Cybercrime Evolution: How Can Your Security Software Keep Up

Cybercrime Evolution

The Internet has radically changed the world since it was made public in 1991. Today, it seems unimaginable not to have the Internet. Nearly everything we do, from simple communication to online banking and purchasing, we now use the Internet. We also use the Internet now to control our homes, vehicles, and other smart devices.

We use the Internet to book our travels, manage off-site teams, and handle businesses from anywhere in the world. With the pandemic that has radically upended our lives, we also use the Internet to preserve human touch by opting for touchless solutions. We now work from home. Our children are also learning from home. The Internet has undeniably become an important part of our global economy, but as the Internet grew, cybercrime did as well.

Cybercrime escalated over the years. Hackers are quick to exploit all vulnerabilities through the Internet to perform malicious activities for profit.

Cybercrime has, in fact, become a trillion-dollar industry. There’s an unquenchable demand for vulnerabilities, phishing-as-a-service, ransomware-as-a-service, botnets, APTs, and kits and services for cyberattacks.

Data has become a money pit for cyber thieves of internet data, a steady source of income for cybercriminals, both small-time and big-time. Data mining and hacking technologies evolved. How is security software keeping up with cybercrime evolution?

Security Software Evolution Through the Years

  • Reaper and Creep                                                                   er / 1971

The first appearance of a software worm started as a fun game between friends Bob Thomas, BBN Technologies developer, and email founder, Ray Tomlinson.

Bob Thomas wrote a code for the first-ever computer worm that traveled through the ARPANET (the internet base) from one computer to another. Thomas called the worm “Creeper,” and even attached a tagline, “Catch me if you can.”

Tomlinson, his friend, and a colleague created a program in response and dubbed it “Reaper.” It is now considered by many as the first programming game. The Reaper can travel across the network, copy as it moved, locate the Creeper, and kill the worm.

  • The Morris Worm / 1988

Once Morris Worm was introduced in 1988, cybercrime took the form familiar to us today.

The Morris Worm was a self – replicating system that quickly turned into the first global DDoS attack (Distributed Denial of Service). Worldwide, it destroyed servers and computers.

Robert Tappan Morris, the creator of the Morris Worm, did not expect his creation to have such a massive outcome. He made a protocol right away to shut down the worm. But by then, critical damages have been done on a global scale. He was later convicted a year later for violating the Computer Fraud and Abuse Act.

  • ILOVEYOU Virus / 2000

Created by a student from the Philippines doing his thesis, the ILOVEYOU virus or Millennium bug caused so much damage right after the world was still getting over the Y2K bug (Year 2000 bug).

The ILOVEYOU virus-infected data by copying itself in the victim’s email contacts of victims. Victims kept opening the emails because trusted sources sent them, and because of the compelling and intriguing subject title, “I love You.” There was also an email attachment labeled “Love Letter for You.”

Around 50 million computers were infected around the world in a few hours. Security software or back-up solutions were not yet commonplace during that time.

Unfortunately, the ILOVEYOU virus caused a flood of malicious emails within networks and organizations, and it took a lot of damage control to restore or recover what the virus destroyed.

There were no laws criminalizing cyberattacks in the Philippines during this period. The hacker was not criminally charged for the massive attack.

Cybersecurity and antivirus companies released a patch to counteract the virus, but it took some time to be downloaded. After that incident, global awareness of the need to install robust antivirus software was awakened. Security software became a staple for every computer owner.

It is so important to have standard cybersecurity for your devices and network. Today, 90% of all emails sent are spam. Hackers specifically target unsuspecting employees and large network-users.

Once they get into the system through a spam or phishing email, cybercriminals can cause severe damage and collect the most profits from their cyberattack. It is why it is critical to have reliable protection and to keep them updated. Individuals and companies also need to practice good cyber hygiene.

  • Phishing Attacks

Phishing also used emails as its mode of attack, but with a more sophisticated level of deception than the ILOVEYOU virus.

It mimicked legitimate sources like reputable companies, network providers, and banks to lure victims. Phishing thieves use identical logos, email addresses, and the like to fool the victim into thinking they are communicating with a legitimate company employee of the company being mimicked.

Even public officials took the bait of phishing scams, like in 2016’s Democratic National Committee’s data breach.

The moment the victim clicks on a link or answers an email, the attackers now trick victims into giving sensitive data such as addresses, social security numbers, credit card details, and the like.

Phishing attacks may be one of the simplest and most common attacks, but most cyber attackers still use it today just because people still fall victim to it.

Businesses and organizations protect against this threat by diligently gathering data from their customers, colleagues, and cybersecurity journals on potential phishing attacks.

Early detection of these threats is essential so that cybersecurity teams can shut down phishing sites before they cause damage.

Usually the company with a phishing attack must send recurring message blasts all across their network of customers and peers to help avoid further attacks.

  • Ransomware Attacks

Ransomware does more than deceive people. These attacks are straightforward, stealing sensitive information from networks, accounts, and physical devices to encrypt them and prevent the user from accessing their data or computer.

Attackers then communicate to the victim that they would have to pay a certain amount for them to regain access. In certain cases, the threat is to reveal confidential material publicly.

This kind of attack was used by government officials on private individuals, like the 2017 WannaCry attack committed by North Korean hackers who jumped through loopholes set by the U.S. National Security Agency ( NSA) and infiltrated over 200,000 computers’ Windows OS in over 150 countries.

North Korean cyber hackers were also behind the leak of Sony Picture’s executives’ private emails, trying to stop the film’s worldwide release, “The Interview,” portraying their dictator.

According to Webroot, ransomware requires criminals to perform an effective phish, exploit, or RDP breach to distribute their payload, circumvent security, and encrypt files. They then send encryption keys to a protected command-and-control server, and they must do this without any mistakes. The ransomware attackers require victims to purchase and transfer the Bitcoin before finally decrypting their files and giving access back to their victims.

Ransomware attacks are rampant because people are willing to pay just to get their data back or prevent confidential information from being leaked.

Norton recommends you should deter from paying any ransom because it does not bring you any certainty that you will recover control of your data, or that the hackers will stop their ransomware attacks.

The best protection is data backup. Most security software has this feature to restore your device to a backup point. Be careful about suspicious emails from unverified sources to avoid phishing attacks used by ransomware attackers use to steal your data.

Use reliable, updated security software with firewall, so your device can scan content and filter messages in your mail server.

Verify suspicious emails right away. Installed security software continuously monitor vulnerabilities and attacks occurring within networks, and release updates or fixes immediately to counter these attacks.

Do not ignore security alerts and antivirus update when requested. Avoid accessing your accounts via public wifi or public devices to reduce attacks and compromise your network.

  • Cryptojacking Attacks

Cryptojacking happens when attackers embed JavaScript code into a website, using the processing power of these websites to extract cryptocurrency without the host knowing it.

The host will likely experience downtime in their system without knowing that there is cryptojacking activity happening in the background.

Coinhive committed 60% of all cryptojacking attacks, triggering outrage from the digital community. Coinhive closed their services in 2019, but other similar programs quickly filled the gap.

Artificial Intelligence (AI) technology’s rise has proved so effective in defending against cyberattacks, including cryptojacking.

Thru AI, codes can be fully examined and repeatedly tested throughout the day. An alert or notification can be sent to cybersecurity analysts and programmers for immediate protection when any malicious code is detected.

The video below offers more insight how cybersecurity stepped up through the years to protect us from cyberattacks.

Conclusion: Cybersecurity Stands Up to Cybercrime

The evolution of cybersecurity arising from growing cyber threats is causing cyberattackers to amplify their efforts. Today, the threats have become sophisticated and widespread on a worldwide scale.

Security software is not just on the defense but the offense as well against cybercrime. Security software today typically comes free as well, unlike in the past that purchasing software was not that cheap.

It is now stapled to have antivirus software, VPN, and a firewall for internet users. Cybersecurity is everybody’s responsibility now, and not just the responsibility of internet experts.

To brace for the waves of cybercrime coming our way, we all need to work together to stay safe. Prevention is our first defense, beginning with protecting our own devices and network, understanding the emerging cybersecurity threats and trends, and getting the best antivirus software.

Strengthen your cyber protection through software, best practices, and adequate education. Businesses have accountability to their consumers to keep their network security and data security to par.