Research notes on cyber crime

Cyber Security

Notes from Dark Web Fighting Cybercrime Full Hacking Documentary (dated April 2021) found on YouTube:

  • technology can do a lot of things for us, but greater vulnerability is also built in our everyday lives
  • the bad guys have to get it right just once.  We have to get it right all the time
  • it’s up to the attacker how deep they get into and how they decide to use your information
  • your devices can be turned into weapons (aka zombies) without you knowing it
  • the possibilities of types of cyber crime (or cybercrime) are endless
  • there are those who have been hacked and know it, and there are those who have been hacked but don’t know it yet (08:15)
  • 556 million people already fall victim of cyber crime each year
  • in 2020, 50 times more info is stored online, which means 50 times more opportunities for cybercriminals
  • law enforcement is difficult to stay apace since the technologies are advancing so quickly
  • when it comes to cybercrime, you need to make decisions quickly

History of the Internet

  • technology can do a lot of things for us, but greater vulnerability is also built in our everyday lives
  • the bad guys have to get it right just once.  We have to get it right all the time
  • the internet was born in America in the late 1960s.  It was called ARPANET, a small network of government computers sharing information from opposite sides of the country 
  • the internet became popular in the early 1980s

The first cyber crime

  • the first hackers were interested in exposing flaws
  • 1988 was the first time the internet was hacked by a college student named Robert Morris 
  • Morris Worm: a human made coding error that allowed the worm to replicate itself causing computers globally to be unusable 
  • by accident, the worm brought down 10% of the computers connected to the internet and cost $98 million to clean up
  • then cyber crime started to become a thing for it was almost risk free compared to robbing a branch of a bank or even an entire bank at once
  • in 2002, it was already significant when they had 12 victims of identify theft or 25 credit cards that were stolen with $70,000 of loss
  • in 2014, cyber crime cost the global economy $450 billion.  That number skyrocketed to #3 trillion just one year later (03:28)
  • ransomeware attacks: hackers  (04:27)

Modern cyber crime (04:01)

  • hackers work in well-funded and highly organized groups to steal information and sell it to make money 
  • 2017: criminals stole social security numbers, birth dates and more of 143 million Americans from just one major credit reporting agency 
  • ransomeware attacks: hackers take and encrypt data on a computer, then require the user to pay a ransom to unlock it (04:30)
  • Wannacry ransomware: asking businesses in 150 countries to pay $300 worth of Bitcoin within 3 days or the ransom will go up.  After 7 days the data will be completely destroyed 
  • the companies were no longer able to do business coz everything was encrypted
  • can be life threatening when hospitals have to turn patients away
  • in 2016, there were 4,000+ ransomware attacks on businesses in the U.S. every single day, which is 3x more than 2015 according to the FBI (35:00)

Internet of things (05:50)

  • your phone, door lock and even your fridge can go online.  It gives an opportunity for hackers to get in 
  • in 2015, there were 15 billion connected devices worldwide, i.e. 2 devices per person on the planet
  • the number is expected to go up to 80 billion in 2025
  • every company is rushing to get their products to the market first and security is not their priority 
  • cars that are internet enabled can be stopped on the highway 
  • webcams can be turned on for spying purposes
  • baby monitors allow criminals to speak to the children in their rooms
  • an internet enabled toilet in Japan has been hacked before

Zombie computers (07:10)

  • internet enabled devices in the U.S. that are taken over under a default password
  • use devices that are connected to the internet globally to inject a significant flow of traffic to pull down websites or block networks   

The dark web

  • 3 layers of the Internet:
    • clear web: anything you can find in the search engines
    • deep web: anything behind usernames and passwords
    • dark web: needs specialized software to access 
  • in the dark web, everything is sold in Bitcoin or other cryptocurrencies that secures the transaction so the transaction itself, the buyers and the sellers can all stay anonymous 
  • drug selling (09:48)
  • counterfeit money selling (10:03) 
  • fake IDs (10:10)
  • for bad guys to get services from other bad guys
  • there are ratings and products (10:40)
  • pastebin: a website to find people’s emails and passwords so you can find their social media presence for instance (11:50)
    • e.g. sending a dog mom a pet shop coupon and when she clicks on a link she will get infected with malware
    • even an unfunded and unmotivated attacker can do that in 5 minutes

Hacking tools (13:00)

  • business of selling these tools are booming
  • there are people for hire to do the job so you don’t need to know it to do it
  • they are successful because partner with each other

Tools to fight cyber crime

  • Artificial intelligence (AI) or cognitive computing: the ability of a computer or a machine to think and learn independently 
  • e.g. IBM’s Watson for cybersecurity can get pieces of the puzzle laid out (20:30 – 23:00)
  • Watson can read 700,000 blog articles and share what its learned as a user enters his search term (25:50)
  • when Google gives you 8.6 million results of a search term, AI gives only 25
  • Watson is an assistant to help process a large amount of digital information.  It doesn’t replace human.  Man and machine need to work together 
  • it requires human interventions to set rules to teach it meanings of terms in cybersecurity context
    • e.g. honeypot doesn’t really mean honeypot
    • when the word ransomware appears, it should be associated with malware
  • humans are teaching computers to be better 
  • it’s still up to the analyst to look at those pieces and see where they fit, how they fit, and whether they are a part of the same puzzle
  • they need to decide quickly whether it’s something they should focus on – is it a real threat or a false positive?

Hackers are highly organized (13:50)

  • not people sitting in a dark room in a hoodie
  • they work 9-5 and take the weekends off
  • they launch most of their attacks on Friday evenings before they had home for the weekend
  • it’s a business, an industry 
  • by estimate it’s a trillion of dollar a year business and rising
  • sometimes they have payrolls and employee benefits
  • but they don’t know each other in the organization 
  • an attacker in the Middle East can make it look like they are in Europe – he may have hacked into a computer in Europe and there may be multiple hops in between so it’s difficult to track

How to win a cyber war (11:37)

  • OODA loop (a miltary theory): observe, orient, decide, act
  • if you can do your OODA loop faster than your component, you have an enormous advantage 
  • when you are being attacked, figure out what is going on quickly and respond accurately

How to tell if an account has been hacked

Seeing these 3 things together is almost a guarantee that you, your device or your account has been compromised:

  • movement of your phone (logging in from London then China within 2 hours)
  • unusual access attempts on your account 
  • odd access to data, e.g. searching for data 4,000 times/day when you usually do only 40 times/day/day

Live stimulation

  • practice and rehearse and build your muscle memory so you know what to do when a cybersecurity incident actually happens
  • response to the breach is causing more damage than the breach did itself
  • people with military experience response incredibly well, then there are those with emergency medical experience
    • they are trained to make decisions quickly with limited information

Job opportunities

  • 2 million open unfilled cybersecurity jobs globally by 2020
  • the skillsets you need to learn by doing
  • some may not require a college degree at all
  • one of their best analyst is a mechanic who has a passion of fixing things and figuring out how things work (36:20)
  • not blue collar vs white collar, it is a new collar

How to protect your own data

  • update all of your software
  • change password regularly 
  • use complicated passwords
  • use different passwords for bank and social media
  • ensure your antivirus software is working properly 
  • if your computer is slowing down, you need to check it out 
  • use two-factor authentication to add another layer of security 
  • basic things can protect you from 90% of the threats
  • 10%: do not click on suspect links
  • the weakest link is always the human