We dwell in a rapidly growing connected world, from the banking sector to government infrastructure, from the data center to your home’s computer. Protecting these networks is no longer optional. Technology is evolving daily with a high increment rate. While it brings huge benefits, it can also be an evil tool to cause havoc.
In today’s world, half of the globe’s population use the internet; browsing websites, communicating with people online, buying stuff from e-commerce websites, backing up valuable data to cloud server storage, carrying out money transactions, operating businesses and many more. One negative aspect of leading a digital life is becoming a victim of cyber-crime, cyber-attacks taking place daily in this “webbed” world. We all face cyber attacks, directly or indirectly, but most of the time we remain in denial. Companies, governments, and IT security firms recruit cybersecurity experts, better known as white-hat hackers, to fight against devastation-causing cyber attacks and protect a commercial organization, a nation, or any other domain that constitutes a node in a network.
What is Cybercrime? #
Cybercrime is any illegal activity that is carried over a computer or network-connected device, such as a mobile phone.
Every system on a network is vulnerable to it
Internet of things (embedded computers in everyday objects connected via the internet), automated home with smart appliances (such as a refrigerator, microwave oven, air conditioner), petrol stations, nuclear centrifuges, and unmanned aerial drones, all fall under the prey list of cybercrime.
Basically, the advantages that a cybercriminal gets are vulnerabilities (weakness in the design or a bug) in a software or hardware that they exploit to perform attacks, and unintentional decisions made by a person using software helps them to bypass security. Research tells that the latter happens the most.
There are two ways in which cyber-crime is committed:-
- The computer as a target: Using a computer to attack other computers. e.g. Hacking, Virus/Worm attacks, DOS attack, etc.
- The computer as a weapon: Using a computer to commit real-world crimes. e.g. Cyber Terrorism, IPR (Intellectual property right) violations, Credit card frauds, EFT (Electronic funds transfer) frauds, Pornography, etc.
Cybercrime causes social, mental, financial, and personal damage to a victim.
What are the types of Cybercrime? #
- Online Identity Theft:- One of the most common types of cybercrime where a person purports to be some other person, with a motive to create a fraud for financial gains. Stealing identity information such as credit card info, address, email ID, bank credentials. The common technique followed is phishing.
- Injecting Viruses and Malwares:- Binding viruses and malware with files (can be audio, video, software-setup file). Hackers also webjack websites and insert malware into them.
- Ransomware Attacks:- Most dangerous and feared type of malware. Locks your computer and encrypts all data in it unless a ransom is paid. Recently, the world faced some high-profile ransomware attacks – Wanna-Cry and Petya.
- DDOS Attacks:- Multiple compromised systems (botnets), often affected by Trojans or worms, are used to bombard an online service with overwhelming traffic requests from multiple locations and sources. That results in a Distributed Denial of Service attack on the victim.
- Spamming:- Sending unsolicited junk messages in bulk over the internet to a large number of users, for the purpose of advertising, phishing, spreading malware, etc. We all receive hundreds of spam emails, text messages, and calls monthly.
- Malvertising:- Unintentional downloading of malware by simply clicking on some advertisements on any website that is infected. Malvertising villains inject malicious codes into the website.
- Cyber Stalking and Bullying:- Harass an individual, a group, or an organization in a repeated and deliberate manner using the internet. It may include blackmailing, false accusations, and defamation.
- Child Pornography:- Federal law defines child pornography as any visual depiction of sexually explicit conduct involving a minor (less than 18 years old). 50% of websites retain this category of cybercrime.
- Click-jacking or User Interface redress attack:- Tricking a web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential data or taking remote access of their computer while clicking on seemingly harmless websites. Examples can be found here.
- Hacking:- Any unauthorized access to or control over a computer network security system for some illicit purpose. It can be done by exploiting vulnerabilities or by sending malware.
Hacking is an art of exploitation.
- Data Diddling:- Unauthorized altering of data before or during entry into a computer system, and then changing it back after processing is done. Example:- Inside a database, holding accounting data of an enterprise, one may change data using this technique about themselves or someone else showing that they are paid in full.
- Software Piracy:- Illegal copying, distributing, downloading or use of software, disregarding copyright laws. 60% of computers run pirated software.
- Cyber Terrorism or Cyber War:- According to the U.S. Federal Bureau of Investigation, cyber terrorism is any “premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents.” It is designed to cause physical violence or extreme financial harm. According to the U.S. Commission of Critical Infrastructure Protection, possible cyber-terrorist targets include the banking industry, military installations, power plants, space stations, satellites, air traffic control centers, and water systems.
Healthy habits to follow to stay safe #
Safer You, Safer World
- Educate yourself. Every Internet user must have basic knowledge of the Internet.
- Change your Internet surfing habits. Be careful.
- Never ever share any kind of unique codes or numbers with anyone. Such as,
- Passwords and OTPs
- Aadhaar card number
- Passport or Driving license number
- Credit card or Debit card details
- Don’t save credit/debit card information on any website.
- Install security software. I recommend Quick Heal (Paid. Never use pirated anti-virus software). Run regular scans.
- Always update your installed software to the latest version. This patches the bug in the previous version.
- Use smart and safe browsers such as Google Chrome or Mozilla Firefox.
- Configure Firewall.
- Configure OS/Browser security and privacy settings properly.
- Choose strong and different passwords for all of your online accounts.
- Turn off GPS and Bluetooth when not in need.
- Don’t click on any pop-ups or ads claiming free offers at websites.
The old saying “there’s no such thing as a free lunch” still rings true today.
- Try to avoid using public Wi-Fi hot-spots.
- Enable Two-step verification wherever possible.
- Click only on links/URLs you know are safe.
- Try to ignore emails from unknown senders, don’t open them.
- To avoid unwanted calls and messages on the phone, activate DND. Call 1909.
- Expand short URLs before opening them. It may redirect you to some harmful websites.
- Only shop online on secure websites.
- Double-check Plugins/Login gateways/Apps asking you to authorize it with your social media account.
- Don’t accept unknown Friend/Follow/Invitation requests in social media.