Global Trends in Cyberlaw in 2019

GLOBAL TRENDS IN CYBERLAW 2019

Technology has seeped into everyone’s pockets these days, smartphones have now become a commodity which is essential if a person wants to exist in today’s world. But the ease of access of being on the internet has not come without a price. In 2019, it is not just technology that has advanced but as well as the ways in which this new technology can be compromised. Companies and brands are so quick to dispense out new technology that they do not really check into its safety, and thus end up creating holes in its security which are easy to exploit for hackers. The amount of data breaches in 2019 alone has left millions of people’s data exposed. It not only included the infamous Facebook data breach, for which Facebook’s founder Mr Zuckerberg had to face the wrath of United State’s Supreme Court and Google storing its users’ passwords in plaintext, completely unprotected and in the grasp of hackers,[1] Baltimore’s County Public Schools(BCPS) website was also found containing a security flaw that exposed a high amount of sensitive data about the students and staff members, which included their home addresses and medical conditions, which can potentially expose children to the lurking pedophiles anywhere around the area.[2] There were also innumerable potentially smaller cyber attacks throughout the world, including the breach of personal data of LabCorp, which is a testing giant where details of patients like addresses, phone numbers, dates of service, providers and balance information as well as their credit card and bank information had been exposed in the American Medical Collection Agency’s(AMCA) data breach, Atleast 7.7 million LabCorp patients were affected by the data breach. [3]

A new form of hijacking called “cryptojacking” came onto the surface, which takes over the new web currency called cyrptocurrency. What occurs in cryptojacking is pretty similar to phishing, where hackers either get the victim to click on a malicious link in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.[4] They basically take unauthorized access of someone else’s computer to mine cryptocurrency. Cryptojacking does not even require high amounts of technical skills, they have cryptojacking kits available on the darkweb for as low as 30$, which makes it capable for even small-time hackers to get along the trend of cryptojacking.[5] “Hackers see cryptojacking as a cheaper, more profitable alternative to ransomware” said Alex Vayskith, who is a co-founder and CTO of SecBI. Firstly cryptojacking has a much higher percentage of working than ransomware, with ransomware a hacker may infect 3 out f a 100 computers, but with cryptojacking all 100 of those computers will work for the hacker, and they will continue to mine cryptocurrency for him till they are caught, therefore meaning that cryptojacking pays dividends to the hacker till the time it is caught, unlike ransomware where the payment is just done once.[6] The risk involved in cryptojacking is also not as high as ransomware attacks, thecryptojacking code runs in the background, which makes it harder to identify and even if it is identified the code is such that it is very hard to trace the source of the code, plus the victims did not lose anything of their own or have been denied access to their computers by encryption, therefore they do not pursue to track down the source of the cryptojacking code.

 

[1] https://www.wired.com/story/google-stored-gsuite-passwords-plaintext/?

[2] https://cyware.com/news/baltimore-county-schools-found-exposing-highly-sensitive-information-on-students-and-staff-members-232c733f

[3] https://cyware.com/news/around-77-million-labcorp-customers-impacted-from-amca-data-breach-c3edd754

[4] https://www.csoonline.com/article/3253572/what-is-cryptojacking-how-to-prevent-detect-and-recover-from-it.html

[5] ibid

[6] ibid