With remote working becoming the new pandemic normal, cybercrimes have reached an all-time astonishing high and what’s more the innovation behind each crime is getting more and more mind boggling. According to 2021 Data Breach Investigation Master Guide Report, the first nine months of 2021 has reported over 36 billion exposed company records, which included,
Although, cybercrimes are pretty common, the remote working atmosphere has set the ideal environment for hackers. Research would have it that there has been a 3 fold increase in the number of cybercrimes, since the advent of the pandemic owing to:
- Decreased security of home connections
- Delayed responses to cybercrimes
- Physical and information security gaps
The malicious attacks to gain unlawful access to data especially to client information of an organization can cause a lot of ill-effects for the organization not just in terms of cost but also in terms of disrupted digital operations and customer trust. It is even more evident in case of organizations that store highly sensitive information like hospitals, insurance or security agencies. There are many types of cybercrimes and the criminal minds seem to have no lack of creativity. However, some of the most prevalent ones are:
Considered one of the costliest and most destructive malware, Emotet is a banking Trojan which is a downloader or dropper of other banking Trojans, ransomwares and information stealers like Trickbot, Qakbot, etc., It is highly dangerous because it act as a door opener to criminals, and is polymorphic (changes code each time), resilient (unique method of infecting) and long lasting. In 2020, nearly 20% of organizations had fallen prey to an Emotet and is considered the most damaging malware in existence today.
Did you know, google reports about 18 million COVID-related malwares on a daily basis? That’s how frequent malwares are and this is just the statics for one particular topics. Malwares are software that takes the form of worms, ransomware, viruses or spywares and can be activated when user clicks on the link. They automatically get installed in the system and can block access to network components, attract other harmful software, extract valuable information or/and disrupt individual system components rendering the hardware unusable. It is been estimated that in 2021, a business falls prey to a ransomware attack every 11 seconds rising the ransomware market cost to $20 billion.
There has been a 2% rise in successful phishing scams from 2019 to 2020 bringing the total to 57% out of which 74% used HTTPs sites to instigate these scams. The pandemic has done its part here too. Google reports 240 million COVID spam messages on a daily basis. Phishing scammers usually use fake accounts to trigger emails or messages that mostly prompt the user to impart with sensitive information such as credit card details or install malware software.
- Password Attacks
Hacking passwords, which started out as a fun activity among friends, has long turned into a million dollar cybercrime business owing to the evolution of digital systems. With digitally dependent operations being a part of our everyday life, social engineering has become one of the easiest means to obtain passwords. It can be as simple as hacking your Netflix account for an hour of unpaid movie watching to as complex as retrieving bank details or sensitive patient information. It is estimated that an average cost of a data breach is nearly $ 4.5 million and 90% of which is financially motivated.
- Denial of Service (DoS)
According to reports, the first quarter of 2021 saw nearly 2.9 million DoS attacks. As the name suggests, it is a cyberattack that inhibits the computer or network to respond to commands or requests. The system is then prone to more attacks taking advantage of the system downtime leading to a flood attack. A Botnet is an example of one such DoS that has the power to attack millions of systems at the same time. They are also called Zombie systems and are usually difficult to trace or track geographically.
This type of cyberattack is usually common in a two-party transaction. It is expanded as Man in the Middle (MITM). These types of attacks are prevalent in unsecured public Wi-Fi networks and steal expensive data by integrating themselves between the user and the server. It is considered the third most common type of mobile threats of 2021.
- SQL Injection
SQL injection or Structured Query Language is one of the oldest cyber vulnerabilities and has been in existence for the past 15 years. It provides access to databases worldwide and can steal or modify information and its lethality lies in its simplicity. Reports has it as of February 2020, 29% web applications were highly prone to SQL attacks.
The overwhelming statistics of cybercrime although disturbing, is nothing compared to the easy vulnerability with which victims fall prey to ransomware demands. 2020, saw a whopping 311% increase in total amount of ransom paid and a 32% rise in ransom-paying organizations.
Evolving digital systems are vulnerable to equally evolving and highly inventive cybercrimes and criminals. Keeping track of cyberattacks and staying vigilant is the only key to strengthening your organizations cybersecurity standpoint.