What is Cybercrime?
When one thinks about cyber-crime, re-runs of the movie Hackers (for some of us at least) comes to mind. Young, good-looking, intellectually gifted geniuses who hack into sophisticated systems around the world for fun – or as is more believable - for boatloads of cash.
It’s a seemingly mysterious world where lawless, alternative people fashion a lifestyle of excess and a disregard for the law – and monopoly capital. At least, that’s what we are all led to believe. Hooded figures in dark basements, waging war “against the man” inciting crime and extortion to all those that buy into their beliefs.
Or instead, we imagine a disgruntled (and often former) employee hacking into their erstwhile employer’s database to sell confidential company info to the masses or to extort vast sums of money from the unsuspecting (and ill-prepared) CEO to not distribute to global online users to “use at will”.
But the truth is, both and conversely none of the above examples are true. Today’s hacker is no longer the offbeat “hooligan” portrayed in Hollywood but instead are surprisingly organised, well-equipped teams armed with the latest tech. They are advanced University graduates with degrees galore and they should not be underestimated.
According to the article Ransomware in 2022: We're all screwed our picture of disgruntled hooligans has been completely debunked -
“Over the past few years, we've seen ransomware operators evolve from disorganized splinter groups and individuals to highly sophisticated operations, with separate teams collaborating to target everything from SMBs to software supply chains.“
As such like (as always) attracts like and with that well-run, sophisticated operations are formed whose sole purpose is the extortion of individuals and large corporates for money or to gain some other favour. Cybercriminals are dangerous. Make no mistake about that.
These operations of cybercriminals use ransomware to attack companies by compromising their networks (by installing file-encrypting malware across as many systems as possible). Victims of these cyber-attacks are locked out of files and servers and are unable to protect their private, confidential information from getting into the hands of those that can use it for their own inscrutable ends.
Ransom demands are often made (payment to be made – in many instances – in cryptocurrency) in exchange for the decryption key. In fear, most of these companies and/or individuals pay the ransom to get their data under their control once again. But the problem with this - over and above paying criminals – is the actual fueling of the raw criminal appeal of the ransomware industry. Because it’s done at a distance, and no one gets physically (at least in most cases) harmed. Almost like a hands-off, keeping their hands clean kind of way.
Cyberattacks are increasing
And as the years tick on by, there has been a notable increase in cyber-crime. Things are getting worse. Just a few months back, credit reporting agency TransUnion South Africa was hacked by a Brazilian hacking group known as "N4ughtysecTU", who had claimed that they had downloaded 4TB of data, accessing 54 million personal records of South Africans during the cyberattack. N4ughtysecTU had according to Businesstech demanded a $15 million (R225 million) ransom over the personal records that were hacked. As a result, the Information Regulator indicated that TransUnion could be fined up to R10-million.
eNCA in March 2022 reported the following -
"Responsible parties including TransUnion are supposed to comply with those conditions. Failure which could result with the regulator investigating the security compromise which can result in a fine of up to R10-million or imprisonment of up to 10 years or compilation of both in terms of section 1/7 of the Protection of Personal Information Act”.
And it doesn’t end with TransUnion, in August 2022, 30 million users of the online streaming platform Plex were affected by a cybercrime attack. Again, in September 2022 one of the biggest data breaches of all time in the education industry occurred. The Los Angeles Unified School District (LAUSD) was attacked by a Russian criminal group, Vice Society, over Labor Day weekend. The attack affected over 1000 schools and 600,000 students in the second-largest school district in the United States (read more on UpGuard).
Cyberattacks are serious and are – by the looks of things - picking up pace.
And law firms are no exception. Law firms hold a large amount of client data and are for this very reason, being targeted by cyber-criminals. Law firms are required to secure and store their client’s data properly, ensuring that it is safe from prying eyes. In a way, law firms are kind of easy targets because there is so much to lose if their systems get hacked.
Is it because we are using AI more frequently?
In a report by Gartner, the short answer is yes -
“By 2025, the consumerization of AI-enabled fraud will fundamentally change enterprise attack surface driving more outsourcing of enterprise trust and focus on security education and awareness”.
And this means – quite simply – that the more we use AI, the more we rely on technology - the faster cyber-crime will rise. In fact, in the Forbes article Cybersecurity Trends & Statistics For 2023; What You Need To Know -
Cyber-crime is growing exponentially. According to Cybersecurity Ventures, the cost of cybercrime is predicted to hit $8 trillion in 2023 and will grow to $10.5 trillion by 2025.
AI and ML (machine learning) can be important tools for cyber-defense, they can also be a two-edged sword. While it can be used to rapidly identify threat anomalies and enhance cyber defense capabilities, it can also be used by threat actors. Adversarial Nations and criminal hackers are already using AI and MI as tools to find and exploit vulnerabilities in threat detection models.
Cyber criminals are already using AI and machine learning tools to attack and explore victims’ networks. Small business, organizations, and especially healthcare institutions who cannot afford significant investments in defensive emerging cybersecurity tech such as AI are the most vulnerable. Extortion by hackers using ransomware and demanding payment by cryptocurrencies may become and more persistent and evolving threat”.
What is a cybercriminal? And how do they attack?
According to ScienceDirect, a cybercriminal is -
“a person who conducts some form of illegal activity using computers or other digital technology such as the Internet. The criminal may use computer expertise, knowledge of human behavior, and a variety of tools and services to achieve his or her goal”.
And they “attack” according to the article Cybercriminals: Who are they and what do they do? by -
- Cross site scripting (XSS) - an attacker injects malicious executable scripts into the code of a trusted application or website (malicious links are sent to a user who is then enticed to click it).
- Cross-site request forgery (also known as CSRF) - a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform.
- Social engineering attacks that trick users into allowing administrative access, and
- Phishing attacks where cybercriminals send you an official-looking email purporting to be from one of the sites or apps you might use. In the email they will ask you to click on a link or reply to it with a certain piece of sensitive information. These emails are usually sent out in large quantities, targeting as many people as possible.
- Using malware - malicious software designed to harm or exploit any programmable device, service, or network to extract data that can be leveraged for financial gain. Examples include Trojan Horses, Viruses, Worms, and Spyware.
- Using ransomware - a form of malware that encrypts a victim's files allowing the cyber-criminal to demand a ransom from the victim to restore access to the data upon payment.
Protecting yourself is – according to AJS –
“a two-prong process that starts with developing a strong information governance program to prevent an attack from succeeding and having the right threat intelligence and tech in place to prevent cybersecurity attacks….
it is advisable to work together with a reputable data centre, such as Teraco Data Environments together with a reliable software provider, such as AJS”.
That said, we have two Acts which govern cyber-crime and the protection of data in South Africa. The first is the Protection of Personal Information Act No 4 of 2013 and the Cybercrimes Act 19 of 2020. We will be discussing both and how they pertain to Cybercrime in Part II of our article.
In the meantime, if you have any questions on the information we have set out above or have a personal issue which you want to discuss with us, please don’t hesitate to contact us at NVDB Attorneys. We are a law firm that considers honesty to be core to our business. We are a law firm that will provide you with clear advice and smart strategies - always keeping your best interests at heart!