CMP012-Lecture 2 -Cybercrimes
Cybercrime Overview
Definition: Cybercrime is a criminal activity that targets or uses computers, computer networks, or networked devices.
Skill Levels:
Some cybercriminals are organized and highly skilled.
Others may be novice hackers.
The Growth of Cybercrime
Rising Incidence: As internet and business network usage expands, cybercrime increases.
Vulnerability: Businesses are storing more data online, making them vulnerable to cyber criminals.
Statistics:
40% of internet users affected by cybercrime in 2022.
Estimated cost of cybercrime projected to reach $23 trillion annually by 2027.
Projection of Cybercrime Costs
Projected Growth: Costs of cybercrime are expected to skyrocket in coming years, with costs reaching:
2023: $20.74 trillion
2027: $23.82 trillion
Common Cybercrime Types
Types Include: A. Malware B. Social Engineering (Phishing, Vishing, Pretexting, Baiting) C. Spamming D. Pharming E. Prohibited/Illegal Content F. Cyberstalking
Malware
Definition: Malicious software designed to damage, disrupt, or steal information from data or networks.
Types of Malware:
Spyware: Gathers information about individuals or organizations covertly.
Adware: Generates revenue through advertisements displayed on the user interface.
Ransomware: Blocks access to data unless a ransom is paid, often in Bitcoin to ensure anonymity.
Trojan Horse: Misleads users about its intent.
Computer Worm: Self-replicating malware that spreads across networks.
Keystroke Logging: Records keyboard actions without user knowledge.
Computer Virus: Replicates itself by modifying other programs.
Can Malware Damage Hardware?: While malware is code and cannot physically damage hardware, it can create conditions for hardware damage (e.g., disabling fans).
Signs of Active Malware
Symptoms Include:
Slow computer performance
Increased internet traffic
Excessive popup ads
Browser redirects
Unknown app warnings
Strange social media posts
Browser homepage changes
Disabled system tools
Normal appearances masking issues.
Common Malware Examples
CovidLock (2020): Ransomware that encrypts Android data for ransom.
WannaCry (2017): Virus that takes over computers and cloud services.
ILOVEYOU (2000): Virus disguised as a harmless text file intended to steal passwords.
Social Engineering
Definition: Manipulating users to divulge confidential information or perform actions that compromise security.
Methods Used:
Phishing
Vishing (voice phishing)
Pretexting
Baiting
Phishing Example: Malicious emails masquerading as legitimate connections.
Social Engineering Techniques
Vishing: Urgent voice messages that compel victims to act quickly to protect themselves.
Pretexting: Creating a fabricated scenario to extract personal information.
Baiting: Offering something enticing in exchange for confidential data; can be digital (emails) or physical (USB drives).
Spamming
Definition: Unsolicited email sent in bulk, often for commercial purposes from infected networks (botnets).
Pharming
Definition: Redirecting users to fraudulent websites masquerading as legitimate sites for phishing.
Prohibited / Illegal Content
Definition: Content encouraging violence, criminal behavior, or dangerous actions.
Cyberstalking
Definition: The use of online means to stalk or harass individuals or groups.
Possible Threats in Cybercrime
Types of Cybercriminals Include:
Employees
Crackers (Black-hat hackers)
Terrorists
Reckless behavior by individuals on social media.
White-hat hackers (ethical hackers) identifying system weaknesses with permission.
Case Studies: Cyber Attacks in Saudi Arabia
Aramco Attack (2012): Virus hit 30,000 computers, aiming to disrupt oil production.
KSU Hacking: Database of users compromised and posted online.
Cybercrime Law in Saudi Arabia
Purpose: Aims to secure data exchange, user rights, public interest, and privacy.
Reporting Cybercrime in Saudi Arabia
Process:
Visit the Ministry of the Interior portal.
Select cybercrime report.
Fill in required information.
Receive reference number upon submission.