Simply put, cyber crime is a crime committed using the means of technology and the internet.
Although we talk about cybercrime as a separate entity to traditional crime, it is carried out by the same types of criminals for the same type of reasons.
These hackers are professional thieves, criminal gangs, disgruntled employees, professional competition, activists, disillusioned youth and state adversaries. They have the same motivations as traditional criminals such as boredom and vandalism, ideological or political support, malice or revenge, monetary gain through extortion or sale of illegally obtained data, terrorism or notoriety and sensationalism.
The methods that cyber criminals use to gather data and perform an attack is comparable to physical ‘traditional’ crimes. For example, let’s compare how a criminal gang might go about breaking into a bank to steal money against how a cyber criminal gang might go about breaking into a computer network to steal data.
So apart from the use of technology what is the difference between cybercrime and traditional crime?
Attacks can be conducted on a scale not possible in the physical world. A traditional bank robber may only be able to hit one or two banks a week, a cyber-attack can target 100’s if not 1000’s of sites at once.
Attacks can be performed from anywhere in the world; they can be performed anonymously and within jurisdictions where the consequences of those actions may not, or cannot, be addressed by the criminal justice system. Attackers are also able to extract far more data digitally than would ever be possible in the physical world. For example 1 gigabyte of data is approximately 4,500 paperback books. Think of how many gigabytes of data is held on a system, hackers can extract this within a matter of minutes.
Attacks are conducted at machine speed; a criminal can write a piece of code that can target multiple sites in minutes.
Perception and Media Effect
There is another part of the cyber threat to be considered, the public and media perception of cyber crime. When large financial institutions have been hacked the media has often wholly apportioned blame to the organisations rather than the criminals, this would not be the case in a physical bank robbery.
What can you do?
In order to combat the threat of a cyber-attack, organisations need to have in place the appropriate security frameworks, education and training plans and technical controls appropriate to their business.
Security management frameworks can range from large all-encompassing standards like ISO 27001 to control based entry level standards like HM Government Cyber Essentials Scheme or industry-specific requirements like the Payment Card Industry Data Security Standard (PCI:DSS). All security management frameworks are concerned with ensuring that businesses identify critical information assets and assess the threat and vulnerabilities to them and ensuring appropriate risk management procedures are in place.
These standards are tested and evaluated through a variety of methods that may include Vulnerability Assessments, Penetration Tests, Red Team Tests and Open Source Profiling alongside annual reassessment and certification.
A variety of proactive technological controls and tools can be put in place to help an organisation proactively defend against cyber-attacks and react quickly and effective in the event of an incident. Network security monitoring service like protective monitoring can help organisations detect, recovery and prevent security breaches. The breadth and depth of these solutions will depend on an organisation's size and risk appetite. A professional Information Security Consultant can assist and organisation in determining this.
Finally, and perhaps most importantly, organisations must ensure that appropriate education and training is provided to employees to ensure that they have the appropriate knowledge and skills to operate the tools, procedures and security frameworks.