If you hold valuable information, there will always be criminals looking to steal it to exploit for financial gain or competitive advantage. When applied to the field of computers and the Internet, this becomes known as ‘cyber crime’.
Cyber crime is often misunderstood with people believing it to be the stealing or fraudulent activity around financial data. However, cyber crime encompasses any information that is valuable to you that a criminal can exploit for their own financial gain; customer data, intellectual property, or personally identifiable information (PII), as well as financial data.
> See also: Why mobile security needs a 'follow me' policy
The beginnings of information security can be traced back to Julius Caesar in 50BC and the ‘Caesar cipher’ . This basic form of encryption was used for all his personal correspondence, with Caesar recognising the value and confidentiality of his information, implying that, even back in ancient history, the need to keep information confidential was important.
Since Caesar’s cipher was broken in the 9th century, we have seen an arms race of people trying to maintain the integrity and confidentiality of their systems, as well as attackers attempting to break in and gain access to confidential information.
The birth of cyber crime
Modern day cyber crime was born with Morris Worm in the 1980’s, and would spread like wildfire over the next four decades. One of first the high profile hacks came in 1985, when two journalists stumbled upon administration credentials for the UK’s Prestel system.
After publishing the email address for Prince Phillip, the pair was prosecuted by UK police, only to be acquitted due to cyber crime not being covered under UK legislation. This led to the first instance of cyber crime legislation – the 1990 Computer Misuse Act.
As the internet developed into the early 2000’s, so did the idea of using it to make money. Email proved to be a key application through a new phenomenon – spamming. Spammers made millions of dollars by promoting products through unsolicited email.
As anti-spam systems blacklisted their servers, spammers discovered they needed larger numbers of fresh computers to continue to deliver spam.
Inspired by the Morris Worm, the spammers discovered that by teaming up with malware writers they could use infected computers, or botnets, to send their messages. This new business model continued to send spam, all under the control of a single individual.
Denial of Service attacks
With the malware/spam revolution under way, innovative minds identified new criminal opportunities for botnets. In February of 2000 ‘Mafia Boy’, a 15 year old high school student, discovered that if many computers access a website at once, the spike in demand consumed the website’s resources rendering it unless.
This early form of Denial of Service (DoS) targeted websites such as CNN and eBay, and caused approximately $1.7bn in damages, disabling websites for days at a time.
As legitimate web services grew and flourished, so did criminal services. Towards the late 2000’s criminals found that personal information could be harvested from infected computers. Criminal specialists knew how to monetise this stolen information, but didn’t have the skills to write and distribute the malware, leading to the development of underground markets.
Here the individuals collecting the information could sell their services to those able to capitalise on the stolen data, allowing cybercrime to become easier, more profitable, and more efficient, with the likes of PayPal, Netflix and other types of account information up for sale.
Nation states also began to invest in the development of espionage by malware, and the era of the Advanced Persistent Threat (APT) was born. State sponsored teams of hackers could take the time to invest in stealthy and persistent attacks against chosen targets and steal valuable information for geo political reasons or economic gain.
We can currently see a crime-as-a-service based criminal industry developing, with an increasing number of those operating in the virtual underground making products and services for use by other criminals.
Ransomware is one example, and is created using spam emails to spread malware throughout a machine. After encrypting the all personal files, the user is forced to pay a ransom to get their files back, with no guarantee that the files will be returned safely.
From Heartbleed to the Sony hack, cyber attacks are daily news, and as technology continues to develop we must remain aware of the lessons from the past and consider how new systems expose us to crime in new ways.
> See also: A history of online payment security
The internet does not necessarily create new crimes, merely new opportunities for crimes to be carried out in a different medium. There are basic ways to protect your data, making it harder to obtain and less profitable to attackers.
Ensuring software is fully up to date and the hardware it runs on is kept current means that we stay resilient to all but the most determined criminals. Continuously monitoring & logging the network and systems to detect patterns and anomalies means that action can be taken before the cyber criminal has a chance to act.
This implies having enough security expertise to be able to proactively and reactively respond to security threats when they are detected. Security awareness training for staff helps keep people looking out for attacks, while making sure that firewalls and web application firewalls are in place and correctly configured, coupled with encrypting sensitive data, all help.
Cyber crime is constantly evolving, but so are the defenses to counter it. It is up to all of us to ensure those defenses are kept in place.
Sourced from Martin Lee, Cyber Crime Manager, Alert Logic