Professional Documents
Culture Documents
Chapitre 2 Final versionALA
Chapitre 2 Final versionALA
Chapter Introduction:
Cybercrime refers to any criminal activity involving the use of a computer or the
Internet, including but not limited to hacking, identity theft, phishing, malware
proliferation and other forms of online fraud or exploitation. This may also include
crimes committed through digital tools or networks, such as B. Cyberbullying or
online harassment. In general, cybercrime involves the use of technology to facilitate
illegal activities or to target victims in new and innovative ways.
The history of cybercrime dates back to the dawn of computers and the internet. As
technology advances, so does the nature and complexity of cybercrime. Here is a
timeline of major events and milestones in cybercrime history:
The concept of "hacking" arises when computer enthusiasts explore the possibilities
of early computing systems, often with innocent intentions.
1980:
First documented cases of computer viruses and malware appear, such as the “Elk
Cloner” virus
in 1982.
1990:
-The Internet is becoming more accessible to the general public, leading to an
increase in cybercrime.
-Social engineering attacks like phishing and social manipulation are becoming
commonplace as cyber criminals exploit human weaknesses.
-Credit card fraud and identity theft are becoming a serious problem as online
financial transactions become more prevalent.
-Training various Computer Incident Response Teams (CERTs) and law enforcement
agencies to combat cybercrime.
2000s:
-data breaches and hacking incidents targeting large companies like Yahoo, Equifax
and Sony cause significant financial and reputational damage.
2010s:
-Cyber attacks on nation states are becoming more common, with countries
engaging in cyber espionage, stealing intellectual property and disrupting critical
infrastructure.
-The growth of the dark web and underground markets is facilitating the buying and
selling of illegal goods and services, including cybercrime tools and services.
-The global cost of cybercrime runs into the trillions of dollars annually as businesses,
governments and individuals deal with the growing threat.
2020s:
-Cybercrime is evolving and new threats such as deepfakes, AI-based attacks and
quantum attacks pose new challenges.
Overall, the history of cybercrime has been characterized by the constant evolution
and sophistication of cyber threats, posing significant challenges for governments,
organizations and individuals as they try to protect their digital assets and
technologies in an increasingly connected world.
The origins of cybercrime date back to the dawn of computing and the birth of the
internet. With advances in technology and the proliferation of computer-to-
computer connections, opportunities for illegal activity have arisen. Here are some
of the key factors that have contributed to the emergence of cybercrime:
-Technological advances:
The development of computers and networks has opened up new opportunities for
people with technical skills to exploit security holes, gain unauthorized access to
systems, and steal or manipulate data. In the beginning, these activities were often
carried out by curious or amateur hackers known as "phreakers" or "phone phreaks"
exploring the possibilities of early computer systems.
-Global Connectivity:
The advent of the Internet in the 1990s provided a global platform for
communication and information sharing, but also opened new opportunities for
cybercrime. The ability to connect to remote networks and systems has enabled
cybercriminals to operate from anywhere in the world and launch attacks worldwide.
-Financial motives:
With the development of e-commerce and online banking, cyber criminals have
seen opportunities for financial gain.Credit card fraud, identity theft and online
scams have become commonplace, allowing cyber criminals to profit from their
illegal activities.
-Social Engineering:
Social engineering, which involves manipulating people to gain unauthorized access
to or extract sensitive information, has been a key factor in the emergence of
cybercrime. Techniques such as phishing, pretexting and social manipulation are
used to trick people into revealing their credentials by granting them access to
systems or networks.
-Anonymity:
The relative anonymity offered by the Internet has also contributed to cybercrime.
Cyber criminals can hide their identity and location behind fake names, nicknames,
or online details, making their activities difficult to track.
In the 1980s and 1990s, as computers became increasingly connected and the
Internet began to gain traction, in the United States and other countries with
advanced technological infrastructure.
There are multiple forms of cybercrime that can target customer and corporate data.
Here is a comprehensive list of the different forms of cybercrime that can affect
customer and business data:
-Data Breaches:
Data breaches involve unauthorized access to or theft of sensitive information such
as names, addresses, phone numbers, social security numbers, credit card
information, and other personal or business information. A data breach can occur in
a number of ways, including exploiting vulnerabilities in software or hardware,
hacking into databases or systems, or using stolen credentials. A data breach can
result in financial loss, reputational damage, and legal consequences forbusinesses,
as well as jeopardize the privacy and security of customer data.
-phishing:
Phishing attacks typically involve the use of fake emails, messages, or websites
impersonating legitimate entities to trick people into revealing their sensitive
information. These attacks are often aimed at employees, customers or business
partners and can be very sophisticated.Phishing attacks can force users to provide
login credentials, credit card information, or other sensitive information that can
then be used for identity theft, financial fraud, or other malicious activities.
-Ransomware:
Ransomware is a type of malware that encrypts data on the victim's system
anddemands a ransom to unlock your data. Ransomware attacks can cause
organizations to lose access to critical data, disrupt operations, and result in financial
losses. In some cases, even if the ransom is paid, there is no guarantee that the data
will be exposed and the attackers can still gain access to the compromised systems.
-Insider Threats:
Insider threats are individuals with authorized access to corporate data who
use or abuse that access for personal or malicious purposes. Insider threats can
involve employees or other trusted individuals stealing, altering, or disclosing
confidential customer or company information. Insider threats can be difficult to
detect and prevent because these people often have legitimate access to data that
they misuse.
-Social Engineering:
Social engineering is the manipulation of individuals to reveal sensitive information,
such as customer and company data, through psychological manipulation rather
than technical skill. Social engineering techniques include spoofing, where attackers
create a false identity to gain trust, grooming, where they offer something to
encourage people to disclose information, or identity spoofing, where they claim to
be a "trusted entity". Social engineering attacks can be difficult to detect as they
often rely on human psychology and exploit human weaknesses.
-Identity Theft:
Identity theft is the use of another person's personal information for fraudulent
purposes without their consent. This may include stealing customer information
such as names, addresses, social security numbers, and financial information to
create false identities, open false accounts, or engage in other illegal
activities.Identity theft can result in financial loss, reputational damage, and legal
consequences for customers and businesses.
-E-Commerce Fraud:
Fraudulent activities carried out on e-commerce platforms, e.g. B. Using
stolen credit card details for unauthorized purchases.
-Credential Theft:
Stealing credentials such as usernames and passwords that can be used to
gain unauthorized access to systems or accounts.
-Cryptojacking:
Unauthorized use of a company's or customer's computer resources to mine
cryptocurrency without authorization.
-Spyware:
Software that secretly monitors and collects data from a user's device without their
consent, often used for malicious purposes.
-Cyberextortion:
Demand payment or threaten to disclose confidential information or engage in
malicious activity unless a ransom is paid.
Section2: BIAT's Brush with Cybercrime: Tracing the First Documented Corporate
Data Breach:
2-1 BIAT falls victim to ransomware attack with no ransom demand yet
Contrary to the rumors that were circulating about it, the hackers did not demand a
ransom. In fact, some media outlets said that the hackers responsible for this
overseas attack demanded a ransom of $20 million.
data protection
On Thursday, February 18, 2021, BIAT's computer system was disrupted following a
phishing attempt. Fortunately, shortly after the attack was discovered, the bank's
information systems department, headed by Lamia Zeghal Hadj Slimen, responded
to this malicious act very quickly"We appear prepared to respond to malicious
attacks and have taken the necessary steps to address and stop a recent phishing
attempt," says Hadj Slimen. This allowed us to secure the production system and
customer operations of the bank.
BIAT defeated the hackers and played it safe by activating maximum security, which
allowed its services to carry out the necessary investigations and neutralize the
hacking operation.All outages continue and customer accounts are protected.
We sometimes remind you that phishing is a practice that has spread across the
Internet. Overall, the first half of 2020 saw an increase of 700% compared to the last
quarter of 2019. This spreading practice poses a high risk for all companies, which
explains the significant investments by financial institutions and banks, among
others. . others like BIAT to optimize the security of their information systems and
protect their debt.The responsiveness of BIAT, Tunisia's leading private bank, and
the success of their approach to keeping all available data is a perfect example of
this.
Conclusion
In summary, cybercrime is a serious and growing threat that requires constant
vigilance and strong cybersecurity measures to prevent it. As technology advances,
cybercriminals find new ways to exploit vulnerabilities and gain access to sensitive
information. The case of BIAT's exposure to cybercrime is a cautionary tale for
organizations that underscores the importance of taking proactive measures to
protect against cyber threats.By examining the specifics of the BIAT attack and the
actions taken by the bank in response to the incident, we can gain valuable insight
into the nature of cybercrime and the strategies employed by cybercriminals. The
incident underscores the need for organizations to take a holistic approach to
cybersecurity and implement a variety of measures to protect their systems and
data.These measures can include strong passwords, encryption, regular updates and
patches, employee training, and external security audits.Ultimately, businesses can
protect themselves and their customers from the devastating effects of cybercrime
by remaining vigilant and proactive in the face of cyber threats. As technology
evolves, you must remain vigilant and adapt to new threats and vulnerabilities.