通过或使用计算机和互联网连接或计算机技术实施的任何犯罪都称为网络犯罪(Cyber Crime)。网络犯罪的定义不止一个方面。犯罪可以是任何东西。它涵盖了从恶意软件注入到黑客攻击到社会身份盗窃等等。本文的范围是回答什么是网络犯罪以及 Microsoft 如何处理它。
什么是网络(Cyber)犯罪– 定义(– Definition)和解释(Explanation)
计算机和互联网(Internet)或计算机技术参与的任何犯罪都称为网络(Cyber)犯罪。这是对网络犯罪的一个非常广泛的定义。如果使用以下任何活动进行犯罪 - 那么它可以被归类为网络(Cyber)犯罪:
- 垃圾邮件
- 跟踪、敲诈(Blackmail)、勒索(Extortion)、欺凌(Bullying)
- 网络钓鱼。了解如何避免网络钓鱼诈骗(Scams)和攻击(Attacks)
- 黑客攻击
- 恶意软件
- 利用漏洞
- 社会工程(Social Engineering)和身份盗窃(Identity Theft)(虚假(Fake)电子邮件、使用从互联网(Internet)获得的数据进行虚假电话转换,以获取有关您和您的银行、卡等的更多信息)
这些只是我在撰写本文时所记得的网络犯罪最基本的方面。非法业务还有很多方面——在每个非法活动实例中,都涉及一台或多台计算机和/或互联网(Internet)连接。这种以网络犯罪(Cyber Crime)为目的而实施的攻击可以称为网络攻击(Cyber Attack)。
我们将在下一篇关于网络犯罪类型的文章中了解更多相关信息。您可能还想阅读有组织和无组织的网络犯罪(Organized and Unorganized Cybercrime)。
网络犯罪发生率
网络犯罪猖獗!
There are nearly 400 million victims of cybercrime each year. And cybercrime costs consumers $113 billion per year. India, followed by Pakistan, Egypt, Brazil, Algeria and Mexico have the largest number of infected machines involving malware developed outside Eastern Europe.
诺顿(Norton)说:
- 网络犯罪(Cybercrime)现已超越非法贩毒成为犯罪的赚钱工具
- 由于网络犯罪,每 3 秒就有一个身份被盗
- 如果没有复杂的Internet安全包,您的 Windows PC 可能会在连接到Internet后 4 分钟内被感染。
如何应对网络(Cyber)犯罪——预防
保持良好的系统卫生。不言而喻,您必须拥有完全更新的操作系统和已安装的软件(updated operating system and installed software)以及良好的安全软件(security software)来保护您的计算机——除了有安全的浏览习惯(safe browsing habits)。
然后,有时人们可能会联系您,声称来自工作门户或技术支持,甚至是您的银行(Bank),并最初要求您提供信息,然后可能会让您为某些虚构的服务支付一些费用。不要回复此类联系方式。这是您可以采取的第一个基本预防措施。有很多人会成为它的牺牲品,但不会报告此事。
为了打击网络犯罪,您必须报告它,以防您成为猎物。没有什么可耻的!如果电子邮件或电话借助已知或流行的服务或品牌,您应始终提醒服务或品牌,他们的名字被滥用,以便他们可以采取适当的措施,至少提醒其他客户注意不要成为猎物。
此外,如果网络犯罪使您遭受了身体、精神或经济上的损失,您可以向当今每个政府都有的有关部门举报。每个国家都认真对待网络犯罪,并拥有积极努力打击犯罪并将犯罪分子绳之以法的组织。
如果您的系统已成为Botnet(Botnet)的牺牲品,您可能需要查看一些Botnet Removal Tools。
报告网络犯罪
如果您在美国,您可以向国土安全部(Department of Homeland Security)官方网站(Official Website)报告。如果是电话或电子邮件,请将日志和内容分开且安全地保存,因为它们会进一步帮助您。如果它是恶意软件,您只能希望您所报告的组织提出一些适当的计划并采取一些行动。
互联网犯罪投诉中心 (IC3)(Internet Crime Complaint Center (IC3))是联邦调查局 ( FBI )(Federal Bureau)和国家(Investigation)白领犯罪中心(National White Collar Crime Center)( NW3C(FBI) ) 之间的合作伙伴关系(NW3C)。作为受害者,您可以在此处(here)(here)举报在线互联网(Internet)犯罪投诉。
在垃圾邮件、网络钓鱼和社会工程攻击的情况下,您可以保留通信作为证据,但如果恶意软件攻击可能已经破坏了您的系统,您不知道罪犯是谁,因此您无法取得太大进展在战斗中,靠自己。
这就是微软网络犯罪安全小组的(Microsoft’s Cybercrime Security Cell)用武之地。这是微软自己打击网络犯罪的方式,其想法是防止犯罪发生,而不是在犯罪发生后醒来。
Microsoft如何帮助减少网络(Cyber)犯罪
微软(Microsoft)表示,打击网络犯罪的第一步是使用安全、可靠和诚实的 IT(secure, reliable and honest IT)(从固件到操作系统再到云的信息技术)。(Information Technology)虽然受到良好保护的计算机确实会减少被黑客入侵的机会,但许多计算机都预装了恶意软件也是事实。这就是为什么微软(Microsoft)用了“诚实”这个词。您可能不相信许多计算机上都安装了盗版软件,并且以某种方式给出误报,从而使用户相信该软件是正版的。检测假软件的方法并不多(手动取证方法除外),并且这些软件通常与恶意软件捆绑在一起,将您的信息发送给创建假软件的网络犯罪分子。
微软(Microsoft)的网络犯罪(Cybercrime)页面称,在他们测试的样本中,几乎90% of computers使用盗版操作系统或盗版软件的计算机都预装了恶意软件。这意味着新的Windows PC 已经被感染,并且旨在将您的个人信息发送给网络犯罪分子。
微软(Microsoft)有一个庞大的网络犯罪研究小组,它以两种方式运作:
- 打击(Fight)犯罪分子通过垃圾邮件机器人等使用的恶意软件。
- 收集有助于他们为云等平台制作更好软件的信息。
微软(Microsoft)已经利用了来自网络犯罪分子的数千个垃圾邮件机器人,并将它们引导到(spambots)人工水槽或蜜罐(artificial sink or honey pots)中,从而使世界各地的计算机,特别是东亚(East Asia)太平洋地区的计算机安全。根据他们的研究,大多数受感染的计算机位于东亚和(East Asia)欧洲(Europe)以外的国家。然而,他们坐在Redmond一直在进行分析,以应对他们可以检测到的任何类型的恶意软件,并阻止它们进一步传播以遏制损害。
Using pirated software leaves your computer systems more open to malicious computer viruses, worms and Trojans? Or that as many as 65% of DVDs and PCs sold with pirated software in India are already pre-infected with malware that facilitates cybercrime?!
这些是微软印度的 Truthlabs(Microsoft India’s Truthlabs)报告的一些爆炸性发现
- 大约 65% 的样本包含不止一类恶意软件。
- (Auto-Dialer) 在 100% 的样本中发现了可造成巨大经济损失的自动拨号木马。(Trojans)
- 90% 的DVD样本在(DVDs)反盗版检查(Anti-Piracy Check)测试中给出了假阳性结果,从而欺骗用户相信安装的产品是正品。
用微软(Microsoft)亚洲(Asia)、法律(Legal)和企业(Corporate)事务部(Affairs)知识产权和(Intellectual Property)数字犯罪部门(Digital Crimes Unit)( DCU )区域总监(Regional Director)Keshav Dhakad的话来说,
“With fighting malware and cybercrime, we also want cybercriminals to know that Microsoft platforms will always remain hostile to their nefarious activities, and we will continue to invest in innovative technology and tools to enable us to fight newer threats to protect our customers. That’s where we’ve been successful in creating a secure, trusted and reliable environment-be it on-premise or on the cloud”.
微软(Microsoft)不仅在构建和重建其软件,而且还警告网络犯罪分子不要制造网络机器人和恶意软件。根据Keshav的说法,Windows 11/10是一个具有最高安全功能的平台,基于微软(Microsoft)技术的云服务还根据他们从网络犯罪单元收集的输入来保护他们的云。
相关:(Related:) 网络犯罪中的在线欺诈:预防、检测、恢复。
What is Cyber crime? How to deal with it?
Any crіme committed by means of or by using a computer and an internet connection or computer technology is known as Cyber Crime. There is not just a single aspect of the definition of cyber crime. The crime can be anything. It spans from malware injection to hacking to social-identity thefts and more. The scope of this article is to answer what is a cybercrime and how Microsoft deals with it.
What is Cyber crime – Definition & Explanation
Any crime to which, a computer, and the Internet or computer technology has been a part of, is known as Cyber crime. This is a very broad definition of cyber crime. If the use of any of the following activities is made, to carry out a crime – then it can be classified as a Cyber crime:
- Spamming
- Stalking, Extortion, Blackmail, Bullying
- Phishing. See how you can avoid Phishing Scams and Attacks
- Hacking
- Malware
- Exploiting vulnerabilities
- Social Engineering and Identity Theft (Fake emails, fake phone conversions using data obtained from the Internet, to get more information about you and your bank, cards, etc.)
These are just the most basic aspects of cybercrime that I can recall at the time of writing. There are many more aspects to the illegal business – and in each instance of the illegal activity, there is one or more computers and/or an Internet connection involved. Such an attack committed with a view to commit a Cyber Crime can be called a Cyber Attack.
We will read more about this in our next post on Types of Cybercrime. You may want to also read about Organized and Unorganized Cybercrime.
Cyber crime incidence
Cyber crime is rampant!
There are nearly 400 million victims of cybercrime each year. And cybercrime costs consumers $113 billion per year. India, followed by Pakistan, Egypt, Brazil, Algeria and Mexico have the largest number of infected machines involving malware developed outside Eastern Europe.
Says Norton:
- Cybercrime has now surpassed illegal drug trafficking as a criminal moneymaker
- An identity is stolen every 3 seconds as a result of cybercrime
- Without a sophisticated Internet security package, your Windows PC can become infected within 4 minutes of connecting to the Internet.
How to deal with Cyber crime – Prevention
Maintain good system hygiene. It goes without saying that you must have a fully updated operating system and installed software and a good security software to protect your computer – apart from having safe browsing habits.
Then, there may have been times when people may have contacted you claiming to be from a job portal or tech support or even your Bank and asked you for information initially and then maybe get you to make some payment for some imaginary service. Do not respond to such contacts. That is the first basic preventive step you can take. There are many who would fall prey to it and yet won’t report the matter.
To fight cybercrime, you have to report it, in case you have fallen prey. There is nothing to feel ashamed about! If an email or phone takes the aid of a known or popular service or brand, you should always alert the service or brand, that their name is being misused, so that they can take appropriate steps and at the least, alert their other customers to not fall prey.
Besides, if a cybercrime has made you suffer physical, mental, or financial loss, you can report it to the concerned department that every government has nowadays. Each country takes cybercrime seriously and has organizations that work actively to tackle the crime and to bring the criminals to justice.
If your system has fallen prey to a Botnet, you may want to have a look at some Botnet Removal Tools.
Report Cyber crime
If you are in the US, you can report to the Official Website of Department of Homeland Security. If it was a phone call or email, keep the logs and contents separately and securely as they will further help you. If it was a malware, you cannot do much except to hope that the organization, to which you have reported, comes up with some proper plan and takes some action.
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). As a victim, you can report online Internet crime complaints here.
In case of spam, phishing, and social engineering attacks, you can keep the communications as a proof, but in case of malware attacks which may have compromised your system, you do not know who the criminal is and hence you can’t progress much in the fight, on your own.
This is where Microsoft’s Cybercrime Security Cell comes in. It is Microsoft’s own way of fighting cybercrime and the idea is to prevent the crime from happening rather than waking up after the crime has been committed.
How Microsoft helps reduce Cyber crime
Microsoft says that the first step towards fighting cybercrime is to use secure, reliable and honest IT (Information Technology spanning from firmware to operating system to the cloud). While it is true that a well-protected computer would reduce the chances of it getting hacked, it is also true that many computers come with pre-installed malware. That is why Microsoft used the word “honest”. You may not believe that many computers have pirated software installed on them, and in a way that they give false positives so that users believe the software is genuine. There are not many methods to detect the fake software (except for manual forensic methods) and these software are often bundled with malware that sends your information to the cyber criminals who created the fake software.
The Cybercrime page of Microsoft says that in a sample they tested, almost 90% of computers using pirated operating systems or pirated software had the malware preinstalled. That means new Windows PCs were already infected and designed to send your personal information to the cyber criminals.
Microsoft has a huge cybercrime research cell which works in two ways:
- Fight the malware that is utilized by criminals via spambots etc.
- Gather information that helps them make better software for their cloud etc. platforms.
Microsoft has tapped the thousands of spambots originating from cybercriminals and led them to an artificial sink or honey pots, so that computers across the world, especially in the East Asia-Pacific region are safe. According to their study, most of the infected computers are found in countries situated in East Asia and outside Europe. However, they, sitting at Redmond, are running an analysis all the while to counter whatever type of malware they can detect, and stop them from spreading any further to contain the damage.
Using pirated software leaves your computer systems more open to malicious computer viruses, worms and Trojans? Or that as many as 65% of DVDs and PCs sold with pirated software in India are already pre-infected with malware that facilitates cybercrime?!
These were some of the explosive findings of Microsoft India’s Truthlabs report
- About 65 percent of the samples had more than one category of malware.
- Auto-Dialer Trojans, which can cause huge financial losses, were found in 100 percent of the samples.
- 90 percent of the samples in the form of DVDs gave false-positive results in Anti-Piracy Check tests, thereby cheating users to believe the installed product to be a genuine one.
In the words of Keshav Dhakad, Regional Director of Intellectual Property & Digital Crimes Unit (DCU), Asia, Legal & Corporate Affairs, Microsoft,
“With fighting malware and cybercrime, we also want cybercriminals to know that Microsoft platforms will always remain hostile to their nefarious activities, and we will continue to invest in innovative technology and tools to enable us to fight newer threats to protect our customers. That’s where we’ve been successful in creating a secure, trusted and reliable environment-be it on-premise or on the cloud”.
Microsoft not only is building and rebuilding its software, but it also warns cyber criminals against creating cyber bots and malware. According to Keshav, Windows 11/10 is one platform that has the highest security features, and that Microsoft technology-based cloud services have also safeguarded their clouds based on the inputs they gathered from their cybercrime cell.
Related: Online Fraud in Cyber crime: Prevention, Detection, Recovery.