IT Security - Types of Cybercrime
In recent months, IT Security has been constantly featured in the headlines. Ransomware attacks such as WannaCry and Petya have made world-wide news, suspicions of full-on campaign hacking have occurred in the recent US elections and major data breaches are continuing to happen at an alarming rate. IT Security, now more than ever, is on the forefront of everyone’s mind. Every 3 seconds, somebody’s identity is stolen as a result of cybercrime. We have put together a list of the four most common types of cybercrimes for individuals and organisations with some helpful information on how to prevent them from happening to you.
Data Breaches
A data breach is a result of a ‘hacker’ or ‘cybercriminal’ who successfully gains access to a data source in which they extract sensitive information. Depending on what information was accessed, data sources can be very valuable to hackers. Fraud, duplicating credit cards, identity theft and blackmail can be used to generate revenue from victims. This can be applicable to both individuals and businesses alike and more and more of these attacks occur every day.
Tips to prevent a data breach
Always be suspicious of unexpected emails, anything with urgent requests for personal information or links to unknown websites should be avoided at all costs. Check your credit reports once a year to make sure everything balances correctly and that there are no loans that you did not take. From an organisational perspective, make sure your employees only have access to the data that they need. Cyber criminals can only steal data that an employee has access to. It is important for your employees to understand proper data disposal techniques as sensitive information can still be hidden in files in their computer. Safeguard the security of the network by utilising a corporate or personal VPN, this ensures all the data that is being utilised is appropriately encrypted at the source.
Ransomware
Ransomware is a type of cyberattack that involves hackers taking over control of a computer and blocking access to the whole system unless a ransom is paid by the victim. To gain access to a system hackers need to download a type of malicious software onto a device within a network. This is usually done if a victim clicks on a link from an unsafe email or website. Once the software is on the victim’s computer the ransomware can forcefully shut down any other computers on the same network, potentially leading to catastrophic results, especially from an organisational perspective.
Tips to prevent a ransomware attack
The best way to combat against a ransomware attack is to take preventative measures to keep the threat as far away as possible. The most important thing is to make sure that the operating system you are using is fully up to date. Malware authors find computer users, specifically who are running out-dated versions of operation systems because they are seen as easy targets. Without the latest update operating systems can be vulnerable and easily exploited. It is also recommended to install a reputable security suite, use something that includes both an anti-malware and a firewall which will help shut down the problem at the source. It is also very important to regularly back up your data. Microsoft has previously stated that backing up your data is the best defence against ransomware.
DDoS attacks
There are several different Distributed Denial of Service methods and attacks that hackers can use to compromise websites including the Handshake method and the UDP method however the most popular is the “distributed denial” method. DDoS occurs when too many requests to visit a server or website in real time overloads the server. As a result of the constant requests, usually from compromised computers which can be spread throughout multiple regions can freeze the server and lead to a website crash. For a DDoS to occur, the number and frequency of the connection attempts need to be of more bandwidth than the server can handle. There are many motives for conducting a DDoS attack such as ransom, anti-competitive business practises and hactivism. These types of attacks are more focused towards organisations, governments and NGO’s rather than individuals.
Tips to prevent DDoS attacks
DDoS attacks are hard to prevent but having more bandwidth can help reduce or even prevent attacks. This means purchasing more from your website provider which oftentimes does not come cheap. Some organisations employ a method known as distributed data movement which spreads out your server to different datacentres that respond to requests in parts. These data centres usually mean they are on different networks which have diverse paths. Certain ISP’s can offer DDoS mitigation services that will help organizations respond in the wake of an attack. Even ISPs that don't have a formal DDoS mitigation product should be able to specify the type of assistance they would provide to their customers in the event of a DDoS attack.
Malware
Malware is known as the use of malicious software with an aim to harm or compromise targeted computers, mobile devices or cloud-based solutions. Malware can refer to a variety of forms of hostile or intrusive software, which include computer viruses, worms, Trojan horses, ransomware, spyware, adware, scare ware and many other types of malicious programs. The main purpose of malware is to steal personal, financial or business information from the victim, which could be either an individual or an organisation.
Tips to prevent Malware
Malware can run in the background and be present on your system without you even knowing. It is very important to install a reputable anti-virus/malware software and to keep it up to date. It is recommended that you run regular scheduled scans with your anti-virus software and keep your operating system up to date. Microsoft provides a security package for free for windows users which many don’t know about, however it offers solid protection. The usual online safety rules still apply when trying to prevent malware, just take general care online and be vigilant. Think before you click on unknown links or on websites, don’t use open Wi-Fi no matter how tempting it may be, make sure to back up your files and always use strong passwords and never have just one password for everything.
