E-Commerce Times, January 11, 2019, with comments from Satya Gupta
Cybercrime is becoming so costly it’s well on its way to becoming more profitable than the global trade of all major illegal drugs combined. And it’s costly to organizations. By 2021, it’s estimated that cybercrime will cost the US $6 trillion, double its cost 4 years ago in 2015*. This number is staggering by any measure, much less from illicit activities.
Cybercrime is complex and is comprised of many types of actions, from cyber attacks to spam to identify theft and more. The war against it is complex and endless. The battle takes place on many fronts, noted below.
It’s been around a long time but when a tactic works, criminals stick with the approach and that’s the case with phishing. Cyber criminals have used phishing techniques and social engineering to break into sensitive networks. At times they evolve and enhance their methods but overall, the primary approach targets users with fake emails containing malicious links that infect the organization when clicked. Email isn’t going away anytime soon, making it a cheap and simple way to execute these attacks, and users continue to fall for its tricks. This is also an area where organizations can fight back by educating their employees to recognize these phishing exploits as they become more and more clever at crafting imposter emails. Organizations must continue to take phishing an ongoing serious threat and defend against vigorously.
“Phishing will always continue as long as it works,” warned Satya Gupta, CTO of Virsec, a developer of data security software. In 2019 we can “expect it to become more targeted and specific to organizations,” he told the E-Commerce Times.
While not as old as phishing, ransomware is another threat that’s here to stay. Ransomware blocks users’ access to their data, creating panicked situation. Even more threatening on a large scale, it can jump to other devices, taking advantage of connectedness of the Internet of Things to access mobile and Web applications. Healthcare is a primary target for ransomware, having suffered over half of ransomware attacks so far.
“Ransomware will also continue as long as there are underprotected systems with data that hasn’t been adequately backed up,” said Virsec’s Gupta. “However, ransomware threats are increasingly being used as red herrings to distract from other types of attacks on critical infrastructure,” he added.
Protecting the Cloud:
Many organizations think the cloud is a secure environment but that trust is often unfounded. When choosing a provider, top of the list of priorities should be researching their proven ability to secure their environment. Especially since organizations as data owners, not cloud providers, are responsible for the data and liable for any breaches.
More threats abound for organizations, including digital ad fraud, and the criminal use of crypto currency.
Read full Biggest Cybercrime Threats article.
*Official 2019 Annual Cybercrime Report from Cybersecurity Ventures