Cybercrime’s Psychological Impacts

The mental toll victims endure after they are targeted online 
April 11th, 2023
Author: Savannah Ciak 


Introduction 

When a malicious individual commits a crime online, on a network, or on a digital device, they have committed a cybercrime. Also referred to as cyberattacks, cybercrimes can affect people at home or work. The effects of cybercrimes can range from breach of confidentiality, compromised integrity, loss of accessibility, and financial damages.

Unfortunately, the “mental impact of dealing with a cyberattack as a victim is often overlooked” (Hulse). The aftermath of cybercrime can cause immense feelings of anxiety and paranoia and can have a lasting negative impact on victims. 

Source: https://unsplash.com/photos/lVF2HLzjopw 


Examples of Cyber Attacks 

Cyber attacks are malicious attempts to damage, disrupt, or gain access to unauthorized systems. Threat actors (those who intend to cause harm in the digital world) employ a variety of methods in their attacks. CrowdStrike, a cybersecurity company in Texas, outlines 10 of the most common types of cyber attacks (Baker). 

  1. Malware: Malicious software that is coded to impact a computer, network, or server harmfully. There are many different types of malware. Three of the most notorious subsets of malware include trojan horses, ransomware, and keyloggers. 
  2. Denial-of-Service (DoS): Overfills a network with messages that make it unusable. 
  3. Phishing: Uses emotional and social manipulation to gain an individual’s sensitive information. 
  4. Spoofing: A form of phishing in which the attacker disguises themselves as an authority. 
  5. Identity-Based: When an attacker uses a real user’s credentials maliciously. 
  6. Code Injection: Injecting malicious code into a network. 
  7. Supply Chain: When the attack is directed at an important third-party servicer. 
  8. Insider Threats: Attackers who are associated with or work in the company that has been attacked. 
  9. DNS Tunneling: The attacker re-routes DNS requests to their server instead of the user. 
  10. IoT-Based: Any cyberattack that targets Internet of Things devices. 

This list is not exhaustive of all potential threats and attacks. Every day, technology advances exponentially. The more it grows and the more it is used, the more threats appear. 


The Pandemic and Cyber Attacks 

The COVID-19 pandemic forced us into our homes, isolated, with online communication being one of the only viable means of connection. Some internet services reported an increase in usage from 40% to 100% compared to reports pre-pandemic (De’), and about 30% of American adults significantly increased their social media usage (Monteith). Many relied on the Internet to provide access to entertainment, work, school, and shopping. The online gig economy and remote job industry increased during the pandemic. Workers enjoy the flexibility of working remotely, and the trends have continued past the end of the pandemic. Almost every aspect of life has moved to the digital world – including crime. 

In 2020, the World Economic Forum reported a 50.1% increase in cyber-attacks (Lallie), a trend that continued into 2021 (Zerlang). With more people pushed online to conduct their everyday activities, they are faced with increasing threats. The frequency of ransomware attacks has increased exponentially, reportedly used in 25% of all breaches in 2022 (Kerner). A surge in frauds, scams, and breaches has created a hostile digital environment ripe full of potentially psychologically damaging threats. 

Source: https://unsplash.com/photos/hqenvhKfrLA 


Psychological Impacts 

Cyber attacks can cause a breach of trust and confidentiality for victims, which can result in serious mental stress. Cyber attacks are akin to traumatic events and can, in the worst cases, result in anxiety, depression, and PTSD. When an individual’s passwords are breached, money stolen, and identity erased, they feel vulnerable and powerless. The ramifications of an attack can last long after the initial breach – there can be a long-term struggle to recover “credit or loans, housing, employment or medical services” (Guynn).  

During the initial attack, panic typically sets in immediately for a victim. The fear of the unknown can be overwhelming. How much do they have access to? Is my data gone? Can they get to my money? How do I recover from this? Victims feel violated and fearful, having suffered what is “the digital equivalent of being robbed” (Clark). Workplace attacks can also cause a shattering of digital safety. Victims may be fired if their mistake at work leads to a cyber attack, which can devastate their financial and emotional well-being. 

Even when the attack is over, and the initial relief washes over, feelings of guilt and pity can creep in. Victims may question why they were targeted or may blame themselves for falling victim to something as simple as clicking the wrong link. These feelings can persist for days, weeks, or months after the attack. Feelings of anxiety and sadness can cascade into other health concerns as well, including sleeping disorders, eating disorders, alcoholism, and other unhealthy methods of coping with stress. 

Source: https://unsplash.com/photos/BuNWp1bL0nc 


Vulnerabilities

There are several factors that can increase a person’s likelihood of being targeted in a cyberattack and the likelihood of subsequent mental distress. Individuals on the internet are more likely to be targeted based on demographics such as age, online behavior, and impulsive tendencies. 

While it can be easy to assume that young children and elders are more likely to be targeted in social engineering schemes such as phishing attacks, the opposite is true. “Those aged 25 to 44 are most likely to be targeted”(Nolan) in phishing schemes. This statistic can partly be explained by the exponential increase in online shopping during COVID-19 among the same age group. 

Risking behaviors can also increase one’s risk of becoming a cyberattack victim. Those who search the dark web, frequently use USB devices, and connect to open wireless networks are putting themselves in vulnerable positions. “Impulsive online behavior like shopping, downloading music, and obsessive email use are tied to higher rates of falling victim to hacking,” (Paul) according to a Michigan State University report cited in MarketWatch and Irish Tech News. Impulsive individuals are more likely to fall victim to social engineering tactics because they take less time to think critically about the decisions they are making online. 

Companies are more likely to be targeted if they have poor cybersecurity infrastructure or if they harbor valuable, sensitive information. The industries that are most vulnerable to cyberattacks (typically in the form of ransomware) are small businesses, healthcare, government agencies, financial institutions, education systems, and energy/utility companies (6 Industries Most Vulnerable to Cyber Attacks).


Emotional Manipulation 

Social engineering attacks commonly manipulate a victim’s emotions. Threat actors will create online posts with links to “donate” to a charitable cause, playing on the victim’s empathy. Romance scams occur when an attacker creates a false identity to gain a victim’s romantic affection and trust. The attacker will then abuse that trust to gain sensitive information or steal money. Virtual kidnapping ransom scams prey on the fear of a victim. “The scam typically begins with a phone call saying your family member is being held captive. The caller may allege your daughter has been kidnapped and you hear a female screaming in the background… callers will typically provide the victim with specific instructions to ensure a safe return of the family member”(Beware of Virtual Kidnapping Ransom Scam). Such scams can be emotionally intense and appear all too real for the victims, leaving them with long-term psychological damage. 


Cyberbullying

Cyberbullying is the malicious use of technology to harass and bully a person while creating an imbalance of power. Such attacks on the internet can include intimidating messages, blackmail, revenge porn, rumors, and any other form of abuse. Cyberbullying laws vary state-to-state and internationally. In states where the laws specify cyberbullying as a crime, those who commit it can be subject to the same judicial persecution that a person who committed a cybercrime would be. The inconsistency of cyber laws can make achieving justice for victims extremely difficult. Victims of cyberbullying can experience severe emotional damage, including depression, anxiety, PTSD, and social isolation. 

Social media has exacerbated the issue, providing bullies with an easy way to target their victims. “According to a study by the University of Georgia, higher social media addiction scores, more hours spent online, and identifying as male significantly predicted cyberbullying perpetration in adolescents” (Kao). Social media provides anonymity and minimal retaliation for their actions. Cyberbullying is often difficult to detect, making prevention and help difficult to provide. 

Take a look at the CyberTech cyberbullying presentation to learn more about the effects of cyberbullying and how it can be mitigated. 


Prevention and Resources 

Preventing cybercrime requires awareness and proactive security measures. You can check out our team’s website, https://www.cybervt.com/, for more information about securing your digital landscape. Under the materials section, we offer great documentation and advice. If you or someone you know is experiencing emotional distress after a recent cyberattack, you can reach out to local or online mental health professionals. The Cybercrime Support Network offers great resources to get connected after an incident, and they offer steps for digital recovery and prevention. Know you are not alone if you are a cyberattack victim and ask for help when you need it. 


Works Cited:


Posted

in

by