A few years ago there was a trend of irresponsible hackers, usually teenagers, releasing worms and viruses on the internet just for the fun and excitement of it — they were also known as “ethical” hackers.
But now there is a new breed of cybercriminals — highly tech savvy, sophisticated full-time professionals in a full-blown, global black market involved in cybercrimes like identity thefts, bank and e-commerce fraud, theft or manipulation of data or services via hacking. On the other end of cybercrime spectrum are cyberstalking, harassment, child predation, extortion, blackmail, stock market manipulation, complex corporate espionage and planning or carrying out terrorist activities.
Cybercrime is a criminal activity in which a computer or network (mostly internet) is an essential part of the crime. The computer or device may be the agent of crime, the facilitator of crime, or the target of crime. With tens of millions of online users around the globe the ratio of cybercrimes have surpassed their equivalents in real world. Recent research showed that in Britain alone, a new cybercrime is being registered every 10 seconds. Interestingly, 90% of cybercrimes stay unreported — either due to the victim’s unawareness or the absence of reporting mechanisms in most developing countries.
Cybercriminals use different methods to strike, which are called crimeware programmes, like keystroke loggers, viruses, rootkits or Trojan horses. Software flaws or vulnerabilities in computer systems or networks provide the foothold for the attacker. For example, criminals controlling a website may take advantage of vulnerability in a web browser to place a Trojan horse on the victim’s computer when the victim is visiting that malicious website. They can also be delivered to a victim through an email message where it masquerades as an image or joke.
After it is installed, the Trojan horse lurks silently on the infected machine, invisibly carrying out its misdeeds, such as downloading spyware, while the victim continues with their normal activities, oblivious to the cyber assault.
Top 12 spam relaying countries
The cost of “free” software
Most often, spyware is installed unknowingly with some other software. For example, if one installs a “free” music or file sharing service or downloads a screensaver, it may install spyware. Then the spyware covertly monitors the activity on the computer, gathering personal information, such as usernames, passwords, account numbers, files and even driver’s license or social security numbers. Some spyware focuses on monitoring a person’s internet behavior like emails one writes or received Instant Messaging (IM) conversations. After gathering this information, it then transmits it to another computer, usually for advertising purposes.
A Bot — short for ‘robot’ — is another sophisticated crimeware. They perform automated tasks on behalf of their masters (cybercriminals) like sending spam emails or blasting certain websites off the internet as a result of coordinated “denial-of-service” attacks.
Since a bot-infected computer obeys its master, the victim machines are called Zombies. Bots spread themselves across the internet by searching vulnerable, unprotected computers to infect. When they infect an exposed computer, they quickly report back to their master. Their goal is to stay hidden until they are awoken by their master to perform a task.
Sometimes the victim comes to know through their internet service provider that his machine is sending spam emails to other internet users. Sometimes bots work in a network of infected machines called a “botnet” that is controlled by a command and control server. Sometimes, botnets stretch all over the globe with thousands of Zombies at the disposal of a master.
Then there is the online con game — Phising. It uses spam emails, sometimes up to millions of messages which appear to originate from a well-known and trusted company. The emails have a business-like language and request the user’s personal information. Sometimes they even direct the recipients to fake websites that appear to be authentic. Then, again, keystroke loggers or Trojans are inserted into victim’s machine. And the next time the victim visits the website of his bank or enters credit card information it is captured and passed on to cybercriminals.
Internet-related crime should be reported to appropriate law enforcement investigative authorities at local, federal or international level depending on the scope of the crime. And one should protect one’s personal information and computer by installing security software with the latest patches and updates.
