Edited article from Sophos.com
Cybercrime is an enormous industry. And when there’s that much money involved, criminals are motivated to invest substantial time and money in ripping people off. When they’re ripping off businesses, non-profit organizations, and government agencies, they’re driving up costs for everything we all buy and do. And, of course, millions of ordinary people have been victimized directly by cybercrime – whether it takes the form of ransomware, phishing attacks that compromise their financial accounts, or criminals hijacking their computer’s power to “mine” cryptocurrency. This is where the importance of Cyber security comes into play.
Since there’s still no single reliable source of data on global cybercrime IT security trends, it’s difficult to know just how immense the losses are. But they are unquestionably massive. Two reputable estimates will make the point. In 2018, partnering with a security vendor, the nonprofit researcher Center for Strategic and International Studies (CSIS) estimated the overall cost of cybercrime at $600 billion. That would make cybercrime the third largest type of crime after government corruption and narcotics trafficking.
If CSIS’s figure is correct, this represents 0.8% of global GDP: a pretty sizable tax on all of us. But an even higher number comes from the global consulting firm Accenture, which recently told business leaders that cyberattacks will place $6.2 trillion in economic value at risk over the next five years. For the world’s largest 2,000 companies, that translates into 2.8% of revenues – and in some industries, it’s much higher.
The criminals still use off-the-shelf malware. And there’s plenty of it out there: phishing kits, loaders, customizable infected Microsoft Office files, trojans, keyloggers, zero-day exploits, ransomware-as-a-service offerings, and more. (Deloitte’s December 2018 survey found that it’s still technically possible to start your own cybercrime business for under $40 a month, using tools they can buy or rent in a large global online black market.) But the most effective criminals are complementing off-the-shelf tools with sophisticated manual hacking techniques that were previously used primarily for industrial or government espionage or sabotage.
In Sophos’s 2019 Annual Threat Report they found that cybercriminals are also becoming more sophisticated about “living off the land” – using tools and resources they find on the devices they attack. Most often, those devices are running Windows, which includes high-powered administrative and management tools such as PowerShell, WMI, and the Windows Scripting Host. Often, attackers trigger complex chains of scripts that operate in multiple Windows processes and leave few traces. This means defenders can’t rely on traditional methods – so Sophos Intercept X relies on machine learning to recognize when a computer’s behaving anomalously, even if it’s using Windows’ own components to do so.
As machine learning grows more ubiquitous, of course, everyone will have to respond to cybercriminals who’ll also use it. Some researchers believe machine learning will help criminals discover more zero-day attacks that don’t yet have defenses against them, create more convincing personalized phishing attacks, discover users’ passwords more effectively, and evolve botnets in ways that are harder to counter.
It’s easy to imagine that all the news is bad. However, not everyone sees it that way. Criminals have been forced to jump through more hoops because defenses have been improved. More than half of websites and 80% of network traffic is now encrypted – and that’s major progress. Best of all, even today, many of the basics still go a long way towards keeping individuals safe through cyber security. That means: keep your systems updated and patched, use sophisticated security software, don’t share personal information with strangers, and don’t click where you should not.
RJ Young’s Enterprise Level IT Support can protect businesses from new threats while allowing them to embrace new technologies at the same time.
To learn more about cybercrime, cyber security and Managed IT Services contact RJ Young.