One only has to watch Mr. Robot to get a clue about cybercrime. Elliot's Fsociety is a group of hacktivists who cancel everyone's debt everywhere and chaos ensues. How real is this kind of threat? In the dark world of hacking and the sinister workings of internet fraud, it is a possibility. Right now. It's like the nothing of The Neverending Story; the nothing is coming and it will find you. Hackers like the Shadow Brokers, who first broke to the surface in 2016, are gunning for us all. They successfully stole from the National Security Agency (NSA) in 2013 and held onto the material for three years. The debate about who the Shadow Brokers are rages on. North Korea, Russia, China, a gang like Mr. Robot's—your guess is as good as anybody else's. WannaCry was a ransomware hack that hit like a tsunami especially in the UK. It shackled the National Health Service affecting emergency rooms and operating rooms throughout the country. Security experts found a flaw in the program and used it as a kill switch. They got a total of $139,000 in bitcoins, and it is believed the North Koreans were responsible. The massive extent of WannaCry was possible thanks to the Shadow Brokers, who leaked Windows flaws. Another ransomware attack was enabled by leaks from the Shadow Brokers. Known as Petya, NotPetya, and several other names, it infected the pharmaceutical giant Merck in this country, a Danish shipping company and a Russian oil company. The program had a flaw used to disable it. Investigators determined that these companies were merely a distraction to enable the hackers to hobble Ukraine. It succeeded; the airport, central bank, transit, and the power company were crippled. Kudos to the Shadow Brokers for that malfeasance.
Cybercrime Division at Ice
Vault 7 was an information dump by Wikileaks that entailed documents from the CIA. The documents included iOS and Android weak spots, spy information, bugs in Windows, CIA hacking techniques, and the secrets that will turn a smart TV into a listening device. It is nearly impossible to calculate how far reaching these hacks are because of two major issues. The first is that many hacks are impossible to find. The original data hackers are seeking remains behind, so victims may be unaware they've been breached. The second issue is that some organizations, companies, and government offices do not want the public or anyone else finding out they've been attacked. They fear lack of consumer trust in their security or product. Which begs the question of the cost of hacking. It just can't be calculated. How do you put a value on a social security number, or the designs for new products, or a nation's safety? John MacAfee put the cost at 1 trillion dollars a year, Symantec at 250 billion, but these guys sell computer security software, so those numbers are probably fear tactics to promote sales. Neither company can supply the supply information on exactly where their statistics come from.
Coming to a Computer Near You
Then there is Romania. Don't underestimate this sleepy Eastern European country. It is the home of Hackerville. While most of the culprits aren't true hackers, the town of Râmnicu Vâlcea is an entire community of internet criminals. American dollars have purchased new housing, nightclubs, upper echelon cars, and shopping centers. Their e-commerce malware has brought in tens of millions of dollars. No one knows how it started, but the town's two police officers have their hands full. Online crime became the town's bread and butter by 2002. Originally, cheap wifi at Cybercafés had the town's young people posting ads for merchandise on eBay and other sites. They lured marks into paying on wire services, the items were never sent, and eventually, the FBI got interested. But like all organized crime, it began to grow and evolve. Kids started using fake escrow services to assure victims they were on the up and up. The next stage of evolution was to find someone who spoke American English to construct emails from a serviceman overseas who wants to sell his car. Employing Romanians living here, they had wire payments sent within the states, lending greater authenticity to the transaction. Again, they adapted to include couriers from the US and Europe to collect funds and launder money. The money mules are called arrows. The business of internet crime is as insidious and complicated as a drug cartel. The piece de resistance that makes this town a hub of cybercrime is spear phishing. Contact is made through emails that seem to have been sent by the IRS or the Department of Justice or the FBI or some other heavy hitter that gets people's attention. Inside the email is a trojan horse that is able to get your account numbers, passwords, and other pertinent information.
What can be done to protect your business computers or ones at home? Keep your antivirus software up to date. ALWAYS turn your computer off when not using it. Update your computer every time you get a notice. Firewalls should be up at all times. Remember that major government departments are not going to contact you via email, so don't open them. If you don't have antispyware, get it and use it. This advice isn't much to offer, because, in spite of following it, you can still get hacked. Perhaps a sacrifice to the Cybergods...