2018 Top Cybercrime Facts and Why You Should Care
2017 saw some of the most devastating high-profile cyber attacks in the history of business. This happened despite tech giants constantly releasing security patches and updates. As the number of such attacks continues to rise, 2018 requires businesses of all sizes to be even more prepared given that cyber-criminals are not often selective when choosing their targets.
Below are some startling cybercrime facts that should inform your approach to cybersecurity in 2018 and beyond.
A hacker attacks an internet-connected computer every 39 seconds in the US.
The University of Maryland’s Clark School recently found that that 1 in every 3 Americans has already been on the receiving end of a cyber-attack.
While this statistic may apply to the United States, your business does not have to be located there for you to care. Cybercriminals exist on the World Wide Web and do not discriminate their targets based on geographies when perpetrating their crime. So, you can never really tell when you’re going to be targeted.
1 in 5 businesses faced at least 25-hours’ downtime from ransomware attacks in 2017.
Ransomware is the form of malware (malicious software) that a bad actor injects into your computer enabling them to take control of your system, denying you access to your data and threatening you with harm unless you pay up. The attacker usually demands a ransom in exchange for access to your files, even though, in some instances, the criminals do not fully grant access. Paying the ransom doesn’t always guarantee that everything will be restored.
A survey by Osterman Research found that ransomware attacks were the most common in 2017, leading to massive losses to businesses from the inflicted downtime. Many businesses had to shut down their systems for extended periods of time – up to 100 hours or longer.
Small to medium-sized businesses are increasingly vulnerable to cyber-attacks.
The number of SMBs that experienced a cyber-attack over the course of 2017 was 61 percent. This number was 55 percent in the previous year. Approximately 54 percent of these organizations lost employee and customer data due to cyber theft.
This information is consistent with a separate survey that found smaller organizations to be increasingly targeted because of their tendency to discover security breaches late. Small Business Trends reports that the percentage of cyber-attacks targeting small organizations rose from 15 to 43 percent of total attacks between 2011 and 2015. Smaller businesses and organizations tend to have fewer cybersecurity resources, hence are a favorite target for ransomware and crypto-jacking attacks.
Most threats emanate from the employees.
The human element within organizations remains the main point of weakness as far as cyber security is concerned. Negligent employees or contractors result in up to 54 percent of all data breaches. This is up from 48 percent the year before, according to the Ponemon Institute’s 2017 report on the State of Cybersecurity in Small and Medium-sized Businesses.
Cybercriminals frequently target the workforce with malicious emails and websites which an employee may easily click on, setting themselves up for malware attacks.
One recommended way to mitigate these kinds of threats is to train employees to practice some level of cybersecurity housekeeping. This can include simple acts such as logging out of their systems, not logging into company databases from unsecured Wi-Fi, as well as keeping their passwords secret.
Reminding employees of the importance of such good cybersecurity practices can go a long way in staving off ransomware and other cyber threats.
Global toll of ransomware attacks hit $5 billion in 2017.
Estimates indicate that the cost of ransomware damage reached $5 billion in 2017, which is more than 15 times the cost incurred in 2015; barely two years earlier. Businesses experience massive losses in downtime, related fines, and productivity losses. The actual amount of the ransom you pay only comprises a fraction of this overall cost.
The annual cost of cybercrime projected to reach $6 trillion by 2021.
The global toll of cybercrime damage is estimated to hit a whopping $6 trillion annually by 2021. This is because state-sponsored hacking and organized crime are projected to rise steeply making cybercrime more profitable compared to the worldwide drug trade. Unlike drug traffickers, cyber-criminals are difficult to catch and rarely are punished for their crimes.
Cybercrime continues to become more lucrative, making it more appealing to prospective and current perpetrators. And with the growing sophistication of the tech world, you can expect the tactics that cybercriminals use to evolve.
What can be done?
Expert assessments hold that organizations can strengthen their cybersecurity through some very basic measures. These foundational steps can readily be implemented.
Since most of the successful cyber attacks exploit the human element, plugging this loophole can work for both small and big companies alike. Start by educating your personnel about the cybersecurity Dos and Don’ts through such simple acts as putting up memos around the office with messages such as “do not share your password with anyone” or “log out the system when you finish.” Ask a local IT expert to come out and speak to your employees about the importance of cybersecurity.
Adopt the use of more secure emerging technologies.
Organizations that use various emerging solutions that are more hardwired to withstand cyber threats, such as Microsoft Office 365 products, report better protection against cyber-attacks. In light of the increasing cyber threats, consider using solutions that can not only detect existing threats, but also pre-empt, investigate, and respond to new threats even before they are executed. Most experts agree that the proactive approach to cybersecurity is the best way to go.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.