What you should know about cybercrime

What is cybercrime?

By cybercrime, we mean online crime. While there are fewer and fewer robberies or vandalism, cybercrime is on the rise. About 1 in 5 businesses have to deal with it.

Stan Hegt is a specialist in digital security and an ethical hacker. Businesses hire him to break into their computer systems. This helps them find out where weaknesses are. And they can prevent criminals from exploiting them. "Not only large businesses are victims," says Hegt. "A hacker often targets many small businesses at once. Then it's always a hit."

Recognise cybercrime

Hackers attack your business in different ways. Often, the goal is to gain access to your login details or other sensitive information. They sell that data, use it to extort you, to impersonate you (business identity fraud), or to withdraw money from your account.

To properly protect your company against online criminals, it is important that you recognise the different types of cybercrime. Here are the most common ones:

Deceived by phishing

One of the most common types of cybercrime is phishing: criminals 'fish' for information via email, text messaging or WhatsApp. Take passwords, for example. The sender pretends to be someone else, asks you questions and pressures you to click a link. "Never click on links in messages from strangers and beware of unreliable attachments," advises Hegt. If you do click, the phisher gains access to your system and can install malware without being noticed.

Held hostage by ransomware

Did you click a malicious link or attachment? Then you could be 'held hostage' by ransomware. Ransomware is malware that locks your system, network, or data. You can no longer use your system or files. Do you want the key? "You only get it in exchange for ransom," says Hegt. Criminals often demand payment in crypto coins such as Bitcoin. Then it is more difficult for the police to track down the offenders.

System down due to DDoS attack

Another form of cybercrime is the DDoS attack, or Distributed Denial of Service attack. Criminals then send a lot of traffic to your server, website, or app via a network of computers (botnet). Your website receives so much traffic that it becomes inaccessible to visitors. DDoS attacks can be a distraction: while you are busy solving the problem, criminals try to steal your data.

Extortion and threat

A criminal can also threaten with cybercrime. That way, they do not have to carry out a major attack to get money from you. For example, a 25-year-old man was convicted to 2 years in prison after he extorted 9 online shops for thousands of euros. First, he carried out a short DDoS attack on an online shop. Next, he threatened bigger attacks and demanded an amount in Bitcoin.

Big consequences

All types of cybercrime can lead to a data breach. Criminals have then stolen sensitive data, perhaps even from your customers. This can have major consequences. For example, there was an accountant whose login data had been leaked. Hegt: "Cybercriminals were able to use this to log into an online accounting system. They adjusted supplier data there. This is how bills were paid to the cybercriminals."

Prevent cybercrime

You cannot always stop criminals, but you can make things difficult for them. With a few simple measures, you can protect your business from cybercrime.

• Tip 1: use two-step verification

  Before a cybercriminal attacks you, he gathers information about you. Think of login details from a previous data breach. Do not make it easy for them. Use unique passwords or a password vault. And use two-step verification. That is an extra access code or your fingerprint, in addition to your password.

• Tip 2: install the latest updates

  The cybercriminal tries to penetrate your computer systems by finding vulnerabilities. Make this difficult by always installing the latest software updates. These will repair the weak spots in existing software.

• Tip 3: protect your system and make backups

  Once the cybercriminal is inside your computer, he can lock your system or data. You can then no longer work with it yourself. Make sure you install good antivirus software and always make backups. A backup also makes you less susceptible to extortion.

Hacked?

Do you suspect you have been hacked? On Business.gov.nl, you can find extensive information from the Digital Trust Center on how to prevent cybercrime, test your existing cybersecurity measures, and what to do if you do become a victim.