What is cybercrime?

Cybercrime is any criminal activity that involves a computer, networked device or a

network.

While most cybercrimes are carried out in order to generate profit for the
cybercriminals, some cybercrimes are carried out against computers or devices
directly to damage or disable them. Others use computers or networks to
spread malware, illegal information, images or other materials. Some cybercrimes do
both -- i.e., target computers to infect them with a computer virus, which is then
spread to other machines and, sometimes, entire networks.

A primary effect of cybercrime is financial. Cybercrime can include many different

types of profit-driven criminal activity, including ransomware attacks, email and
internet fraud, and identity fraud, as well as attempts to steal financial account, credit
card or other payment card information.

Cybercriminals may target an individual's private information or corporate data for

theft and resale. As many workers settle into remote work routines due to the
pandemic, cybercrimes are expected to grow in frequency in 2021, making it
especially important to protect backup data.

Defining cybercrime
The U.S. Department of Justice (DOJ) divides cybercrime into three categories:

1. crimes in which the computing device is the target -- for example, to gain network
access;

2. crimes in which the computer is used as a weapon -- for example, to launch

a denial-of-service (DoS) attack; and

3. crimes in which the computer is used as an accessory to a crime -- for example,

using a computer to store illegally obtained data.
The Council of Europe Convention on Cybercrime, to which the U.S. is a signatory,
defines cybercrime as a wide range of malicious activities, including the illegal
interception of data, system interferences that compromise network integrity and
availability, and copyright infringements.

The necessity of internet connectivity has enabled an increase in the volume and pace
of cybercrime activities because the criminal no longer needs to be physically present
when committing a crime. The internet's speed, convenience, anonymity and lack of
borders make computer-based variations of financial crimes -- such as ransomware,
fraud and money laundering, as well as crimes such as stalking and bullying -- easier
to carry out.

Cybercriminal activity may be carried out by individuals or groups with relatively

little technical skill, Or by highly organized global criminal groups that may include
skilled developers and others with relevant expertise. To further reduce the chances of
detection and prosecution, cybercriminals often choose to operate in countries with
weak or nonexistent cybercrime laws.

How cybercrime works

Cybercrime attacks can begin wherever there is digital data, opportunity and motive.
Cybercriminals include everyone from the lone user engaged in cyberbullying to
state-sponsored actors, like China's intelligence services.

Cybercrimes generally do not occur in a vacuum; they are, in many ways, distributed
in nature. That is, cybercriminals typically rely on other actors to complete the crime.
This is whether it's the creator of malware using the dark web to sell code, the
distributor of illegal pharmaceuticals using cryptocurrency brokers to hold virtual
money in escrow or state threat actors relying on technology subcontractors to steal
intellectual property (IP).
Cybercriminals use various attack vectors to carry out their cyberattacks and are
constantly seeking new methods and techniques for achieving their goals, while
avoiding detection and arrest.

Cybercriminals often carry out their activities using malware and other types of
software, but social engineering is often an important component for executing most
types of cybercrime. Phishing emails are another important component to many types
of cybercrime but especially so for targeted attacks, like business email compromise
(BEC), in which the attacker attempts to impersonate, via email, a business owner in
order to convince employees to pay out bogus invoices

Who are The Cybercriminals?

A cybercriminal is a person who uses his skills in technology to do malicious acts
and illegal activities known as cybercrimes. They can be individuals or teams.
 
Cybercriminals are widely available in what is called the “Dark Web” where they
mostly provide their illegal services or products.
 
Not every hacker is a cybercriminal because hacking itself is not considered a
crime as it can be used to reveal vulnerabilities to report and batch them which is
called a “white hat hacker”.
 
However, hacking is considered a cybercrime when it has a malicious purpose of
conducting any harmful activities and we call this one “black hat hacker” or a
cyber-criminal.
 
It is not necessary for cybercriminals to have any hacking skills as not all cyber
crimes include hacking.
 
Cybercriminals can be individuals who are trading in illegal online content or
scammers or even drug dealers. So here are some examples of
cybercriminals:
- Black hat hackers
- Cyberstalkers
- Cyber terrorists
- Scammers
 
Cybercriminals who conduct targeted attacks are better to be named Threat
Actors.
How do Cybercrimes happen?
Cybercriminals take advantage of security holes and vulnerabilities found in
systems and exploit them in order to take a foothold inside the targeted
environment.
 
The security holes can be a form of using weak authentication methods and
passwords, it can also happen for the lack of strict security models and policies.
Why are Cybercrimes Increasing?
The world is constantly developing new technologies, so now, it has a big
reliance on technology. Most smart devices are connected to the internet.  There
are benefits and there are also risks.
 
One of the risks is the big rise in the number of cybercrimes committed, there are
not enough security measures and operations to help protect these technologies.
 
Computer networks allow people in cyberspace to reach any connected part of
the world in seconds. 
 
Cybercrimes can have different laws and regulations from one country to
another, mentioning also that covering tracks is much easier when committing a
cybercrime rather than real crimes.
 
We are listing different below reasons for the big increase in cybercrimes:
- Vulnerable devices:
As we mentioned before, the lack of efficient security measures and solutions
introduces a wide range of vulnerable devices which is an easy target for
cybercriminals.
- Personal motivation:
Cybercriminals sometimes commit cybercrimes as a kind of revenge against
someone they hate or have any problem with.
- Financial motivation:
The most common motivation of cybercriminals and hacker groups, most attacks
nowadays are committed to profit from it.

Types of cybercrime
As mentioned above, there are many different types of cybercrime. Most
cybercrimes are carried out with the expectation of financial gain by the
attackers, though the ways cybercriminals aim to get paid can vary. Some
specific types of cybercrimes include the following:
 Cyberextortion:A crime involving an attack or threat of an attack coupled
with a demand for money to stop the attack. One form of cyberextortion is
the ransomware attack. Here, the attacker gains access to an
organization's systems and encrypts its documents and files -- anything of
potential value -- making the data inaccessible until a ransom is paid.
Usually, this is in some form of cryptocurrency, such as bitcoin.

 Cryptojacking:An attack that uses scripts to mine cryptocurrencies within

browsers without the user's consent. Cryptojacking attacks may involve
loading cryptocurrency mining software to the victim's system. However,
many attacks depend on JavaScript code that does in-browser mining if
the user's browser has a tab or window open on the malicious site. No
malware needs to be installed as loading the affected page executes the
in-browser mining code.

 Identity theft:An attack that occurs when an individual accesses a

computer to glean a user's personal information, which they then use to
steal that person's identity or access their valuable accounts, such as
banking and credit cards. Cybercriminals buy and sell identity information
on darknet markets, offering financial accounts, as well as other types of
accounts, like video streaming services, webmail, video and audio
streaming, online auctions and more. Personal health information is
another frequent target for identity thieves.

 Credit card fraud: An attack that occurs when hackers infiltrate retailers'
systems to get the credit card and/or banking information of their
customers. Stolen payment cards can be bought and sold in bulk on
darknet markets, where hacking groups that have stolen mass quantities of
credit cards profit by selling to lower-level cybercriminals who profit through
credit card fraud against individual accounts.

 Cyberespionage: A crime involving a cybercriminal who hacks into

systems or networks to gain access to confidential information held by a
government or other organization. Attacks may be motivated by profit or by
 ideology. Cyberespionage activities can include every type of cyberattack
to gather, modify or destroy data, as well as using network-connected
devices, like webcams or closed-circuit TV (CCTV) cameras, to spy on a
targeted individual or groups and monitoring communications, including
emails, text messages and instant messages.

 Software piracy: An attack that involves the unlawful copying, distribution

and use of software programs with the intention of commercial or personal
use. Trademark violations, copyright infringements and patent violations
are often associated with this type of cybercrime.

 Exit scam:The dark web, not surprisingly, has given rise to the digital
version of an old crime known as the exit scam. In today's form, dark web
administrators divert virtual currency held in marketplace escrow accounts
to their own accounts -- essentially, criminals stealing from other criminals.
. Cyber Bullying
It is also known as online or internet bullying. It includes sending or sharing
harmful and humiliating content about someone else which causes
embarrassment and can be a reason for the occurrence of psychological
problems. It became very common lately, especially among teenagers.
2. Cyber Stalking
Cyberstalking can be defined as unwanted persistent content from someone
targeting other individuals online with the aim of controlling and intimidating like
unwanted continued calls and messages.
3. Software Piracy
Software piracy is the illegal use or copy of paid software with violation of
copyrights or license restrictions.
 
An example of software piracy is when you download a fresh non-activated copy
of windows and use what is known as “Cracks” to obtain a valid license for
windows activation. This is considered software piracy. 
 
Not only software can be pirated but also music, movies, or pictures.
4. Social Media Frauds
The use of social media fake accounts to perform any kind of harmful activities
like impersonating other users or sending intimidating or threatening messages.
And one of the easiest and most common social media frauds is Email spam.
5. Online Drug Trafficking
With the big rise of cryptocurrency technology, it became easy to transfer money
in a secured private way and complete drug deals without drawing the attention
of law enforcement. This led to a rise in drug marketing on the internet.
 
Illegal drugs such as cocaine, heroin, or marijuana are commonly sold and
traded online, especially on what is known as the "Dark Web".
6. Electronic Money Laundering
Also known as transaction laundering. It is based on unknown companies or
online business that makes approvable payment methods and credit card
transactions but with incomplete or inconsistent payment information for buying
unknown products.
 
It is by far one of the most common and easy money laundering methods.
8. Cyber Extortion
Cyber extortion is the demand for money by cybercriminals to give back some
important data they've stolen or stop doing malicious activities such as denial of
service attacks.
9. Intellectual-property Infringements
It is the violation or breach of any protected intellectual-property rights such as
copyrights and industrial design.
9. Online Recruitment Fraud
One of the less common cybercrimes that are also growing to become more
popular is the fake job opportunities released by fake companies for the purpose
of obtaining a financial benefit from applicants or even making use of their
personal data.

Cyber Crimes Examples

- REvil and Kaseya Ransomware
REvil is a Russian or Russian-speaking hacking group and it is known as a
ransomware-as-a-service operation. The Kaseya incident took place in July -
2021. 
 
The incident happened when one of the Kaseya's company's products was
deploying the famous SODINOKIBI REvil ransomware to endpoints of Kaseya's
customer network that attack surface was over 1000 Kaseya's customers
worldwide.
 
A few hours later REvil took credit for the attack by posting on their Happy Blog
website on the dark web and demanded a $70 million ransom to release a public
decryptor that they claim can decrypt all the damaged devices.
 
The attack was so impactful that the United States government offered $10
million bounties to anyone that can give any information for arresting REvil
members.
 

 
Source
Yaroslav Vasinskyi, a 22 years Ukrainian, was charged with conducting the
attack and unleashing the ransomware against Kaseya and other companies.
- Stuxnet
The Stuxnet incident is a famous incident that happened in 2010. Stuxnet is the
name of a computer worm (type of malware) that targets SCADA (supervisory
control and data acquisition) systems.
 
Stuxnet malware left devastating damage to Iran’s nuclear power program. It was
spreading through USB drives and affected mainly Microsoft Windows operating
systems.
 
The malware functionality was to search for machines that are working as PLCs
(programmable logic controllers) and if it was found the malware updates its code
over the internet through the attackers.
- Marriott Hotels
In November 2018, Marriott hotels group suffered from a massive data breach
that affected more than 500 million customers. 
 
The compromise happened for the guest reservation database by an unknown
party. The information that was leaked contained payment information, mailing
addresses, passport numbers, and phone numbers for customers.
 
Marriott Group has immediately conducted incident investigations with a group of
security experts plus setting up a website and a call center. 
 
They also sent emails to the affected customers and gave them free access to
monitoring tools that monitor the internet and give an alert if any evidence of
sharing personal information is found.
- RockYou Data Breach
RockYou is a company that works in the game field and was founded in 2005 by
Lance Tokuda and Jia Shen. The company was working well until December
2009 when what is called “the biggest data breach of all time” happened.
 
The data breach exposed and leaked more than 32 million user account
information from RockYou database.
 
The company was storing passwords in an unencrypted plain text format which
made it easier for the hacker to have access to all passwords stored. The hacker
used a very old and popular SQL vulnerability to leak all data from the database.
 
After this major breach, the total set of passwords that were leaked became a
very helpful resource in penetration testing as hackers use this wordlist of
passwords to test the security and password strength of accounts and products.

Some of the more commonly seen cybercrime attacks include distributed DoS
(DDoS) attacks, which are often used to shut down systems and networks.
This type of attack uses a network's own communications protocol against it
by overwhelming its ability to respond to connection requests. DDoS attacks
are sometimes carried out simply for malicious reasons or as part of a
cyberextortion scheme, but they may also be used to distract the victim
organization from some other attack or exploit carried out at the same time.

The impact of cybercrime

The impacts of cybercrime can be devastating due to the high risk of data loss and
financial impact.
For individuals
Data breaches, identity theft, problems with devices: cybercrime can have a big
impact on individuals. You might find yourself dealing with suspicious charges on
your credit card as a result of identity theft, a ransomware attack demanding hundreds
or thousands in blackmail to release your files, or expensive fees in data or electricity
from cryptojacking or botnets. The costs can be worse than monetary when
cyberbullying, including sexual harassment, is plaguing you.
For businesses & governments
Businesses as well as healthcare organizations and governments can also suffer from
sensitive data loss, huge financial burdens, and brand damage. The average
ransomware attack against small and medium businesses in 2019 demanded $5,900 to
unblock their files or systems. Far worse, the downtime during these attacks cost the
affected businesses $141,000 on average. That’s to say nothing of ransomware attacks
on governments, such as the one that caused Jackson County, Georgia to pay
$400,000 to restore their IT systems and infrastructure.

Effects of cybercrime on businesses

The true cost of cybercrime is difficult to assess accurately. In 2018, McAfee released
a report on the economic impact of cybercrime that estimated the likely annual cost to
the global economy was nearly $600 billion, up from $45 billion in 2014.

While the financial losses due to cybercrime can be significant, businesses can also
suffer other disastrous consequences as a result of criminal cyberattacks, including the
following:

 Damage to investor perception after a security breach can cause a drop in the value
of a company.

 In addition to potential share price drops, businesses may also face increased costs
for borrowing and greater difficulty in raising more capital as a result of a
cyberattack.

 Loss of sensitive customer data can result in fines and penalties for companies that
have failed to protect their customers' data. Businesses may also be sued over the
data breach.

 Damaged brand identity and loss of reputation after a cyberattack undermine

customers' trust in a company and that company's ability to keep their financial
data safe. Following a cyberattack, firms not only lose current customers, but they
also lose the ability to gain new customers.
 Businesses may also incur direct costs from a criminal cyberattack, including
increased insurance premium costs and the cost of hiring cybersecurity companies
to do incident response and remediation, as well as public relations (PR) and other
services related to an attack.
Effects of cybercrime on national defense
Cybercrimes may have public health and national security implications, making
computer crime one of DOJ's top priorities. In the U.S., at the federal level, the
Federal Bureau of Investigation's (FBI) Cyber Division is the agency within DOJ that
is charged with combating cybercrime. The Department of Homeland Security (DHS)
sees strengthening the security and resilience of cyberspace as an important homeland
security mission. Agencies such as the U.S. Secret Service (USSS) and U.S.
Immigration and Customs Enforcement (ICE) have special divisions dedicated to
combating cybercrime.

USSS's Electronic Crimes Task Force (ECTF) investigates cases that involve
electronic crimes, particularly attacks on the nation's financial and critical
infrastructures. USSS also runs the National Computer Forensics Institute (NCFI),
which provides state and local law enforcement, judges and prosecutors with training
in computer forensics.

The Internet Crime Complaint Center (IC3), a partnership among the FBI, the
National White Collar Crime Center (NW3C) and the Bureau of Justice Assistance
(BJA), accepts online complaints from victims of internet crimes or interested third
parties.

How to Prevent Cyber Crimes?

Backup all data, system, and considerations

This enables data stored earlier to assist businesses in recovering from an unplanned
event.
Enforce concrete security and keep it up to date

Choose a firewall with features that protect against malicious hackers, malware, and
viruses. This enables businesses to identify and respond to threats more quickly. 

Never give out personal information to a stranger

They can use the information to commit fraud.

Check security settings to prevent cybercrime

A cyber firewall checks your network settings to see if anyone has logged into your
computer.

Using antivirus software

Using antivirus software helps to recognize any threat or malware before it infects the

computer system. Never use cracked software as it may impose the serious risk of data
loss or malware attack.

When visiting unauthorized websites, keep your

information secure

Using phishing websites, information can easily bypass the data.

Use virtual private networks (VPNs)

VPNs enable us to hide our IP addresses.

Ready to boost your network security? Learn how IPsec in Firewall can help.

Restriction on access to your most valuable data

Make a folder, if possible, so that no one can see confidential documents

Cyber crime in Pakistan

With the advent of 5G and 6G technologies, it is clear that the world is undergoing a
digital revolution. Information from one corner of the world can reach anywhere within
seconds.

However, as digitisation and automation have become continuous, there has been a
proportional increase in the number of cybercrimes. Cyber security ventures estimate
that, by 2025, cybercrime will cost the world a mammoth 10.5 trillion USD per annum.

Similar is the case in Pakistan; The News reported in 2021 that cybercrime in the
country has risen 83 percent in the last three years. DAWN also noted that the Federal
Investigation Agency (FIA) received more than 102,000 complaints related to
cybercrime.

As a result, Pakistani authorities have begun to take the required precautions to keep
people and their data safe online. The more individuals in our country rely on internet
services, the more vulnerable they are to digital crimes.

We’ll study several types of cybercriminal actions and cybercrime legislation in Pakistan
in this blog. In addition, we’ll learn more about the step-by-step process for reporting
cybercrime in Pakistan.

Electronic Transactions Ordinance (ETO) 2002

The Electronic Transactions Ordinance (ETO), which was enacted in 2002, was the first
IT-related legislation. It was an important first step in ensuring the legal sanctity and
security of the local e-commerce sector.

A major portion of Pakistan’s cybercrime legislation was influenced by foreign

cybercrime legislation. It is divided into 43 categories that deal with various forms of
cyber offences in Pakistan.

Pakistan’s cybercrime law covers the following eight major aspects of the e-commerce
industry:

 Recognition of electronic documents 

 Electronic communications

 The digital signature regime and its evidential consequences 

 Website and digital signatures certification providers

 Stamp duty 
  Attestation and notarization of certified copies

 Jurisdiction

 Offences

Prevention of Electronic Crimes or Cybercrimes Ordinance 2007

In 2007, the PECO (Prevention of Electronic Crimes or Cybercrimes Ordinance) was

passed. The following electronic offences are covered by Pakistan’s cybercrime law:

 Terrorism on the internet

 Damage to data

 Electronic thievery

 Forgery of electronic documents

 Unauthorised entry

 Cyberstalking

 Cyber-spamming/spoofing

Cybercriminals in Pakistan may face a variety of sanctions under PECO. Depending on

the crime, they can range from six months in prison to even the death penalty.

The regulations apply to everyone in Pakistan who commits cybercrime, regardless of

country of citizenship.

Prevention of Electronic Crimes Act 2016

In 2016, the Prevention of Electronic Crimes Act (PECA) was passed. It provides a
comprehensive framework for all forms of cybercrime and is based on the Cyber Crime
Bill of 2007.

It deals with the following internet crimes:

 Unauthorised data access (hacking)

 Denial of Service (DoS) assault (DOS Attack)

 Electronic forgery and electronic fraud

  Cyberterrorism

PECA Penalties on Cybercrimes

PECA imposes the following punishments on cyber criminals:

 For unauthorised access to key information systems, you might face up to three
years in prison, a fine of one million Pakistani rupees, or both.

 Disruption of important information systems with misleading or deceptive motives

can result in up to seven years in prison, a PKR ten million fine, or both.

 For involvement in a terrorism-related offence, you might face up to seven years

in prison, a PKR ten million fine, or both.

 Importing, exporting, or distributing electronic equipment for offensive use can

result in up to six months in prison, a PKR fifty thousand fine, or both.

 For being involved in a data breach, you might face up to three years in prison, a
PKR five million fine, or both. It could include the unintentional internet release of
someone’s personal information.

Reporting a Cybercrime in Pakistan

The Federal Investigation Agency (FIA) is in charge of the National Response Centre

for Cyber Crime (NR3C). In Pakistan, it serves as a cyber law enforcement agency.

The NR3C has expertise in digital forensics, information system security audits,
technical investigation, penetration testing, and related training.

Type of Imprisonme Fine

Crime nt (PKR)

Damage to
3 years 3 lac
Data
Electronic
7 years 7 lac
Thievery

Forgery of e-
7 years 7 lac
documents

Malicious
5 years 5 lac
Code/ Virus

Cyberstalking 3 years 3 lac

Spamming 3 years 3 lac

50,00
Spoofing 6 months
0

Cyberterroris 10
10 years
m million