ybercrime is a kind of criminal/illegal activity carried out with the help of technology or computer/s as an instrument. A cybercrime is distinguished by intent. Hacking is only considered a crime when it's done with the intent to cause harm. Cybercriminals infiltrate computer systems with malicious intent. On the other hand, hackers can be "ethical", endeavouring to find new and innovative ways to secure a system.
Although cybercrime is in most cases motivated by a desire for financial gain, there can be other possible motivations. For instance, a cyberattack can be an act to make a political statement or social point. Radical hackerism is another popular motive where individuals use a cyberattack to showcase their frustration towards an organisation.
Cyberwarfare, an elaborate cyberattack also known as nation-state cyberattack, is a type of attack on the internet and information flow that involves top-notch professionals backed by governments. These can be used to suppress government critics and interfere with financial, health and infrastructure services of enemy nations. Cyberattacks are also sometimes used by businesses to undermine their competitors. A distributed denial-of-service (DDoS) attack is an increasingly popular machiavellian business tool. The attacks, which entail attackers rendering an IT resource unavailable to the intended user, are designed to stall enterprises from participating in major critical events. They can also be used to completely shut down their online business within minutes and usually for months.
Just like the motivations behind the crime, the types of cybercrimes can significantly vary in nature as well. Hackers and cybercriminals are becoming more and more competent at using computers in innovative ways to lure their targets into revealing compromising information.
Broadly, cybercrimes can be divided into two significant categories: computer as a target and a computer as a tool. Computer as a target attacks are large-scale cyberattacks that require organised efforts and high technical expertise, they include crimes like DDoS, malware and computer viruses. Computer as a tool attack, on the other hand, are petty, trivial cybercrimes that don't necessarily require much computing expertise or consistent efforts and are thus way more common. These attacks majorly rely on human error and include crimes such as online harassment, theft and scams.
1) Phishing: As per the FBI, phishing was the number one, most common kind of cybercrime in 2020. Phishing or email fraud is a kind of social engineering attack where tricksters try to fool unsuspecting targets into giving away their personal information. It usually involves impersonating a trusted brand or organisation by a fraudster who creates emails with infected links or attachments that claim to provide lucrative discount offers or unrealistic free gift items. The criminals usually create genuine-looking websites and fake social media accounts to create some sense of confidence in their victims. These victims are then asked to complete specific steps to claim their rewards, which more often than not include providing personal information. The information is later used to steal money from the target. Email is not the only medium used for phishing attacks today. Phishing attacks can also occur via text messages (Smishing) and voicemail (Vishing).
2) Identity Theft: Identity theft crimes are increasing exponentially. An identity theft crime entails identifying a target being stolen via various means and then using it to commit frauds such as making unauthorised transactions or purchases. The details that are most often stolen include bank account numbers, credit card information and social security numbers. The victims are often left with severe financial and/or reputation loss.
Like all other cybercrimes, types of identity theft can also vary based on motivation and approach. The most common type is driven by a desire for financial gain and involves someone using another person's identity or information to gain goods, services, credit or other benefits. With social security identity theft, thieves can apply for credit cards, loans or receive medical, disability and other benefits. Medical identity theft involves the perpetrators using someone's identity to obtain medical benefits and services.
3) Social Media Cybercrimes: Social media is today a crucial feature of the internet. Business, entertainment, politics, there's no sector that it hasn't influenced. From the most influential public figures to the most popular and loved celebrities, everyone participates in conversations on Twitter and posts pictures on Instagram. Social media is meant for people to share their thoughts and even life updates (especially on Facebook).
More often than not, people end up oversharing or making enemies online who then stalk, harass, dox and even threaten them. Death threats among celebrities are commonplace these days and every other day the news of a popular social media account getting hacked hits the headlines. Crimes on social media are rarely taken seriously but can result in severe damage to victims. The damage is, in most cases, psychological. According to a study by Jama Network, spending more than three hours a day on social media puts adolescents at a higher risk of developing mental health problems.
4) Distributed Denial-of-Service (DDoS) Attack: A DDoS attack is characterised by legitimate network users being unable to access IT or computing systems due to interference by a malicious hacker. The attack involves overwhelming a computer resource with more service requests than it can handle, consequently consuming its available bandwidth, leading to server overload. This, in turn, results in the IT resources crashing or slowing down so that no one can access it. This attack can affect IT services like email, websites, online bank accounts and other services that depend on the affected computer or network.
A report by Hiscox found that a small UK business is successfully hacked every 19 seconds. The report further suggests that as many as 65,000 hacking attempts are made on small and medium-sized enterprises every day, 4,500 of which being successful. This means 1.6 million of the 5.7 million small and medium-sized UK businesses are victims of cyberattacks annually. As per stats by CISCO, 53% of medium-sized businesses suffered security breaches globally in the year 2018. Cyberattacks are certainly rapidly growing concerns in the UK that result in significant financial losses to UK businesses and require radical security measures.
Cybercrime is inherently linked with technology, and where there's computer technology, there's potential for a cyberattack. It's no secret that our lives have continued to get more and more intertwined with technology, and for good reason. On a personal note, it makes life easier by enabling us to connect with the outside world without any limitations from the comfort of our homes. Professionally for businesses, it has brought about a range of changes that have made various business operations automated, less time consuming, more labour saving and cost & energy efficient.
It has made everything from production and management considerably more manageable. But everything comes at a cost. With the purview of technology expanding exponentially and the concept of Internet of Things (IoT) turning even "things" or essential home appliances like fridges, washing machines, light bulbs, TVs and even door locks "smart", the access points for hackers to infiltrate our IT systems are proliferating. Not only are endpoints increasing in personal spaces but also in professional workspaces. Owing to the emergence of COVID-19, pandemic concepts like bring your own device (BYOD) and work from home (WFH) are becoming commonplace and enterprises are losing control over their IT endpoints. To top it off, with 5G increasing the bandwidth of connected IoT devices, such devices are estimated to become more vulnerable to cyberattacks.
The pandemic has drastically affected the cybersecurity domain, so much so that 81% of cybersecurity professionals reported to ISC that they have felt their job functions have changed during the pandemic. According to an IBM survey, 76% of organisations that adjusted to remote work agreed that working from home would significantly affect the time it takes to identify and contain a breach. As a matter of fact, the average time that it took to identify a breach in 2020 was 207 days, another IBM survey showed.
With advancing times and technologies, cybercrimes are estimated to grow as well. With the increasing risk of cyberattacks, the need for complete and full-scale cybersecurity solutions that can ensure complete and reliable protection of your digital assets is also growing. At Gemraj Technologies Ltd, we keep our service portfolio up to date with the latest technological trends and modern market demands. With us, you can rest assured of a comprehensive, all-inclusive assessment for all your cybersecurity needs. We will then use this to find solutions that match your budget and business objectives, regardless of your enterprise's size and industry.