The never-ending loop: Cybercrime and Cybersecurity


On July 15th, 2020, great personalities like Bill Gates, Barack Obama, Elon Musk, Jeff Bezos, and many others decided to give something back to all. All of them tweeted at once, saying that all the Bitcoins sent to their BTC address within the next 30 minutes will be doubled and sent back to you. Basically, they offered you a deal to double your money.


Or did they?





They did not. They were victims of cybercrime. They were 'HACKED.'


But the hackers had a good time. Because all these personalities had millions of followers on Twitter, the hackers were able to spread this message to a very vast audience. They made over 110,000 dollars within 30 minutes.


With everything connected over the Internet, hackers are just feasting whenever they get the opportunity. According to Cybersecurity ventures, cybercrimes around the world will cost us over $6 trillion annually by 2021, which is up from $3 trillion in 2015. So, Cybersecurity must grow at an accelerated pace to keep the hackers at bay.


When hackers are updating themselves, why shouldn't we? But first, we need to understand the basics of Cybersecurity, and I will give you a glimpse of it through this article.


Cybersecurity


As the name suggests, it is the practice of protecting systems, networks, and programs from digital attacks. Cybersecurity can mean different based on its application in a variety of contexts.


  • Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic Malware.


  • Application security mainly focuses on keeping software applications free of threats. If an application is compromised, it can provide access to its data.


  • Information security protects the integrity and privacy of data, both in storage and in transit.


  • Operational security focuses on the processes and decisions that are taken to protect data assets.

These are just some of the contexts. You can google them if you want to know more about them in theory.


But the critical thing to understand here is to know why the hackers are behind this? They are interested in 'The Data' that they obtain. They can do a lot with this data. They can threaten to sell business data to its competitors, blackmail an individual for money, or use this advantage in any way they can. If you still don't realize the power the data has, I suggest you go through this article where I have tried to explain the importance of data in a fun way.


Let's look at some of the common cybersecurity threats.


Malware – Malware means malicious software. It is one of the most common cyber threats. It often spreads when you download anything that you feel is legitimate, and then you get attacked by it. Some types of Malware include a Virus, Trojans, Spyware, Botnets, Adware, and Ransomware.


Phishing – In this type of attack, the hacker sends fraudulent emails that look like they are from legitimate sources. Its main aim is to steal sensitive data like credit card numbers, login information, and any other personal information that can be leveraged.


Man in the Middle attack – An attacker intercepts the communication between two individuals to steal data. Say you are using an insecure Wi-Fi network, an attacker can intercept the data that flows between the user's device and the network.


Denial-of-service attack - Denial of service is generally accomplished by flooding the targeted machine or the server with superfluous requests in an attempt to overload systems or the server and prevent some or all legitimate requests from being fulfilled. This will make the system unstable, which will prevent the attacked organization from carrying out its essential functions.


Until now, I gave you basic information related to Cybercrimes and Cybersecurity, which everyone must have an idea about it.


Now, let me tell you a story about a Ransomware, so it would be easy for you to understand how a cyber attack works.


The Story


Back in May 2017, a Malware called 'WannaCry' created havoc around the world. It affected more than 150 countries, which caused a damage of about $4 Billion.


Ransom, like any other Malware, is a software that starts affecting your computer once you downland any malicious piece of information. It might be an email attachment, an application, or anything else that appears to be legitimate, but it won't let your system go until it invades it. In this particular case, WannaCry exploited a bug in Microsoft Windows.


Once any ransomware enters your system, it encrypts all your data. You won't be able to recognize your data unless its decrypted. For decrypting your data, you will need a Key. This is where the hacker comes in. He will convey it to you that you will get the key to decrypt your files once you pay some Ransom to the hacker.



Example of a Ransomeware attack



You are caught up. You don't have any other option than to pay the attacker. If you feel your data is important, you end up paying to the attacker. The attacker is also smart. He or she won't provide you with an account number and ask you to transfer the money. The attacker doesn't want to get caught. So, the attacker will ask you to transfer the ransom through Bitcoin. Now, if you are confused about why bitcoin, it is because of its security. If you want to know more about how bitcoin works and why it is secure, make sure to check the article: Bitcoin Simplified.


More often than not, the attacker gives you the key to decrypt your data. Its because they need to develop trust with their victims. It sounds funny, but some hacker societies have websites and customer supports too to help you pay the ransom.


Let's look at one of the hacker society, which almost all of you would be aware.


Anonymous





According to Wikipedia,


"Anonymous is a decentralized international activist/hacktivist collective/movement that is widely known for its various cyber attacks against several governments, government institutions and government agencies, corporations, and the Church of Scientology."


Originated in 2003, it has been responsible for many cybercrimes.


  • In December 2010, when the US government demanded WikiLeaks to stop releasing top-secret diplomatic cables to the public, many companies turned against WikiLeaks and shut down the site's servers. Anonymous decided to step up and support the cause of WikiLeaks and declared war on Visa, Mastercard, and Paypal for refusing to do business with WikiLeaks and took down their sites.

  • In 2012, when Indian internet service providers, along with the Indian government decided to block video sites like Vimeo and file-sharing sites like the Pirate Bay, Anonymous decided to take charge and attacked various government and political websites. Hit hardest were the Indian telecoms department, electronics and IT ministry, supreme court, and sites used by the BJP and INC political parties, which were all knocked offline.


Now that you know know how chaotic the cyber world is, you need to try and prepare yourselves from cyber attacks. Some basic stuff that you hear about frequently changing your passwords or keeping the software updated or using strong passwords etc actually do matter.


Companies like Microsoft keep releasing security updates for us frequently. Businesses have started using the cloud to back up their data regularly to prevent themselves from ransomware attacks. They are investing in the latest antivirus software. Most importantly, businesses have started to become proactive, and being proactive is one of the best lines of defense.


Not just the businesses, but many cybersecurity providers are also becoming proactive. Companies such as Fortinet, Mcafee, Avast, etc have understood that cybercrimes are not going to stop anytime soon. They also know they have a very bright cybersecurity market that lies ahead in the future.


In fact, it is estimated that the global cybersecurity market will be over $300 billion by 2024 from about $140 Billion in 2017. In terms of providing security, many organizations are looking towards Artificial Intelligence for their Cybersecurity.


AI is the new frontier in digital security


The number of cyberattacks that organizations have to go through day by day is increasing rapidly. The cyberattacks that require immediate attention have been growing rapidly, and it is becoming tough for cyber analysts to handle such a volume of cyberattacks. The organizations have understood the magnitude of effort that is needed to deal with such attacks. Hence, the investment in AI for Cybersecurity is increasing to respond to such attacks.


Many organizations rely on AI to reduce the number of breaches or attacks and deliver a consistent quality of response.



Source: Accenture


One question which used to bother me was, 'Where should organizations focus their cybersecurity initiatives on.' If you think about it, the scope of AI is very vast. I needed to know which use cases would be the most important for AI in Cybersecurity. I found this beautiful report from Capgemini, that answered my question.



Source: Capgemini


In the graph, OT refers to Operational Technology, IoT refers to the Internet of Things, and IT refers to Information Technology.


As the graph suggests, fraud detection, malware detection, intrusion detection, scoring risk in a network, and user/machine behavioral analysis are the five highest AI use cases for improving Cybersecurity.


With the ever-increasing IT landscape and the growing reliance on the Internet, the security challenges are going to get more complex. I just want to say that being proactive is the best way to tackle these cybersecurity challenges. Fascinating and challenging times are ahead for the organizations in terms of Cybersecurity.

Like the content?

Get it delivered straight to your inbox

 

In case you wish to connect, please reach out us at:

pawank.agrawal19@iimranchi.ac.in

sreevatsa.b19@iimranchi.ac.in