Cybercriminals will use malware, phishing, DDoS attacks, and a host of other tactics to target vulnerable companies and individuals that have poorly protected data. Hackers follow the money and our data can be used to commit identity fraud, traded on hacker’s forums, or sold on the dark web.
The dark web provides the perfect platform for hackers to trade their stolen data. It can only be accessed using specialist software, and any websites hosted on the dark web are encrypted and can’t be found using traditional search engines or browsers. This is a huge draw to those criminals that want to evade the law and continue with their digital crime wave.
Also Read – The most common threats children face online
Cybercrime and fraud are now the most common offences in the UK, with almost one in ten people falling, the victim. More than five and a half million cyber offences are thought to occur each year, which accounts for almost half of all crime in the country.
Despite the problem’s scale, more than 80% of all fraud offences are not reported to the police, meaning that many of those responsible can operate without fear of ever been caught.
Cybercriminals are rarely caught and prosecuted because they are virtually invisible. Crime has transformed with the digital age, and police forces worldwide are now having to adapt to tackle the problem rapidly.
The global nature of the problem has called for a global response. Many international law enforcement agencies such as the FBI, Scotland Yard, and Europol are now working closely together to take down some of the world’s biggest cybercriminals.
Despite what may seem like an insurmountable task, hackers are human and make mistakes. These careless errors will often trip the criminals up and leave a trail of evidence that the police can follow.
This was evident in the 2016 Bangladesh Central Bank attack, where hackers breached the system and stole payment transfer credentials worth $81m. They attempted to steal a further $1bn, but a small spelling error in the transfer order alerted a team member who immediately blocked the transaction.
The type of malicious software used in an attack can also provide valuable clues to help police identify the country or individual behind the hack.
Security researchers determined that the malware used in the Bangladesh Bank attack was also used in the 2013 Sony Pictures attack, a failed bid to steal $1m from a Vietnamese bank, and an attack on South Korea’s top broadcaster and banks. The code used within all the attacks was identical and pointed towards a coordinated attack from North Korea.
The majority of cybercrimes are financially motivated; however, for a large number of hackers, it’s the thrill of the hack and the excitement of bringing down a company’s computer system that motivates them. Following an attack, many will turn to hacker’s forums to brag about their exploits. This often provides police with the vital clues they need to start identifying the person responsible.
Honeypots have also proved an effective way to lure cybercriminals in and find out more about how they operate and who they are. Essentially, they’re a decoy computer system set up to mimic a likely target for an attack. The systems will contain data and applications that will trick hackers into thinking they are attacking a legitimate target.
The information gathered from these dummy attacks can provide valuable information on who is responsible and if any similarities link the individual to other attacks.
There’s no doubt that catching hackers is a difficult task, and as long as they are continuing to generate such huge profits, the cat and mouse game will continue.
To ensure your employees are equipped to deal with the most up to date security threats, they must receive regular Cyber Security Awareness training.
How to stay safe?
No target is too small, nor too big, so you must take the necessary precautions today to protect yourself. First, be sure always to keep your firewall on and the software updated, this will help protect your computer from hackers.
Check your antivirus software and be certain it is updated and installed correctly. Last but not least, pay attention to what you are downloading and the websites you are on.
Carelessly downloading email attachments can almost instantly allow a cybercriminal to hack into your computer. Finally, when you are not using your computer, be sure to log off. If it is left on, the attacker could have a connection to hack into your information.