Cybercriminals as an organization

This text is hypothetical, all the facts here aren't taken into account, the names are fictitious and a mere coincidence with reality, a simple story highlighting Cybercriminals as an organization, some are research facts and material found on the internet, which sometimes I don't even know names the authors, a thing I'm really sorry, however I leave here my thanks to everyone who contributes to the universe of programming in general.

The beginning ...

Another beautiful day, Snoopy is just listen to the music after finished your last job , like even when it's finished well, it's really a great moment of peace.

However the phone ring again ...

He was just exploring the internet for another project, however that's one is interesting, after a little talk, he made a conclusion that this one really need some help, what's terrible, he asked to send the details of the propose on his personal e-mail.

After an analysis of the proposal and some time of experience, he knows he should look for another one, but they always find a way to contact him, it will not be possible, no one really understands everyone's codes, it would be impossible, but companies have their culture, values, therefore, the Cybercriminals, when they infiltrate a company, they use codes and personal language to identify each other, security has been compromised, you never know who to trust, otherwise obviously everyone would know who is committing crimes within the company, they are very good.

So come on, for now it was just the contact, soon he will talk to the team, the worst thing is when they understands what he want to do, they are awesome and their life there will be difficult, they never make it easy and they are pretty good, sometimes it's just developing a project, sometimes it's just an analysis, , this one will be pretty terrible …

He needs to study a little then and know some other details ...

Protection of information

Information is central to human interactions. It’s exchanged orally, in writing, or via more complex systems such as computers. The set of resources, processes and tools for exchanging information (personnel, hardware, software, procedures, etc.) organised to collect, store, process and communicate information makes up the information system.

Information is one of the most valuable assets a company has (patents, customer databases, processes, knowhow, etc.).

In order to secure this asset, it is essential to be able to guarantee the following criteria:

Confidentiality: data must be protected from unauthorized disclosure and access to it must be restricted to strictly authorized persons only,
Integrity: data must be unalterable in time and space,
Availability: Processing of and access to data must be guaranteed under predefined time and deadline
conditions,
Traceability: Evidence must be provided relating to actions carried out.

Information system and security

Cybersecurity is the set of disciplines, technologies, organisations, procedures, processes and practices enabling protection of the Information System (IS) against internal and external threats, cybercrime in particular. Cybersecurity involves techniques for securing information systems and setup of cyber defense.

There are a great many possible threats:

Data leakage (accidental or malicious),
Cybercriminal attacks,
Human error,
Material damage, etc.

A security breach in an Information System can have serious consequences:

Unavailability,
Theft or corruption of data,
Damage to the company’s reputation,
Legal, regulatory and financial sanctions (e.g. fines, loss of banking licence, etc.).

There are a great many examples of hacked businesses. Stolen corporate data can be widely distributed over the Internet or resold to competitors and criminal organisations.

No sector is spared by cybercrime. Security breaches have increased by 67% over the last 5 years, with the banking sector being the most affected. In 2018, for banks, the average cost per business was 18 million dollars.

Cybercrime will continue to increase in the years to come: it is estimated that the financial impact will be 5.2 billion dollars between 2019 and 2023*.

From managers’ anticipation to robustness of processes and procedures, via expertise and technological robustness and not forgetting vigilance on the part of anyone with access to the Company information system (internal employees and external assistants alike), cybersecurity is EVERYBODY’s business.

Crackers, Lammers, Script Kids and related company:

Today's cyberattacks are rarely the work of a single individual, but rather of structured and complex criminal organisations. These days we talk about CaaS (Cybercrime as a Service).

Attacks are multiple and ever more innovative. The best known include social engineering, identity theft, phishing, denial of service for a company, spreading viruses, and espionage... all of them threats that need to be countered.

With new technologies, the attack perimeter is constantly evolving: the cloud, connected objects and so on. Network interconnections and very high speed broadband provide hackers with new playgrounds.

Attacks are becoming increasingly sophisticated and criminals are adapting with no lack of creativity.

Crackers have a range of motives, the best known being:

1 Money, the main source of motivation for cybercriminals.;
2 Political or religious activism: “hacktivism” employing highly targeted actions;
3 Espionage and destabilization, which enable attackers to gain a strategic advantage and weaken a company,individual or State. To do this, cybercriminals can exfiltrate customer data, scientific research results, trade secrets or even State secrets. Hackers belonging to criminal organisations are often highly experienced and specialized in their field.

Alongside such structured organisations, individuals can be motivated by, there are good and bad ones, here is a window into what they do and why:

White Hat Hackers(Hackers): These are the good guys, computer security experts who specialize in penetration testing and other methodologies to ensure that a company’s information systems are secure. These IT security professionals rely on a constantly evolving arsenal of technology to battle hackers.

Black Hat Hackers (Crackers): These are the bad guys, who are typically referred to as just plain hackers. The term is often used specifically for hackers who break into networks or computers, or create computer viruses. Black hat hackers continue to technologically outpace white hats. They often manage to find the path of least resistance, whether due to human error or laziness, or with a new type of attack. Hacking purists often use the term “crackers” to refer to black hat hackers. Black hats’ motivation is generally to get paid.

Script Kiddies: This is a derogatory term for black hat hackers who use borrowed programs to attack networks and deface websites in an attempt to make names for themselves.

Hacktivists: Some hacker activists are motivated by politics or religion, while others may wish to expose wrongdoing, or exact revenge, or simply harass their target for their own entertainment.

State Sponsored Hackers: Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, “He who controls the seas controls the world,” and then it was, “He who controls the air controls the world.” Now it’s all about controlling cyberspace. State sponsored hackers have limitless time and funding to target civilians, corporations, and governments.

Spy Hackers: Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid.

Cyber Terrorists: These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Cyber terrorists are by far the most dangerous, with a wide range of skills and goals. Cyber Terrorists ultimate motivation is to spread fear, terror and commit murder.

THE SOURCE

Data and information security

These external threats to the company are combined with internal threats, the main one being data leakage.

Data leakage may be carried out by company employees or external personnel with access to the Information System and may be malicious or accidental.

Reinforcement of Information System security, as well as knowledge and vigilance on everyone’s part in application of security best practices are therefore of key importance.

The data that a company stores and processes is an extremely important asset that needs to be adequately protected.

Classification of data and its processing is assessed according to the risks incurred by the Group, in particular in the event of their destruction or loss, unauthorized access, etc.

This is why it is important to identify the classification level of the information contained in your documents, in order to handle them accordingly and take the necessary precautions

Before releasing information, make sure you know its classification level:

Public: Information that can be divulged to anybody without infringing the Bank’s policies or individual privacy, examples of public information are websites open to the general public, press releases, etc.

Internal: Information generally consulted and used by employees and its legal entities in the context of their usual activities and whose unauthorized disclosure would have a minimal impact on the interests its clients/employees, examples of internal information are business contact details, internal publications and events, etc.

Confidential: sensitive information whose unauthorized disclosure could have a direct or indirect negative impact on the interests of its clients/employees. Access to confidential information must only be granted on the “need to know” principle, examples of confidential information are clients’ contracts and transactions, personal data for recruitment purposes, etc.

Secret: Highly sensitive Information whose unauthorized disclosure could result in serious financial, legal, regulatory, personal and/or reputation damage to clients/employees. Access to secret

information must be nominative, on the “need to know” principle, examples of secret data are medical records, bank card verification and PIN codes, etc.

Some entities and subsidiaries use a more restrictive classification. Ask your security correspondent for more information.

Depending on their level of confidentiality, solutions exist to share and protect your documents, including network sharing, SharePoint and Secure File Sharing, etc.

Also remember:

That it is imperative to only use equipment authorized by the Group in order to manage your business data.

That it is forbidden to create shared folders on your hard drive. Shared folders may only be created by authorized teams. Contact your security correspondent for more information.

That under no circumstances should personal data or confidential or secret information about the Bank, its customers, employees or service providers be communicated on email accounts outside the Group.

That It is strictly forbidden to use instant messaging to communicate confidential or secret information or personal data.

That you need to be discreet in your business exchanges, whether on or off the Group's premises (if possible, apply a confidentiality filter to your screen). In addition, do not take photos containing sensitive (confidential or secret) information, or even of your company (e.g. your badge, screen, etc.).

Social engineering

Social engineering is a form of psychological manipulation, consisting of obtaining a piece of property or information by exploiting trust, naivety or fear.

The malicious individuals employing such methods exploit the human factor, which in some cases may be regarded as the weakest link in information system security.

Attacks are often preceded by a search for information to find out the targeted company’s procedures (indiscretions on social networks, people who worked at the company for a time, etc.).

There may be many reasons for targeting a company: information theft, fraud, execution of an unlawful action, interruption of service or dissemination of information.

Cybercriminals favorite targets are:

Companies in the financial sector through which money transits, Large Groups, whose silo organisation enables attackers to access departments that are separated from one another.

Anybody with access to the targeted company’s environment may constitute a means of access to the information sought. It may be an employee, external assistant, a customer or a partner. Categories of individuals most likely to be contacted include:

Employees with extended rights or access to sensitive (confidential or secret) information,
Discontented or dismissed employees, who are easily manipulable targets with good knowledge of the
company,
All employees during mass attacks.
Most of the information used during this type of attack can easily be found on the Internet, or in the press.

An attack scenario is then played out targeting the individual identified, using such psychological levers as fear, as well as greed, adherence to an ideology, flattery, or even corruption. Various channels are used to reach the target: websites, messaging, telephone (or even Fax), digital media or postal services.

Once they have achieved their purpose, attackers put an end to all interaction with the target and erase all traces of their attack.

Never forget that the best defense against social engineering is you!

The first part:

After all that, the company makes contact with Snoopy, first the nice girl now for an interview, she usually only knows the psychological part, she doesn't know much about the technical part.

Snoopy thinking, she will analyze my behavior, my psychological part, my profile, I always loved talking to these, they are very nice and polite, with some exceptions.

The interview :