My “Cybercrime” Isn’t Your “Cybercrime”
Talk to cybersecurity experts about cybercrime on their network, and they will mention malicious activity like scans, attacks, events, and incidents. Probably at some point, they will slip into geek-speak with a vast array of confusing acronyms and jargon while explaining tactics and techniques by referencing infamous attacks, Internal protocols, and industry shorthand.
Talk to federal law enforcement officers about cybercrime, and they will probably mention the Computer Fraud and Abuse Act (CFAA), unauthorized access, trespass, copyright, identity theft, and other varying statutes and laws. The local officer has her own local laws, statutes, and codes specific to her jurisdiction as well as different types of cases her Chief or Sheriff defines as cybercrime.
What does this mean? It means that my “cybercrime” isn’t necessarily your “cybercrime.” Sometimes, “cybercrime” means malicious activity, and sometimes it means illegal activity.
To add confusion, there is also cyber-enabled crime and cyber-native crime. Cyber-enabled crime is traditional crime abetted or facilitated by the use of cyber tools or means. Malicious and illegal activities under this category are often described as scams and frauds or involve the use of digital devices like phones or computers. Cyber-native crimes are those that cannot be committed outside the digital domain such as network intrusions, cryptocurrency mining, and malware. (Cyber-native crimes may also be referred to as “cyber dependent.”)
Think of these as different approaches to cybercrime best illustrated in a quadrant.
| Approaches to Cybercrime | Cyber-enabled crime | Cyber-native (dependent) crime |
| Malicious cyber activity | Doxing someone; Identifying targets for home robberies via social media; Using online street maps to plan a bank robbery | Writing malware code; Scanning a network for vulnerabilities or open ports; Failed credential stuffing attempts |
| Illegal cyber activity | Identity theft through misconfigured and exposed databases | Computer/network access and trespass (AKA intrusions); Malware deployment |
Why (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/my-cybercrime-isnt-your-cybercrime/
