What is the difference between cyber crime and traditional crime?

27 Jun 2016

What is the difference between cyber crime and traditional crime?

Simply put, cyber crime is a crime committed using the means of technology and the internet.

Although we talk about cybercrime as a separate entity to traditional crime, it is carried out by the same types of criminals for the same type of reasons.

These hackers are professional thieves, criminal gangs, disgruntled employees, professional competition, activists, disillusioned youth and state adversaries. They have the same motivations as traditional criminals such as boredom and vandalism, ideological or political support, malice or revenge, monetary gain through extortion or sale of illegally obtained data, terrorism or notoriety and sensationalism.

The methods that cyber criminals use to gather data and perform an attack is comparable to physical ‘traditional’ crimes. For example, let’s compare how a criminal gang might go about breaking into a bank to steal money against how a cyber criminal gang might go about breaking into a computer network to steal data.

So apart from the use of technology what is the difference between cybercrime and traditional crime?

The Scale

 Attacks can be conducted on a scale not possible in the physical world. A traditional bank robber may only be able to hit one or two banks a week, a cyber-attack can target 100’s if not 1000’s of sites at once.

The Reach

Attacks can be performed from anywhere in the world; they can be performed anonymously and within jurisdictions where the consequences of those actions may not, or cannot, be addressed by the criminal justice system. Attackers are also able to extract far more data digitally than would ever be possible in the physical world. For example 1 gigabyte of data is approximately 4,500 paperback books. Think of how many gigabytes of data is held on a system, hackers can extract this within a matter of minutes. 

The Speed 

Attacks are conducted at machine speed; a criminal can write a piece of code that can target multiple sites in minutes.

Perception and Media Effect

 There is another part of the cyber threat to be considered, the public and media perception of cyber crime. When large financial institutions have been hacked the media has often wholly apportioned blame to the organisations rather than the criminals, this would not be the case in a physical bank robbery. 

What can you do?

In order to combat the threat of a cyber-attack, organisations need to have in place the appropriate security frameworks, education and training plans and technical controls appropriate to their business.

Security management frameworks can range from large all-encompassing standards like ISO 27001 to control based entry level standards like HM Government Cyber Essentials Scheme or industry-specific requirements like the Payment Card Industry Data Security Standard (PCI:DSS).  All security management frameworks are concerned with ensuring that businesses identify critical information assets and assess the threat and vulnerabilities to them and ensuring appropriate risk management procedures are in place.

These standards are tested and evaluated through a variety of methods that may include Vulnerability Assessments, Penetration Tests, Red Team Tests and Open Source Profiling alongside annual reassessment and certification.

A variety of proactive technological controls and tools can be put in place to help an organisation proactively defend against cyber-attacks and react quickly and effective in the event of an incident. Network security monitoring service like protective monitoring can help organisations detect, recovery and prevent security breaches. The breadth and depth of these solutions will depend on an organisation's size and risk appetite. A professional Information Security Consultant can assist and organisation in determining this.

Finally, and perhaps most importantly, organisations must ensure that appropriate education and training is provided to employees to ensure that they have the appropriate knowledge and skills to operate the tools, procedures and security frameworks.

For the latest PGI updates like our pages on LinkedIn – PGIPGI Cyber and Facebook – PGIPGI Cyber, you can also follow us on Twitter

Share this article

Contact us

Call us now to discuss your requirements with one of our consultants.

Contact us today

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Watch Video

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Watch Video

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Watch Video
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP