Knowing what the concept of cyber is before learning what cybercrime is will make it easier to fully understand the concept of cybercrime. The term cyber comes from its origins in cybernetics. Founder of cybernetics Al-Jazari is accepted. Cybernetics is briefly explained as the science that tries to adapt the nervous system of living things to computer systems. Cyber, on the other hand, means virtual reality that belongs to computer networks and the internet. Briefly, cyber is a word used to describe entities that include computers or computer networks. The word cyberspace, which is also frequently used, is also used to describe the space in which interconnected hardware, software, systems and people interact.
Cyber ​​crime is sometimes also seen with expressions such as computer crime, electronic crime, digital crime. Although we come across with different concepts, it basically covers the crimes against or using the information system.

As the cyber world expanded, it allowed some classical crimes to be committed more easily, and also revealed new types of cybercrime. Today, thanks to the facilities provided by the internet, cybercrime can be committed without having as much technical knowledge and skills as before. At the same time, an increase in the number of target victims was observed due to the increase in internet addiction of target users. In addition to these, information technologies have increased the communication skills of criminal groups or terrorist organizations, strengthened their propaganda opportunities and enabled the emergence of new fields of activity. 

Cybercriminals, that is, hackers, are defined as those who exhibit criminal behavior over information systems. 

 

Cyber ​​crime is generally divided into two main groups; 

1. Criminal activities targeting information systems

a. Illegal access to information system

b. Illegal interference with data transmission

c. Illegal interference with data integrity

d. Interfering with the operation of the information system (denial of service)

2.Criminal activities committed through information systems
a. Fraud and Fraud: Phishing is one of the methods used to obtain personal data belonging to someone else, such as identity theft. As with fraud methods, there are many types of phishing methods. Phishing is generally done via e-mail. Phishers make copies of popular sites such as Facebook, shopping sites or websites belonging to financial institutions, and publish them on the internet and direct the victims to these fake websites with different excuses they specify in the e-mails they randomly send. 

• Email and internet fraud. 
• Identity fraud (theft and use of personal information). 
• Theft of financial or card information. 
• Stealing and selling corporate data.

b. Cyber ​​harassment and blackmail: Cyber ​​harassment is the systematic harassment of a person through electronic communication means such as the internet and e-mail. Cyber ​​harassment is important because it is sometimes the beginning stage of more serious crimes such as threats and blackmail and sometimes wounding, rape and killing.

• Cyber ​​extortion (asking for money by threatening attack). 

c. Illegal Content Published Digitally 

• Illegal betting sites. 

 

Recent Cybercrime Examples: 

•  The WannaCry ransomware attack affected 230,000 computers in 150 countries. In this attack, users' files were locked and users were asked to pay a Bitcoin ransom in order to recover their files. It is estimated that WannaCry cybercrime causes financial loss of 4 billion dollars worldwide. (Malware attack example) 
• We met at the 2018 World Cup. According to reports by Inc., e-mails were sent to football fans in the World Cup phishing scam. With these spam e-mails, it was tried to attract the attention of the fans with fake free trips to Moscow, which hosts the World Cup. Personal data of people who opened these e-mails and clicked on the links were stolen.(Phishing Attack example) 
• It is a 2017 DDoS attack on the UK National Lottery website. As a result of this attack, the website and mobile application of the lottery administration collapsed, British citizens could not play games of chance for a long time.(DDOS attack example) 
• In March 2021, the London-based Harris Federation was attacked by ransomware and had to "temporarily" disable the devices and email systems of all 50 secondary and primary academies it governed. This resulted in more than 37,000 students being unable to access their lectures and correspondence. 
• A cybercriminal tried to poison the Florida water supply and increased the amount of sodium hydroxide to a potentially dangerous level. 

 

New Generation Cyber ​​Threats to Consider in 2021 

Cyber ​​risks are constantly developing and spreading, and being ready for changing cyber threats in order to combat these risks is the most important part of an effective cyber risk management strategy. Expected attacks in 2021 and beyond: 

1. Complex and systematic risks: Cyber ​​threat actors have emerged as the diversity of corporate networks increases and a complex structure is formed. is aware of the difficulty in management and develops a special attack method and tactic by drawing risk maps.
2. Use of offensive artificial intelligence as an example Deepface attack can be issued. Deepface attack is an artificial intelligence application that can professionally imitate human appearance and voice, indistinguishable from the real thing. It is possible to deceive the masses by pretending that events that have never happened in reality have happened by using this attack method. With the Deepface attack method, anyone's voice can be imitated professionally, from their facial expressions to their accent, from the harmony of their voice to their speaking style.
3. As the use of IoT devices increases, attacks against IoT devices have increased. Smart health systems, smart cities, autonomous vehicles, wearable devices can be given as examples of IoT.
4. Ransomware attacks.
5. In phishing attack methods, threar hijacking and whaling are new generation attack types.
6. API attack: Attackers who perform API attack threaten data breach. API (Application Programming Interfaces) is used by software developers to integrate with other products to allow applications and devices to share data with each other. Applications such as social networking sites and mobile application stores offer public APIs to provide easy access to users. 
7. DDoS Attacks: It involves overloading an institution's server with high volumes of traffic. These attacks have become quite common lately.
8. ZeroDay exploits: Security vulnerabilities that have not been discovered before are called ZeroDay.  
    

 Activity Dimension of Cyber ​​Attacks 

• RiskBased Security research, data breaches resulted in the release of 36 billion recorded data in the first three quarters of 2020. Despite this, the number of publicly reported violations has decreased by 51% compared to the same period last year.

• Deep Instinct, malware usage has increased by 358% and ransomware usage by 435% by 2020. He said that in July 2020 alone, there was a 653% increase in malicious activity compared to the same month of 2019.
• U.S. Healthcare Cybersecurity Market  According to the 2020 report, more than 90% of healthcare organizations have experienced at least one cybersecurity breach in the last three years.

 The Cost of Institutions Exposed to Cyber ​​Attack 

• To RiskIQ research According to , cybercrime costs organizations $2.9 million every minute, and large businesses lose $25 per minute due to data breaches.
• By IBM According to the research conducted, while the average attack costs $ 3 million 860, it takes an average of 280 days to detect and eliminate this attack.
• Brand Essence Research according to the research firm, the global cybersecurity market will be worth $403 billion by 2027, with a CAGR of 12.5%. The firm also states that the cybersecurity market is worth $176.5 billion in 2020.

CyberArts Information Security Team's recommendations for protection from cyber attacks; 

• Operating systems and software used must be up to date. 
• Complex passwords should be used. 
• Users should not use the same passwords on different accounts. 
• Every e-mail sent to our e-mail box should not be trusted. Attached files should not be downloaded and links that may be harmful should not be clicked. Incident response tool should be used for e-mails that may be Phishing. 
• It is necessary to be prepared for a cyber incident, that is, forensic evidence that a cyber incident may occur should be collected in a regular period. 
• A rapid and effective response should be made to the cyber incident. 
• After companies reach a certain size, they should establish SOC centers or receive SOC service as a service. 
• EDR/EPP solutions that “protect from the unknown” should be used at the endpoints. 
• DLP solutions should be used within the framework of effective and sustainable policies. 
• Security updates should be checked. 
• Awareness training should be given to end users. 

---