Theft – an act of stealing, as we live in a world commonly abbreviated as “modern”. This modern world has to deal with equally modern problems, these problems range from ordering food to carrying out complex business operations. Internet – which can be termed as another primary need of human beings help to manage this modern world. Use of internet, development in the field of digital technologies and e-commerce has seen the fastest growth in the past two decades.
A new space has been created which plays a vital role in driving the world economy and data/information exchange – Cyberspace.
However, with immense potential for growth and development this space also provides opportunities for criminal activities. These criminal activities are called cybercrime. Cybercrimes possess threats to day-to-day operations of businesses, governments and financial transactions. Security is what organizations and countries are looking for and seeking solutions to withstand cybercrime.
Cybersecurity statistics and trends portray a huge increase in hacked and breached data from hardware/devices used in the workplace, mobile devices and IoT devices. According to recent research on “security”, the report suggests that most organizations have the poor infrastructure for cybersecurity and unprotected data as a result of poor cybersecurity practices deployed, making company data vulnerable to data loss.
To prevent such malicious activities, it is imperative that companies should inculcate cybersecurity awareness, prevention and security in their culture.
“As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace” – Newton Lee
“For every lock, there is someone out there trying to pick it or break in” – David Bernstein
“The only thing that can stop a bad guy on internet is a good guy in internet”
STATISTICS – What Numbers have to Say?
- In 2018, Approximately 600 billion dollars are lost to cybercrime every year which is almost 1% of global GDP – CSIS & McAfee.
- Data breaches exposed 4.1 billion records in the first half of 2019 – RiskBased
- Worldwide spending on cybersecurity can reach up to $133.7 billion by 2022, according to a report published by – Gartner
- 62% of business experienced cybersecurity breaches via phishing and social engineering attacks in 2018 – Cybint Solutions.
- The cost of acts like data breach was the highest at $6.5 million in the healthcare industry – IBM
- There will be 3.5 million unfilled cybersecurity jobs globally by 2021 – Cybersecurity Ventures.
- Every 39 seconds a hacker attack is witnessed, on an average 2,244 times a day – University of Maryland.
DESCRIPTION – Let’s take a Deep Dive
Cybercrime is any criminal activity that is committed using a computer over the network. It could be an email scam where you will be asked to wire some money to a noble cause but it could be an attack on your personal data (financial information). Sale of illegal materials over the internet also falls under cybercrime which includes: selling drugs, child pornography, abuse, cyberbullying. As the threats posed via cybercrime is immense causing financial security and personal security concerns, but practising some preventive measures it can be avoided.
Types of Cybercrimes
Cybercrime includes different types of profit-driven criminal activity, such as:
- A ransomware attack – Cyber extortion
- Email and internet fraud
- Identity fraud
- Attempt to steal financial account
- Credit card fraud
- Exit Scams
- Theft of critical corporate data
We can classify cybercrimes broadly into four categories:
Crime against the Individuals: Refers to the crimes which are committed against the will of the victim, the intention is to cause physical or mental harm.
Types of crime against individuals are:
- Unauthorized control/access over the computer system.
- Harassment via electronic mails.
- Dissemination of obscene material.
- Indecent exposure.
- Email spoofing.
Crime against Property: In this type of cybercrimes uses cyber vandalism where hackers steal the information of other organizations or bank details using software to gain access over critical information and company websites etc. Intellectual property crimes (copyright, patents, trademark, etc.) also is a type of crime against property.
Types of crime against property are:
- Computer vandalism.
- Virus transmission.
- Breaching network.
- Unauthorized access to company websites.
- Accessing a paid network of others by using their ISP user ID and password.
- Intellectual Property crimes: Copyright infringement, Trademark infringement, Software piracy.
Crime against Governments or Organizations: These crimes are committed to threaten the citizens of a particular country or possess national threats to other countries, international governments. Propaganda or threat or rumours are spread over military websites, government websites. etc.
Types of crime against governments or organizations are:
- Unauthorized access and cyber terrorism against the organization.
- Posing fake information or rumours.
- Intentionally spread pirate software.
Crime against society: These crimes can be termed as unlawful activities that affect society at large. Types of crime against society are:
- Sale of narcotics, weapons and wildlife, etc.
- Child pornography.
- Indecent exposure of polluting the youth financial crimes.
- Human trafficking.
- Copy of data or imitation of a document, signature, banknote or worl of art – Forgery.
- Online gambling – virtual poker, casinos, sports betting, etc.
- Cloning websites or web jacking.
The U.S. Department of Justice has divided cybercrime into three categories:
- Criminal offense where computing device is targeted, such as gaining network access.
- Criminal offense where a computer is used as a weapon to undertake crime, such as launch of denial-of-service (DOS) attack.
- Criminal offense where computer is used as an accessory to a criminal activity, such as storage of illegally obtained data in a computer.
How does Cybercrime work?
Wherever there is digitally stored data, hackers intend to lookout for an opportunity to gain access to the data and this is supported by a strong motive to steal, threaten or harm the individual, organization, government or nation. Cybercrimes are undertaken by a lone user who is engaged in cyberbullying or a group of individuals who are state-sponsored, e.g. China’s intelligence services. These criminals are constantly in search of new methods and techniques which will help them to avoid detection and arrest.
Malware and other software are used by cybercriminals to carry out their activities, but the most important component of executing cybercrimes is social engineering and phishing emails.
Effect of cybercrimes on businesses
The business faces significant losses due to cybercrimes, McAfee released a report subjected to “economic impact of cybercrime” approximately 600 billion dollars are lost to cybercrime every year. Businesses may suffer disastrous consequences as a result of cybercrimes which includes the following:
- Loss of investor’s trust after a security breach which will cause a drop in the value of the company.
- As a result of potential share price drops, the organization’s face problems to raise capital to operate their businesses.
- Loss of sensitive data related to customers or other financial data may lead to fines and penalties for companies because they failed to secure customers’ data.
- Loss of reputation and hampered brand image result in undermining customers’ trust in a company, leading to the loss of current and potential customers.
- Direct cost is incurred to build a strong infrastructure that’ll withstand cybercrime, these costs include the cost of hiring public relations (PR) teams, cybersecurity companies and other services related to an attack.
Effects of cybercrime on national defence
Classified data related to national security and defence may be hacked and used by terrorist group to breach the national security and unauthorized trespassing.
How to prevent Cybercrime
It is impossible to completely eradicate cybercrime but we can ensure that right steps are followed to reduce the risk of getting hacked. Businesses can reduce their exposure to cybersecurity by maintaining a standard and effective cybersecurity strategy by deploying a defence-in-depth approach to securing systems, data and networks.
Resisting cybercrime is possible if we follow the following steps:
- Design and implement standard policies and procedures for the business and employees.
- Create an SOP of cybersecurity incident response management.
- Security measures which are in place about “how to protect systems and corporate data” should be informed to employees.
- Two-factor authentication (2FA) apps used to be used and use physical security keys.
- Individuals using online platforms for the financial transaction should activate 2FA for all their accounts.
- Intrusion detection system (IDS) rules should be created that flag emails with extensions similar to that of company emails.
- Scrutinize all email requests for transfer of funds to identify and avoid scam mails.
- Employees should be continually trained on cybersecurity policies and procedures and SOP to follow when security breaches occur.
- Back up data and sensitive information regularly to minimize the loss in case of a ransomware attack or data breach.
Encrypting all computer local hard drives and email platforms can help to develop resistance to cybercrime and strengthen information security. This can be achieved by using a virtual private network (VPN) and a private, secured domain name system (DNS) server. Some other tools which can be used to ward off cybercrimes are:
- Digital Signatures: Protects documents from being forged online, also helps in securing bank account etc.
- Secure passwords: Help to guard files from hackers and unwanted intruders.
- Firewalls and Gateways: Keeps data safe and while ensuring the confidentiality of files.
- Anti-Virus Software: Help to secure files and guard against worms, trojans, hackers and unwanted intrusions.
- Secure Wi-Fi Connection: Helps in detecting criminal activities very fast. User can check the IP address to assess if someone else is accessing their email account.
- Security Audit: Conducting a security audit help to check where vulnerabilities lie in the system and can be rectified before a mishap.
- Cyber Forensics: Detection of criminal activities can be done and traced because every cybercriminal leaves behind a digital imprint which can be used to catch hold the culprit.
The POCSO Act is instrumental to punish people who abuse or molest children online. National cybersecurity policy 2013 also plays a vital role to guard citizens against cybercrimes. Some of the projects that are designed to guard criminal activities are:
- Tri-Service Cyber Command for Armed Forces of India
- National Critical Information Infrastructure Protection Centre
- Cyber Attacks Crisis Management Plan of India and the National Technical Research Organisation
- National Cyber Coordination Centre
At times it may feel as if there is no escaping to the trap of cybercriminals. But certainly, this is a serious matter when it comes to data integrity, national security, financial security and personal safety. Which indeed can be taken down by following proper steps to defend yourself or organizations’ data.
Make sure your accounts are protected with a unique password, stay away from spam folder and don’t open of click on links unless you are 100 percent positive it’s safe, recheck URLs and email addresses. It’s better to follow a golden rule “if in doubt, keep it out”.
Cybercrimes is not an enterprise-level businesses concern but also target the small and medium business SMBs, as they are more likely to fall prey of such attacks. However, it is not possible to completely eradicate cybercrimes but it is possible to reduce the chances of being a victim to such attacks.
Aap Kya Sochte Ho?
Reading this article on Cybercrime? Write your thoughts in the comment section below
Join our Telegram Channel to ensure that you receive updates on Latest GD Topics.
Author – Snehal Namade