Cybercrime: Difference between revisions
Appearance
Line 18: | Line 18: | ||
# FIN11, a financially motivated threat group, was responsible for widespread phishing campaigns and extortion operations. | # FIN11, a financially motivated threat group, was responsible for widespread phishing campaigns and extortion operations. | ||
# The median dwell time dropped as threat actors capitalized on pandemic-related shifts in work/home life. | # The median dwell time dropped as threat actors capitalized on pandemic-related shifts in work/home life. | ||
# UNC2452, an uncategorized state-sponsored group, engaged in a broad espionage campaign after injecting a backdoor dynamic-link library (DLL) into the [[SolarWinds]] Orion process. # 63% of attackers used techniques outlined in the [https://attack.mitre.org/ MITRE ATT&CK framework], and 5% of intrusions used over 1/3 of MAF techniques. | # UNC2452, an uncategorized state-sponsored group, engaged in a broad espionage campaign after injecting a backdoor dynamic-link library (DLL) into the [[SolarWinds]] Orion process. | ||
# 63% of attackers used techniques outlined in the [https://attack.mitre.org/ MITRE ATT&CK framework], and 5% of intrusions used over 1/3 of MAF techniques. | |||
# Threat actors exploited vulnerabilities in the infrastructure supporting work at home. | # Threat actors exploited vulnerabilities in the infrastructure supporting work at home. | ||
Revision as of 20:32, 21 July 2021
Cybercrime is the use of electronic communication for criminal activities.[1] The concept of cybercrime depends upon the purpose of the term. Cybercrime almost always encompasses acts against the confidentiality, integrity, and availability of computer data or systems. More broadly, the term refers to computer/content-related acts for personal or financial gain or harm.[2]
2021 Cybercrime Reports
Current trends in cybercrime revolve around how the COVID-19 pandemic has shaped everyday work/home life and highlighted the importance of cyber networks in maintaining critical infrastructure.
- Business Email Compromise, as a high-return investment with low cost and risk;
- Phishing, using COVID-19 jargon and misinformation to deceive unsuspecting victims;
- Ransomware, to target medical centers and public institutions, expecting a better success rate due to the pandemic;
- E-commerce Data Interception, undermining trust in online payment systems.
- Malware-as-a-Service, are reaching non-technical threat actors and requiring minimal investment;
- Cyberscams, because of the pandemic, more people are conducting transactions and working from home online; and
- Cryptojacking, as the value of cryptocurrencies increases.
- Mandiant's M-Trends 2021 Report[4]
- 59% of the security incidents investigated by Mandiant last year were initially detected internally by the organizations themselves (12% better than in 2019).
- Ransomware has evolved and now employs various extortion tactics.
- FIN11, a financially motivated threat group, was responsible for widespread phishing campaigns and extortion operations.
- The median dwell time dropped as threat actors capitalized on pandemic-related shifts in work/home life.
- UNC2452, an uncategorized state-sponsored group, engaged in a broad espionage campaign after injecting a backdoor dynamic-link library (DLL) into the SolarWinds Orion process.
- 63% of attackers used techniques outlined in the MITRE ATT&CK framework, and 5% of intrusions used over 1/3 of MAF techniques.
- Threat actors exploited vulnerabilities in the infrastructure supporting work at home.
Organizations
FBI | Focus Areas |
---|---|
Advance Fee Schemes | |
Business Email Compromise | |
Business Fraud | |
Charity and Disaster Fraud | |
Counterfeit Prescription Drugs | |
Credit Card Fraud | |
Elder Fraud | |
Election Crimes and Security | |
Fraudulent Cosmetics and “Anti-Aging” Products | |
Funeral and Cemetery Fraud | |
Health Care Fraud | |
Identity Theft | |
Illegal Sports Betting | |
Internet Auction Fraud | |
Internet Fraud | |
Investment Fraud | |
Letter of Credit Fraud | |
Market Manipulation (“Pump and Dump”) Fraud | |
Money Mules | |
Nigerian Letter or “419” Fraud | |
Online Vehicle Sale Fraud | |
Ponzi Schemes | |
Prime Bank Note Fraud | |
Pyramid Schemes | |
Ransomware | |
Redemption/Strawman/Bond Fraud | |
Reverse Mortgage Scams | |
Romance Scams | |
Sextortion |
The following IGOs, NGOs, and U.S. government agencies are key opponents of global cybercrime.[5][6]
Organization | Focus Areas |
---|---|
EC Action Against Cybercrime | capacity buidling for compliance with Budapest Convention |
INTERPOL | transnational information sharing |
ITU | harmonization of technical standards |
UNODC | thematic reports on transnational crimes; |
database of trans/national legislation and case law on cybercrime | |
APWG | industry association combats phishing and Email Spoofing; |
data standards and model response systems and protocols | |
Spamhaus | provides real time, actionable threat intelligence to |
network operators, corporations, and Cybersecurity vendors | |
eNASCO | child safety online |
INHOPE | combating child pornography |
IWF | combating child sexual abuse |
The Rand Corporation | credible research |
CCIPS | prosecuting computer and IP crimes |
ECTF | investigating identify theft, network intrusions; |
Business Email Compromise (BEC), and ransomware | |
C3 | technical support for cross-border crime |
IC3 | cybercrime complaints |
References
- ↑ Loader, Brian D., and Douglas Thomas, eds. Cybercrime: Security and surveillance in the information age. Routledge, 2013.
- ↑ Comprehensive Study on Cybercrime, UNODC, 2013
- ↑ INTERPOL ASEAN Desk
- ↑ Executive Summary, 2021 M-Trends Report
- ↑ International and Foreign Cyberspace Law Research Guide
- ↑ Common Online Scams, FBI