Cyber Crime Trends in 2019

Malaika Naidu

In 2017, 2 billion data records were compromised,
followed by more than 4.5 billion records in just the first half of 2018.

With every passing year, and at an accelerated pace since 2010, cybercriminals are using more advanced and scalable tools to breach privacy. And they are clearly getting results!

In the last 2 years, we see some cyber-crimes becoming more prevalent than others. Cyber safety organisations around the world fear that the growth of cyber-crimes in just these 6 months of 2019 will surpass the numbers of 2017 and 2018 put together. Give that a serious thought for a minute.

Cyber-crimes grow and evolve with consumer behaviour trends. So, the trending cyber-crimes complement our usage patterns of the internet and technology. In the last decade, emails and chat rooms used to be the most common methods of communication online. This decade, we see a shift to mobile apps like WhatsApp and Viber and social platforms like Facebook, Instagram and Snapchat. Naturally, we see a shift from the number of email related frauds to social media frauds. Not to say that email frauds don’t happen anymore, it’s just that today we are more vulnerable on social media. And the numbers support this claim.

In 2018 alone, social media fraud increased by 43% from the year prior. Similarly, fraud in mobile channels has grown significantly in the last few years. In the same year, almost 70% of cyber-crimes originated or took form through vulnerabilities in mobile channels. A white paper, ‘Current State of Cybercrime – 2019’ by RSA Security says that the ease of use of such channels, absence of usage fees and other such simplicities will only help this trend grow exponentially.

So, what do we need to look out for in 2019?

Phishing Attacks

Phishing, as the name suggests, is looking or seeking private information under a guise. This usually happens through emails, instant messaging or text messages. The attacker masquerades as a trusted entity in order to hook and procure information such as passwords and PINs. One of the most efficient cyber-crimes, phishing is only growing in its complexity, ensuring its success further.  To add to the problem, phishing kits are easily available on the dark net. Meaning anyone with basic technical knowledge can purchase the kit and execute the attack. Once a phishing attack is successful, there is very little recourse for the victim.

Remote Access Threats

Basically, remote access is to gain unauthorised administrator access to a device, such as a computer or smart TV, from a remote network. This means the device being attacked and the device that is executing the attack are on separate networks. In 2018, the biggest remote access attack was cryptojacking, which targeted cyptocurrency owners. Now with Internet of Things and connected homes, we have only made ourselves even more vulnerable. These attacks can happen on any device connected to a network with open ports. Most common devices to come under this attack are computers, cameras, smart TVs, Network-Attached Storage (NAS) devices, alarm systems and home appliances.

Smartphone Vulnerabilities

We’ve started using mobile phones for everything from communication to banking. We are comfortable accessing and/or storing sensitive information on our mobile phones without proper protection of any sort, unlike how almost all of us have a firewall or antivirus on our computers. Think about all the apps that have access to data on your phones. Have you done your due diligence before downloading a random photo editing app? Aside from apps, another way attackers exploit our phones is through the two-step authentication system. While being one of the most widely used cybersecurity tools, it has actually increased our security risk in case a phone is stolen or lost.

How? Many platforms, including Facebook and Gmail, allow you to login on a fresh device using a code that will be sent to your phone. Similar vulnerabilities arise with OTPs. So, while this system adds a layer of security, it also makes you vulnerable in case your phone is stolen.

Artificial Intelligence (AI): Future of Tech

Every development in technology can be used for good and bad, as the user may see fit. Industries are working on cybersecurity systems perfected with AI, while hackers are using the same technology for themselves to become more effective. It doesn’t help that the qualities of AI inherently serve malicious purposes. AI systems are easy to create and separate the human element. Meaning, the hacker gets the advantage of being disconnected from the crime while still bearing the fruit. As we continue to pour millions into the development of AI, we’re simultaneously making it easier for cybercriminals. Think about the robots that are being developed for the medical industry – how do we prevent that robot from being hacked and turning violent instead of helpful?
Or even chatbots? Airline companies, banking websites, almost all e-commerce websites, and even educational organisations have chatbots on their websites. We’ve become comfortable chatting with a bot and often share privileged information when seeking help from the chatbot. How do you confirm that the chatbot hasn’t been compromised by a hacker? Are you mindful of what information you may be sharing with a hacker or do you share whatever information is asked for hoping to get help with whatever your grievance was?

Technology is both a friend and a foe. The expansive penetration of internet accessibility has only added to our conveniences and our problems. Be vigilant and do your due diligence when interacting through technology, straight away from the moment you go live on the internet.

What are some of the steps you take to protect yourself online?

VPN when using a public Wi-Fi?
Anti-virus on your phone?
Covering your webcam when not in use?
Turning off appliances/electronics when not in use?

Take a minute and think over your safety and security online – it is critical and completely in your hands!!!

Basic Steps to Protect Yourself Online (Part – 1)

Malaika Naidu

There is no doubt that cybercrime is an ongoing and a very real threat. The first thing that comes to mind when most people read cybercrime is financial fraud and data leaks. However, cybercrime is constantly evolving and growing like a beast that seems untameable. Every time we think we have seen the worst or the most damaging internet crime, a new threat surfaces to take the digital world by storm.

Now let’s be brutally honest, if a hacker, or any other cyber-criminal, worth her salt decides to take on an average person, there is absolutely nothing that will actually stop them. However, you may deter the hacker and create obstacles that could potentially save you. Either she will go looking for an easier target or even if she persists your countermeasures will give you enough time to protect your data and save yourself from becoming a victim.

If it’s an ex or a disgruntled acquaintance with a personal agenda, well, let’s deal with that later.

So, how do you deter a cyber-criminal from coming after you? Much like in real life you would use a lock on your front door or an alarm in your car, there are simple measures and practices that can help protect you against at least the basic and most common cyber threats.

The Three-Step Plan is – (a) recognise cyberthreats, (b) take basic precautions to protect yourself, and (c) identify whom to ask for help if you become a victim of cybercrime. Let’s break down the precautions.

1) Go Beyond Just an Anti-Virus
First of all, get a paid package! Free versions are not up to date and CANNOT give you real time protection. Anti-virus softwares regularly update their algorithms and these are available only in the paid versions. Even though anti-viruses protect your online activity, they are not sufficient for complete protection.

2) Create Passwords Stronger than Hercules
Right off the top, do NOT use the same or similar passwords across websites. You can’t have Avengers123 for your email and Avengers456 for your Facebook. Figure out a system that allows you to create unique passwords for each login. Ideally, the pattern should have letters (LARGE and small caps) along with numbers and symbols.

Ex: Website Name – number of letters in website’s name – a symbol – end with ZXC (random string of characters – constant in every password).
So, you would get:
Gmail: gmail5@ZXC / Facebook: facebook8@ZXC / Quora: quora5@ZXC

TIP: Remember the logic and not the password!
Or use a good password generator.

3. Manage Social Media Settings
Clearly mark what information on your profiles is private and what is public. Always be mindful of the data you share. For instance, if you post your pet’s name or reveal your mother’s maiden name, you might expose the answers to two common security questions.

4. Make Your Wi-Fi Impenetrable as Fort Knox
A good starting point is to have a strong password and a virtual private network (VPN) when using public Wi-Fi. A VPN will encrypt data leaving your device till it reaches its destination. If anyone intercepts the data, it won’t be decipherable. Similarly, never leave your hotspot open without a sturdy password and share your hotspot only with those you trust.

5. Update Software Faster Than Seasons Change
Your operating systems (Windows, iOS, Linux, among others) and internet security softwares must be updated immediately when alerted. Cybercriminals often exploit these bugs and lapses to gain access to your computer or computer network. Patching these bugs makes you a less likely victim of cyber-crime.

These are just the tip of the iceberg and everyday doable precautions that will make you less vulnerable to cyber fraud and cyber-crime. Depending on the sensitivity of information you hold or the value you stake on your data, you will have to accordingly amp up your security systems.

To be honest, fighting cybercrime is everybody’s business. Think of it as an obligation to do your part in the fight against cybercrime. If you have any questions, feel free to reach out to us. And comment below with other precautions you take. In part two of this article, we’ll incorporate some of your suggestions!

Simple precautions taken by you, can collectively make the internet a little safer.