Looking back, internet crime in 2019 seems quaint. Little did we realize back then that in 12 months, a virus would bring the world to its knees and spawn an explosion in cybercrime. By the end of 2021, cybercrime had increased by 140% since 2018. More staggering is the $6.9 billion financial losses, up 155%, from $2.7 billion in 2018.
Accenture’s Annual Cost of Cybercrime report states that cybercrime generates $1.5 trillion each year, slightly less than 1% of global GDP.
But how is it linked to the pandemic?
Let’s look at how cybercrime grew and evolved through the Coronavirus spike.
The most pressing cybercrime in 2019 was phishing attacks.
Such attacks use fake messages to lure you into clicking on links or giving away sensitive information. Phishing kits began to emerge on the dark web allowing people with limited technical knowledge to execute their own attacks.
The FBI reported 115,000 victims losing over $57 million to phishing in the US.
At the same time, hackers were targeting users’ computers to use their processing power to mine cryptocurrency.
In addition to targeting computers, hackers also accessed IP cameras, network-attached storage devices, and smartphones due to the open data ports needed for their operation.
While our smartphones contain sensitive personal and financial data, the FBI report ranked identity theft as only number seven of the top ten cybercrimes affecting victims.
This ranking was about to change.
In December 2019, the world was notified of a novel virus found in Wuhan, China.
In January 2020, China imposed its first coronavirus lockdown order, followed by Italy in February, and the US and UK in March.
The number of employees working remotely from home grew from 20% to 71%, as employers rapidly migrated their systems to the cloud. As businesses scrambled to ensure business continuity, they gave little thought to cybersecurity.
And that’s when the cyber disaster has started. Researchers found that the more companies migrated to the clouds, the more they were attacked.
In January and February 2020, phishing attacks increased by 510%. Seven million new phishing and scam web pages appeared during the year, and ransomware and data extortion began trending.
Attacks by using malicious software (malware) increased by 358%, and ransomware rose by 435%. In late 2020, the average ransom payment made by victims was $233,817.
Scammers became more sophisticated and started using new technologies like artificial intelligence and machine learning. Besides that, 2020 marked a shift from lone-wolf hackers to organized and collaborative groups.
It’s been a catastrophic year for businesses and not all managed to survive.
As much as business owners hoped that 2021 will be less devastating, it wasn’t an easy year as well.
The main cyber risk to organizations in 2021 was data breaches, with each data breach costing an average of $4.24 million, which was 10% more than the previous year.
Yet, it wasn’t hackers alone, who imposed a threat.
The greatest data breach threat came from people inside an organization. Negligence accounted for 56% of these breaches, and criminal activity 26%.
One-third of the data breaches were due to phishing attempts, with a 45% rise in brand abuse for phishing attacks.
Brand abuse involved criminals impersonating known major brands in their emails and social media communications. Brands most commonly used were Microsoft, WhatsApp, Google, and LinkedIn.
The internet of things (IoT) devices became widespread in households and businesses in 2021. These are items you can control, locate, recognize or read through the internet. Some of the IoT examples we use in our everyday life include smart refrigerators, smart fire alarms, fitness trackers, and more.
IoT devices use and transmit data constantly and have become targets for cyberattacks in 2021.
One report suggests the average household in 2021 received 104 threats each month. With their small size and limited storage capacity, IoT devices can be difficult to defend using firewalls and anti-virus software.
While in 2020 there were 12 billion IoT connections, a number estimated to grow to 30 billion by 2025.
Supply Chain Hacks
The hacking of industrial IoT devices exposes supply chains to attack. And this was another cybercrime that gained prominence in 2021.
The SolarWinds hack was the most talked-about. SolarWinds is a software company that supplies network monitoring tools to government agencies and large businesses.
During the attack, hackers inserted malware into software updates using a compromised Office 365 account. The malware allowed access to customers’ sensitive information, emails, and confidential documents.
US government departments affected included Homeland Security, Treasury Department, Defense, and others. Many departments needed to rebuild their networks from new to ensure they were clean and secure.
During the first few months of 2022, the cybercrime trends of 2021 remained the same. They were phishing, data breaches, and ransomware.
Mobile Apps Attacks
Despite people heading back to the office, don’t expect the pace of change in cybercrime to let up.
Issues you should watch in 2022 will be the continued rise of malware attacks on mobile applications.
These will seek to take advantage of your mobile wallets, payment systems, and cryptocurrencies.
Deepfake video and audio will continue to increase. The techniques are now sophisticated enough to be weaponized.
It was convincing enough for a bank manager in the United Arab Emirates to transfer $35 million of the client’s money to global accounts owned by the hackers.
Ransomware and business email compromise will continue to increase. These scams are lucrative for hackers and with less than 1% of cybercrime successfully prosecuted, the number of attacks still grows.
On the bright side, the anti-malware market is predicted to grow in 2022-2023.
Virtual private network (VPN) use surged through the pandemic to protect individuals’ identities and browsing habits. Data backup solutions are predicted to grow in value by over 10% in 2022, protecting you against ransomware and data loss.
The coronavirus is still with us, people are still working from home, and lockdowns may yet reappear. It’s guaranteed that cybercriminals will seek to take advantage of the ongoing confusion created by the pandemic.
The rise in cybercrime during the pandemic has been unprecedented. However, more tools to assist you in maintaining your privacy, detecting threats, and restoring your data if lost appeared as well.
While cybercriminals are adaptable and relentless, you owe it to yourself and your organization to fight back. Protect your data, identity, and finances by arming yourself with the latest tools. Become informed, remain vigilant, and be determined to prevail. Stay safe!