CIOs need to focus on people-based attacks and use intelligent tools to limit data loss and business shutdowns.

Cybercrime is on the rise, the consequences of it take longer to fix, and more companies are losing more money because of it, according to the Ninth Annual Cost of Cybercrime Study recently published by Accenture and the Ponemon Institute. The 2019 study is rooted in comprehensive, wide-ranging interviews with 2,647 senior leaders from 355 companies across 11 countries and 16 industries.

Today’s cyberattacks are changing – from the companies they choose to victimize, to the techniques used to carry them out, to the types of harm they wreak. Last year, there were an average of 145 security breaches – ones that infiltrated the companies’ core networks or enterprise systems – in each of the firms in the survey. That’s 11 percent higher than the number of reported breaches in 2017, and fully 67 percent higher than five years ago.

Escalating costs

Obviously, when the number of attacks goes up, so does the cost of dealing with them. On that front, the average cost has increased to $13 million, $1.4 million more than in 2018.

These costs ware based on how much the affected organizations spent to find, examine, contain and recover from a data breach over a continuous four-week period, in addition to costs incurred for subsequent work intended to prevent similar attacks. Efforts to deal with business disruptions and customer losses are also included in the cost estimate.

Attacks gaining further sophistication

The theft of data is the costliest and rapidly increasing result of cybercrime. But data isn’t the only thing in the bad guys’ crosshairs. According to the report, mission-critical operational systems such as industrial controls are other targets, for the sole purpose of throwing a wrench into – or even destroying – a company’s business. For instance, distributed denial of service (DDoS) attacks can knock off online services for hours and cause major damages when brining an organization’s business operations to a standstill.

While data is a top target, the bad guys don’t always want to steal it. There’s a new trend among cybercriminals to not simply copy data, but to monkey around with it so that it is either ruined or can no longer be trusted. Compromising the integrity of data seems to be the cybercrime du jour – if not now, then in coming months and years.

On top of that, cybercriminals are evolving their techniques. More than ever, they are taking aim at the weakest link in any corporate IT security system: humans. The fact is, if you want to do harm to a giant computer system, ransomware, phishing and social engineering may be your best bet. When someone’s guard is down, it’s easy to click on fake links and email attachments. 

By now, these are old tricks. What’s new is the growing propensity of certain countries and their paid hackers to use these techniques to take down giant commercial companies. Some jurisdictions are starting to classify such attacks as "acts of war" in an attempt to thwart or limit cyber-security insurance settlements.

“From people to data to technologies, every aspect of a business invites risk and too often security teams are not closely involved with securing new innovations,” said Kelly Bissell, Senior Managing Director of Accenture Security.

“This siloed approach is bad for business and can result in poor accountability across the organization, as well as a sense that security isn’t everyone’s responsibility.”

What is Cybercrime?

Cybercrime is defined as a crime where a computer is the object of the crime or is used as a tool to commit an offense. A cybercriminal may use a device to access a user’s personal information, confidential business information, government information, or disable a device. It is also a cybercrime to sell or elicit the above information online.

Categories of Cybercrime

There are three major categories that cybercrime falls into: individual, property and government. The types of methods used and difficulty levels vary depending on the category.

• Property: This is similar to a real-life instance of a criminal illegally possessing an individual’s bank or credit card details. The hacker steals a person’s bank details to gain access to funds, make purchases online or run phishing scams to get people to give away their information. They could also use a malicious software to gain access to a web page with confidential information.
• Individual: This category of cybercrime involves one individual distributing malicious or illegal information online. This can include cyberstalking, distributing pornography and trafficking.
• Government: This is the least common cybercrime, but is the most serious offense. A crime against the government is also known as cyber terrorism. Government cybercrime includes hacking government websites, military websites or distributing propaganda. These criminals are usually terrorists or enemy governments of other nations.

  Types of Cybercrime

  DoS Attacks

  These are used to make an online service unavailable and take the network down by overwhelming the site with traffic from a variety of sources. Large networks of infected devices known as Botnets are created by depositing malware on users’ computers. The hacker then hacks into the system once the network is down.

  Botnets

  Botnets are networks from compromised computers that are controlled externally by remote hackers. The remote hackers then send spam or attack other computers through these botnets. Botnets can also be used to act as malware and perform malicious tasks.

  Identity Theft

  This cybercrime occurs when a criminal gains access to a user’s personal information to steal funds, access confidential information, or participate in tax or health insurance fraud. They can also open a phone/internet account in your name, use your name to plan a criminal activity and claim government benefits in your name. They may do this by finding out user’s passwords through hacking, retrieving personal information from social media, or sending phishing emails.

  Cyberstalking

  This kind of cybercrime involves online harassment where the user is subjected to a plethora of online messages and emails. Typically cyberstalkers use social media, websites and search engines to intimidate a user and instill fear. Usually, the cyberstalker knows their victim and makes the person feel afraid or concerned for their safety.

  Social Engineering

  Social engineering involves criminals making direct contact with you usually by phone or email. They want to gain your confidence and usually pose as a customer service agent so you’ll give the necessary information needed. This is typically a password, the company you work for, or bank information. Cybercriminals will find out what they can about you on the internet and then attempt to add you as a friend on social accounts. Once they gain access to an account, they can sell your information or secure accounts in your name.

  PUPs

  PUPS or Potentially Unwanted Programs are less threatening than other cybercrimes, but are a type of malware. They uninstall necessary software in your system including search engines and pre-downloaded apps. They can include spyware or adware, so it’s a good idea to install an antivirus software to avoid the malicious download.

  Phishing

  This type of attack involves hackers sending malicious email attachments or URLs to users to gain access to their accounts or computer. Cybercriminals are becoming more established and many of these emails are not flagged as spam. Users are tricked into emails claiming they need to change their password or update their billing information, giving criminals access.

  Prohibited/Illegal Content

  This cybercrime involves criminals sharing and distributing inappropriate content that can be considered highly distressing and offensive. Offensive content can include, but is not limited to, sexual activity between adults, videos with intense violent and videos of criminal activity. Illegal content includes materials advocating terrorism-related acts and child exploitation material. This type of content exists both on the everyday internet and on the dark web, an anonymous network.

  Online Scams

  These are usually in the form of ads or spam emails that include promises of rewards or offers of unrealistic amounts of money. Online scams include enticing offers that are “too good to be true” and when clicked on can cause malware to interfere and compromise information.

  Exploit Kits

  Exploit kits need a vulnerability (bug in the code of a software) in order to gain control of a user’s computer. They are readymade tools criminals can buy online and use against anyone with a computer. The exploit kits are upgraded regularly similar to normal software and are available on dark web hacking forums.

In today’s world, the reality is that all individuals and organisations connected to the internet are vulnerable to cyber attack. The number, type and sophistication of attacks continues to grow, as the threat report published last month by the Australian Cyber Security Centre (ACSC) points out.

It isn’t only large organisations that are under threat. Even individuals or organisations that don’t believe they have much to offer hackers can be targeted. So even if you think you’re a small target, you might still be at risk.

Illusion of trust

Malicious individuals and groups thrive on gathering information that can be used to enhance their attack strategies. Hackers are becoming more focused on spear-phishing attacks, which are tailored to individual people, and any bit of information about you can be of help.

Key to the hacker is the issue of trust. The information gathered is used to build a profile of the target with the aim to have enough data that allows the hacker to appear trustworthy to you.

In most cases, the hacker will attempt to impersonate an entity that is trusted by you. The more information the hacker has on you, the more likely they will be able to maintain the illusion long enough to achieve their aims.

The effects of a successful attack vary significantly, largely depending on the motivation of the hacker.

For most of us, identity theft is likely to cause the most damage because it badly impacts on our ability to go about our normal daily life. Our credit rating could be severely compromised, for example. To make matters worse, the process of addressing the damage of an attack can be costly, time consuming and emotionally exhausting.

In other cases, the damage could be in the form of confidential information, such as medical history records, ending up in the hands of malicious parties, and thus make the you susceptible to different kinds of blackmail.

The recent breach of the Ashley Madison website is a typical example of confidential information about individuals that could be exploited by malicious parties.

Your access is important to hackers

But specific personal information is not the only driving factor behind cyber attacks. Often, the resources or the access you have to other systems is the overall goal.

A common misconception held by many individuals and organisations is that if they do not have anything of value on their systems, they are not likely to be attacked. Or the hackers have nothing to gain from copying all their information.

The information value may be zero, but the resources are precious commodities which can be easily used in two ways:

1. to launch more intensive, distributed attacks on the hacker’s primary target
2. they can be “leased out” in the form of botnets to other parties.

From the point of the user clearance, hackers again can exploit the knowledge about the target to attempt to gain access to difficult to reach systems.

Food for hacking thought

I was told of one case in the US where foreign hackers used the eating habits of the staff of a government organisation (obtained from credit charges) to launch a “watering hole” attack.

The hackers were able to easily compromise the server hosting the website of the restaurant frequented by the government employees and replaced the original PDF menus with a new set that had malware embedded in them. Thus, when the government employees were viewing the menus from their secure machines, they were downloading the malware as well.

These are just some of the ways hackers can take advantage of the information gathered from attacks. Unfortunately, the only limiting factor is the creativity of the malicious party. And sadly, hackers are very creative.

Beating cyber attacks

The attitude of individuals and organisations needs to change in order to prevent cyber attacks. There has to be a fundamental understanding that, when online, everyone is a target and that none of us are too small or unimportant.

It is also critical to change the attitude to incident detection and handling. We can only get

better at the defence part if we learn from previous experience, painful and costly as that may be. The reason we know about some of the attacks mentioned above is because they were detected and investigated.

Most organisations do not consider incident handling as a core component of cyber defence. And as long as that continues, the improvement in the cyber defences will be slow.

There has to be a concerted effort to treat cyber security seriously rather than an expensive auditing exercise. The vast majority of organisations are looking at cyber security as a compliance task and thus do the minimum possible to achieve that.

The payment card industry’s Data Security Standards for major credit cards is a classic example. It is good that there is a standard, but what is unfortunate is that all organisations try to do is the absolute minimum possible to pass the standard check rather than actually improving their security.

Instead the view should be to use the cyber security requirements as a way to improve overall security and thus avoid costly and damaging incidents in the future.

What is Cybercrime?

Cybercrime is a bigger threat than ever before, now that more and more people are connected to the Internet via laptops, smartphones and tablets, and is one of the most profitable ways to make money in the criminal world. There are a wide variety of cybercrimes, which can broadly be placed into two categories: one-off crimes, such as installing a virus that steals your personal data; and ongoing crimes such as cyberbullying, extortion, distributing child pornography or organizing terrorist attacks.

Where does cybercrime come from?

Cybercrime, like other crime, is the work of criminals but it is practiced by those who have technological skills and use the internet to achieve their nefarious ends. Cybercriminals employ their diverse skill set to access bank accounts, steal identities, blackmail, defraud, stalk, and harass or use a compromised computer as part of a sophisticated botnet to stage DDoS attacks on large institutions.

How do you recognize cybercrime?

Recognizing a cybercrime depends on the crime being committed. Malware surreptitiously downloaded to your computer might slow it down and prompt it to give you error messages. Phishing attacks, meanwhile, usually involves receiving emails from unknown sources trying to trick you into giving up your passwords or personal data. Keyloggers leave their own telltale signs, like strange icons, or duplicating your messages. On the other hand, you may never suspect your computer has been enslaved to a botnet.

How do you stop cybercrime?

Resolving cybercrime is a job for the police, national cyber security departments, and commercial cyber security firms. On a personal level, however, you can put an end to cybercrime by removing the most common methods of committing these types of crimes: malware. Comprised of viruses, spyware, and ransomware, using a powerful antivirus to scan your system and removing dangerous files not only keeps you safe, it keeps cyber-criminals from making money, which is typically their primary motivation.

Some tips to prevent cybercrime

Don’t download anything from unknown sources

Don’t click on links embedded in emails from people you don’t know

Don’t ever give out your password or personal data

Protect yourself from cybercrime

Protecting yourself against cybercrime can be time-consuming, but always worth it. Practicing safe browsing, such as avoiding strange downloads and untrusted sites, is a common-sense solution to cybercrime. Being careful with your login details and personal information can also keep you a step ahead of cybercriminals. But the best thing you can do to protect yourself is to use a powerful antivirus such as Avast Free Antivirus.