A-Tech-Guide-to-Cybercrime

What is Cybercrime?

Cybercrime is criminal activities committed through computers or over the internet and can occur in different forms, such as viruses, ransomware, DDOS attacks, to name a few. However, most cybercrimes occur daily by cybercriminals or hackers to extort money from their victims or targeted organisations.

This article will briefly look at the different types of cybercrimes and some Best Practices to protect yourself against these threats.

Common examples of cybercrime

Phishing attempts

Phishing is an email-based cyber-attack. Attackers will email their victims and trick them into believing that the email is something they would want or need. Phishing messages may contain attachments infected with malware or links to malicious websites that will require you to enter your personal information. Phishing emails are usually sent in bulk to thousands of random email addresses in hopes someone falls for the scam. Phishing attacks that are targeted at a specific person or organisation is known as Spear-phishing.

Malware attacks

Malware is software designed and created to steal data, damage and destroy computers and computer systems or networks.

Examples of malware

Viruses

A virus is a software designed to disrupt a computer system’s ability to function. Viruses perform specific actions such as destroying data and corrupting operating systems.

Worms

Worms are malicious software that can duplicate and spread to multiple devices within a network. Worms usually infect a PC via a downloaded file. Once downloaded, the worm will replicate and spread regardless of whether the downloaded file has been opened or not.

Ransomware

Ransomware is software designed to gain access to sensitive information and encrypt that information so that the user can no longer access it. The ransomware creator will then demand the user pay a certain amount to receive a key to decrypt the infected files.

Distributed DoS attacks (DDoS)

DDOS or Distributed Denial of Services is a method cybercriminals use to bring down a system or network. DDOS attacks use standard communication protocols to spam a targeted system or network with connection requests. The constant requests flood a system or network with so much traffic that the system becomes overwhelmed and cannot function or communicate as it usually would.

Cybercrime Prevention

There are many ways to prevent cybercrime; below are some ways to do so.

1- Better password practices

A strong password is the most critical aspect to ensure that you are not a victim of cybercrime. Making your password strong by using special characters, numbers, letters and making them longer than ten characters will make it harder for criminals to take advantage.

Passwords like 1234 or your date of birth are easy passwords to crack. Using one password for all your accounts is also not safe as criminals will have access to all your platforms should they manage to get hold of the password.

Use password generators to ensure that you always use strong passwords.

2- Use computers/networks that are secure

Using computers or WIFI networks that aren’t protected by a firewall or an antivirus can pose a threat to your personal information as criminals can attack using these weak points. Antivirus software and firewalls prevent criminals from accessing your computer or device by blocking any suspicious traffic or software on a network or computer. In addition, antivirus software will have to be updated regularly as new virus patterns and malware are being created by criminals every day.

3- Be conscious of how you interact online

Criminals can find so much information about you on social media. Cybercriminals use your information to form a relationship and build trust, and unfortunately, in some instances, your data can be used to commit identity theft. Remember that what’s on the internet stays on the internet forever. So before you post anything, think of how a criminal can use the content you post.

4- Always browse websites that have an SSL certificate

The definition of an SSL certificate as defined by Kaspersky (https://www.kaspersky.com/resource-center/definitions/what-is-a-ssl-certificate) is a digital certificate that authenticates a website’s identity and enables an encrypted connection. You can check if a website has an SSL certificate by the lock icon shown on the URL section of your browser when visiting websites.

5- Keep your OS up to date

Windows, Mac and Linux regularly update their operating systems to fix issues with performance, issues with security and possible faults within the system. Older operating systems can be prone to attacks as the manufacturers do not provide support or fixes for any problems you may face. Operating systems give you the option to keep your system updated automatically, so you don’t have to run updates manually. This ensures that one is protected and doesn’t have to worry about new criminals exploiting your system.

6- Backups

Backups will not prevent any infection from entering your system or organisation, but they will assist with avoiding significant data loss. However, data recovery after most attacks is not always at 100% because the data recovered could have changed minutes after the last backup.

Prevention Is Better Than Cure.

In the previous sections, we learned how to prevent your system/organisation from getting infected. But, of course, it is always better to avoid any infection or attack as it may lead to data loss; this is why backups play a crucial role in any organisation.

Once you or your organisation has been infected, a few actions can be performed. First, it is Best Practice to immediately remove the infected PC from the network, preventing the infection from spreading to other workstations.

Secondly, remove all files relating to the attack or infection. A good antivirus should already assist with this. The antivirus would immediately detect any attack or infection as it arrives on the system and should intercept these files before they can latch onto anything. The antivirus will also block any executable from running. If you are dealing with a ransomware attack, removing the files will remove the ability to decrypt the encrypted files, even after you paid.

Prevention is better than cure as it will have almost no impact on your business while trying to cure an attack or infection might bring your business down for a few days. In addition, the recovery of infected files and data and removing the attacker’s executable files will only add unnecessary expenses.

To conclude, always ensure that your systems and antivirus are up to date. If you do not have an antivirus, be sure to get one. Run regular backups, so if anything does happen, you can recovery real-time data. If you do not have a firewall at your organisation, make sure to get one installed, it might seem costly at first, but it will pay off if there is an infection or attack. Finally, think before you download or open any files you receive. Remember, if it looks suspicious, it is suspicious. You are dealing with criminals, after all.