Visit us at it-sa 2024!

GetyourfreeticketGetyourfreeticket

/

What is cybercrime?

Cybercrime stands for criminal acts committed on the Internet or initiated via the Internet. This form of crime, which emerged in the 1990s, includes, for example, digital attacks, the dissemination of prohibited content or online trading in illegal goods.

Myra Services on this topic: Flexible protection against a wide range of threat scenarios with the Myra Hyperscale WAF
Security Alert lettering

01

Cybercrime: a definition

Cybercrime is a collective term for illegal activities that either take place directly on the Internet or are initiated via the Internet. The spectrum ranges from digital attacks through malware, Trojans or DDoS, to the phishing of login and access data, to the dissemination of child pornography and the trafficking of weapons and drugs. Away from the publicly accessible Internet, a professional cybercrime industry has developed in the so-called darknet, through which illegal activities are controlled and even offered as a service.

You got HACKED writing

02

How long has cybercrime existed?

The first cases of cybercrime date back to the 1990s. Among the best-known digital perpetrators of those early days is Kevin Mitnick, who nowadays earns his living as an IT security expert and book author. Mitnick is said to have succeeded on several occasions in penetrating the sensitive networks of the U.S. Department of Defense as well as the NSA, and in particular the NORAD network. The U.S. citizen served a prison sentence of several years for his offenses.

Since then, however, cybercrime has changed significantly. Whereas attacks were initially mostly carried out by enterprising hackers who primarily wanted to test their skill at breaking into highly secured networks, today's attackers are mainly cybercriminals with monetary interests. In addition, state-backed groups are increasingly active on the Net. The latter are primarily seeking political influence, access to secret data or even industrial espionage. The romanticized image of the hacker in a hoodie, however, has very little to do with reality.

03

What forms of cybercrime are there? 

In general, a distinction is made in cybercrime between crimes that are carried out entirely in the digital realm and offenses in which the network serves as a tool. While a DDoS attack, for example, is aimed at restricting the availability of web services and thus takes place entirely in cyberspace, the trade in prohibited or stolen goods can also be carried out in a completely analog way - in this case, only the transaction is carried out on virtual platforms in the darknet.

Common attack practices used by cybercriminals include:

/

Phishing

In phishing, cybercriminals aim to capture valuable login information, which is then used for digital identity theft or sold for profit on the darknet. Among the most sought-after login data are logins for online banking and payment services - these are the most highly traded on online marketplaces on the darknet. The criminals mostly grab the data by means of spam e-mails that lure users to fake websites via links. These web portals are usually indistinguishable from the original platforms of the respective provider - resourceful phishers even copy the URL structure and use visually similar characters, which is also known as homographic attacks.

Malware

Malware

The use of malware is also a common method for cybercriminals. Spam e-mails are often used to distribute malware in mass. But attacks using manipulated links and cross-site scripting are also used to distribute malware. The attackers exploit existing security vulnerabilities in websites. Once installed on the target's system, malware can be used for a variety of purposes. For example, passwords and other confidential data can be spied out or even the entire system can be taken over remotely.

Ransomware

Ransomware

Malware that aims to extort ransoms is known as ransomware (derived from the English "ransom"). These extortion Trojans usually spread unnoticed in the background on the target's systems and begin encrypting data records as unobtrusively as possible. By the time the victim notices the attack, it is usually too late and large parts of the hard drive have already been taken hostage digitally. The locked content can usually only be recovered with the corresponding decryption keys, which attackers promise to send after payment of the demanded ransom. However, even if the ransom is paid, there is always the risk that the keys will fail or not be transmitted at all - you should not count on the honor of criminals on the Internet. Therefore, security authorities recommend not to respond to the attackers' demands and not to pay a ransom.

/

Botnets

Botnets are made up of thousands of networked bots. The name bot is derived from the English word "robot" and thus also indicates the primary functionality of the tools: Bots autonomously perform predefined tasks. As malware, bots usually operate without the knowledge of the user on hijacked PCs, network servers and other devices from the Internet of Things (IoT), which are connected to form the botnet. IP cameras, network printers, smart TVs and similar devices can also become part of a botnet. When combined, bots as a collective form a powerful weapon to carry out DDoS attacks, for example, or to capture credentials via credential stuffing or credential cracking.

/

DDoS attacks

DDoS stands for "Distributed Denial of Service" and literally describes a distributed service blockade, which is one of the most widely used attack vectors today. DDoS attacks aim to bring the target's digital processes to their knees with many requests. he starting point is usually widely distributed botnets, which are set up by cybercriminals using Trojans and then misused as a weapon. Ambitious DDoS attacks can paralyze unprotected websites and other services for hours or even days.

04

Which industries are affected by cybercrime? 

In general, every company is a potential target for cybercriminals, regardless of industry or size. The question is not whether, but when and to what extent an attack on one's own company takes place. Cyber criminals focus particularly on e-commerce companies, banks, FinTechs, insurance companies, the manufacturing industry, the media and the healthcare sector. However, data centers as well as authorities and other organizations from the public sector are also among the preferred targets of attackers. In 2022, almost 9 out of 10 of all German companies (84 percent) were victims of digital sabotage, data theft or espionage, according to a representative survey by the digital association Bitkom.

05

How can companies protect themselves? 

To successfully combat cybercrime, companies should first observe and cleanly implement the industry-standard guidelines for data protection and IT security. Depending on size and environment, different guidelines apply here. While financial service providers, for example, are bound by the requirements of BaFin, operators of critical infrastructures are subject to the requirements of IT-SiG 2.0. In general, it is important for all companies to protect critical data sets from unauthorized access and to use backups to protect against possible data breaches. In addition, the GDPR provides for particularly careful handling of personal data.

In addition to compliance and data protection, companies must of course also keep an eye on IT security to secure their digital business processes in the best possible way. To be able to respond appropriately to increasingly complex attacks, intelligent and dynamic protection solutions are required to identify, categorize and mitigate threats independently.

These protection systems must be implemented for all relevant network layers. In the case of a managed cloud service, the service provider can, if desired, take over the complete configuration and oversee the correct operation – for example, of the DDoS protection for data centers (layer 3/4) as well as web applications (layer 7).

As part of a holistic security strategy, companies should establish organizational prevention measures in addition to technical ones. For example, it is advisable to identify target systems that are under threat as a preventive measure, clarify internal responsibilities, regulate communication with the Internet service provider, define checklists and processes for the event of an attack, and provide regular training for employees.

Cybersecurity Solutions by Myra

Digital lock

06

Cybercrime: what you need to know

The term cybercrime describes illegal activities that either take place directly on the Internet or are initiated via the Internet. Any company, regardless of industry or size, can be targeted by cybercriminals. According to Bitkom, the damage caused by this form of crime amounted to 203 billion euros in Germany alone in 2022. For optimal protection, both technical and organizational preventive measures are required: Tailored protection solutions, such as those offered by Myra as part of its Security-as-a-Service platform, detect DDoS or bot-based attacks at an early stage and reliably defend against them. Regular awareness training is one way to combat attacks such as phishing, in which the human factor plays a decisive role.