Computer break-ins
A computer break-in is the unlawful accessing of an information system. The Criminal Code defines a computer break-in as an act in which an access code is used without consent or a protection is broken in order to access a system. Computer break-ins or an attempt thereof are always offences that should be reported to the police.
The most common computer break-in methods
Computer break-ins are most commonly committed by stealing access codes from a user.
The most widely known method of stealing access codes is phishing. In cases of phishing, victims are tricked into giving up their access codes by, for example, presenting them with a log-in page that appears legitimate but collects the user’s access codes for use in criminal activities.
Computer break-ins are also committed by breaking through security systems using various methods. The aim is usually to exploit sensitive information or to make use of information stored in the system for purposes such as committing fraud.
Preventive measures
The most effective way of preventing computer break-ins that are made possible by phishing is to use authentication that uses two or more factors. When logging in to a system with multi-factor authentication, the user’s identity is verified with at least one additional method. The most widely known methods are separate authentication applications and sending single-use authentication codes via text message. Two-factor authentication can also prevent access to the system when a user’s access codes have been stolen.
The most effective way to prevent unauthorized access to information systems is to maintain the security of the devices.
The most important step is to ensure that systems are kept up to date. A significant portion of computer break-ins are committed by exploiting devices that have not received updates in order to access the system. Because of this, the first security measure taken should be updating devices and ensuring they remain up to date. Once devices are up to date, it is worth considering whether taking further measures to secure the information network might be beneficial for future security.
Minimising damage
The damage caused by computer break-ins can be minimised by actively monitoring systems and using a system to manage incidents. By doing so, the system’s administrator receives alerts about log in attempts that originate from unusual IP addresses or occur at an unusual time.
Managing incidents is also important because offenders are often found to be using ransomware. These programs attempt to cover the intruder’s tracks by blocking users from accessing information on the system.
With sufficient monitoring, unauthorized traffic on the system can be restricted. The spread of unwanted programs on the system can be limited and important information can be protected. It is also important that events are logged in sufficient detail to detect the actions taken by unauthorized users in the system.
Reporting a crime
Always report computer break-ins to the police.
Furthermore, it is important for private persons to contact their service provider, who can assist by temporarily closing the user account or by restoring it.
Organisations should verify how to manage their own information security in advance. It is important to be aware of how logs can be obtained and whether the organisation has the access rights to their own logs. Additionally, it is good to have clearly established responsibilities and an operational model for reporting an offence and securing evidence.