Welcome to the world of cybercrime and cyber forensics. The cyber attack that happened in the above scenario is ransomware.
Cybercrime, also called computer crime, is the use of a computer as a tool or target for illegal purposes such as hacking, data theft, identity theft, cyberbullying, and cyber harassment.
How do we secure ourselves from cybercrime?
The answer is cyber awareness.
Cyber awareness refers to the awareness of cybersecurity best practices as simple as having a good antivirus installed on computers, not trusting public WIFI, and being aware of scam emails.
Types of cyber crimes:
Have you got an email from a bank asking you to enter account details? Beware, it can be a phishing attack to get your bank credentials.
Phishing is the typical scam mail we receive in daily life; the problem is that the email sometimes appears genuine.
Phishing attacks can be done even through phone calls and SMS, cybercriminals are trying to lure people into giving their hard-earned money by using a technique called social engineering.
According to statistics over 60% of businesses experienced phishing and social engineering attacks in 2019. The increase in phishing and social engineering attacks in 2019 has led to studies reflecting that 63.8% of businesses have been victims of cybercrime.
Imagine logging into your bank website with your credentials but it was not an original website but a fake website. This is pharming. It involves a hacker infiltrating a computer system and installing malicious code that causes website traffic from the system to be redirected to bogus sites developed by the hacker. This is done without the victim’s knowledge or consent.
It deceives the computer system by changing the correct IP address information stored on the computer into different numbers that direct the traffic of the user to undesirable websites. In the case of the victims, because they type in the correct URLs to legitimate websites as opposed to clicking a link in a suspicious email, they are confident that the web pages presented to them are authentic.
On 21st May 2017, malware called ransomware created havoc across the UK it shut down hospital infrastructure all over the UK and uses a leaked exploit first developed by the National Security Agency, as unprecedented in scale more than 200,000 systems were affected.
Elsewhere, organizations hit by the attack included Telefonica in Spain, Renault in France, delivery company FedEx in the USA, and China’s state oil company and railways in Germany. Russia was believed to have most instances of the attack.
Ransomware doesn’t just affect desktop machines or laptops; it also targets mobile phones. In 2015, ransomware in the wild masqueraded as a porn app. The so-called Porn Droid app targeted Android users and allowed attackers to lock the phone and change its PIN while demanding a $500 ransom from victims to regain access.
4. Men in the middle attack
Let’s assume that you are the CEO of a start-up company and you are going to a café and using your laptop to discuss sensitive information such as financial statements with your finance manager, imagine a person is eavesdropping on everything. This is called men in a middle attack.
A man-in-the-middle (MiTM) attack is a type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. The attack is a type of eavesdropping in which the attacker intercepts and then controls the entire conversation.
Cyber crimes have been increasing drastically with the number of devices being used and cyber awareness is the only way to secure ourselves from cybercrime.