"Crime doesn't pay" goes an old adage. But, it appears cyber criminals never heard that one and if they ever did, they totally scoff at it. According to Interpol, "cyber-crime is the fastest growing area of crime." The Internet attracts criminals like bees to honey thanks to its speed, convenience and anonymity.
One of the most pervasive types of cyber-crime is attacks on computer hardware via viruses, malware, botnets and network intrusion. This type of crime is big business and the criminal cyber world is reaping millions. To the average guy and gal in the village, it is not immediately apparent how these riches are made and one cannot be blamed for failing to see the real magnitude of the problem.
How it All Begins
Hardware penetration begins with computer coders. These are highly skilled programmers and computer scientists who create the software that attacks computers. Many coders that create malware tools come from countries where there are good educational systems but the economy isn't able to absorb these highly skilled individuals into the labor force. Most malware creators have historically emanated from Eastern Europe but they are now increasingly found in India, China and South Asia. Coders sell these tools to criminal networks.
How it Works
Cyber criminals connect the dots. After purchasing malware tools in online and offline black markets, they put everything together and launch attacks on unsuspecting computer users. Trojans and malware infect machines, silently collect data and transmit it to a command and control center. There are two main ways that criminals make money from infected computers.
We all know what a pickpocket does. On the Internet, criminals pick your pocket by stealing usernames and passwords to online bank accounts, PayPal, Skrill and other online trading accounts. This is accomplished using a keylogger, malware that silently records your keystrokes and transmits the data to a remote location via an Internet connection. Key loggers can also capture your credit/debit card details as you make online purchases. It is now common to see malware targeted at stealing Bitcoin wallets. Cryptocurrency is becoming a target of cybercrime due to the virtual un-traceability of the monetary system. Once criminals have your data, they can rob you immediately or sell the data to third parties. There is a thriving underground market for anonymous trade in stolen financial data. Kingpins of the trade make millions offloading stolen data on these markets. The real Mafioso's avoid capture by selling the data steal. In the event someone in the chain is nabbed using stolen financial data, the authorities are left with the small fry while the big fish stay off the radar.
In addition to stealing financial data, compromised computers can also be used as mules. In effect, criminals use your computer's processing power to work for them. One of the new crimes in this area is using enslaved computers to mine bitcoin. Captive computers can also be hired out to carry out large scale attacks such as a Distributed Denial of Service (DDOS) attack. These attacks cause website downtime and can persist for long periods of time. The aim is normally blackmail for financial gain or to get the target of the attack to take some specified action or refrain from doing something.
What is the significance of all these to Africa? Despite rapid uptake of Internet services, there has not been a corresponding increase in initiatives to create awareness on the dangers posed by cybercrime. Unless Internet users begin taking cyber-security awareness
seriously, Africa can soon become the new hunting ground for cyber criminals.