Cybercrime refers to illegal activity carried out with a computer or electronic device, including attacks on private and government computer networks as well as using a computer to target people or damage property. Common types of cybercrime include data theft, identity theft, unauthorized access, cyberstalking, and child pornography. The costs associated with cybercrime worldwide have risen substantially in the 2010s. According to the Center for Strategic and International Studies, cybercrime cost businesses and individuals worldwide nearly $600 billion in 2017. In addition to the economic threat posed by cybercrime, infiltration of government networks, including missile systems and election protocols, can have significant national and global security implications.
Cybercriminals use several types of malicious software, commonly referred to as malware, to penetrate private computers and networks. Early viruses and worms, including the Morris worm of 1988 and the Chameleon series of viruses, were intended to damage computers but otherwise had no practical application. The programmers who created these early malware programs were motivated by personal curiosities about the potential capabilities of software to cause disruptions. Subsequent malware, however, allowed cybercriminals to steal and profit from sensitive information.
Trojan horses, rootkits, and backdoors are technologies that allow malware to run on someone's computer without being detected. Trojan horses are programs that invite users to run them, but users are unaware that the programs conceal another harmful program that is installed. Software downloads available on the Internet often come with Trojan horses that install spyware on the user's computer. Spyware can track the user's online activity, take screenshots, and capture keystroke activity. Rootkits are programs that allow unauthorized access to a computer following an automated installation via a Trojan horse or a cybercriminal gaining direct access by exploiting a technological or human vulnerability. Backdoors refer to the entry points in which cybercriminals gain unauthorized access and bypass authentication procedures by exploiting software vulnerabilities.
Malware can enable cybercriminals to use infected computers as proxies, which serve as gateways between a private network (in these cases, the criminal) and an external network, such as the Internet. Without the owners' knowledge, their machines are used to distribute spam messages or other malware. Cybercriminals organize large numbers of these proxy computers, often called zombie computers, into systems called botnets. These botnets, which can include several thousand computers, are controlled by a relay command system that gives instructions to all of the machines simultaneously. Botnets, Trojan horses, and spyware allow cybercriminals to steal sensitive data, such as credit card information, without the infected computer's user becoming aware.
Ransomware is a type of malware that installs a virus, such as CryptoLocker and Cryptowall, that encrypts a user's computer or data and does not provide access to the data until a ransom is paid. The cybercriminals typically threaten to destroy the files if the user does not pay the fee within a specified time. The Federal Bureau of Investigations (FBI) received 1,783 complaints related to ransomware in 2017, a significant drop from the 2,673 complaints reported one year earlier. Despite this positive trend, ransomware attacks continue to pose a threat, especially to large computer networks belonging to corporations, hospitals, and government. In 2018 the cybercriminal organization SamSam unleashed ransomware upon the city government of Atlanta, Georgia, requesting approximately $52,000 in the cryptocurrency Bitcoin. Rather than pay the ransom, the city spent more than $2.6 million in emergency services, recovery, and other expenditures. Cybersecurity experts noted that the city government had failed to maintain its network defenses and would likely need to invest an additional $9 million.
In 2017 the FBI received over 25,000 complaints related to phishing, a method used by criminalsto trick people into providing personal information, such as credit card numbers or account passwords. Phishing schemes typically involve sending emails or instant messages that appear legitimate but contain links to malicious sites. In one common phishing scheme, users receive an email message telling them that their credit card company urgently needs to confirm their passwords, making users believe that they must take immediate action to protect the account. The users are then directed to the phishing site, which has typically been designed to closely resemble the credit card company's legitimate site. In earlier phishing campaigns, it was necessary for the user to key in the requested information on this bogus site. As users have become more skeptical about providing such information, however, phishers have adapted. Sophisticated new malware allows them to steal this information whenever a user simply follows a link in a phishing message.
In the 2010s phishers have increasingly used social networking sites to find victims. Cybersecurity experts warn users to beware of suspicious looking links, advertisements, messages, posts, comments, and more on sites such as Facebook, Twitter, and LinkedIn. Angler phishing refers to a practice in which criminals monitor social media to see which users mention certain companies, and then the phisher impersonates a customer service account to obtain personal information from the unsuspecting user. According to Verizon's 2018 Data Breach Investigations Report, approximately 4 percent of users targeted by a phishing scheme will succumb to the deception, and those who have fallen for a phishing scheme previously are more likely to do so again. However, 78 percent of users do not fall for any phishing schemes over the course of a year.
The effects of cybercrime can be especially wide-reaching when skilled hackers gain access to the computer systems of banks, credit card companies, merchants, government agencies, universities, and other organizations. Just one such breach can give hackers access to personal data of millions of people, including social security numbers, credit card and bank account numbers, and health records. Hackers then sell this information on the global market via criminal websites known as carding forums, which deal in stolen personal and financial data. Not all hackers harbor criminal intentions; those who do are considered black hat hackers, while cybersecurity experts who help protect private networks from attacks or expose those networks' vulnerabilities are considered white hat hackers.
According to the FBI, hackers and their associates steal hundreds of millions of records from US banks and other companies each year. They sell these records to other criminals or use the data to manufacture fraudulent bank or credit cards. In 2018 several companies, including Macy's, Sears, Delta Airlines, and retail management group Hudson's Bay Company, experienced data breaches in which criminals acquired the payment information of thousands of customers. A series of damaging reports in 2018 revealed that the social media company Facebook had suffered data breaches in which more than 200 million users likely had their personal information acquired through third-party applications. Criminals often sell the data they obtain in these breaches to other criminals who may use it to commit identity theft or blackmail.
Attacks on the Government
Hackers capable of gaining access to government computer networks pose a significant threat to national and global security. Hackers have gained access to files on the Department of Defense's (DoD) network on several occasions. The DoD reports receiving over 36 million emails containing malware or phishing schemes every day. The ongoing threat of security breaches led Secretary of Defense Ash Carter to launch the Hack the Pentagon initiative in 2016, a pilot program which offered cash rewards and a commemorative coin for white hat hackers who identify security vulnerabilities. The Hack the Pentagon initiative led to similar programs to test the security of other government networks, including Hack the Army, and the DoD's adoption of its first vulnerability disclosure policy.
The US government has been a frequent target of WikiLeaks, a nonprofit news organization that publishes private documents obtained from whistleblowers, leakers, and hackers. The organization first drew the ire of the United States in 2007 when the organization posted classified military documents. In subsequent years, WikiLeaks posted additional military documents, the personal emails of prominent politicians, and diplomatic cables as well as the private data of corporations and individuals.
During the 2016 presidential election, WikiLeaks published thousands of private emails from top Democratic officials as well as the campaigns of the candidates for the party's nomination. The emails' publication was met with speculation that the campaign of Republican candidate Donald Trump or the Russian government may have colluded with WikiLeaks founder and spokesperson Julian Assange to help Trump's campaign and damage the integrity of US democracy. Following Trump's victory in the election, evidence surfaced that Trump advisor Roger Stone and the president's son Donald Trump Jr. had both been in contact with WikiLeaks during the campaign. Additional evidence surfaced that tied the hacker behind the email leak to Russian intelligence. The online activities of both Russian intelligence and the Trump campaign have come under intense scrutiny and led to government investigations in how social media may have been manipulated to spread misinformation, provide access to private voter information, and sow discord among American voters.
Harassment, Predation, and Child Pornography
The Internet also has become a venue for sexual crimes, invasions of privacy, and personal attacks. Cyberstalking is the use of the Internet, smartphones, or other electronic devices to harass or intimidate someone. The stalker uses search engines, discussion boards, chat rooms, and social networking sites to find victims. The stalker then obsessively tracks and makes comments about the victim, trying to induce fear and provoke an emotional response. The stalker may obtain enough personal information to be able to stalk the victim physically. Online harassment can also involve the publishing of the victim's personal information to enable others to stalk and harass them in real life. Such users are members of a larger online culture, commonly referred to as trolls, known for a shared desire to disrupt online communities, which sometimes leads to illegal activity that threatens the safety of other users. In a 2014 article published in Personality and Individual Differences, psychologists noted distinctions in the motivations behind trolling and cyberstalking. While cyberstalkers appear to be driven by a desire to do harm to the victim, trolls appear to act on a desire to have fun by causing trouble. Additionally, these researchers found that cyberstalking is more likely than trolling to involve offline harassment of the victim.
The Internet has become one of the most common venues for the distribution of child pornography. According to the US Department of Justice (DOJ), the trafficking of child porn in the United States had been nearly eradicated by the mid-1980s. Computers and technologyhave made the production and distribution of child porn inexpensive and easier to conceal from law enforcement. As a result, pedophiles and others can anonymously gain access to child porn through websites, e-mail, chat rooms, instant messaging, newsgroups, bulletin boards, and other electronic technologies. According to the DOJ, the Internet has greatly increased the availability, accessibility, and volume of child pornography. The uptick led the DOJ's Child and Exploitation and Obscenity Section to establish its High Technology Investigative Unit in 2002 to address cybercrimes committed against children. Sexual predators also use Internet chat rooms and other networking sites to find victims. In 2017 the Internet Watch Foundation (IWF), which works toward the removal of online media featuring child abuse and exploitation, confirmed over 78,000 separate web addresses hosting, advertising, or linking to content involving child abuse. According to the IWF, nearly one-fifth of these web addresses were located in the United States, making the United States second behind the Netherlands in terms of hosting such content.
How to Ensure Prevention From Cyber Attacks
Analysts recommend that computer users educate themselves about cybercrime to prevent themselves from becoming victims. Users should not open emails from unrecognized sources. They should know that websites offering extravagant claims are likely to be fraudulent, and they should not respond to ads for such sites. Users should keep up with the latest updates and patches for their computers, choose nonobvious passwords and keep them secret, and use up-to-date security software. It also is important for users to keep track of their banking and credit card statements, so they can spot any fraudulent activity and report it quickly. Because so many websites ask users for personal information, people should be careful to review the privacy policies of these sites before they sign up as members. Many organizations reserve the right to sell mailing lists or otherwise use personal information for profit.