“There are two types of companies: those who have been hacked, and those who don’t yet know that they have been hacked.”
These grim words from Cisco CEO John Chambers highlight the landscape of increased risk that companies and governments have been functioning in during the recent past. As more and more business has migrated to be conducted online, the associated risk of cybercrime has increased hundredfold.
Unfortunately, as risk for companies has increased, so too has reward for cybercriminals. While most cyberattacks target small businesses, the costs can be astronomical. The global average cost of a data breach is $3.86 million, meaning that the stakes of cybersecurity are high. But are they here to stay?
Cybercrime and COVID-19
During the COVID-19 global pandemic, cybercrime worldwide has increased by up to 600%. There are various reasons behind this sudden surge. While cybercrime trends are still being analyzed, some explanations are thought to include:
- Response lag time – Many IT security departments were underprepared for the sudden need to work from home for so many employees at once. VPNs were not always readily accessible in the first months of the pandemic, and many companies faced ongoing onboarding difficulties adjusting to working remotely.
- Less secure networks – On average, home networks tend to be less secure than corporate ones, for the simple reason that they have never needed to be before. Now, however, companies have hundreds of employees logging in from different remote networks, including some who lack reliable connections or are even using public access WiFi. These disparities have highlighted the need for different network security models. Additionally, working from home has been associated with a higher likelihood of falling for certain scams. For instance, Deloitte reports that 47% of individuals fall prey to phishing scams while working from home.
- Heightened environment – For many, the pandemic created an atmosphere of heightened risk, fear, and misinformation. In these circumstances, online scammers have thrived. Many new avenues of cybercrime have opened up for unscrupulous individuals taking advantage of this atmosphere of uncertainty. Cybercriminals posing as official sources like the Center for Disease Control and Prevention (CDC), World Health Organization (WHO), fake coronavirus-related news websites, or fraudulent vaccine providers have been able to con their way into gaining privileged and personal information from people simply looking for answers.
- Risks of remote information sharing – Some companies, like Zoom, were targeted precisely for their sudden rise in value during this difficult time. Half a million Zoom accounts were targeted in a widespread credential stuffing hack, leading to the compromise and sale of users’ personal information on the dark web.
Is Cybercrime Here to Stay?
In some ways, the links between the COVID-19 pandemic and increased cybercrime might point to the problem’s surmountability. As society collectively copes with the fallout from the pandemic, some of the risks have been reduced or mitigated as businesses and individuals begin to adapt. Working from home, once a dramatic shift, has since become more accessible and secure. People begin to become wise to the risks of scammers capitalizing on the precarious situation, and more wary about sharing personal data. Data sharing platforms additionally have begun to take extra measures to secure their perimeters, just as new methodologies like zero trust erase the concept of the trusted perimeter altogether.
These evolutions point to a collective shift in the management of cybercrime activity. In a recent survey by Fudo Security, 42% of global information security leaders say that the pandemic has realigned their cybersecurity priorities. Investment in remote devices, increased training for employees, and developments in cloud-based security all point to a new kind of proactivity that could decrease the damage done by cybercriminals moving forwards.
Recent Rates and Risks of Cybercrime
In the meantime, coping with increased cybercrime has become more important than ever. The only way to circumvent cybercrime becoming the “new normal” is to assume that it already is. This means taking steps to protect your business and your data from suspicious activity, and reducing the spread and fallout of breaches.
Globally, 30,000 websites are hacked every day. Every 39 seconds, there is a new attack somewhere online. The internet has never been more valuable, nor more dangerous. And smartphones, with increased internet capabilities, are now at more risk than ever before. Around 24,000 new malicious apps are blocked daily, with more being developed constantly.
Moving Forward in the “New Normal”
While updating and maintaining network security is one important way to secure virtual perimeters, an increased investment in training and awareness is another key method to reduce online risk. 95% of breaches are reported to be caused by human error. Meanwhile, 94% of malware is no more sophisticated than receiving a suspicious email. Not all cybercrime takes the form of new methods or insurmountable obstacles. A renewed investment in training, vigilance, and common sense can go a long way towards reducing your business’s risk.
Cybercrime has assuredly been on the rise, consistently rated as one of the top 5 risks of the past few years. However, with this increase comes a renewed collective investment in cybersecurity, as well as recent advances in the field. With reducing risk as a shared goal, businesses, governments, and individuals can hopefully all take steps to make the internet a safer place to be.