CYBERCRIME

MASTERMIND

The evolving world of cybercrime (the problem) and cybersecurity (the solution) is overflowing with acronyms, jargon and seemingly conflicting definitions

Our training and events introduce you to the UK's authoritative cybercrime terminology with credible references and resources

Authoritative and Credible Sources

All your information is based on our three decades of specialist experience, combined with official information from the horse's mouth.

What Exactly Is The Horse's Mouth?

According to the Cambridge Dictionary (http://dictionary.cambridge.org/):
 

(straight) from the horse's mouth

If you hear something (straight) from the horse's mouth, you hear it from the person who has direct personal knowledge of it.

Who Are Your Horses?

We'll show you where to go for up-to-date official and credible information, so you can remain confident you know how to locate the right information when you need it:

 

Crown Prosecution Service
The Crown Prosecution Service (CPS) prosecutes criminal cases that have been investigated by the police and other investigative organisations in England and Wales. 

Website: www.cps.gov.uk


National Crime Agency 
Organised crime is one of the greatest threats to the UK's national security. The National Crime Agency's (NCA) role is to protect the public by disrupting and bringing to justice those serious and organised criminals who present the highest risk to the UK. 
Website: www.nationalcrimeagency.gov.uk 

         
National Cyber Security Centre

The National Cyber Security Centre (NCSC) was set up to help protect the UK's critical services from cyber attacks, manage major incidents, and improve the underlying security of the UK Internet through technological improvement and advice to citizens and organisations. NCSC's vision is to help make the UK the safest place to live and do business online.
Website: www. ncsc.gov.uk

Official cyber security and legal guidance comes straight from the HMG websites available under the

Open Government Licence for Public Sector information

What is 'CyberCrime'?

Cybercrime is an umbrella term for criminality which involves the use or exploitation of computers or computer networks. It encompasses both 'cyber-dependent' and 'cyber-enabled' crimes

Source: www.cps.gov.uk

 

The term cybercrime refers to any type of criminal activity conducted through, or using, an Information and Communications Technology (ICT) device.

Cybercriminal activities and aims include:

  • Committing sexual offences e.g. grooming or viewing and sharing indecent images

  • Controlling or disrupting computer systems

  • Stealing money, goods, information or data

The internet is also used by gangs for online trading e.g:

  • Drugs

  • Firearms

  • Indecent images of children

 

Cybercrime can take place in conjunction with a variety of related criminal activity, and cyber techniques have proliferated to the more traditional criminal community, for example, urban gang members buying compromised data online.

What are 'Cyber-Dependent Crimes'?

Cyber-dependent crimes are crimes that can be committed only through the use of Information and Communications Technology (ICT) devices, where the devices are both the tool for committing the crime, and the target of the crime (e.g. developing and propagating malware for financial gain, hacking to steal, damage, distort or destroy data and/or network or activity).

 

What Is Hacking?

Hacking is a form of intrusion targeted at computers, including mobile phones and personal tablet devices.

It is the unauthorised use of, or access into, computers or networks by exploiting identified security vulnerabilities.

Hacking can be used to:

  • gather personal data or information of use to criminals;

  • deface websites; or

  • launch DoS or DDoS attacks

In many cases, the offender may be motivated by personal profit or financial gain.

Cybercriminals may use a number of methods to hack into a computer system or network.

In many cases, the offender may be motivated by personal profit or financial gain.

Prosecutors will therefore need to consider the impacts associated with the primary offending behaviour as well as any subsequent offending.

For larger organisations, the financial losses may be very significant, or may have severe impacts on infrastructure, which also need to be taken into account.

What Is A Hacker?

In mainstream use as someone with some computer skills who uses them to break into computers, systems and networks.    

Source: www.ncsc.gov.uk

Denial Of Service

 

Denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet

Distributed Denial Of Service

 

Distributed denial-of-service (DDoS) is where the attack source is more than one, and often thousands of, unique IP addresses. A common method is to flood an internet server with so many requests that they are unable to respond quickly enough. This can overload servers causing them to freeze or crash, making websites and web-based services unavailable to users.

Disruption of Computer Functionality

 

Malware (malicious software) spreads between computers and interferes with computer operations.

 

Malware may be destructive, for example, deleting files or causing system crashes, but may also be used to steal personal data.

Prosecutors need to be aware that some programmes have a dual use. They have a legitimate function but can also be used for criminal purposes. 

MALWARE

 types of malware include:

Cybercriminals may use a number of methods to hack into a computer system or network.

In many cases, the offender may be motivated by personal profit or financial gain.

Prosecutors will therefore need to consider the impacts associated with the primary offending behaviour as well as any subsequent offending.

For larger organisations, the financial losses may be very significant, or may have severe impacts on infrastructure, which also need to be taken into account.

Viruses

  • one of the most well-known types of malware.

  • can cause mild computer dysfunction, but can also have more severe effects in terms of damaging or deleting hardware, software or files.

  • viruses are self-replicating programs, which spread within and between computers.

  • require a host (such as a file) in a computer to act as a carrier, but they cannot infect a computer without human action to run or open the infected file.

Worms

  • Worms are also self-replicating programs, but they can spread autonomously, within and between computers, without requiring a host or any human action.

  • The impact of worms can therefore be more severe than viruses, causing destruction across whole networks.

  • Worms can also be used to drop Trojans onto the network system.

Trojans

Trojans are malicious computer programs that present themselves as useful, routine, or interesting in order to persuade a victim to install it.
 

This malware can perform functions, such as stealing data, without the user's knowledge and may trick users by undertaking a routine task while actually undertaking hidden, unauthorised actions.

Spyware

Spyware is software that invades users' privacy by gathering sensitive or personal information from infected systems and monitoring the websites visited.

This information may then be transmitted to third parties.

Spyware can sometimes be hidden within adware (free and sometimes unwanted software that requires you to watch advertisements in order to use it).

 

One example of spyware is key-logging software which captures and forwards keystrokes made on a computer, enabling collection of sensitive data such as passwords or bank account details.

Ransomware

Ransomware is software that can hold your data hostage, for example, a trojan may copy the contents of the My Documents folder into a password-protected file and delete the original file. It will then send a message demanding payment in exchange for access to the folder.

According the the NCSC, ransomware has been used in multiple high-profile cyber crime incidents such as the Wannacry incident that impacted the NHS in May 2017.

Ransomware is a growing class of malware and comes in two types: 

  • ransomware that encrypts your files 

  • ransomware that locks your screen 
     

Some ransomware will also act like a worm e.g. WannaCry and once inside a network, will spread laterally to other machines without interaction by the attacker or the infected user.

What are 'Cyber-Enabled Crimes'?

Cyber-enabled crimes are ‘traditional' crimes such as fraud or indecent image offences which are committed using digital technology. These are crimes which do not depend on computers or networks but have been transformed in scale or form by the use of the internet and communications technology.

 

Categories of Cyber-Enabled Crime

Child sexual offences and indecent images of children

Extreme pornography, obscene publications and prohibited images

Cybercriminals may use a number of methods to hack into a computer system or network.

In many cases, the offender may be motivated by personal profit or financial gain.

Prosecutors will therefore need to consider the impacts associated with the primary offending behaviour as well as any subsequent offending.

For larger organisations, the financial losses may be very significant, or may have severe impacts on infrastructure, which also need to be taken into account.

Economic Related Crime

Economic related cybercrimes include unauthorised access, sabotage or use of computer systems with the intention to cause financial gain to the perpetrator or financial loss to the victim.

Economic related crimes involve computer fraud or forgery, hacking to steal personal or valuable data for commercial gain or the distribution of viruses.

Victims may not report these crimes if, for example, they feel that the issue is trivial or do not actually recognise that what has happened to them is in fact a crime.

Victims may not report these crimes if, for example, they feel that the issue is trivial or do not actually recognise that what has happened to them is in fact a crime.

Businesses may not report for the same reasons, or for fear of reputational damage, or may choose to deal with such issues internally.

What is 'Social Media'?

“Social media” commonly refers to the use of electronic devices to create, share or exchange information, ideas, pictures and videos with others via virtual communities and network.

 

Social Media Offences

TROLLING

Trolling is a form of baiting online which involves sending abusive and hurtful comments across all social media platforms.

Trolling can be prosecuted under:

  • the Malicious Communication Act 1988 and

  • the Communications Act 2003

ONLINE THREATS

Online threats could take many forms including threats to kill, harm or to commit an offence against a person, group of people or organisation

ONLINE HARASSMENT

Online harassment can include repeated attempts to impose unwanted communications or contact in a manner that could be expected to cause distress or fear. 

REVENGE PORN

Disclosure of private sexual images without consent – so called “revenge porn” is a broad term covering a range of activity. 

This offence usually involves an ex-partner, uploading intimate sexual images of the victim to the internet, to cause the victim humiliation or embarrassment.

 

It is a criminal offence to re-tweet or forward without consent, a private sexual photograph or film, if the purpose was to cause distress to the individual depicted. 

VIRTUAL MOBBING

Virtual mobbing takes place when a number of individuals use social media or messaging to make comments to or about another individual, usually because they are opposed to that person's opinions.

 

The volume of messages may amount to a campaign of harassment.

Grooming

Grooming refers to the actions of an individual who builds an emotional connection with a child to gain their trust for the purposes of sexual abuse or sexual exploitation.

Stalking Online

Grooming refers to the actions of an individual who builds an emotional connection with a child to gain their trust for the purposes of sexual abuse or sexual exploitation.

Copyright © Lockcode Limited 2020

Registered in England 2004

Company No. 05078345

CCS_2935_Supplier_AW_300dpi.jpg