When the FBI caught Jeffrey Dahmer and the CIA caught Timothy McVeigh, they got keen insight into the minds of some of the most notorious criminals of our time. This influenced criminal profiling in the hope of making modern law enforcement a lot easier.

This was not the case with the infamous Jack the Ripper. This may be the case with modern cyber criminals as they are very hard to catch.

Driven by money.

It is no surprise that the majority of cyber criminals are driven by money.

The article pointed out that financial gain remains the key driver for cybercrime with nearly nine in 10 breaches motivated by money, Verizon has found.

The article adds that, in its 2020 Data Breach Investigations Report (DBIR), the American telco found that the vast majority of breaches continue to be caused by external parties (70%), with organised crime accounting for 55 per cent of these.

Credential theft and social attacks such as phishing and business email compromises cause most breaches (over 67%). Of this, 37% of attacks were made through credential theft breaches using stolen or weak credentials, 25% involved phishing, and human error accounted for 22%.

Multiple methods.

The article points out that phishing attacks are typically carried out by email spoofing or instant messaging and often involve directing users to enter personal information on a fake website, which matches the look and feel of a legitimate site.

The 2020 DBIR also highlighted a year-over-year doubling in web application breaches, to 43 per cent, and stolen credentials were used in over 80 per cent of these cases, something Verizon said was worrying as businesses increasingly shift their workflows over to the cloud.

Ransomware also saw a slight increase, found in 27% of malware incidents compared to 24% in 2019.

“As remote-working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount,” Tami Erwin, CEO of Verizon Business told eandt.theiet.org. “In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious.”

Double trouble.

The article points out that the report comes as hacking activity against corporations in the US and other countries has more than doubled since the start of the lockdown as cyber criminals exploit security weaknesses in hastily drawn-up work-from-home policies.

The growing number of small and medium-sized businesses using cloud- and web-based applications and tools has made them prime targets for cyber attackers, Verizon said.

The motivation behind cyber-attacks also differed depending on the region.

The article adds that, while financially motivated breaches accounted for 91 per cent of cases in the US, it’s just 70 per cent in Europe, Middle East and Africa, and 63 per cent in Asia Pacific.

The report’s lead author Alex Pinto said: “Security headlines often talk about spying, or grudge attacks, as a key driver for cyber-crime – our data shows that is not the case.

“Financial gain continues to drive organised crime to exploit system vulnerabilities or human error. The good news is that there is a lot that organisations can do to protect themselves, including the ability to track common patterns within cyber-attack journeys – a security game-changer – that puts control back into the hands of organisations around the globe.”

Shocking reality.

Globalnewswire.com points out that the impact of the Verizon report is a shock to the system.

The report indicates that smaller businesses are not immune. The growing number of small and medium-sized businesses using cloud- and web-based applications and tools has made them prime targets for cyber-attackers. 2020 DBIR findings show that:

Phishing is the biggest threat for small organizations, accounting for over 30 percent of breaches. This is followed by the use of stolen credentials (27 percent) and password dumpers (16 percent).

Attackers targeted credentials, personal data and other internal business-related data such as medical records, internal secrets or payment information.

Over 20 percent of attacks were against web applications, and involved the use of stolen credentials.

Industries under the cyber-spotlight

The report adds that the 2020 DBIR now includes detailed analysis of 16 industries, and shows that, while security remains a challenge across the board, there are significant differences across verticals. For example, in Manufacturing, 23 percent of malware incidents involved ransomware, compared to 61 percent in the Public Sector and 80 percent in educational services. Errors accounted for 33 percent of Public Sector breaches - but only 12 percent of Manufacturing. Further highlights include:

  • Manufacturing.  External actors leveraging malware, such as password dumpers, app data capturers and downloaders to obtain proprietary data for financial gain, account for 29 percent of Manufacturing breaches;
  • Retail. Ninety nine percent of incidents were financially-motivated, with payment data and personal credentials continuing to be prized. Web applications, rather than Point of Sale (POS) devices, are now the main cause of Retail breaches;
  • Financial and Insurance. Thirty percent of breaches here were caused by web application attacks, primarily driven by external actors using stolen credentials to get access to sensitive data stored in the cloud. The move to online services is a key factor;
  • Educational Services. Ransomware attacks doubled this year, accounting for approximately 80% of malware attacks vs. last year’s 45%, and social engineering accounted for 27% of incidents;
  • Healthcare. Basic human error accounted for 31% of Healthcare breaches, with external breaches at 51% (up from 42% in the 2019 DBIR), slightly more common than insiders at 48% (59% last year). This vertical remains the industry with the highest number of internal bad actors, due to greater access to credentials; and
  • Public Sector. Ransomware accounted for 61% of malware-based incidents. Thirty three percent of breaches are accidents caused by insiders. However, organizations have got much better at identifying breaches: only 6%t lay undiscovered for a year compared with 47% previously, linked to legislative reporting requirements.

Soft targets.

An article by Security Boulevard points out that the sudden shift to remote work has forced millions of individuals and families to set aside their daily routines and quickly adapt to self-isolating measures to stay safe amid the pandemic

While social distancing helped us flatten the curve, the unprecedented spike in online consumption has opened new doors of exploitation for adults and children alike.

The article added that adults are not the only ones susceptible to the dangers of online exposure. During the stay-at-home orders, millions of children have stored away their backpacks and school gear, participating in online courses along with their teachers and classmates.

While the virtual environment helps teachers and parents struggling to maintain a balanced day-to-day schedule for children, it also serves as a malicious vector for the cyber exploitation of children.

Increased targets.

The article points out that in the first two months of spring, the Minnesota Bureau of Criminal Apprehension observed a 30% increase in cyber-crimes against children. On top of more than 1,000 complaints received by the agency, The National Center of Missing and Exploited Children (NCMEC) recorded more than 6 million tips during the same period.

While the sudden spike in numbers can be attributed to the increased screen time for minors, John Shehan, the vice-president of NCMEC, says that online predators are discussing their intentions to exploit the lockdown orders on the dark web.

The article added that law enforcement agencies also warn of the dangers of online chatrooms, where an adult may pose as a teenager and manipulate the recipient into sending indecent photos, ultimately blackmailing the child by threatening to expose his actions to his parents or teachers.

“Parents are stretched so thin and asked to do so much right now,” said Minnesota U.S. Attorney Erica MacDonald. “It just leads to a very target-rich environment for kids to be preyed upon.”

Parents and caretakers should be the first to start an honest conversation with their children and warn them about the risks they face in the online world, she said.

The article pointed out that parents are advised to keep an eye on their children’s online profiles and monitor their posting patterns. It’s also a good idea to set privacy settings for social media accounts and online gaming platforms. If your little one is more of a night owl, it’s best to try and limit online consumption during late hours or, at least, supervise their interactions.

A failing system.

While there is increased legislation to protect the public against cyber crime, cyber criminals are hard to catch, and justice systems are under increased pressure to perform. And most of them are unfortunately failing.

The article points out that the UK criminal justice system needs further, urgent reform to better serve the needs of victims of cyber crime, who face barriers to reporting offences, receive inadequate support, and rarely achieve any form of justice, according to a study commissioned by the Home Office and HM Inspectorate of Constabulary, Fire and Rescue Services (HMICFRS).

The research, conducted at the University of Portsmouth, set out to assess the nature and impact of crime related to misuse of computers – including most forms of cyber crimes, such as hacking, malware and ransomware infections, and distributed denial of service (DDoS) attacks. It is the first major UK study into the impact felt by victims.

It concluded that the police lack the proper resources to effectively fight cyber crime and protect and support its victims, and made several recommendations for system-wide changes that the wider cyber security sector could take into account to work more effectively in this regard.

Mark Button, director of the Centre for Counter Fraud Studies at the University of Portsmouth’s Institute of Criminal Justice Studies, told computerweekly.com: “There has been a perception that cyber crimes don’t have as bad an impact as some physical crimes, but this report shows that computer misuse crime has a similar, and in some cases a worse, impact than comparable traditional crimes, such as burglary.

“We found victims who compared cyber attacks to physical assaults, some rape and some contemplating suicide as a consequence. We also found some victims struggling to report these crimes. For example, one woman whose laptop camera had been hacked by criminals was dismissed by the police, and another lady whose estranged husband hacked her computer to secure advantage in divorce negotiations was told it was not a crime.”

Poorly classified.

The article points out that Button and his team, who conducted 52 in-depth interviews with victims, along with a wider survey of 252 people, said computer misuse crime was poorly classified by the authorities, and recommended at the most fundamental level a new reporting system be developed, to be regularly monitored and evaluated by Action Fraud and the National Fraud Intelligence Bureau.

Button also found that the Action Fraud brand name represented a barrier to the reporting of some crimes, and recommended it be renamed the National Fraud and Cybercrime Reporting Centre to better account for cyber crime.

The article pointed out that the report went on to recommend a high-level review of all police force websites about what advice is given on such crimes, to ensure more consistency in reporting across the UK. This should go hand-in-hand with improved training for frontline officers and other police staff to understand exactly what constitutes a computer misuse offence, it said.

Explicit task.

The article pointed out that the report also suggested that the National Cyber Security Centre (NCSC) be given the explicit task of working with organisations that regularly receive complaints about cyber crime – such as banks or social media platforms – to encourage people to report through centralised web links.

Finally, Button’s report highlighted the need to increase the resources made available to tackle computer misuse. Many of the interviewees questioned by the research team said they received neither a police investigation nor support, and in only four cases was the perpetrator brought to justice. Resources for dealing with cyber crime are often built too much on short-term funding models, the report said.

“Despite nearly a million computer misuse crimes being reported in the 2018 England and Wales crime survey, just 23,683 were recorded by Action Fraud,” Button told computerweekly.com. “This illustrates significant under-reporting and highlights a subsequent lack of support for those who have often been left deeply affected by the crimes.”

O Flower of Scotland.

Scotland is part of the UK but has fiercely been trying to be as independent from the Crown at every turn.

An article points out that ScotlandIS and The Scottish Government are today calling on Scottish-based tech firms of all sizes to help increase the pace of Scotland’s digital progress and develop the critical national digital and data infrastructure the country needs.

The ScotlandIS Challenge will see resulting projects taken forward as part of The Scottish Government’s CivTech process, which has an established track record of bringing the public and private sectors together to deliver innovative solutions and create new commercial opportunities.

The article adds that ScotlandIS and The Scottish Government are looking for ground-breaking ideas and potential solutions to challenges that display technical expertise and results-based thinking.

Key priorities

The ScotlandIS Challenge is open and inclusive, and encourages firms to consider the following:

  • What are the key components of a new digital and data infrastructure and why they are a priority?
  • How can the national digital and data assets of Scotland be protected?
  • What are the technical solutions to build these components and how can they be applied?
  • How could more essential public services be delivered online – be that healthcare, education, or the way we carry out financial transactions? And
  • How could The Scottish Government work more closely with the private sector to speed delivery, innovate and maximise benefits and investment to the Scottish economy?

Jane Morrison-Ross, chief executive of ScotlandIS, told futurescot.com  “Through this challenge, Scotland has the opportunity to become a Digital Nation, a true digital democracy. Digital underpins everything and is critical to our economy. The rapid digital transformation of business and society would not have been possible without the infrastructure, products and services created by our digital ecosystem.

“But we can do more. And we can do it better. We want to harness technology and innovation to evolve current business models, drive efficiencies and productivity gains across the economy.  To create a country known for innovation, for an ethical approach to data and an integrated approach to public services.  By building the right transformational infrastructure and working collaboratively, we can create a Digital Scotland that is good for the people, the economy, the environment and the government.”

Once ideas have been submitted, an expert multi-disciplinary team formed from Scottish Government and ScotlandIS will review the results, identify common themes, make the results available across Government, agree the priority actions to take and communicate back the findings and recommendations to the sector.