Cyber Crime Trends in 2019

Malaika Naidu

In 2017, 2 billion data records were compromised,
followed by more than 4.5 billion records in just the first half of 2018.

With every passing year, and at an accelerated pace since 2010, cybercriminals are using more advanced and scalable tools to breach privacy. And they are clearly getting results!

In the last 2 years, we see some cyber-crimes becoming more prevalent than others. Cyber safety organisations around the world fear that the growth of cyber-crimes in just these 6 months of 2019 will surpass the numbers of 2017 and 2018 put together. Give that a serious thought for a minute.

Cyber-crimes grow and evolve with consumer behaviour trends. So, the trending cyber-crimes complement our usage patterns of the internet and technology. In the last decade, emails and chat rooms used to be the most common methods of communication online. This decade, we see a shift to mobile apps like WhatsApp and Viber and social platforms like Facebook, Instagram and Snapchat. Naturally, we see a shift from the number of email related frauds to social media frauds. Not to say that email frauds don’t happen anymore, it’s just that today we are more vulnerable on social media. And the numbers support this claim.

In 2018 alone, social media fraud increased by 43% from the year prior. Similarly, fraud in mobile channels has grown significantly in the last few years. In the same year, almost 70% of cyber-crimes originated or took form through vulnerabilities in mobile channels. A white paper, ‘Current State of Cybercrime – 2019’ by RSA Security says that the ease of use of such channels, absence of usage fees and other such simplicities will only help this trend grow exponentially.

So, what do we need to look out for in 2019?

Phishing Attacks

Phishing, as the name suggests, is looking or seeking private information under a guise. This usually happens through emails, instant messaging or text messages. The attacker masquerades as a trusted entity in order to hook and procure information such as passwords and PINs. One of the most efficient cyber-crimes, phishing is only growing in its complexity, ensuring its success further.  To add to the problem, phishing kits are easily available on the dark net. Meaning anyone with basic technical knowledge can purchase the kit and execute the attack. Once a phishing attack is successful, there is very little recourse for the victim.

Remote Access Threats

Basically, remote access is to gain unauthorised administrator access to a device, such as a computer or smart TV, from a remote network. This means the device being attacked and the device that is executing the attack are on separate networks. In 2018, the biggest remote access attack was cryptojacking, which targeted cyptocurrency owners. Now with Internet of Things and connected homes, we have only made ourselves even more vulnerable. These attacks can happen on any device connected to a network with open ports. Most common devices to come under this attack are computers, cameras, smart TVs, Network-Attached Storage (NAS) devices, alarm systems and home appliances.

Smartphone Vulnerabilities

We’ve started using mobile phones for everything from communication to banking. We are comfortable accessing and/or storing sensitive information on our mobile phones without proper protection of any sort, unlike how almost all of us have a firewall or antivirus on our computers. Think about all the apps that have access to data on your phones. Have you done your due diligence before downloading a random photo editing app? Aside from apps, another way attackers exploit our phones is through the two-step authentication system. While being one of the most widely used cybersecurity tools, it has actually increased our security risk in case a phone is stolen or lost.

How? Many platforms, including Facebook and Gmail, allow you to login on a fresh device using a code that will be sent to your phone. Similar vulnerabilities arise with OTPs. So, while this system adds a layer of security, it also makes you vulnerable in case your phone is stolen.

Artificial Intelligence (AI): Future of Tech

Every development in technology can be used for good and bad, as the user may see fit. Industries are working on cybersecurity systems perfected with AI, while hackers are using the same technology for themselves to become more effective. It doesn’t help that the qualities of AI inherently serve malicious purposes. AI systems are easy to create and separate the human element. Meaning, the hacker gets the advantage of being disconnected from the crime while still bearing the fruit. As we continue to pour millions into the development of AI, we’re simultaneously making it easier for cybercriminals. Think about the robots that are being developed for the medical industry – how do we prevent that robot from being hacked and turning violent instead of helpful?
Or even chatbots? Airline companies, banking websites, almost all e-commerce websites, and even educational organisations have chatbots on their websites. We’ve become comfortable chatting with a bot and often share privileged information when seeking help from the chatbot. How do you confirm that the chatbot hasn’t been compromised by a hacker? Are you mindful of what information you may be sharing with a hacker or do you share whatever information is asked for hoping to get help with whatever your grievance was?

Technology is both a friend and a foe. The expansive penetration of internet accessibility has only added to our conveniences and our problems. Be vigilant and do your due diligence when interacting through technology, straight away from the moment you go live on the internet.

What are some of the steps you take to protect yourself online?

VPN when using a public Wi-Fi?
Anti-virus on your phone?
Covering your webcam when not in use?
Turning off appliances/electronics when not in use?

Take a minute and think over your safety and security online – it is critical and completely in your hands!!!

The 9 sides of cyber security

Endpoint security — Network Security — Application Security — Incident Response — Regulatory Compliance — Data Protection — Training — Testing — Contingency Planning

9 Sides of Cyber Security

1. End-point security

Endpoint security requires that each computing device on the network comply with certain standards before network access is granted.

Endpoints include laptops, desktops computers, smart phones, and other communication devices, tablets, specialized equipment such as bar code readers, point of sale (POS) terminals etc.

End-point security encompasses:

  1. Host-based firewalls, intrusion detection systems, and intrusion prevention systems
  2. Host-based anti-virus systems, anti-malware systems, anti-spyware systems, anti-rootkit systems, anti-phishing systems, pop-up blockers, spam detection systems, unified threat management systems
  3. SSL Virtual Private Networks
  4. Host Patch and Vulnerability Management
  5. Memory protection programs
  6. Control over memory devices, Bluetooth Security
  7. Password Management
  8. Security for Full Virtualization Technologies
  9. Media Sanitization
  10. Securing Radio Frequency Identification (RFID) Systems

2. Network Security

Network security relates to the cyber security aspects of computer networks and network-accessible resources.

Network Security encompasses:

  1. Secure authentication and identification of network users, hosts, applications, services and resources
  2. Network-based firewalls, intrusion detection systems, and intrusion prevention systems
  3. Network-based anti-virus systems, anti-malware systems, anti-spyware systems, anti-rootkit systems, unified threat management systems
  4. Network Patch and Vulnerability Management
  5. Virtual Private Networks
  6. Securing Wireless Networks
  7. Computer Security Log Management
  8. Enterprise Telework and Remote Access Security
  9. Securing WiMAX Wireless Communications
  10. Network Monitoring
  11. Network Policy Management

3. Application Security

Application security relates to the cyber security aspects of applications and the underlying systems.

Application attacks include:

  1. Input Validation attacks such as buffer overflow, cross-site scripting, SQL injection, canonicalization
  2. Authentication attacks such as network eavesdropping, brute force attacks, dictionary attacks, cookie replay, credential theft
  3. Authorization attacks such as elevation of privilege, the disclosure of confidential data, data tampering, luring attacks
  4. Configuration management attacks such as unauthorized access to administration interfaces / configuration stores, retrieval of clear text configuration data, lack of individual accountability, over-privileged process & service accounts
  5. Sensitive information attacks such as access to sensitive data in storage, network eavesdropping,
  6. Session management attacks such as session hijacking, session replay, man in the middle,
  7. Cryptography attacks due to poor key generation or key management and weak or custom encryption,
  8. Parameter manipulation attacks e.g. query string manipulation, form field / cookie / HTTP header manipulation,
  9. Exception management attacks such as denial of service,
  10. Auditing and logging attacks

4. Cyber Incident Response

Incident Response relates to the plans, policies, and procedures for handling cyber security incidents.

Broadly speaking, Cyber Incident Response covers:

  1. Organizing an Incident Response Capability
  2. Preparing for and preventing Incidents
  3. Detection and analysis of Incidents
  4. Containment, Eradication, and Recovery
  5. Post Incident Activity

Specifically, Cyber Incident Response encompasses:

  1. Forensic Imaging & Cloning
  2. Recovering Digital Evidence in Computer Devices
  3. Mathematical Authentication of Digital Evidence
  4. Analysing Data from Data Files, Operating Systems, Network Traffic, Applications, and Multiple Sources
  5. Analyzing Active Data, Latent Data, and Archival Data
  6. Wireless, Network, Database and Password forensics
  7. Social media forensics
  8. Malware, Memory and Browser forensics
  9. Cell Phone Forensics
  10. Web and Email investigation
  11. Analysing Server Logs

5. Regulatory Compliance

Regulatory Compliance relates to measures undertaken to ensure compliance with applicable laws and mandatory cyber security standards.

Failure to meet regulatory compliance requirements can result in civil and criminal action and even imprisonment for organization heads.

Usage of consolidated and harmonized compliance controls ensures regulatory compliance without unnecessary duplication of effort and activity.

One such control system is the “Effective Compliance and Ethics Program” contained in Chapter 8B2.1 of the Federal Sentencing Guidelines Manual issued by the United States Sentencing Commission.

Another control is the “AS 3806- 2006” issued by Standards Australia. This provides guidance on:

  1. The principles of effective management of an organization’s compliance with its legal obligations, as well as any other relevant obligations such as industry and organizational standards
  2. The principles of good governance and accepted community and ethical norms.

6. Data Protection

Data Protection relates to the cyber security aspects of protecting the confidentiality, integrity, and availability of data.

From a Data Protection perspective, data can be classified into 3 types — data at rest, data in motion and data under use.

Critical and confidential data includes source code, product design documents, process documentation, internal price lists, financial documents, strategic planning documents, due diligence research for mergers and acquisitions, employee information, customer data such as credit card numbers, medical records, financial statements etc.

Data Loss Prevention solutions:

  1. Identify confidential data
  2. Track that data as it moves through and out of enterprise
  3. Prevent unauthorized disclosure of data by creating and enforcing disclosure policies

Various encryption technologies such as symmetric encryption, public key encryption, and full disk encryption can be used for data protection.

A data protection policy involves:

  1. Instituting good security and privacy policies for collecting, using and storing sensitive information
  2. Using strong encryption for data storage.
  3. Limiting access to sensitive data.
  4. Safely purging old or outdated sensitive information.

7. Cyber Security Training

Cyber Security Training is a formal process for educating personnel about cyber security and building relevant skills and competencies.

Cyber Security Training ensures that relevant personnel understand their cyber security responsibilities. This enables them to properly use and protect the information and resources entrusted to them.

Effective cyber security training must include:

  1. Real-world training on systems that emulate the live environment,
  2. Continual training capability for routine training,
  3. Timely exposure to new threat scenarios,
  4. Exposure to updated scenarios reflecting the current threat environment,
  5. Coverage of basic day-to-day practices required by the users

8. Cyber Security Testing

Cyber Security Testing is the process of ascertaining how effectively the entity meets specific cyber security objectives.

Cyber Security Testing encompasses:

  1. Review Techniques, which include Documentation Review, Log Review, Ruleset Review, System Configuration Review, Network Sniffing, and File Integrity Checking
  2. Target Identification and Analysis Techniques, which include Network Discovery, Network Port and Service Identification, Vulnerability Scanning, Active & Passive Wireless Scanning, Wireless Device Location Tracking, and Bluetooth Scanning
  3. Target Vulnerability Validation Techniques which include Password Cracking, Penetration Testing, Penetration Testing and Social Engineering
  4. Security Assessment Planning which includes Developing a Security Assessment Policy, Prioritizing and Scheduling Assessments, Selecting and Customizing Techniques, Assessment Logistics, Assessor Selection and Skills, Location Selection, Technical Tools and Resources Selection, Assessment Plan Development and Legal Considerations
  5. Security Assessment Execution which includes Coordination, Assessing, Analysis, Data Handling, Data Collection, Data Storage, Data Transmission and Data Destruction
  6. Post Testing Activities which includes Mitigation Recommendations, Reporting and Remediation/Mitigation

9. Contingency Planning

Contingency planning revolves around preparing for unexpected and potentially unfavorable events that are likely to have an adverse impact.

Types of Contingency Plans are:

  1. Business Continuity Plan
  2. Continuity of Operations Plan
  3. Crisis Communications Plan
  4. Critical Infrastructure Protection Plan
  5. Cyber Incident Response Plan
  6. Disaster Recovery Plan
  7. Information System Contingency Plan
  8. Occupant Emergency Plan

Stages in the Information System Contingency Planning Process are:

  1. Developing the Contingency Planning Policy Statement
  2. Conducting the Business Impact Analysis
  3. Identifying Preventive Controls
  4. Creating Contingency Strategies
  5. Plan Testing, Training, and Exercises
  6. Plan Maintenance

Cyber Education- the Road Less Known

Cyber Education - the road less known

I’m not a techie, nor a lawyer and yet here I am in a field that takes on both these mammoths. I’ve been here a long time; India’s had her cyber law in place since the year 2000. So, it’s deeply disappointing to see the confusion in students and professionals alike about the various aspects of a cyber education.

Yes, I said cyber education and not just an IT education. So, I’m not only talking about the technology in cyberspace. I’m referring to the other side of the spectrum.

9 out of 10 people today have faced some type of cybercrime. And yet, almost 7 out of those 9 will not know what to do about it.

I thought about cybercrime, you know, as a non-techie and a non-lawyer, and decided to break it down to its foundation stones.

Here, let’s create our first bifurcation. Cybercrime may be divided into 2 parts — Pre-crime and Post-crime

Pre-crime

This is where your crime hasn’t happened yet. So, you are basically hoping for the best and preparing for the worst. This can also be divided further into:

1. Cyber security

In layman’s terms, every step that you take to ensure that your computer hardware, computer software, networks, accounts etc. remain safe from any breach, aka cybercrime, is cyber security. Simple, isn’t it? Well, simple is where this article stays. You want a connoisseur’s break up of the cyber security menu, see: The 9 sides of cyber security

2. Cyber Insurance

The obvious next step in pre-crime schedule. What you may not be able to secure ought to be insured.

Post-crime

This is where your cybercrime worst has happened. Now, hopefully, you aren’t affected too badly. But even if you are, there are divisions to this part that can help you.

1. Cyber Law

This is the law that governs cyberspace and as often as not has jurisdiction beyond your country. So, where do you report a cybercrime. Cyber law tells you the where, how and whom to approach. It also tells you the punishments for various cybercrimes. You know, in case you may be committing one?

2. Cyber Investigation

Here’s where the sleuths step in. Professionals here need to have that investigative streak and need to be armed with the latest tools and techniques of cyber investigation. This is where you get answers to how the cybercrime was committed and with any luck, may just get the criminal. And again, if you want the real dirt on what all an investigator needs to know, see — 25 Skills Essential for a Cyber Crime Investigator

So, you’re a student or professional who has a thought that they want a piece of the humongous cybercrime pie. This article may just have helped you understand where you want to be.

Just be prepared to keep learning to stay abreast in this ever-evolving super-exciting space.

8 quick tips for securing your home WiFi

8 quick tips for securing your home WiFi

Follow these 8 quick tips for securing your home WiFi:

  1. Use WPA2 security encryption.

  2. Change your router password every week.

  3. Change your WiFi password every week.

  4. Change your SSID to something weird and unrelated. e.g. 'samosa chat' instead of 'Pooja's home'.

  5. Your passphrase should be complex and difficult to guess. Ideally it should be at least 10 characters long and should have capital letters, small letters, numbers and special characters e.g: $amaiRah-446

  6. Turn "SSID broadcast" off.

  7. Block unwanted sites.

  8. Regularly check your WiFi router logs.


To download these tips in a hi-res PDF poster, please visit:
http://asianlaws.org/posters.php

 

11 tips for safe social media usage

11 tips for safe social media usage

Follow these 11 tips for safe social media usage:

  1. Remember that everything you post on a social networking site may be permanent and available to the world FOREVER - photos, text, videos, etc.

  2. Your personal information may be misused by hackers, stalkers and criminals. Think before you post or share anything.

  3. Choose your social networks carefully e.g. LinkedIn for professional use, Facebook or Google+ for personal use.

  4. While creating an account, the site may ask for answers to hint questions. NEVER give answers that others know or can guess.

  5. Be cautious when you click links in messages from your online 'friends' or connections.

  6. Think before accepting friend or connection requests from people who you dont know in real life.

  7. Think and research before installing third-party applications.

  8. Explore and use the privacy and security settings on your social networks.

  9. Photos clicked using a smartphone may have geo-location embedded. Remove this data before posting / sharing the photo.

  10. If someone is harassing, bullying or threatening you, remove them from your friends list, block them, and report them to the site administrator and the police.

  11. Your passwords should be complex and difficult to guess. Ideally it should be at least 10 characters long and should have capital letters, small letters, numbers and special characters e.g: $amaiRah-446


To download these tips in a hi-res PDF poster, please visit:
http://asianlaws.org/posters.php

 

6 quick tips for keeping your passwords safe

6 quick tips for keeping your passwords safe

Follow these 6 quick tips for keeping your passwords safe:

  1. Your passwords should be complex and difficult to guess. Ideally they should be at least 10 characters long and should have capital letters, small letters, numbers and special characters e.g: $amaiRah-446

  2. It may be a good idea to write your passwords on a piece of paper. But keep that paper hidden and safe.

  3. Do NOT share your passwords with anyone.

  4. Do NOT email your passwords to anyone.

  5. Do NOT respond to an email asking for your password.

  6. Do NOT use your passwords at public computers as these may be infected with keyloggers, Trojans and other malware and your password could get stolen.


To download these tips in a hi-res PDF poster, please visit:
http://asianlaws.org/posters.php

 

12 quick tips for securing your computer

12 quick tips for securing your computer

Follow these 12 quick tips for securing your computer

  1. Keep your operating system, browsers and all installed software up-to-date (especially software from Microsoft, Adobe, Oracle and Java).

  2. Do NOT use pirated software. Besides being a crime, it makes your computer vulnerable to cyber attacks. This is because you will be unable to get the regular security updates. Such updates are critical for protecting your system from cyber attacks.

  3. Use a good anti-virus and personal firewall solution.

  4. Regularly backup your data on an external hard disk or pen drive. Additionally, consider backing up on a cloud service.

  5. Consider using full disk encryption or at least encrypted pen-drives for securing your data.

  6. Be careful before connecting USB devices to your computer. They may contain malware.

  7. Be careful before downloading email attachments. They may contain malware.

  8. Use a strong password. Your passwords should be complex and difficult to guess. Ideally they should be at least 10 characters long and should have capital letters, small letters, numbers and special characters e.g.: $amaiRah-446

  9. When connecting to WiFi, ensure you are connecting to the correct network.

  10. Avoid clicking banner ads.

  11. NEVER click unexpected pop-up windows that offer to remove spyware or viruses from your computer.

  12. Before you install any software, app, extension etc on your computer, ask yourself 2 questions - "Do I need this?" and "Should I trust this"?


To download these tips in a hi-res PDF poster, please visit:
http://asianlaws.org/posters.php

 

13 tips for safe online banking

13 tips for safe online banking

Do you use eBanking? If yes then keep these 13 quick tips in mind:

  1. Connect to your bank website using a device (laptop, smartphone, tablet etc.) that has the latest and updated security software, web browser and operating system.

  2. Take a printout of the transaction confirmation. Store this printout till you cross check that transaction in your monthly statement.

  3. Check your account on a regular basis.

  4. Have at least two bank accounts – one with Internet banking activated and one without.

  5. Do not keep large sums of money in the bank account that has online banking services activated. Transfer money into this account as and when needed. It is advisable to get credit cards from banks in which you do NOT have an account.

  6. Do not access your Internet Banking account from a cyber cafe or a shared computer or when connected to a public WiFi.

  7. Logout immediately after you have completed your transactions and then close the browser. If you are using a shared computer, it is advisable to delete cookies and clear the browser history. Do not allow your online banking passwords to be stored in the browser.

  8. To access your bank’s Internet Banking, always type in the correct URL (e.g. https://www.example.com/) into your browser window. Never click on a link in an email to visit your bank's site.

  9. Change your Internet Banking passwords (log-in password as well as transaction password) at least once a month.

  10. Your passwords should be complex and difficult to guess. Ideally they should be atleast 10 characters long and should have capital letters, small letters, numbers and special characters e.g: $amaiRah-446

  11. If you have more than one Internet Banking account, use different passwords for each of these accounts.

  12. Never disclose your password or PIN to anyone, not even to a genuine bank employee.

  13. Always check the last log-in to your Internet Banking account. If you notice something suspicious in the last login records, report it to your bank immediately and change your passwords.


To download these tips in a hi-res PDF poster, please visit:
http://asianlaws.org/posters.php

 

19 high resolution posters on cyber crime & security

To help spread awareness about cyber crime and cyber security, Asian School of Cyber Laws has designed 19 posters:

19 high resolution posters on cyber crime and cyber security

19 high resolution posters on cyber crime and cyber security

  1. ATM thefts
  2. Safe eBanking
  3. Secure your computer
  4. Keeping a secure password
  5. Smart phone & tablet security tips
  6. Safe social networking
  7. Secure your wifi
  8. Think before you install
  9. Think before you install
  10. Beware of pirated software
  11. Keeping a safe password
  12. Full disk encryption
  13. Hacked computer
  14. Keep your cell secure
  15. Laptop Security
  16. Online banking
  17. Save your password
  18. Trusting a site
  19. Advance Fee Scams

 

These posters can be downloaded freely in hi resolution PDF format from: http://www.asianlaws.org/posters.php

Feel free to download and print these posters.

If you love your friends, share the posters with them.