A basic definition of cyberattack or cybercrime is “a crime whose commission contains a computer.” A more comprehensive definition would be “a crime committed utilizing an Internet-connected computer.” Cybercrime or cyberheist refers to any type of malpractice associated with interactions on the Internet, including theft of data and identity, financial scams, and security threats. For example, even email broadcasts (spam) that contain no other apparent criminal activity falls under the category of cybercrime. Online postings associating libel, defamation, or hate speech, all of which are considered illegal in some jurisdictions, also fall under the category of cybercrime.
The Internet is one of the swiftly developing areas of technical infrastructure development. Currently, ICTs (information and communication technologies) are pervasive. They have contributed to the integration of computer technology into products that have usually operated without it, such as cars, buildings, and in-house appliances. These computer-enabled, intelligent devices are now known as IoTs (Internet of Things) or Internet-connected devices. Electricity supply, military services, transportation infrastructure, and logistics – virtually every new service now relies on the adoption of ICTs. Cars, traffic control, air conditioning, elevators, and telephones also rely on the effortless operation of ICTs.
The rise of such an information-enabled society lends itself to new and severe threats. Any attack against the information framework on these Internet services now can harm society in critical ways.
A few of these cybercrimes are the outcome of cyberterrorism, cyberwarfare, or cyber-espionage, which are gangs, sometimes funded by governments, who have a clear political or warfighting plan for their mischievous activities. For corporations, it involves heist of computer resources and finances.
Cybercrime and Financial Institutions
Although cybercrime is one of the most serious threats to financial markets, it is usually overlooked by both financial institutions and regulators. Cyberattacks have already dealt a noticeable blow to retail banking, mostly through credit card and payment scams.
The frameworks of financial markets mainly involve digital systems, which are easily accessible to cybercriminals. If damages due to cyberfraud in the retail world are exceeded by the size and usage of an account, the potential blow from a cyberattack on financial infrastructures is immense. Also, markets acknowledge new information from traditional and contemporary media platforms, which are mostly saved on the Internet.
Cybercrime can damage markets in another way too – by changing our perceived reality and circulating rogue information. With the establishment of centralized counterparties, a group of a few institutions have indirectly exposed the entire financial sector to cyber-risk, with consequences that have not yet been well investigated or understood.
Victims of Cybercrime
The short response to the question, “Who are the victims of cybercrime?” is “Anyone with an email inbox or surfs the Internet.” This accounts for approximately more than 3 billion people who use the Internet on a daily basis. Typically, individual users are the ready targets for cybercrime. But when these individuals are targeted at work, they force their organizations also to endure and absorb related losses.
Let’s look at an instance where a typical phishing attack targets financial experts in small to medium enterprises. An email arrives in an inbox, which appears to come from an Automated Clearing House (ACH) that processes payments for the company’s employer.
The email notifies the financial expert that a payment issue is pending and that processing has been suspended. It informs him that that he must provide information about his company’s account to restart the process. He is asked to click a link in the message to provide that information ASAP so that the transaction can proceed. Sounds quite normal, doesn’t it? But it’s not.
If he clicks that link, he is already in danger, even if he provides no information to the web page that the link will lead him to. This is because, merely visiting a phishing page can open a PC to mischievous software downloads. They run in the background, secretly, without the user’s knowledge or sanction.
Phishing earns its name from the practice of “catching fish”. Just as an angler utilizes a bait to attract fish to bite his hook, cybercriminals run hyperlinks to draw innocent users to mischievous websites. A phishing attack can be identified by these common features:
- It resembles an innocuous or even a valid email message, tweet, or Facebook post.
- It persuades readers to give information by acknowledging the message or clicking an embedded link.
- It often elicits sensitive credentials about accounts, passwords, or identity.
- The hook gets “set” when a reader replies, even if only by clicking a link.
Security professionals often classify phishing as a type of “social engineering.” This term specifies different techniques used to influence customers to part with information about themselves, credit card or bank credentials, and so forth. The idea is to extract something of value to facilitate theft. Even though no nightcrawlers and lures are used, users often end up deceived.
Harvesting and Malware
Harvesting data is to acquire it illicitly. The data could be any form of credentials, such as account names or numbers, passwords, and challenge-response sequences. An illegitimate third party—mostly, a cyberthief—often utilizes the information to imitate the individual or company whose credentials have been stolen.
Malware is a short form for “malicious software”. It is typically installed on a system to execute mischievous code and cause damage, and it is usually installed without the owner’s authorization.
A drive-by download is a transfer of software from a web server to an unsuspecting user’s system. The software downloads in the background, with no warning, when a user enters a specific web page. It’s called a “drive-by” download because a user only needs to access the web page to initiate the download. Such downloads mostly consist of malware when some scam or attack is under progress. Such downloads can self-install themselves, which allows hackers to put different kinds of malware on victims’ systems.
Malware in Drive-by Downloads
Two models of malware are common in drive-by downloads. The first one is known as a keylogger, which logs every key pressed by a user on his or her system into an exclusive file called a keystroke log. The second is a class of software known as Trojans, short for Trojan horses.
After a Trojan accesses a system on the Internet, it transfers a keylog to some beneficiary address. Cyberthieves comb this keylog for sensitive data. They look for accounts, passwords, and other data they can utilize to impersonate genuine users and steal their cash.
For each online account access or funds transaction, there’s at least one scam that aims to detract some of those funds into the wrong hands. For well-known forms of online financial transactions, there are bound to be abundances of such scams. It is therefore, imperative for financial institutions to be aware of the different kinds of threats that are possible to their systems and processes, and take preventive as well as remedial measures to address them. NetSentries, with their deep expertise in assessment frameworks and remediation consulting in the financial sector, can help you uncover potential risks in your information systems and take necessary measures to ensure their security and safety. Call us or leave us a message to know more!