Difference between revisions of "Cybercrime"
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 13: | Line 13: | ||
==Apakah Cybercrime - dan apa resikonya?== | ==Apakah Cybercrime - dan apa resikonya?== | ||
| − | + | Mari kita lihat lebih dekat tentang cara kerja penjahat cyber - dan risiko jatuh korban pada aktivitas mereka: | |
| − | + | ===Dukungan pada Spammer== | |
| − | + | ||
| − | + | Trojan proxy-servers – and multipurpose Trojan viruses that function as proxy servers – can attack and infect multiple computers, in order to establish a ‘zombie network’. The cybercriminal then has control over every computer within the zombie network and can use their combined computing power for the mass distribution of spam email. | |
| − | + | ||
| − | + | ||
| − | + | ===Distributed Network Attacks / DDoS=== | |
| − | Ransomware & Cyber Blackmail | + | |
| − | Evolving Virus Delivery Methods | + | Distributed Network Attacks are often referred to as Distributed Denial of Service (DDoS) attacks. This type of attack takes advantage of the specific capacity limits that apply to any network resources – such as the infrastructure that enables a company’s website. The DDoS attack will send multiple requests to the attacked web resource – with the aim of exceeding the website’s capacity to handle multiple requests… and prevent the website from functioning correctly. |
| − | Targeted Computer Virus Attacks | + | |
| + | Typical targets for DDoS attacks include: | ||
| + | |||
| + | Internet shopping sites | ||
| + | Online casinos | ||
| + | Any business or organisation that depends on providing online services | ||
| + | |||
| + | |||
| + | ===Botnet=== | ||
| + | |||
| + | The word Botnet is formed from the words ‘robot’ and ‘network’. Cybercriminals use special Trojan viruses to breach the security of several users’ computers, take control of each computer and organise all of the infected machines into a network of ‘bots’ that the criminal can remotely manage. | ||
| + | |||
| + | Often, the cybercriminal will seek to infect and control thousands, tens of thousands or even millions of computers – so that the cybercriminal can act as the master of a large ‘zombie network’ – or ‘bot-network’ – that is capable of delivering a Distributed Denial of Service (DDoS) attack, a large-scale spam campaign or other types of cyberattack. | ||
| + | |||
| + | In some cases, cybercriminals will establish a large network of zombie machines and then sell access to the zombie network to other criminals – either on a rental basis or as an outright sale. Spammers may rent or buy a network in order to operate a large-scale spam campaign. | ||
| + | |||
| + | ===Premium-Charge Calls and Sending Paid SMS=== | ||
| + | |||
| + | All mobile devices are vulnerable to various threats. These threats continue to grow year over year and will continue to pose a major risk to mobile device users in the years to come. SMS attacks, in particular, pose a significant threat to all mobile users. | ||
| + | |||
| + | SMS attacks involve the creation and distribution of malware by cybercriminals designed to target a victim’s mobile device. These Trojan, in turn, are designed to make unauthorized calls or send unauthorized texts without the user’s knowledge or consent. These calls and texts are subsequently directed to chargeable SMS text services or premium-charge numbers operated by the cybercriminal, generating significant revenue streams for cybercriminal networks. | ||
| + | |||
| + | ===Stealing Electronic Currency=== | ||
| + | |||
| + | In addition to using Trojan viruses to steal money from personal and corporate bank accounts, cybercriminals are also creating and distributing Trojan spy programs that steal ‘online currency’ from users’ personal e-wallets – for example, from a user’s e-gold or WebMoney account. | ||
| + | |||
| + | These Trojan programs collect information on access codes / passwords for user accounts and then send the data to the criminal. Usually, the information is collected by searching and decoding files that store personal data about the account’s owner. | ||
| + | |||
| + | |||
| + | ===Stealing Online Banking Information=== | ||
| + | |||
| + | With the growth in popularity of online banking services, the theft of banking information has become one of the most common types of criminal activity on the Internet. In addition to stealing access codes for personal bank accounts – and corporate bank accounts – cybercriminals also steal the numbers of credit cards and other types of payment cards. | ||
| + | How banking information theft can impact you | ||
| + | |||
| + | Criminals use a number of techniques to gain access to banking information – and then steal funds: | ||
| + | |||
| + | Fake website windows | ||
| + | Trojan viruses can attack victims’ computers and display a dialogue window or image on each user’s computer. The window will mimic the appearance of the user’s bank’s website – and will ask the user to enter their username and password. | ||
| + | |||
| + | Spam and Phishing | ||
| + | Phishing emails may pretend to be from the victim’s bank – asking for confirmation of the victim’s username and password. To persuade the victim to enter their personal data, the emails often state that users that don’t enter the required information will have access to their account suspended. | ||
| + | |||
| + | Keylogger Trojans | ||
| + | These ‘keyboard spying’ programs will monitor activity on the victim’s computer and wait for the user to connect to an actual banking website. As soon as the user accesses a banking website – that is on the Trojan’s list of bank sites – the Trojan virus will start to capture the keystrokes that the user types on their keyboard. This enables the cybercriminal to steal data – including login, username and password – which then enables the criminal to access the user’s account… and transfer funds. | ||
| + | |||
| + | |||
| + | ===Ransomware & Cyber Blackmail=== | ||
| + | |||
| + | Ransomware Trojans are a type of cyberware that is designed to extort money from a victim. Often, Ransomware will demand a payment in order to undo changes that the Trojan virus has made to the victim’s computer. These changes can include: | ||
| + | |||
| + | Encrypting data that is stored on the victim’s disk – so the victim can no longer access the information | ||
| + | Blocking normal access to the victim’s system | ||
| + | |||
| + | How Ransomware gets onto a computer | ||
| + | |||
| + | The most common ways in which Ransomware Trojans are installed are: | ||
| + | |||
| + | Via phishing emails | ||
| + | As a result of visiting a website that contains a malicious program | ||
| + | |||
| + | After the Trojan has been installed, it will either encrypt information that’s stored on the victim’s computer or block the computer from running normally – while also leaving a ransom message that demands the payment of a fee, in order to decrypt the files or restore the system. In most cases, the ransom message will appear when the user restarts their computer after the infection has taken effect. | ||
| + | |||
| + | Ransomware methods – around the world | ||
| + | |||
| + | Across the world, Ransomware is increasing in popularity. However, the ransom messages and methods of extorting money may differ across different regions. For example: | ||
| + | |||
| + | Fake messages about unlicensed applications | ||
| + | In some countries, the Trojans often claim to have identified unlicensed software that is running on the victim's computer. The message then asks for payment. | ||
| + | |||
| + | False claims about illegal content | ||
| + | In nations where software piracy is less common, this approach is not as successful for the cybercriminal. Instead, the Ransomware popup message may pretend to be from a law enforcement agency and will claim to have found child pornography or other illegal content on the computer. The message will be accompanied by a demand to pay a fine. | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | ===Evolving Virus Delivery Methods=== | ||
| + | |||
| + | In order to commit a wide range of cybercrimes – including stealing banking details, generating revenues from premium-charge phone numbers or demanding ransom payments – cybercriminals have created and distributed network worms… many of which have caused Internet epidemics. | ||
| + | Computer virus mass attacks | ||
| + | |||
| + | Cybercriminals will vary their method of computer virus delivery, according to their objective. Often, the cybercriminal will aim to install Trojans on as many computers as possible, across the world. Past examples of such worms include: | ||
| + | |||
| + | Mydoom | ||
| + | Bagle | ||
| + | Warezov – mail worm | ||
| + | |||
| + | In some instances, instead of trying to spread computer virus infections across the maximum number of users, the cybercriminal may deliberately limit the number of computers that they infect. In this way, the criminals may avoid attracting too much publicity – and the attention of law enforcement agencies. | ||
| + | |||
| + | To achieve a limited number of infections, the criminal will choose not to use an uncontrolled network worm. Instead, they may use a website that they have infected with a Trojan. The criminal can monitor the number of visitors to the website and place a limit on the number of computers that the Trojan attacks. | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | ===Targeted Computer Virus Attacks=== | ||
| + | |||
| + | Unlike mass computer virus attacks – that aim to infect as many computers as possible – targeted attacks use a totally different approach. Instead, targeted attacks try to infect the network of a single targeted company or organisation – or apply a specially developed Trojan agent to a single server on the organisation’s network infrastructure. | ||
| + | Who’s being targeted? | ||
| + | |||
| + | Cybercriminals often target businesses that process or store information that can be exploited by the criminal for personal gain. Typical targets include: | ||
| + | |||
| + | Banks | ||
| + | Criminals will attack a bank’s servers or network, in order to access information and illegally transfer funds from customers’ bank accounts. | ||
| + | Billing companies – such as telephone companies | ||
| + | When a billing company is singled out for an attack, the criminals are generally looking to access customer accounts or steal valuable information – such as customer databases, financial information or technical data. | ||
==Bagaimana cara memproteksi diri dari Cybercrime== | ==Bagaimana cara memproteksi diri dari Cybercrime== | ||
Revision as of 06:53, 20 March 2018
Apakah Cybercrime?
Mungkin pembuat konten malware yang paling berbahaya adalah hacker dan kelompok hacker yang membuat program perangkat lunak berbahaya dalam upaya untuk memenuhi tujuan kriminal khusus mereka. Penjahat cyber ini menciptakan virus komputer dan program Trojan yang dapat:
- Mencuri password untuk akses akun bank.
- Mengiklankan produk / layanan di komputer korban.
- Penggunaan secara ilegal komputer korban untuk menjalankan
- Kampanye spam - Distributed Network Attack (juga dikenal sebagai DDoS attack) - Operasi Blackmailing
Apakah Cybercrime - dan apa resikonya?
Mari kita lihat lebih dekat tentang cara kerja penjahat cyber - dan risiko jatuh korban pada aktivitas mereka:
=Dukungan pada Spammer
Trojan proxy-servers – and multipurpose Trojan viruses that function as proxy servers – can attack and infect multiple computers, in order to establish a ‘zombie network’. The cybercriminal then has control over every computer within the zombie network and can use their combined computing power for the mass distribution of spam email.
Distributed Network Attacks / DDoS
Distributed Network Attacks are often referred to as Distributed Denial of Service (DDoS) attacks. This type of attack takes advantage of the specific capacity limits that apply to any network resources – such as the infrastructure that enables a company’s website. The DDoS attack will send multiple requests to the attacked web resource – with the aim of exceeding the website’s capacity to handle multiple requests… and prevent the website from functioning correctly.
Typical targets for DDoS attacks include:
Internet shopping sites Online casinos Any business or organisation that depends on providing online services
Botnet
The word Botnet is formed from the words ‘robot’ and ‘network’. Cybercriminals use special Trojan viruses to breach the security of several users’ computers, take control of each computer and organise all of the infected machines into a network of ‘bots’ that the criminal can remotely manage.
Often, the cybercriminal will seek to infect and control thousands, tens of thousands or even millions of computers – so that the cybercriminal can act as the master of a large ‘zombie network’ – or ‘bot-network’ – that is capable of delivering a Distributed Denial of Service (DDoS) attack, a large-scale spam campaign or other types of cyberattack.
In some cases, cybercriminals will establish a large network of zombie machines and then sell access to the zombie network to other criminals – either on a rental basis or as an outright sale. Spammers may rent or buy a network in order to operate a large-scale spam campaign.
Premium-Charge Calls and Sending Paid SMS
All mobile devices are vulnerable to various threats. These threats continue to grow year over year and will continue to pose a major risk to mobile device users in the years to come. SMS attacks, in particular, pose a significant threat to all mobile users.
SMS attacks involve the creation and distribution of malware by cybercriminals designed to target a victim’s mobile device. These Trojan, in turn, are designed to make unauthorized calls or send unauthorized texts without the user’s knowledge or consent. These calls and texts are subsequently directed to chargeable SMS text services or premium-charge numbers operated by the cybercriminal, generating significant revenue streams for cybercriminal networks.
Stealing Electronic Currency
In addition to using Trojan viruses to steal money from personal and corporate bank accounts, cybercriminals are also creating and distributing Trojan spy programs that steal ‘online currency’ from users’ personal e-wallets – for example, from a user’s e-gold or WebMoney account.
These Trojan programs collect information on access codes / passwords for user accounts and then send the data to the criminal. Usually, the information is collected by searching and decoding files that store personal data about the account’s owner.
Stealing Online Banking Information
With the growth in popularity of online banking services, the theft of banking information has become one of the most common types of criminal activity on the Internet. In addition to stealing access codes for personal bank accounts – and corporate bank accounts – cybercriminals also steal the numbers of credit cards and other types of payment cards. How banking information theft can impact you
Criminals use a number of techniques to gain access to banking information – and then steal funds:
Fake website windows Trojan viruses can attack victims’ computers and display a dialogue window or image on each user’s computer. The window will mimic the appearance of the user’s bank’s website – and will ask the user to enter their username and password.
Spam and Phishing Phishing emails may pretend to be from the victim’s bank – asking for confirmation of the victim’s username and password. To persuade the victim to enter their personal data, the emails often state that users that don’t enter the required information will have access to their account suspended.
Keylogger Trojans These ‘keyboard spying’ programs will monitor activity on the victim’s computer and wait for the user to connect to an actual banking website. As soon as the user accesses a banking website – that is on the Trojan’s list of bank sites – the Trojan virus will start to capture the keystrokes that the user types on their keyboard. This enables the cybercriminal to steal data – including login, username and password – which then enables the criminal to access the user’s account… and transfer funds.
Ransomware & Cyber Blackmail
Ransomware Trojans are a type of cyberware that is designed to extort money from a victim. Often, Ransomware will demand a payment in order to undo changes that the Trojan virus has made to the victim’s computer. These changes can include:
Encrypting data that is stored on the victim’s disk – so the victim can no longer access the information Blocking normal access to the victim’s system
How Ransomware gets onto a computer
The most common ways in which Ransomware Trojans are installed are:
Via phishing emails As a result of visiting a website that contains a malicious program
After the Trojan has been installed, it will either encrypt information that’s stored on the victim’s computer or block the computer from running normally – while also leaving a ransom message that demands the payment of a fee, in order to decrypt the files or restore the system. In most cases, the ransom message will appear when the user restarts their computer after the infection has taken effect.
Ransomware methods – around the world
Across the world, Ransomware is increasing in popularity. However, the ransom messages and methods of extorting money may differ across different regions. For example:
Fake messages about unlicensed applications In some countries, the Trojans often claim to have identified unlicensed software that is running on the victim's computer. The message then asks for payment.
False claims about illegal content In nations where software piracy is less common, this approach is not as successful for the cybercriminal. Instead, the Ransomware popup message may pretend to be from a law enforcement agency and will claim to have found child pornography or other illegal content on the computer. The message will be accompanied by a demand to pay a fine.
Evolving Virus Delivery Methods
In order to commit a wide range of cybercrimes – including stealing banking details, generating revenues from premium-charge phone numbers or demanding ransom payments – cybercriminals have created and distributed network worms… many of which have caused Internet epidemics. Computer virus mass attacks
Cybercriminals will vary their method of computer virus delivery, according to their objective. Often, the cybercriminal will aim to install Trojans on as many computers as possible, across the world. Past examples of such worms include:
Mydoom Bagle Warezov – mail worm
In some instances, instead of trying to spread computer virus infections across the maximum number of users, the cybercriminal may deliberately limit the number of computers that they infect. In this way, the criminals may avoid attracting too much publicity – and the attention of law enforcement agencies.
To achieve a limited number of infections, the criminal will choose not to use an uncontrolled network worm. Instead, they may use a website that they have infected with a Trojan. The criminal can monitor the number of visitors to the website and place a limit on the number of computers that the Trojan attacks.
Targeted Computer Virus Attacks
Unlike mass computer virus attacks – that aim to infect as many computers as possible – targeted attacks use a totally different approach. Instead, targeted attacks try to infect the network of a single targeted company or organisation – or apply a specially developed Trojan agent to a single server on the organisation’s network infrastructure. Who’s being targeted?
Cybercriminals often target businesses that process or store information that can be exploited by the criminal for personal gain. Typical targets include:
Banks Criminals will attack a bank’s servers or network, in order to access information and illegally transfer funds from customers’ bank accounts. Billing companies – such as telephone companies When a billing company is singled out for an attack, the criminals are generally looking to access customer accounts or steal valuable information – such as customer databases, financial information or technical data.
Bagaimana cara memproteksi diri dari Cybercrime
With cybercriminals using so many techniques to attack users’ computers and data, multi-layer defences are a necessity. Anti-malware solutions that combine signature-based detection, heuristic analysis and cloud-assisted technologies can do more to defend your devices and data against new, sophisticated threats.
Kaspersky Lab is recognised for its world-class, multi-layer anti-malware products that can protect a range of computers and devices against cybercrime, including:
Windows PCs Linux computers Apple Macs Smartphones Tablets