Surprisingly, computer criminals tend to have no prior record of crime. Computer criminals also tend to be responsible, honest people in a position of trust. In fact, many of the businesses that fall victim to a computer crime, find out that it was one of their employees that was the perpetrator of the act.
Most computer criminals are male, but the number of women as accomplices and actual perpetrators is growing in number. They range in ages from fourteen to thirty. These criminals are usually very bright and know a lot about computers and are willing to challenge themselves in the technological world. Generally, these computer criminals almost represent “normal” people. They do not seem the type that would want to harm or hurt something.
Most cyber criminals display some or most of the following characteristics:
- Some measure of technical knowledge
- Disregard for the law
- High tolerance for risk or need for “thrill factor”
- “Control freak” nature, enjoyment in manipulating or “outsmarting” others
- A motive for committing the crime
- Computer crime is becoming a big problem in our world today. Many of these crimes affect our jobs, our money, our community and our lives.
Cyber Crime: The Risks to Small Business
One of the major victims of the increasing wave of computer crime is businesses. Computer crime can have devastating effects on businesses.
The increase in the use of information technology has raised the risk of of an unwanted intruder focused on either damaging their computer system or stealing information and / or files. These computer crimes can prevent a business from performing its day to day activities.
With computer crime becoming an increasing problem, it is important to report computer attacks. It is said that many businesses do not report an intrusion of their computer systems for fear that there would be a loss of confidence in their company which would translate into lost business. What many of these businesses do not realise is that the perpetrator may have left a back door to get back into the system thereby leaving themselves open to future attacks. This is why it is so important to report even the smallest incident to the authorities.
A McAfee-sponsored study by the Center for Strategic and International Studies found that Global cyber crime costs as much as 0.5 percent of global GDP. Global cyber crime likely cost individuals, companies and governments between $375 billion and $575 billion in 2013, according to a report published on June 9 2014 by the Center for Strategic and International Studies.
Even after all this evidence, it still seems that businesses have no idea how big this problem actually is. Businesses have yet to address security problems within their own systems. Many flaws and openings exist, yet businesses are doing little or nothing to protect themselves from computer crime.
The most recent trend shows cyber criminals demonstrating the dangerous ability to hone in on specific victims and applications. Companies recognise the danger of such cyber attacks. In fact, 70 percent of firms rank viruses and hacking ahead of fraud and physical break-in as their biggest threats. Given this fear and the insidious nature of today’s threats, placing IT security high on the risk management agenda is vital.
Today’s cyber criminals typically arm themselves with Trojan horses. Accounting for 82 percent of the new threats detected in 2006, Trojans are devastating programs that pretend to be legitimate software only to deploy hidden, harmful functions.
Trojans can and often do more than just attack a computer. Approximately half of today’s Trojans contain spyware that cyber criminals use to log key strokes, steal sensitive information or gain remote access to the victim’s computer.
Some say that businesses have a misconception on who is doing the security breaching. Many have stereotyped hackers as misguided young teens looking for a little excitement. Yet, many of these perpetrators of computer crime are very intelligent and have the patience to wait it out. Their hacking methods seem organized and planned out. This is the work of professionals.
Businesses must learn to take these attacks seriously. If they choose to keep their systems and security out of date, the cost and volume of these attacks will continue to increase. Do not wait for a devastating intrusion into your computer system before you take action.
How Criminals Target Small Businesses
Cyber criminals have developed dozens of ways to exploit the vulnerabilities that may exist in your business. From email scams that target employees to malware that gathers sensitive information, the attacks are complex and effective. Knowing what you’re up against will help you protect against it.
Here’s a breakdown of the kinds of attacks small businesses can expect to face. This is based on a four-week study of types of attacks participating small businesses experienced:
- Viruses, worms, Trojans – 100%
- Malware – 96%
- Botnets – 82%
- Web-based attacks – 64%
- Stolen devices – 44%
- Malicious code – 42%
- Malicious insiders – 30%
- Phishing & social engineering – 30%
- Denial of service – 4%
This indicates that virtually all small businesses have to deal with viruses, worms, trojans, botnets, and other malware. In fact, this is true for everyone online, from individuals at home to large multinational enterprises.
What Cyber Criminals Are After
Cyber criminals look for information on your business and your customers. Whether it’s kept on servers, is sent through emails or is sitting archived on your employees’ desktops, cyber criminals have ways to infiltrate and harvest your valuable data.
Here’s a list of what they’re looking for:
- Customer records (including contact information, sales history and passwords)
- Contact lists
- Employee Information (including email addresses and passwords)
- Company banking information
- Credit Card numbers
- Patents
- Plans
- Formulas.
They also want to find a way to:
- Compromise servers
- Infect computers with viruses and malware
- Access your system.
Suggested Solutions to Problems of Computer Crime:
Firstly businesses need to accept the fact that computer crime is a problem and realise that this problem is not just going to go away.
Everything in their system, internally and externally, needs to be checked and secured. Set up a secure system that is as close to fail proof as possible. If businesses want to stay afloat and keep a competitive advantage, they must first make sure they do not have a surprise attack that closes their doors.
Some questions businesses should be asking themselves – or using trusted advisers to do so.
Your internal network
- How strict is your wireless access?
- Who has permission to install software?
- How regularly do you backup critical systems?
Internet-facing aspects of your network
- How regularly are your internet connections and web applications vulnerability scanned or tested?
- Is your firewall properly maintained?
Devices and mobile technologies are another key area.
- Are all laptops and tablets encrypted?
- You need to consider the ways in which the hackers can get at your data. For example:
- Are employees using their own equipment to access corporate data or systems? Flash drives, External hard drives, Laptops, Tablets.
Businesses must report any known attack immediately. They need not necessarily go public with the information but hire a computer forensic examiner to track down the intruder, then with that evidence a criminal case can be opened. Many risks remain when these crimes go unreported. It is very important that these criminals are caught as soon as possible. That way we can help prevent any future cases, even against the same company.
As computer crime continues to become a bigger and more costly issue, greater measures must be taken to prevent them. These crimes are looked at as just white collar crimes, yet they cost people and businesses more money than any other crime. The punishment should fit the crime. This needs to be recognised as a problem and any business that wants to succeed should take this seriously.
These types of computer crimes are more common than we think. Businesses that use information technology and online communication as an everyday part of their business need to pay close attention to this issue. This is a threat that is not going away any time soon and, in fact, is only going to get worse.
Contact details:
Rick Crouch
Rick Crouch & Associates
rick@rickcrouch.co.za