April 5, 2019 at 13:40 #2594
Cybercrime has grown exponentially over the last decade. The advancement in technology has also given led to sophisticated cases of cyber attacks. In the past, attacks were launched by individuals or small groups. However, due to the current increase in the level of internet growth, there are organized criminal networks who commit cybercrimes on a higher scale. However, despite what might seem to be a sophisticated exercise, attackers do get caught.
Since the same principles they use to execute an attack are the same used to protect systems from fraudsters, it is possible to trace the origin of an attack. Hackers are human beings, and so they make errors. These errors normally trip them and leave a trail of evidence that is used to track them.
Hackers often use software such as proxy to obscure their identity and funnel their connections through different countries to avoid detection. They also use other technologies like tor for information encryption and add multiple layers to hide their identity. All these tools enable them to execute their crimes unnoticed in countries where they can’t be prosecuted.
Tracking cybercriminals is a task that requires collaboration, takes time and a lot of investigative research. Cybercrime specialists need to retrieve and study and analyze any evidence gotten from an attack.
The type of malware used in an attack can provide a valuable pathway for security experts to identify the parties behind the attack. These experts use reverse engineering techniques to understand the malware and how its propagated. When the authors of cyber attacks target their victims on computer systems, as it has been mentioned before, they leave a trail of digital footprints that can be followed back to their source.
Upon identifying a malware campaign, the experts launch a real hunt to find the culprit before the evidence becomes invalid. A good example of this strategy of getting attackers is the Bangladesh bank attack in which security researchers discovered the malware used in the attack was the same used in 2013 sony pictures cyber attack, South Korea’s top broadcaster attack and a failed attack to steal $1m from a Vietnamese bank. The malware code used to launch these attacks was identical, and it all pointed to a coordinated attack from North Korea.
A significant number of cyber attacks is motivated by the financial benefits at the end of the attack. The old saying that crime does not pay has been knocked down by cyber attacks. However, some attackers are excited by the fame and joy of bringing an organization’s computer system down. After a successful attack, many fraudsters turn to hackers’ forums to boast about their exploits. This provides the authorities with clues on how to identify the individual responsible for the attack.
Another way that cybercriminals get caught is the use of honeypots. A honeypot is a decoy computer or a computer system that mimics the likely targets of cyber attacks. It is used to identify attackers or deviate them from legitimate targets. Security experts also use honeypots to gather information about how cybercriminals operate. While security mechanisms work towards protecting computer systems from intrusion, honeypots work oppositely. An organization’s security team prepares something attractive to cybercriminals, then wait for them to show up.
The decoy system contains data and applications used to trick attackers and make it seem as though they are targeting a legitimate computer system. The information obtained by monitoring such attacks can be used to understand where the cybercriminals are coming from, what they need and how they operate. Also, security experts can use honeypots to determine which security measures are working effectively and the ones that need to be improved.In 2015, a honeypot bait was used by internet security experts for an online railway control system. The primary objective of the bait was to identify how cybercriminals would attack the project putting the public at risk. In this exercise, damages were done to a model train set at a technology conference in Germany. In two weeks, the famous “Honey train” had attracted over 2.7 million attacks.
There is no small and big cybercrime. Many attackers are excited by the success of an attack attempt. Regardless of the worth of data, organizations and individuals should always put the necessary mechanisms to protect their data against fraudsters. When you receive a piece of unsolicited information from someone you have no prior knowledge of, you should always proceed with great caution.August 14, 2019 at 20:21 #5270
It’s been featured on our medium: https://medium.com/@cybersecurecentral/how-do-cybercriminals-get-caught-from-our-forums-917e3f47deff