Criminal behind a computer. Image from Flickr: http://www.flickr.com/photos/pccare247_inc/7151335071/
Cybercrime is one of the fastest growing sectors in crime. A computer security software company defines it as: any crime that is committed using a computer or network, or hardware device. It is also one of the most ambiguous terms because these illegal activities come in many shapes and there is not a definite legal-illegal boundary set by the authorities around the world. Some of these crimes are listed as follows:
-stealing and/or modification of data, or identities
-corporate espionages
-distribution of viruses via a link in emails (phishing)
With developing technology, the speed and the convenience of being able to commit a cybercrime anywhere, anytime in the world has contributed to its growing popularity. However, because internets are global but laws are not, legally speaking, it is hard to catch and punish cyber criminals. If individuals, or small groups of individuals worked together in the past to hack a system, for example, nowadays, they have organized themselves into a group of technology professionals. They sell hacking services openly online and products are made available to them for their “businesses.” For instance, if you want them to attack a website, they might do it at $30 per hour. To test their viruses, or codes, before selling, platforms are available for testing with a fee.
So, how does a device get infected?
It can be as simple as plugging in a USB, containing attacking codes to a target computer. Within seconds, documents can be accessed and modified, and programs can be launched. If the computer is connected to a network of a company, it could lead to disastrous outcomes for that company. However, needing to physically plug in a USB may be challenging in most cases.
A common way to infect a website is by entering codes directly into it. Most companies have a comments section where people can submit comments. If the attacker enters a code instead of a comment and submits it, the code will be interpreted. This is all under an assumption that the security level is not high.
Cyber Attack. Image from Flickr: http://www.flickr.com/photos/75468116@N04/8569854011/
According to the International Criminal Police Organization (INTERPOL), stolen intellectual properties from businesses worldwide are worth around $1 trillion in US dollars.
If protected business networks are attacked successfully, how can we protect our less secure personal devices?
James Lyne, an expert in this field, advises that by doing the basics such as keeping up-to-date with antivirus programs, having differing passwords and changing them frequently, 99% of the attacks may not work. Also, he mentions in his TED talk that when our devices can scan for wireless networks, we let out information about connected networks in the past. This is important because most network names imply location and possibly what the place is (eg. StarbucksWifi, UBCSecure). Therefore, even if it is convenient, we should delete the “remembered networks” if possible. Also, when using social media, it is important to check not only our security settings but also the settings of our “friends” and “followers.” With these precautions, our personal information may be better protected. Here is a short video about interesting facts of cybercrime.
References: Cybercrime (Interpol), What is Cybercrime?, James Lyne: Everyday Cybercrime — and What You Can Do About it
