Many consumers assume that cybercrime can only be committed if a user uses a computer. In actuality, the landscape for criminals is expanding into mobile devices. With releases of new innovative, consumer friendly smartphones such as the iPhone, HTC HD2, and so on, the sales of smartphones has gone up tremendously. More and more non-business, consumer-minded users are accessing the internet through mobile devices.
Currently cyber criminals send malware to computers, which could turn a victim’s computer into a tool for attacks on networks and other computers. Many companies and consumers use anti-malware programs to prevent this situation from occurring. However, now that mobile devices- smartphones- have the capability to use the internet freely like a computer, they become prime targets for cyber criminals to hack and make into bots. In the current IT security environment, there are not a lot of anti-malware measures in place for smartphones.
In addition to the ability to access the internet, smartphones also have expanded the memory capabilities of phones. All the pictures, phone numbers, and private information is another target for these viruses to capture. The information stored in smartphones could be used to blackmail a victim or scare them into giving up their hard earned money.
Integration With New Technology
Smartphones are a new medium for cybercrime that’s ripe for the taking, but another piece of technology is Voice Over Internet Protocol
(VOIP). VOIP is a new technology that allows consumers to use the internet to make calls. Companies such as Vonage, Skype, and even Google offer these services. Cyber criminals are beginning to integrate VOIP into their cybercrimes and using it as a new medium.
Many consumers are weary of e-mails and fake websites that could phish their accounts. There is continual education around verifying the sites users log into. In this evolution of a phishing attack, an e-mail is sent by the cyber criminal, asking the consumer to dial into their secure toll free number, as their account may have been compromised and using the internet may cause additional harm. The consumer, believing that the number listed is real, dials in and is prompted with a familiar automated service. The consumer dials in their account credentials or they speak to a fake representative and give away their information.
This is all possible because cyber criminals can make a phone number using VOIP services. Many companies install VOIP into their enterprises without understanding the security flaws. A cyber criminal can take advantage of these security holes and break a company’s VOIP server or use it as their own to make these false numbers for consumers to dial into.
Cybercrime as a Service
To criminals, cybercrime is another business opportunity for them. They have a lot to gain with very little to lose. The broad, general cybercrime legislation available across the globe is not strict enough to scare them. The ability to remain anonymous on the internet is also another lucrative proposition for cybercrime. This will not change in the future of cybercrime, rather it will make even older criminal gangs that have the financial resources delve into cybercrime.
Currently, legitimate businesses use what’s known as Software as a Service (SaaS). SaaS, in a nutshell, means a company saves money and resources by having their software installed over the internet, on web servers of third parties. This saves companies from having to buy servers and architect out networks, and all work is performed using browsers. Cybercrime of the future may be headed in the same direction.
Cyber criminals in the future can use Crimeware as a Service (CaaS). They don’t have to buy and develop their servers to coordinate attacks, instead they can use infrastructure that’s already out there. Rather than wasting time and resources developing infrastructure, they would pay a fee to use CaaS. Just like a legitimate business that pays a third party vendor to use SaaS, a cyber criminal in the future would pay another criminal who has already developed the network infrastructure and crimeware to use CaaS, thus allowing them to focus their efforts on targeting the individuals or companies they want.
This post is part of the series: Cyber Crime Educational Series
An educational series on cyber crimes. The reasons behind the crime, the damage caused, the laws to try to stop them and what the future possibly holds in the dark, anonymous underworld of cyber crime.