Growing threat of cybercrime?

  • Amsterdam, North Holland, Netherlands

Author:  Richard van Hooijdonk

Short Description

Growing threat of cybercrime? Not only to individuals but also to businesses of all shapes and sizes, across all sectors and industries. During the pandemic, incidents of cybercrime increased by an astounding 600 per cent. This makes cybercrime the fastest-growing crime in the world and companies and individuals are faced with more cyberattacks than ever […]

Growing threat of cybercrime? Not only to individuals but also to businesses of all shapes and sizes, across all sectors and industries. During the pandemic, incidents of cybercrime increased by an astounding 600 per cent. This makes cybercrime the fastest-growing crime in the world and companies and individuals are faced with more cyberattacks than ever before. Criminals are increasingly transitioning to the online space because that is where the money is.

And the reasons for the popularity of cybercrime are easy to understand. It is basically a low risk crime that can provide very high payoffs. Cybercriminals can make millions with almost no chance of getting caught. This is because they are becoming increasingly sophisticated, collaborating across global networks and cybercrime centres like Russia and North Korea. And as cybercriminals have access to secure and anonymised payment systems it’s virtually impossible to catch them in the act.

 

Our main challenges explained

 

As we are speeding towards a hyper-connected future, no global threat has grown as fast, or is as complex to understand, as cyberattacks. And unfortunately it isn’t a short-term challenge, either – it has become part and parcel of the new world we live in. There are many reasons why we are increasingly faced with cybercrime, some of which include inadequately protected IoT devices, ever larger volumes of data being generated, constantly changing security risks, a continuously expanding remote workforce, a global shortage of cybersecurity personnel, and so on.

IoT devices aren’t adequately protected

 

An important challenge that leads to an increase in cyberthreats is the fact that smart devices connected to the Internet of Things (IoT) are inadequately protected. This makes them very easy and increasingly popular targets. Devices like smart TVs, air quality monitors, smart speakers, routers, smart doorbells, and smoke detectors can be hacked and used to access home networks, spy on users, and obtain sensitive data like financial information, passwords, or even chat logs.

 

Many IoT devices are manufactured and sold with inadequately secure default settings, which often remain unchanged after people start using them in their homes. They have hardcoded or easily guessable passwords, and insufficiently secured network services, ecosystem interfaces, backend APIs, and cloud and mobile interfaces are another huge problem.

Then there’s the fact that off-brand IoT devices are often fitted with cheaper and insufficiently secured or outdated software components, bringing vulnerabilities right into people’s homes. Furthermore, when it comes to sensitive information – whether during data transfer or stored on the device itself – IoT devices often lack access control or encryption.

An increasingly remote workforce

 

Mainly as a result of the pandemic, many companies have decided to adopt hybrid work models or even transition to a fully remote workforce. But these distributed work environments pose various significant cybersecurity challenges.

 

While traditional offices generally have solid cybersecurity measures in place to protect company assets as well as employees, protecting remote workers is another thing altogether. Remote employees need to access cloud-based applications and sensitive data remotely, and there is generally insufficient software and hardware infrastructure in place to support safe communication and secure data transmission as well as monitor cyber threats.

 

Because of this, cyber attackers are increasingly targeting remote and hybrid employees. What’s more, hybrid workspaces often lack physical security as well, which makes them very challenging to monitor, putting organisations at increased risk.

 

Talent shortage in cybersecurity

 

Another important challenge is the fact that cybersecurity personnel are in very short supply, which impacts the way in which we can respond to and mitigate cyberthreats.

According to the Cybersecurity Workforce Study by the International Information System Security Certification Consortium (ISC)², the global cybersecurity talent shortage currently sits at more than 4 million people.

Furthermore, overworked cybersecurity personnel are struggling to keep up with their jobs’ challenges, while employers are struggling to prevent them from leaving. According to a global study of cybersecurity professionals by industry analyst firm Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA), in which more than 500 cybersecurity professionals were surveyed, almost 60 per cent say a shortage of cybersecurity skills has had a negative impact on the organisation they work for.

 

What are the most widely executed attacks?

 

The number, complexity, and variety of cyberattacks continuously increase, and according to the Cisco Annual Cybersecurity Report, the advent of network-based ransomware worms even enables attackers to launch attacks without any human intervention. And while cyberattacks are predominantly carried out for extortion and monetary gain, some more recent attacks seem to be aimed specifically at data destruction or political activism. Here’s an overview of the most common types of cyberattacks.

 

Malware

 

Malware is malicious software that is commonly spread by seemingly legitimate downloads or email attachments. Malware makes use of network vulnerabilities to infiltrate a system and can include computer viruses, worms, spyware, Trojan horses, and any other program or file that can harm a computer. Once inside the system, malware can retrieve data from your hard drive, deny access to critical network components, and even render an entire system unusable.

A virus can infect an application where it replicates and infects code in the computer system. Worms are programs that move and replicate across computers and networks and are used to overload email servers. Spyware is, as the name suggests, a type of spy program that gathers data about users, their systems and even their browsing habits. This information is used to download and install malicious programs or for blackmailing purposes. A Trojan is a malicious program that hides inside a legitimate program and is used to provide cybercriminals with access to computer systems.

 

Growing threat of cybercrime?

 

SQL injection

 

A Structured Query Language (SQL) injection enables an attacker to manipulate a database. An SQL injection can be used to access and retrieve information that was not intended to be displayed, such as private client details, user lists, or sensitive company data. During an SQL attack, malicious code is ‘injected’ using server query language – usually into a search or comment box on an unprotected website.

This enables hackers to send their own requests to a database and forces the server to release protected data. Now they can execute a range of nefarious activities, from manipulating the information in a database for their own ends to stealing sensitive data. According to Kaspersky Lab, because of the prevalence of websites and servers that use databases, SQL injection attacks are among the oldest and most widespread cyber assaults. Automated SQL injection programs that are freely available from open source developers enable cybercriminals to automatically perform attacks with just a few clicks and within only a few minutes.

 

Phishing

 

Phishing attacks involve sending mass amounts of fraudulent emails from seemingly legitimate sources to get sensitive information. The fraudulent emails contain links to a malicious script or file that enable cybercriminals access to your device. Once they have gained access, they can take over the control of your device, install malicious files or scripts or extract information such as login details, banking information, credit card numbers, and so on. Attacks can also be carried out via direct messaging or social networks where cybercriminals collect information about your interests, work, and activities. They use this information to convince the victim that they are someone the victim knows.

 

Ransomware

 

You can become a victim of ransomware attacks when malware enters your computer via a website that has been hacked (or a legitimate website with malicious ads), when you download infected files, when you install apps or programs from unknown sources, when you open a malicious attachment or link in an email, and various other ways. Ransomware locks you out of your computer and prevents access to your data until you pay a large payment in cryptocurrency.

It’s very difficult to defend your systems against this type of malware, whereas the code behind it is easy to get hold of via online criminal marketplaces. Ransomware often targets organisations with huge volumes of sensitive (consumer) data and cyber insurance policies, which makes them more likely to pay large sums of money, like medical institutions, government organisations, supermarket chains, media conglomerates, banks, universities, and so on.

 

Cyberattacks-as-a-Service

 

Cybercriminals are increasingly purchasing Attacks-as-a-Service tools, with criminal organisations even selling access to botnets or infected machines within organisations and businesses, significantly lowering the entry barrier for other hackers. Users don’t need to be skilled to use these services, empowering even the most inexperienced hackers to carry out highly sophisticated cyberattacks. Most of these services circulate in the underground economy and are based on either a convenient flat-rate or a subscription fee.

The tools are very user-friendly and customer-oriented, and even provide easy to use admin consoles and dashboards to monitor and manage profits ‘earned’. Criminal organisations sell or lease access to entire botnets and control infrastructures on cloud architectures that can be used to steal sensitive information or launch massive DDoS attacks against specific targets. Some subscription-based models – such as Ransomware-as-a-service – even enable affiliates to earn a percentage of each successful ransom payment.

 

In closing

 

It’s quite clear that vulnerabilities are not easy to fix and that the threat of cyberattacks will never be fully eliminated. That would require completely disconnecting our lives, which would not only be undesirable but virtually  impossible, as almost everything we do depends on connectivity. It enables us to search the internet, gives us access to top of the range medical treatment, allows us to communicate faster and more efficiently than ever before, and enables electricity, water, and food supplies.

 

In short – connectivity has become critical to each and every aspect of our lives. We will need to find ways to live with a certain amount of danger and take steps to prevent cybercriminals from exploiting our vulnerabilities. This is a serious challenge, however.

 

As technologies keep evolving into super-intelligent, almost self-sustainable systems, it will become increasingly difficult to predict where, when, and how cyberthreats will occur. Prevention, detection, and counteraction are still the best measures against cyberattacks, but we need to be very serious about this, as billions more hackable, unpatchable, and non-upgradable devices will be connected to the global digital grid in the next few years.

 

He has several Chip-implants, because he wants to physically experience the future.

 

Article written by: Richard van Hooijdonk who is a futurist, keynote speaker and trendwatcher, an authority on new technology.

Contact Us at WeSpeak Global and follow us on Twitter

Author Profile

The articles, video and images embedded on these pages are from various speakers and talent.

These remain the property of its owner and are not affiliated with or endorsed by WeSpeak Global.

Similar to Growing threat of cybercrime?

Heather R Younger | Leadership With Heart

I had a recent team meeting where I brought our Caring Inclusive Listening Leadership coaches together to discuss an idea regarding the community. The call ended up going in an entirely different direction, but ended up in an amazing place. As the conversation grew, many strong opinions came forth on all sides, but I trusted each of them […]

  • Author: Heather R Younger
WS Logo 512

This morning I woke up with a feeling of total despair as An eagle eye in trouble times…, the feeling of not doing enough. Not having enough, not knowing where to start and not knowing where I wanted to go. This uneasy feeling of negativity was so out of character and my first reaction was […]

  • Author: Lizette Volkwyn
wespeak global latest news

Unveiling the Secrets of Successful Keynote Speaker Booking: Insights from a Meeting Planner To learn more about booking a keynote speaker tailored to your event’s specific needs, please don’t hesitate to contact us. Our experienced team is ready to provide expert guidance and help make your next event an unforgettable success. A Meeting Planner’s Perspective […]

  • Author: WeSpeak Global
Jason Hewlett

11 days ago was the last time I have been outside and even had the privilege to go for a car ride which gave me the promise of perspective. I had just returned home from the hospital, hopped up on all kinds of meds my body has never felt before, never been through surgery in […]

  • Author: Jason Hewlett
Melinda Briana Epler

Hey there, are you a white person wondering what Things You Can Do As An Ally for Black people right now? A lot of my white friends have been asking, you’re not alone. I’ve received several questions from friends wanting to do something so I thought I’d compile these all on one place. This is […]

  • Author: Melinda Briana Epler
Mike Walsh | Between Worlds Podcast

Everyone these days seems to have a plan or AI SHOULD CHANGE, Or at least, they plan to mention it as often as possible in press releases and briefings to analysts. Paying lip service to AI is a dangerous distraction and a missed opportunity. A few may be fooled for a while – but unless […]

  • Author: Mike Walsh
Rob Caskie

Social media abounds with the hype and extraordinary news of Shackleton’s ship Endurance is patience concentrated being found in 3008 meters of water in the Weddell Sea, 107 years after it was smashed by ice in 1915. This discovery has deservedly grabbed global attention. “Men wanted for hazardous journey, small wages, bitter cold, long months […]

  • Author: Rob Caskie
Sterling Hawkins

11 WAYS TO LIVE with a New year. New goals. New opportunities. #NOMATTERWHAT IN 2022 Welcome to 2022. 11 WAYS TO LIVE #NOMATTERWHAT IN 2022 What separates the high-achievers that actually reach what they strive for from those that don’t? Even in the face of assuredly new challenges, limits and obstacles… I’ll tell you – […]

  • Author: Sterling Hawkins

© All rights reserved 2024. Created using VOXEL THEME

1902 Wright Place, Carlsbad, CA, 92008