If you hold valuable information, there will always be criminals looking to steal it to exploit it for financial gain or competitive advantage. And Cybercrime itself is often misunderstood, with many believing it to mean the theft or fraudulent activity of financial data. However, cybercrime encompasses any information of value to an individual that a criminal can exploit for their own financial gain. Therefore, this can be customer data, intellectual property or personally identifiable information as well as financial data.
The beginnings of information security can be traced back to Julius Caesar in around 50BC and what is now called the Caesar cipher – a basic form of encryption that was used for military-related correspondence by the Roman statesman. Caesar's recognition of the value and confidentiality of his own information recognises that, even as far back as then, the need to keep certain information confidential was important.
The birth of cybercrime
Modern-day cybercrime was born with the Morris worm, one of the first computer viruses distributed via the internet in 1988, and its release would kickstart a trend that would spread like wildfire around the world in the next three decades. One of the first high-profile hacks came in 1985, when two journalists stumbled upon administration credentials for the UK's Prestel system. After obtaining the email address for Prince Philip of the British royal family, the pair were prosecuted, only to be acquitted due to cybercrime not being covered under UK legislation at that time. This led to the first instance of cybercrime legislation being introduced into law – the Computer Misuse Act 1990.
As the internet developed in the early 2000s, so did the idea of using it to make money. Email proved to be the key application that spawned a new method of cybercrime, which became known as spamming.
Some spammers made millions of pounds by promoting products through the use of unsolicited email. As anti-spam systems blacklisted their servers, spammers discovered they needed larger numbers of fresh computers to continue to deliver spam.
Inspired by the Morris worm, spammers discovered that by teaming up with malware writers they could use infected computers, or botnets, to send their email messages. This new business model continued to send out spam, all under the control of a single individual, circumnavigating anti-spam systems.
Denial of Service attacks
With the malware/spam revolution under way, innovative minds identified new criminal opportunities for botnets. In 2000, it was discovered that if many computers accessed a website at once, the spike in demand rendered the site temporarily unavailable. This early form of Denial of Service (DoS) was used to target websites such as CNN and eBay and caused more than £1bn ($1.55bn) in damages, disabling some websites for days at a time.
Towards the late 2000s, criminals found that personal information could be harvested from infected computers. Criminal specialists knew how to monetise this stolen information but didn't have the skills to write and distribute the malware, leading to the development of underground markets. Here, the individuals collecting the information could sell their services to those able to capitalise on the stolen data, thus allowing cybercrime to become easier, more profitable and more efficient.
Nation states also began to invest in the development of espionage via malware, and the era of the Advanced Persistent Threat (APT) was born. State-sponsored teams of hackers could take the time to invest in stealthy and persistent attacks against chosen targets and steal valuable information for geopolitical reasons or economic gain.
Crime as a service
We can currently see a 'crime as a service'-based criminal industry developing, with an increasing number of those operating in the virtual underground making products and services for use by other criminals. Ransomware is one example, and is created using spam emails to spread malware throughout a machine. After encrypting all personal files, the user is forced to pay a ransom to get their files back, with no guarantee that the files will be returned safely.
From Heartbleed to the infamous Sony hack of November 2014, cyberattacks are now daily news. And as technology continues to develop, we must remain aware of the lessons from the past and consider how new systems can expose us to crime in new ways.
The internet does not necessarily create new crimes – merely new opportunities for crimes to be carried out in a different medium. There are basic ways to protect your data, making it harder to obtain and less profitable to attackers. Ensuring that software is fully up to date and the hardware it runs on is kept current can help us remain resilient to all but the most determined criminals. Continuously monitoring and logging networks and systems to detect patterns and anomalies means that action can be taken before a cybercriminal has a chance to act.
However, this requires that individuals and companies have enough security expertise to be able to proactively and reactively respond to security threats when they are detected. Security-awareness training for staff helps keep people looking out for and recognising attacks; making sure that firewalls and web-application firewalls are in place and correctly configured, coupled with encrypting sensitive data, also help.
Cybercrime is constantly evolving, but so are the defences to counter it. It is up to all of us to ensure those defences are kept in place.
Martin Lee is intelligence manager at managed cloud-security company Alert Logic.