Cybersecurity is protecting systems, networks, and programs from digital attacks. These cyberattacks often target unauthorized access to sensitive data, changing, or destroying sensitive information; extorting money from users through ransomware; or interrupting normal business processes.
Cyber Crime
What is Cyber Crime? Just like regular crime, it also exists on the Internet. some examples of Cyber Crime (Identity Theft, Online Predators, BEC ["Business Email Compromise"], Ransomware, Stealing of sensitive intellectual property).
Increasing Crime
Cyber Crime has been increasing regularly every year. and some reasons are Cyber Crime is easy to accomplish, Low risks of getting caught, for little work there is often high returns, Attackers can target thousands of victims, Money laundering is easier with, Cryptocurrencies, Challenges like identity theft can have significant consequences on an individual, causing not only the potential of financial losses but also a lot of personal grief.
The Internet offers many services to facilitate money laundering, usually making it a trivial process. As money is exchanged in cryptocurrency*, services such as tumblers make it hard to track the money.
Tumblers are services which split up cryptocurrency transactions and forward the money through many accounts, with different values, for thousands of people, making them hard to track.
Cyber Criminals
Who are Cyber Criminals? It can be anyone, but some common ones we see in the media all the time. like State-sponsored groups targeting organizations in other countries, Hacking Groups out to target companies to make them pay ransom, or even Kids in their rooms doing illegal hacking.
Catching Cyber Criminals
Law enforcement does, however, have many challenges in tracking down cyber-crime. You might see attack traffic coming in from a system residing in UK, and when taking down this system, you realize it was being remotely controlled by e.g. another system in India. Cooperating with law-enforcements across borders, you might be able to get to the system in India, but only to realize it was again remotely controlled through e.g. Pakistan.
However, law enforcement agencies face many challenges in prosecuting cybercrime. You may see attack traffic coming from a system in the UK, and when you shut that system down, you find that it is being remotely controlled by a computer in India, for example. another system in India. If you are working across borders with law enforcement, you may be able to get to the system in India, but then find that it has been remotely controlled once again, e.g. Pakistan.
Money Making Threats
Driven by Money
There are a few key threats organizations face frequently:
- Ransomware files and systems are encrypted with the attackers' keys and require you to pay money to get your data back.
- Cryptocurrency miners: your systems are infected with a low-profile cryptocurrency mining tool. This tool uses the CPU to try make money on a cryptocurrency for the attackers.
- BEC ("Business Email Compromise"): Users get hacked through all sorts of methods and their emails are compromised. Via email compromise the attackers can intercept communications, for example an invoice, and try to redirect payments to other banks and accounts. There are plenty of ways of making money for cyber criminals, which attracts people and interest.
Value and power
There is value and power in many things related to IT, for example:
Bandwidth can be used to pressure businesses by targeting them with DDOS ("Distributed Denial of Service") attacks. Hacked systems may have sensitive information worth money, for example business proprietary information, online gaming assets, sensitive photographs and pictures.
Attackers can install themselves in browsers and try to hijack online banking use. The potential for criminals to make significant amounts of money within the cyber domain causes more and more criminal gangs and other opportunists to join in on the action and make our lives much harder.
Threatening for Money
Another common attack cyber criminals perform to make money is the act of extortion, that is holding individual’s hostage based on information they have on an individual, trying to make them pay money to be released from the extortion attempt.
Dark Web
The Dark Web (also called The Dark Net) is a network within the Internet which is only accessible using certain software and protocols. The Dark Web has many names, for example Tor Network or Onion Router.
Anyone can access the Dark Web by simply downloading software for it. A popular and very much used browser is the Tor Project's Tor Browser
This is just like any other browser such as Google Chrome or Microsoft Edge, except it can also access special website addresses which ends in. onion instead of .com and such.
Any traffic sent through Tor Browser is automatically anonymized and encrypted via many different hosts. The browser also has built-in protection for many kinds of tracking and de-anonymization features
Access to the dark web**
You can access many fun and interesting websites through this browser, also many which co-exist on the regular Internet. For example, if you access the following URLs in Tor Browser, your communications will be fully encrypted and anonymized inside the Dark Web:
- DuckDuckGo Search Engine
- The American CIA ("Central Intelligence Agency")
- The Hidden Wiki, a collection of links and places to explore
Because of the built-in anonymizing features and encryption, the Dark Net is also a host of many criminal websites, marketplaces and networks.
* Cryptocurrency is money that is represented in digital form instead of physical form. There are many different cryptocurrencies, some are very widely used like Bitcoin, others are smaller and unknown to most people. These currency models rely on strong cryptography and public ledger systems to keep track of transactions and the amount of currency on the market. ** Please be careful when navigating the Dark Net. The above links only work when using the appropriate software.