Cyber crime

While cyberspace gives us the ability to access knowledge, open up markets and share information it also makes us more vulnerable to criminals, foreign intelligence services and terrorists.

The risks

• Attacks on IoT devices - including software and wireless sensors.
  
  
• Data breaches - such as identity theft.
  
  
• Distributed denial of service attack (DDoS) - a malicious attempt to disrupt a server, service or network by flooding or crashing a website with too much traffic.
  
  
• Malware - includes spyware, trojan horses, viruses and worms which are used to gather data from a users system without the user knowing. They can compromise confidential or personal information, delete files or directory information and consume bandwidth and overload servers while spreading to other computer networks. Mobile Apps are also vulnerable to this type of attack.
  
  
• Man in the middle attacks (MitM) - involve the victim, who the victim is trying to communicate online with, i.e. a bank, and the man in the middle who is able to intercept the victims communications without them knowing. This type of attack can be carried out by use of an unsecured or poorly secured Wi-Fi router or via malware.
  
  
• Phishing - includes fraudulently stealing personal information usually through the use of a fake email. A more sophisticated form of this is called 'spear phishing', wherein the attacker learns about the victim and impersonates someone he or she knows and trusts.
  
  
• Ransomware - a form of malware which uses rogue software code to hold a user's computer hostage until a 'ransom' fee is paid

Potential impact

• Physical and psychological casualties.
• Disruption to essential services, including, energy, health and water.
• Loss of access to systems and information services.
• Loss of identity through theft.
• Loss of confidentiality.
• Damage to reputation, both at individual and organisational levels.
• Damage to the economy

What you can do

• Use a firewall to secure your Internet connection.
• Choose the most secure settings on your devices and software.
• Ensure passwords are easy for you to remember but hard for someone else to guess.
• Use two-factor authentication (2FA) wherever possible. 
• Control access to your data and services by limiting who has administrative privileges.
• Only use software from official sources.
• Use anti-malware measures.
• Avoid connecting to unknown or public Wi-Fi networks where possible.
• Always back up your most important data.
• All devices should be kept up to date, password protected and the 'track and erase lost devices' option on smartphones and tablets should be activated.
• Use the S.H.A.R.E checklist

• Police - Action Fraud
  
  
• GOV.UK - Government Cyber Security Strategy: 2022 to 2030
  
  
• West Midlands Regional Organised Crime Unit
  
  
• Metropolitan Police - Online fraud and cyber crime
  
  
• GOV.UK - Mobile device security: a buyer's guide to choosing and using mobile devices