Cybercrime Cases and Scenarios 

Cyber criminals are increasingly presenting us with creative cybercrime cases and scenarios as our digital universe continues to be connected. From our home devices to our cars, devices are beginning to be connected to each other via the Internet to share data and instructions.

In a security study, researchers were able to remotely access a car’s systems to control the car’s air conditioning system, play music from the car’s speakers, move the wipers, inject wiper fluid, and then change the display image to show who did it. Anything that is connected to the car’s central system or directly to the Internet can be manipulated once the hackers gain control of the systems.

Next time, when you hear that someone important died mysteriously in a car accident going 90 miles an hour hitting a tree without braking, remember that cars, planes, and drones can be manipulated from distance.

Device takeover such as in this case may occur in many ways. For example, malicious USB drives can be given to car owners as friendly devices to be used in cars which upon activation can load the required software for communication, monitoring, and vehicle control. Also, default passwords which were never changed and weak passwords can also be easily obtained and used to access systems.

Other cybercrime cases and scenarios include:

• Researchers were able to hack an internet connected toilet in Japan to flush the toilette, run the water, and flip the toilet lid up and down. Now why would anyone connect a toilette to the Internet where the risks outweigh the benefits?  Potential damage to households can include increased water bill, and stress related to repair cost and wasted time. Surely, there is a benefit of some devices being connected to the internet and controlled remotely. But not all things need to be connected to the Internet. This is a fundamental principle for information security professionals to assess the justifications of Internet of Things devices in their periodic security risk assessments.
• In the medical and healthcare field, drug infusion pumps can have their dosages changed, defibrillators can give shocks or prevent the shock, x-rays can be accessed remotely causing privacy issues, refrigerators storing blood and drugs can have temperatures changed, and digital medical records can be altered causing misdiagnoses or incorrect prescriptions to name a few.
• In a real attack, hackers controlled a baby monitor and even injected audio into the baby's room that made the parents jump from fear.
• There are also many cases of webcams being taken over to monitor businesses and households and record the activities for extortion or public display. These intrusive cybercrime cases and scenarios are not uncommon and can go undetected for a very long time.

Beating hackers at their game

A good way to beat hackers at their game is to hire friendly hackers who would hack systems for some benefits as well as feeding their motivation which includes money, ego, entertainment, and ideology. For example, United Airlines gave two hackers a million frequent flyer miles as a reward for discovering software vulnerabilities and identifying other security issues. This could be the best proactive strategy that companies can implement to beat hackers at their games.