Many types of crimes fall under the banner of “cybercrime.” But all cybercrimes share one common trait – they involve a computer to commit the offense. In my book Cybercrime: The Madness Behind the Methods, I endeavor to take a deep dive into the true nature of cybercrimes and take you, the reader, into the psychology and motivations of the cyber criminal.
I don’t think we can begin to combat hacking unless we understand how perpetrators of cybercrime work and what motivates them. With this in mind, the following five misconceptions aim to help us better understand the criminal, the victim and the cybercrime ecosystem. The bottom line is that cybercrime not going away and many people beyond the intended victim are affected. Technology alone is neither the sole cause nor the solution.
- Cybercrime originates from disadvantaged or “third-world” countries.
Cybercrime is one of the most highly organized crime syndicates ever to exist. In reality, the majority of the world’s hacks originate in developed countries such as China, Russia, the U.S., Taiwan, Romania and Hungary. Many players fulfill many roles, each for a profit exacted from victims. Tools are sold and methods are discussed on the Internet. Often programmers sell their tools with a money-back guarantee. Money has no conscience and does not care who earns it or how it is earned. No matter the country of origin, cyber criminals will always put their top-earning talents to work.
- Cybercrime is victimless because it is nonviolent.
Cybercrime may be perceived as victimless because it fits into the category of white-collar crime. White-collar crime is not trivial or victimless, as most white-collar criminals would have you believe. A single cybercrime effort can result in multiple victims. The original victim may have something stolen, data held for ransom or their identity used to fleece other organizations. One event can leave a single person dealing with an issue for years, but that event can also impact a person’s family, friends and co-workers who must deal with the issue and, of course, the taxpayers often take a hit.
- Cybercrime is committed by highly skilled and computer-savvy people.
People with only basic computer skills commit most cybercrime. These criminals use simple and proven methods, many of which have been around for a long time, and seek the easiest way into a computer system. The software and methods used are readily available on the Internet for free or at a minimum cost. Phishing attacks are an example of how easy it really is. Too many people, even if they are suspicious of an email, will open it to see what is inside and, worse yet, will click a link to see where it goes.
- Cybercrime requires a technically complex and sophisticated solution.
As noted earlier, actual cyberattacks are not technically complex and sophisticated. But the organized crime aspects of the criminal network itself are, by their very nature, complex and sophisticated because they are designed to avoid detection and prosecution while exploiting the fruits of the actual cybercrime. Think of cybercrime as akin to a business where the actual thief is just one of many along a seemingly traditional hierarchy. With the sky being the limit and very little risk required to start, many potential hackers experiment at entry-level just to test their moxie and give it a try.
- Victims of cybercrimes are usually made whole again.
The sad fact is that victims often spend years trying to resolve issues created by cybercrime and rarely see the return of stolen funds. The onus is on the victim to prove that they did not apply for that credit card or transfer funds from their accounts. Imagine discovering one day that your house has a second-mortgage loan on it for tens of thousands of dollars that you did not take out? And now the bank is foreclosing on your property because you did not make your loan payments. Cybercrime creates real victims dealing with long-lasting issues. But cybercrime is not always about money. Consider the fear and psychological trauma associated with cyber-stalking and cyber-bullying.
The views expressed here are the writer’s and are not necessarily endorsed by Homeland Security Today, which welcomes a broad range of viewpoints in support of securing our homeland. To submit a piece for consideration, email HSTodayMag@gtscoalition.com. Our editorial guidelines can be found here.