Losses From Cyber Crime Exceed $1Trillion

All organisations are having problems with cyber crime and with the impact the Coronavirus hacking crime in particular is increasing. The FBI has seen a four times increase in cyber security questions and complaints since the pandemic began and the endpoint security experts at McAfee  say that the worldwide losses from cyber crime have exceeded $1 trillion in 2020 for the first time

Now a new report from Interpol says cyber criminals are targeting larger businesses. Interpol’s assessment of the impact of COVID-19 on cyber crime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure.

Furthermore, 2020 was also a year of significant change for working practices and lifestyles. In the UK, the population spent a significant portion of the year either under lockdown or being recommended to work from home where possible. In 2021, there are many cyber security threats that have either emerged as a result of the pandemic or have been exacerbated by it. Here are some of the cyber security threats facing businesses and organisations in 2021.

Increase in Home and Remote Working

The seismic shift in remote working and online shopping has opened up new concerns over cyber security threats, which means investors need to be aware of the growing opportunities now. Over 50% of the UK population now work from home which raises the cyber security problems considerably. 

Pandemic Phishing

Cyber criminals have of course used the fear surrounding the Covid-19 pandemic as a part of their tactics and virus related phishing became a major problem over 2020 and this looks like it will only get worse in 2021. Criminals use phishing emails to encourage people into clicking a malicious attachment often currently using the concept of Covid-19 and the worries around public health.  

Cloud Breaches

It is also true that the Covid-19 pandemic caused many businesses to alter the way they work and switch to cloud-based solutions. Just as with remote working, moving to the cloud can actually be a major positive, however, doing it too quickly and not taking the time to get the details right can leave your business vulnerable to cyber attacks.

Many organisations simply did not have the kind of IT expertise to manage this kind of migration effectively, and this leads to misconfigurations and other issues that can leave systems with security weaknesses.

Surveillance & Coronavirus

There have been  a lot of discussions on how surveillance technology has been used to contain or combat the virus. 
Initially most prevalent in China, where mass surveillance is already used, stories included facial recognition software and CCTV integrated with AI to track people’s movements from areas that there were known to be outbreaks from, therefore measuring the risk of the potential spread of contamination.

These reports have since seen other nations adopting similar measures, with the additional usage of thermal imaging technology which raises questions about privacy. If mass surveillance measures are introduced with the initial goal of public safety in mind, would it lead to more ‘intrusive’ measures? 

Attacks on the IoT

A growing number of businesses and organisations are implementing Internet of Things (IoT) applications and devices in order to enhance customer service, capture data and manage internal infrastructure. The problem here is that many IoT devices are not designed with security in mind, and may have flaws and vulnerabilities that are both easy to exploit and difficult to fix. If hackers are able to gain control of the IoT devices in an organisation they can potentially use them for access into the rest of the IT system.

Not all vulnerabilities that businesses need to be aware of relate to applications, in fact, in 2021, cyber criminals are increasingly finding weaknesses in the process flow of business operations. By observing the system, criminals find weak links in the processes. For example, a company might be using an automated invoicing tool, which could itself be vulnerable. 

Interpol:           IFSECGlobal:         IFSECGlobal:      City Wire Selector:       McAfee

Your organisation should be doing everything possible to mitigate these risks and find ways to prevent weaknesses and vulnerabilities in your IT systems and at Cyber Security Intelligence we recommend employee and management cyber training. For more information and advice please contact Cyber Security Intelligence.

You Might Also Read: 

Spending  On Cyber Security Will Reach $60bn This Year:

 

 

« Everything You Need To Know About Hashing Algorithms
Use The Military To Attack Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cyber Risk Agency

Cyber Risk Agency

Cyber Risk Agency is a cybersecurity consulting firm specializing in managing cyber risks for SMEs.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Guy Carpenter

Guy Carpenter

Guy Carpenter delivers a powerful combination of broking expertise, strategic advisory services, and industry-leading analytics.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Institute for Cybersecurity & Privacy (ICSP) -  University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

Cyber Base

Cyber Base

Cyber Base is an Information Technology company based in Uganda providing software and hardware solutions to clients.

NDK InfoSec

NDK InfoSec

NDK InfoSec is a specialist Information Security and Cyber Security search firm. We're not just a security function in a larger generalist recruitment company.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.

Mitiga

Mitiga

Mitiga uniquily combines the top cybersecurity minds in Incident Readiness and Response with a cloud-based platform for cloud and hybrid environments.

comforte AG

comforte AG

comforte AG is a leading provider of data-centric security technology. Organizations worldwide rely on our tokenization and format-preserving encryption capabilities to secure personal, sensitive data

Identity Management Institute (IMI)

Identity Management Institute (IMI)

Identity Management Institute (IMI) provides professional training and certification in cyber security with a focus on identity and access management, identity theft, and data protection.

Teleport

Teleport

Teleport is a remote-first technology company. We enable engineers to quickly access any computing resource anywhere on the planet.

Execweb

Execweb

Execweb are a cybersecurity executive network, comprised of 400+ security practitioners who work at Fortune 500 and SME companies.

SquareX

SquareX

Squarex secures your online activities without compromising productivity.

Cyber Guards

Cyber Guards

Cyber Guards provide comprehensive, turn-key cyber security programs for small and mid-size business for about the cost of one full-time cybersecurity hire.

SecureFlag

SecureFlag

SecureFlag is dedicated to enhancing secure coding across all technical profiles within the Software Development Lifecycle.