̽��ֱ�� of Cambridge - Ben Collier

Lockdown 'helps fuel rise in cybercrime'

rg580 — Wed, 03 Jun 2020 10:24:06 +0000

That’s the warning from a team of researchers including Dr Ben Collier from the Cambridge Cybercrime Centre, part of Cambridge's Department of Computer Science and Technology.

̽��ֱ��researchers have been analysing data collected by the Centre from underground forums, chat channels and marketplaces used by cybercrime communities. And in a briefing paper they have just written for Police Scotland, they say it indicates that the social changes put in place in response to the coronavirus pandemic 'have stimulated… the cybercrime economy.'

Some of the cybercrimes taking place are new. For example, early in the lockdown, some scammers sent fake texts, purporting to come from the UK's HM Revenue & Customs, telling recipients they were going to be fined £250 for leaving their homes more than once a day.

And the researchers are also concerned that the rollout of the prospective NHS contact-tracing app has the potential to generate clear risks for those vulnerable to fraud. They warn that such people may be conned into handing over sensitive personal information by fake apps or scam texts purporting to be from the NHS.

“We’re also seeing some general repurposing of existing cybercrime,” said Collier. “For example, there have long been fake online shops, but now instead of selling clothes, they are selling face masks or bogus ‘cures’ for the coronavirus.”

And meanwhile, there has been a general rise in the levels of cybercrime. ̽��ֱ��Cambridge Cybercrime Centre has tracked a three-fold increase in ‘denial of service’ attacks from around 12,000 per day to close to 30,000 attacks per day. These attacks – which can be purchased for small amounts of money from specialised online services – can be used to knock others offline, often opponents in online games.

Such attacks, the report says, have serious implications beyond being a nuisance for gamers, as many of these children and young people will be sharing internet connections with siblings engaged in online or blended learning and parents working from home.

We are vulnerable to such risks, Collier and his colleagues say, because we are spending much more time online as we work, or school our children, from home. And it is partly happening because “many internet users, including adolescents and young adults, are currently confined to home with no school or work for much of the day. ̽��ֱ��increased boredom they feel may well be a key driver of online petty crime.”

“Anxiety over serious economic problems – such as job losses and business closures – may be prompting some people to step up existing harmful online activity as a means of generating income,” said Collier.

In their paper, the research team – Dr Collier, Dr Shane Horgan from Edinburgh Napier ̽��ֱ��, Dr Richard Jones from the ̽��ֱ�� of Edinburgh and Dr Lynsay Shepherd from Abertay ̽��ֱ�� – also voice their concerns about the potential for a steep rise in the volume of other online harms. These include online bullying, stalking and harassment of minority groups and victims of domestic abuse.

Their paper is a rapid response briefing aimed at offering guidance on the policing of cybercrime to Police Scotland. But its findings have relevance across the UK.

It says that while the UK has a sophisticated cybersecurity apparatus particularly at the national level, it currently lacks sufficient capability at the local level to police a significant increase in ‘volume’ cybercrime offences.

And it recommends that with levels of such crimes increasing, police forces need to engage more with their local communities and work with them on measures to prevent such crimes.

̽��ֱ��paper also recommends that police forces, including Police Scotland, immediately undertake a wide-ranging review of their cybercrime policing and prevention practices and capabilities to assess their current adequacy and potential future resilience in the event that the number of cybercrime offences increases significantly in the near future.

̽��ֱ��implications of the COVID-19 pandemic for cybercrime policing in Scotland: A rapid review of the evidence and future considerations’ is published by the Scottish Institute for Policing Research.

Take extra care before buying face masks or testing kits online, or responding to texts apparently sent to you by the UK Government or the NHS. Because while lockdown has helped reduce the spread of the coronavirus, it is also helping fuel a rise in cybercrime.

Anxiety over serious economic problems – such as job losses and business closures – may be prompting some people to step up existing harmful online activity as a means of generating income

Ben Collier

Photo by Philipp Katzenberger on Unsplash

Closeup of laptop computer

̽��ֱ��text in this work is licensed under a Creative Commons Attribution 4.0 International License. Images, including our videos, are Copyright © ̽��ֱ�� of Cambridge and licensors/contributors as identified. All rights reserved. We make our image and video content available in a number of ways – as here, on our main website under its Terms and conditions, and on a range of channels including social media that permit your use and sharing of our content under their respective Terms.

Yes

Prevention better than cure at keeping young users from getting involved in cybercrime

sc604 — Sun, 20 Oct 2019 23:20:52 +0000

̽��ֱ��study, by researchers from the ̽��ֱ�� of Cambridge and ̽��ֱ�� of Strathclyde, looked at four different types of law enforcement interventions, the first evaluation of the their effectiveness for this particular type of cybercrime.

They found that while high-profile arrests and sentencing of cybercriminals only lead to a short drop in the number of attacks taking place, the takedown of infrastructure and targeted messaging campaigns were strongly associated with a sharper and longer-term reduction in attack numbers. ̽��ֱ��results will be presented today (21 October) at the ACM Internet Measurement Conference in Amsterdam.

For just a few dollars, almost anyone can become involved in cybercrime through the use of ‘booter’ service websites, where users can purchase targeted denial of service (DoS) attacks. A DoS attack generates large amounts of traffic which overwhelm end users or web services, taking them offline.

DoS attacks have been used in the past as a protest tactic, but because of booter services and the relative ease of using them, they are commonly used by users of gaming sites, as a form of retaliation against other users – the largest booter provider carries out between 30,000 and 50,000 such attacks every day.

While DoS attacks are usually targeted at a specific end users, they can often cause collateral damage, knocking out other users or systems.

“Law enforcement are concerned that DoS attacks purchased from a booter site might be like a ‘gateway drug’ to more serious cybercrime,” said Ben Collier from Cambridge’s Department of Computer Science & Technology, the paper’s first author. “A big problem is that there is still relatively little evidence as to what best practice looks like for tackling cybercrime.”

“Even people running booter services think that booting is lame,” said Dr Daniel Thomas from Strathclyde’s Department of Computer and Information Sciences. “This makes the market particularly vulnerable to disruption.”

Collier and his colleagues from the Cambridge Cybercrime Centre used two datasets with granular data about the attacks from booter sites, and modelled how the data correlated with different intervention tactics from the National Crime Agency (NCA) in the UK, the Federal Bureau of Investigation (FBI) in the US, and other international law enforcement agencies.

While operating a booter service or purchasing a DoS attack is illegal in most jurisdictions, earlier research has found that most booter operators were unconcerned about the possibility of police action against them.

̽��ֱ��researchers found that arrests only had a short-term effects on the volume of DoS attacks – about two weeks – at which point activity went back to normal. Sentencing had no widespread effect, as attackers in one country weren’t affected by sentences in another country.

Taking down infrastructure – as the FBI did at the end of 2018 – had a far more noticeable effect, and suppressed the booter market for months. “This FBI action also reshaped the market: before, it was what you’d expect in a mature ecosystem, where there several large booter services and lots of smaller ones,” said Collier. “But now there’s really just one large booter service provider, and you’re starting to see a few smaller ones start to come back.”

̽��ֱ��most interesting results were around targeted messaging. From late December 2017 to June 2018, the NCA bought targeted Google adverts aimed at young men in the UK. When a user searched for booter services, a targeted advert popped up, explaining that DoS attacks are illegal.

“It’s surprising, but it seems to work, like a type of digital guardianship,” said Collier. “At the exact moment you get curious about getting involved in cybercrime, you get a little tap on the shoulder.

“It might not work for people who are already involved in this type of cybercrime, but it appeared to dramatically decrease the numbers of new people getting involved.”

While the researchers say this evidence suggests that targeted online messaging has the potential to be a potent tool for preventing crime, it also poses questions about what accountability structures might be required for its wider use as a police tactic.

This has already had direct policy impact, and the FBI and NCA have used this research to inform their strategies for dealing with booter services.

̽��ֱ��research was supported by the Engineering and Physical Sciences Research Council.

Reference:
Ben Collier, Daniel Thomas, Richard Clayton and Alice Hutchings. ‘Booting the Booters: Evaluating the Effects of Police Interventions in the Market for Denial-of-Service Attacks.’ Paper presented at the ACM Internet Measurement Conference 2019. Amsterdam, the Netherlands.

Highly-targeted messaging campaigns from law enforcement can be surprisingly effective at dissuading young gamers from getting involved in cybercrime, a new study has suggested.

A big problem is that there is still relatively little evidence as to what best practice looks like for tackling cybercrime

Ben Collier

Photo by Kevin Ku on Unsplash

Eyeglasses

Yes