Updated: Jan 6
Episode #2: What is a Cyber Criminal?
In this episode we dive into what it means to be a cyber criminal. How they attack, what they're after, and what can be done to prevent or recover from an attack.
Episode #2: What is a Cyber Criminal?
What is a Cyber Criminal?
A cyber criminal is an individual or group who uses the internet and computer systems to engage in illegal activities, such as stealing sensitive data or spreading malware. Cyber criminals may operate independently or as part of a larger organization, and they may use a variety of tactics, including phishing attacks, malware infections, and data breaches, to carry out their activities.
Cyber criminals may have a variety of motivations, including financial gain, political activism, or personal revenge. They may target individuals, businesses, governments, or other organizations, and they may use a range of methods to access sensitive information or disrupt systems.
Overall, cyber criminals are a significant threat to individuals, organizations, and society as a whole, and it is important to take steps to protect against their activities and to hold them accountable for their crimes.
Are there different types of Cyber Criminals?
Yes, there are different types of cyber criminals, and they may use different tactics and techniques to carry out their activities. Some common types of cyber criminals include:
Hacktivists: Hacktivists are individuals or groups who use their hacking skills to promote a political or social cause. They may engage in activities such as defacing websites or releasing sensitive data to draw attention to their cause.
State-sponsored hackers: State-sponsored hackers are individuals or groups who are sponsored by a government to conduct cyber espionage or other malicious activities. They may target other governments, businesses, or individuals to gather sensitive information or disrupt systems.
Cybercrime syndicates: Cybercrime syndicates are organized groups of cyber criminals who work together to carry out sophisticated cyber attacks. These attacks may be motivated by financial gain, and they may target businesses, governments, and other organizations.
Insiders: Insiders are individuals who have legitimate access to an organization's systems, but who use that access to carry out malicious activities. They may steal sensitive data or disrupt systems for personal gain or to cause harm to the organization.
Solo hackers: Solo hackers are individuals who operate independently and use their hacking skills to carry out cyber attacks. They may have a variety of motivations, such as financial gain or personal revenge, and they may target a range of organizations and individuals.
You mentioned that there are a range of different Cyber Criminals with different motivations. As an individual, what type of criminal may target me?
As an individual, you may be targeted by a variety of different cyber criminals, depending on your specific circumstances and the information that is available about you online. Some common types of cyber criminals who may target individuals include:
Hackers: Hackers may target individuals to access their personal information, such as login credentials or financial data, for financial gain or other purposes.
Scammers: Scammers may target individuals with fake offers or schemes in an attempt to trick them into divulging sensitive information or sending money.
Phishers: Phishers may send fraudulent emails or messages to individuals in an attempt to trick them into clicking on a malicious link or providing personal information.
Ransomware attackers: Ransomware attackers may target individuals or organizations by infecting their systems with malware that encrypts their data and demands a ransom payment in exchange for the decryption key.
Overall, it is important for individuals to be aware of the various types of cyber criminals and to take steps to protect themselves against these threats. This can include using strong passwords, being cautious about sharing personal information online, and being aware of the risks of clicking on links or downloading attachments from unknown sources.
It seems like these attacks focus on trying to obtain access. Are there an end-to-end process a Cyber Criminal will take as they target me?
Yes, the cyber attack chain refers to the end-to-end process of a cyber attack, from the initial compromise of a target's system to the final execution of the attack. Understanding the cyber attack chain can help individuals and organizations to better protect against these types of threats.
Here is an overview of the stages of the cyber attack chain:
Reconnaissance: The first stage of the cyber attack chain is reconnaissance, in which the attacker gathers information about the target. This may involve researching the target's public-facing websites and social media profiles, as well as using tools such as port scanners and vulnerability scanners to identify potential weaknesses in the target's systems.
Weaponization: In the weaponization stage, the attacker prepares the tools or payloads that will be used to compromise the target's systems. This may involve creating a malicious email or website, or writing code that will be used to exploit a vulnerability.
Delivery: In the delivery stage, the attacker sends the weaponized payload to the target. This may involve sending a phishing email, hosting a malicious website, or distributing infected software.
Exploitation: If the delivery is successful and the payload is activated, the exploitation stage begins. This is when the attacker takes advantage of a vulnerability in the target's systems in order to gain access or to execute malicious code.
Installation: In the installation stage, the attacker installs any additional tools or malware that will be used to maintain control over the compromised system. This may include malware such as ransomware or a remote access trojan (RAT).
Command and control: In the command and control stage, the attacker establishes a connection with the compromised system in order to control it remotely. This may involve using a network of compromised systems, known as a botnet, to coordinate attacks or to exfiltrate data.
Actions on objectives: The final step in the cyber attack chain is the execution of the cybercriminal's objectives. This may involve stealing sensitive data, disrupting business operations, or holding the target's systems ransom in exchange for payment.
What steps can I take to protect myself from various steps within a Cyber Criminals attack chain?
There are several steps that individuals and organizations can take to prevent a cyber attack at the final stage of the cyber attack chain include:
Implementing strong passwords and authentication protocols to prevent unauthorized access to systems and data.
Regularly patching vulnerabilities in software and systems in order to prevent attackers from exploiting these vulnerabilities.
Segmenting networks and implementing access controls to limit the spread of a cyber attack if it does occur.
Regularly backing up important data in case it is lost or stolen during a cyber attack.
Implementing incident response plans to ensure that an organization is prepared to respond to a cyber attack and minimize the damage caused.
By taking these steps, individuals and organizations can help to prevent a cyber attack at the final stage of the cyber attack chain and safeguard their systems and data from these threats.
What do you mean by 'Patch vulnerabilities'? I have a home PC and a cell phone, what should I do?
Patching vulnerabilities refers to the process of updating software or systems to fix security vulnerabilities that could be exploited by cyber criminals. Vulnerabilities are weaknesses in software or systems that could allow an attacker to gain unauthorized access or to perform other malicious actions.
As an individual, it is important to keep your home PC and cell phone up to date with the latest patches and updates to ensure that any known vulnerabilities are fixed. This can help protect you against cyber attacks and other online threats.
To patch vulnerabilities on your home PC and cell phone, you should:
Check for and install updates regularly: Most software and operating systems, including Windows, macOS, iOS, and Android, have built-in mechanisms for checking for and installing updates. It is important to check for and install updates regularly to ensure that your devices are up to date and secure.
Use a reputable security solution: A reputable security solution, such as antivirus software or a firewall, can help protect your devices against malware and other online threats. It is important to keep your security solution up to date to ensure that it can detect and block the latest threats.
Follow safe browsing practices: It is important to be cautious when browsing the internet and to avoid visiting unfamiliar or untrusted websites. Avoid clicking on links or downloading attachments from unknown sources, and be careful about sharing personal information online.
Overall, it is important to take steps to protect your home PC and cell phone from vulnerabilities and other cyber threats. By keeping your devices up to date, using a reputable security solution, and following safe browsing practices, you can help protect yourself and your personal information online.
How can I detect if a hacker has access to my PC or account?
There are several signs that a hacker may have access to your PC or account, including:
Unfamiliar programs or files: If you notice unfamiliar programs or files on your PC, it could be a sign that a hacker has installed malware or other unauthorized software on your device.
Unexpected behavior: If your PC or accounts exhibit unexpected behavior, such as running slower than usual or behaving in a way that you didn't expect, it could be a sign that a hacker has gained access to your device or accounts.
Unauthorized access: If you receive notifications that your accounts have been accessed from unfamiliar locations or devices, it could be a sign that a hacker has gained access to your accounts.
Unfamiliar or suspicious activity: If you notice unfamiliar or suspicious activity on your accounts, such as unfamiliar purchases or messages, it could be a sign that a hacker has gained access to your accounts.
If you suspect that a hacker may have access to your PC or accounts, it is important to take action to protect yourself and your personal information. This can include changing your passwords, enabling two-factor authentication, and running a security scan on your PC to detect and remove any malware or other unauthorized software.
How often do these hackers get caught and put in jail?
It is difficult to accurately estimate how often hackers are caught and put in jail, as many cyber attacks go undetected or unreported. Additionally, the process of investigating and prosecuting cyber crimes can be complex and time-consuming, and it may be challenging to identify and locate the perpetrators of these crimes.
That being said, law enforcement agencies around the world are working to investigate and prosecute cyber crimes, and there have been a number of high-profile cases in which hackers have been caught and put in jail. For example, in 2019, a British hacker was sentenced to 10 years in prison for his role in a series of cyber attacks that caused significant financial losses to businesses around the world. In another case, a group of Russian hackers was indicted by the US Department of Justice in 2018 for their role in a number of cyber attacks, including the 2017 ransomware attack known as "WannaCry."
Overall, it is important for law enforcement agencies to continue working to investigate and prosecute cyber crimes, and for individuals and organizations to take steps to protect themselves against these threats. This can include using strong passwords, keeping software and systems up to date, and following safe browsing practices.
You mentioned that attacks go unreported. What should I do if one of these phishing, ransomware or scammers tries to attack me?
If you are targeted by a phishing attack, ransomware attack, or other type of cyber attack, it is important to take action to protect yourself and your personal information. Here are some steps you can take:
Do not click on any links or download any attachments from unknown sources: If you receive an email or message from an unknown sender, do not click on any links or download any attachments that it contains. This can help prevent you from being infected with malware or from falling victim to a phishing attack.
Report the attack: If you receive a phishing email or message, report it to the appropriate authorities, such as your email provider or the company or organization that the message claims to be from. If you believe you have been the victim of a ransomware attack, report it to the appropriate authorities, such as your local law enforcement agency or your National Computer Emergency Response Team.
Change your passwords: If you believe that a hacker has gained access to one of your accounts, it is important to change your password as soon as possible. Use a unique, complex password for each of your accounts, and consider enabling two-factor authentication for added security.
Great talking to you as always! Before I go, can you come up with an original cyber security pun?
Sure! Here is an original cyber security pun:
Why did the computer get cold?
Because it left its Windows open.