Anatomy of a Cyber Crime

posted in: Cyber Security | 0

There are approximately 1.5 million cyber attacks every year, and its crucial that you understand how cyber crime actually works to maximise your chances of protecting your identity, cash, networks and business information.

Of course, cyber crime and cyber attacks vary considerably in their form: Will they use malware or bots to execute the hack? Will they phish for your data or hack directly in? Will they enter commands to your device after gaining access, or has it been written into a program? Are they attempting to steal your identity or cash?

The differences don’t matter too much however. Cyber crime generally follow a five-step process.

Stage One – Preparation

Cyber criminals maintain a range cyber weapons to get your valuable property, be they malware, bots, malicious code, phishing scams like fraudulent emails and landing pages, or a host of social engineering tricks. These are constantly being refined and tweaked, particularly for commonly used software such as Windows XP or Windows 7, Acrobat, Java and Internet Explorer.

Cyber criminals are also constantly looking for victims. Anything you or your business puts online may potentially help a cyber criminal identify you as a potential victim. The decision to install particularly vulnerable software, and the decision to have outdated versions of software are also the easiest way that a cyber criminal to decide to target you as an individual. Companies that maintain remote login services are also particularly vulnerable.

Stage Two – Deployment

Cyber criminals have identified you or your employees as a potential target, and its time to put their weapons to work. They’ll actively attempt to crack your password, or send you an email or contact you in any one of a variety of platforms. Alternatively, hackers deploy a range of infected email attachments, or website links or advertisement with the weapon deployed inside. Some of the most insidious attacks are deployed on fake Facebook ‘Like’ icons.

Stage Three – Infiltration

The hack really begins when you open a malicious file, click the link, or take the bait on a phishing scam. At this point, you’ve unwittingly given them access to your system, allowed them to insert a piece of code, or provided them a piece of information that they will subsequently used to exploit. Often, this infiltration will occur unknown to you. The action occurs behind the scenes: for example, an infected PDF will open normally, the cyber weapon’s payload is delivered, and you’ll be none the wiser.

Stage Four – Exploitation

Once the weapon has been activated, the cyber criminal (or their program) will work to exploit the opportunity. Common exploitation methods might include:

  1. Providing passwords or credentials to be re-used;
  2. Locking users out from systems;
  3. Erasing files or corrupting memory; and
  4. Sending messages or instructions to others, using your identity; and/or
  5. Redirecting the device for the purpose of a denial of service attack.

Often a cyber criminal will combine multiple exploitation methods, and the impacts can be devastating. Within seconds of the hack commencing, a cyber criminal can have full access to your computer, services your personally access using passwords, and business information.

Stage Five – Ex-filtration

The damage has been done, and its time for the cyber criminal to leave. They will often cover their tracks.

Minimizing the Risk

There are a few steps you can take:

  1. Be very careful about what you put online.
  2. Keep your software and operating system up to date.
  3. Don’t click on suspicious links or open suspicious emails.
  4. Use two-factor authentication where possible.
  5. Don’t use the same password repeatedly across different sites – use different passwords.

Businesses need to be especially wary, and they should be actively building the awareness of their employees. One breach permitted by junior or short-term staff can lead to exploitation at the most senior levels of the organisation.