Recognizing and Combating Cybercrime
Global economy is in a state of vigorous transition. The rise of digital economy is not serendipitous but rather an anticipated outcome of human advancement in science and technology. Technology has not only empowered the humankind but also posed significant challenges with a potential to disrupt a range of Industries. Cybercrime is one such fractious challenge; an undesirable outcome of technology that has emerged as a serious threat not only to individual security but national security as well. As the technology advances, the cybercrime is also advancing; becoming more frequent, complex and sophisticated. It is no surprise that cybercrime has emerged as the second most reported economic crime of the world. It has now surpassed the illegal drug trafficking as a criminal moneymaker. More so there are now cybercrime tools available for purchase under Cybercrime-as-a-Service (CaaS) business model.
The major criminal activities over the internet include computer and network intrusions, ransomware, and identity theft. Computer and network intrusions include the triad of CIA (Confidentiality, Integrity, Availability) attacks on data. While the data confidentiality and availability attacks have been in existence from a long time, the new threat of integrity attacks is posing a major challenge. Despite being a technically challenging it won’t be long when state actors and cyber criminals will be carrying out such attacks. In fact James Clapper, the director of national intelligence, said the biggest emerging threat to national security is “cyber operations that will change or manipulate electronic information in order to compromise its integrity instead of deleting or disrupting access to it.” Add to it the highly sophisticated destructive malware that hackers are using to infect the networks and systems to carry out such attacks. We (security professionals) follow a standard protocol wherein we look for known patterns while attackers are constantly creating unusual patterns of attack that go undetected for a long time. Furthermore, it is now being anticipated that world will soon witness its first AI-based malware that would have crippling consequences.
The year 2016 is now being called as the year of Ransomware. It has emerged as one of the biggest cyber nuisance of our times. One wrong click and all files are encrypted. Worse so even the government is now advising people and organizations to pay the ransom in bitcoins or risk losing sensitive data to hackers. The criminals usually trick people into installing ransomware by sending them bogus emails with infected attachments. They socially engineer them to click on the attachment and download it. Despite knowing about the risk people are still lured by what’s written in those emails.
Another threat of equivalence is that of Identity theft. Anyone who is active on social media carries a high risk of identity theft. The criminals upon stealing your identity will use it to carry out banking frauds or worse more use it to enter a country illegally, drug trafficking, money laundering etc.
A de facto responsibility has dawned upon every individual to be cyber aware and ensure that there are no wrong clicks because the consequences can be widespread engulfing an entire organization and more so even jeopardizing the national security.
The number of threat and threat actors has become so large that it is practically impossible to develop a single unified response to all of them. What needs to be done to significantly contain and respond to such threats is to develop a three tiered response.
- Firstly, maintain a proper cyber hygiene and develop a security culture. This includes not getting lured away by spam emails, keeping security software up to date, not downloading files from unauthorized third party links, not exposing personal information on social media and not talking to strangers. Inculcation of such activities at organizational level will lead to development of a security culture.
- Secondly, investment in research to develop effective means to combat cyber criminals. Yes, this needs to be done. For Example there is an ongoing research that aims to power security software through artificial intelligence. Such a software will gradually learn about the pattern of malware (even the patterns that are invisible to the researchers) and thus detect new threats thereby nipping them in the bud.
- Finally, there is a growing consensus on making “cyber situational awareness” a sine qua non force for combating cybercrime. In simple words it means empowering individuals with events in cyberspace so that they can identify and detect the signs of cybercrime in real time and take effective steps to prevent, respond and contain it. All along we have been focused on deploying technology controls for data security but now most companies agree that to protect company’s information, their employees need to be aware of the new threats, threat actors, threat methods, and the happenings in the cyber world. The message is simple — Real-time cyber situational awareness can help turn your employees into human firewall of your organization!