The Impact of Cybercrime
What is cybercrime? Cybercrime is criminal activity that targets a computer, a computer network or a networked device or targets a person or specific group using these devices. Most cybercrime is committed by individuals or groups seeking to profit monetarily from their criminal acts. However, other acts committed in cyberspace such as bullying, harassment and threats are receiving increased attention and classification as criminal activity.
Some cybercriminals are well-organized and funded, using sophisticated technology. These criminals are typically seeking to profit directly or indirectly from their actions. Others are novices when it comes to technology, but skilled at using tools such as social media to attack victims.
What is the impact of cybercrime? According to statistics from the FBI Internet Crime Complaint Center, there were 791,790 complaints of cybercrime in the U.S. in 2020, up 69% over 2019 and the largest number since the center was created nearly 20 years ago. The estimated financial impact is $4.2 billion in losses. It is well-known that these statistics are understated because many incidents are underreported due to the embarrassment or desire to remain private on the part of the victims. This underreporting includes almost all online bullying and harassment which, while not necessarily financially damaging, may have a catastrophic impact on mental health and sense of well-being.
There are two broad types of cybercrime.
1. Crimes against property (computer / device as a target). This type of crime usually involves sophisticated criminals with advanced technology and skill sets aimed at disrupting the operations of organizations or obtaining data to be used for extortion purposes. These crimes include viruses, malware, denial-of-service (DoS) attacks, hacking, virus transmission, cyber and typo squatting, computer vandalism, copyright infringement, ransomware, and IPR violations.
2. Crimes against people (computer as a tool). These crimes will often rely on human weakness to “fall” for their attempts. They can also be delivered in a unidirectional manner toward a specific person or group. The perpetrators may have a profit motive but often the motive is a deeply personal, political, or ideological agenda. These crimes include thefts, scams, cyber harassment and stalking, bullying, extortion, distribution of child or other pornography, credit card fraud, human trafficking, spoofing, identity theft, and online libel or slander.
The U.S. Department of Justice recognizes a third category of cybercrime which is where a computer is used as an accessory to crime. An example of this is using a computer to store stolen data.
In 2020, the top three crimes reported to the FBI were phishing / password theft, non-payment / non-delivery scams and extortion. Additionally, there was a rise in the filing of fraudulent unemployment benefit claims using stolen identities, in no small part due to the impact of the coronavirus pandemic and the economic stimulus programs provided by the U.S. government.
Technology is a wonderful thing. It helps us stay connected, assists with everyday tasks such as shopping, and in general can make life easier. It does have downside. Every piece of technology used that connects to another device, to a network or to the internet provides an opening for cybercriminals to attack your assets, your reputation and perhaps your physical safety. Following are some generally accepted guidelines that you may consider to keep your risk of becoming a cybercrime victim to a minimum.
Hire a reputable information technology (IT) professional – preferably a company and not someone who does this work “on the side” – to set up new PC, mobile devices and networks both personal and business. Ask for the highest level of security possible, which is usually a combination of hardware and software, as well as policies.
Install or contract for an intrusion detection system or service.
Do not surf the internet as the administrator on a computer. If you purchase a computer and you are the only user, chances are you are the administrator. Go to the control panel; create a new profile; give it administrator access; and change your profile to regular user.
Consider a separate computer for critical business functions. If you have a family computer shared by other family members, do not use that computer for banking and other mission critical functions.
Install and maintain anti-virus and anti-malware software on any devices that will accept them.
If available, encrypt your devices’ data including backups, especially when storing data in the cloud.
Use a Virtual Private Network (VPN).
Use separate passwords for mission critical accounts, such as bank accounts, investment accounts, tax returns, iCloud accounts, LinkedIn, Facebook, or personal email.
Strong passwords need to be longer than twelve characters in length with capital and lower-case letters, numbers and a special symbol. Consider the passphrase approach (four to ten words) instead of password (usually one word with other characters).
Don't store your password in Internet browsers.
Use multifactor authentication where available.
Have a strong password for your smart phone; if you are using an Android, consider an intrusion security suite.
Don't trust online apps. Where you download apps from and how you use them plays a critical role in keeping your mobile phone secure. Only install apps from official stores such as Apple's App Store or Google Play for Android phones or tablets.
Track your phone. Make sure your device is password and fingerprint protected in case you lose it. Take a few minutes to enable phone tracking.
Don’t jailbreak or root your device.
On a daily basis, a little prevention may head off a potentially catastrophic cybersecurity breach. Consider making the following part of a regular routine.
Do not use public networks especially when accessing online banking or other accounts that require a password. Consider using a secure portable Wi-Fi device, including those with a USB connection. If you must use public networks, do not provide any sensitive information while online and delete your browsing history when offline. If you use your phone as a hotspot, ensure that connection is secure.
Turn off Bluetooth and Wi-Fi connections when you’re not using them, especially when in public places and traveling.
Think before you click on a link or open an email attachment from sources that you don’t recognize. Better to delete and have the sender email again than risk opening a malicious message.
Download and install all operating system updates and new versions of software that reside on your device as soon as they become available.
Use multifactor authentication on Facebook, LinkedIn, Outlook 365, Gmail, LogMeIn, VPNs and financial accounts.
Do not use Single Sign-on even if offered.
Back up your mission critical files on a daily basis. Portable storage is cheap and an easy way to back up. There are online services that will perform backups automatically, encrypting and storing your data for you.
Practice smart online banking. Monitor bank statements. Change passwords quarterly. Always use a secure connection when accessing accounts.
If you aren’t using a particular piece of software or an app, uninstall it.
Lock your mobile phone when not in use, preferably automatically.
Clear browsing history and cookies frequently from your computer and never store passwords on web sites.
Although it is a technology vulnerability and not necessarily a cybersecurity issue, we also recommend that you use RFID-blocking wallets to protect you from electronic pickpocketing, especially when traveling internationally. Electronic pickpocketing takes place when criminals use an RFID reader – often from a distance of several feet – to skim sensitive information from credit and debit cards.
Jaguar Executive Services
Always Safe! Always Vigilant!
John Sheetz, MSS, BBA, PPS
Executive Protection Specialist
Virginia Department of Criminal Justice Services – License # RE-1005993
Utah Department of Commerce – Armed Security License # 12345095-6302
The material and information contained in this document is for general information purposes only. You should not rely on this material or information as a representation or warranty ensuring protection from cybercriminals. We make no representations or warranties of any kind, express or implied about the completeness, accuracy, reliability, or availability with respect to the information provided or any third parties providing products or services mentioned herein. Any reliance you place on such material is at your own risk.
We have included links to other websites, which are provided for your convenience and information only and do not signify our endorsement. We take no responsibility for content on linked website(s) or for any loss/damage that may result from your use of them. You should exercise caution and review the privacy statements for the websites you visit.