General security

Cyberspace : A Fast-growing Area of Crime

Caught in a growing Internet community, many users have already seen the downside of being dependent on the web for many daily activities. Many may have been victim to a virus or Trojan; this malicious program often hides on web servers, system machines and within files or folders and can degrade PC performance, disrupt services, wipe data from victims' systems and/or spread to others' computers. Other end users have faced other security threats from hackers' attacks and attempts of surpassing firewalls and carrying out data breaches and identity theft. Malicious hackers are increasingly utilizing clever methods to make computers do things they want, like steal, corrupt, or illegitimately view data.

As people become more socially and economically dependent on Internet-connected computers, the need to manage, control and protect all systems, from standalone to network resources to removable devices that operate in the critical infrastructure of cyberspace, grows. Criminal offenses that are being committed over electronic communication networks and information systems are often aided by new computer technology, systems, devices and platforms that have led to uses of computers that could only be dreamt of some years ago.

This article talks about cybercrime - one of the main threats to the digital economy - and concentrates on the increasingly important role of computer users for cyber defense. It explores ways of fighting cybercrime and cyber-attacks, which has seen an increase in recent time. With many organizations now eager to leverage cloud solutions and embrace mobile computing, a fundamental shift in focus is required.

The article also aims at surveying types of technology-enabled crimes that can affect anyone connected to the cyberspace. It discusses new trends and what could be societal responses to cybersecurity threats at the individual, enterprise and national levels.

Cyberspace Security

Cyberspace has become an ideal place for criminals to remain anonymous while preying on victims. As the number of cyberspace users increase, so do the opportunities for exploitation and the need of protecting computers, networks, digital applications, programs and data (i.e., sensitive business and personal information) from unintended or unauthorized access, change or destruction. The Department of Homeland Security (DHS) affirms that there is a range of traditional crimes now being perpetrated through cyberspace.

Criminals hide in the net to perpetrate quite effortlessly crimes that, in earlier times, required physical travel and a more direct involvement. As the cyberspace is recognized as a critical domain for conducting everyday distant operations, unfortunately, it has also become a ground for cyber-terrorism and menaces of cyberwar attacks. Cyberterrorists may use various forms of computer-related abuse tactics (e.g., hacking, cracking, phishing, spamming) to accomplish their personal or politically-motivated goals.

However, countries and governments are not the only targets of cyber criminals. Businesses are not safe either; vital corporate data and industrial secrets can be stolen from adversaries, for example, with cyber espionage; in the past, some attempts have come from countries including China and Russia. In fact, the financial sector is one of the most targeted in recent times and has been the theater of attacks that have often captured the interest of the media.

Recent news, for example, report of a large operation conducted in Europe against a multi-national organization operating in Italy, Spain, Poland, Belgium and the UK. Cyber criminals were able to infiltrate malware in the systems of some large European companies and route money to bank accounts they controlled: a $6.8 million business. EC3, the Europol's European Cybercrime Centre, discovered that the organization was operating from Cameroon, Nigeria and Spain through an impressively efficient money laundering system. Cybercrime has really no borders and boundaries.

In recent years, "information warfare," a new form of terrorism, has captured the attention of information security specialists; terrorists might tamper with computers to commit information-based threats to nations, to businesses, and to individuals.

Economic Impact of Cybercrime

Cyberspace is vulnerable to a wide range of risks, affirms the DHS Cyber Security Division, saying it brings substantial human and economic consequences. All computers users are at risk of Internet crime. According to the Norton Cybercrime Report for 2011, "1m+ adults become cybercrime victims every day." As per a study jointly conducted by McAfee and the Center for Strategic and International Studies in June 2014 (Net Losses: Estimating the Global Cost of Cybercrime), computer-related crimes may cause as much as $400 billion in losses annually, while cyberattack-related losses could be as much as 575 billion. However, arriving at an estimate for the financial losses suffered because of cybercrime is difficult because many instances simply go unreported.

Cybercrime can mean incredible losses for businesses, but is a great deal for perpetrators. Trustwave's "2015 Global Security Report" estimated that the average cybercriminal has a 1,425 percent return-on-investment (ROI). These figures can definitely explain the proliferation of attacks.

Cybercrime Trends

In a world where information and communications technology (ICT) that provides the means so people can work with each other electronically in a digital form over great distances, cyber threats are of great concern. Though it is difficult to keep up with the changes as ICT is constantly evolving, an understanding of the concepts and technologies for achieving confidentiality, integrity, authenticity, and privacy protection for information processed across networks is paramount.

Cybercriminals often use 'bots' – a network of software robots – to infect and control networks and control them remotely for malicious purposes. From phishing and devious social engineering efforts to using spyware tactics, an invader can carry out an attack on specific targets, exploiting zero-day vulnerabilities, upload malware on certain platforms, if not collect information and gain access to systems for other purposes. In fact, botnets are often used to spread remote code execution malware. Coming familiar with botnet cyber threats (i.e., how they work and spread malicious code infecting each host and then propagate into the network) is vital to preventing the botnets from the beginning.

Examples of botnet attacks are easy to find. The GameOver Zeus botnet (a sophisticated type of malware designed specifically to steal banking and other credentials from the computers it infects) that occurred in 2014, according to the FBI, it was believed to be responsible for the theft of millions of dollars from businesses and consumers in the U.S. and around the world.

As per the FBI, "Unlike earlier Zeus variants, GameOver has a decentralized, peer-to-peer command and control infrastructure rather than centralized points of origin, which means that instructions to the infected computers can come from any of the infected computers, making a takedown of the botnet more difficult. But not impossible."

The growth of the use of cloud computing and the Internet of Things (IoT) is contributing greatly to the problem. According to Security Expert and bestselling author, Marc Goodman, in fact, the number of devices connected through the Internet is growing exponentially, and security is an issue: the average IoT, he estimates, has over 20 security vulnerabilities, a number that poses serious concerns.

Another alarming trend, according to Goodman, is the new cybercriminals' profile, who, in most cases, are no longer teenagers looking for glory, but consummate professionals that choose cybercrime as a profession and can sell services. The new breed of malicious hackers is made of more sophisticated criminals who can actually operate within highly organized establishments.

In addition to more specialized hackers, computer software is increasingly been used to perpetrate cybercrime. Crimeware-as-a-service is a new option for criminals without particular technical skills who can carry out their agenda by using off-the-shelves products designed for that purpose. Defending ourselves from this new, decentralized, and pervasive cybercrime is a daunting task.

Cybercrime and Proactive Defense Measures

There is no arguing, "Cybercrime is a global problem." With the ability to connect anything and everything to the Web, cybercriminals exploit the inherent connectivity when and where they like. When it comes to Internet crime, there are all sorts of law-breaking offenses committed that range from identity theft and fraud to unethical hacking, illegal downloading of media, online harassment (e.g., cyberstalking, cyberbullying, to include sexting, child soliciting and abuse), among others. Recurring crimes include sending malicious software to disrupt a network or gain access to a system with the motive to steal sensitive information or data, if not to cause damage to system software. Laws and regulations vary across the country. (See, for example, U.S. state-specific computer crime laws.)

Users are called upon to be the first line of defense and help reduce cyber risks and data compromised by hackers through proper use of their computer, mobile phone and other devices. A Trustwave study showed how 81% of victims they surveyed did not detect breaches in their systems but were notified by external entities. The Verizon's 2015 Data Breach Investigations Report further found that, in 66% percent of the cases they analyzed, it actually took a few months to discover the crime. Situational awareness, then, is one of the key areas of cyber defense and is invaluable when coupled with monitoring and malware analysis from IDS alerts and log files gathered by those in the field. In 60% of the cases, it only took a few minutes for cybercriminals to cause damage to the organizations they attacked, so it is important that everyone in an organization is always looking for anything suspicious in the way their systems behave. Even DHS has created an ongoing cybersecurity awareness campaign Stop.Think.Connect. launched on October 4, 2010 to help people to understand the risks that come with being online.

Despite IDS/IPS technologies being deployed, only a small percentage of IT decision makers are truly confident that these devices alone will work against a cyber-threat; therefore, they are still seeking alternative solutions, mentioned Tara Seals, US/North America News Reporter, Infosecurity Magazine, in a recent post. Seals explains also the importance of perimeter-based cyber-security models – characterized by a multi-level approach involving firewalls, anti-virus software and powerful analytic tools searching for anomalies in network behavior across the enterprise – to protect against threats (or to reduce the damage they can cause), as they continue to evolve rapidly.

How can end-users defend systems? Again, users play, now more than ever, an important role in securing systems and devices. Security comes down to users' (individuals, businesses, and organizations) role in use of information assurance (IA); it said to be a top priority in securing information, including its associated systems and resources.

It is important to build IA into IT systems for computer security and information protection to help mitigate risks from hackers. This method involves the principles of data protection, network security, and computer systems architecture. It deals with theory and topical issues of the design, development, implementation, operation, and management of secure information systems.

End users must integrate cyber risk management into day-to-day operations. Some form of security training to learn about occurring threats and attacks weakening the cyberspace infrastructure must be always in place. When it comes to managing information risk and security cloud, mobility and related technologies, one ought to reduce risks within and across all critical infrastructure sectors. For example, by developing an incident-response plan to use after a cyberattack, whether starting anew or building on an existing effort, can help ensure that minor events do not escalate into major incidents.

In addition, as Trustwave's vice president of managed security testing, Charles Henderson, emphasizes, a possible line of defense is making sure that the cost of attacking an organization is simply prohibitive for a cybercriminal. Requiring an effort and cost that does not yield a proper ROI could be the best answer to threats.

The Internet, as many already know, is a network of networks comprised of computers, servers, routers, switches and transmission channels that allow this critical infrastructure to work. As new devices are connected, security experts are now faced with a novel type of breaches. With the Internet of Things (IoT), the focus must switch from securing only systems to ensuring the protection and proper use of all devices now interconnected (cars, mobile devices, power meters…).

As John Greenough, a Research Analyst for Business Insider Intelligence, mentioned in a Business Insider UK post, many "consumers, businesses, and governments recognize the benefit of connecting inert devices to the internet [but] are hesitant to use [IoT] as security problems are still an issue. At present, the IoT lacks a common set of standards and technologies that would solve the most pressing security concerns," he says.

"[IoT] presents a significant challenge in fending off the adversary given the expanded attack surface," said Mike Armistead, vice president and general manager, Fortify, Enterprise Security Products, HP, in response to the report titled "Internet of Things Research Study." Due to the global nature of IoT, it is important to increase the level of harmonization of data protection, he says, noting technological safeguards like the use of strong encryption and authentication methods to achieve the goal of strengthening data integrity.

Information security policies are an excellent way to ensure everybody in an organization is on the same track. This policy should state who is allowed access across the network both inside and outside, how services are to be routed in and out of the network, and whether they are acceptable traffic in the network. An information security policy tends to differ from company to company and there are different national cyber-security policies and strategies state to state.

It is important to adopt a strict usage policy within the workplace and deploy devices that can block intrusive network traffic. It does not take a cybercrime mastermind to know that P2P file sharing that allows users to share files online, and is now an unavoidable part of Internet life, is at risk of system compromise. Cybercriminals are constantly scanning the Internet for vulnerable computers where they may be able to gain control, use a rootkit to modify data, hide malware, explains Mindi McDowell. In an article about the "Risks of File-Sharing Technology," she and other authors point out the importance of utilizing a firewall in blocking all malicious activity. Yet, firewalls alone are not enough to protect an interconnected network from intrusion. So, intrusion protection sensors are needed to detect security breaches that originate inside the firewall.

Combating Cyber-crime: Initiatives, Partnerships and Governments' Response

With potentially disastrous consequences for the whole computing society, cybercrimes committed on a mass-scale and at a great geographical distance are quickly becoming a fast-growing area of concern, says INTERPOL, which is the world's largest international police organization, with 190 member countries. They have formed global partnerships for cyber-solutions; their interests focus on efforts for actionable digital intelligence disseminated across web communication channels to ensure the integrity and confidentiality of data transmission. The goal is to have a network where any computer with an ISP can establish a connection 'for a safer Internet, for a safer world'; this is INTERPOL's mission.

Their efforts to confront cybercrime and other emerging crime threats is crucial and requires developing a truly global cybersecurity strategy, said Noboru Nakatani, Executive Director of the INTERPOL Global Complex for Innovation (IGCI). He told during an international conference on counter-terrorism and security issues, "the Global Security Asia 2013 conference in Singapore," that International cooperation is key to fighting cybercrime. The creation of the IGCI, a cutting-edge research and development facility for the identification of crimes, Nakatani says, may effectively tackle cybercrime threats.

INTERPOL President Mireille Ballestrazzi agrees that the growing threat of cybercrime requires global, coordinated, and innovative solutions to improve international cooperation with regard to the Internet, which he says requires a joint, collaborative effort in strengthening the security and resilience of cyberspace. Ballestrazzi goes on to say legislative harmonization is important because no country can fight cybercrime on its own. He recommends an improved governance of cyber space and information security regulations at national and international levels, so that it will work in most territories.

Cyberspace contains no borders, either physical or virtual; thus, it is a challenge to locate criminals and hold them accountable. INTERPOL and its partners work on increasing awareness to educate society about the ways of protect themselves from becoming victims of cybercrime. Players such as Europol are deeply concerned about how the Internet has changed criminal activity in Europe, alongside America, said Europol Chief Rob Wainwright at the Global Conference of Cyberspace in The Hague on April 16, 2015. He believes cybercrime presents a major challenge for law enforcement that still lacks the response capability required by new cybercrime scenarios; a new international strategic and operational partnership is necessary to prevent online criminality and attacks on electronic networks. Wainwright hopes the recent launched Global Forum on Cyber Expertise (GFCE), which is designed to serve as a platform for countries to share expertise in the fight against cybercrime, will bring together the experiences of a wide online community able to tackle the issues in the field of cyber security, cybercrime, data regulation and e-development. The GFCE is a campaign for strengthened international cooperation on Internet freedom, safety, and security affairs.

In the U.S., President Barack Obama's New Cybersecurity Legislative Proposal calls on Congress to take urgent action to combat cyber-threats at home and abroad; this is because the reality is that cybersecurity is an international issue. The nation's cybersecurity foundation aims to transform into an assured and resilient digital infrastructure for the future. Meanwhile, the creation of the Cyberspace Policy Review offers a way to assess U.S. policies and structures for cybersecurity, while developing public awareness of security-related cyber matters. With cybercrime looming, such a policy aims to lay the groundwork for future cyber efforts before more events unfold and materialize.

Conclusion

In a world where not enough people take PC security seriously, cybercriminals are taking advantage of weak security measures and users' oversights. The changing cyberspace landscape has IT professionals concerned about the amount of companies today that have serious gaps in their security program. Many of them actually lack confidence in their own cyber defenses; in fact, a recent
survey from EiQ Networks notes that many of the companies surveyed report of their IT infrastructure is "not well protected" and is vulnerable to advanced persistent threats (APTs). Vijay Basani, chairman, president and CEO of EiQ Networks, says in today's heightened threat environment, "companies need to adopt a multi-pronged comprehensive security program that addresses vulnerabilities related to people, process, technology and culture."

Basani, along with many other security advocates, say fighting cybercrime is a shared responsibility. Having each user responsible for controlling access to their system resources can enhance the network's security. With cyberspace playing a large part of our lives every day, common users (and not just cybersecurity professionals) ought to know how to protect our nation's critical cyber-assets from the dangers of Cybercrime. That is what National Cyber Security Awareness Month (NCSAM) — observed in October — is all about! NCSAM is a campaign that brings together users' committed to a common goal– this year's theme is 'Our Shared Responsibility' – to get everyone onboard as there is a need for improved monitoring, reporting and sharing of cybercrime-related data in a standardized global-wide manner. A greater understanding of the problem of cybercrime and the responses to it can really make a difference.

References

Carman, A. (2015, June 9). Study: Cyber criminals' ROI exceeds 1000 percent. Retrieved from http://www.scmagazine.com/trustwave-issues-annual-security-report/article/419629/

Deloitte Insights. (2015, May 12). Security Expert Marc Goodman on Cyber Crime. Retrieved from http://deloitte.wsj.com/cio/2015/05/12/security-expert-marc-goodman-on-cyber-crime/

Federal Bureau of Investigation. (2014, June 2). GameOver Zeus Botnet Disrupted. Retrieved from http://www.fbi.gov/news/stories/2014/june/gameover-zeus-botnet-disrupted

Federal Trade Commission. (2010, January). Peer-to-Peer File Sharing: A Guide for Business. Retrieved from https://www.ftc.gov/tips-advice/business-center/guidance/peer-peer-file-sharing-guide-business

Global Economic Symposium. (n.d.). Proposal - Dealing with Cyber crime – Challenges and Solutions. Retrieved from http://www.global-economic-symposium.org/knowledgebase/the-global-polity/cybercrime-cybersecurity-and-the-future-of-the-internet/proposals/dealing-with-cyber-crime-2013-challenges-and-solutions

Greenough, J. (2015, February 18). The 'Internet of Things' will be the world's most massive device market and save companies billions of dollars. Retrieved from http://uk.businessinsider.com/the-internet-of-things-market-growth-and-trends-2015-2?utm_source=taboola&utm_medium=cpc&utm_content=taboola&utm_campaign=taboola&utm_term=idg-pcworld?r=US

INTERPOL (2013, April 3). International cooperation key to fighting cybercrime, INTERPOL Global Complex for Innovation Director tells security meeting. Retrieved from http://www.interpol.int/News-and-media/News/2013/PR039

Kovacs, E. (2015, June 10). European Authorities Arrest 49 Suspected Members of Cybercrime Ring. Retrieved from http://www.securityweek.com/european-authorities-arrest-49-suspected-members-cybercrime-ring

Libicki, M. (2014, June 18). Shortage of Cybersecurity Professionals Poses Risk to National Security. Retrieved from http://www.rand.org/news/press/2014/06/18.html

McDowell, M., Wrisley, B. & Dormann, W. (2010, May 19). Security Tip (ST05-007) - Risks of File-Sharing Technology. Retrieved from https://www.us-cert.gov/ncas/tips/ST05-007

Phys.org. (2015, April 17). Cybercrime now 'number one' threat: Europol chief. Retrieved from http://phys.org/news/2015-04-cybercrime-threat-europol-chief.html

Schiff, J. (2015, March 12). 3 reasons to be wary of the Internet of Things. Retrieved from http://www.cio.com.au/article/570160/3-reasons-wary-internet-things/

Seals, T. (2015, May 5). IT Chiefs Lack Security Confidence. Retrieved from http://www.infosecurity-magazine.com/news/it-chiefs-lack-security-confidence/?utm_campaign=ITLackSecurity&utm_source=E-newsletter12%2F05&utm_medium=Email