Think about large-scale heists and it’s normal to conjure an image of a group of thieves robbing a bank, whisking away cash in black duffel bags. While such crimes haven’t gone away, criminals in the modern age often conduct their business online.
Definition of cybercrime
The term cybercrime refers to illegal activity conducted on the internet for the purposes of financial extortion, data theft, identity theft, espionage, and more.
Recent examples of damaging cybercrime incidents include the Yahoo hack in 2017, which impacted nearly 3 billion users, the Equifax breach with almost 150 million affected customers, as well as the WannaCry ransomware bug.
While the popular image of a cybercriminal is of a loner in a hoodie hunched over a keyboard, cybercrimes can also be conducted by gangs of hackers, companies, and even governments. North Korea was famously determined to be behind the hack that siphoned 81 million USD from Bangladesh’s central bank, as well as at least 1 billion USD more from various other entities.
Similarly, the Sony Pictures hack and the numerous daily hacking attempts on the Pentagon aren’t the work of a single individual. While we can’t say for sure, the degree of sophistication required to carry out these attacks suggests the culprits have significant resources at their disposal.
Cybercrime is projected to cost upwards of 6 trillion USD by 2021, with the figure nearly doubling from 2015 estimates. The complexity of cyberattacks coupled with mass proliferation of internet-connected devices means we are likely to witness a growing trend of cybercrime across the world.
5 examples of cybercrime
Malware, or malicious software, is one of the oldest tricks in the book to carry out cybercrime. Malware comes in the form of viruses, zero-day vulnerabilities, adware, and other threats that infect computer systems, tamper with the integrity of data, and steal proprietary information.
Malware includes ransomware, which prevents users from accessing their computer files unless the user pays a ransom.
Hackers often aim to steal personal details of individuals and sell them. These details in turn help criminals steal money by, for instance, opening credit cards in the victim’s name.
When hackers successfully enter the confidential systems of large companies, they’re able to glean tons of sensitive customer information. This information, valuable on the Dark Web, includes personal health information, credit card details, and even video streaming accounts. Personal data for a single individual can fetch about 45 USD, so when you add that up across hundreds of thousands of accounts, you’re looking at a significant amount of cash.
The Equifax hack mentioned above is a form of identity theft, as it’s possible that a large number of the stolen credit cards and personally identifiable information ended up on the Dark Web.
Phishing, also known as social engineering attacks, occurs when hackers gain access to computer systems by impersonating someone you would trust.
For instance, you might get an email which seems like it’s from a work colleague or a high school friend. The email might ask you to take a certain action such as signing up for a new service or joining a referral program. Since you trust the person it’s purportedly from, you proceed to click on a provided link.
However, either the email address is fake, or it’s real but has been compromised. Meanwhile, the link in question may be infected or lead you to give up sensitive information. That’s how phishing attacks unleash worms and generally cause material losses.
Ever since cryptocurrencies hit the mainstream, hackers have looked for ways to hijack system resources in order to mine cryptocurrency at the expense of unsuspecting users.
Cryptojacking has increased in prominence over the years. It’s hard to detect and ends up costing users hard cash in the form of higher electricity bills, without any of the monetary benefits.
Cyber espionage is a type of cybercrime that doesn’t involve the theft of personal or financial information. Rather, the objective here is to gain a competitive advantage over a government or company by hacking into their systems and obtaining secrets.
Activities conducted during cyber espionage include accessing confidential documents, monitoring emails and text messages, and hacking CCTV cameras.
How can I prevent cybercrime?
It’s impossible to eliminate cybercrime entirely, but there are certainly strategies you can deploy to reduce the risk of falling victim.
It’s important to note here that both individuals and businesses are equally at risk of cybercrime. And the approach to mitigating this risk will vary.
How can enterprises prevent cybercrime?
For companies, the most common attack vector comes via their staff. Employees are generally the weakest link in the security chain and hackers know that. This makes an internal cybersecurity strategy extremely important, in particular the training of employees on best practices.
An effective cybersecurity strategy takes into consideration a defense-in-depth approach. Some measures include using two-factor authentication whenever possible, a disaster and data recovery plan, effective penetration testing, endpoint security, regular backups, and updated software.
How can individuals protect themselves from cybercrime?
The best way for individuals to avoid cybercrime is to carefully scrutinize the emails asking you to navigate to a new website and set up an account. Make sure you verify that the sender is someone you know and trust, otherwise you may fall prey to a phishing campaign.
As a general rule of thumb, we recommend that you avoid using public Wi-Fi networks (such as those found in cafes, airports, and malls) unless you’re guarded with a VPN. Similarly, always keep your devices updated. In fact, turn on automatic updates so you don’t have to keep checking. When it comes to your personal devices, only download apps from the official app stores. Don’t trust third-party sites or rooted apps, as they can ship with unknown vulnerabilities.