have seen a completely crashed website, you probably witnessed a distributed denial-of-service (DDoS) attack. DDoS is a process of multiple systems (such as botnets) flooding the bandwidth or resources of a targeted system, such as a web server, with artificial traffic, potentially resulting in disruption or complete server crash.
A botnet is a network of “zombie” computers designed to receive commands without the user’s knowledge. When a server is overloaded with connections, new connections can no longer be accepted. This type of attacks is a great challenge for defense mechanisms, and are hard to track and shut down. Just getting purchasing more bandwidth might not be effective, because the attacker might simply amplify the attack by adding more bots.
As technology gets more available and affordable, DDoS attacks continue to get more complex, to grow and intensify with many attacks combining network and application layer attacks.
6 Brute Force Attacks
In cryptography, a brute-force attack implies an attacker trying many passwords or other types of login credentials with the goal of eventually finding a correct combination. The attacker systematically checks all possible variants until the proper one is determined. Brute-force attacks are an application of brute-force search. It is the problem-solving technique of checking and eliminating each and all candidates until the right one is found.
A brute-force attack is a cryptanalytic attack that can, in theory, be used to attempt to decrypt any encrypted data (That is why it is important to have your data encrypted with an information – theoretically secure methods).
A password “guessing”, is a relatively fast method when used to check for short passwords. Longer passwords require other methods (for example, the dictionary attack) because a brute-force search takes too long. Complex alphanumeric passwords, passphrases, and keys have more possible values. That makes them exponentially more difficult – but theoretically not impossible – to crack, than shorter ones.
Once the correct credentials are determined through brute force attack, the criminals can have access to your system, your network, and your external accounts of various types. “Credential recycling” – re-using authentication credentials discovered in past attacks, allowing criminals to crack your data without further brute force.
7 Card-Not-Present (CNP) fraud
Credit card numbers are easy to steal, and that is why motivated criminals keep finding ways to hack into systems for theft.
CNP fraud involves the unauthorized use of a credit or debit card number, the security code printed on the front or back of a card, and the cardholder’s personal details such as name, phone, and address to purchase products or services in a not-personal e-commerce setting such as online or via telephone.
According to The U.S. Federal Reserve, counterfeit and theft of card details accounted for almost 82% of fraud losses on debit card transactions in 2013. The theft of card details (CNP) was leading the majority of all losses – a 53% to be more specific. Businesses offering services and accepting payments online are susceptible to cybercrime and should be vigilant about proper security protocols.
On the opposite side, that EMV (Europay, MasterCard, and Visa) chip and PIN cards, along with other anti-fraud measures such as geoblocking force card-present fraud crime to migrate the operations to other areas.
What to do if you become a victim of cybercrime
- First of all, immediately report the incident it to the appropriate staff within your organization, most importantly your tech support and network administrators. If your company uses Managed Services Provider (MSP), alert them right away.
- Stop using personal computer until your computer network administrators run the diagnostics and remedy any issues, if found. Use alternative computer in the meanwhile…
- If you think financial accounts may have been compromised, contact your financial institution immediately and close any accounts that may have been compromised. Monitor accounts activity to avoid fraudulent charges.
- If you think your consumer accounts have been compromised, remember this: many people keep their billing information stored in their consumer accounts, such as Amazon or department stores online: change your passwords and remove any credit card information stored there as soon as possible.
- Overall, if password that has been compromised has also been used elsewhere, change those passwords that may have been affected, in respective accounts.
- Report the attack to the Federal Trade Commission.