Types of cybercrime threats

Cybercrime threats encompass a wide array of illegal activities that leverage the Internet, networks, and digital technologies to commit crimes. Here’s a detailed breakdown of various cybercrime threats discussed in the context of the cybersecurity foundations course, supplemented by references where relevant:

1. Ransomware and Malware: These are types of malicious software designed to block access to a computer system until a sum of money is paid (ransomware) or to damage or disrupt systems (malware). Malware includes viruses, worms, Trojans, and spyware. Each has a unique way of infecting and damaging computers or networks. For instance, ransomware’s significant impact and frequency make it a standalone category in many threat reports, as highlighted by the European Union Agency for Cybersecurity.
2. Crypto-jacking: This involves unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.
3. Email Related Threats: This category includes phishing, spear-phishing, and other forms of social engineering attacks that typically start with an email intended to trick the recipient into revealing sensitive information or downloading malware.
4. Threats Against Data: These involve unauthorized access, data breaches, or data theft where sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so.
5. Threats Against Availability and Integrity: These include Distributed Denial of Service (DDoS) attacks which aim to shut down a network or service, making it inaccessible to its intended users. Integrity threats involve unauthorized alterations of data, not just stealing or locking it.
6. Disinformation and Misinformation: These threats involve the spread of false information with the intent to deceive (disinformation) or the spread of false information unknowingly (misinformation).
7. Non-Malicious Threats: These can include user error or unintentional actions that lead to security breaches or data loss.
8. Cyber Enabled Fraud: This involves using computers, networks, or other digital technologies to commit or facilitate the commission of fraud. This could involve hacking, the use of malware, or social engineering techniques to compromise or steal data which is then used to commit fraud.

The nuances of each of these threats can be explored in texts like “Cybersecurity and Cyberwar: What Everyone Needs to Know” by P.W. Singer and Allan Friedman, which provides a comprehensive overview of the challenges and strategies in cybersecurity, including detailed explanations of cyber threats.

Additionally, these threats are categorized based on whether they are ‘cyber-dependent’—crimes that can only be committed using computers, computer networks, or other forms of information communication technology, such as spreading viruses or conducting DDoS attacks—or ‘cyber-enabled’—traditional crimes which have been transformed in scale or form using digital technologies, such as fraud or theft.

Understanding these distinctions and the specifics of each threat is crucial for developing effective cybersecurity measures and policies. The discussion around these types of cybercrime is integral to grasping the broader implications of cybersecurity and the necessary defenses against these evolving threats.