edit paper based on comments

The main objectives of this research are to evaluate the prevalence of online crimes among the soft targets, issues of privacy invasion, characteristics of cybercrimes, as well as the global trends in the spread of cybercrimes. In this research, the costs associated with the online crimes will also be discussed as well as the measure that has been taken by either individuals or agencies in remedying the situation. Information gathered from various scholar works to form an essential guide for this project.

The severity of the cybercrimes is highly attributed to the failure of individuals to put into use some security practices that may help in protecting their information when they share or access various social sites or communicate with other. This tends to make these individuals vulnerable to malware that may, in turn, collect their personal data. Phishing attacks are some frequent attacks that are usually launched on people who have little or no knowledge of security practices needed to protect their information. Phishing attacks are primarily launched through an email that may require one to fill personal details such as name, contact information as well as the credit card number. In turn, the information provided is collected by the attackers who use it to either commit a crime or steal one’s identity by transacting under the name of an unsuspecting individual. Such soft target individuals have little or no knowledge on the dos and don’ts of internet, they may not have even the purest form of anti-malware applications in the personal computers and this further exposes to more significant attacks that apart from collecting their information from their computers and smartphones they may be denied simple operations on their computers.

Prevalence of cybercrimes among the soft targets

Online crime soft target is simply people who are not well versed with an adequate understanding of security practices they need to put in place to secure their online activities. These soft targets can necessarily be individuals or organizations, especially small scale business that does not have proper security measures to protect them from online attack ((Saridakis, George, et al. 320-330). Lack of enough respires by organization and individuals to establish sophisticated incidence response measures or preventative measure has always been attributed to making one a soft target for cybercrimes. To develop security measures for individuals or an organization, one may be required to buy anti-malware or hire IT security personnel to manage security in an organization. For an individual, security may mean that one needs to purchase anti-malware, lack of resources, and perhaps ignorance may always make one a soft target.

Cyber-attacks on schools have increased over the last year, and this poses a question on the preparedness of schools in dealing with incidents and also makes one ask why the schools are becoming soft targets for cyber-attacks. Over the last few months, the number of attacks launched in schools has exponentially increased in the US. Although the motive of the attacks remains unclear in many circumstances, this poses more questions than answer on the security practices employed by various institutions in the US, the attacks which mainly target the student grades and the learning schedules have been the primary targets in these cyber-attacks (Von 97-102.). According to the FBI, schools are the soft target as they contain essential data and provide critical services to the public. Some of the schools which have been attacked include Coventry local school in Ohio whose systems was attacked and infected with the viruses. The school had to send more than 2000 student home earlier than planned to try and fix the incident. According to the reports, the school had no cybersecurity insurance.

The prominence of online attacks has been a significant cause of alarm among the majority of soft targets. According to the cybercrime statistics released in the year 2019, the majority of Americans are more worried about cyber-attacks that the violent attacks. It is estimated that 71 percent of Americans are concerned about identity theft and hacking. The statistics depict an increased in the cause of an alarm for Americans when it comes to cyber-attacks than any other forms of attacks by contrast only 24 percent of Americans showed their fears of being victims of terrorism while only 17 percent revealed that they feared being killed. The statistics depict high prevalence of online threats to individuals who are deemed to be the soft targets in the US.

There is a need to ensure that the population that is identified as a soft target is well versed with the security practices that they can employ in ensuring that their data remains safe whenever they access various social sites. Providers of social sites as well need to ensure that the information shared in their social sites remains confidential and personal and this could be done by beefing up the security of these sites as well as social accounts of their users. End to end-user encryption could be the solution to address the concern that has been raised in the recent past or individual’s social sites being hacked and personal information leaked to the public.

Exposure to cyber attacks

Researchers look at the issue of cyber-attacks among the soft targets in various dimensions, the question on what exposed them to the risks have as well-formed a great part discussion that has been going on for quite some time. According (Van de Weijer et al., 4), internet users have blame to bear when it comes to exposing themselves to online crimes. These authors argue that the increased cases of cybercrimes have been majorly motivated by the tendency of people presenting their personal information on the internet. To conscientiousness, emotional stability, and openness has exposed many people to cyberbullying. All this is attributed to the naivety of internet users who are prompted to sharing their data on social platforms without a proper understanding of the cyber risks they might be exposing themselves to when they share their information.

Technological adamants have also been a factor to blame when it comes to exposing soft targets to online crimes. The 21st century has seen a digital revolution where new technologies are born every day while others are rendered obsolete. This has been a significant threat to the security practices as hackers are seen to be ahead of security measures that people and organizations use to protect their information systems. Crime is seen to be far ahead to security practices used by people and entities; today, it is possible for a hacker to hack one’s social account within a couple of minutes. This would have taken a lot of time in the past as technology had not evolved to the level it is today. With new technology being born every day, hackers can always find a loophole in the existing technology and use it to penetrate ones account and accomplish their missions. Security practices have far been deemed to lag behind the crimes as in every security practice; there has been a loophole identified that attackers use to gain access to personal accounts of information systems of organizations. The advancement in technologies has seen even the most robust data security method, which is encryption, also face a threat. According to the report released by IBM, quantum computing could easily crack encrypted within a short period as opposed to hundreds of years that could be spent by a typical computer. With the advancement in technology, the time taken is likely to be shorter hence exposing many soft targets to many cyber-attacks.

The nature of cyber-attacks for among the soft targets.

Research shows that soft targets exhibit some unique aspects of cyber-attacks; this can be attributed to the information they possess or only the motive of the attackers. Social engineering attacks are the primary forms of attacks that are used by the attackers when they target these soft targets. Social engineering attack entails various ticks that when used, they lead to an individual sharing personal information that is in turn used by the attackers in accomplishing their missions. Since attackers are not sure of which tactic will work for them, numerous attacks can be launched on the soft targets. The attacks could be meant to deny the target access to essential operations in a system or to steal the stored data. Below are various forms of social engineering attacks that are usually used when targeting soft targets.

Phishing attacks are common forms of social engineering attacks. Phishing entails an attacker masquerading a trusted entity hence requiring the target to fill in personal information that may consist of emails. Credit card, number or social security number, this happens when a person follows a link that is usually provided by the attackers, and at the other end, an attacker collects the information keyed in by the unsuspecting individual. A phishing attack is the common forms of social engineering attacks. In which thousands of emails are sent to the targets requiring them to fill some information.

Another form of social engineering attack is pretexting; this involves a scenario where an attacker creates a good pretext. These pretexts are designed in such a manner that the targeted individual’s data can be stolen through this fabricated scenario. This form of attack frequently happens when an attacker to preteens that they want to confirm the identity of the targeted person and in doing so, an individual is required to provide some information so that his or her status can be verified. The data provided is hence used by an attacker in accomplishing the motive of the attack. In some situation, this form attack may take another level in which an attacker seeks to exploit the weakness in the security system of an entity, this can be done by an attacker pretending to be a security auditor who wants to examine the security protocols of an organization and hence through this he can gain physical access of an organization thus launching an attack.

Baiting is another form of social engineering attack that is somehow similar to a phishing attack, although it has some distinct feature that makes is different from phishing attacks. Under baiting attack, a soft target is lured with some gifts such as music, games, or a video. Here, a victim is required to provide his or her email address as well as other login credentials that are in turn collected by an attacker with an evil motive. The already surrendered login details are managed by an attacker. These are mostly the common forms of social engineering attacks that are mainly used by the attackers when targeting these soft targets. The applicability of these forms of attacks are due to the proneness of individuals in their online activities, for instance, soft targets do not have anti-malware installed on their computers, and this makes it easier for phishing attacks to thrive. On the other hand, people who are naïve, they may end up falling victims of baiting attack as they seek to enjoy gifts.

Crimes suffered by the soft targets

There are various online crimes suffered by the victims of online attacks; these crimes depends on the motive of the attackers and the access that an attacker may have on personal accounts or organizational information system. One of the typical crime suffered by the soft targets of cyber-attacks is identity theft (Nabie 206). Identity theft means a scenario whereby an attacker impersonate another person through the personal information that an attacker might have collected through an attack launched on a person. Hackers can fake to be a person and open an account, makes purchases through the stolen details of the victim and even commit crimes under the identity of a victim. According to the statistics released by a Gallup study, about 71 percent of Americans fear identity theft. Nearly 60 million American have been victims of identity theft. As a common form of social engineering attack to the soft targets, this form of crime was mainly carried out through stealing of personal information that the attackers used in making online purchases, committed other crimes using the identity of the victims. The nature of this crime renders the victims to be the main suspects in case a crime is committed under their name. Many victims end up not knowing what could have happened as they would not anticipate such crime to have been carried out under their names (Cleveland 2008)

Cyberbullying is another form of crime suffered by the victims of cybercrimes; there are various ways through which cyberbullying may occur, fundamentally the attacker invades the privacy and an individual and tend to expose personal information that a person might have kept secret. It is common to hear about celebrity accounts being exposed and their secret chats being leaked to the public, the impact of this has been cyberbullying which itself is a crime as well as the hacking of their confidential conversations. According to Marwick (177-191), privacy invasion has been on the rise in the recent past; this has resulted to increased cases of cyberbullying when a person is believed to have different ideologies than the most people in the community. The end result of privacy invasion and exposure of one’s private conversation result to cyberbullying which when not regulated and the victims not adequately counseled, many of them end up committing suicide while other suffer from mental disorders caused by the trauma experienced during the cyberbullying activities.

Depression is another form of suffering that victims of cyber-attacks suffer, many of these soft targets are mostly individuals who might have failed in employing security measures in protecting their personal information while accessing online services and social media platforms. Nude photos of celebrity and individuals have been the main target of the hackers in the recent past with the aim of ruining their reputation. As depicted by Warwick (1), exposure of celebrity nudes has been on the rise, the implications of this to individuals has been degrading, and apart from this impact, individuals tend to suffer from various psychosocial effects after they have been exposed to the public. Many of these victims suffer from traumatic experiences and depression. These people tend to feel guilty and hated by society the life owing to the response that their nudes might have received under the public eye. These victims may remain secluded and lowly in the community as each encounter with people may ignite their experience suffered, they end up spending days and nights alone trying to hide from reality. The emotional harm sustained during this period has a long-lasting effect on one’s health, and when not well managed through a continuous counseling process, victims end up suffering from more irreversible conditions that may claim their lives (Yan 998-1010). There needs to be immediate action taken to ensure that the victims of cybercrimes get the necessary help them in recovering from the harm that might have been caused.

Global trends in cyber attacks

The prevalence of cyber-attacks have caused an alarm in the worldwide arena; the statistical data for the year 2018 shows an increase in the incidences of cyber-attacks on individuals and organizations. Today cyber-attacks are more advanced than in the past, and they have employed advanced and scalable tools in infringing privacy of the targets people. Over since the year 2017, there has been an upward trend in the increase in the number of attacks, for the year 02017 alone,m more than 2 billion data records were compromised whole in the year 2018, 4.5 billion records were hacked in which half of these attacks happened in the first quarter of the year 2019. The upward trends in data breaches are heavily attributed to the advancement in technology as well as improved tricks used by the hackers in the hacking of personal accounts. Increased number of social media platforms that have weak security measures makes it easy for the attacker to access records kept by the individuals and organizations. While most of these attacks go unreported due to lack of proper reporting channels to deal with such issues, this has, in turn, made it hard for the necessary measures to be taken in addressing the security issues.

The number of cyber-attacks globally are expected to shoot higher, owing to the increase in the number of users of Information technology, which does not match d by the security measures. In January of 2019, 1.76 billion records were leaked; this data entailed personal information as well as chat information such as messages of individuals. The level s of attacks seems to evolve globally with attackers using new trends in the launching of attacks. With the US being the leading nation where attackers mainly target the soft targets, India follows the US with the number of attacks on personal information and privacy infringement.

The global cost of cyber cost on individuals and businesses has been massive costs, and identity theft has cost people billions of money. Business as well has suffered significantly through the same, disruption of business activities and ransom has led to massive losses to the markets. Acceding to the data released by Global data, ransomware is expected to cost businesses11.5 billion in the year 2019. This is a lot of money that is anticipated to be paid to hackers. A lot more is predicted to be spent in the process of data recovery for the businesses as they seek to have their lost data back. For the year 2019, the cost of data breaches is anticipated to shoot as high as 2 trillion. The upward trend is expected to be shown in recent years (Hansen 1155-1175)

In summary, the prevalence of cyber-attacks has drawn the world’s focus on the security measures that can be implemented to address the security challenges faced by the various individuals and organizations that are deemed to be the soft targets for cyber-attacks. Lack of proper knowledge on the security measures that need to be put in place by people and organization has always rendered them to the soft targets of cyber-attacks. The soft targets are mainly targeted through social engineering attacks that include phishing attacks and baiting to collect personal information (Romanosky, 256-286). The suffering that these soft targets have to endure include identity theft, cyberbullying among others that have led many of them have permanent scars on their lives, this calls for better security measures to be put in place to address this social and global menace in the digital era. Globally cucumber attacks have increased exponentially over the last few years. The implication of this has been increased losses for the businesses due to the disruption of business activities as well as a ransom paid to the attackers. With the increased number of cyber-attack US and India are the leading nation where many cyberattack cases have been reported, this calls for improvement of the overall security measures to be employed by business and individuals in thwarting these attacks.

Works cited

Cleveland, Frances M. "Cyber security issues for advanced metering infrasttructure (AMI)." 2008 IEEE Power and Energy Society General Meeting-Conversion and Delivery of Electrical Energy in the 21st Century. IEEE, 2008.

Hansen, Lene, and Helen Nissenbaum. "Digital disaster, cyber security, and the Copenhagen School." International studies quarterly 53.4 (2009): 1155-1175.

Marwick, Alice E. "Scandal or sex crime? Gendered privacy and the celebrity nude photo leaks." Ethics and Information Technology 19.3 (2017): 177-191.

Nabie Y. Conteh and Paul J. Schmick (2016); Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks

Saridakis, George, et al. "Individual information security, user behaviour and cyber victimisation: An empirical study of social networking users." Technological Forecasting and Social Change 102 (2016): 320-330.

van de Weijer, Steve GA, and E. Rutger Leukfeldt. "Big five personality traits of cybercrime victims." Cyberpsychology, Behavior, and Social Networking 20.7 (2017): 407-412.

Von Solms, Rossouw, and Johan Van Niekerk. "From information security to cyber security." computers & security38 (2013): 97-102.

Yan, Ye, et al. "A survey on cyber security for smart grid communications." IEEE Communications Surveys & Tutorials14.4 (2012): 998-1010.

Romanosky, Sasha, Rahul Telang, and Alessandro Acquisti. "Do data breach disclosure laws reduce identity theft?." Journal of Policy Analysis and Management 30.2 (2011): 256-286.