Cybercrime Prevention, Reporting, & Recovery

From GCA ACT
Jump to navigationJump to search


Meerkat colony 1.png

This page is your go-to resource for tackling the multifaceted challenges of cybercrime. With the digital world becoming increasingly integrated to everyday lives and business operations, understanding how to prevent, recognize, report, and recover from cyber threats is critical. This comprehensive page is structured into four essential sections encompassing the continuum of cybercrime remediation. Each section includes a curated list of cybersecurity tools tailored for everyday users, individuals requiring enhanced security, and organizations.

thumb
Prevent
Whether you are an everyday user or in charge of an organization's IT apparatus, implementing cybercrime prevention tools is a no-brainer. For Everyday Cybersecurity this includes using strong passwords, being careful about what information you share online, and being aware of common cybercrime scams. However sometimes a more structured approach, or Enhanced Protection, is needed for small businesses or individuals requiring heightened security. For large organizations Advanced Security is required, including sophisticated Intrusion Prevention Systems (IPS), security simulations, and strict access control.


thumb
Realize
Cybercrimes can often go undetected but it is important to catch them before they cause further damage. Luckily, along with a number of resources for learning to spot cybercrimes, there are a multitude of automated software tools that intelligently detect anomalies.



Cybercrime Types & Containment Methods
thumb
Report
If you are the victim of a cybercrime, it is important to report it to the authorities. This will help them to investigate the crime and track down the perpetrators. Cybercrimes are dramatically underreported, people are sometimes embarrassed, or they don’t think anyone will do anything. The truth is that authorities are investing more money in cybersecurity every year.



Cybercrime Reporting Resources
thumb
Recover
Once you have reported a cybercrime, there are steps you can take to recover from it. A lot of the time these steps occur before the crime happens, like keeping a backup of your data or having a disaster recovery plan. Otherwise, it may include things like changing your passwords, monitoring your credit report, and filing insurance claims.



Cybersecurity Tools

Passwords
Password Managers
Two-Factor & Multi-Factor Authentication
Backup & Restoration of Data
Cloud storage
Data recovery
Offline storage
Insurance & Recovering Your Losses
no subcategories
Sensitive Data
Account Authentication Data
Constituent Information
Customer Information
Data Sharing
Donor Information
Employee Information
Encryption Keys
Financial Data
Intellectual Property
Partner Information
Secure File Storage
Supplier Information
Volunteer Information



Cybercrime Reporting Resources



Types of Cybercrimes and Containment Methods
Type of Cybercrime Signals of Attack Methods of Containment
Data breach - The unauthorized access and theft of sensitive data.
  • Unusual system activity, such as spikes in traffic or login attempts from unusual locations
  • Missing files or data
  • Unauthorized changes to system configurations or permissions
  • Isolate affected systems from the network
  • Change all passwords and security credentials
  • Notify affected individuals and credit bureaus
  • Restore data from backups
Malware attack - The unauthorized installation of malicious software on a computer system.
  • Slow computer performance
  • Unusual system activity, such as high CPU usage or network traffic
  • Unexpected pop-up windows or messages
  • New software or files that appear on the computer without the user's knowledge
  • Run a full system scan with antivirus and anti-malware software
  • Remove any infected files
  • Restore data from backups
Phishing attack - A fraudulent attempt to obtain sensitive information, such as passwords or credit card numbers, by disguising oneself as a trustworthy entity in an electronic communication.
  • Emails or text messages that appear to be from a legitimate source, such as a bank or credit card company, but contain suspicious links or attachments
  • Emails or text messages that ask for personal or sensitive information, such as passwords or credit card numbers
  • Do not click on links or open attachments in emails or text messages from unknown senders
  • Verify the legitimacy of any email or text message before providing any personal or sensitive information
Denial-of-service (DoS) attack - An attempt to make a computer system or network unavailable to its intended users by flooding it with traffic or exploiting vulnerabilities in software or hardware.
  • Slow website or application performance
  • Unresponsive website or application
  • Unexpected error messages
  • Contact your internet service provider (ISP) or web hosting provider
  • Implement DDoS mitigation strategies, such as firewalls and load balancers
Man-in-the-middle (MitM) attack - An attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are communicating directly to each other.
  • Unexpected redirects to unfamiliar websites
  • Unexpected changes to website content
  • Unexpected security warnings
  • Use a VPN when connecting to public Wi-Fi networks
  • Keep your software and operating system up to date
  • Use strong passwords and two-factor authentication
Social engineering attack - An attack that manipulates people into performing actions or divulging confidential information.
  • Phone calls, emails, or text messages that ask for personal or sensitive information
  • Requests for help with technical problems
  • Offers of free products or services
  • Be suspicious of any unsolicited contact
  • Do not provide personal or sensitive information to anyone you do not know and trust
  • Verify the legitimacy of any request before taking any action
Ransomware attack - A type of malware that encrypts the victim's data and demands a ransom payment in exchange for the decryption key)
  • Files that are encrypted and cannot be accessed
  • A ransom message demanding payment in exchange for the decryption key
  • Isolate affected systems from the network
  • Do not pay the ransom
  • Restore data from backups
Cryptojacking - The unauthorized use of a computer's processing power to mine cryptocurrency.
  • Slow computer performance
  • High CPU usage
  • Unexpected network traffic
  • Install a cryptocurrency miner blocker
  • Keep your software and operating system up to date
  • Use strong passwords and two-factor authentication
Insider threat - A cyberattack carried out by an individual who has authorized access to an organization's computer systems or data.
  • Unusual system activity, such as spikes in traffic or login attempts from unusual locations
  • Unauthorized changes to system configurations or permissions
  • Missing files or data
  • Monitor system activity for suspicious behavior
  • Implement security controls to prevent unauthorized access to systems and data
  • Conduct regular security audits
Supply chain attack - A cyberattack that targets an organization's suppliers or third-party vendors.
  • Vulnerabilities in software or hardware used by suppliers or third-party vendors
  • Unusual system activity, such as spikes in traffic or login attempts from unusual locations
  • Unauthorized changes to system configurations or permissions
  • Update all software and hardware to the latest versions
  • Implement security controls to prevent unauthorized access to systems and data
  • Monitor supplier and vendor activity for suspicious behavior
Retrieved from ‘https://act.globalcyberalliance.org/index.php?title=Cybercrime_Prevention,_Reporting,_%26_Recovery&oldid=10598