Cyber crime is a broad term that can encompass a wide variety of malicious activity. These attacks can be aimed at networks, businesses or individuals. The intent may be to disrupt business operations. Individuals could be targeted in order to steal credentials, identities or gain unauthorized access to sensitive data. Attacks may have financial and reputational impact.
Phishing scams are one of the most prevalent and successful types of cyber crime. These swindlers will craft the email to look legitimate. The recipient is tricked into opening a potentially malicious link or attachment. This can result in credential theft, loss of personal information or money. Phishing can be via email, text messaging or phone cons.
A miscreant may attempt to trick a target through spoofing. This is imitating a person or company to fool the user into divulging sensitive information or transfer funds.
Denial of Service (DOS) attacks are meant to disrupt an organization’s ability to function by flooding the targeted device with excessive requests and causing a service outage. A Distributed Denial of Service (DDOS) will utilize botnets, which are hijacked computer systems, to bombard the target. Since these IPs will be a part of a vast network, it is difficult to defend against.
Password attacks are when the bad actors attempt to access a user’s account. Unauthorized access is gained by either guessing the password or using other methods such as brute force or automated processes that will rotate through various password combinations. Crooks may try phishing a user to fool them into revealing their password.
Cyber stalking and harassment can take place online in the form of slander, cyberbullying, false accusations and doxxing. Doxxing is the act of publicly disclosing personal information about a person or organization. This can lead to unauthorized exposures, financial risks and other exploitation. It is important to routinely check privacy settings on social media platforms.
To combat these threats it is necessary to put into place layered security defenses such as:
- Firewalls with intrusion detection/prevention
- Anti-virus software
- End Point Detection and Response
- Virtual Private Networks (VPN) for remote access
- Disable unnecessary services, ports and other protocols
- Patch hardware and update software
- Perform backups and test the restore process to verify the integrity of the data
- Practice the principle of least privilege
- Utilize strong passwords and multi-factor authentication (MFA)
- Security awareness training
Protecting your organization, users and yourself from falling victim to cyber crime is important. The repercussions that result from these attacks can be devastating. It can cause financial and reputational damages that will cost time and money to recover from. Take the necessary steps to fortify your cybersecurity posture.
Resources:
What is Doxing?
9 Most Common Computer and Internet Cyber Crimes