NordVPN

Cybercrime, an Increasing Threat to Society

Guest Author
June 24, 2021

The commission of crimes using computers, computer networks, or other IT platforms is called cybercrime. It’s often an attack on government, public or private enterprise, or an individual’s information.

The average cost of data breaches is astronomical. Common crimes include fraud, trafficking of intellectual property, identity theft, and privacy violation. Cybercrime has been projected to cost $6 trillion globally in 2021.

Which public sectors are hackers targeting?

The public sector is particularly vulnerable to hackers. The primary reasons are low budgeting for cybersecurity maintenance and insufficient staff training. The public sector generally doesn’t prioritize keeping software and cybersecurity up-to-date.

The private sector is better at this as it can justify this spending with profit-driven motives. There is also a major issue of staff not being properly trained to spot or take precautions against potential data breaches.

Public sector breaches are much more likely to go unnoticed until years later. Sectors that have been specifically targeted include healthcare, electric/energy, and public administration.

A famous example of the healthcare sector being targeted is the devastating 2017 WannaCry ransomware attack. The UK’s National Healthcare Service’s essential patient data was encrypted and Bitcoin payments were demanded. This is still the most severe cyber-attack the UK has experienced.

Earlier in 2021, the Babuk group managed to hack into Washington, D.C.’s Metropolitan Police Department, and threatened to release the names of informants if they did not receive a payout. The department admitted that information had been breached and the group claimed to access 250GB worth of police records.

The Russian hacking group tricks people with Ransomware-as-a-Service (RaaS), which accounts for around 64% of all ransomware attacks in 2021. In the last year, the amount of ransomware attacks has increased by 150%.

Colonial Pipeline also experienced similar issues this year. Around 100GB of data was stolen, and malware was installed on the servers of the group, which transports millions of gallons of fuel across texas. This attack was carried out by DarkSide, who are an English-speaking group of hackers that seem to have links to Russia. Colonial Pipeline immediately had to get the help of huge cybersecurity experts as well as invoking a Federal Government response to the attack. Ransomware was removed from the server and the issue was only resolved with a huge payment to the group. It has been reported that DarkSide has stopped operations, but managed to amass $90million of Bitcoin from attacks including this one.

Individuals are seeing growing threats from cybercrime as well as companies. A recent malware Trojan was detected in Android phones and devices. It has been dubbed TeaBot, and is able to steal the credentials of a user, even their banking details and live streams of the screen of the device. This could give hackers a route to steal from millions of users.

The app is able to disguise itself as other apps including TeaTV and VLC Media Player, but if you download the app, it forces the user to grant it permissions for loads of security-threatening services, and loads a second-stage payload. This sort of app manages to work its way onto devices without the users even knowing it has happened.

How does hacking happen?

There are many ways that hacking happens. Three common methods are malware (including ransomware), phishing, and insider threats.

The term ‘malware’ comes from the words ‘malicious’ and ‘software’. It usually comes in the form of a computer program or file. It disrupts, invades, and/or harms your computer. Common types include worms, viruses, spyware, and adware.

Ransomware is another type of malware where hackers execute an account takeover and restrict access. They demand a ransom in return for releasing control.  Over the last year, the average ransom demand has more than doubled. Hackers have also been combining data theft with ransomwareattacks to maximize the impact ofdata breaches. Ransomware is often spread through phishing.

Phishing is a method whereby hackers use email to impersonate legitimate persons or organizations. Common targets are credit card data and control of the computer and local network resources. Phishing attacks increased by over 74% from 2018 to 2019. This method uses many tools to reach its insidious goals. One common way is including links that infect your computer with dangerous software. Another is tricking you into exposing usernames and passwords, to gain access to your network. Over 90% of data breaches begin with phishing.

Insider threats occur when employees threaten their own employers’ cybersecurity. This involves the misuse of employees’ authorized access to an organization’s critical assets. A particularly dangerous aspect of this is that typical, perimeter-based security strategies provide no protection against this.

Steps to boost cybersecurity

Here are some important steps to minimize vulnerabilities.

  • A two-factor authentication is an important tool for preventing information leaks or account takeover. This means that you have to pass two security checks before obtaining access to any accounts or information.
  • Limit and be aware of who has access to your data. This is important for business owners in particular. This list can include an entire network of employees, partners, and even clients.
  • Educate yourself and, if applicable, your employees on cybersecurity basic dos-and-don’ts. Be sure to know about different types of potential attacks and how to avoid them.
  • Conduct regular checks every 3 – 6 months to ensure that no hacks have occurred. Also check that initially unnoticed attacks are not ongoing, and ensure that all security measures are in place and functioning properly.

What is the government doing about cybercrime?

We live in an age where cybercrime poses a risk to anyone. Tech companies and ministries of justice around the world are teaming up in a bid to tackle cyber criminals. Amazon, Cisco, FireEye, and McAfee have joined with the Department of Justice (DOJ), Europol, and the U.K. National Crime Agency. This task force is all about trying to prevent cyber criminals from doing damage.

The government, along with the help of these tech and security giants, are targeting many of the services that support the ransomware attacks, such as the hosting services. They are aiming to remove many of the financial incentives of the crime to make it less likely that they take place in the first instance.

Other goals of the force include making the process of reporting attacks easier. Many victims never report them, often out of embarrassment, but the group wants to make a method that is easy to report crimes.

It has also been reported that the task force is considering fines for anyone who pays ransom to a group sanctioned by the government. The Treasury Department in the U.S. may also have to give permission for ransoms to be paid at all.

The laws haven’t been confirmed yet, and some think that it will do little, if anything, to stop attacks. In fact, some have theorized that it could increase the number of cyber incidents as the hackers try to test if the government really has a method to enforce these laws and follow them up. Many of the hackers out there are ruthless, and the idea of the law being against them, even in multiple ways, doesn’t mean they will stop.

All of these tactics are designed to put blockades in the way of the hackers and make them less of a threat to society as a whole.

Philip Reiner is one of the key players in cybersecurity, and he has been named as the executive director of the task force. He’s also the CEO of the Institute for Security and Technology. Reiner stated: “we were so dead set in putting forward a comprehensive framework. That way, the Department of Homeland Security can do what they need to do, the State Department, Treasury gets involved, and it all needs to be synchronized for going after the bad guys with the same accuracy.”

What else can you do?

Although preventative measures are vital, there are no surefire ways of avoiding hackers. Anyone can find themselves a victim of ransomware attacks, or other criminal cyber-activity. If you find yourself in this position, it is important to report the incident.

You can report cybercrime online to the Internet Crime Complaint Center, which is an arm of the FBI. You will be required to fill out a complaint form. The IC3 takes reports from individuals and on behalf of businesses. You’ll need to keep all original documents secure, as they may be requested later.

As a business owner, it is also crucial to have a continuity strategy in place. This should include business continuity and disaster recovery plan (or a BCDR).

Cybercrime is a serious threat to individuals, businesses, industries, and governments. This threat is escalating at an unprecedented rate. No-one can be completely immune but awareness of the threats, putting in place the appropriate measures, and knowing how to react will benefit you greatly.

David Lukić is an information privacy, security and compliance consultant at IDstrong.com. The passion to make cyber security accessible and interesting has led David to share all the knowledge he has.