As businesses increasingly rely on digital platforms and interconnected systems, the risk of cyber threats becomes more prevalent. Learning about cybersecurity is essential for employees to understand and mitigate potential risks, safeguard sensitive information, and protect the overall integrity of the enterprise. A well-informed workforce can contribute proactively to the organization’s security posture, fostering a culture of awareness and responsibility.
In this three-part series, we outline: the state of cybercrime today and the various forms it can take, the nuances between the crimes and the policies that can help provide protection, and finally, the potential consequences of cyber crime, and best practices in implementing robust security measures.
The State of Cybercrime
Cybercrime is on the rise and no one is immune. Cybercrime refers to criminal activities conducted through the use of digital or computer networks. It can be carried out by individuals, organizations, or even nation-state actors.
The motivation is almost always financial gain; however, cybercrime can also be committed for political or personal motives.
Cybercrime involves various activities, including hacking, data breaches, identity theft, phishing, ransomware attacks, fraud, and more. It is important that individuals and companies understand the unique risks they face
With essentially every business (and individual) using the internet for daily activities, the threat of falling victim to cybercrime has never been greater. Threat actors can gain unauthorized access, steal sensitive information from Personal Identifiable Information (PII), Payment Credit Industry (PCI), or Protected Health Information (PHI), and disrupt systems or operations; all it can take is one careless individual.
- For businesses, cybercrimes can lead to financial losses, reputational damage, legal liabilities, and much more.
- For individuals, cybercrimes can lead to financial loss, emotional distress, and compromised personal security.
Small to medium-sized enterprises (SMEs) are especially vulnerable to cyber events, as cybercrime tactics, including social engineering attempts, are more commonly aimed at SMEs than larger companies. This is why 50% of SMEs have experienced a significant cyber incident in the past 12 months. Cyber insurance companies must stay ahead of the game by developing new policies that are broad enough to cover evolving attacks while also providing protections against business interruption and data breaches.
At Cowbell, our primary mission is helping SMEs protect their systems from these kind of attacks and be a resource for you.
Forms & techniques of cybercrime
Cybercrime is defined as criminal activities conducted through the use of digital or computer networks.
Common forms of cybercrime involve social engineering, cyber extortion, ransomware, and distributed denial of service attacks.
Social engineering is an umbrella term that encompasses many types of crimes, including fraud. At Cowbell we define social engineering as someone impersonating the Insured’s client/vendor/employee to deceive the Insured into transferring money to a bad actor. As mentioned above, these attacks are most commonly targeted at SMEs. Some of the most common forms of social engineering include:
- Phishing – Phishing is a form of social engineering in which a cyber threat actor poses as a trustworthy colleague, acquaintance, or organization to lure a victim into providing sensitive information or network access. Phishing can come in the form of email, text message (smishing and phone call (vishing)). According to the Cybersecurity & Infrastructure Security Agency (CISA), 84% of employees fell victim to a phishing attack within ten minutes of receiving the malicious email. Sometimes, you may even hear of spear phishing, which is when an email is targeted at a specific individual or department within an organization, or whale phishing, which are emails targeted at high ranking or senior members of an organization. Phishing can include techniques such as:
- Business Email Compromise – where the threat actor compromises an executive’s email account to manipulate the target. In 2022, BEC totaled more than $2.7 Billion in adjusted losses submitted to the FBI Internet Crime Complaint Center.
- Wire transfer fraud – when a threat actor poses as a trusted source, usually a vendor, company, or family member, and requests an immediate wire transfer of funds.
- Invoice manipulation – when a threat actor infiltrates an organization’s network and uses the corporate email account to send clients or vendors fraudulent invoices that redirect payment into the threat actor’s bank account.
Social engineering example:
An example of social engineering, as executed through a vishing campaign – Tina, the owner of Peppermint Bakery, receives a phone call from a threat actor, posing to be a technology expert. Since Tina’s computer had been randomly shutting down for several weeks, she was delighted to find out that someone contacted her to help. The threat actor offered to help Tina with free IT assistance and technology improvements in exchange for login credentials. Ready to put the computer issues behind her and fully trusting the threat actor posing as the IT professional, Tina proceeded to provide him with his requested information.
Remember: If an offer sounds too good to be true, it is most likely a scam and not legitimate.
Another common cybercrime is cyber extortion. Cyber extortion is an umbrella term encompassing various forms of digital blackmail, where perpetrators demand ransom from the victims to prevent harm or disruption, or to provide decryption keys to data or systems the bad actor has locked up. Some common forms of cyber extortion include:
- Ransomware – a type of malware that is designed to encrypt or block access to a computer system until a ransom is paid, is a form of cyber extortion. According to the FBI Internet Crime Complaint Center, ransomware accounted for more than $34.3 million in total reported losses in 2022.
- Distributed Denial-of-Service (DDoS) – a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. (DDoS attacks on financial sector have grown by 121% year over year)
To help understand cyber extortion, take Sarah, who runs a successful online small business as an example. Amid the holiday rush, she distractedly falls victim to a phishing email that installs ransomware on her company’s servers. All her files become encrypted and a pop-up demands $10,000 ransom for a decryption key. The threat actors threaten to double the ransom if it is not paid within 72 hours, with a final warning that the decryption key will be permanently deleted after another 72 hours.
Other cybercrimes include:
- Insider threats – is the potential for a person to use their authorized access or understanding of an organization to harm that organization. (65-70% of all security incidents arise from insider threats to system and data security)
- Cryptojacking – when a threat actor gets unauthorized access to a computer system and uses it to mine for digital currency.
It’s important to note that as people get savvy about social engineering and cyber extortion, cyber criminals will resort to newer tactics. Understand your industry, the associated risks, and stay vigilant and you will have a far better chance of preventing cybercrime.
Stay tuned for part 2 next week, where you will learn about the nuances between cybercrimes and our customized protection.