Cybercrime refers to the technology-driven crimes that involve computer network for gaining unauthorized access.
The term cybercrime is used to describe an unlawful activity in which computer or computing devices such as a smartphone, tablets Personal Digital Assistants (PDAs), etc. which are stand-alone or a part of a network are used as a tool or /and target of criminal activity. It is often committed by the people of destructive and criminal mindset either for revenge, greed or adventure.
Insider Attack
An attack on the network or the computer system by some person with authorized system access is known as an insider attack. It is generally performed by dissatisfied or unhappy inside employees or contractors. The motive of the insider attack could be revenge or greed. It is comparatively easy for an insider to perform a cyber attack as he is well aware of the policies, processes, IT architecture and weaknesses of the security system.
Moreover, the attacker has access to the network. Therefore it is comparatively easy for an insider attacker to steal sensitive information, crash the network, etc. In most of the cases, the reason for insider attack is when an employee is fired or assigned new roles in an organization and the role is not reflected in the IT policies. This opens a vulnerabilities window for the attacker. The insider attack could be prevented by planning and installing internal intrusion detection systems (IDS) in the organization.
External Attack
When the attacker is either hired by an insider or an external entity to the organization, it is known as external attack. The organization which is a victim of cyber attack not only faces financial loss but also the organization, so these attackers usually scan and gather information.
Based on the level of maturity of the attacker, cyber attacks can also be classified as – structured attacks and unstructured attacks. These are explained as follows ;
Unstructured Attacks
These attacks are generally performed by amateurs who don’t have any predefined motives to perform the Cyber attack. Usually, their amateurs try to test a tool readily available over the internet on the network of a random company.
Structured Attacks
These types of attacks are performed by highly skilled and experienced people and the motives of these attacks are clear in their mind. They have access to sophisticated tools and technologies to gain access to other networks without being noticed by their Intrusion Detection (IDSs). Moreover, these attackers have the necessary expertise to develop or modify the existing tools to satisfy their purpose.
Cyber crimes have turned out to be a low-investment, low-risk business with huge returns. Nowadays structured crimes have become highly organized.
There are some cybercriminals who offer on-demand service. The person, organization or a country may contact these cybercriminals for hacking an organization to gain access to some sensitive data or create a massive denial of services attack on their competitors.
Reasons for Commission of Cyber Crimes
There are many reasons which act as a catalyst in the growth of cybercrime.
Some of them are :
- Money: People are motivated towards committing cybercrime to make quick and easy money.
- Revenge: Some people try to take revenge with another person/organization/society/caste or religion by defaming its reputation or bringing economic or physical loss.
- Fun: The amateurs do cybercrime for fun. They just want to test the latest tool they have encountered.
- Recognition: It is considered to be pride if someone hacks the highly secured networks like defense sites or networks.
- Cyber Espionage: At times the government itself is involved in cyber trespassing to keep eye on other people/network /County. The reason could be political, economically or socially motivated.