INTRODUCTION
Cybercrime is considered one the most dangerous threats for the development of any state; it has a serious impact on every aspect of the growth of a country. Government entities, non-profit organizations, private companies and citizens are all potential targets of the cyber-criminal syndicate.
The “cybercrime
industry” operates exactly as legitimate businesses working on a global scale,
with security researchers estimating the overall amount of losses to be
quantified in the order of billions of dollars each year. In respect to other
sectors, it has the capability to quickly react to new business opportunities,
benefiting from the global crisis that – in many contexts – caused a
significant reduction in spending on information security.
This work is aimed at
acting as an eye opener to internet users through the definition, types, and
recovery plans from computer crimes in order to enhance the continuity of a
business. As Internet usage is growing daily the world is coming closer. The
World Wide Web sounds like a vast phenomenon but surprisingly one of its
qualities is bringing the world closer making it a smaller place to live in for
its users. However, it has also managed to create another problem for people
who spend long hours browsing the Cyber World – which is cyber-crimes. While
law enforcement agencies are trying to tackle this problem, it is growing
steadily and many people have become victims of hacking, theft, identity theft and malicious software. One of the
best ways to avoid being a victim of cyber-crimes and protecting your sensitive
information is by making use of impenetrable security that uses a unified
system of software and hardware to authenticate any information that is sent or
accessed over the Internet.
HISTORY
OF CYBER CRIME
When computers and
networks came into being in the 1990s, hacking was done basically to get more
information about the systems. Hackers even competed against one another to win
the tag of the best hacker. As a result, many networks were affected; right
from the military to commercial organizations. Initially, these hacking
attempts were brushed off as mere nuisance as they did not pose a long-term
threat. However, with malicious software becoming ubiquitous during the same
period, hacking started making networks and systems slow. As hackers became
more skillful, they started using their knowledge and expertise to gain benefit
by exploiting and victimizing others.
CYBER
CRIME IN MODERN SOCIETY
Today, criminals that
indulge in cyber-crimes are not driven by ego or expertise. Instead, they want
to use their knowledge to gain benefits quickly. They are using their expertise
to steal, deceive and exploit people as they find it easy to earn money without
having to do an honest day’s work. Cyber-crimes have become a real threat today
and are quite different from old-school crimes, such as robbing, mugging or
stealing. Unlike these crimes, cyber-crimes can be committed single handedly
and does not require the physical presence of the criminals. The crimes can be
committed from a remote location and the criminals need not worry about the law
enforcement agencies in the country where they are committing crimes. The same
systems that have made it easier for people to conduct e-commerce and online
transactions are now being exploited by cyber criminals.
DEFINITION
Computer crime is an
act performed by a knowledgeable computer user, sometimes referred to as a
hacker that illegally browses or steals a company’s or individual’s private
information. In some cases, this person
or group or individuals may be malicious and destroy or otherwise corrupt the
computer or data files. Also, computer crime is any crime committed with
the help of a computer. More specifically, it entails an ever growing
series of categories detailing specific wrong doing facilitated by a computer.
Computer crime is also known as cybercrime, e- crime, electronic crime or
hi-tech crime.
CATEGORIES
OF CYBER CRIME
Cyber-crimes are
broadly categorized into three categories, namely
1.
Individual
2. Property
3. Government
Each category can use a
variety of methods and the methods used vary from one criminal to another.
Individual:
This type of cyber-crime can be in the form of cyber stalking, distributing
pornography, trafficking and “grooming”. Today, law enforcement agencies are
taking this category of cyber-crime very seriously and are joining forces
internationally to reach and arrest the perpetrators.
Property:
Just like in the real world where a criminal can steal and rob, even in the
cyber world criminals resort to stealing and robbing. In this case, they can
steal a person’s bank details and siphon off money; misuse the credit card to
make numerous purchases online; run a scam to get naïve people to part with
their hard earned money; use malicious software to gain access to an
organization’s website or disrupt the systems of the organization. The
malicious software can also damage software and hardware, just like vandals
damage property in the offline world.
Government:
Although not as common as the other two categories, crimes against a government
are referred to as cyber terrorism. If successful, this category can wreak
havoc and cause panic amongst the civilian population. In this category,
criminals hack government websites, military websites or circulate propaganda.
The perpetrators can be terrorist outfits or unfriendly governments of other
nations.
CAUSES
OF CYBER CRIME
Wherever the rate of
return on investment is high and the risk is low, you are bound to find people
willing to take advantage of the situation. This is exactly what happens in cyber-crime.
Accessing sensitive information and data and using it means a rich harvest of
returns and catching such criminals is difficult. Hence, this has led to a rise
in cyber-crime across the world.
TYPES
OF COMPUTER CRIMES
Computer crimes are of
various nature or types. We have the crimes that is committed against computer
and crimes committed with computer. The crimes committed against computer deals
with the various viruses or malicious computer software’s introduced into the
computer which destroys or corrupt the existing or built-in software or data
files. On the other hand, crimes
committed with computer are the various malicious works done with the help of a
computer.
Crimes
committed against computers are:
SPAMMING:
This means distributing
unsolicited e-mail to dozens or hundreds of different address.
SPOOFING
This is the act of
deceiving a system into thinking you are someone you really are not.
UNAUTHORIZED
ACCESS
This is gaining access
to system when you have no permission to access. This is a type of crime
wherein a person’s computer is broken into so that this personal or sensitive
information can be accessed. In the United States, hacking is classified as a
felony and punishable as such. This is different from ethical hacking, which
many organizations use to check their Internet security protection. In hacking,
the criminal uses a variety of software to enter a person’s computer and the
person may not be aware that his computer is being accessed from a remote
location.
WIRE
TAPPING
This is when an
unauthorized person connects a device to a phone line to listen to another’s
conversation.
CREATING
MALWARE
A malware is a
destructive virus that is introduced into computer system. It can be carried
out through writing, creating, or disturbing malware. Example are viruses and
spyware. These are Internet-based software or programs that are used to disrupt
a network. The software is used to gain access to a system to steal sensitive
information or data or causing damage to software present in the system.
DENIAL
OF SERVICES ATTACK
This means over loading
a system with many requests that it cannot serve as normal request.
Crimes committed with
computer are:
CHILD
PORNOGRAPHY
This is the abuse of
children by using them in the making or disturbing of child pornography. This
is also a type of cyber-crime wherein criminals solicit minors via chat rooms
for the purpose of child pornography. The FBI has been spending a lot of time monitoring
chat rooms frequented by children with the hopes of reducing and preventing
child abuse and soliciting.
CYBER
TERRORISM
This includes hacking,
threats, and blackmailing towards a business or person.
CYBER
BULLY OR CYBER STALKING
This is a kind of
online harassment wherein the victim is subjected to a barrage of online
messages and emails. Typically, these stalkers know their victims and instead
of resorting to offline stalking, they use the Internet to stalk. However, if
they notice that cyber stalking is not having the desired effect, they begin
offline stalking along with cyber stalking to make the victims’ lives more
miserable.
ESPIONAGE
This means spying on a
person or business without their permission.
FRAUD
Manipulating data, e.g.
changing banking records to transfer money to account.
HARVESTING
This is collecting
account or other account related information on other people without their
consent.
IDENTITY
THEFT
This has become a major
problem with people using the Internet for cash transactions and banking
services. In this cyber-crime, a criminal accesses data about a person’s bank
account, credit cards, Social Security, debit card and other sensitive
information to siphon money or to buy things online in the victim’s name. It
can result in major financial losses for the victim and even spoil the victim’s
credit history.
INTELLECTUAL
PROPERTY THEFT
This is the act of
stealing another person or companies intellectual property. This crime occurs
when a person violates copyrights and downloads music, movies, games and
software. There are even peer sharing websites which encourage software piracy
and many of these websites are now being targeted by the FBI. Today, the
justice system is addressing this cyber-crime and there are laws that prevent
people from illegal downloading.
PHISHING
This means deceiving
individuals to gain private or personal information about that person.
SALAMI
SLICING
It means stealing tinge
amount of money from each transaction made on someone account.
RECOVERY
PLAN AND ITS ROLES IN BUSINESS CONTINUITY
Business
Continuity
A strong business
continuity plan can help prevent or reduce the risk of a cyber-attack.
Seventy-two percent of small and mid-sized business survey respondents said
they expect to increase their investments in business continuity over the next
12 to 24 months to prevent cyber-attacks, according to an article on
TalkingCloud.com. (The survey included 700 SMBs from around the world and
focused on the current state of SMB business continuity and disaster recovery
planning.) Small and Mid-sized Businesses are increasingly looking for simple,
affordable and easy-to-deploy business continuity solutions that protect
against cybercrime.
What
is a Business Continuity Plan?
A business continuity
plan is a defined process to ensure that your business operations continue when
an adverse event occurs. This is NOT a disaster recovery plan, which is
specific to ensuring the availability of your IT environment including the
data. A business continuity plan is all-encompassing and must include a data
backup and DR plan as a part of the overall strategy. The main goal of business
continuity management is to keep the company running smoothly and limit the
amount of downtime, and risk to the business.
Why
You Need a Business Continuity Plan
Many Small and
Mid-based Businesses think establishing a business continuity plan is too
costly and not worth the investment. However, can an SMB actually afford not to
have a Business Continuity plan? The survey referenced on TalkinCloud.com,
found that the average estimated cost for an hour of downtime for an SMB ranges
from $8,220 to $25,600, and an unplanned event typically lasts up to 24 hours.
The biggest threat to critical business data is cybercrime, and a Business
Continuity plan could help prevent an attack or drastically limit the downtime
resulted from the breach. A study by The Ponemon Institute found that
organizations that involved business continuity management in cyber security
planning are 5 percent less likely to suffer a data breach; yet, 55 percent of
companies do not involve Business Continuity Management in data breach
planning. However, it seems SMBs are increasingly becoming aware of the importance
of business continuity planning as the threat of cyber-attacks becomes more
likely. Small and Mid-based Businesses should work hand-in-hand with their
hosting provider, whether virtual or physical, to ensure that all of their
critical data and applications are included in their business continuity plan.
HOW TO TACKLE CYBER CRIME
It has been seen that
most cyber criminals have a loose network wherein they collaborate and
cooperate with one another. Unlike the real world, these criminals do not fight
one another for supremacy or control. Instead they work together to improve
their skills and even help out each other with new opportunities. Hence, the
usual methods of fighting crime cannot be used against cyber criminals. While
law enforcement agencies are trying to keep pace with cyber criminals, it is
proving to be a Herculean task. This is primarily because the methods used by
cyber criminals and technology keeps changing too quickly for law enforcement
agencies to be effective. That is why commercial institutions and government
organizations need to look at other methods of safeguarding themselves.
SUMMARY/CONCLUSION
The prevention of cyber-criminal
activities is the most critical aspect in the fight against cybercrime. It’s
mainly based on the concepts of awareness and information sharing. A proper
security posture is the best defense against cybercrime. Every single user of
technology must be aware of the risks of exposure to cyber threats, and should
be educated about the best practices to adopt in order to reduce their “attack
surface” and mitigate the risks.
Education and training
are essential to create a culture of security that assumes a fundamental role
in the workplace. Every member of an organization must be involved in the
definition and deployment of a security policy and must be informed on the tactics, techniques and procedures
(TTPs) belonging to the cyber-criminal ecosystem.
Prevention means to
secure every single resource involved in the business processes, including
personnel and IT infrastructure. Every digital asset and network component must
be examined through a continuous and an evolving assessment. Government
entities and private companies must cooperate to identify the cyber threats and
their actions—a challenging task that could be achieved through the information
sharing between law enforcement, intelligence agencies and private industry.
Fortunately, like any other phenomenon, criminal activities can be
characterized by specific patterns following trends, more or less strictly.
Based on this consideration, it is possible to adopt an efficient prevention
strategy, implementing processes of threat intelligence analysis. Security must
be addressed with a layered approach, ranging from the “security by design” in
the design of any digital asset, to the use of a sophisticated predictive
system for the elaboration of forecasts on criminal events.
Additionally, sharing
threat information is another fundamental pillar for prevention, allowing
organizations and private users to access data related to the cyber menaces and
to the threat actors behind them. At the last INTERPOL-Europol conference in October,
security experts and law enforcement officers highlighted the four fundamentals
in combating cybercrime as:
1. Prevention
2. Information Exchange
3. Investigation
4. Capacity Building
Prevention activities
must be integrated by an effective incident response activity and by a recovery
strategy to mitigate the effects of cyber incidents. Once an event is
occurring, it is crucial to restore the operation of the affected organization
and IT systems. Recovery from cybercrime is composed of the overall activities
associated with repairing and remediation of the impacted systems and
processes. Typically, recovery includes the restoration of damaged/compromised
data and any other IT assets.
According to the data
proposed in the last report issued by the Ponemon Institute, “2014 Global
Report on the Cost of Cyber Crime”, recovery is one of the most costly internal
activities. On an annualized basis, detection and recovery costs combined
account for 53 percent of the total internal activity cost.
An effective incident
response procedure includes the following steps: Identification of the threat
agent which hit the infrastructure, containment of the threat, preventing it
from moving laterally within the targeted infrastructure, forensic
investigation to identify the affected systems and the way the threat agent has
penetrated the computer system.
Remediate/Recover by
restoring IT infrastructure back online and in production once forensic
investigation are complete. Report and share threat data to higher management and
share the data on the incident through dedicated platforms that allow rapid
sharing of threat data with law enforcement and other companies.
Unfortunately, the
process described is rarely followed. Up until now, the containment and
remediation process has been a primary manual human process that makes it
non-responsive and inefficient.
We must be conscious
that is quite impossible to recognize every cyber-criminal activity before it
affects the targeted entities. For this reason, it is crucial to have a mature
approach to cyber security that emphasizes the aspects of early detection and
recovery.
An efficient incident
response plan, for example, could improve the resilience of the system to the cyber-attacks
and allow a quick recovery from an incident.
The processes described
on both aspects of prevention and recovery has to be improved by any entity
that uses a digital asset or a system exposed on the Internet. Security needs
an improvement approach that will preserve every single ring of the security chain.
Never
let your guard down, cybercrime never sleeps!
