This article discusses the global challenge of cyber crime. It covers various aspects of cyber crime and its impact on individuals and organizations. The article also provides insights into the measures that can be taken to prevent cyber crime.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Table of Contents Cyber Crime – a Global Challenge..................................................................................................3 References........................................................................................................................................5 Appendix - Article...........................................................................................................................6 2|P a g e
Cyber Crime – a Global Challenge The author, Matthew Gardiner, under the security and privacy handle at the Harvard Business Review, highlights the rising threats from cybercrime globally. The article puts forward the conceptofphishingandspearphishingattacks,withtheportrayalofcyberhackersas businessmen. The article also focuses on the rising new threat of ransomware that has expanded its paws. The article summarized from the research conducted claims that a successful spear- phishing attack costs around $1.6 million. The author suggests the basic set of questions one must ask, to prevent falling prey to a cyberattack, with suggested training and knowledge sharing with teams and employees in an organization(Gardiner, 2017). The author indicates a win over cybercriminals with intensified focused approach and competitor mindset. The rising attacks of cybercrimes like email phishing and ransomware have infected the world wide web. It is not only restricted to a geographical location but is now a standing global challenge. The blind faith and reliability on digital platforms are a primary motivator behind targeted cyberattacks. The cybercriminals are well paid, strong professionals that can be cornered if right steps are taken. Knowledge, awareness and training are the key steps in dealing with the challenge. Cyberattacks are organized and decorated actions that have rewarding benefits if successful. The chances of getting caught are less and the stakes in the crime are fairly low. Therefore, cybercrimes appear to be very appealing to those intending to take up the challenge and extract benefit out of it. Email phishing and malware attacks have become an everyday affair(Boddy, 2018).Thecybercriminalstargetdatatheftandactastrustworthyperson,withwhom confidential information can be shared with. The author’s point of view, of cybercriminals doing their homework efficiently in order to steal someone’s identity and fake it for acquiring information, is absolutely on point. Cybercriminals are not geeks interested in taking up the challenges anymore, these areorganized, and well executed operations being funded and gave high paying benefits with low payback costs. Data from various statistical websites and researches indicate that recursively the cost of data loss and theft by a cybercriminal can have severe economic impact. A report claims that from the 3|P a g e
year 2001 to 2017, the loss amounted to a total of 1.42 Billion U.S Dollars, alone in the United States( Amount of monetary damage caused by reported cyber crime to the IC3 from 2001 to 2017 (in million U.S. dollars), 2018). The majorly identified type in cybercrime comes from data breach incidences with theft of financial and account access user information. The author’s point of viewtowards the set of questions one must ask themselves to prevent such a data breach incident, especially for organizations, is a rightful approach towards creating self-awareness and taking precautionary steps against cybercriminals(Konradt & Schilling, 2016). The fight against the not so smart offenders of cyberlaws is a feasible war with very competitive and challenging mindset requisite to win it. The author highlights it as well, that intense focus and competitor mindset are truly the keys to defeating the cybercrime. 4|P a g e
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
References Amount of monetary damage caused by reported cyber crime to the IC3 from 2001 to 2017 (in million U.S. dollars). (2018, July 1). Retrieved from Cyber crime: Reported damage to the IC3 2017 | Statistic. (n.d.).: https://www.statista.com/statistics/267132/total-damage- caused-by-by-cyber-crime-in-the-us/ Boddy, M. (2018). Phishing 2.0: the new evolution in cybercrime.Computer Fraud & Security, 8-10. Gardiner, M. (2017, July 10).To Guard Against Cybercrime, Follow the Money. Retrieved from To Guard Against Cybercrime, Follow the Money: https://hbr.org/2017/05/to-guard- against-cybercrime-follow-the-money Konradt,C.,&Schilling,A.a.(2016).Phishing:Aneconomicanalysisofcybercrime perpetrators.Computers & Security, 39-46. 5|P a g e
Appendix - Article To Guard Against Cybercrime, Follow the Money Taken From – Harvard Business Review Link:https://hbr.org/2017/05/to-guard-against-cybercrime-follow-the-money Email attacks are cheap, easy, low risk, and high reward. No wonder a “malicious email is the cyber spy’s favored way in.” An email security breach could impact your organization’s revenue and reputation. Protecting yourself from a breach can be daunting, given how many emails pass through your organization each week. But if you think of cybercriminals as a business, you can keep up with them more effectively. After all, most want to make a profit. They work in a well-oiled, thriving criminal industry. Their operations involve partnerships, specializations, and supply chains. These criminal enterprises often share information with each other when it is mutually beneficial, but at other times compete to attack the most profitable targets. Rather than thinking of a clandestine hacker working out of a basement, you will be better served to picture a sophisticated, professional operation working out of an office tower. To strengthen your digital resilience, adopt a competitor’s mindset. Lies, Deceit, and Email Attacks Before you can mitigate your organization’s security risks, it’s important to understand how email gets companies in trouble. The most common type of email attack is phishing, fraudulent emails purporting to be from a potentially relevant entity such as a shipping firm, major bank, or tax authority. The email attempts to trick recipients into revealing personal data, opening a malicious attachment, or clicking a link that installs malware. These broad phishing attacks are not targeted. It’s a volume play, as any strategist would recognize, and it preys on our shared human weaknesses. We’re digital-first, we aim to please, and we’re used to moving fast. We share lots of information instantaneously online. We trust our digital communication tools — social media, email, messaging. And the tendency to click and share before thinking about the risks is exactly how we become victims. 6|P a g e
Spear-phishing attacks, in contrast, are much more sophisticated. They are not volume plays. Think of them as targeted ads for premium customers. With spear phishing, the email is targeted at a specific individual or organization of which the attacker has cultivated deep knowledge. Spear-phishing emails have been used in many of the most notorious attacks, including the 2017 French presidential election and the infamous attack on the Democratic National Committee. DNC staffers received emails, claiming to be from Google, saying that a sign-in attempt had occurred in Ukraine and that they should change their passwords immediately. One survey of IT decision makers found that the average cost of a successful spear-phishing attack is $1.6 million. Impersonation attacks are even more specialized spear-phishing attacks, ones that occur when attackers pose as an individual you know and trust. To gain this trust, a cybercriminal will mine informationsotheycancrediblyassumethatperson’sidentity.Acybercriminalmight impersonate a CFO or CEO, and then send an email to accounts payable asking for a wire transfer, or to HR requesting a dump of employee tax information. Workers at technology giants Facebook and Google — filled with tech-savvy people — fell for such a scam that almost cost them $100 million. Another type of phishing attack that is growing in popularity is ransomware. The recent, well- publicized WannaCry outbreak highlights what makes these attacks especially unnerving: their ability to disrupt entire organizations by freezing IT systems. Ransomware is a type of malware that prevents victims from accessing their systems or data by locking them out until a ransom is paid. WannaCry hit numerous hospitals in the UK, forcing them to divert emergency patients to unaffected hospitals. You Understand Cybercriminals Better Than You Think To fight this myriad of possible attacks, you need to adopt a competitive mindset. Consider how someone would go about making money from attacking your organization. Ask yourself: In the case of an attack, what data or systems could someone demand the highest ransom for? What could they most readily monetize on the black market? 7|P a g e
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Which employees have the most financial power, influence, and access? Whom do they work with? How could someone trick them or use them to trick others? What information is available about them on social media? What systems, data, or business processes can your organization least afford to live without? What suppliers or partners have access to your digital assets? Once you’ve answered those questions, you can get to work with a renewed focus. With the right technology, training, and business processes, you can strengthen your cyber resilience. First and foremost, employ advanced email security controls. Use modern, secure email gateway systems, not email security systems, which only focus on stopping spam or known types of malware. As you now see, the most dangerous attackers have moved far beyond blasting out threats indiscriminately. Integrate email security into your organization’s risk management program. Security is a business problem more than an IT problem. Second, understand the value of your data. After all, it’s the bargaining chip in ransomware attacks. Identify the systems you could not stand to lose, and then prioritize security around them. By doing so, you can deploy strong security and backup and recovery programs where they are most needed. It’s also important to take a close look at your vulnerability patching program. Can you speed it up or prioritize it more? WannaCry took advantage of hundreds of thousands of unpatched systems. Organizations should stop using old or unsupported operating systems and applications. And certainly do not use pirated software — which, surprisingly, was another weakness exploited by WannaCry. Third, your employees are your last line of defense, so you need to train them to be more aware of threats and to understand what to do when they think they have spotted one. In a survey of IT decision makers, just 25% of respondents were confident that their employees could spot and defend against phishing attacks. For a Fortune 500 company, it might seem daunting to train many thousands of employees. Start with the employees that would be at most risk: those with financial power and access to sensitive data. Your valuable employees are even more valuable if they are smart and cautious. 8|P a g e
Whether your organization operates in the private sector or in government, you are of interest to cybercriminals. They are relentless, focused, and well funded. Success against them is possible, but it requires intense focus and a competitor’s mindset. 9|P a g e