How do Hackers Normally Get Caught?

February 4, 2019 2:22 pm Geraldine Strawbridge

The growth of cybercrime in recent years has been truly staggering. The age old saying that crime doesn’t pay has unfortunately been knocked on its head as cybercrime has become an increasingly lucrative and profitable business.

It has relatively low risks compared to other criminal activities and cybercriminals have realised that they can make more money, with less risk of getting caught, and receive smaller penalties if they do get caught, by manipulating technology for their own gain.

According to research conducted by security firm Bromium, the highest earning cybercriminals are earning up to $2m a year, mid-level criminals up to $900,000 a year, and entry level hackers are making roughly around $42,000. It’s clearly a booming business that’s attracted the attention of criminals who are keen to capitalise on this growth market.

In the past, cybercrime was committed mainly by individuals or small groups. However, in today’s increasingly connected world, we are seeing organised criminal networks commit these crimes on an unprecedented scale.

These criminal gangs act with impunity, they can hide behind software that obscures their identity and use the anonymity of the internet to commit these attacks without fear of reprisal.

Cybercriminals will use malwarephishingDDoS attacks, and host of other tactics to target vulnerable companies and individuals that have poorly protected data. Hackers follow the money and our data can be used to commit identity fraud, traded on hacker’s forums or sold on the dark web.

The dark web provides the perfect platform for hackers to trade their stolen data. It can only be accessed using specialist software, and any websites hosted on the dark web are encrypted and can’t be found using traditional search engines or browsers. This is a huge draw to those criminals that want to evade the law and continue with their digital crime wave.

In the UK, Cybercrime and fraud are now the most common offences, with almost one in ten people falling victim. More than five and a half million cyber offences are thought to take place each year which accounts for almost half of all crime in the country.

Despite the scale of the problem, more than 80% of all fraud offences are not reported to the police, meaning that many of those responsible can operate without fear of ever been caught.

Cybercriminals are rarely caught and prosecuted because they are virtually invisible. Crime has transformed with the digital age and police forces around the world are now having to rapidly adapt in order to tackle the problem.

The global nature of the problem has called for a global response, and many international law enforcement agencies such as the FBIScotland Yard and Europol are now working closely together to take down some of the world’s biggest cybercriminals.

Why is it so difficult to catch hackers?

Due to the sophisticated tactics that hackers use to cover their tracks, it’s extremely difficult to catch them and bring them to justice. Only 5% of cybercriminals are apprehended for their crimes which demonstrates just how challenging it is for law enforcement agencies to arrest and prosecute these offenders.

Hackers will often use secure software such as a proxy server to hide their identity and funnel their communications through lots of different countries in order to evade detection. Other technologies like Tor and encryption enable them to add multiple layers to mask their identity. The combination of these tools allows them to commit their crimes undetected and in countries where they know they can’t be prosecuted.

Tracking hackers down is laborious and often takes a lot of time, collaboration and investigative research. Specialist cybercrime units need to be assembled in order to retrieve and analyse any potential evidence. Encrypted files will need decrypted, deleted files recovered and passwords cracked.

How are hackers caught?

Despite what may seem like an insurmountable task, hackers are human and make mistakes. It’s often these careless errors that will trip the criminals up and leave a trail of evidence that the police can follow.

This was evident in the 2016 Bangladesh Central Bank attack, where hackers breached the system and stole payment transfer credentials worth $81m. They attempted to steal a further $1bn but a small spelling error in the transfer order alerted an employee who immediately blocked the transaction.

The type of malicious software used in an attack can also provide valuable clues that can help police identify the country or individual behind the hack. Security researchers were able to determine that the malware used in the Bangladesh Bank attack was also used in the 2013 Sony Pictures attack, a failed bid to steal $1m from a Vietnamese bank, and an attack on South Korea’s top broadcaster and banks. The code used within all the attacks was identical and pointed towards a coordinated attack from North Korea.

The majority of cybercrimes are financially motivated, however for a large number of hackers it’s the thrill of the hack and the excitement of bringing down a company’s computer system that motivates them. Following an attack, many will turn to hacker’s forums to brag about their exploits and this often provides police with the vital clues they need to start identifying the person responsible.

Honeypots have also proved an effective way to lure cyber criminals in and find out more about how they operate and who they are. Essentially, they’re a decoy computer system set up to mimic a likely target for an attack. The systems will contain data and applications that will trick hackers into thinking they are attacking a legitimate target.  The information gathered from these dummy attacks can provide valuable information on who is responsible and if there are any similarities that links the individual to other attacks.

There’s no doubt that catching hackers is a difficult task and as long as they are continuing to generate such huge profits, the cat and mouse game will continue.

To ensure your employees are equipped to deal with the most up to date security threats, it’s vital they receive regular Cyber Security Awareness training.

MetaLearning is the next generation of eLearning and it’s been specifically designed to provide the best possible Cyber Security and Privacy training for your staff. It enables organisations to build bespoke courses for their staff from an extensive library of short eLearning courses. The courses are easy to create and can be personalised and branded to make the content more relevant to your employees. Get in touch for further information on how MetaLearning can be used to transform Cyber Security training within your organisation.