

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
You can learn a lot for this topic
Typology: Study notes
1 / 3
This page cannot be seen from the preview
Don't miss anything!


Cybercrime is broadly defined as any illegal activity that involves a computer, another digital device or a computer network. Cybercrime includes common cybersecurity threats like social engineering, software vulnerability exploits and network attacks. But it also includes criminal acts like hacktivist protests, harassment and extortion, money laundering, and more. Cybercrime targets both individuals and companies. Typically, attackers target businesses for direct financial gain or to sabotage or disrupt operations. They target individuals as part of large- scale scams, or to compromise their devices and use them as a platform for nefarious activity.
The US Department of Justice identifies three types of cybercrime in situations where:
In 2013-2016 , Yahoo experienced a data breach which resulted in the theft of 3 billion user accounts. For some of these accounts, the attackers got hold of private information and passwords, which could be used to access user accounts in other online services. Much of this data is available today, either free or for a price, on the dark web. In 2014 , US retailer Home Depot’s point of sale systems were breached. Attackers stole 50 million personal credit cards, and for some time any credit card swiped at Home Depot stores was captured and its details compromised by the attackers. In 2016 , the largest ever distributed denial of service (DDoS) attack took place, which used over 1 million connected devices in the Internet of Things, which were compromised by the attackers due to software vulnerabilities. The attack caused outages in the global domain name system (DNS) and popular services including Twitter, Netflix and PayPal. In 2017 , the WannaCry attack, allegedly launched by North Korea, unleashed a type of ransomware which not only locks down content on user devices, but also rapidly spreads itself. WannaCry infected 300,000 computers around the world, and users were asked to pay hundreds of dollars to decrypt and restore their data.
The following vectors are the primary methods cyber criminals use to conduct criminal activity: o Botnets —a botnet is a network of computers that attackers infected with malware, compromised and connected them to a central command & control center. The attackers enlist more and more devices into their botnet, and use them to send spam emails, conduct DDoS attacks, click fraud, and crypto mining. Users are often unaware their computer is being used as a platform for cybercrime. o Ransomware and other malware —Ransomware is malware that encrypts data on a local machine and demands a ransom to unlock it. There are hundreds of millions of other types of malwares that can cause damage to end-user devices and result in data exfiltration. o Phishing and other social engineering attacks —phishing involves sending misleading messages via email or other channels, that cause internet users to provide personal information, access malicious websites or download malicious payloads. o Fraud and identity theft —fraud is the theft of funds by an attacker pretending to be the owner of an account, or using stolen cards or credentials. Identity theft is a related concept, and involves compromising a user’s online accounts to enable an attacker to perform actions in their name. o Flood attacks —most modern flood attacks are DDoS attacks, which leverage a botnet to hit a website or organization with massive amounts of fake traffic. Flood attacks can be targeted at the network layer, choking an organization’s bandwidth and server resources, or at the application layer, bringing down a database or email server for example. Browser hijacking —attacks like cross site scripting (XSS) can cause malicious code to run in a user’s browser. This can result in session hijacking, drive-by downloads and other illicit activity carried out in the user’s browser without their consent.
As a business, your best bet against cybercrime is to prepare a solid incident response plan. Often planning is not enough — you should have the security staff and tools in place to execute it. An incident response plan, according to the SANS framework, includes: