The internet’s speed, convenience, anonymity and the absence of borders make it possible for cybercrime to increase at a rapid pace. Companies are more vulnerable than they often realise.
It is not so much the size of an organisation or the number of customers an organisation has that makes them a key target. Possessing and using sensitive consumer information increases an organisation’s vulnerability. The world’s most valuable resource is no longer oil, but data… Recent publications refer to the annual cost of cybercrime but it is evident based on the different figures that are published, that an accurate figure is not available. Authors do agree however that the cost to the global economy is anywhere between 450 and 600 billion $. Businesses can reduce their exposure to cybercrime by maintaining a cybersecurity strategy and should not underestimate the importance of having an IT expert dedicated to this topic on their (supervisory) boards.
A short intro: The Council of Europe Convention on Cybercrime defines cybercrime as a wide range of malicious activities, including the illegal interception of data, system interferences that compromise network integrity and availability and copyright infringements. To mention just two categories of cybercrime: 1) crimes in which the computer is the main target; e.g. to gain network access and 2) crimes in which the computer is used as a weapon to launch a denial-of-service(DoS) attack intended to shut down systems and networks. The criminal no longer has to be present when committing the crime and the purpose could be to simply create as much damage as possible or to get money out of the targeted party. If money is the main objective, criminals may use:
- Cyberextortion : Payment is demanded in return for stopping or remediating the attack
- Cryptojacking : The unauthorised use of a third party’s computer to mine for cryptocurrency
- Identity theft: The deliberate use of someone else’s identity
- Credit card fraud: Theft and fraud committed using another person’s payment card
- Ransomware: Malware used to prevent users from accessing their system or personal files. Ransom payment is demanded to regain access.
- Cyberespionage: Illicit use of computer networks to access confidential information from individuals, organisations, governments, adversaries..
Management teams: save yourselves a huge amount of risk, stress and damage by making cyber security a priority going forward. Remember: data is an immeasurable asset and yet organisations allow it to be exposed to immeasurable risk.
Written by Janet Poot