The Effects of Cybercrime on Social Media

Back when the term ‘computer’ meant mainframes and reel-to-reel tape drives,computer criminals were masterminds who used their programming talents to glean millions of dollars from banks and corporations.These crooks were so ingenious in their schemes that many banks and corporations cut deals to hire them as security consultants rather than send them to prison.Today, the average desktop workstation has all the computing power of one of those old mainframes, the average American home has at least one computer, and computer criminals are no longer masterminds, just crooks and creeps doing what crooks and creeps do. Today and every day, thousands of people worldwide are being victimized by computer crime. That’s why just about every major municipal or county law enforcement agency in the United States now has a new breed of detective: the computer crime or “cybercrime” investigator.

It’s easy to pinpoint the reason why cybercrime has statistically exploded since the mid-1990s. Just about every computer on Earth is now connected via a once obscure research tool called the Internet. Once derided as a passing fad and the CB radio of the ‘90s, the Internet and its graphic component the Worldwide Web have become so prevalent since 1995.The rise and evolution of social media has changed the definition of communication and social interaction. We have seen how different social media platforms like Facebook and twitter have brought a revolutionary change the way we used to use Internet for both personal and professional purpose. There is no doubt or space to deny the effective impact of these social media platforms on our regular life, professional life, and even on our business. Every good this has some drawbacks and loopholes, and it is advised to be aware about those loopholes before getting trapped inside of those loopholes. Online or cyber security is one such issue which is directly involved with the uses and impacts of social media networks.

From illegally sharing copyrighted songs to revealing top-secret government documents,cybercrime is a wide and constantly evolving threat tha serves no single purpose.New security measures are being developed all the time to keep pace with criminals,so it’s important to stay aware of current trends.An excellent foundation includes contolling your social media by keeping personal information private.Cybercriminals may only need a few bits of personal information to execute their plan.Do not share your password with any of your friends,colleagues or even any online form.Use your debit and credit card wisely while purchasing items online.One must determine which information to share and which one not to.If the platform does not comply do not risk venturing further.

There is no single way that cybercriminals operate,they use different strategies from stalking which is a form of harassment,phishing which utilizes decoy emails and websites to trick users.Having an updated security suit against viruses and malware to safeguard programs from threats is required.Anti virus and firewalls enhance protection and detect foreign invasion in the computer.

Network attacks such as denial of service are another effect of cybercrime.These attacks break institutional web security and pose a serious threat.Determine which information to share and which one not to.Some opt to deactivate their accounts in social platforms after they are attacked but the best solution is to make them extremely private as possible.

Security settings come with timing;for one to be able to note the intrusion one needs to set alarm clocks at vulnerable times.This online alarm makes sure that one is alert and intuitive.If you take a false check into a bank and the security camera is not pointing at you when you pass it then there is no trail to you but one can’t do anything online without leaving a trail.

  • Maintain a strong home network. A VPN encrypts all information as it leaves your devices, meaning hackers will only be able to intercept nearly impossible to decipher traffic.
  • Take note of major breaches in the news. If you’ve done business with an institution that has suffered a data breach, determine what information may have been stolen, and immediately change your password.
  • Remember to keep your security as portable as you are. Whether at a local café or visiting another country, be sure to implement the same safeguards, such as a VPN, even if it requires extra work.
  • Monitor the particularly vulnerable persons in your life, such as children and the elderly. Not only are they easier targets, but these groups are not likely to be checking their credit scores and other metrics that might raise red flags.Cyber crimes include child pornography and many perverted individuals take advantage of the vulnerability of minors.

Cybercrime is a massive problem,and it requires a massive respone.A specialized MS in criminal justice is an excellent foundation in this battle,providing the basics on how modern technology and crime fighting meet.The techniques are drastically differnt from the physical world applications of criminal justice.Computer forensics can track the the internet protocol (IP) address of the individual hacker.Internet service provider have records of everything a subscriber does on the internet.Large ISPs often keep their data for as much as 30 days, but that’s not true in all cases. Data storage is a major cost center for ISPs, and some save money by dumping the data very quickly.

There is no law that requires people to maintain there data.With records being digital there existence is very finite,to work with speed and efficiency is necessary to nail these upcoming threats.

The Peculiarities of Cyber Crimes

The Commonwealth Criminal Code Act 1995 states cybercrime is the “unauthorised access or modification of restricted data…unauthorised impairment of electronic communication… and using a carriage service to menace, harass, or cause offence”, where (Bregnant & Bregnant 2014) extends this to “crime unique to electronic networks.” This essay has a focus on Advance Fee Fraud , a component of cybercrime, and will analyse why individuals fall subject and the impact of such a crime on individuals, Australian National Security, government and law enforcement agencies. Contemporary criminal justice responses will be evaluated, showing to be victim-focused, concluding with preventative strategies. Reliable journal articles and government sources will be used throughout as an evidence means.

Advance Fee Fraud (AFF) uses one or more components of the internet to transmit proceeds of fraud to financial institutions or to those associated (Chang 2008, p. 73). The origin is unclear, however (Scannell 2014) states that it mainly originates from Nigeria, referred to as the 419 scam, being the Nigerian criminal code for fraud, where (Whitty 2018, p. 97) also indicates that Nigeria is the foremost region for this fraud. AFF was the result of the second republic reign of President Shagari, where an economically pressurised public sector began conducting in illegal trades, and with the rise of the internet, a more pragmatic way of executing these (Chang 2008, p. 74) (Esen 2002, p. 269). AFF is most commonly evident in emails sent from Nigeria, which seek investors to advance sums of money with guarantee of shares within the investment, however, this miscarries and leaves victims with zero reward and funds paid in advance (Chang 2008, p. 74). Most emails are personal; “I am… Investment Manager from Central Bank of Nigeria. I have just made a recent investment and I believe you are a trusting and reliable person for this opportunity. These are my contact details… please provide your personal bank details for your share of dividends paid into” (Onyebadi & Park 2012, pp. 182-183). Others seek victims to aid with accessing deceased estates, or offenders claim to be of high authority/royalty with funds to distribute to others.

(McQuade 2006, p. 141) mentions “there has been extremely little empirical testing of established theories to explain in explicit terms why cybercrimes occur.” However, with the rise in the digital age, such as the rapid advancements in mobile technology and computer-mediated communications, this has facilitated heightened opportunities for AFF and many other cybercrimes to occur (Williams, Bearmore & Joinson 2017). (Williams, Bearmore & Joinson 2017) mention that a small group of individuals appear to be more subject to repeat victimisation, such as those familiar with, and trust the offender. Additionally, individuals with high self-awareness consider personal knowledge and attitudes to a greater degree within decision-making and have higher resistance to persuasion attempts, despite this, when individuals see similar traits to the offender, self-focus can actually increase susceptibility, and in relation, those who have lack of self-control are often compulsive and have increased susceptibility, or even those ‘emotionally alone’ individuals may be at greater risk (Williams, Bearmore & Joinson 2017).

AFF has proliferated into a global issue, impacting individuals, organisations, governments and countries psychologically and financially (Whitty 2018, p. 97). The Australian Competition and Consumer Commission (ACCC) 2017 report shows that more than 200,000 scam reports were received, with losses equating to over $340 million, a $40 million increase from the 2016 report, with $4.6 million incurred though AFF (ACCC 2018). (Productivity Commission 2019, p. 3) affirms that during 2014-2019, over $500 million has been received from Australians. (Broadhurst 2017) explains that globally, cybercrimes cause annual losses of around USD $445 billion.

In 2016, the Australian Institute of Criminology conducted an in-depth, semi-structured, face-to-face interview study, involving eighty victims aged thirty to seventy-seven years who had reported a minimum financial loss of $10,000 to Scamwatch, with the greatest loss being $500,000 (Cross, Richards & Smith 2016). Two-thirds were subject to AFF, the other third Romance Fraud, and in conjunction with financial loss, the majority stated they were psychologically impacted as well, expressing the fraud as “soul-destroying and devasting” and even suicidal for one participant, with another conveying; “How did an intelligent person become victim? I’ve got a PhD for God’s sake!” (Cross, Richards & Smith 2016). However, (Norris, Brookes & Dowell) explain that weakness for incentive-driven behaviours cause these scams to sometimes be irresistible.

Additionally, (Hutchings 2013, p. 44) expresses that in 2011, a survey involving Australian’s who had been recognised by the Australian Transaction Reports and Analysis Centre, which uses financial intelligence and regulation to disrupt money laundering and terrorism financing, to have advanced funds to Nigeria in 2008, 59% had reported financial losses of around $12,000 during a one year time period, where 54% experienced financial hardship. Of this study, 43% reported emotional trauma, 40% reported a decrease in confidence within others as well as 12% experiencing marital or relationship complications.

AFF also impacts national security and the government, with the Australian Cyber Security Centre expressing during 2011-2014 the amount of cybersecurity episodes the Australian Signals Directorate acted on rose by 260% (313 and 1131), due to Australia’s wealth levels and advanced use of technological platforms (ACIC 2019). In light of this, the 2016 Cyber Security Strategy addresses this as an issue, although is of less significance compared to when cybersecurity was ‘one of Australia’s top tier national security priorities in 2009’ (Brangwin 2016). Regardless of, the Cyber Security Review analysed that cybercrime still directly costs the Australian Economy approximately $1 billion, as well as damages employment, personal identity and reputation together with depresses psychological wellbeing (ACIC 2019).

Overall, the true cost of AFF is under-representative due to under-reporting, where (Rosoff et al. 2004, p. 479) voices “some experts have adopted an ‘agnostic’ position that the true cost is unknowable.”

In response, policing AFF and other cybercrimes relies heavily on victim reporting, and due to the psychological impacts, many are reluctant to report, showing around 95% cases go unreported, or individuals feel as though no action will be taken regardless of reporting, where (Hutchings 2013, p. 2-3) states that less than 20% are likely to result in criminal charges. Police face complications identifying and prosecuting due to anonymous offenders, and thus, have changed their responses to be victim-focused (Webster & Drew 2017, p. 43). Australian jurisdictions have commenced strategies which focus on recognising victimisation and then unsettle this, such as sharing information regarding offenders with international Police jurisdictions (Webster & Drew 2017, p. 43).

The Fraud and Cyber Crime Group (FCCG) based within Queensland Police have adapted this, attempting to remove the fraud once identified using Australian financial data (Webster & Drew 2017, p. 43). FCCG ran nine semi-structured qualitative interviews over two months, including 219 victims, however 45.2% were uncertain if they were victims of AFF (Webster & Drew 2017, p. 43). The findings showed that a quarter of victims stopped sending money overseas and a third acknowledged that they were victims, however it is concluded that more research is required to better guide the method’s execution, as the detectives involved felt underprepared to implement such a strategy (Webster & Drew 2017, p. 49).

(Cross 2016) also adds policing AFF is complex, noting that Australian criminal justice responses now include Police and Consumer Protection agencies using financial intelligence to identity potential victims under a victim-focused approach. In 2013, South Australia Police adopted project Operation Disrepair, targeting Australian’s who transfer funds to Nigeria and Ghana through sending letters to victims which convey their anticipation of the fraud, in attempt to stop it from persisting (Button & Cross 2017, p. 206). The 2018-19 South Australia Police Report enlists that this operation functions with other law enforcement agencies and the community, having a substantial reduction within the number of individuals subject to AFF (Stevens 2019, p. 4).

Therefore, several preventative strategies have been initiated to aid with combatting AFF, including Scamwatch, under the ACCC, stating that individuals should never provide financial details online or agree to make advance-fee payments, should not communicate with strangers, and if this occurs, individuals should seek independent advice from another individual, or if the offender claims to be from an organisation, individuals should contact that organisation with details provided on the website (ACCC 2020). If individuals believe they have fallen subject, they can report it on ACCC via the report a scam page, or to the Australian Federal Police (AFP) (ACCC 2020) (AFP 2020).

(Hutchings 2013, p. 34) mentions that the annual campaign run by the Australasian Consumer Fraud Taskforce (ACFT), now Scams Awareness Network (SAN), is another effective preventative strategy, being comprised of twenty-two government agencies and departments alarmed with consumer protection in regards to fraud, and works to enhance Australian and New-Zealand governments’ enforcement methods against fraud. SAN is also responsible for the National Scams awareness Week Campaign, such as in the 2019 week where the topic was ‘Are you too smart to be scammed?’, which aimed at promoting individual awareness (Scamwatch 2019).

(Cross & Kelly 2016) add that publicity, awareness campaigns and educational drives are other effective preventative strategies as these “inform the public about the most common precautions against crime.” Contemporary prevention campaigns are victim-focused and aim to diminish victimisation, future offending and attempt to heighten individual collaboration with law enforcement (Cross & Kelly 2016). (Cross & Kelly 2016) also state that the Little Black Book of Scams (LBBS) is another victim-focused strategy, seeking to provide information and awareness in reducing the prevalence of fraud victimisation, as well as decreasing the susceptibility of potential victims to the community. (ACCC 2016) aver the LBBS to be internationally recognised as an essential tool for educating consumers and organisations on the different types of scams and how offenders contact victims, the warning signs together with where to seek help if impacted.

Threats to Australian National Security, governments and law enforcement agencies fall under existing terrorism international law; “an attack against infrastructure with intent to cause extensive destruction of such a place, facility or system, … results in, or is likely to result in major economic loss” (Tully 2012). The superior means of preventing cybercrime is the Council of Europe’s Convention on Cybercrime, establishing offences associated with the confidentiality, integrity and availability of computer data and computer-related offences (Tully 2012). Australia complies with this, introducing the Cybercrime Legislation Amendment Bill 2011, which increases intelligence and law enforcement agencies authority to obtain electronic communications and exchange data with foreign counterparts, as well as the Criminal Code Act 1995 giving the AFP power to investigate offences made against this Act (Tully 2012).

Department of Home Affairs Cyber Security Strategy 2020 Report shows that since the 2016 report, Australia has opened the Cyber Security Centre, which provides advice to individuals and organisations regarding protection against cybercrimes and alerts when a cybersecurity incident occurs, as well as injecting $50 million into the Cyber Security Cooperative Research Centre, which raises cyber security awareness and explores key security issues (Home Affairs 2020).

Concluding, AFF is shown to have devasting losses, both financially and psychologically, for Australians. Additionally, the crime costs the Australian Economy over $1 billion each year. In light of this, modern criminal justice responses, such as Operation Disrepair, are now attempting to be victim-focused, rather than offender-orientated, which aids with reducing further victimisation and prevents victims incurring even greater financial losses. To finalise, preventative strategies such as the ACCC’s Little Black Book of Scams allows individuals and organisations to identify scams and thus not fall subject to them, as well as the strategy of amended legislation allowing authorities to have greater power when addressing AFF. As a result of these initiated strategies, Australian National Security is better protected, with cybersecurity no longer being a major focus area for Australia.

REFERENCES

  1. Australian Competition and Consumer Commission 2018, Australian Government, viewed 16 April 2020, https://www.accc.gov.au/system/files/F1240_Targeting%20scams%20report.PDF
  2. Australian Criminal Intelligence Commission 2019, Australian Criminal Intelligence Commission Canberra, ACT, viewed 18 April 2020, https://www.acic.gov.au/about-crime/organised-crime-groups/cybercrime
  3. Australian Cyber Security Centre 2020, Australian Signals Directorate Kingston, ACT, viewed 25 April 2020, https://www.cyber.gov.au
  4. Australian Federal Police 2020, Australian Federal Police, viewed 23 April 2020, https://www.afp.gov.au
  5. Australian Transaction Reports and Analysis Centre 2016, Australian Government Canberra, ACT, viewed 26 April 2020, https://www.austrac.gov.au
  6. Brangwin, N 2016, Parliament of Australia Canberra, ACT, viewed 18 April 2020, https://www.aph.gov.au/About_Parliament/Parliamentary_Departments/Parliamentary_Library/pubs/BriefingBook45p/Cybersecurity
  7. Bregant, J & Bregant R 2014, ‘Cybercrime and computer crime’, Encyclopedia of Criminology and Criminal Justice, viewed 15 April 2020, https://onlinelibrary.wiley.com/doi/full/10.1002/9781118517383.wbeccj244
  8. Broadhurst, RG 2017, ‘Cybercrime in Australia’, in D Antje (ed.), The Palgrave Handbook of Australia and New Zealand Criminology, Crime and Justice, Palgrave McMillan, Canberra, pp. 1-11, viewed 25 April 2020, https://www.researchgate.net/publication/316172998_Cybercrime_in_Australia/link/58fa96d34585152edecedf5a/download
  9. Button, M & Cross, C 2017, Cyber Frauds, Scams and their Victims, Routledge, New York, pp. 1-232, viewed 26 April 2020, https://books.google.com.au/books?id=GggqDwAAQBAJ&pg=PA206&lpg=PA206&dq=operation+disrepair&source=bl&ots=yWUs5ASQLj&sig=ACfU3U0MKqbwJv84QEdQHwoj8kiCIZuEew&hl=en&sa=X&ved=2ahUKEwi5q87IwoXpAhV8wzgGHVvtBWYQ6AEwBXoECAsQAQ#v=onepage&q=operation%20disrepair&f=false
  10. Chang, J 2008, ‘An analysis of advance fee fraud on the internet’, Journal of Financial Crime, vol. 15, no. 1, pp. 71-81.
  11. Criminal Code Act 1995, Federal Register of Legislation, viewed 21 April 2020, https://www.legislation.gov.au/Details/C2017C00235
  12. Cross, C 2019, ‘‘Oh we can’t actually do anything about that’: the problematic nature of jurisdiction for online fraud victims’, Criminology & Criminal Justice, pp. 1-18, viewed 18 March 2020, https://journals-sagepub-com.ezproxy.utas.edu.au/doi/10.1177/1748895819835910
  13. Cross, C 2016, ‘Using financial intelligence to target online fraud victimisation: applying a tertiary prevention perspective’, Criminal Justice Studies, vol. 29, no. 2, pp. 125-142.
  14. Cross, C & Kelly, M 2016, ‘The problem with ‘white noise’: examining current prevention approaches to online fraud’, Journal of Financial Crime, vol. 23, no. 4, pp. 806-818.
  15. Cross, C, Richards, K & Smith, RG 2016, ‘The reporting experiences and support needs of victims of online fraud’, Trends and Issues in Crime and Criminal Justice, viewed 18 April 2020, https://aic.gov.au/publications/tandi/tandi518
  16. Esen, R 2002, ‘Cyber crime: a growing problem’, The Journal of Criminal Law, vol. 66, n. 3, pp. 269-283.
  17. Hutchings, A 2013, ‘Theory and crime: does it compute?’, School of Criminolgy and Criminal Justice, Griffith Univeristy, pp. 1-286, viewed 27 April 2020, https://research-repository.griffith.edu.au/bitstream/handle/10072/365227/Hutchings_2013_02Thesis.pdf?sequence=1
  18. McQuade, SC 2006, ‘Understanding and managing cybercrime’, International Journal of Cyber Criminology, vol. 3, no. 1, pp. 492-493.
  19. Norris, G, Brookes, A & Dowell, D 2019, ‘The psychology of internet fraud victimisation: a systematic review’, Journal of Police and Criminal Psychology, vol. 34, pp. 231-245.
  20. Onvebadi, U & Park, J 2012, ‘‘I’m sister Maria. Please help me’: a lexical study of 4-1-9 international advancement fee fraud email communications’, International Communication Gazette, vol. 74, n. 2, pp. 181-199.
  21. Ross, S & Smith, RG 2011, ‘Risk Factors for advance fee fraud victimisation’, Australian Institute of Criminology, pp. 1-6, viewed 15 April 2020, https://aic.gov.au/publications/tandi/tandi420
  22. Productivity Commission 2019, Australian Government Canberra, ACT, viewed 27 April 2020, https://www.pc.gov.au
  23. Scamwatch 2020, Australian Competition and Consumer Commission, viewed 16 April 2020, https://www.accc.gov.au/system/files/F1240_Targeting%20scams%20report.PDF
  24. Scannell, J 2014, ‘The ‘419 scam’: an unacceptable ‘power of the false’?’, Journal of Multidisciplinary International Studies, vol. 11, no. 2, viewed 16 April 2020, https://epress.lib.uts.edu.au/journals/index.php/portal/article/view/3220/4579
  25. South Australia Police 2019, Government of South Australia Adelaide, South Australia, viewed 26 April 2020, https://www.police.sa.gov.au/__data/assets/pdf_file/0006/838950/SAPOL-2018-19-Annual-Report.pdf
  26. Tully, S 2012, ‘Protecting Australian cyberspace: are our international lawyers ready?’, Australian International Law Journal, vol. 19, no. 4, pp. 49-77.
  27. Webster, J & Drew, J 2017, ‘Policing advance fee fraud (AFF): experiences of fraud detectives using a victim-focused approach’, International Journal of Police Science & Management, vol. 19, n. 1, pp. 39-53.
  28. Whitty, MT 2018, ‘419- It’s just a game: pathways to cyber-fraud criminality emanating from West Africa’, International Journal of Cyber Criminology, vol. 12, no. 1, pp. 97-114.
  29. Williams, EJ, Beardmore, A & Joinson, AN 2017, ‘Individual differences in susceptibility to online influence: a theoretical review’, Computers in Human Behaviour, vol. 72, pp. 412-421, viewed 18 April 2020, https://www.sciencedirect.com/science/article/pii/S0747563217301504#!

Cyber Crime, Security & Human Psychology: Internet Addiction, Literacy on Cyber Crime and Security

ABSTRACT

The word “cybercrime” itself saying it’s a crime. In India as well as in a world it’s a business now i.e. to trap the people using fraud mail, phone call, social sites and many more. Because of only bad psychology, they are trapping people. On it we have to provide proper education on cyber-crime and security. We have to spread awareness in society. We always use “Precaution is always better than cure” using same thing we have to take more precaution. In simple way we can say that cybercrime is unlawful acts wherein the computer is either a tool or a target or both. [1] This paper illustrates and focuses on cybercrime, its impact on society, types of threats, and cyber security and Human Psychology.

INTRODUCTION

Basically word “Information technology” showing Information with Technology. If any new thing then it will relate with its positive and negative shades. Same way cyber is not an exception. In regular life we are taking precaution same way we have to take precaution for cyber world i.e. security so we can use anti-virus, firewalls and different digital equipment’s for our computer or mobile. Information technology has eased out almost every humanized action.[2] Human is using internet facility and its access is also easy to everyone. In India person is using internet from IT background, non IT background, literate, non-literate, educated, uneducated. But we do not know how to handle security, cyber-crime and how to face it if we are victim. For it we have to spread awareness in a security.

Now a day’s Internet is addiction to all and we are finding in youngsters and teenager. Internet addiction might include an extreme fondness for pornography, online relationships, online gambling, online games and some non-essential activities.[3] Because of non-literacy, non IT background and uneducated people are fall victim to illegal activities like pirated files downloading, downloading illegal software[3] and simple they don’t know sign out or log out option. They are directly closing the window. Some skilled humans might fall in such activity and they are violating the law. If our psychology is good then we will do such malicious work.

INTERNET ADDICTION

Are you playing games on internet is excess? Are you compulsively shopping online? Cannot stop checking Facebook, twitter, WhatsApp and like such social media? Are you surfing daily? Is your excessive computer use interfering with your daily life? If your answer is yes for any question then you may be suffering from Internet Addition Disorder, also commonly referred to as Compulsive Internet Use (CIU), Problematic Internet Use (PIU), or disorder. Originally debated as a “real thing,” it was satirically theorized as a disorder in 1995 by Dr. Ivan Goldberg, MD who compared its original model to pathological gambling.[4] We are psychologically engaged with internet. It’s harmful to us. We are isolating our family and doing our work. Person is living in virtual fantasy world and trying to connect with real life human.[3]

CYBER CRIME

Like any crime if we are doing any crime with computer, digitally by internet or electronically i.e. any criminal activity where a network, computer, mobile or electronic machine is target and we are making wrong activity.

There are many types of cybercrimes which are following:

  • Denial-of-service [5]
  • Cyber stalking [5]
  • Phishing scams [5]
  • Fraud and identity theft[6]
  • Malicious and Malware code[7]
  • Email Harassment
  • Financial crimes
  • Selling illegal articles
  • Spoofing via E-mail

IMPACT ON SOCIETY

Simply, we can say i.e. loss of anything e.g. Personal data loss, Money loss and etc. it’s a disturbance or interrupt to human with smooth life. It is breaking vulnerability, availability and confidentiality of our data.There has been an increased clamping down on cyber-piracy related to the film and music works.[8] This is serious issue to down a business. It is said that the next war is cyber war.

After demonetization in India, Cyber-crime rate in India was increased. Post-demonetization of the Rs. 500 and Rs 1,000 notes, a majority of banks, mobile applications and e-wallets have been targeted by scamsters,” said PavanDuggal, a supreme court advocate and an expert in cyber law.[9] “Cybercrime has grown to an alarming extent since note ban,” said Pawan Duggal, cyber expert and Supreme Court lawyer.[10] More than 27,000 cybercrimes were reported in first half 2017, according to data released by the information and technology ministry. The figure was 50,362 for the entire 2016. If the 2017 data were extrapolated for a year, it would be an almost 10% increase in cybercrime, highest in recent years. The average jump in the past three years stands below 1.5%.[11]

LITARACY ON CYBER CRIME

According to me in India less literacy in cyber-crime. We want to spread awareness in society because if any person is doing such activity then he or she doesn’t know we are doing cyber-crime or we are doing against the rule. If any person is doing such crime and it works then possibly he is serious criminal and his interest will also increase. He gets stuck into crime. But if we provide proper education, awareness or psychological treatment on the cyber-crimes then at least we can minimize the crime. We must aware them on cyber laws and about its act.

CYBER SECURITY

We are always maintaining security everywhere in our general life same way if we are using computers, mobiles or laptops, etc. then we have to protect or maintain the data from the unauthorized access, attacks, and vulnerabilities delivered via the Internet by cyber criminals. Because of less literacy about cyber crime and security, we are not maintaining the security properly.

Prevention tips for cyber crime:

  • Install licensed copy of Operating System.
  • Install licensed copy of antivirus.
  • Read the fine print on website privacy policies.[12]
  • Keep your software updated.[13]
  • Talk to your children about the internet.[13]
  • Review financial statements regularly.[14]
  • Please sign-out or log-out your account.
  • Keep your firewall up-to-date.[14]
  • Maintain strong password and different password for every account.
  • Change your password regularly at least once in a month.
  • Don’t reply to unfamiliar emails.
  • 12. Update your browsers regularly.
  • Don’t share your personal information via email, social sites or phones, etc.
  • While using any website please check weather website connection is secured or not.
  • Turn off or log out your computer when not in use.

CONCLUSION

We must take precaution of our self. We have to handle unlawful activities effectively. We must provide awareness in the society on internet use so we can change the psychology of user and disinclinethem. We need to increase cyber literacy. We have to follow rule. i.e. “Safety and Security First on Cyber”

REFERENCES

  1. http://www.mondaq.com/india/x/28603/technology/Cyber+Crimes+an+unlawful+act+where+in+the+computer+is+either+a+tool+or+a+target+or+both
  2. http://www.lawyersclubindia.com/articles/Admissibility-of-Electronic-Evidence-under-Indian-Laws-A-Brief-Overview-10310.asp
  3. Research paper by Dr.N. KalaiArasi and Praneetha V.(Internet Addiction and Cyber Crime Engagement of Undergraduate Students, ISSN : 0973-6190)
  4. https://www.psycom.net/iadcriteria.html
  5. https://www.pandasecurity.com/mediacenter/panda-security/types-of-cybercrime/
  6. https://www.ccplus-usa.com/cyber-crime-can-prevent/
  7. https://www.sciencedirect.com/topics/computer-science/malicious-code
  8. Research paper by Mr. Hemraj Saini, Mr. Yerra Shankar Rao and Mr. T.C. Panda (Cyber-Crime and their impacts : A Review, ISSN: 2248-9622 www.ijera.com, Vol. 2, Issue 2,Mar-Apr 2012, pp.202-209)
  9. https://cio.economictimes.indiatimes.com/news/digital-security/cyber-crime-cases-shoot-up-post-demonetisation/56133910
  10. https://www.hindustantimes.com/india-news/as-government-pushes-for-digitised-cashless-economy-cyber-frauds-rise/story-6lHR0NojMuuoi652Q8F0uK.html
  11. https://www.msn.com/en-in/news/newsindia/cyber-frauds-rise-after-demonetisation-tikamgarh-to-jamtara-turn-hubs-for-cheats/ar-AArC5nF
  12. https://www.ccplus-usa.com/cyber-crime-can-prevent/
  13. https://us.norton.com/internetsecurity-how-to-how-to-recognize-and-protect-yourself-from-cybercrime.html
  14. https://www.ccplus-usa.com/cyber-crime-can-prevent/

The Peculiarities Of Cyber Threat Intelligence

Abstract

Darknet has become a hub for piracy communities. It providing cyber criminals with the ability to freely discuss and sell unknown and emerging exploits. This paper focuses on studying the effectiveness of automated learning to provide information about threat intelligence from darknet penetration forums. Develop an effective system for extracting information from communities and applying automated learning methods to predict high threat elements. These potentially threatening actors include user generated contributions that may be intended to sell or discuss cybersecurity exploits. In particular, the study focuses on identifying day to day threats. This module provides a great ability for cyber security professionals to create advance threat intelligence information for a more proactive defensive approach by reviewing Darknet forums, extracting data and building an automated learning model. The paper reviews different classification methods to predict threat levels using text extraction, Naive Bayes, Nearest Neighbor, Random Forest and Vector Machine.

Introduction

Threat intelligence quickly became ever more powerful priority. There is a general awareness of the need to ‘threaten’ Intelligence, sellers fall on themselves to offer A confusing variety of threat intelligence products. The promise of smartly attractive threat. Organizations should help to understand and business risk management for unknown conversion Threats to known and mitigating threats, Improving the effectiveness of the defense. After all, you need target targeted attacks defense. If the analysis is performed correctly, IQ products threat can be Really useful for business, providing real benefits at all levels, from defenders to the ground to the board. However, the intelligence threat is currently not precisely defined, with little agreement compatibility on what it is and how to use it. There is a risk that it is in a hurry to keep with the direction of threat intelligence, Organizations will end up paying big Cash for products that are interesting but of little value in terms of Improve the security of their business. Doing intelligently the threat is important, but doing so correctly is critical. To address this, I reviewed many InfoSec authorities, the area is designed as a frame for Threat intelligence can be scaled down Different sectors, organization sizes and organizational objectives.

What is Cyber Threat Intelligence?

Intelligence is defined regularly as Information that can be disposed of Change results. It is worth considering traditional intelligence before exploration intelligence threat, as in many ways this is simply traditional intelligence apply to cyber threats. Since Defense Department briefing Donald Rumsfeld In 2002, the concept of ‘known’ and ‘Anonymous’ tend to appear regularly at discussions on the subject of intelligence. ‘Unknown’ is a threat do not know we do not know, In other words, we have no idea that the threat Even exists. For example, we completely unaware that there are those waiting outside office to attack the CEO. Known Unknown is something we know I do not know, maybe we were told CEO will be attacked outside Office, but we have no details about who, why, when or how. One description of threat intelligence is the process of moving threads from ‘unknown assailants’ to ‘known unknowns’ By detecting threats, and Then ‘known unknowns’ became known as ‘ Known, where the threat is well understood and ease them. For example, when we are the chief executive will be attacked out our office, we find the attackers. However, this is great Challenge in traditional intelligence equally when applied to cyber threats. Butler’s intelligence review on Weapons of mass destruction note a Limit intelligence, in it often incomplete and rarely gets the whole The story as intelligence seeks by nature to gain knowledge of other things we are blocking.

In the world of information and cyber Security, intelligence and threat is a young man domain. There are a large number of threat Intelligence vendors and consulting papers which describe very different products and activities under the slogan ‘Threat Intelligence”. As with conventional intelligence, the basic definition is that threat intelligence is information that can help make decisions, in order to prevent an attack and reduce the time it takes to discover attack. Intelligence can also be information instead of helping specific decisions. Helps to shed light on the scene of risk. However, the nature of that information can vary greatly, often with almost no or comparability between various intelligence offers threat. The prices for a similar offers may also vary significantly with 100 times differences in prices of different products providers, even when claiming products to meet the same need. Products and services are sold as a threat intelligence can vary greatly in their lives Scope, usability, objectives and content. For example, some products come in the form of prose explains it developments in a particular area, while in the lower level, others may be influx of coordinated indicators in XML format, Such as IP addresses or binary hashes. Even within similarly established sources, such as feeds the settlement indicators. There is very little overlap between competition products. Recent research suggests that in the three common feeds for IP addresses that have been marked contains more than 20,000 IP addresses. This indicates that the attackers are using huge numbers of IP addresses. Probably The truth is a mixture of both interpretations. As the market demand for threat grow intelligence with a large number from organizations that are interested in them products or build programs actively. Some vendors offer current products or reformat versions of the list products as ‘threat intelligence’.

Types of Threat Intelligence

Any information about threats that Helping to inform decisions can be a threat Intelligence. This broad definition it clearly covers a huge variety of sources Information. The use of these relatively abstract sources will more often be more consciously conscious of threats of organizations using the poor Expensive products. With the fall of many different sources threat intelligence class can do that it would be useful to have subdivisions for concentration effort and better management of information. For example, a national prose report activity cannot be compared to an IP address their actions cannot be done in the same way. Identify types of threat intelligence it can be based on who consumes intelligence and what it aims to achieve. We suggest a model collapses intelligence threat to four distinct Categories based on consumption. The following is a summary of the four categories:

Strategic Threat Intelligence is high-level Information, consumed at the Board level or before Senior decision makers. Does not seem to be artistic can cover things like the financial impact of cyberspace, attack Trends and areas that may affect at High level business decisions. For example a report will indicate that the particular government believes to penetrate a foreigner companies that have direct competitors inside their home and thus board you may think about this fact when you weigh the benefits and risks of entering it competitive market and to help Assign them a voltage and budget to ease expected attacks. Strategic Threat Intelligence is almost exclusively in a form of prose, such as reports and briefings or conversations.

Operational Threat Intelligence is Information about specific imminent Attacks against the organization Initially consumed by a higher level of security Staff, such as security managers or heads respond to the incident. Any organization like to be very much a real practical threat Intelligence. In the majority of cases, the government only has sort of access to attack groups and the infrastructure needed to collect this kind of intelligence. For the threats of nation states, simply cannot be any private entity to legally access to the relevant communication channels are then good Intelligence operational threat will not be an option for many. There are cases, where intelligence can be operational such as when the organization targeted by more public actors including hacktivists. It is recommended for organizations To focus on these cases where details Attacks can be found from open source Intelligence or access providers with forums closed chat. Another form of Intelligence is an operational threat that may be available are those derived from existing activity Attacks where activities or events are specified in the result of real world attacks in cyberspace Domain. In such cases, future attacks sometimes we can expect the following Some events. This linkage of attacks to real world events is a common practice in physical security but less common In cyber security.

Tactical Threat Intelligence Often Referred to as tactics, techniques, and Procedures (TTPs) and information about how actors threaten to launch attacks. Tactical intelligence is consumed by defenders and incident responders make sure that their defenses and alarm the probe is prepared for the current Tactics. For example, the fact that the attackers they use tools for clear text credentials then return those credentials through PsExec is a tactical intelligence that can be paid defenders to change and prevent policy Interactive recordings by officials by ensure capture will use PsExec4 tactical threat intelligence is often acquired by reading white or technical papers press and communicate with peers in others organizations to see what they see Attackers, or purchase from a provider of this intelligence.

Technical Threat Intelligence is Information that is Consistently consumed through technology Means. An example is IP feed URLs suspected of being malicious or Involved as command and control servers. Technical intelligence threat is often the short lived attacks can also easily change IP addresses or modify MD5 amounts. Thus Need to consume such intelligence Automatically. Intelligence technical threat usually the investigation feeds or Control functions for a business.

Threat Intelligence Cycle and Functions

Collapse intelligence threat to specific functions more scalable as well employees are likely to be more skilled in particular aspects of intelligence. Individual parts it focus on the cycle and its development, while it will be easier to track the inadequacy results from the program for specific weaknesses. The steps in the cycle are as follows:

Requirements: decision makers need to determine exactly what they want to know and what should be the threat intelligence program with them. For example, Let us know of all widely known and widely vulnerabilities exploited during one day of become known. This could be so referred to as tasks. Requirements can also be more demanding From threat intelligence teams, such as ‘Get details and Samples of the majority of criminal groups Remote access tools for our forensics Working teams. Threat intelligence teams need to work with them Decision makers to agree on the requirements which is not only feasible but decisively, which will supply the products on which the organization will be able to act.

Collection: a Step that can dominate much of threat intelligence’s budget is collection Information or expected data, to meet the requirements. The information can come from great variety of sources such as, news feeds, Paid services or feeds, forums, white Leaves and human resources. Almost all paid for intelligence threats from sellers coming under this category will require it form of analysis. Understand what the required sources are likely to be produced Information and to be reliable and provide Information that can be consumed in time.

Analysis: Convert data to information which actions can often require analysis. In some cases, the analysis will be relatively simple. In other Cases will require extraction related information from a larger job such as, a report and understand the elements applies to the assets of the organization. To the important role of the analyst is to look for opportunities to create new types of intelligence through the synthesis of the current intelligence. For example, the parser may spend some time reading through white papers extracting the compromise pointers. Also identify operational intelligence Can be given to network advocates. After reading these papers and others sources, the analyst may specify directions that can be grouped together in strategic intelligence product to higher management. Interaction between the collection and analysis often occurs where, analysts are aware that the group is not production of raw materials required. Maybe that’s the different information you need To be collected for appropriate analysis. The group can then be modified The continued analysis.

Production: At this stage, An intelligence product is created posted to customers (senior Executives, network engineers, Defenders, etc.). The product will be different depending on the subtype of intelligence and customer. For example, perhaps Require a three line report to the council, White paper for defenders, or simply Base added to defensive devices.

Evaluation: Another often neglected stage of intelligence threat is an assessment of the intelligence product to ensure that Meet original requirements. If requirements are met, then the product can feed requirements to help develop new deeper requirements which builds on the intelligence product. The intelligence cycle can be repeated. If it was intelligence produces threat does not meet requirements, then suggest failure in at some point. The model can be a session used to determine where failure occurred. Are the requirements unrealistic? Act Collect the use of wrong sources? It was Data contained in sources but not Developed during the analysis, or did the final Product does not contain acquired intelligence?

Building a Threat Intelligence Programme

As mentioned previously, it is very important that the threat Intelligence focuses on requirements with the stage of threat requirements. The flow of intelligence determines which questions you need an answer. Since definition both conventional intelligence and threat is only information that can be acted upon it makes sense that organizations must also ensure. They will be able to act on the answers request. Resources and tasks will be required by both intelligence and threat function and whoever intends to work on what is produced Intelligence. For example, obtain the MD5 / SHA-1 list disaggregate if the organization does not have the capacity to do so look for binaries with those on the hash network or hosts. Once the requirements are determined, the next step is to select sources from The information and data to be collected, along with the analysis needed to produce Intelligence threat is executable.

Sharing Threat Intelligence

In the realm of traditional intelligence, the need to “know’ is a solid security principle. By restricting information to those who really need it, you can reduce stolen data when someone arrives that has been hacked. In today’s world of effective motivation attackers, often with state funded nationalism and the provision of resources such security principles very important when it comes to limitation loss of information. However, in the world of threat intelligence there is also a need to participate principle. If you participate all types of threat intelligence, other organizations will help defense against attacks by creating participation of communities and relationships. Everyone can benefit from each other intelligence. The company can be damaged when there are competing business computers hacked because stolen information can often use against other organizations in the same sector and if it is a national state keen to support its own companies. Moreover, many attacks are not targeted one organization is in isolation. As whole communities attack, those communities need defense. The goal is lift the bar and increase continuously cost for an attacker.

How to Share Threat Intelligence

Different types of threat intelligence you will need to share them in different ways. However, active participation requires confidence as shared information. They may be sensitive for example, detection you were attacked. Trust is also important on another level as is generally unwise to allow players to threat to know what you know about them. The attackers may have realized that their tools are not connected to the home. However This does not mean they know how management to stop them, so what they need to change. For these reasons closed and reliable groups can enable deeper sharing. Otherwise it would be possible. Groups it can take multiple forms for example, there is the exchange of information for different industries operated by parts of the UK the government there is online Portal CiSP, which ensures that members they are the legitimate individuals in the approval Organizations. Various industrial sectors it has groups sharing information. Sometimes by forum and sometimes simply via email list. There is too less formal groups such as those set up public forums online. More set its members can be trusted and security of information within the group and more effective to be involved. Organizations are advised to seek of these groups if they do not exist, to Consider its establishment. Support this Groups by encouraging employees to contribute. It can come from a reliable personality relationships with people are similarly developed In other organizations. This of course is not scalable and can take some time to build needed confidence while the needs of participation to be mutually beneficial for Succeed. However, the value of this relations should not be underestimated. It must be supported directly. Attendance in communication groups and sharing information can be helpful, but there are also small ways to help with development. These productive relationships such as allow members of the intelligence team threat to guide meals with their legitimate commercial expenses.

Vulnerability Assessment and Threat Intelligence

Some organizations include exposure assessment within threat range intelligence function. Threat intelligence function has grown up from the team that manages the weaknesses. This is it can make sense in both cases the team is whose task is to find information on a wider scale Internet, information analysis to decide whether it applies to business and then working on it. Even organizations can tends to look at weakness notification as ‘Threat Intelligence’. Distinction between vulnerability Information and intelligence threat Fluent. That a gap exists in the product used by the organization is important information and requiring action but it is not specific threat information. However, the information that a certain attack group exploits a known weaknesses as I saw shortly after Security error issued Heartbleed. Whether or not the same team is being processed assessment of vulnerability and threat IQ is up to the individual Organization, but care should be taken avoid obscuring the team’s goals in a harmful way of her job. Vulnerability assessment Must be continuous and business as usual Function to detect known vulnerabilities that the patching can be originated through missed or configuration error. Intelligence threat you must be responsive to evolution requirements with a clear task. Interaction between intelligence and threat vulnerability assessment is often desirable. For example, the intelligence team threat specifies that a particular security vulnerability exists being actively exploited, especially when there are indications that exploitation is speak within the organization the industrial sector, it must lead to an assessment of vulnerability beyond borders to ensure this that any such attack on the organization will fail.

Conclusions

The risk of intelligence is at great risk to become a buzz word. With so many offers divergent and even great pressures ‘do’ threat intelligence. Risk organizations invest large amounts of time and money with little positive impact on security. However, by taking threat intelligence to its own intelligence roots applying the same strict principles, strategy can be much more effective. As with conventional intelligence and addressing cyber threats requires careful planning, implementation and evaluation. Only then can an organization hopes to target its defenses effectively and increase the awareness of threats and improved response to potential attacks. Much can be learned from a successful threat intelligence study Software, as is useful common mistakes underlying the threat Intelligence programs fail to deliver real business benefits. It quickly becomes clear that effective intelligence is focused on them. The questions that an organization wants to answer rather than simply try to collect, handle and handle massive amounts of data. However, it is important to ask the right questions in the first place. Subsequently this research is discussed in detail in the requirements identification cycle and compiled analyze data and convert results into a consumable product evaluate the usefulness of this product which feeds on it again asking ‘better’ and more useful questions for the future. There is also a value in breaking the threat intelligence into subtypes, Depending on who uses it, where it comes from and how much work benefit really offers. By relying heavily on one type or error Type of threat intelligence and risk organizations waste effort while leaving themselves vulnerable to attack. Resources and budgeting will always be a business problem institutions. It is important to realize that the most useful sources threat Intelligences not necessarily the most expensive. Enormous the value can be obtained for example, from the exchange of intelligence with other organizations, individual contacts between one person can be the same from the simplest, but most effective sources of information for implementation. This research examines the benefits that can be gained from participation IQ threat, how to do it without exposing Organization for unnecessary business risks.

References

  1. Barnum, M. (2011). Standardizing cyber threat intelligence information with the Structured Threat Information eXpression. MITIRE Corporation, 16, 4-35.
  2. Burger, E. W., Goodman, M. D., Kampanakis, P., & Zhu, K. A. (2014, November). Taxonomy model for cyber threat intelligence information exchange technologies. In Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security (pp. 51-60). ACM.
  3. Macaulay, T. (2015). U.S. Patent No. 9,118,702. Washington, DC: U.S. Patent and Trademark Office.
  4. Macaulay, Tyson. ‘System and method for generating and refining cyber threat intelligence data.’ U.S. Patent 9,118,702, issued August 25, 2015.
  5. Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Guide to cyber threat information sharing. NIST special publication, 800, 150.
  6. Dutta, A., & McCrohan, K. (2002). Management’s role in information security in a cyber economy. California Management Review, 45(1), 67-87.
  7. Cordesman, A. H., & Cordesman, J. G. (2002). Cyber-threats, information warfare, and critical infrastructure protection: defending the US homeland. Greenwood Publishing Group.

Catfishing: Background and Main Causes

The way that people interconnect using the Internet has truly transformed since 1990. Social media has introduced new means for people to communicate with each other and stay connected. People chat with one another and share memes via Facebook, post pictures on Instagram and Snapchat, etc. Technology has significantly altered the way that people search for love. In this modern era, it is not unusual for people to online date. Popular dating apps include: Tinder, Bumble, Hinge, etc. Many might even find romance through social media platforms such as Instagram. Some people might have the belief that internet dating can be dangerous because people could be deceitful about their true identity. “Catfishing,” a popular crime usually amongst younger people, is when an individual lies about their true Identity on the internet in order to lure someone into a relationship. This essay will explain the background of “catfishing” and why people catfish.

Online dating and hookup culture have become the general trend in today’s society, or the “norm”, as well as the possible risks behind it, which include: scammers, false identities, and physical harm. People tend to choose online dating because it’s convenient and easy, and they may be in search of a wider range in the dating world. These apps can be intriguing and fun, but what people do not recognize is that it can potentially ruin relationships. One of the major risk factors with online dating is fake profiles or identities. Today, many people come in contact with fake profiles, however they may not realize. Catfishing is impersonating an individual by using someone’s photos without permission, and usually targeting a specific victim due to a romance interest, whether it be for a harsh joke, or intentionally hurting someone’s feelings. This type of behavior can be viewed at as an act of “crime” or “deviance”. Impersonating someone is extremely illegal and can lead to consequences. Catfishing has the capability to create emotional destruction and distress to individuals resulting in feelings of betrayal, humiliation, depression, etc. Today people are extremely self-absorbed into social media. This has become the new “norm” into networking, making friends, and even finding love. Social media allows individuals to create profiles in which they can alter their information.

As a consistent viewer of the show Catfish, I can classify some of the reasons behind this “cybercrime”. Most of the suspected “catfish” characters have blamed their reasoning on their previous life experiences including: a great amount of bullying, harassment, lack of confidence/ low self-esteem, etc. On some of the episodes I have seen, most of the characters will say that they committed this “cybercrime” as a means for revenge. People are not always happy with themselves and struggle to feel that way, therefore creating “aliases” making them feel comfortable in their own skin. Others might use this as a desire to escape; maybe they are feeling trapped and anxious with themselves. This allows that individual to express themselves freely without their insecurities holding them back.

Two theories that can be applicable as to why people partake in this are the strain theory and the labeling theory. Robert Merton established the strain theory. The meaning behind the strain theory is that people feel “strain” when they are exposed to the cultural goals that they are unable to obtain because they do not have access to these culturally approved means of achieving those goals. Society does not provide adequate means to attain those ambitions. Merton claims that deviance is the result of discrepancy of the goals. The responses of deviance show how society can put a strain on people. Other ways that an individual might respond such as conformity, innovation, ritualism, retreatism and rebellion explain an individual goal and the access to the means. This can either present a negative or positive outcome. For Merton these responses to deviance show how society strains people hence the name of the strain theory. The strain theory can lead to triggers of feelings that can develop into rage and defeat by society which can lead to a result in crime.

The second theory that can explain why people engage in this type of behavior over the Internet is the labeling theory. The labeling theory was created by Howard Becker. The intent of this theory is to explain how society labels a specific individual. However, the individual begins to act deviant when that specific label is given to that individual from a person who has authority. The label is not something that is permanent or a characteristic embedded in an individual. What categorizes an individual would be how one may view themselves and their behavioral aspect that may provide the influence in which causes them to become a deviant.

Internet Crime: Common Types and Prevention Methods

Nowadays Internet crimes are a common problem in the world, and everyone exposes to these crimes. These crimes can cause very serious damage to the individual and society. Many people and companies had suffered from the impact of these types of crimes. To protect us from these we have a cyber-security and some precautions. This paper accordingly discusses and summarize these types of crimes and their preventions.

Internet crimes are a common type of crimes at this century, and everyone using the computer exposed to be a victim of these type of crimes, it threatens everyone from the individuals, societies, organizations or a government. A cybercrime or Internet crimes are defined as any illegal activity that involves a computer, network device or a network. Classifications of cybercrime include: 1) the computer as target; 2) the computer as an instrumentality; 3) the computer as an incidental of other crime; 4) crime associated with the prevalence of computers. These classifications are connected to each other. Some crimes can extend from one category to another.

Internet crimes are categorized in many different categories also it has different methods. The criminal can be an individual or a group of people targeting the same target. That’s what makes Internet crimes more complicated than it occurs in various geographic areas. So, finding and penalizing guilty participants is complicated.

  • Email phishing/spoofing: is a cyber crime which attempts to collect sensitive information such as personal information passwords, credit card details through emails, text messages or telephone. The criminal or the (phishers) often send a message that it’s often asking the user to enter personal information on a fake website which looks like a legitimate site.
  • Cyberbullying: is using the technology to cause harm such as threaten or insulting someone. Usually, this type of crimes is common among young people, and it can affect them in a very serious way.
  • Blackmail/ Extortion: the act of forcing someone to do something by threatening them to expose a secret, harm them to get money or any other benefit from them. This type of crimes affects the victim in a very serious way and it can cause financial problems also the victim can hurt himself or other people life.
  • Viruses: which is spreading viruses to the victim computer and damage the system software or the data on the computer.
  • Copyright Violation: it is the act of stealing people or companies’ ideas, inventions or any creative expressions which are known as ‘intellectual property’ which can include anything such as movies and music.
  • Child Pornography: which is known as any sexual activities involving children using media such as emails, Facebook or any other media, which in the first place targeting children.
  • Espionage (Spying): the use of media or technology to obtaining a secret or confidential information without permission of the holder of the information.

There are certainly more types, but these are the most common types through the Internet. With progress and development the technology through this years, the internet crime with all kinds has become more worrisome to users and making them stress, the security, and safety of the networks used when using the internet to avoid any crime. Also, making users more cautious when dealing with unreliable websites to avoid hacking.

Of course, there are ways to solve these problems and crimes. But they are expensive and sometimes complicated.

Cybercrime is increasing in our generation, and it is creating large losses at the company and individual level. One of the most important effects on the individual and society: identity theft; stealing his credit card; extortion and threat; the theft and use of confidential information; disable Internet; stealing money. Many companies buy security software to keep their information secret from hackers or to protect against viruses. Using anti-virus tools, setting passwords and encryption can reduce the incidence of these crimes.

It’s is not a secret what happened to Aramco Company in 2012 when they got hacked by a group called cutting sword of justice. Due to that many of their computers got destroyed by a virus. Aramco company isn’t the only company that got hacked. It’s a problem that faced everyone. Unfortunately, the number of companies, people and organizations that got hacked are increasing massively. Kingdom of Saudi Arabia as any country cares about her citizens, so protecting their rights and their safety is number one priority to them. Not to forget, that cyber crimes can create so much danger. In order to prevent that danger, Kingdom of Saudi Arabia publishes Anti-cyber crimes laws. These laws consist of 16 articles. They first got published on 26 March 2007. Anyone who commits on of the following cybercrimes wither it was spying on data, accessing to computers with the intention to threaten or hacking a web site with intention to destroy its URL. will be in jail for a period not exceeding one year and will be garage a fine not exceeding five hundred thousand Saudi riyals.

Due to the increase in Internet crimes nowadays, cybersecurity experts gave people some advice and precaution to avoid being a victim of these crimes:

  • Using a safe password: choosing a password that no one will easily guess, making sure it’s long, and it’s highly recommended to use a different password for each website.
  • Keeping the operating system up-to-date: older software may contain bugs or exploitable holes in the code that will make you an easy target to the hackers. By making your operating system running on the most recent update, you will improve your level of security.
  • Being caution of the email links and attachment: Using email links and attachment’s is the most common way to spread viruses and malware.
  • Using tow-factor-authentication: it’s a method that confirms user identity by using a combination of two factors. Something the user knows and something they have. This will provide the user with an extra layer of security.
  • Being protected from viruses: users should make sure that they install an anti-virus on their device or at least have a windows defender running on their computer.
  • Being wary of public Wi-Fi: all information being sent to and from your computer can be intercepted and read by someone nearby. Users shouldn’t transfer sensitive data on public wi-fi.
  • Being aware of what is being shared on social media: users should think before sharing something on the internet, once something been shared users can’t control how people use it.

The main aim of these illegal activities differs from a person to another. Understanding the causes of these crimes and the ways that cyber-criminals use them, will help people to defeat these types of crimes. People should be aware of these activities because it can cause serious damage to them or society. People should be taking big steps to protect themselves. There are various available methods that people can use such as cyber-laws, education, and policy making. All of them will help people to overcome the cybercrimes and their impacts.

The Importance of Cyber Security in Personal Life

Introduction

Cyber security is a worldwide problem. We live in a highly connected and digital world. We will never be truly be safe from every cyberattack online but we can educate and protect ourselves. Ventures expects ransomware costs will rise to $11.5 billion in 2019 and expected to rise every year. Cybercrime affects national government, big business and average people. The Internet is often under regulated with little to none official security. Questions are beginning to be asked about accountable and solutions to a global and increasingly challenging problem. As solutions to cyber security issues are realized and actions being put into place new attacks and trends arise to take its place. Attacks online come in many different forms and often people don’t realize a cyberattack until much later. 48% of data security breaches are caused by acts of malicious intent. To be protected from cyberattacks we first need to know the different types of attacks and the signs to be aware of.

The Different Types of Attacks

Ransomware

Ransomware is when the data on a victim’s computer is locked, usually by encryption (the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot). Payment is than demanded in return for the ransomed data to be decrypted before access is returned to the victim. Compared to other types of cyberattacks the victim is usually aware that an attack has occurred and given instructions for how to receive their data. Ransomware is usually motivated by money, it can spread through email attachments, infected software apps, infected external storage devices and compromised websites.

Phishing

Phishing is when a cyberattack attempts to gain private or confidential information such as passwords, bank information, and more. Posing as a legitimate individual or institution through phone or email, cyber attackers use social engineering to manipulate victims into performing specific actions, such as clicking a link or attachment or willfully giving confidential information. Compared to ransomware victims don’t usually realize anything is wrong until it’s too late after their money has left their bank account or data is spotted to be missing.

Hacktivism

Hacktivism is a social or political activist act that is carried out by breaking into and messing with a secure computer system. Hacktivism is usually directed at business or political targets. The people or groups that carry out hacktivism are referred to as hacktivists. This type of attack was made very public in the 2016 US presidential elections when thousands of Hillary Clinton’s emails were released to the public. On the other side Wikileaks could be called hacktivists as they have hacked and released government documents.

DDoS (Distributed Denial of Service)

A distributed denial-of-service (DDoS) attack is an attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices. From a high level, a DDoS attack is like a traffic jam clogging up with highway, preventing regular traffic from arriving at its desired destination. These attacks are very commonly addressed towards social media or tech firms as it can crash their platform and can have a long-lasting effect on its business, as it directly affects the customer experience.

Computer Viruses

A computer virus is a small software program that can spread from one computer system to another and cause interference with computer operations. Like a flu virus a computer virus attaches to a host, fighting its way and spreading through the host. Its host can act as a carrier or pass the virus onto another host. A computer virus has the capacity to corrupt or delete data on your computer and it can use an email program to spread the virus to other email addresses in your online address book. At worst, it can even delete everything on your hard disk.

Attack Vectors

The approach used to assault a computer system or network. A fancy way of saying ‘method or type of attack’, the term may refer to a variety of vulnerabilities. For example, an operating system or Web browser may have a flaw that is exploited by a website. Human shortcomings are also used to engineer attack vectors. For example, a novice user may open an email attachment that contains a virus, and most everyone can be persuaded at least once in their life to reveal a password for some seemingly relevant reason.

The Impact of Cybersecurity

Cybersecurity is now everyone’s problem, tech is in our homes, at our work, our schools and in our pockets. This isn’t a problem that is going to go away and things might get worse before they get better. The impact of cybersecurity will affect how we interact with our bank, our shopping to our close friends and family. The impacts cybersecurity has on us will change the factors in which business, politics and ourselves view technology. More and more we live in a transparent world, highly connected with online freedom. Should we have to choose between the freedom of the Internet and privacy or piracy. Does more transparency leave us unprotected? Firstly, we need to address where cyberattacks affect us and then we can work out solutions.

Monetary Impacts

Cybercrime has become the new normal and is greatly affecting the financial industry. Every day, attacks are committed against leading companies which were thought to have the most secure systems in place. Cybercrime continues to cause serious financial impact to economies to the tune of close to $600 billion. “According to McAfee and the Center for Strategic and International Studies, when it comes to cybercrime, Europe’s economy is truly suffering, as 84% of the region’s GDP is affected”. We often think of cyberattacks to be one of scams similar to a get rich quick or pyramid scheme but the fact is, that our banks, governments and most likely employers face this constant battle protecting data and money.

Privacy Impacts

70% of Americans surveyed by ESET are worried about the misuse of personal data supplied to websites when banking or shopping online, and an overwhelming majority of Americans now see cybercrime as a threat to their country, one that is getting worse. These are some of the key findings of the ESET Cybersecurity Barometer, a survey that polled 3,500 adults in North America (2,500 in the US and 1,000 in Canada). Without the public’s trust in tech, it makes everything harder to evolve in the future of a tech world. If we cannot trust our bank, our online spending, or our form of communication, it will have a huge impact on both you personally and society.

Piracy Impacts

The cybercrime of piracy has had major effects on how the world views ownership. Photos, videos, anything done on computers can be taken and used without you knowing. The view of ownership has changed it is becoming more and more difficult to claim rights to work without getting it official copyrighted. Claims of damages are hard to estimate and even harder to verify, with estimates ranging widely. This can leave people very afraid if they have been a victim to a cyberattack where their data is gone.

Security Cost

Cyber criminals also focus their attacks on businesses, both large and small. Hackers may attempt to take over company servers to steal information or use the machines for their own purposes, requiring companies to hire staff and update software to keep intruders out. According to EWeek, a survey of large companies found an average expenditure of $8.9 million per year on cyber security, with 100 percent of firms surveyed reporting at least one malware incident in the preceding 12 months and 71% reporting the hijacking of company computers by outsiders. Cybercrime has created a major threat to those who use the Internet, with millions of users’ information stolen within the past few years. It has also made a major dent in many nations’ economies. IBM president and CEO Ginni Rometty described cybercrime as “the greatest threat to every profession, every industry, every company in the world”.

Solutions

Cyber security is ever changing, something that works today is outdated tomorrow. A never-ending battle for protection over money, data and privacy. We might not be able to stop every attack but we can set up protection. Mostly it’s cheap, fast and can save hours of trouble if something was to happen.

As one of the oldest methods for combating cyber security issues, anti-virus software should be your first step in battling cyberattacks. Many computer users, simply don’t install it or neglect to update the software they do have. Start by installing reputable, effective anti-virus software on each laptop and desktop computer. When the antivirus program prompts you to download an update, don’t just ignore it. Viruses, spyware, and malware evolve very quickly, so antivirus software requires constant updates to stay ahead. Download each update immediately to ensure that you’re protected from the latest cyber security threats. This is to give you the best chance and less amount of worry for the future.

You set up a firewall in your home or business in order to protect your network and computers from outside cyber attackers. These devices can come in any format (hardware or software), and both can be quite effective in filtering out unnecessary traffic. Firewalls in hardware form can be placed between your computer and your modem in order to prevent malicious code or viruses from getting through. Firewalls in software format can be installed on nearly any operating system and can also effectively block cyber security risks from attacking your computer or network.

With single-factor authentication, you simply enter a username and password in order to access an account or information online. Two-factor authentication, however, effectively doubles the security you have in place when you login to an online account. Instead of the basic username and password combination, this secure format requires additional information that theoretically only the user knows or has access to. The second level of authentication should require a user to enter a Personal Identification Number (PIN) in addition to a password. Alternatively, it may demand an object in your possession, such as a phone or a credit card. Otherwise, it may require biometric data, such as a fingerprint. Answering an additional question or producing an extra piece of information may seem like an inconvenience, but the added peace of mind it offers is well worth the effort. This should definitely be used for highly sensitive information such as banking VPN. If you use the public Internet at coffee shops or at hotels/airports, it is best to use a VPN to protect yourself. A VPN helps secure your Internet connection so that data traveling in/out of your computer is encrypted. Public Wi-Fi could be an easy place for a cyber attacker to reach a lot of people, but also if someone has a virus, they may unknowingly spread it on.

No one wants to be caught without access to email or bank accounts when cyber attackers strike. To make sure you’re not stuck between a rock and a hard place, make a disaster plan in advance. First, compose a list of all of your credit card numbers and bank account numbers, along with phone numbers to call in case of an emergency. If you find out that your credit card number has been stolen online, the last thing you’ll want to do is spend unnecessary time tracking down your account numbers and your bank’s phone number. Create a system for routinely monitoring your credit card transactions. Start a practice of combing through your transactions online once or twice a week, and make sure that every transaction that is published matches the one you made yourself. If you spot suspicious activity, call your financial institution as soon as possible.

At many organizations and companies, entry-level employees take on massive amounts of security-related responsibility. While the majority of these employees likely do not intend to perform malicious actions, the reality is that many may do so without meaning to. When employees who are charged with data security don’t receive necessary training to show them how to handle information securely, unpleasant results can occur. This can leave the firm and the employee in a messy and embarrassing situation. Instead of providing entry-level employees with only little training, make a point of establishing more elaborate guidelines. Consider only allowing mid-level employees access to sensitive information. Require employees who deal with sensitive data to complete a series of training sessions that prove they know how to handle information discreetly. Perform regular checks to ensure that data is secure, and employees distribute it correctly. Given the increasing number of attacks on sensitive data, it’s more than likely that everyone will become the victim of hackers at some time.

Conclusion

To best protect yourself, implement all of the above cyber security measures. Take on the individual methods yourself, and encourage the companies with which you do business to train their employees to the best of their ability. Only by combining methods can you prevent cyber security breaches from taking over your online life.

Cyber Security and Its Importance: How to Protect Your Business from Hackers

Cybercrime is increasing and developing quickly along with ubiquitous worldwide digitalization. Rapid technology development is prompting cyber security experts to work more and more to counter hackers. To some extent, they can even call their competition an ‘arms race’. Threats really become more tangible. In 2018, global losses from hacker activity amounted approximately $3 trillion, and this year the quantity of leak damage is anticipated to be around 3.5 trillion. Cyber security ventures predicted last year that by 2021, cybercrime would cost the world $6 trillion per annum.

Threats are not always external, Sydney IT contractor Stephen Grant was arrested after high-profile cyberattacks involving 170,000 data records targeting Landmark White, a property firm with which he had been working for 12 years the cost Landmark White is at least $8 million. To avoid these sad statistics, staff need to be taught how to use and interact with data. Let’s talk about why cyber security is crucial for your company today, why you need it, what are some types of frequent attacks and how you can be secure from these assaults.

Cyber Security and Its Importance

Every year, the Internet becomes more of a ‘wild wild west’ (www) and continues to be commercialized, contributing to the fact that the motives of the bad hackers also referred to as ‘black hats’ are becoming increasingly greedy and being driven by organized crime syndicates, so businesses need to be prepared for such potential attacks. Improve the IT security system of your business so that sensitive data does not leak. Think about your company’s security in advance, involving and training staff.

You need to be constantly thinking about the risks and speak to your staff about the risks in order to develop effective risk culture and processes at your company. As the managing director, CEO, GM or senior management you must act consistently, and thoughtfully, if you don’t pay attention to the risks, at some stage, you will see data leakage if it has not occurred already. Be watchful, invest in your security, and shape a culture in your business in which cyber security is a valued.

Popular Types of Cyber Attacks

Phishing

Phishing is sending false electronic mail that looks like a credible source email. The objective is to steal private information such as credit card numbers and account information. This will also include sending invoices that look legitimate with the EFT detail has changed slightly, usually urgent payment required. Once you transfer that money you will have no change to get it back. Recently a client of mine lost several thousand dollars to this method. This is the cyber attack’s most prevalent form. By examining the data needed, installing technological alternatives or strict process around money transfers this can filter out malicious messages, and stop further loss.

MITM Attack

A man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other. One example of a MITM attack is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker within reception range of an unencrypted wireless access point could insert themselves as a man-in-the-middle. This sort of attack is most commonly used to steal financial information.

Attack on Mobile Devices

Like previous attacks Man-in-the-Mobile (MitMo) variants target Windows users on the Internet and use a web injection in the desktop browser to lure them into installing a fake security application on their phones. The fraudsters claim this application is required by the bank as a new layer of protection and that 15 million bank customers around the world are already using it. The victims are asked to choose the device’s operating system from the following list: iOS (iPhone), BlackBerry, Android (Samsung, HTC, etc.), Symbian (Nokia) and other.

In most attacks, if the victim is using an operating system other than Android, the malware informs the user that no further action is required. For Android users, however, the desktop component of the MitMo attack requests victims’ phone numbers and notifies them that a link for downloading the security application has been sent via SMS to their mobile device. Users are directed to install the fake application from this link and enter the activation code provided by the malware. Certain attacks also request that BlackBerry users download the application, but it does not actually install on those devices.

Once installed, the mobile malware captures all SMS traffic, including transaction authorization codes sent by the bank to the victim, and forwards them to the fraudsters. This enables the criminals to initiate fraudulent transfers and capture the security codes needed to bypass the SMS-based out-of-band authorization systems used by many European banks.

Malware/Virus

Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A virus is in reality a malicious code that is attached to other files and genuine programs. Programs officially supplied by companies can be considered malware if they secretly act against the interests of the computer user. For example, at one point Sony music CDs silently installed a rootkit on purchasers’ computers running Microsoft Windows with the intention of preventing illicit copying; but which also reported on users’ listening habits, and unintentionally created extra security vulnerabilities.

Trojan

The Trojan is a malicious program that performs special operations, disguising itself as legitimate software. In other words, this malicious code cannot be found by an ordinary user, since it looks like a regular program installed on a computer. Most trojans disguise themselves as: images, audio files, video files, any program that can use the vulnerability of another piece of software.

How to Protect the Business from Cyberattacks

Understand What Data Your Company Collects and Make Sure that It Is Protected

To maintain your company data securely, you must perform an audit and determine the classification of your company data:

  1. Public. Information that is classified as public includes data and files that are not critical to business needs, does not contain personal information or operations. This classification can also include data that has deliberately been released to the public for their use, such as marketing material or press announcements.
  2. For internal use only. Information that is classified as sensitive, would not have a severe impact if lost or destroyed (email, excluding mailboxes from those identified as confidential). Types of data that can be considered sensitive such as extended personal data (for example, in the context of the Australian Privacy Laws, IP addresses, cookie identifiers, RFID tags, and location data. So, anything that is not confidential.
  3. Confidential. This is typically Information that is classified as confidential or restricted can be catastrophic if compromised or lost (personal data, including personally identifiable information such as Medicare Number or national identification numbers, passport numbers, credit card numbers, driver’s license numbers, medical records, and health insurance policy ID number, financial records, or specific intellectual property, Legal data, including potential privileged material).

Install a Firewall on the Internet Gateway

Firewalls are designed to prevent unauthorized access to your business and/or home networks. You can set rules to determine which traffic is allowed and which is prohibited. A good firewall should monitor both inbound and outbound traffic. You can also block commonly used ports such as port ftp:21, Remote Desktop:3389 to name a couple.

Use Strong and Unique Passwords

Many ‘black hat’ hackers are selling your information after getting the data, including information on, if not millions, thousands of users and their passwords. If you use the same password on each account, gaining access to all of your systems will be a trivial task for a hacker. Or a hacker can use brute force to collect a password. This is much harder if the password is lengthy, consisting of different characters, and does not contain dictionary words/phrases. Use some password manager to remember for each unique service passwords. For example, a simple passphrase could be ‘idrinkcoffeeinthemorning’ that will take approximately 32 hours to crack where simple substitution ‘1dr1nkc0$$331nth3m0rn1ng’ 13 centuries using numbers and special characters. If you can use symbols, numbers, upper case, lower case the longer the better.

Update All Software

In the software that your company utilizes, hackers are always looking for new vulnerabilities to exploit. At the same time, software companies themselves are working hard to release patches in order to fix these vulnerabilities, so it is essential to update the software as soon as the update comes out. Hackers will exploit these zero-day vulnerabilities, to achieve either data exfiltration or just simply spying on your network for information they can sell such as any patented or intellectual property or maybe just to hold you to ransom. Most hackers are in networks for an average of 197 days before being detected.

Back Up All Data

Backups ensure that in case of data loss, files can be restored. You should always store data in different places, physically separated, so that hackers could not gain access to everything at once. Backups need to be run regularly. Using our backup service will guarantee both onsite and offsite backup will run and if you have been hit with ransomware our backup service not be affected by it.

Microsoft Office 365 and Security

Many organizations recognize the advantages of moving to Microsoft Office 365: accessibility of the network anywhere, anytime, simple access to email within and outside your organization, lowering activities and administrative costs. Although Microsoft Office 365’s advantages are starting to emerge, businesses still need to take measures to safeguard and manage information on Microsoft Office 365. Let’s talk about some tips for protecting Microsoft Office 365.

Security Policy

Deploy a password policy to secure your information and access using time limited password policy changing passwords every 40 to 90 days. Depending on user profiles, there are different settings for updating passwords. Passwords lose their significance for customers of cloud services by default after 90 days, whereas users synchronized with Active Directory follow the policy according to on premise settings. Password reset in self-service mode is freely accessible for cloud service customers. You can allow on-site system users to alter passwords for cloud services with Azure Active Directory. When resetting a password, there are four authentication methods available-via an office phone, mobile phone, email and security questions. As well as third-part applications such as DUO and Authy to give two-factor authentication.

Rights Management

Rights management uses encryption and an associated access policy to protect records and email. Documents can only be used for specific reasons by some consumers. You can set content compliance guidelines and generate offline access settings, as well as set document level policies that, for instance, stop an unauthorized user from opening a Word document that is saved to disk. An E3 Microsoft Office 365 license or an Azure Rights Management license is required for this alternative.

Mobile Device Management (MDM)

Management of mobile devices helps safeguard information on apps used by users. MDM enables you to set access requirements, set distinct user strategies, handle mobile devices, and remove information from them, partly or entirely if needed. Since May 2015, MDM has been provided free of charge in Microsoft Office 365 commercial subscription packages.

Multi-Factor Authentication

In order to access Microsoft Office 365, multi-factor authentication needs more than a username and password. It can be set for each customer separately. Users receive a phone call or text message in addition to the typical username and password. Responding to a call or entering a received access code in a browser offers enhanced safety for authentication. Depending on the IP address, the system can switch on, only requiring extra code when accessing from government networks and disabling when working in the Office. In all Microsoft Office 365 plans, multi-factor authentication is a free choice. We would recommend MFA to secure your email system.

Advanced Threat Protection

Exchange Online Protection as part of a subscription protects all Exchange Online mailboxes. As an extra alternative to cope with such severe issues as phishing on behalf of trusted sources and malware attacks through application vulnerabilities, enhanced threat security is now accessible since 2015. We also recommend the deployment of a Microsoft Office 365 backup service to ensure another layer of protection for delete accounts and emails.

Deploying the Office Client

This technique of safety guarantees that Office’s client version is up-to-date by installing instant updates. Users can configure updates flexibly at particular periods of moment. You can control the situation through the Click2Run process based on XML, which is only available in subscription plans for Microsoft Office 365 Pro Plus.

Content Sharing

The admin portal offers the capacity to allow or restrict content sharing. In Microsoft Office 365, you can monitor the use of the content, including locations, calendar, business skype, and other apps. There are reports displaying content sharing configurations. Without entering the application settings, the administrator can alter the settings straight from the management console.

Conclusion

I think that raising awareness and educating the public about these vulnerabilities can make Internet a bit safer. Engaging with your managed security service provider, simulating phishing for your staff and cyber insurance policies will be helpful for your company to know about such measures. Be aware that a threat can come from within the organization not always from outside. Always know you’re vulnerable to attack and be prepared for what’s going to happen.

Cyber Security Essay

Introduction

There are some processes and technologies that are formed for the security of computers, software, data, computer hardware and networks that are known as cybersecurity and all of these concerns things are protected by access and vulnerable supply via the Internet by cybercriminals, hackers and terrorist groups. The Internet and network that is based on information from unauthorized access or digital equipment are protected from cybersecurity (Klonoff & David, 2015). This is era of technology and the Internet is supposed as main source of current information but it is also used to conduct business and selling and advertisement of various products. Business can be processed as it leads to communicate with customers and all of the financial transactions are made through it. The Internet is also allowing various advantages such as providing opportunities through which advertisement of business is done all over the world in minimum charges with less effort paid by human with a shorter period of time. The behavior of users was not supposed to track on the Internet. Autonomous computers are allowed to link by the Internet so that resources and information can get shared and a common platform can be provided for community of researchers. The Internet is providing a wide range of opportunities for its users and researchers and at the same time, it is providing threat opportunities to cyber-terrorists and hackers to hack information of others. The Internet is used by terrorists and cyber attackers for wide range of benefits such as they gather information related to their terrorist attack through it and recruit new terrorists (Czosseck, Christian, & Talihärm, 2011). Motivated acts of terrorism are also enacted by use of the Internet. Communication among terrorists is also facilitated with use of the Internet and all of the information related to terrorist is collected.

Cybersecurity

With the increase in technology and increased focus of people for getting the latest information people are mostly relying on the Internet sources through which they get authentic source of information. They rely on the Internet for communication such as cell phones, emails and texting or transportation such as control of traffic signals and airplane navigation. The government is also using source of the Internet in keeping birth and death records, tax records, allowing licenses and keeping social security (Solms & Niekerk, 2013). The finance department includes bank accounts, electronic paychecks, and loans that are also easily processed through use of the Internet. Medicine department is also using the Internet for equipment checking and to keep medical records for long term and education is also based on use of the Internet with variety of researches that information can be gained by the Internet, providing virtual classrooms and online report cards. It can be predicted that large amount of information is stored in a personal computer of an individual that can be leaked through any cyber-attack (Klonoff & David, 2015). This data can be transmitted and can be misused that leads to increased sources to get greater security to keep personal and other sensitive information to the owner. All of the information in a system is protected by cybersecurity and it can be information related to any field in which a person is working and that leaked information can harm that institute or that person.

Three Core Principles of Cybersecurity

Cybersecurity is not a simple thing. It is getting important with advanced technology as it is important to save stored information in their systems. Three core principles of cybersecurity are described as below:

  1. Confidentiality. Information that is stored in any computer or personal equipment can be sensitive and it is the core principle of cybersecurity to keep that information private and confidential to the owner only and only appropriate users can have access to it (Atoum, Issa, & Ali., 2014).
  2. Integrity. Information that is stored in a computer or software must keep in its original form and there should not be any changing before allowance of the owner or the organization itself.
  3. Availability. Information stored in a system is available to the person who is required for it and there is access provided by the appropriate authority (Scully & Tim, 2011). All of the confidential information in a system must be available to the authorized people only such as a medical record of a patient must be revealed only to doctors, insurance, hospitals, agencies of government or the patient himself and this seems its confidentiality. Tight security must be protected to medical records that no one can alter that information without allowance of the authority and must keep integrated. They must be available only to authorized users only. This is important as well as included in ethical concerns that personal information of anyone should not revealed by the doctor or by any person of the hospital without permission of patient.

Importance of Cybersecurity

As the threats of hacking have been increased in most of the online systems that are linked with internet, it is required by cybersecurity to decrease these threats that include targeting protection of data from theft, decreasing online vulnerabilities and it is highly demanded by cybersecurity to increase security of system and increased level of information (Hiller & Russell, 2013). With the increased chances of threats and attacks on online systems, organizations are getting highly affected because of their leaked sensitive information, it is required to have cybersecurity and it is highly demanding to have it in their system so that large threats can be decreased and they can protect their official and sensitive information that can lead to saving their reputation and also lead to protect their very personal information that they do not share publicly.

Hacking threats and leakage of information through computers are getting easy and average computers can get easily hacked when they are connected to the Internet and their information can be easily leaked. Different websites are being created by many people and they are seen infected every day because of increased threats to applications and functions related to the Internet. Data breathing is at its highest rate and hundreds of millions of records are breached by hackers in these systems (Solms & Niekerk, 2013). Hackers are continuously launching new methods to hack difficult and security-based systems and these threats are getting increased day by day. With the increased security threats these days, it is getting important to have cybersecurity to protect highly sensitive information that is getting compulsory to protect data from increased number of hackers and can lead to official protection of systems and images of organizations (Tarter, 2017).

Risks

With the increase of the use of the Internet in life of people and increased concern of hackers with great number of methods to hack, risks are getting increased for security. There are some examples that show that system can be affected by cyber-security incidents and have several threats for it. There can be many of the reasons such as improper security control or there can be manmade errors of naturally occurring disasters or it can because of some other reasons and these threats include:

  1. Daniel-of-services. Authorized functionality of the networks is protected and this risk refers to attack this privacy and it can affect systems and applications by exhausting resources. If a website of a government agency is shut down, there is an impact of Daniel-of-services that was aimed to protect citizens to access information or for accomplishment of transactions (Scully & Tim, 2011). It can have impact on financial sector of a business and can impact critical services such as emergency medical system and is having impact on communication.
  2. Malware, worms and Trojan horses. With the increased number of instant messaging, infected non-malicious websites and malicious websites, these threats spread and lead to cause leakage of information. Most of the websites enormously download malware that is affected to website and they are not having any kind of knowledge for it (Klonoff & David, 2015). This is also called drive-by-download and sometimes websites require other methods to download the chances of that increase of threats to spread legal and sensitive information.
  3. Botnets and zombies. It is referred to as robot networks in which aggregation of compromised computers is connected with the central controller and these compromised computers in this system are called zombies that can increase the threat level. With the advancement in attack techniques, this will continuously increase threats for attack and increase level of security issues (Solms & Niekerk, 2013). These computers can be available to wide range of users and the people operating these computers with less technical knowledge can get easily attacked by these services and their information can be leaked. These technologies of attack are getting more advanced and it is getting more difficult to detect these threats and hacking skills.
  4. Fake security software warning. These are run by cyber-criminals as while downloading any file or while using any software, an alert come for removing virus or there is an alert to threat, these all are fake threats that are shown by criminals and they show options to download certain files through which these viruses can be removed. They show some applications to download that can protect their system from danger but it is actually the real threat (Scully & Tim, 2011). Users do trust this kind of piece of advice and they download the recommended file that leads to creating threats by stealing the entire save data and sensitive information that can seriously harm the user and the organization for which user is working. There can be opening of malicious websites while following link on some websites that can bring breaching in their systems.

Growth in Cybercrime

Because of an increased level of cyber-crime, it required to have cybersecurity so they can get protection from harmful material. The technology is increasing and with advancement in technology, ratio of people conducting cyber-crimes is also increasing with increase in key techniques that are adopted by them to hack many of the systems and to get useful information through it. Information technology is making it easier to handle many of the tasks that are leading to increase in use of the Internet and various websites. Because of this increased use, almost few people are protected from it. It was recorded by 2013 that the Internet is widely being used by 2.7 billion people and 4.4 billion people are still in need to connect with it to accomplish their needs (Bhatt & Pant, 2011). People make it essential part of their life and made life impossible without the Internet, mobile phones or computers.

All of the fields are using it and making all of the records in almost every field and to perform communications. Increased level of globalization also made it compulsory as, without means of communication at global level, businesses cannot be spread all over the world (Kumar, Goutam, 2014). All of the financial institutions and banks are also using the Internet in wide range to accomplish their worldwide financial transactions. With the increased level of use of the Internet and a lot of stored information in it, it is getting compulsory to protect this information and it is not possible without cybersecurity. There were reported 100,000 viruses that were active on daily basis and all of these were not identified because of increased level of techniques and skills utilization in it (Scully & Tim, 2011). Most of the websites were also discussed in that report.

Increased in Cybersecurity with an Audit

With the increased complexities and increased number of breaches in daily life and increased technical life of individuals as well as organizations, it is getting important to know the weaknesses of security system of an organization so security can be more restricted. All of the cybersecurity risks associated with an organization must be identified clearly to provide better protection to business and to increase performance of cybersecurity so an organization can get protection from number of risks and future threats that can highly affect productivity and image of an organization in the competitive market (Jaishankar & Karuppannan, 2011). Without monitoring, it can lead to certain manmade threats that can lead to severe breaching and can cost heavily to a company. This audit is important to assure the significance of cybersecurity and its effective working and all of the following areas must be converted in cybersecurity audit:

IT Infrastructure

All of the systems of an organization are highly required to test operating services of an organization and it is also required to check IT services of a company to assure all of its operations and their effectiveness to minimize the level of threats. It is important to check services of IT that either is detecting malware systems or not (Jaishankar & Karuppannan, 2011). Their protection level is also checked that how much they are protecting from various attacks of malware websites and hackers. Specific actions are taken to reduce if any weakness found in this audit.

Inspection of Devices and Software

All of the information related to an organization is kept in software and several devices so it is important to check the security level of all of these devices. Significant impacts of network downtime can also be reduced by this inspection and it is also providing opportunities for better working and better performance of these devices and its inspection is compulsory because IT is major source of information of any of the organization (Klonoff & David, 2015).

Best Practice Documentation

Details that are related to unique IT infrastructure are important to determine this documentation is based on size and scope of the organization that up too much extent an organization is required to have high level of security practices (Kumar, Goutam, 2014). There is a lot of expensive documentation when there is a large level of organization and it is important to secure that information.

Conclusion

With the increased level of globalization and increased level of concern for people for doing businesses at international level is leading increase in use of the Internet. Another field of life is also massively occupying use of the Internet in their work and made it a significant part of their lives but with increase in technologies, skills of hacking and cyber-crime rate is also increasing that is leading a huge negative impact on organizations as their personal information is leaked that can impact reputation of the organization as well as reputation of the senior staff. With these increased threats, a heavy cybersecurity system is required by organizations so they can save their personal and official information with complete protection and no human error or natural disaster can impact their company because any kind of breaching can lead to heavy amount of loss in productivity of an organization. To save a company from future threats of breaching, it is important for them to maintain and audit the cybersecurity that can lead to protect them from all of the increasing threats related to it in the society. It is important for a company to invest money in cybersecurity auditing and accomplish recommended changes to avoid any kind of future issue that can lead to downfall of the company. There are numerous ways through which unethical websites are leading to increasing threats and it is important to protect it so any kind of crime can be significantly avoided. People and most of the companies are heavily putting attention to it because of the increased number of cases of breaching that is getting common these days and affecting large amount of productivity.

References

  1. Atoum, Issa, & Ali., A. O. (2014). A holistic cyber security implementation framework. Information Management & Computer Security, 251-264.
  2. Bhatt, & Pant, S. C. (2011). Cyber Crime in India. International Journal of Advanced Research in Computer Science.
  3. Czosseck, Christian, & Talihärm, R. O.-M. (2011). Estonia after the 2007 cyberattacks: Legal, strategic and organizational changes in cyber security. International Journal of Cyber Warfare and Terrorism, 24-34.
  4. Hiller, & Russell, J. a. (2013). The challenge and imperative of private sector cybersecurity: An international comparison. Computer Law & Security Review, 236-245.
  5. Jaishankar, & Karuppannan. (2011). Cyber criminology: exploring internet crimes and criminal behavior. CRC Press.
  6. Klonoff, & David. (2015). Cybersecurity for connected diabetes devices. Journal of diabetes science and technology, 1143-1147.
  7. Kumar Goutam, R. (2014, February). Importance of Cyber Security. Retrieved December 2019, from researchgate: https://www.researchgate.net/publication/273518458_Importance_of_Cyber_Security
  8. Scully, & Tim. (2011). The cyber threat, trophy information and the fortress mentality. Journal of business continuity & emergency planning, 195-207.
  9. Solms, V., & Niekerk, R. a. (2013). From information security to cyber security. computers & security, 97-102.
  10. Tarter, A. (2017, May ). Importance of Cyber Security. Retrieved December 2019, from researchgate: https://www.researchgate.net/publication/318039276_Importance_of_Cyber_Security

Cyber Crimes and Its Effects on Youth

Cybercrime is a crime in which criminal activities are carried out by means of computer or Internet. There are many types of cybercrime. Computer is used as the tool of crime and sometimes, computer is the object of the crime. It includes harassing cyber users. Cybercrime is the most powerful crime that is growing fastly.

Cybercrimes has been defined as, “Any illegal act fostered or facilitated by a computer, whether the computer is an object is an object of a crime, an instrument used to commit a crime, or a repository of evidence related to a crime”(Royal Canadian Mounted Police, 2000). The most popular and innovative creation in the world of technology is Internet. The main advantage of Internet is fastest communication but security is the crucial issue on the internet. Cybercrimes are increasing day by day throughout the world and are becoming more costly for the organizations.

Becoming the victim of cyber can have long lasting effects on any one’s life. There are many effects of cybercrimes on finance and investment activities with in digital organization. One of the common technique the criminals employ is that they attract cyber users by making beautiful websites and sending false emails pretending to come from a bank or an organization requesting personal information. It helps criminals to access one’s bank account and personal information .It also allows them to access once credit accounts; they damage their accounts and make new accounts .This type of loss takes months or sometimes years to restore one’s personal information. People faced cybercrimes due to unnecessary friend requests and messages. Due to software piracy, account hacking, cheat by mail and due to viruses attacks. They also faces trouble due to unauthorized access mailing, threatening by E-mail pornography and transmitting videos. So, these cybercrimes are very painful towards people. But youth is one of the main target of these crimes.

Mostly our young generation is involved in cybercrimes. According to research 63.8% of cyber criminals are using Internet for study purpose. As our youth is mostly using computer and Internet and are mostly involved in cybercrimes so they are mostly effected by these crimes. They are effecting personally, socially/culturally and economically. They faces psychological problems due to unauthorized access mailing, threatening by E-mail pornography, warnings, rationally destroy data, complex in operating data and transmitting videos.

Sexting cases are also increasing day by day with the advancement in technology. Our youth is mostly effected by it. Indecent pictures of children or younger got uploaded on internet and then both have to suffer. Young generation is mostly involved in these types of crimes. Due to this type of cheap actions youth have to face many problems. It causes moral disorders.

When one time youth get involved in these types of crimes its entertains him to see others in critical situation when they don’t know where to go. Then criminal create new ideas that how to tease others? And he spent most of his time in these cheap activities. So, these crimes also causes wastage of time but time is very precious for youth because at the age of about fifteen to eighteen they are in the stage of learning. Hence, these crimes engage our youth and reduce productivity of the nation. If we compare Hindu and Islam, 81% Islamic people are involved in cybercrimes.

Cybercrimes are becoming more costly to the different organizations due to hacking of accounts. Companies got damaged due to loss of their accounts. This causes economical loss on large scale and they could not manage the loss and they have to close company. When a company has to stop, every one related to company has to suffer. Everyone have to face economical issues. Mostly youth are the employers in company, youth is the stage when every have high aims, they have power to do something but when their dreams becomes target to this type of silly crimes they feel lost. They got depressed and then loss their interest in activities once enjoyed.