People in an office working on their computers and staying safe from cybercrime

A Guide to Cybercrime

Updated January 1, 1 . AmFam Team

Cybercrime is a continually escalating threat and a significant risk economically. Learn more about cybercrime and how to better protect your business.

Digital technology continues to transform the world of business, exposing organizations to both opportunities and threats. Cybercrime, a threat growing since the early 2000s, continues to escalate ranking as a significant reported economic crime. Take a look at the types of cybercrime and the methods by which they’re committed so you can learn how to better protect your business

What Is Cybercrime?

Cybercrime, also referred to as computer crime, is criminal activity that involves the internet, a computer system or computer technology. Examples include identity theft, phishing, ransomware and other kinds of cybercrime.

An understanding of the cybercrime problem is a prerequisite for any discussion of computer security. The Federal Bureau of Investigation (FBI) is the lead federal agency for investigating cyberattacks by criminals, overseas adversaries and terrorists. The threat is incredibly serious — and growing.

How does cybercrime work?

Cyber intrusions are becoming more commonplace, more dangerous and more sophisticated. The critical infrastructure, including both private and public sector networks, are targeted by adversaries. American companies are targeted for trade secrets and other sensitive corporate data, and universities for their cutting-edge research and development. The FBI is addressing the pervasive and evolving cyber threat. This means enhancing the Cyber Division’s investigative capacity to sharpen its focus on intrusions into government and private computer networks.

The FBI’s Internet Crime Complaint Center (Opens in a new tab) (IC3) provides the public with a trustworthy and convenient reporting mechanism to submit information concerning suspected internet-facilitated criminal activity. The IC3 provides a series of definitions for various types of cybercrime. The definitions are far reaching and include the definition for corporate data breach:

A corporate data breach is considered a leak/spill of business data which is released from a secure location to an untrusted environment. A data breach within a corporation or business where sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.

How Often Does Cybercrime Happen?

According to the Identity Theft Resource Center (Opens in a new tab), phishing and ransomware were the two main motives for data breaches in 2021. There has been an increase in data compromises from 2020 to 2021 due to an increase in phishing, supply chain and ransomware attacks.

The most comprehensive report on cybercrime activity is provided in the Verizon Data Breach Investigation Reports (DBIR) (Opens in a new tab). These reports have been around since 2010, and the most recent data show that financial gain and stealing secrets remain primary motives for cybercrime.

What Are Some of the Types of Cybercrime?

There are many types of cybercrime attacks ranging from hacking to ransomware, or even the low-tech act of losing a laptop or having it stolen from an unlocked vehicle. These activities are captured by a variety of services from law enforcement to insurance carriers. The DBIR analyzes thousands of events because many different organizations contribute data using a community database known as the Vocabulary for Event Recording and Incident Sharing (Opens in a new tab) (VERIS) Community Database. Some different types of cybercrime include:

Insider threat

The disgruntled insider is a source of cybercrimes. Insiders do not need a great deal of knowledge about computer intrusions because their knowledge of victim systems often allows them to gain unrestricted access to cause damage to the system or to steal system data.

Hackers

Hackers are a common threat. They sometimes crack into networks simply for the thrill of the challenge or for bragging rights in the hacker community. While remote hacking once required a fair amount of skill or computer knowledge, hackers can now download attack scripts and protocols from the internet and launch them against victim sites.

Distributed denial of service attacks

These types of cybercrime attacks work when the hackers plant tools on several unwitting victim systems. Then when the hacker sends the command, the victim systems in turn begin sending messages against a target system. The target system is overwhelmed with the traffic and is unable to function. Users trying to access that system are denied its services.

Data breach

A data breach is the intentional or unintentional release of secure information to an untrusted environment. Other terms for this phenomenon include unintentional information disclosure, data leakage and data spilling. A data breach is a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.

Malware infection

Short for malicious software, a malware infection consists of programming (code, scripts, active content and other software) designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources and other abusive behavior.

Cyber espionage

This threat is a type of cybercrime where attacks are linked to state-affiliated actors with the motive of espionage. A malicious phishing email is usually the way that the attackers can infiltrate the network. They do not try to be noticed but, instead, set up a portal where they can access data for long periods of time without being noticed.

Ransomware

For the attacker, holding files for ransom is fast, low risk, and easily monetizable, especially with Bitcoin to collect anonymous payment. Ransomware is a more recent type of cybercrime, extorting millions of dollars from people and organizations after infecting and encrypting their systems.

Physical theft

This type of crime still happens though it does not make the headlines that other, more high-profile thefts get in the news. Encryptioncan stop theft and loss incidents from becoming breaches. However, encryption cannot always help prevent cybercrime; most confirmed breaches involved the loss of hardcopy documents.

Payment card skimmers

While ATMs continue to be the main target for skimming, gas pump terminals have quickly become a common location for this form of cybercrime and identity theft. Skimming attacks are almost always discovered by third parties.

Point-of-sale Intrusion

Point-of-sale (POS) environments are almost always successful, with most POS attacks resulting in a confirmed data breach. The focus of attacks has shifted from hotel chains to restaurants and small businesses.

Phishing schemes

This may be a catch-all category, but that does not mean there are not interesting and important trends to be observed within this type of cybercrime. A key emerging tactic is email compromises where “the CEO” orders wire transfers with an urgent and believable back story.

Prosecuting cybercrime

Security breaches and the compromise of sensitive information are a very real concern for organizations worldwide. When cybercrime incidents are discovered, response is critical. The damage must be contained quickly, customer data protected, the root causes found, and an accurate record of events produced for authorities. Furthermore, the investigation process must collect this evidence without adversely affecting the integrity of the information assets involved in the crime.

The Secret Service is the only entity within the Department of Homeland Security that has the authority to investigate violations of Title 18, United States Code, Section 1030 (computer fraud). Congress also directed the Secret Service in Public Law 107-56 to establish a nationwide network of Electronic Crimes Task Forces (ECTFs) to identify and investigate cybercrimes, including potential terrorist attacks against critical infrastructure and financial payment systems.

In response to the proliferation of highly publicized data breaches, Congress is considering legislation that would create a federal data breach notification requirement and data security standard.

How to Prevent Cybercrime

The cyberattacks that have already taken place demonstrate that significant damage can be incurred by attackers and attacks pose serious risks to businesses. No business can anticipate all potential vulnerabilities, and even if one could, it may not be cost-effective to implement every measure available to ensure protection against cybercrime. However, some basic steps can be taken by businesses to improve its position against cybercrime. These steps include strengthening the following:

Monitor and mine event logs

By monitoring and extracting certain events from logs, there is a focus on the obvious issues that logs pick up. Reducing the compromise-to-discovery timeframe from weeks and months to days, can pay huge dividends.

Eliminate unnecessary data

If you don’t need it, don’t keep it. For data that must be kept, identify, monitor and securely store it to prevent the possibility of a cyberattack.

Use two-factor authentication

This can limit damage with lost or stolen credentials.

Secure remote access services

Restrict these services to specific IP addresses and networks, minimizing public access to them. Also, ensure that the business is limiting access to sensitive information within the network.

Audit user accounts and monitor users with privileged identity

While you should trust your employees, still consider monitoring them through pre-employment screening, limiting user privileges and using separation of duties. Managers should provide direction, as well as supervise employees to ensure they are following security policies and procedures.

Educate staff to spot warning signs and essentials of good password protocols

Practice identifying phishing schemes so that everyone knows what an email may look like. Establish open communication for informing IT about suspect emails. Consider rewarding employees for reporting suspicious activity such as potential phishing or pretexting attacks.

Patch and update software promptly

Strengthen passwords to limit the chance of them being guessed.

Be aware of physical security assets

Pay close attention to payment card input devices, such as ATMs and gas pumps, for tampering or manipulation.

Protect Your Business from Cybercrime

Information security is gradually improving. However, the business reality of computer and internet use make the reality of cyber intrusion and possible cybercrime inevitable. While malicious programs are well known to security experts, hackers tweak them frequently enough to render them undetectable to antivirus software.

Cybersecurity is not something that line of business executives are measured on until something goes wrong, but they are the stewards of data that is most coveted by cybercriminals. To keep your organization secure, make sure everyone is trained in cybersecurity best practices, and aware of the part they play.

Head to our loss control and risk management page to learn more ways to protect your business.

This article is for informational purposes only and includes information widely available through different sources.

COPYRIGHT ©2017, ISO Services, Inc.

The information contained in this publication was obtained from sources believed to be reliable. ISO Services, Inc., its companies and employees make no guarantee of results and assume no liability in connection with either the information herein contained or the safety suggestions herein made. Moreover, it cannot be assumed that every acceptable safety procedure is contained herein or that abnormal or unusual circumstances may not warrant or require further or additional procedure.

Tools & Resources

Explore our tools and smart tips.