Cybercrime Cost US Business $2.7B In 2018

The FBI has been investigating cyber-attacks on US organisations by overseas criminals and terrorists and cyber-crime cost US businesses a collective $2.7 billion in 2018, according to the FBI's latest annual Internet Crime ReportThe bureau received more than 20,000 complaints from organisations about business email compromise, a catch-all phrase for a number of crimes that leverage tactics, like phishing, targeted email spoofing and other forms of credential theft, to facilitate the fraudulent transfer of funds. 

The most frequently reported complaints were for non-payment/non-delivery scams, extortion, and personal data breaches. The most financially costly complaints involved business email compromise, romance or confidence fraud, and investment scams, which can include Ponzi and pyramid schemes.

Reports came in from every US state and territory and involved victims of every age. There was a concentration of victims and financial losses, however, among individuals over the age of 50.

While more sophisticated tools and attack vectors tend to garner sexier headlines, the report made clear that many hackers are still able to make a good living, exploiting common social engineering methods like BEC to the tune of $1.2 billion in lost or stolen profits. In one instance, a New Jersey town victimised by a BEC scam ended up transferring more than $1 million to a fraudulent account. The FBI said its Newark field office worked with the town's financial institution to freeze and eventually return the stolen funds.

Extortion schemes dangling stolen or sensitive data in exchange for money saw an explosion of growth in 2018, with 51,146 complaints and $83 million in adjusted losses. That represents a 242% increase from 2017. 
Cyber criminals are more frequently using those schemes in conjunction with high-profile data breaches, denial-of-service attacks and government impersonation schemes.

As with previous years, the report illustrated how susceptible older Americans are to internet crime. Approximately $1.15 billion and more half the total victims in 2018 were over the age of 50, and Americans over 60 were the most likely to fall prey to such scams.

The FBI received more than 351,000 complaints from businesses and organisations in 2018, or about 50,000 more than it received the year before. That continues what has been a steady trend of increased reporting over the past five years, something officials have said is the result of constant outreach efforts and engagement by FBI officials with the private sector.

"Our No. 1 piece of advice to companies would be to have an incident response plan … and No. 2, and probably very close second if not tied, is to notify us," said Amy Hess, executive director of the FBI's Criminal, Cyber, Response and Services branch at an April 16 public event.

FBI leaders have emphasised just how much of the bureau's work has shifted in recent years to rely on digital forensics and evidence for virtually every type of crime or counterintelligence area it works on. A big part of the new model for success involves building trust in the private sector so companies that are victims of cyber-crime aren't reluctant to share what they know with investigators.

FCW:          SpaceCoastDaily:      Image: Nick Youngson

You Might Also Read: 

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

« Five Eyes Intelligence Chiefs Point The Finger
How Algorithms Are Being Used »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Homeland Security Advanced Research Projects Agency (HSARPA)

Homeland Security Advanced Research Projects Agency (HSARPA)

HSARPA's Cyber Security Division (CSD) was set up to address DHS cyber operational and critical infrastructure protection requirements.

SecureBrain

SecureBrain

SecureBrain software and services help protect against Japanese-specific cybercrime and global internet security threats such as online fraud, phishing, drive-by downloads and malware attacks.

Cryptosense

Cryptosense

Cryptosense provides the first application security software dedicated to the detection and remediation of crypto vulnerabilities.

Pipeline Security

Pipeline Security

Pipeline is a leader in cybersecurity, offering comprehensive services to protect organizations from evolving threats.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

e-End

e-End

e-End provides hard drive shredding, degaussing and data destruction solutions validated by the highest electronic certifcations to keep you compliant with GLB, SOX, FACTA, FISMA, HIPAA, COPPA, ITAR.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Digital Pathways

Digital Pathways

Digital Pathways is an award-winning data security provider that helps businesses protect their digital assets.

Primary Guard

Primary Guard

Primary Guard provides IT solutions and computing technologies that help minimize impact from cyber threats, improve business efficiency and maintain essential functions during or after a disaster.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

Nokod Security

Nokod Security

Nokod Security delivers an application security platform for low-code / no-code custom applications and Robotic Process Automation (RPA).

BARR Advisory

BARR Advisory

At BARR Advisory, we build trust through cyber resilience. We help protect the world’s data, people, and information networks through a human-first approach to cybersecurity and compliance.

Center for Cyber Security Studies & Research (CFCS2R)

Center for Cyber Security Studies & Research (CFCS2R)

CFCS2R's mission is to empower individuals, organizations, and governments with the knowledge and tools necessary to protect against cyber threats.

Chorology

Chorology

Chorology is a leading provider of intelligently automated, data compliance and posture enforcement solutions.