The anonymous and borderless nature of cybercrime puts every organization at potential risk. Once considered an irksome pastime of geeky teens, cybercrime has grown up fast.
In 2014 its annual cost to the global economy was estimated at $445 billion. A 2015 Hewlett Packard-sponsored study of large U.S. companies found cyber-attacks growing “in frequency and severity” in every sector, at an average yearly cost per company of more than $15 million. Cybercrime’s increasing scale and sophistication have elevated it into a full-fledged illicit industry.
Broadly speaking, law enforcement divides cybercrime into two categories:
- Advanced cybercrime – sophisticated attacks on computer hardware and software;
- Cyber-enabled crime – illegal activity that exploits the internet in some way (e.g. terrorism, human trafficking, money laundering)
But the two often blur together nowadays, as when hackers steal databases of customer information from companies and sell them on “darknet” websites, where other illicit items including drugs and weapons can often also be found. With this booming business, cybercriminals will target you not only at home, but also at work. They will attempt to gain access to your computer through software/hardware vulnerabilities, as well as social engineering (phishing e-mails, vishing calls, text phishing, impersonating government or corporate employees, etc).
The aim is monetize you, whether it’s through:
- Ransomware and the ransom being paid
- Cryptojacking by installing malware on your computer to generate cryptocurrencies such as bit coin
- Banking Trojans providing banking logins so that many can be transferred out
- Stealing Intellectual Property such as internal company secrets
Leaking Personally Identifiable Information (PII) such as W2 and other tax documents For this reason, you must always be vigilant in all that you do while using e-mail, the internet, etc.
Defenders have to be on guard 100% of the time, but a cybercriminal only has to get you to drop your guard once. If you see anything odd, unsettling, or you think may be a cybercriminal attempting to gain access, please report it.