Cybercrime is a collective term for illegal activities that either take place directly on the internet or are initiated over the internet. The spectrum ranges from digital attacks using malware, Trojan horses, or DDoS attacks, to phishing of log-in and access credentials, the distribution of child pornography, and trading in weapons and drugs. Beyond from the publicly accessible internet, an entire professional cybercrime industry has developed on the Darknet, where illegal actions are managed and even offered as a service.
What is the history of internet crime?
The first cases of cybercrime go back to the 1990s. One of the most famous digital perpetrators of this early period is Kevin Mitnick, who now earns his money as an IT security expert and book author. Mitnick is said to have repeatedly succeeded in penetrating the sensitive networks of the US Department of Defense as well as the NSA and the NORAD network in particular. The American citizen was sentenced to several years in prison for his offences.
Since then, however, cybercrime has changed a great deal. While in the beginning it was mostly restless hackers involved in attacks, mainly wanting to put their skills to the test by breaking into highly secured networks, monetary interests now prevail. In addition, there are a few state-supported hacker groups active on the net. The latter primarily seek political influence, access to classified data, or conduct industrial espionage. The romanticized image of the hacker in a hooded sweatshirt, however, has very little to do with reality.
What kinds of cybercrime are there?
In general, cybercrime is classified into offences that are entirely digital and offences where the network is used as an aid. While a DDoS attack, for example, aims to restrict the availability of web services and thus takes place entirely in cyberspace, trade in prohibited or stolen goods is also carried out the same way as in the real world, only the transaction takes place on virtual platforms on the Darknet.
Common practices of attack by cybercriminals include:
In phishing, cybercriminals seek to steal valuable login information that is then used for digital identity theft or sold for profit on the Darknet. Among the most sought-after credentials are for online banking and payment services accounts, which are the most heavily trafficked on the online marketplaces on the Darknet. The data is usually acquired by hackers via spam e-mails including links to lure users to fake websites. These web portals are usually indistinguishable from the original websites of the particular provider – even the URL structure is copied by resourceful phishers who use characters that look alike, which is also referred to as a homograph attack.
The use of malware is also a common method for cybercriminals. Spam e-mails are often used to spread malware on a massive scale. However, attacks using manipulated links and cross-site scripting are also used to distribute malware. Cybercriminals exploit existing security vulnerabilities in websites to do this. Once installed on the victim’s system, malware can be used for many different purposes. For example, sensitive passwords and other data can be revealed or even the entire system can be taken over remotely.
Malware designed to extort a ransom is called ransomware. These ransomware Trojans usually spread unnoticed in the background on the victim’s systems and start encrypting files as unobtrusively as possible. By the time the victim notices the attack, it is usually already too late and large parts of the hard drive are already being held as a digital hostage. The contents can usually only be recovered by using the hackers’ decryption keys, which are sent after the ransom has been paid. However, there is always the risk that the keys may be faulty or not sent at all – there is no honor among thieves on the internet.
Botnets consist of thousands of networked bots. The word bot is short for robot, which is a clue to the primary function served by these tools: Bots are used to automate predefined tasks. Since they are malware, bots usually operate without the knowledge of the user on hijacked PCs, network servers, and other devices connected to the Internet of Things (IoT) – and together they form a botnet. IP cameras, network printers, smart TVs, and other similar devices can also become part of a botnet. When combined into a collective botnet, bots are a powerful weapon that can be used to carry out things like DDoS attacks or stealing credentials using credential stuffing or credential cracking.
DDoS is short for “Distributed Denial of Service” and literally describes a distributed service blockade, which is one of the most commonly attack vectors used today. DDoS attacks seek to bring the victim’s digital processes to their knees with a flood of requests. The starting point is usually widely distributed botnets that cybercriminals set up using Trojan horses and then employ as weapons. Ambitious DDoS attacks can take down unprotected websites and other services for hours or even days.
Which industries are affected by cybercrime?
In general, any company, regardless of industry or size, is a potential target for cybercriminals. The key factor is not whether, but when and to what extent an attack on the company will take place. Cybercriminals are particularly focused on e-commerce companies, banks, FinTechs, insurance companies, the manufacturing industry, media, and healthcare. However, computer centers as well as government agencies and other organizations from the public sector are also popular targets for hacker. According to a representative survey by digital association Bitkom, 75 percent of all German companies were victims of digital sabotage, theft of data or spying last year.
What damage does cybercrime cause?
The high number of companies impacted is also reflected in the costs to the economy. In Germany alone, internet-related crime causes annual losses of over 100 billion euros and is rising. The ongoing digitization of the economy, society, and government noticeably increases the virtual attack surface for cyberattacks. In the future, security researchers therefore expect an increase in cybercrime despite stricter regulatory requirements for data protection and data security.
How can companies protect themselves?
In order to successfully combat cybercrime, companies should first of all observe and cleanly implement the industry guidelines in place for data protection and IT security. Depending on size and environment, different requirements apply here. While financial service providers, for example, are bound by the requirements of BaFin, the requirements of the IT Security Act apply to operators of critical infrastructures. In general, all companies must protect critical records from unauthorized access and use backups to guard against possible data breaches. In addition, the GDPR provides for particularly careful handling of personal data.
In addition to compliance and data protection, companies must of course also keep an eye on cybersecurity. Adapted to the protection requirements, there are many ways to protect the digital business processes of companies. The subject of cloud computing is becoming increasingly important. Today, many internal processes can already be monitored or managed on the cloud. With the triumph of Industry 4.0 and the Internet of Things (IoT), the number of networked devices and services will continue to rise. These processes need to be flexibly and reliably protected against malware, malicious traffic, and DDoS attacks.
Guard against cybercrime with Myra
Customized protection solutions, such as the Myra Security-as-a-Service platform, give companies the necessary tools to detect and ward off attacks and attempts at digital manipulation at an early stage. Smart Myra technology monitors, analyzes and filters malicious internet traffic before virtual attacks can do any real harm.