1.

Types of Cybercrimes (Hacking, DoS Attacks, Identity Thefts, Virus Dissemination,

Distributed DoS)

Cybercrimes are illegal activities conducted using computers or networks. Hacking involves
unauthorized access to systems to steal or manipulate data. Denial of Service (DoS) attacks
overwhelm a system with traffic, making it unavailable to users. Distributed DoS (DDoS)
uses multiple compromised devices (botnets) to amplify the attack. Identity theft occurs
when personal information is stolen for fraudulent activities, such as financial fraud or
impersonation. Virus dissemination involves spreading malicious code that damages
systems or steals data. These crimes disrupt operations, cause financial losses, and
compromise privacy. Preventive measures include strong authentication, updated firewalls,
intrusion detection systems, antivirus solutions, employee awareness, and regular system
monitoring to identify and mitigate such threats early.

2. Breach

A breach refers to unauthorized access, disclosure, or retrieval of confidential information

from a computer system or network. It may result from hacking, weak passwords, phishing,
malware, or system vulnerabilities. Breaches often lead to data theft, financial losses, identity
exposure, and reputational damage. Types include data breaches, security breaches, and
privacy breaches. Organizations are legally obligated in many regions to notify affected
individuals and authorities when a breach occurs. Prevention strategies include encrypting
sensitive data, enforcing strong authentication mechanisms, conducting vulnerability
assessments, and applying regular security patches. Incident response plans help contain and
recover from breaches. User education also plays a vital role in minimizing risks from social
engineering and insider threats.

3. 2017 Threat Study

The 2017 threat study highlighted significant growth in cyberattacks targeting organizations
and individuals globally. Ransomware incidents surged, with WannaCry and Petya causing
widespread disruption by encrypting data and demanding ransom. Distributed Denial of
Service (DDoS) attacks became more powerful, leveraging IoT botnets like Mirai to
overwhelm systems. Identity theft and phishing scams also increased, compromising
millions of user credentials. The study emphasized the growing sophistication of malware,
the rise of zero-day vulnerabilities, and the need for proactive threat intelligence.
Organizations were urged to enhance incident response, apply timely patches, and adopt
multi-layered security measures. The report demonstrated how inadequate cybersecurity
awareness and outdated infrastructure contributed to the rising frequency and scale of attacks.
A zero-day attack in cybercrime is an attack that exploits a previously unknown security
vulnerability in software, hardware, or firmware, for which no patch or fix is available from
the vendor. Cybercriminals use these unknown flaws to gain access to systems, steal data, or
install malware, often with no immediate way for defenders to stop the attack. The "zero-
day" name comes from the fact that the software vendor has had zero days to address and fix
the vulnerability once it's being exploited.

How It Works
1. Discovery of a Flaw:
A threat actor finds a previously unknown vulnerability (a "zero-day vulnerability") in a
system.
2. Exploitation:
The attacker creates an "exploit" (a piece of code) to take advantage of this vulnerability.
3. The Attack:
The attacker then launches a "zero-day attack," using this exploit to compromise the targeted
system before anyone else knows about the problem or can prepare a defense.
4. The Aftermath:
Once the attack is underway or discovered, the vendor may have a "zero-day" window to
develop and release a fix, leaving users vulnerable during that time.

Why Zero-Day Attacks Are Dangerous

No Immediate Defense:
Since the vulnerability is unknown, there are no patches, security updates, or
countermeasures available, making existing security systems ineffective against the exploit.
Element of Surprise:
Attacks exploit the unexpected, catching users and security professionals off guard, as
defenses are not in place for the new threat.
High Success Rate:
The lack of awareness and available defenses makes these attacks highly likely to succeed.
Examples of Targets
Zero-day attacks can target a wide range of systems and entities, including: Operating
systems and web browsers, Corporate networks and large enterprises, Government
departments, Internet of Things (IoT) devices, and Individuals with access to valuable
business data.

To prevent ransomware, regularly update your systems and software, implement robust
email and web security, deploy strong antivirus and anti-malware software, use strong,
unique passwords with multi-factor authentication, practice regular, offline data backups and
test restorations, and train users on recognizing and avoiding phishing scams.
Proactive Technical Measures
Keep Software Updated:
Install security updates and patches for operating systems, applications, and firmware as
soon as they are available to close known security vulnerabilities.
Deploy Security Software:
Use comprehensive antivirus, anti-malware, and next-generation firewall (NGFW) software
to scan, detect, and block malicious files and suspicious data packets.
Enhance Email Security:
Implement email security filters to block malicious attachments and links and use Domain-
based Message Authentication, Reporting, and Conformance (DMARC) to protect against
domain spoofing.
Harden Endpoints:
Secure your devices by disabling macros in Microsoft Office applications and protecting user
accounts.
Use Strong Passwords & MFA:
Implement multi-factor authentication (MFA) and use strong, unique passphrases for all
accounts to prevent unauthorized access.
Network Segmentation:
Divide your network into smaller, isolated segments to limit the spread of a ransomware
attack if one segment is compromised.
Strategic & Procedural Steps
Regular, Offline Backups:
Create regular backups of your critical data and store them on offline devices or secure cloud
storage that is separate from your main network.
Develop an Incident Response Plan:
Create and regularly test an incident response plan to ensure you know how to react quickly
and effectively if an attack occurs.
Implement a Zero Trust Architecture:
Adopt a "never trust, always verify" approach to security, where access is continuously
verified, rather than relying on a traditional network perimeter.
Use a VPN on Public Wi-Fi:
Use a virtual private network (VPN) for encrypted communication when using public Wi-Fi
networks to protect your data from interception.
User Education & Awareness
Security Awareness Training:
Conduct comprehensive cybersecurity training for all users to educate them on how to
recognize and report phishing emails, suspicious links, and malicious attachments.
Verify Unknown Sources:
Avoid clicking on suspicious links or opening attachments from untrusted sources in emails
or on websites.
Avoid Unknown USB Drives:
Do not insert USB drives or other external storage devices into your computer if their source
is unknown.