Ever growing widespread use of the internet has brought with it a raft of traditional and new crimes that can now be committed in cyberspace.Back in 19902, cyber criminals operated like traditional burglars by breaking into systems to steal data like how traditional roughnecks break past gate and wall among other physical barriers to commit their crime.In cybercrime,crimes from fraud, hacking, money laundering and theft, through to cyberstalking, cyberbullying, identity theft, child sexual exploitation and child grooming.The extent of cybercrime is difficult to quantify as it is generally underreported.Techniques such as crafting malicious code and conducting probes to discover weakened entry points are fast disappearing,and not even firewalls and secure networks with advanced encryption seems to be a losing battle.In 2014, the amount of security incidents that turned into full-blown attacks nearly doubled compared to the previous year.In total, 45% of all cyber attacks were committed by hackers directly targeting network infrastructure from the outside.Close to nearly a quarter of the attacks, cyber criminals worked to exploit unwitting personnel or third-party partners as conduits for a breach wherein external attackers benefitted from the missteps of a employees.
Also in 2014, close to 55% of cyber attacks were caused by insiders within a company.What’s more, security incidents resulting from unauthorized access accounted for 37% of total attack causes,nearly doubling from 19% the previous years.More people than ever are falling victim to identity crime thanks largely to using internet banking, shopping online and sending email, actions that millions of us do each day without a second thought.Cyber security strategies that kept criminals at bay even just a couple of years ago must be rethought, with the danger of insider attacks at the top of our minds.Most people put everything out there on social media networks like Facebook,Twitter,Google plus and Instagram.All a cyber criminal need to steal is someone’s identity,their full name, their date of birth, sometimes their place of birth and an account number. With that information all over the internet then its is very easy to piece together.An outsider or insider who has access to an individual or company’s details as well as data and information has a high chance of success in committing crime. Such criminals can be either employees or third parties that a company typically trusts, such as business partners,clients or contractors.According to statistics, insiders who carry out attacks are mainly disgruntled elements or malicious current or former employees taking advantage of their privileges and access.
As we saw with Edward Snowden, such people are particularly dangerous, as they’re often willing to go to extraordinary measures to circumvent security controls, and are unconcerned with potential consequences. Inadvertent victims of social engineering who fall into the trap of phishing scams, accidentally click on malicious links.The new era of spam is seeing tremendous success in tricking users to inadvertently infect their corporate networks with malware. Its effectiveness as a tactic is evident in its growing popularity among cyber criminals.Until two years ago, the percentage of spam carrying malware rarely exceeded 1%. But since mid 2013, the amount of malicious spam spiked to 4% in 2014.Keeping these tactics in mind is becoming a make or break strategy for businesses, as the cost of repairing a data breach continues to rise up 24% since 2013. Growth in insider-caused attacks means that cyber criminal strategies have evolved and are more targeted, stealthy and more effective.Maintaining security awareness,training of employees and contractors to make them aware of risks is crucial.As learned from Edward Snowden breach, those who have privileged access should be monitored and controlled.Cybercrime cannot yet be completely eliminated, bit being careful one can stay on top of evolving strategies to better bolster defenses against attacks.