Disclaimer: cybercrime is one of the most murky and secretive forms of crime.
The really clever cybercriminals try to keep their crimes undetectable.
Aside from a couple of specific examples I will be largely talking in general terms, both
about the types of people that pose a threat to your online security and also the types of threat.
One of the keys to defending yourself against any threat is
knowing who is posing the threat and what they are after. For example, if you
have a safe you put your valuables in it because you know that’s what a potential
burglar would be targeting.
I’m going to start by setting out a few general categories
of cybercriminal, then we’ll look at motives and which threats apply to each
The threat to your online safety that is posed by individual cybercriminals.
The threat from individuals varies by activity and motive but even an individual
can be an extremely dangerous in terms of the damage they can do. Gary McKinnon
was a British hacker who hacked the US Department of Defense in his personal
quest to learn more about UFOs.
While hackers like McKinnon would be
harmless to you and me, his story shows that a talented individual could gain
access to organizations that should have mind-boggling levels of security
without even being in the same country. The McKinnon case became a cause
celebre a few years ago because the US wanted him extradited and facing decades
in prison for a relatively minor offence under UK law at the time.
Other individuals who could be a threat
include “bored teenagers” who are trying to hack something just because it’s there
and “white hat" hackers who will attempt to hack an organization without
malicious intent for a reward, such as a job offer or even out of altruism. Imagine you're a
company that gets hacked by a white-hat hacker. They've done you an enormous favour by
highlighting your security weaknesses without damaging your business.
There will also be more sinister individuals, perhaps they already know you personally and wish to do you harm.
Do not assume that an individual is less of a threat to you, just because he is only one person. As
Gary McKinnon demonstrated, an individual can hack an extremely well protected organization.
The threat to your online safety that is posed by "hacktivist" groups
If you’ve seen the television show Mr Robot, you’ll be familiar with the idea of a small network of programmers and
hackers that commits cybercrime for its own political ends. This may be to
damage a large company or organization the group deems unethical. The most famous real
life “hacktivist” group is currently Anonymous
who have been targeting
various Russian websites, broadcasters and banks since the invasion of Ukraine.
For most of us, hacktivists will not be a direct enemy. However they will have learned their trade
somewhere, perhaps starting off as the "bored teenager" individuals I mentioned in the previous
section. On occasions innocent individuals might be collateral damage in a larger operation,
for example if your account is hacked to facilitate an attack on the hacktivists' target.
One theoretical example might be if you worked for an oil company or a pharmaceutical
company that the hacktivists disliked for ideological reasons. The hacktivists could steal your passwords
or infect your computer as a gateway to their real enemy.
The threat to your online safety that is posed by
terrorists and crime syndicates
If you’re wondering where terrorists get
their funding from, some of it is the result of ill-gotten gains through
cybercrime. This can include email fraud or ransomware. Terrorist groups also
carry out cyberattacks on targets like hactkivists do and for similar reasons.
The threat to your online safety that is posed by
Warfare is becoming increasingly sophisticated
and technological, so nation states are devoting ever greater resources to cyberwarfare.
Denial of Service attacks have also been carried out on organisations such as the
NHS and the BBC. Following a dispute over their description of
the Russian Invasion of Ukraine as “an Invasion”, Wikipedia briefly went
offline in March 2022, presumably as the result of a Russian cyberattack. Many
denial of service attacks have been carried out by nation states such as Russia,
China and North Korea. Indeed, Ukraine suffered a spate of cyberattacks at the
start of the 2022 invasion. North Korea also initiated a Denial of Service
attack against a Hollywood studio after it released a film which was
uncomplimentary about their leader Kim Jong-Un.
It’s not difficult to imagine the damage a
Denial of Service attack could achieve if successful, for example if it
crippled a country’s defence systems, even for a short time. Western countries
have started fighting back in kind and a huge cyberattack that massively put back Iran’s
nuclear ambitions was believed to have been carried out by Israel.
It is reasonable to assume that the USA and
UK have similar capabilities.
What your enemies are doing to endanger your online safety
Individuals are likely to be stealing your passwords
as a means to steal your money or your identity. Think about information a
hacker would require to set up a bank account or credit card in your name. Full
name, date of birth, address and a few security questions, perhaps some PDFs of
a recent utility bill or bank statement. Organised criminals may have the same
objectives. Hacktivists, and nation states might be trying to hack you as a
means of getting into a larger system. The NHS Attack in 2017 was believed to
have resulted from individual accounts being hacked, as well as the NHS using
laughably old Operating System.
LESSONS TO BE LEARNED:
Don’t get sloppy with your passwords, keep your computer up to date with
regarding operating system and security patches. If anything makes you
suspicious, act quickly. Change your password ASAP if you think it might have
Scam Emails While one country in particular is notorious for
email scams it is by no means the only culprit. Scam emails may come from
individuals or criminal organisations wanting money or, occasionally, a way to
gain access to your email accounts as part of a bigger operation. It’s
reasonable to assume the larger blackmail attempts, where you are expected to
pay in Bitcoin, are primarily the doing of organised criminals and terrorist
groups. Besides Nigeria, other West African countries such as Burkina Faso are
often the source as is Russia.
LESSONS TO BE LEARNED: Know
what signs to look out for. Poor spelling and grammar is often a giveaway as
many of the scammers do not speak English as a first language. In my Email
Masterclass, we’ll go through the big telltale signs of scam emails and have interactive
exercises where you can practice spotting the scams.
Individuals may be doing this, for example a single person could
write and deploy a keylogger which is designed to steal all your passwords. The
ultimate aim of this would be to steal your money or identity. Hacktivists, and
nation states may instigate a Denial of Service attack to damage an enemy’s
systems, for example banking, infrastructure or defence. Ransomware is motivated
by the desire for money and written by criminal groups or a greedy individual.
LESSONS TO BE LEARNED:
your anti-virus software up to date and run scans regularly. Be careful what
you download, especially from an untrusted source. Be careful what links you
are visiting, make sure you are actually going where you think you are going.
and tracking. If a company can track you by placing cookies on a website,
so can a malicious actor. Many years ago I had a hacker who kept putting a file
on one of my websites. I would delete it, he would keep putting it back.
Eventually I was able to lock the hacker out but this file could in theory have
been a virus, a redirect or a tracking cookie. One obvious motivation for
tracking a victim’s online behaviour would be for the purposes of identity
theft. Using tracking cookies, a criminal could build up a picture of what
banks you use, what your social media profile is like and what interests you
have. This would enable the criminal to create a fake profile impersonating you
or to establish what stealable assets you have.
LESSONS TO BE LEARNED: Don’t
be afraid to tighten up your non-essential cookies and if you do come across
any strange files on your device, google the filenames to establish what these
are for. This is not an exact science, there will be plenty of oddly named
files that you do need. But err on the side of caution and be very alert to
your computer behaving oddly.
Media. There are a number of reasons cybercriminals might wish to gain
access to your social media accounts. It may be part of an attempt to
impersonate you, or a stalker seeking to gain access to you or one of your
Facebook friends, it might be part of a clever scam to gain access the answers to
your security questions. The perpetrators might be motivated by money or have
far more unpleasant intentions. Your enemies on social media could be
individuals or organised criminals. Some may be complete strangers, others may be
people know you personally.
LESSONS TO BE LEARNED: Social media
truly has huge potential for causing bad things to happen, and that’s why I run
a special course on this subject. Be very careful about what information you
reveal publicly. Say you have 250 Facebook friends, how many of them do you
know REALLY well and trust completely. I have come across some really horrible
stories relating to safety on social media. As a general rule, be careful about
checking in, tagging and posting photos – especially of children. Get into the
habit of restricting access to your posts, by creating groups of your friends.
I will talk about this and the ways criminals can exploit you in great detail
on the Social Media Masterclass.
Some overall conclusions about the risks to your online security
Whether you are thinking about protecting yourself, your
family or a small business you need to be aware that there is a wide variety of
threats coming from a wide variety of directions. You may not have crossed
Vladimir Putin personally, however you still might have problems accessing your
bank one day because of him. One occasions you may be seen simply as a weak
point to be exploited to gain access to a much bigger system . In 2017 The
North Koreans instigated a cyberattack on the NHS costing £92m.
The attack worked by gaining access to individual staff
accounts, and the problem was made worse because the NHS software was seriously
out of date.
Whether you are the prime target of a cybercrime or merely a
pawn in a bigger game you need to be aware of the predators who may wish to do