Welcome to the World of Modern Cybercrime

Cyber security is continuing to morph into a complex and overbearing problem of modern times.  It’s not just about volume, although that’s bad enough. It’s about the way that cyber criminals are targeting us and who they are targeting. Let’s get into some details.

The New Halloween Costume is a Cybercriminal Mask

We’ve just had Halloween, but nothing is as scary as the types of figures we see in regards to cyber threats. The photo above is of Anonymous (and these are the good guys...). Last year 317 million new pieces of malware were released onto the world stage. That is 317 million new threats, 317 million new ways that cybercriminals can steal your data, take your login credentials, clear your bank account out and damage your reputation.

Cybercriminals won't target my company - right?

And don’t think because you’re a small company you are somehow immune to this. Oh no, they want you even more. Cybercriminals love smaller organizations; they see you as an easy target, a sap. Several studies have confirmed this move towards hitting the smaller guys. PWC’s Global State of Information Security 2015 saw cybercrime against SMB’s rise by 64% between 2013 and 2014. This is a finding that Verizon concurs with - pointing out that 62% of data breaches were carried out against SMBs.

The rise in cybercrime against SMBs is due in part to it becoming easier to perform, allowing cyber criminals to widen their scope of attack. They no longer need to invest massive amounts of time and money in building a cyber crime plot; they just go on the dark web, buy some ransomware or other malware and send a few emails.  In fact they don’t even have to do that, they can infiltrate ad networks and without even as much as a click on an ad, you’re infected.

A Modern Crime Wave

Cybercrime against small business isn’t going away. As we’ve already seen, it’s just getting worse. This is a new wave, a new order and one we will have for the foreseeable future because people are making lots of money off the back of our insecurity.

An example of the big bucks to be made is ransomware, one of the most lucrative of these and one which is targeted at the SMB. Ransomware is a very popular way of hitting a small business. Becoming infected is easy and the amounts made are massive. The last estimate by the FBI stated that ransomware crooks made off with $18 million from U.S. businesses between April 2014 and June 2015, and that is probably grossly underestimated. Easy, big bucks mean that attacks against SMBs are here to stay.

A big reason cyber criminals like smaller organizations is because they are often part of a supply chain. There are many examples of major breaches of very large corporations that originated in a SMB that was somewhere down the supply chain. The Target breach of 2013 is a case in point. Target wasn’t directly attacked. No, instead the cybercrime gang hit Fazio Mechanical Services, a small business HVAC supplier who had been given privileged access to some of Target’s network. The smaller supplier was spear-phished, that is an employee was specifically targeted and their credentials stolen. Next thing you know, Target was breached to the tune of 110 million credit and debit card details. I doubt Target is a client of the HVAC supplier now.

Knock, Knock, Who’s There? A Cybercriminal, That’s Who.

We are all in this together, and we are all waiting for that knock on the proverbial door that infects our network. No one is safe from the new cybercrime wave. FBI Director Robert Mueller described the situation as, “There are only two types of companies.  Those that have been hacked and those that will be”.  The only thing we can do as a community of business owners is to be prepared and know how to prevent our company from being in the next round of cybercrime statistics.

Try WatchPoint's Security Solution
Free For 30 Days

In the next article, we’ll look at methods of preventing these sorts of attacks. They may be increasing, and they may be knocking on our company door, but payback is coming, and WatchPoint Data can show you how.