Cybercrime as a Consequence of the Internet, Research Paper Example

Abstract

The internet is perceived as the most significant invention of the 20^th century, more important than any cure, even more, potent than the atomic bomb. The impacts of the internet are yet to be fully felt even today, such as the magnitude of the internet. It introduced new opportunities across various fields, elevating possibilities to unfathomable heights. Things like music concerts and surgical procedures can be done virtually without people having to cover tens of thousands of miles for their presence to be impactful through the internet (Curry 1). Also, via web-based platforms, people can send money across nations instantly. More importantly, though, the internet has revolutionized communication. The rise of social media platforms, instant messaging, and other tools like emails has enabled instantaneous messaging worldwide without much hassle being undertaken.

However, every element that has positivity also has its negativity. The most significant negative implication of the internet is the rise of hacking. Hacking is the illegal breaching of access to another party’s personal information with evil intent. By the year 2020, 4 billion people had access to the internet, which was twice as much as 2017, increasing opportunities for hackers (Chiou and Catherine 1). Cybersecurity spending increased to $80 billion in 2016 and is forecasted to exceed $1 trillion by the end of 2021. Consequently, cybercrime damage costs will rise from $3 trillion in 2016 to $6 Trillion in 2022. Shockingly, the healthcare industry is the number 1 cyber-attacked industry. 91% of cyber-attacks start through email. Most businesses who don’t train their employees on security risks are susceptible to corporate email compromise scams, which the FBI says has ed to over $3 billion in losses. Cyber-attacks can include website defacing, ransomware, phishing, domain twisting, identity theft, hacking, third-party access, distributed denial of services (DDoS), exploit kits, and many more (Liu and Bruce 14-21). This paper wishes to review the menace that is cybercrime, how it is currently being used, its merits and demerits, what potential drawbacks exist, the implications that are there in the use of, and what people are not considering when adopting the technology.

Spear phishing uses electronic information defect or email electronically to target an organization or an individual. Usually, the email or message comes from a known person, but it aims to create malware or virus. The main objective is to gain access to the affected website to get specific information such as passwords, security numbers, location, and many others (Jan-Willem et al. 1). One of the most prominent hacking occurrences occurred in the late 2010s when a rogue group of IT specialists planned an attack on Target. The attackers had targeted to get the inside information to perform the data breach to steal from the millions of credit and debit cards that were involved with shopping at Target during this festive period. The best way they would get in without raising eyebrows was via spear-phishing a contractor to the unsuspecting Target personnel. In this case, Target systems were accessed through 3rd party user who was known as Fazio Mechanical Services (Plachkinova, Miloslova, and Maurer 11-20). The attackers very strategically targeted the point of sale (POS) plans. It is situated at the teller, where undertake the payment transactions. Even more strategically, the group chose to attack at the busiest shopping period of the year, from November to mid-December which usually encapsulates the Black Friday, Cyber Monday, Thanksgiving, and Christmas holidays. The technical part involved applying the spear-phishing method to infect a 3rd part vendor (Fazio Mechanical Services refrigeration) by positioning their entrapping software to collect login information and employee keystrokes. They then used the vandalized login data to access the network server and later manipulated the system to elevate their permissions to access the cards’ details. As stated earlier, 3rd party and even 4th party vendors who have access to essential information linked to an organization pose a significant risk. In case their databases are breached, this also exposes the data belonging to the affiliated company. When a third-party contractor is added to the system, the system’s vulnerability gets enhanced to attacks from hackers. Anyone can disguise him or herself as a third-party contracting staff and have access to organization files and other sensitive information.

Cybercrimes have often been associated with an interception of people’s data by hackers in an act known as a man-in-the-middle attack (Mallik 109-134). They conduct monitoring of someone’s navigation through secret platforms. After studying the information of a person, the perpetrators can get vital information regarding the person, such as the passwords to the debit cards, which they can use to steal money from their banks or business accounts. They get this kind of information from studying the communication flow of the individual and collecting information through various data collection methods that use advanced technology and machines (Mallik 109-134). Therefore, having this data enables them to wire money electronically from people’s accounts easily. Finally, through data interception, committers of cybercrime can tap into confidential conversations between individuals. It is also noted that the telecommunication privacy rules are being broken by cyber-crime committers, especially when they intercept people’s data. Also, they can conduct telecommunications piracy in the sense that they can intercept and shut down one of the persons speaking, thus proving to have control over communications between two people.

As recently as May 2021, there was an attack on one of the most significant pipelines in the US, the colonial pipeline that stretches more than 5,500 miles and transports a large number of gallons on a daily basis fell victim to a cyber-attack (Oxford Analytica 1). The unfortunate fate befell the pipeline as it experienced ransomware, which is a scheme that involves the perpetrators seizing unprecedented control of one’s computer systems by use of code only later to ask for a substantial amount of money so as to give administrative rights back to the affected organization. Following intensive investigations, the law enforcement authorities alongside the FBI pinned the responsibility of the act on a sect that was only identified as the Darkside (Oxford Analytica 1).

Such attacks have large-scale targets more than small-scale targets; in short, they target to hit entire systems, not just individuals. When such an attack occurs, they usually look for the tiniest of loopholes, which they typically find either by sending an infected email to a worker, or duplicating an employee’s gate pass, and so on. However, upon successfully launching an attack on a single entity or single worker and gaining access to the system, most hackers’ goal is to gain access to the entire organization’s system and cripple it to their gain.

Financial losses are also incurred by excessive internet use due to online fraudsters who con people online. For instance, many conning activities have been witnessed in today’s world due to people engaging themselves in online activities and trusting people online whom they do not know. This frequently happens as most of them as promising job opportunities, better health services, and some even end up being conned by people who pretend to sell items online. This causes loss of money since the fraudsters escape with someone’s money without delivering what they were advertising, and the number of cases of fraud on money-based online platforms such as PayPal and Skrill has been increasing exponentially (Logronio 1)

Countering Cybercrime

There has been a number of efforts and measures put in place in a bid to try and curb cybercrime, with the most recent high-profile efforts being the congregation at Budapest, which more than forty-three countries signed.

The Budapest Convention on cybercrime ramifications

The committee compiled an exposition which emphasized mainly the advantages brought by the Convention from experts’ perspective. The named exposition insisted on critical points such as;

1. Cooperation between the public and private sectors.
2. The fortification of criminal justice capacities.
3. Local legislation on cybercrime and the subsequent digital evidence globally.
4. Local legislation upon which local investigations shall be established upon.

Any country can use the Convention as a guide for drafting domestic laws. As a matter of fact, close to 80% of UN members have already done so. Becoming a party brings additional benefits: having a seat in the esteemed Cybercrime Convention Committee and improved cooperation with the private sector participating in projects of the Cybercrime Programme Office. The Convention carries the ultimate vision of achieving an internet where data can be exchanged freely, with the need for projecting people’s rights in cyberspace and effectively responding to specific crimes committed online (Patel 1).

With new states joining this treaty, expanding capacity-building programs, and a future second additional protocol, the Budapest Convention will continue to be monumental and helpful for years to come.

Conclusion

We can conclude that cybersecurity is an essential aspect of an organization or company. This can be achieved by employing competent and trustworthy workers. Occasional Security drill should be advised to avert a possible scenario like the one we saw with Target; many customers were affected by what happened; this resulted in Target losing millions of dollars in compensation and litigation processes. The total cost of data breach liability was $202 million. It was accessed through the point of sale; the perpetrators disguised themselves as Fazio Mechanical Service and planted a chip in a refrigerator next to the counter. The chip was capturing data simultaneously as customers were shopping using the point of sale.

This took place during the holiday shopping spree. It is believed that hackers stole close to 98 million credit cards and debit cards from customers who had visited its stores during the holiday season. Risk management operations ought to cover beyond the company’s scope. If not adequately vetted and covered, 3rd party and even 4th party vendors who have access to essential information linked to the company pose a significant risk if they get breached. Hence, introducing a new dimension of security known as third-party risk management (TPRM) to help cover this loophole and avoid cases such as the one that took place at Target. Also, many conning activities have been witnessed in today’s world due to people engaging themselves in online activities and trusting people online whom they do not know.

Apart from the financial implications caused by cybercrime, other health and personal impacts include feeling sad, which come about due to cyber-attack episodes. Confusion also arises since, at times, an individual finds it difficult to understand all the information they have sourced from the internet. Cyber-attacks may also cause the victim negative social impacts like anger and annoyance during social gatherings. This causes disputes and quarrels among family members and friends.

We have also seen that financial losses are incurred by reckless internet use due to the presence of online fraudsters who con people online. Cyberbullies take advantage of one’s online vulnerability and tap into people’s information, enabling them to conduct transactions in the buyer’s name falsely. They create false profiles in the online stores or the businesses, and then they use the links to get the ways of how they will be able to lure the buyers in the companies that they are the customer care service then they make requests to the customer and end up damaging their accounts.

Bibliography

Bullee, Jan-Willem, et al. “Spear phishing in organizations explained.” Information & Computer Security (2017). The article talks about a form of hacking known as spear-phishing which involves email or message, but it aims to create malware or virus.

Chiou, Lesley, and Catherine Tucker. Social distancing, internet access and inequality. No. w26982. National Bureau of Economic Research, 2020. This book reveals details on volume of people who gained access of the internet in the year 2020

Curry, Emily, et al. “Prevalence of internet and social media usage in orthopedic surgery.” Orthopedic reviews 6.3 (2014). The book talks about the revolutionizing impacts of the internet, including how it has impacted the field of medicine, especially surgery.

Das, Sumanjit, and Tapaswini Nayak. “Impact of cybercrime: Issues and challenges.” International journal of engineering sciences & Emerging technologies 6.2 (2013): 142-153. The book introduces us to cybercrime, explaining a lot of dynamics that are involved, and also talks about the issues and challenges that are associated with the same.

Hill, Joshua B., and Nancy E. Marion. “Introduction to Cybercrime: Computer Crimes, Laws, and Policing in the 21st Century: Computer Crimes, Laws, and Policing in the 21st century.” ABC-CLIO, 2016. This book also explains about cybercrime, and describes about computer crimes, laws, and policing in the 21st century.

Liu, Simon, and Bruce Cheng. “Cyberattacks: Why, what, who, and how.” IT professional 11.3 (2009): 14-21. The book is the encyclopedia of cyberattacks describing their origins and why they are undertaken.

Logronio, Norvelita, et al. “E-Commerce Fraud: Effects of Online Selling.” Available at SSRN 3835781 (2021). This is an article that has been written quipping on the dangers and overall impacts of online fraud and effects of selling items on the web.

Lu, Yang, and Li Da Xu. “Internet of Things (IoT) cybersecurity research: A review of current research topics.” IEEE Internet of Things Journal 6.2 (2018): 2103-2115. This research compilation talks about recent cybersecurity incidences and the methods used to counter them, and the loopholes they exploited.

Magazine, Monica, Nazneen Sherif, and Mike Cushman. “A multi-level approach to understanding the impact of cyber-crime on the financial sector.” Computers & Security 45 (2014): 58-74. It is a detailed multi-tiered approach that helps expound on understanding the impact of cyber-crime on the financial sector as well as the role of security as an entity in the field of IT.

Mallik, Avijit. “Man-in-the-middle-attack: Understanding in simple words.” Cyberspace: Jurnal Pendidikan Teknologi Informasi 2.2 (2019): 109-134. This book opens up about a recently-stumbled-upon form of cyber attack known as man-in-the-middle-attack which involves a hacker intercepting information being sent between two entities, the sender and recipient, and using this vulnerability to siphon data from one of the parties, the intercepted party.

Oxford Analytica. “US pipeline hack to make ransomware risks a priority.” Emerald Expert Briefings oxan-ga. The excerpt reveals the details of the recent cyber attack on major US pipeline, the colonial pipeline, with the group responsible for the attack responsible for withholding crucial dockets of the pipeline’s system for close to a week.

Patel, Durgambini A., and Sanjana Bharadwaj. “Budapest Convention on Cyber Crime.” (2020). This document details about the special convention that saw several countries convene and try to solve the pertinent obstinate issue of cybercrime, and was primarily driven by United Nations and the Council of Europe in 2004.

Plachkinova, Miloslova, and Chris Maurer. “Security breach at target.” Journal of Information Systems Education 29.1 (2018): 11-20. This specific journal discusses about the security breach that took place at Target in 2014 involving spear-phishing which is a way of illegally gaining access to particular information. For this case, the journal reported that close to 40 million debit and credit card accounts could have had their data breached.

Setiawan, Nasrudin, et al. “Impact of Cybercrime In E-Business and Trust.” Int. J. Civ. Eng. Technol 9.7 (2018): 652-656. This article talks about e-businesses such as Amazon, among other C2Bs and C2Cs, while placing emphasis on the impact of cybercrimes on these entities.

Shu, Xiaokui, et al. “Breaking the target: An analysis of target data breach and lessons learned.” arXiv preprint arXiv:1701.04940 (2017). This electronic print goes to length in trying to investigate and hypothesize the possible loopholes in the security breach that took place at Target in 2014 involving spear-phishing, how best to counter them, as well as lessons learned.

Srinivasan, S. U. R. A. J., L. Y. N. N. Paine, and N. E. E. R. A. J. Goyal. “Cyber breach at Target.” Harvard Business School Case Studies (2019). This analysis also reveals crucial information pertaining the Target cyber security breach, while placing emphasis on its impact to the entrepreneurial aspect.