HOW TO FIGHT AGAINST CYBERCRIMINALITY

CYBER SECURITY IMAGE WIA

What is cyber criminality?

Cybercrime, or computer-oriented crime, is a crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.

Cybercrimes can be defined as: “Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as Internet (networks including chat rooms, emails, notice boards and groups) and mobile phones (Bluetooth/SMS/MMS) “.

Cybercrime may threaten a person or a nation’s security and financial health. Issues surrounding these types of crimes have become high-profile, particularly those surrounding hackingcopyright infringementunwarranted mass-surveillancesextortionchild pornography, and child grooming.

What are the different types of cyber crimes?

There are different types of computer crimes encompass a broad range of activities such as:

  • Computer virus
  • Phishing
  • Botnet
  • Spoofing
  • Cyber terrorism
  • Financial crime fraud
  • Online harassment

Computer Virus

The computer virus is the most well known type of cyber crime. A computer virus is a computer program that piggybacks or attaches itself to application programs or other executable system software; the virus subsequently activates, sometimes causing severe damage to computer Systems or files.

Phishing

Phishing is occurs when the perpetrator sends fictitious emails to individuals with links to fraudulent websites that appear official and cause the victim to release personal information to the perpetrator. This information is then used for unauthorized purposes such as fraudulent purchases, obtaining fraudulent loans, or identity theft.

Botnet

A Botnet infection occurs when a hacker transmits instructions to other computers for the purpose of controlling them. The hacker who disseminates the “bot” program is referred to as been used for various purposes such as spam distribution or phishing. The legitimate owner of the Computer usually does not know that it is infected.“herder.” Thousands of computers can be potentially infected. The infected computers can then

Spoofing

Spoofing occurs when the perpetrator uses email to gain the confidence of an individual so that he or she provides personal information that is later used for unauthorized purposes such as fraudulent purchases, obtaining fraudulent loans, or identity theft. Spoofers are modern-day, tech-savvy con artists. Spam is a key method used by email spoofers to trick individuals into providing their personal information.

Cyber Terrorism

Cyber terrorism is defined as acts by terrorists that cause damages to online computer systems such as shutting down e-commerce websites or destroying files. Following the 9-11 terrorist attack on the World Trade Center, cyber terrorism has become a high profile type of Cyber crime. Cyber terrorists employ devices such as computer viruses and online denial of service. The intention of the cyber terrorist is to incapacitate or dramatically reduce the business; for a government entity this results  inability to carry out its mission.

Financial crime fraud

Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:

  • Altering in an unauthorized way. This requires little technical expertise and is a common form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
  • Altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions. This is difficult to detect;
  • Altering or deleting stored data;

Other forms of fraud may be facilitated using computer systems, including bank fraudcardingidentity theftextortion, and theft of classified information. These types of crime often result in the loss of private information or monetary information.

Online Harassment

Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments at specific individuals focusing for example on gender, race, religion, nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties. Harassement on the internet also includes revenge porn.

How to prevent cyber crimes

Preventive measures are available that help determine cyber criminals, such as passwords, firewalls, encryption, and other security policies and procedures. Since preventive measures are not always successful, cyber crime detection is a necessary last line of defense regarding loss prevention, or at least loss minimization.

Detection techniques include:

Tripwires, configuration-Checking tools, and anomaly detection systems.

A brief overview of each of these intrusion detection techniques follows.

A tripwire is software programs that take snapshots of critical system characteristics that can be used to detect critical file changes. Tripwires provide evidence of electronic crimes since most intruding hackers make modifications when they install backdoor entry points or alter File system and directory characteristics in the course of hacking the system.

A configuration-checking tool, also referred to as a “vulnerability assessment tool,” refers to software programs that detect insecure systems. Configuration-checking tools are primarily preventive in nature but used as a monitoring device they can also provide evidence regarding electronic crimes.

An anomaly detection system focuses on unusual patterns of system activity.  Anomaly detection systems develop and analyze user profiles, host and network activity, or system programs in order to identify deviations from expected activity.  Experienced cyber criminals can obscure their actions through various methods. For example, cyber criminals may spread their intrusive behavior over a number of hosts on a network in order to defeat a single host intrusion detection procedure. Selecting and merging data from independent intrusion detection techniques, as well as the network itself, is necessary to identify this type of behavior.

Cyber crime is unlikely to be identified from random and intensive searches for evidence

of criminal activity. If a cyber criminal can convince an intrusion detection system to continually and uselessly increase its use of computer resources, then the criminal has effectively accomplished denial of service, a particularly destructive type of cyber crime. In such a case, computer resources are wasted and cyber criminals are not detected.  Since cyber crime is detrimental to business operations, business firms and their

Stakeholders clearly benefit from stopping cyber crime. Unless properly and continuously “fine «report such as excessive false alarms. In most cases, companies find it necessary to employ multiple intrusion detection techniques to efficiently and effectively detect electronic crimes. Appropriate actions must be taken by qualified professionals to successfully resolve cyber crime. Since some business firms may lack qualified computer security personnel, hiring outside professionals e.g. forensic accountants may be necessary. For a company with computer security personnel, outside professionals may still be needed if the electronic crime resulted from negligence on the part of the company’s computer security personnel. Law enforcement agencies can help with cyber crime investigations; although, many law enforcement agencies lack the technical expertise to investigate electronic crimes. Most can obtain warrants and seize computer equipment, but may be unable to find the evidence needed to resolve the cyber crime.