Cybercrime is a big deal.
McAfee estimates that cybercrime costs the global economy $400 billion annually; more than the national incomes of many countries. Experts expect that figure to only increase as more companies move their business online, opening up new fronts for cyberattack.
With this much at stake, it’s no surprise that cybercriminals continue to up their game with increased attack volume and methods. As Symantec found in their 2016 Internet Security Threat Report, hackers deployed 431 million new malware variants in 2015; 36% more than were added in 2014. Symantec also discovered that 1 in 220 emails in 2015 contained some form of malware.
Ransomware Runs Rampant
While on the subject of cybercrime, we’d be remiss if we didn’t bring up the 10,000-pound gorilla in the room: ransomware. Instances of this specific type of malware, which locks a user’s files until a ransom is paid, increased 35% this year over last, according to Symantec. As the report authors write:
“An extremely profitable type of attack, ransomware will continue to ensnare PC users and expand to any network-connected device that can be held hostage for a profit. In 2015, ransomware found new targets and moved beyond its focus on PCs to smart phones, Mac, and Linux systems.”
The Justice Department estimates that 4,000 ransomware attacks have happened every day since January 1 this year. Additionally, CNN reports that cybercriminals extorted $209 million with ransomware in the first three months of 2016 alone.
Though the first modern wave of ransomware was reported in 2005, the FBI and InfoSec experts of all types have seen a marked uptick in attacks in the last year. And the attackers are becoming more sophisticated. As the FBI reports, delivery methods have expanded beyond the standard phishy email to malicious code injected via out-of-date plugins on legitimate websites.
Going After the Human
A common thread exists among most cybercrime instances out there: Attackers targeting the human to gain access. From phishy emails spoofing CEO requests for wire transfers to ransomware piggy-backing on legitimate-looking attachments, cybercriminals continue to rely on a lack of employee awareness as the most consistent way to break in.
Unfortunately, a new report from security software firm Avecto shows there’s still work to be done to inform employees of the extent of the ransomware threat. In a survey 1,000 office workers, 61% proved ignorant of ransomware. Twenty-eight percent of respondents said they rarely receive cybersecurity awareness training or do only after something has gone wrong.
Says Paul Kenyon, Avecto co-CEO, about the study:
“Employees might be a company’s greatest asset, but they are its greatest risk too. Ransomware is a very real threat to businesses and we need to do more to educate employees on the risk of attack from the internet, or even business applications that are used every day.”
Awareness for All
All these big scary numbers aside, protection against ransomware or cybercrime comes down to one thing: Your employees. They’re often your last line of defense against phishy emails carrying who-knows-what sort of malware.
That’s why, to recognize Week 3 of National Cybersecurity Awareness Month (NCSAM): Recognizing and Combating Cybercrime, we’ve built a Cybercrime & Real Behavior Change Toolkit to help you educate your employees on best practices for thwarting cyberattacks. Resources include:
- MediaPro’s Phishing in 5 Minutes or Less mini-course
- STC’s Ransomware Facts & Tips tip sheet
- STC’s I Do My Part To Fight Cybercrime poster
We’ve also included professional resources designed to bring your awareness program to the next level:
- MediaPro’s Drowning in Phishing guide
- MediaPro’s 5 Training Tactics for Achieving Behavior Change white paper
With this toolkit, you’ll be one step closer to a cybercrime-aware workforce.
Get your toolkit today!
Want to get the absolute best NCSAM toolkits delivered to your inbox each week in October? Sign up here!
MediaPro is proud to work with Stop. Think. Connect as an NCSAM Champion.
Coordinated and led by the National Cyber Security Alliance and the U.S. Department of Homeland Security, NCSAM has grown exponentially since its inception, reaching consumers, small- and medium-sized businesses, corporations, educational institutions and young people across the nation and internationally.
NCSAM 2015 was an unprecedented success, generating more than 1,700 news stories –an increase of 74 percent from NCSAM 2014’s media coverage. Kicking off NCSAM’s 13th year, this October presents a new opportunity to expand cybersecurity and privacy education and awareness globally.