Cybercrime attack methodologies and victim profiles
Question
Cybercrime attack methodologies and victim profiles
Due May 20 by 23:59 Points 30 Submitting a file upload Attempts 0 Allowed Attempts 3
Available Feb 28 at 0:00 – May 21 at 23:59 3 months
Goal
The purpose of this task is to become familiar with recent examples of cybercriminal activity affecting the community and generating knowledge across a wide variety of attack methodologies and victim profiles. Having collected open source cybercrime reports from news, mainstream and specialised media, you will analyse trends and develop theories to explain cybercrimes, criminal behaviours, anc their impacts. You will be divided into groups and work collaboratively to produce a high level summary of the most likely cybercrimes to affect the local community.
Format/Product Artefact – Creative, and Written Piece
Type Individual and Group assessment
Word Count 2500 words
Course Learning Outcomes (CLO) Assessed
CLO1 Analyse the digital cybersecurity environment from the attacker’s and defender’s perspectives.
CLO3 Work in digital environment to produce auditable evidence of collaboration.
CLO5 Identify and rationalise the human and technical vulnerabilities
exploited in cybercrime to understand human reasoning and prevent further attacks.
Assessment Criteria and Rubric
Rubrics help you to understand what knowledge and skills you need to demonstrate in your assessments. They also show you how your submission will be marked and what is expected at the different grade levels.
1. Analysis of the digital cybersecurity environment
2. Identification and explanation of technical and social engineering methodologies
3. Evidence of digital collaboration
Task Instructions
The class will collect news reports of various cybercrimes each week. (See Group Activity: Collection of cyber-attacks). Your group will analyse the artefacts previously collected from multiple online sources and evaluate the evidence of online criminal behaviour identifying methodologies (technical and social engineering) used and consequences to the victims. This assessment will be used to identify the technologies and their impact on individuals and society. Your group will also provide evidence of digital collaboration.
The general format will be each member collects data each week, checks in with team members and shares findings, discusses implications with their team members and the final product is a consolidation of the best-negotiated examples with evidence of digital collaboration.
Your group will collect and collate artefacts from multiple of online sources.
Your team will locate evidence of online criminal behaviour identifying methodologies (technical and social engineering) used and consequences to the victims. A report is required identifying the technologies and their impact on individuals and society. Your group will also provide evidence of digital collaboration.
The general format will be each member collects data each week, checks in with team members and shares findings, discusses implications with their team members and the final product is a consolidation of the best negotiated examples with evidence of digital collaboration.
You will analyse the digital cybersecurity environment relating to the cyber breach you are investigating.
You will identify and explain examples of technical and social engineering technologies that may have been used in the cyber breach.
You will display digital collaboration between team members. You will communicate investigation results.
Groups
Whilst you will individually collect and report on cyber events, this is a group assignment. Groups will be announced after the submission of assessment 1.
A part of your skills as cyber crime specialists is your capacity to communicate in a variety of online environments and this assignment assists in your identifying ways of communicating with group members. This may be through online ways that work for you including Zoom meetings, email, messenger services etc. Be able to produce examples of secure online communication whether this is written records of 2 weeks collaboration or electronic recordings of Zoom meetings.
TIP
As you create your weekly portfolio, think how they can build into this assignment. You will be collecting a lot of material from a variety of sources. Build your portfolio and identify strong examples of different types of attacks and the background stories behind them. Choose a cyber breach which has a lot of material available online from a variety of sources.
Also, it may be of benefit to choose a breach where there is a formal cyber breach report provided to a government regulatory body by the victim entity as this contains information on which to base your report which can be compared to open source material including the media and blog analysis.
It is important for all team members to commence communicating with other team members within the first week of this assessment stage. Previously some team members have not responded to others emails until a week before the assessment is due, causing significant problems. All students are to send the course co-ordinator notification that they have successfullly commenced team discussions. Productive communication within a team environment is a component of the rubric.
Assessment submission
You will work online collaboratively to submit a single team report based on the proven team input of all members. That is, everyone has worked on the report and the final copy submitted is the output of the team collaboration.
You will also submit the collaboration material (video etc) to show all team members contributing to the assessment.
All team members will submit a copy of the team report and collaboration material independently to ensure the student database records you have undertaken this assessment.
The document Common assignment mistakes (https://learn.usc.edu.au/courses/517/files/293913/download?download_frd=1) contains a schedule of common mistakes that are made in assignments where marks are lost. Keep a copy of this schedule open during the writing phase of your report and refer to it regularly.
Resources
Use web sites that cover cyber security. Examples include Krebs on Security; Wired.com; Schneier on Security; Tech Republic; Dark Reading; Threat Post; Naked Security by Sophos; itnews and SC Magazine. There are numerous other resources online and these ones will be a helpful start.
Here is a PDF of the rubric (https://learn.usc.edu.au/courses/517/files/21483/download?download_frd=1) .
YouTube video on creating PowerPoint presentations:
LINK HERE (https://www.youtube.com/watch?v=XF34-Wu6qWU)
(https://www.youtube.com/watch?v=XF34-Wu6qWU)
Using PowerPoint effectively in presentations: LINK HERE (https://www.hamilton.edu/academics/centers/oralcommunication/guides/using- powerpoint-effectively-in-an-oral-presentation)
Common Assignment Mistakes (https://learn.usc.edu.au/courses/1073/files/293917/download?download_frd=1) – What I’ve seen in previous assessments
Answer ( 1 )
CYBERCRIME ATTACK METHODOLOGIES AND VICTIM PROFILES
Table of Contents
Introduction 3
Cyber security challenges 3
Cybercrime attack methodologies 5
Cybercriminal activities 6
Technical and social engineering prevention methodologies for Cyber security 8
Conclusion 9
Reference 11
Introduction
Cybercrime has increased tremendously in this 21st century. Although Cyber security has also improvised at a higher rate for mitigating the breaches, cybercrimes are increased simultaneously. The challenges are also arisen due to the rise of cybercrimes. Several new technologies and methodologies are used nowadays. Cybercrime is the method of breaching someone’s digital, financial and personal life with the help of the internet and computer. On the other hand, cyber security is the technique to mitigate those crimes through automation, social approach and using tools. Although cyber security practices have been improved nowadays, the number of cyber-attacks has also increased.
Cyber security challenges
Cyber attacks are not going to decrease in the upcoming future. In other words, cyber security challenges will increase through privacy breaches, continuous evolving cyber security strategies and improper risk management. In addition, high internet connection has also contributed to more challenges to cyber security. The hackers or the cyber attackers are using that fast network connection to breach people’s private lives and the organisational workplace.
Figure 1: Total Malware Infection Growth Rate (in mn)
(Source: Purplesec.us, 2022)
Cybercrime through malware infection has increased severely from 2009 to 2018. According to Purplesec.us, the malware delivered through the mail was 92% of the whole cybercriminal activity in 2018. Mobile malware also rose to 54% in 2018 worldwide. Among the mobile malware attacks, 98% of the attacks targeted the android devices for their prey. This contributed to the increment in the number of malware attacks to about 812.67 mn. The increment in the number of this type of attack is the prior evidence for the cyber security challenges increment.
Moreover, the increase in the number of cyber attackers and the arrival of IoT has introduced the need for more secure devices and networks for private and organisation use. In addition, most of the issues have arisen due to the evolving security rules and regulations and risks as well. Due to the emergence of new technologies, cyber-attacks have also improved from the traditional way, such as emails and message spamming, social media breaches, and organisational security breaches.
Although several organisations are trying to improve cyber security with the help of updated technologies and automation techniques, cyber security in the smaller organisational aspect has been difficult to manage in the first place. Furthermore, as several business organisations collect data to improve their business, cybercrime increases exponentially. Along with these, the companies that collect the “Personally Identifiable Information” are one of the most targeted organisations for hackers. Moreover, the companies or organisations lack talented or expert people for securing the information. The job of a cyber security expert needs to collect data related to the attack technique and analyse and respond to the attack as fast as possible. According to a study, it has been found that the need for cybersecurity jobs and security experts has a huge gap of about 3 million (Shea,2022).
Figure 2: Acute cybersecurity skills shortage areas
(Source: Statista.com, 2022)
The above figure shows the shortage of cloud computing and application security, security analysis and investigation, and risk compilation administration. Around 33% of the cloud computing security experts can be seen worldwide. On the other hand, the shortage of about 32% in the application security is also seen. In addition, the shortage of security analysis and investigation and risk compliance administration are noticed by about 30% and 21%, respectively, in the above figure. This shortage in the security personnel has increased the cyber security challenges by several times.
Cybercrime attack methodologies
Cyber attacks can be developed in several ways by using some critical techniques in the process of hacking. Security challenges can arise while keeping up with modern technologies for simultaneously streamlining the organisational workflow, threat intelligence, and security trends. Several forms of cyber attacks can be introduced as follows:
1) Malware
This form of a cyber attack can be commenced by several malicious software. This software can be harmful to the private users of a computer. These include Trojans, spyware, worms and viruses. Once malware takes control of one’s computer, it is easy to monitor the computer while tracking the moves of the user (Kumar, 2020). Attackers can use various methods of attack that include attacks through any ‘.exe’ or ‘.pdf’ attached with several downloaded files. These types of files include a malware installer file that is hidden. After downloading that kind of file, it automatically installs the malware into the system that causes harm to the computer by stealing or manipulating the information.
2) Phishing
Phishing contains the social engineering form that includes email or message fraud. These emails and messages are sent in the name of several reputable financial sectors or payment related sites (Baykara and Gürel, 2018). The target of this type of attack includes stealing several sensitive personal data, bank details or credit card numbers. On the other hand, Spear Phishing is meant to attack several business sectors or organisations. The technique of phishing is very simple for the attacker as they send emails or text messages that include attachments or links to an open source. After opening those emails, it takes the users to a legitimate-looking site that asks permission to access important files from the user’s computer. In case of giving that permission, the attacker can be able to manipulate or use the information as per their need.
3) SQL injection Attack
SQL is the short form of ‘Structure Query Language’ used by several organisations to store important information in the form of a database for monitoring the organisation’s services. SQL Injection Attack especially targets those databases to divulge several critical pieces of information about the company. Lucrative targets such as personal credit card numbers, bank details, and private credentials can be an excellent objective for attackers (Jemal et al., 2020). This type of attack mainly works by exploiting vulnerabilities in the SQL codes linked with the database. For instance, it might be possible for an attacker to go to the website’s search box and type a code to give all the information that it stored previously.
4) Cross-Site Scripting
This type of attack is similar to the SQL Injection Attack. However, in this case, the attacker does not attack the website. They might write a code for the users using that attacked website. The attacker does not damage the website’s content. Instead, they try to reach the users’ computers through the malicious website. One of the most common methods of this type of attack is malicious comments on several websites. If the user opens that comment, the malicious code built using JavaScript or C++ runs on the user’s computer and hacks the private information stored in the computer.
5) Denial of Services
This type of cyber attack can be seen in the case of network traffic overload. In the case of an attacker flooding a website with an enormous traffic, the website breaks down instantly by blocking all the users from using that website. This type of attack is difficult to handle as the attackers use several IP addresses. As the IP addresses are from several regions of the world, it appears as the most difficult task to locate the attackers.
6) Session Hijacking
This type of attack happens when a user tries to log into a website or access the website through its personal emails or credentials. The attackers take advantage of the session when the unique session ID or OTP is being shared privately between two parties. Attackers can use those sessions’ information by capturing the ID and posing as unsuspecting users. In addition, the attackers can use the XSS technique to hijack the session and steal information from a user.
Cybercriminal activities
Cybercrime nowadays has several impacts on the organisational perspective and private life. In the pandemic situation, the business organisations face several attacks by the cyber security breach. The resurgence of cybercrime is seen nowadays in a huge number as the technical advancement has helped attackers reconstruct their attacking technique in a difficult way to detect.
Figure 3: Countries having the most cyber crimes
(Source:Baykara and Gürel, 2018)
In figure 3, it can be seen that the highest affected country in the world is the USA. The attacks that have occurred in the country consist of about 23% of the whole number of attacks. The next country that contributes to these attacks is China. China consists of 9% of the whole attack numbers. In addition to this, Germany has also been affected by this kind of attack while it has contributed to the 6% of the attacks count.
Furthermore, the UK has also contributed to the count of the attacks. This country has shared 5% of the whole attack’s count. Moreover, the other non-mentioned countries have contributed the second-highest contribution to the attack count. It collectively shared about 19% of the total attacks.
Several attacks that have occurred recently, such as:
Lloyd Bank Phishing Scam
Consumers of the Lloyd Bank have been targeted through a phishing scam that is being delivered by text messages and emails. A legal firm named ‘Griffin Law’ has warned the customers to handle the messages from spam numbers carefully. There were about 100 consumers who were affected by that type of attack previously (Flinders, 2020). The legal firm has taken steps to create more awareness of the consumer’s behaviour for using emails and text messages. The attackers use emails similar to the official website of the Lloyd Bank that state that their account on the bank has been disabled due to recent suspicious activities. This type of email lures the consumers to take action as per the mail stated, and after doing those activities, the consumers fall into the trap of the attackers. The actions by customers, such as telling their birth dates and account details for verification, helped the attackers hack the customer’s bank account.
Avon affected by Cyber Attack.
The UK based cosmetic company Avon faced a cyber attack in 2020. The company’s website was offline for more than a week due to the attack. The cyberattack targeted the IT system of the company by an alleged ransomware attack. The attack targeted the back-end system of the sales representatives in multiple countries. The attack was meant to damage the system in countries such as Romania and Poland. These attacks blocked the customers of the company from placing orders at that time (Flinders, 2020). On 9th June 2020, the company disclosed the information regarding the cyber attack to the “US Securities and Exchange Commission”, stating that the attack severely damaged its IT environment.
Technical and social engineering prevention methodologies for Cyber security
Cybercrime has increased severely in this pandemic situation as 53% of adults worldwide have agreed to the fact that remote working has increased the attacks as their computers or PCs are vulnerable in case of cyber security. Phishing and ransomware have been increased this COVID-19. The first quarters of 2021 noticed an increase in ransomware attacks by about 102% compared to the beginning of 2020. In addition, the pandemic has increased the cyber attacks by about 238% against the banking sectors. It is enough to say that an organisation’s cyber security needs to be improved in this context of the pandemic; otherwise, it is going to lose the financial assets and information stored to handle the consumers. The techniques that are needed to acquire in the organisational and personal practices on the basis of Social Engineering Prevention methods are discussed as follows:
Social Engineering is meant to manipulate human beings by following their fears, curiosity or feelings towards any schemes or websites that have lured the consumers to fall into attackers’ trap (Aldawood and Skinner, 2018). This type of attack can be mitigated by implying awareness of cybercrime. Moreover, it can be advised that users need to be aware of the emails or text messages sent from suspicious sources. In case to recognise the suspicious activities in the emails, one needs to confirm the sender’s validity and the sources of the company. In addition, the users need to cross-check or recheck the validation of the sender’s profile. Without valid information, the sender users do not need to open the emails or text messages as the attachments of the emails can be malicious. Another approach to prevent social engineering attacks is to use a multi-factor authentication technique (Salahdine and Kaabouch, 2019). It will ensure that the user can stop the attackers from accessing the credential the user directly without facing any hurdles. The users can protect their private information by using the tool called “Imperva Login Protect” to stop that kind of ransomware attack carried through emails or texts.
In addition, the tempting offers from any unauthentic sources need to be analysed before dealing with that kind of attack. In case of encountering enticing offers, thinking twice is the best technique to prevent attacks. Furthermore, users can contribute to better prevention techniques by gaining knowledge about the dealing matter. Moreover, the usage of the anti-virus software can be helpful in mitigating attacks.
In addition, the technical approach can be advantageous for mitigating cyber attacks by improving cyber security. The “Robotic process Automation” can be used in case of mitigate the cyberattacks in the first place (Mohammad and Surya, 2018). The automated system can contribute to thorough analysis and compiling of data for checking the validity of the information related to the user’s credential or organisational workplace. Automation can be used to protect the information of an organisation in case of integrating sophisticated information. The usage of AI and Machine Learning can help mitigate that kind of issue first-hand. Threat detection through AI can be easy to mitigate the cyberattacks in the first place. It does the work by analysing the information about the suspicious activity and recognising the threat. In addition, AI creates the platform to automatically create and enact security protection. AI also contributes to the analysis of big data and other repetitive tasks by eliminating the sophisticated workload from the users.
Conclusion
It can be concluded that cybercrimes can be mitigated by improvising cyber security. Cybercrimes in several countries have increased severely in this pandemic situation. In contrast, the affected organisation from several countries states the incrimination in the cyber attacks due to the remote working behaviour. In addition, several attacking techniques have also been introduced in this 21st century. These attacking techniques also have been improvised by acquiring modern technologies from the attackers. It can also be concluded that attacks through social engineering methods can be mitigated through effective personal awareness building. In addition, the usage of several tools and anti-virus software can be advantageous for mitigating cyber threats. The implication of AI in the organisational field can also help mitigate cyber attacks first-hand.
Reference
Journals
Aldawood, H.A. and Skinner, G., 2018, December. A critical appraisal of contemporary cyber security social engineering solutions: measures, policies, tools and applications. In 2018 26th International Conference on Systems Engineering (ICSEng) (pp. 1-6). IEEE.
Baykara, M. and Gürel, Z.Z., 2018, March. Detection of phishing attacks. In 2018 6th International Symposium on Digital Forensic and Security (ISDFS) (pp. 1-5). IEEE.
Jemal, I., Cheikhrouhou, O., Hamam, H. and Mahfoudhi, A., 2020. Sql injection attack detection and prevention techniques using machine learning. International Journal of Applied Engineering Research, 15(6), pp.569-580.
Kumar, R., Alenezi, M., Ansari, M.T.J., Gupta, B.K., Agrawal, A. and Khan, R.A., 2020. Evaluating the impact of malware analysis techniques for securing Web applications through a decision-making framework under fuzzy environment. Int. J. Intell. Eng. Syst, 13(6), pp.94-109.
Mohammad, S.M. and Surya, L., 2018. Security Automation in Information Technology. INTERNATIONAL JOURNAL OF CREATIVE RESEARCH THOUGHTS (IJCRT)–Volume, 6.
Salahdine, F. and Kaabouch, N., 2019. Social engineering attacks: A survey. Future internet, 11(4), p.89.
Online newspapers
Flinders K., 2020 Phishing scam targets Lloyds Bank customers. Available at: https://www.computerweekly.com/news/252488560/Phishing-scam-targets-Lloyds-Bank-customers [Accessed on: 5th May, 2022]
Purplesec.us, 2022 2021 Cyber Security Statistics The Ultimate List Of Stats, Data & Trends., Available at: https://purplesec.us/resources/cyber-security-statistics/ [Accessed on: 5th May, 2022]
Shea S., 2022 What is cybersecurity? Available at: https://www.techtarget.com/searchsecurity/definition/cybersecurity [Accessed on: 5th May, 2022]