Home > Articles > Cisco > CCNA Routing and Switching

The Explosion of Cybercrime

Cybercrime is any crime involving a computer or a network and cybercrime has increased significantly in the past decade. Most organizations value employees that have an understanding of IT security risks, and many organizations require employees to have specific security certifications. This article provides an overview of various types of cyber crime, including cyber extortion, botnets, morphing malware, and online fraud.
Like this article? We recommend

Like this article? We recommend

Cybercrime is broadly defined as any crime involving a computer or a network. In the last decade, the amount of cybercrime has grown substantially resulting in significant losses to businesses, and lining the pockets of criminals. This article presents some information about some of the common cybercrime activities and it helps emphasize the value of IT security for any organization.

It also helps to emphasize the value organizations place on employees with IT security awareness. The (ISC)2 CISSP has become one of the top IT security certifications and many organizations seek employees with this certification for both IT jobs and managerial positions. Lower level security certifications such as CompTIA’s Security+ and the (ISC)2 SSCP are also valued by organizations. For example, the U.S. Department of Defense requires anyone with an administrative account to have at least a Security+ certification.

Cyber Extortion

In high-crime areas, extortionists have demanded payments from businesses for “protection.” If the businesses refused, the business was attacked, robbed, employees harassed, and in extreme cases, the business was burned. Of course, the extortionists actually attacked the businesses when the protection money wasn’t paid.

Extortion has made it to the cyber community. Attackers use distributed denial of service (DDoS) attacks to show they can cripple Websites and corporate networks. They then demand protection payments to stop the attacks. Ron Lepofsky wrote in 2006 that the U.S. and FBI receive at least 20 new cases of cyber extortion a month. Blackmailers use various types of denial of service attacks to cripple Websites and corporate networks. They then demand protection payments to restore the service. Extortionists have demanded ransoms of more than 1 million dollars to stop the attacks. Some companies quietly pay. Others attempt to fight back.

A smaller form of cyber extortion is in the form of rogueware, or fake antivirus software. A user visits a Website and sees a popup indicating their system is infected, and encouraging them to download free software to clean their system. After the user downloads and installs the software, the rogueware reports several serious infections, but then states that the free version only scans the system, but won’t clean it. If they want to clean their system, they must pay between $49.95 and $79.95 for the full version. PandaLabs reported in 2008 that criminals were extorting approximately $34 million dollars a month from unsuspecting users. While this is bad enough in itself, the rogueware provides zero protection against actual malware, leaving the user with a false sense of security.

Additionally, many rogueware criminals include additional malware in the rogueware. For example, an added keystroke logger can capture a user’s keystrokes (such as capturing passwords for online banking accounts) and periodically send the data to the criminal. Many versions also include software to convert the computer into a zombie as part of a botnet.

Botnets

Botnets have grown to astronomical proportions over the past few years, and despite some successes, they’re still stealing money from people every day. As an example, NBC reported in 2004 how a small business in Miami was attacked. Specifically, their computer was infected with the CoreFlood virus (used in the COREFLOOD botnet) and someone transferred $90K out of their Bank of America account without their authorization to a bank in Latvia. Before this, the COREFLOOD botnet was primarily known for DDoS attacks.

Other losses from the COREFLOOD botnet include $115K from a real estate company in Michigan, $78K from a law firm in South Carolina, $151K from an investment company in North Carolina. The list goes on and on. Don’t think they’re only attacking businesses though. It’s just that when an individual’s $1,000 in savings is stolen, it isn’t as newsworthy as a loss of tens of thousands of dollars. Still, the loss of $1,000 by an individual can be devastating.

Interestingly, a report in June 2008 by Joe Stewart (Director of Malware Research, Dell SecureWorks) showed this same botnet was still in operation and the bot herders had shifted their activities from DDoS attacks, to full-fledged bank fraud. After all, they found they could get quick paydays with much less effort. At that time, they had infected over 378,000 computers and had at least one database with over 50 Gigabytes of data on hapless users around the world. The botnet had captured keystrokes and recorded bank passwords, credit card data, email passwords, social network passwords, and more.

As of February 2010, this botnet had grown to over 2.3 million infected computers with 1.8 million of the computers in the United States. Thankfully, the U. S. Department of Justice took several steps in April 2011 to take over the botnet’s command and control servers and may have succeeded in shutting this botnet down. We’ll see.

The point is botnets are thriving. Even though experts are shutting down some of the large botnets, it’s like a game of whack-a-mole. They keep popping up. In years past, malware was used to cause damage to systems such as corrupting a hard drive or system files. Today, malware is a tool often used by criminals to steal identities and hard cash from regular people just like you and me.

Morphing Malware

Malware is increasingly difficult to detect, mostly because attackers are constantly developing new methods and strategies. One common method used today is polymorphism. Malicious code within a single virus can be run through a mutation engine to create thousands of different versions of the same virus. While one version may be detected by a malware detection signature, thousands of other mutations may get past this signature until another signature is developed to detect the mutated versions.

At one point, it was recommended that you update your antivirus definitions on a weekly basis. Some experts now suggest you update it hourly. Malware vendors are constantly working on detecting new variants, updating signature files, and publishing them.

It’s also worth noting that all antivirus (AV) software is not created equal. Virus Bulletin publishes a monthly report on the effectiveness of AV products that is quite enlightening. You may think that malware products can consistently detect close to 100 percent of malware in the wild, but that is not the case. For example, this graph shows a wide scattering of products in the 60 percent to 80 percent effectiveness ranges. This equates to a grade somewhere between a B and a D. For me, I don’t want the D student protecting my bank accounts and identity.

It’s also worth pointing out that criminals have discovered the power of malware when used effectively for criminal activities. While malware was previously used to take down systems or networks just for the fun of it, criminals don’t do that today. Instead, criminals use malware to enlist zombies into their huge botnets. These zombies then engage in activities allowing the criminals to steal money from people and organizations on a grand scale.

Zero Day Vulnerabilities

Zero day vulnerabilities are those that are known to attackers, but either not known to the vendor, or the vendor has not developed and released a fix yet. While this implies that a zero day vulnerability lasts only a single day, it can actually last months before a fix is written, tested, and released.

In other words, even if you are taking steps such as keeping a system up-to-date, running AV software, and regularly updating signature files, you are still at risk from zero day vulnerabilities. Defense-in-depth procedures within an organization include a variety of other security practices to protect systems and networks to help protect them from zero day vulnerabilities.

Online Fraud

Cybersource publishes an annual fraud report on online fraud. Online fraud is fraud occurring through the Internet, such as charges on stolen credit cards, and chargebacks required by a credit card’s issuing bank. In the 2011 Online Fraud Report, Cybersource reported that losses from online fraud was about 2.7 billion dollars in 2010.

The good news is that online fraud appears to be declining. Online revenue losses due to fraud were estimated at 3.3 billion in 2009 and a peak of 4 billion in 2008. While this may look like criminals are trying less, that’s not actually the case. Instead online retailers have dedicated more and more resources to blocking cybercrime and are enjoying some success. That is if you want to call an annual loss of 2.7 billion dollars a success.

Conclusion

If you’re studying IT security certifications (such as CompTIA Security+, or the (ISC)2 SSCP or CISSP), expect your skills and your knowledge to be in high demand. Organizations using computers, and especially organizations with an online presence, are recognizing the risks to IT systems and networks. More and more organizations value individuals that understand these risks.

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020