Cyber crime is increasingly becoming a real threat that can affect anyone in the age of the internet and the complex network of countless individual devices. After all, cybercrime takes place wherever there are computers, but also wherever there are otherwise elements of information technology. Bluetooth boxes, smartphones, smart TVs and other Internet-connected devices are also becoming targets of cybercrime attacks these days, so cybercrime is also affecting more and more individuals.

Cybercrime definition and types of cybercrime

The definition of cybercrime generally states that it includes all crimes committed by perpetrators using modern information technology. However, a distinction can be made between two types of cybercrime:

• Attacks in which computer systems are used to commit the actual crime and
• Attacks in which the computer systems themselves are targeted.

Cybercrime explained in more detail

Cybercriminal attacks can thus be motivated in different ways, so to speak.

Computer systems are used to commit the actual crime: The aim of attacks in which computer systems are used only as a medium is usually to scam passwords and account details, for example access to online banking or access details for online shops, in order to ultimately enrich themselves financially. The best example of this type of cybercrime is phishing. Using fake e-mails from online shops, online payment services, etc, victims are pressurised to disclose sensitive data, which the criminals then use to obtain money, place orders under a fake name, etc.

Computer systems themselves are the target of the attack: If, on the other hand, the computer system itself is the target of the attack, the motivation is a malfunction or achieving unavailability of this system itself. This form of cybercrime is also known as a DoS (denial of service) or DDoS (internal linking to text) attack. When this happens to companies, the incident can be associated with major financial and also reputational damage (due to customer dissatisfaction as a result of the failure), which is why cybercriminals use this type of attack to put pressure on the company in question and blackmail it or draw attention to security gaps.

The best example of this type of cybercrime is hacker attacks. In these, computer systems are deliberately infected with malware, which should lead to the failure of all kinds of IT services. High-profile companies, as well as government agencies, hospitals and banks, are repeatedly affected by this type of cybercrime. Attackers may pursue extortion goals such as data theft and the like. However, there are also constructively motivated hacker attacks that highlight security gaps and aim to motivate their victims to improve security concepts.

Hacking as part of cybercrime - companies are challenged on cyber security

In the field of cybercrime, cases of hacking are a central theme for cyber security, i.e. protection against any organised, unauthorised access to IT systems.

More and more reports to police - cybercrime cases on the rise

There are an increasing number of cases of businesses of all sizes and individuals reporting cybercrime to the police. Every one of us has probably had a phishing e-mail in our inbox at some point and noticed that the fake e-mails are getting better and better, making them harder and harder to distinguish from the real thing. Meanwhile, phishers have almost perfectly mastered their criminal craft. The ubiquity of the internet and the resulting constant networking and vulnerability of a wide variety of devices make the danger of attack even greater.

Cybercriminals digitally cross country borders and remain undetected

With a little sleight of hand, it is now possible for cybercriminals to cross national borders and remain completely undetected. Often, the location of the attack is very difficult to trace, allowing the attackers to do great damage in secret. Often, victims of cybercrime cannot call the police until it is already too late, the criminals have already gained access and made off with money, data or other items of value. All the more important for individuals, but especially for medium and large enterprises: Ensuring the necessary IT security of IT infrastructures, IT systems and applications in advance with appropriate preventive measures. This means, for example, defining responsibilities and access rights according to the need-to-know principle. Reactive plans (e.g. to secure networks, etc.) can then be used to consolidate cybersecurity to best cope with all forms of cybercrime.