Cyber crime is defined as any illegal activity that involves a computer. According to the study, in 2016 more than 7.6 million Americans were victimized by cybercrime with an average cost of $203 per victim and total annual cost of over $16 billion dollars. Of those 7.6 million victims, 3% lost personal information such as a social security number and 1% had their personal information used to commit fraud.
There are six types of cybercriminals:
Cyber opportunists - the most common type of cyber criminal, who might download malicious attachments to emails, which install malware on their computer. The auto-run feature on Windows computers often facilitates this attack by automatically executing everything that is placed in the autosave folder. This can be prevented or at least mitigated by disabling autorun in Windows.
Script kiddies - who are often amateurs that scan the internet for vulnerable websites and then launch an attack on those sites using tools or scripts written by others. Their skills stop at deploying existing software, and they may not have any real understanding of security. They typically come into play after cyber opportunists find vulnerable sites and then launch attacks.
Cyber activists - who are protesting government or company policies by attacking a website with the intent to bring down that site. The goal is not necessarily profit but rather to make a specific political statement.
Cybercriminals of opportunity - who are criminals that find an easy target and take advantage of it for financial gain. This would include organized crime and gangs, looking for ways to make easy money.
Cyber extortionists - who use malware and viruses in a blackmail scheme. The criminal will try to scare the victim into paying a ransom by threatening to destroy files or data on their computer. Some cybercriminals have even threatened to disclose sensitive information like trade secrets if the ransom is not paid.
Cyber saboteurs - who are motivated by money and either steal personal information to sell or use malware to destroy data (what's known as a wiper attack). This group started appearing more frequently in 2017 as cyber extortionists transitioned from using ransomware attacks to wiper attacks, which seek to wipe out some or all of the data on a computer.
While these six types have distinct differences, they are all motivated by opportunities to make money and cause damage. They don't necessarily care about whom they hurt along the way; whether it's your employees, customers or vendors. Their goal is to get in and out without getting caught, as fast as possible.
How Can We Win against Cybercriminals?
The studies identify a strong correlation between employing a cybersecurity policy and being a victim of cybercrime. In fact, organizations with the strongest online security efforts were 63% less likely to experience any form of cyber-attack compared to those that had no cybersecurity policy in place at all. Organizations should not rely solely on a single technology or product, but rather a combination of solutions that can create and maintain security. This can include cyber threat intelligence solutions that do more than just monitor the network, but also analyze activity to identify nefarious patterns.
When planning your cybersecurity strategy, consider the following steps:
Review your existing cybersecurity policies and adjust accordingly. A comprehensive policy that addresses the different types of cybercriminals is important to any organization. An effective security plan should include plans for data classification; industry regulations, laws, and compliance requirements; who provides support during an attack (i.e., executive staff, owner/operator, or IT); response strategies for different types of attacks; and how the organization is going to recover.
Implement ISO 27001 or SSAE16 cyber risk management standards, applicable to your industry. These are guidelines for a formalized security system that further instills good cyber practices within an organization. The goal is to help you understand where potential vulnerabilities may lie in your organization and then to help you find ways to address those vulnerabilities.
Protect your organization's infrastructure from cybercrime by implementing an effective network security strategy using a combination of traditional cybersecurity solutions like firewalls, anti-virus software, or IPS/IDS. They should also include more advanced means such as threat intelligence devices that can detect malicious activity on the network before it causes damage. These devices can identify cyberattacks, even if they don't fall into one of the traditional categories described above.
Safeguard your organization's data by implementing encryption solutions that protect hard drives and all digital data on them so that criminals cannot access or steal information without first knowing an encryption key.
Consider a cyber insurance policy. This ensures that your business is covered if you are hit with the type of attack that can cause massive financial losses, such as ransom attacks or wiper attacks. It may also protect you if your employees inadvertently cause damage to a client's computer or another device while doing their day-to-day jobs.
A cyber insurance policy may also replace lost revenue and help support your business during an attack.
While it's not possible to completely eradicate risk in today's world, your organization can take steps toward reducing its chances of becoming a victim of any type of cybercrime. Implementing strong cybersecurity policies is one step you can take to ensure that your data is secure, your network is protected, and that you don't become a victim of cybercrime.