A cybersecurity professional works on a tablet in a data center
Article

5 Types of Cyber Crime: How Cybersecurity Professionals Prevent Attacks


Cybersecurity

The threat posed by various types of cyber crime continues to escalate in frequency and complexity. The FBI reports that while cyber attacks grow in prevalence and sophistication, so do associated costs for recovery and prevention. Impeding cyber attacks is a formidable challenge as the technologies and techniques used by cyber criminals evolve as quickly as the methods designed to thwart them. To protect their assets, organizations rely on the expertise of cybersecurity professionals.

Building a strong foundation in the technical and leadership skills necessary for a role in cybersecurity requires advanced training. Individuals interested in fighting cyber crime should consider deepening their skills with an online Master of Science in Cybersecurity degree from Norwich University.

The Damage of Cyber Crime

Cyber criminals use various tactics to exploit individuals, steal personal information, and disrupt computer and information security networks. As many as 78% of organizations globally, and 76% of organizations in the United States, are hacked by successful cyber attacks, according to research firm CyberEdge Group.

Cyber attacks target both public and private sector networks, threatening critical infrastructure supporting the energy, health, transportation, and financial services. Seeking data ranging from personal information to corporate data and trade secrets, cyber criminals target individuals, companies, schools and universities, and government agencies.

The costs associated with cyber crime are enormous. The White House Council of Economic Advisers estimates that malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016. The Center for Strategic and International Studies estimates that close to $600 billion, nearly 1% of global GDP, is lost to cyber crime each year. Cyber crimes disrupt business and government operations and cause reputational harm.

5 Types of Cyber Crime

Cyber crime takes many different forms. Criminals who infiltrate computers and networks have developed a variety of malicious software and social engineering techniques used individually or in combination when use in committing different types of cyber crime. A few of the most common cyber crimes are described below.

Hacking

Criminal hacking is the act of gaining unauthorized access to data in a computer or network. Exploiting weaknesses in these systems, hackers steal data ranging from personal information and corporate secrets to government intelligence. Hackers also infiltrate networks to disrupt operations of companies and governments. Computer and network intrusions cost billions of dollars annually, according to the FBI.

Malware

Malware, or malicious software, refers to any code designed to interfere with a computer's normal functioning or commit a cyber crime. Common types of malware include viruses, worms, trojans, and various hybrid programs as well as adware, spyware, and ransomware.

Ransomware attacks are growing in volume and sophistication, the FBI reports. Locking valuable digital files and demanding a ransom for their release, ransomware attacks are commonly executed using a trojan — malware that disguises its true intent. Ransomware typically infiltrates via email, luring a user to click on an attachment or visit a website that infects their computer with malicious code. Common ransomware targets include hospitals, schools, state and local governments, law enforcement agencies, and businesses. Ransomware also targets individual users, holding personal information, photos, or other records.

Identity Theft

According to the FBI, identity theft occurs when someone “unlawfully obtains another individual's personal information and uses it to commit theft or fraud”. Not all identity thefts are a result of cyber attacks, but malware such as trojans and spyware are often used to steal personal information.

A common method for perpetrating identity theft, phishing refers to a method used by cyber criminals to obtain confidential information using emails or texts. Scammers pose as a trusted source (often a bank or well-known company) and trick recipients into providing personal information, such as account passwords and social security numbers. Phishing messages often use a story—for example, a claim that the sender has noticed suspicious activity with an account—to entice recipients to click a link or open an attachment.

Social Engineering

Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. Cyber criminals use social engineering to commit fraud online. Platforms such as online dating sites provide opportunities to initiate conversations with potential victims. Once the criminal establishes a relationship with the target and gains their trust, the criminal asks for money or information. Social engineering techniques are often combined with technology elements. For example, phishing attempts often make use of deceptive and manipulative messaging in addition to malware and fake websites.

Software Piracy

Software piracy is unauthorized reproduction, distribution, and use of software. Pirated software takes the form of counterfeited commercial products and illegal downloads and reproductions, as well as violations of licensing agreements that limit the number of users who can access a program. As much as 37% of software installed on personal computers globally is unlicensed, according to BSA | The Software Alliance. In addition to being illegal, pirated software contributes to the spread of malware, which can be inserted by cyber criminals into unauthorized software copies.

Proactive measures employed by cybersecurity professionals can help minimize the damage caused by cyber crimes. Best practices include:

  • Regularly installing patches and upgrades to operating systems, firmware, and application software.
  • Installing and updating anti-malware software.
  • Limiting administrative access and control of files, directories, and networks.
  • Tightening email controls by disabling macros and scripts from files transmitted over email.
  • Performing (and securely storing) regular file backups.

Just as important as the technical prevention measures taken by cybersecurity professionals is the knowledge they share with others about how to prepare and protect themselves from potential attacks. For example, making sure everyone in an organization can recognize phishing attempts and educating them about the dangers associated with file attachments and downloads is critical to thwarting cyber crime.

The Importance of Skilled Cybersecurity Professionals

Cybersecurity professionals seek to thwart cyber attacks before they can reach vulnerable data or targeted individuals. Anticipating threats and coordinating the technology and teams needed to execute the mission requires advanced analytical, project management, critical-thinking, and communication skills. It also requires a diligent approach to learning. Advanced and ongoing education is necessary to track new security threats and stay current with technologies used to address them, such as automation and data analytics tools.

Norwich University’s online Master of Science in Cybersecurity program, which includes specialized areas of study, prepares students to combat cyber crime by helping them to develop the technical and leadership skills required for various roles in the public and private sector. The program offers the following concentrations:

  • Computer Forensic Investigation and Incident Response Team Management
  • Critical Infrastructure Protection and Cyber Crime
  • Cyber Law and International Perspectives on Cyberspace
  • Project Management
  • Vulnerability Management

Preparing Students to Fight Cyber Crime

Cyber crime mutates constantly. To help aspiring cybersecurity professionals keep pace, Norwich University provides dynamic learning opportunities such as hackathons and forensics exercises. The Norwich cybersecurity program is one of the first to be recognized as a Center of Academic Excellence in Information Assurance Education (now known as a Center of Academic Excellence in Cyber Defense) by the National Security Agency and Department of Homeland Security.

For students with an aptitude for technology and a passion for preventing cyber crime, Norwich University’s online Master of Science in Cybersecurity program provides a strong foundation in cybersecurity concepts and leadership skills, as well as multiple concentrations that allow them to develop advanced expertise in key areas of the field.


Recommended Readings

The Changing IT Security Job Market
How Critical Infrastructure Protection Fits into a Cybersecurity Career
What is Vulnerability Management in Today's IT Field?

Sources:

Cyber Crime, Federal Bureau of Investigation
2019 Cyberthreat Defense Report, CyberEdge Group
The Cost of Malicious Cyber Activity to the U.S. Economy, The White House Council of Economic Advisers
Economic Impact of Cybercrime, Center for Strategic & International Studies
5 Types of Cybercrime and How to Protect Against Them, MetaCompliance
9 Types of Malware and How to Recognize Them, CSO
Online Scams, NortonLifeLock
10 Critical Security Skills Every IT Team Needs, CIO
Types of Piracy, NortonLifeLock
2018 BSA Global Software Survey, BSA | The Software Alliance