Criminal Law Library Blog
Cyber risk is one of the great concerns sitting at the top of any government, as hacker attacks and other security breaches have the potential to jeopardize the global economy and other aspects of everyday life. Wide reporting indicates the proliferation of cyber attacks worldwide at a substantial and increasing rate, thereby unleashing severe damage to companies, governments and individuals worldwide. This proliferation of widespread attacks is creating an increasingly urgent need for greater cybersecurity for those in all sectors utilizing online networks. Users include governments, corporations, various other organizations and individuals who stand to benefit from the greater convenience, efficiencies, and sometimes cost benefits made available through online use.
Cyber criminals and others in the business of victimizing online users also benefit. While some may be primarily interested in creating mischief, which can itself prove harmful, professional cybercriminals are usually looking for much more. Usually, the basis of their primary motives comes down to either money or power. For purposes of classification, their motives are typically grouped into one or more of the following three categories:
- Denial of Service. The motive for this type of attack is usually revenge. Some attackers may launch DDoS attacks as retaliation against a person, organization, or business that they perceive has wronged them. Some attackers may similarly target a competing business or organization to disrupt their services and gain an advantage in the market.
- Stealing of Information for Internal or External Use. There is a recent case where an employee at a corporation used a network to steal data to sell to a competitor.
- Ransomware. This type of malicious software is designed to block access to a computer until a sum of money is paid. While some simple ransomware may lock a computer without damaging any files, more advanced software, sometimes called malware, is often used to encrypt the victim’s files, making them inaccessible with the cyber criminal demanding a ransom to be paid before making the files available again. The primary motive for ransomware attacks is usually to get money from encrypting the data of victims. Several such attacks have resulted in huge sums being paid by the victim.
One element that relates to all of the above categories is the concept of risk. It seems plausible that all cybercriminals in these and other categories take risk assessment into account, whether consciously or unconsciously, when planning to commit a crime. Thus, those responsible for developing and implementing strategies and guidelines for improving cybersecurity need to incorporate risk assessment and management as part of their planning.
In recognition of the above, it is obvious that the need to protect network users by providing greater ongoing cybersecurity is paramount. As computers become increasingly powerful, networks more extensive, and innovation more dynamic, there is an existential need to be even more vigilant in ensuring extensive cybersecurity for the benefit of us all.
For those who wish to pursue this topic in greater detail and to further explore how to address the urgent need for greater cybersecurity, the following sources may be helpful. For those in the United States, particular attention may also be given to the White House National Cybersecurity Strategy Report released this July. Not everyone will want to read the complete Report, but the Fact Sheet can be useful.
What is Cybersecurity and Why is it Important?
National Security Agency’s Top Ten Mitigation Strategies
U.S Department of Defense. Cybersecurity Resource and Reference Guide.
White House, National Cybersecurity Strategy July 2023, With Fact Sheet
J.P. Morgan. 12 Tips for Mitigating Cyberattacks
For those in Europe: