CYBER CRIME
References:
- http://www.dailymail.co.uk/home/moslive/article-2260221/Cyber-crime-Your-currently-targeted-criminal-gangs-looking-steal-money.html
- http://www.interpol.int/Crime-areas/Cybercrime/Cybercrime
- http://www.crime.hku.hk/cybercrime.htm
- http://www.faronics.com/news/blog/7-types-of-cyber-criminals/
- http://www.itp.net/586180-uae-faces-high-rates-of-cyber-crime
- http://vnexpress.net/gl/kinh-doanh/quoc-te/2013/03/my-mat-nhieu-trieu-usd-vi-website-tai-chinh-bi-tan-cong/
1/ General knowledge of cyber crime
1.1/ Definition
There
are many ways of defining cybercrime in which we find the two following definition the most
suitable:
“Cybercrime
is one of the fastest growing areas of crime. More and more criminals are
exploiting the speed, convenience and anonymity that modern technologies offer
in order to commit a diverse range of criminal activities. These include
attacks against computer data and systems, identity theft, the distribution of
child sexual abuse images, internet auction fraud, the penetration of online
financial services, as well as the deployment of viruses, Botnets, and various
email scams such as phishing”
“Cybercrime
is criminal activity done using computers and the Internet. This includes
anything from downloading illegal music files to stealing millions of dollars
from online bank accounts. Cybercrime also includes non-monetary offenses, such
as creating and distributing viruses on other computers or posting confidential
business information on the Internet.”
1.2/
how we can encounter this kind of crime
Cyber
attacks still often begin with your PC being infected with a virus.
These
are spread in familiar ways – usually by email – but the attacks are often now
cleverly disguised as invoices or even as deliveries scheduled to arrive at a
home address.
Once
a victim clicks a link or opens a document with invoice details, the infection
has begun.
One
in ten infections also now come via Facebook. Attacks often spread as videos
that fail to play, instead popping up with a message that you need to ‘upgrade
your video player’.
If
you click the link malicious software invades your computer.
Criminals
will harvest passwords and bank details, and ensure that they remain
undetected. Then the stealing will begin in earnest.
1.3/
types of cyber crime
There
are many ways of categorying cybercrime of which we find the following devision
easy to understand and remember most:
1)
Script kiddies: A wannabe hacker. Someone who wants to be a hacker (or thinks
they are) but lacks any serious technical expertise. They are usually only able
to attack very weakly secured systems.
2)
Scammers: Your email inbox is probably full of their work. Discount
pharmaceuticals, time-shares, personal ads from available women in Russia…sound
familiar?
3)
Hacker groups: Usually work anonymously
and create tools for hacking. They often hack computers for no criminal reason
and are sometimes even hired by companies wanting to test their security.
4)
Phishers: Gotten an email recently claiming your bank account is about to
expire? Don’t fall for these jerks. They want your personal information and,
most likely, your identity, by directing you to a phony websites.
5)
Political/religious/commercial groups: Tend to not be interested in financial
gain. These guys develop malware for political ends. If you think this group is
harmless, think Stuxnet. The Stuxnet worm which attacked Iran’s Atomic Program
of Its Nuclear Facilities was believed to be created by a foreign government.
6)
Insiders: They may only be 20% of the threat, but they produce 80% of the
damage. These attackers are considered to be the highest risk. To make matters
worse, as the name suggests, they often reside within an organization.
7)
Advanced Persistent Threat (APT) Agents: This group is responsible for highly
targeted attacks carried out by extremely organized state-sponsored groups.
Their technical skills are deep and they have access to vast computing
resources.
2/ The situation of cybercrime nowadays
*
The global cost of cybercrime is greater than the combined effect on the global
economy of trafficking in marijuana, heroin and cocaine, which is estimated at
$388bn, a new headline-grabbing study reported.
The
Norton Cybercrime Report puts the straight-up financial costs of cyberattacks
worldwide at $114bn, with time lost dealing with the crime adding the remaining
$274bn, while the global black market in the three drugs costs $288bn.
Every
second, 14 adults become the victim of some sort of cybercaper, adding up to
over a million victims every day, the report from Norton-maker Symantec said,
with young men who access the web on their mobiles the most likely victims.
But
despite the large number of victims, people aren't doing enough to stop it for
themselves. Although 74 per cent of people say they're aware of cybercrime, 41
per cent of them don't have up-to-date security software and 61 per cent don't
use complex, regularly-changing passwords.
The
most common cybercrime issues are malware and viruses, which have affected 54
percent of those surveyed, with online scams second (11 per cent), and phishing
catching 10 per cent of adults out. Cyber-villainy is also on the up on phones,
with 10 per cent of adults having been victims of an attack on their mobile,
according to the study. The study surveyed almost 20,000 people in 24
countries. ®
*
Over half of all UAE internet users, 1.4 million people, have been a victim of
online crime in the last 12 months, according to a survey sponsored by Norton
by Symantec and conducted by Strategy One. The total number of internet users
in the UAE is 2.55m. The figure for people becoming victim to cyber-crime is
high for the UAE, according to Tamim Taufiq, head of Consumer Sales MENA,
Symantec, because of a lack of education in the region about cyber-crime.
Globally,
44% of online users have been victims of cyber-crime over the last 12 months.
(September 18, 2011)
Despite
the high rates of cyber-attacks in the UAE, only two out of every ten people
affected by a cyber-attack will report it to the authorities, while over half
of respondents in the UAE revealed in the survey that they don't have
up-to-date security software to protect themselves and their personal
information online and only a very small amount of respondents, 8%, said they
had security software on their mobile phones to protect them against attacks.
3/
The solution to cybercrime
These
are some ways that will help you advoid being hacked:
1.
USE DIFFERENT USERNAMES
The
sheer number of passwords and usernames required to live a normal online life
mean that people often recycle. Cyber criminals can simply use Google to ‘join
the dots’, connecting them across all the different online worlds they live in.
Fewer usernames makes finding a ‘way in’ far easier.
2. DON'T RE-USE YOUR EMAIL PASSWORD
Your
email password is the ‘key’ to all your accounts – if hackers want to access
your Facebook account, say, they can reset it via your email. Even if you DO
reuse passwords, the one that you should never reuse is your email password. If
you do, you’re handing out the keys to be breached, giving hackers access to
the information they’ll need to hack your bank account and other networks you
use.
3. DON'T ADD STRANGERS AS FRIENDS ON FACEBOOK
Facebook
is full of information that can be useful to hackers – including the names of
family members, addresses and email details that can fill in crucial ‘blanks’
for identity theft. People still ‘friend’ people they don’t know – not
realising they are handing over the ‘keys’ to their online life.
4. DON'T BE FOOLED BY 'CRIES FOR HELP'
Some
of the most effective attacks are ‘cries for help’ from friends – such as
emails saying that someone is stuck abroad and needs money sent by wire
transfer. The emails are actually spam, sent by email from a compromised
machine. If it’s someone who travels a lot and their email is hacked, it’s more
convincing when you get an email saying that they are stranded abroad and need
money. All the hackers need is one person to respond for it to have been worth
their while.
5. BE WARY OF ‘FUNNY’ LINKS
Facebook
links are often used by cyber criminals – with ‘funny’ videos designed to con
people into clicking a link that will infect their machine. Often a ‘video’
link will try to fool people into visiting an infected site or downloading
something in the guise of video software. Your only defence is to think, ‘Would
my friend really post that?’ So be careful about people you only half-know.
6. BE CAREFUL ON PUBLIC WI-FI
Laptops
and phones both ‘remember’ Wi-Fi networks they ‘know’ – so hackers can use this
to break in. It can be hard to tell whether a network is real – or is being run by a hacker who wants to steal
your details. If you’re going to use public networks for business, use a laptop
because the browser will warn you of security breaches – your mobile won’t.
7. DON’T TRUST PEOPLE YOU DON’T KNOW
Security
experts recommend doing an ‘offline test’ – ie, would you do the same thing if
you were offline? If you are chatting to someone online and you tell them
something, would you have handed the same information to someone you were
chatting to in a bar? In a bar, you at
least know who you are chatting to – online, you can never know whether someone
is who they claim to be.
8. USE ANTIVIRUS SOFTWARE
Antivirus
software is not a Holy Grail but it helps you to deal with known problems –
although machines can still fall victims to new attacks, and will be easy prey
until the antivirus companies respond to the attack.
9. USE EXTRA PASSWORDS
‘Two-factor’
passwords, such as a password plus a secret code where you only hand over one
or two letters at a time, offer an extra layer of security. Many sites offer
this as an option, but people tend to resist except when they’re made to do it
– eg, by their bank. Other banks provide customers with a device that uses your
password to generate a random code number that allows access to your account.
TRỊNH XUÂN THỦY - CT38B - HỌC VIỆN NGOẠI GIAO
Nguồn: Đào Tuấn Ninh - CT38B - Học viện Ngoại giao
Không có nhận xét nào:
Đăng nhận xét