In our digital world, we are now more connected than ever. While this brings tremendous benefits, such as instant communication, increased commerce, and more access to educational materials, we need to be realistic about the threats that exist in this new world.
When left unaddressed, these many threats can lead to financial loss or even ruin, but most people go through life not fully aware of the danger cybercrime poses to their peace of mind and stability.
Of course, just because the internet can be a dangerous place doesn’t mean it’s a bad thing. After all, bad stuff can happen anywhere. But it’s vital that we fully understand these risks and just how prevalent they are in today’s world so we can take the necessary steps to protect ourselves and keep the internet as the bastion for free speech and inter-connectivity that it is.
In this spirit, we’ve put together this guide that highlights the many threats out there. We’ve also provided you with all the facts and figures you need to know about cybersecurity in 2020, so you can stay safe and secure while you’re on the web.
Cybercrime: Definition and Examples
Cybercrime is defined as any crime that takes place through a computer. This can mean many different things, but the most common forms of cybercrime are:
Hacking is when someone gains unauthorized access to a private system or data set. Once hackers are inside a system, they can do all sorts of damage, such as eliminating or stealing data. They can also rewrite permissions and other code that allows them to do even more damage, or they could even hold the entity they’ve hacked hostage to try and maximize the return on their effort.
Hackers are motivated by different things, but the two biggest drivers are money and fame. Successful hacking can be quite profitable, especially if it gives hackers access to valuable financial information, but fame is another big one. The hacker community is made up of people who are constantly trying to one-up each other, encouraging hackers to do damage even when there is no financial reward for them.
Another significant type of cybercrime is data theft. This is when hackers steal lots of information from the servers they break into. Usually, the data they go after is financial, such as bank account numbers, credit card numbers, social security numbers, account login information, etc.
Data theft is a big deal, and as the world goes more and more digital and we put increasing amounts of information on the web, it’s becoming even more serious. Companies are working hard to keep your data safe, but cybercriminals are always working just as hard to get at it.
In many ways, this represents most people’s biggest fear when it comes to cybercrime. Identity theft occurs when a cybercriminal can get enough of your personal information to impersonate you on the web. When they do this, they will usually take out credit cards in your name and use them to buy stuff before running far away. Or, they will access your personal accounts and steal directly from you.
If you fall victim to identity theft, it can be tough to prove that it wasn’t you who was taking these actions, which is why it’s so important to remain vigilant and put up good cybersecurity defenses to stay safe.
Viruses, Malware, Ransomware, and Worms
These are programs that get installed on your computer with the aim of either stealing information or extracting money from you. Ransomware is particularly dangerous because it takes over your entire computer and forces you to pay a large sum of money to get your data back. Depending on what you have saved on your computer, it can be tempting to fall for these threats, but you shouldn’t and should instead contact the authorities when you have become a victim of ransomware.
Denial-of-service attacks, also known as DOS attacks, occur when cybercriminals overload a website or server to try and crash it so that they can gain access to it. They usually do this by generating a load of fake traffic that the site can’t handle. This shuts everything down, including the site’s defenses, and hackers can then get in and steal whatever it is that they’re after.
Cyberbullying is a form of cybercrime that has nothing to do with hacking but is still very much a danger we should be aware of while we’re on the internet. Cyberbullying is just like any other form of bullying – an attempt to cause someone harm – but it’s different in that it all takes place online. Because of this, it is usually more difficult to detect and can also often be more harmful, mainly because victims of cyberbullying typically suffer in silence.
Child Abuse and Stalking
Because of the anonymity offered by the internet, sexual predators and other deviants use it to try and find their victims. Children are especially at risk in this realm because they are often more naive and willing to talk to strangers, especially if these strangers seem to offer them an out from a difficult situation at home. However, online stalking is still a pretty considerable risk, and we would all do well to make sure we don’t overextend ourselves when communicating with people online.
How Cybercriminals Do Their Work: Social Engineering
Now that you now know what cybercriminals do, it’s important to understand how they do their dirty work. In some cases, they will do a broad assault on a system, using randomly generated login information repeatedly until they find something that works and grants them access.
However, the success rate for this approach is relatively low, so most hackers turn elsewhere to carry out the final stages of their cybercriminal work; they try to use you to “give” them access.
This is known as social engineering, a blanket term for the many tactics cybercriminals use to try and trick you into giving them the information they want. It’s essential you know how to recognize it and its many different forms to not fall for it yourself.
Here’s how they do it:
One of the simplest ways cybercriminals get you to do their work for you is by getting you to click on a link that causes a program to download on your computer. These programs can target your specific computer, or, if it’s connected to a more extensive network, these programs provide the hacker with access to these systems.
These links might be hidden, as in you don’t know they’re there, but this usually only happens on shadier websites you probably shouldn’t be visiting anyway.
You might also get a pop-up that says something like “click here to claim your free prize.” Remember, if it’s too good to be true, then it probably is. Always be conservative when it comes to clicking on the internet.
One particularly common way cybercriminals try to get you to click on a bad link is by using scareware. This tactic tricks you into thinking that you’ve got some sort of virus or worse on your computer and that you must download an anti-virus software (by clicking on the link provided) to install it on your computer and save all your data.
Don’t fall for this. Trust your existing anti-virus program, and if you don’t have one, then get one from a reputable company and run a scan on your computer.
Phishing, Whaling, and Spear Phishing
The most common form of social engineering out there, phishing is simply an attempt by cybercriminals to get you to give them access to either your personal information or the systems you have access to. They usually come in the form of an email and will be sent from what looks like a reputable source, such as a friend, someone you know, or an organization or company with which you work. They can also come from phone calls, texts, and other notifications to your phone.
The message might include a spoofed design, which means it was made to look as real as possible, but there is always something off, usually the address from which it was sent. As you will see, when we begin discussing stats, phishing is the most common way cybercriminals work, so you must be aware of it.
Spear phishing is when cybercriminals target specific people, and it’s different from regular phishing, which is when they simply go after anyone willing to bite.
Whaling goes even further by targeting people such as CEOs and other higher-ups, as they tend to have more access and can therefore give cybercriminals more of what they seek.
Baiting is a bit old school in that it relies on someone finding a hard copy of the virus or other malicious program the cybercriminal is hoping to install. It sounds like a scene out of the movies. Still, criminals will leave a USB drive or some other storage device out in a public space and label it something that seems appealing. They then hope someone will pick it up and install it on their computer and that that computer has the data they are seeking to steal.
It sounds like a long-shot, and that’s because it is. However, you should still be aware of it, and if you come across any suspicious hardware, report it, and be very careful.
These are messages that try to convince you there’s some pending doom related to one or more of your accounts. For example, you might get a message that says, “your account will expire in 24 hours if you don’t act now.” That action might be simply entering your login information, but all this does is give access to the cybercriminal. It turns out your account was the same all along.
If you get a message like this one, double and triple-check that it’s a thing before handing over sensitive information.
Cybersecurity Facts and Figures in 2020
As you can see, when we’re talking about cybersecurity, we’re talking about addressing a lot of threats. Perhaps you’ve never come across any of these, or you’ve never had to deal with a serious threat. However, this doesn’t mean you shouldn’t be vigilant. Here are all the latest stats to show you just how big of a deal this is:
1. A cyberattack occurs every 39 seconds
The University of Maryland did a study in which they lowered the defenses of a set of computers and then monitored how often they were attacked. They found that an attack occurs, on average, every 39 seconds. Said defenses block most of these, but this should give you an idea of how prevalent this threat is and why it’s so important you set up the proper defenses.
2. 23 percent of Americans have lost personal or financial information to hackers, or they know someone who has
At first glance, this might not seem like a significant number, but it’s one out of every four people. That’s a pretty substantial number. Considering we’re talking about financial information, the loss of which would ruin most of our lives, this serves as a reminder of how critical it is to safeguard all of this information against any potential attacks.
3. Mobile malware variation has increased by 54 percent in the past few years
With the rapid growth in smartphone use, hackers are increasingly targeting these devices to steal the information they want to make money for themselves and boost their online street cred. This number shows us that they’re getting better at it all the time, i.e., they’re always creating new types of malware designed to circumvent the defenses we have in place.
All this means that it’s crucial to not only establish defenses but to continue to update them. This way, they will remain effective against the newest types of malware put out by cybercriminals practically every day.
4. There are more than half a million sexual predators active on the internet each day
If you aren’t convinced that the internet is a hotbed for all sorts of sexual deviants and predators, consider that the FBI estimates there are between 500,000 and 750,000 sexual predators active on the web each day.
Those who have children should be terrified of this number.
However, these particular cybercriminals work differently. They usually operate in environments where they can chat with strangers, such as chatrooms and social media, so it’s easier to avoid these creeps.
Simply stay away from these sites or exercise extreme caution and don’t give away any valuable information if you do wind up on them. Make sure your children understand these risks and are practicing safe online habits so that they can stay away from these truly sick individuals.
5. 20 percent of teenagers have received an unwanted sexual advance
This is another number that should be pretty scary to anyone with children. This can happen anywhere, particularly on social media and in chatrooms, so either prohibit your kid from using these or, more practically, make sure they are fully aware of the risks and aren’t doing anything that’s putting them in unnecessary danger.
6. 34 percent of people feel they have been cyberbullied in the last year
Just about one-third of people feel they have been cyberbullied in the past 12 months. Of course, cyberbullying doesn’t present the same potential danger as phishing and hacking or contact with sexual predators. Still, people who are repeatedly subjected to it can often suffer long-lasting mental health concerns.
Cyberbullying tends to occur more amongst children and teenagers, but it is most certainly not confined to this age bracket.
If you see cyberbullying occurring somewhere online, speak up and try to stop it. If you yourself are a victim, set up blocks to keep these people away, or simply stop using whatever platform you are using. Also, monitor your own behavior to make sure you’re not engaging in cyberbullying. What you think of as harmless fun could be doing someone lots of damage.
It’s also important to talk to your children about what cyberbullying is and why it’s bad so that they can learn to recognize when it’s happening either to them or someone with whom they interact on the internet.
7. 99.9 percent of all mobile malware comes from third-party app stores
We mentioned earlier that mobile malware and mobile malware variation are on the rise. It turns out there’s a pretty easy way to avoid this: only download apps that come from reputable places, such as the Apple App Store and Google Play.
Third-party app stores are not sanctioned and, therefore, not regulated. While people use them to get cheaper or free apps that are similar to the official ones, they are also a hotbed for malicious software.
Stay safe from this and stick to the approved channels for downloading apps.
8. 94 Percent of malware arrives via email
We already mentioned how phishing was the most common tactic cybercriminals use to get you to download their bad software, but this number shows that nearly all malware arrives by email and should help drive this point home.
Always double check sender addresses before clicking on anything in an email, make sure your spam filters are on and working and don’t click when you get that feeling inside you that something is wrong.
9. Phishing accounts for 40 percent of all social engineering attempts
Another stat to point out the prevalence of phishing and why it’s so important to be constantly vigilant against it. However, while phishing is the most common form of social engineering, it still represents just 40 percent of all the social engineering attempts that go on. As a result, it’s important you be fully aware of all of them and take all the necessary steps to protect yourself from the damage they can do.
10. Nearly $1.5 billion is lost to phishing each year
If you’re wondering why cybercriminals are so set on using phishing to do their dirty work, then consider that their efforts cost us $1.5 billion each year. This just shows that this tactic, however crude or at times obvious, works, and it works very well. Due to its effectiveness, we can expect cybercriminals to continue to try and use it as a way of taking advantage of unsuspecting web users.
11. 40 Percent of phishing command and control centers are in the United States
When most of us think of hackers developing phishing tools and working to get into systems and servers worldwide, we think of mysterious people hidden away in distant lands. But this simply isn’t true. Just under half of all the world’s phishing attempts are conducted from somewhere inside the United States. This shows that this is a global problem, and we must address it as such to improve security around the world.
12. Cybercrime costs the global economy around $445 billion per year
When a cybercriminal succeeds, the person or organization affected must be ready to take out their wallet to cover the cost of lost funds, determine what happened, and install new security systems.
For smaller organizations and individuals, this cost isn’t tremendous. But for bigger institutions, it can be extreme. Added all together, cybercrime costs the global economy just under half a trillion dollars a year. That’s an astronomical sum that shows just how much of an impact cybercrime has on our world.
13. $64.2 billion was spent in 2019 on managed security services
Part of the cost to the global economy that companies must assume is that of managed security systems. These are outsourced security efforts whose sole purpose is to keep a company or institution safe from cybercriminals.
Each year, due to the rising number of threats, companies have to spend more and more money. In 2019, that number was $64.2 billion, and we can expect that to go up this year and every year moving forward.
14. Employees bring on 56 percent of cybercrime that harms companies
While companies are spending a small fortune on systems to keep them and their customers safe, the reality is that the biggest threat comes from within. Almost half of all cybercrime is brought on by either past or present employees, sometimes intentionally as a form of vengeance, but usually by accident.
In other words, someone falls for a phishing attempt, which can cost the company big time. The average cost for dealing with a cyberattack is around $1.6 million.
For most companies, this number is too terrifying to think about, and if you work for or run a small business, your fear is justified. Some 60 percent of small and medium companies that suffer a cyberattack are forced to close their doors. Now that’s terrifying.
15. 66 percent of small business still don’t see cybercrime as a likely threat
However, despite these staggering numbers, two-thirds of small business owners still don’t see cybercrime as something likely to occur at their company. The general logic is that smaller companies have less valuable information to steal. Yet they also have much weaker defenses. Hackers are responding by targeting these companies more, so, if you do own a small business or work for one, not acting now can and probably will cost you in the future.
Stay Safe Out There
As you can see, while we refer to “cybercrime” as a blanket term, there are many nuances. We face many threats, both as individuals and as members or larger groups and organizations. Underestimating the danger can have catastrophic consequences down the road.
Stay safe by:
- Using strong passwords and changing them frequently
- Not sharing login information with anyone
- Installing anti-virus software on all your devices
- Updating software frequently to make sure you have the latest defenses
- Activating notifications from your bank about financial transactions to ensure nothing bad is going on
- Practicing extreme caution by not clicking on any potentially suspicious links until you’ve had the chance to verify them
- Avoiding talking to strangers online, and don’t give away any personal information to anyone at any time
- Always being suspicious and thinking before you click.
If you practice these habits and have the right tools in place to protect yourself, it’s unlikely you will have a problem. But, as we have demonstrated, this is a continually changing landscape, and the best defense is constant vigilance.