It is vital to realise that cybercrime today is no longer solely perpetrated by nefarious, tech savvy opportunists. The image of lone actors snatching the odd cyber fistful of cash from another unsuspecting user is still lingering in the minds of many. Today cybercrime is organised crime, networks of hackers working in sync to deliver vast waves of attacks by spreading their nets wide.
Large and well organised teams do not only operate for financial gain, with countries around the world training teams of specialists to launch and defend against incoming cyberattacks. The threat of cyberwarfare has risen in recent years with instances of major infrastructure attacks believed to be rooted in politics being recorded. The SCADA attacks that hit power grids in the Ukraine are a prime example.
There could not be a more apt place to begin when listing the top forms of cybercrime than phishing, with attack volumes growing exponentially in recent years. In terms of attack volumes and success, 2017 proved a stand-out year for hackers who were able to engineer formidable new methods.
Phishing attacks are designed to discretely bait a user into following a link or giving away their valuable information under false pretences. An email for example could be sent under the guise of an official organisation or individual, aiming to trick the user into providing information or clicking a link. Clicking a link for example could cause a malicious payload to be launched.
Ransomware is another form of cybercrime that gained unparalleled notoriety in 2017, causing global shock and panic following the WannaCry ransomware attack that debilitated the NHS in the UK and sent numerous other organisations into meltdown.
Ransomware is a worm that infiltrates an organisation and infects systems with malicious software, this causes devices and systems to be locked down until a ransom is paid. In the case of many attacks, the user is given a strict time within which to pay up, or else the attackers threaten to delete the vital data on the systems that they have held hostage.
IoT hacking is growing, but perhaps more relevant is how serious some are predicting this problem will become. This is the case because manufacturers are continuing to pump cheap connected devices into the market without a second thought for their cybersecurity. The potential for crime here is tremendous due to the readiness with which consumers bring connected devices into their homes and lives.
We live in a world that now seems underpinned end-to-end by technology, causing one to forget the convergence of cybercrime with the real world. You and particularly your business is not only vulnerable when you are at the desk or using a device, it is important to have good conduct in the real world as well.
Major physical risks could include something as seemingly harmless as leaving documents in a printer tray, cybercrimes have been committed in the past by people physically trespassing and stealing important information or hardware. An example that proved a major risk that was fortunately headed off arose last year when a USB stick was discovered containing critical security information on Heathrow airport. In the wrong hands, this information could have been deadly.
This will also be an area of focus when GDPR comes into force on the 25th of May 2018, the EU regulation set to clamp down on organisations that are failing to provide ample data protection. Proof that physical cyber crime prevention is in place will be a requirement for compliance.
The Dark Web
The Dark Web is also a reminder of the convergence of the real and cyber worlds, with it continuing to be a place of business for those looking to capitalize on the sale of items and services that are prohibited in the real world.
Drugs continue to be a prime commodity available on the Dark Web, in addition to other items you might expect like guns and other weapons. Stolen objects are also traded on the Dark Web so as to avoid the usual tracking processes that take place in the real world.
An unusual 2017 example of a stolen item on the Dark Web is that of a 133 year old Gottfried Lindauer painting, having been stolen in a high-profile case from an art gallery in New Zealand. The painting was found listed on the White Shadow marketplace of the Dark Web with a ‘buy it now’ price tag of $500,000.