Cybercrime has become more lucrative and frequent than ever before, costing companies more than an estimated $6 trillion in 2021. Despite growing awareness and increased spending by organizations to protect themselves, companies big and small have become victims of this dramatic rise in ransomware activity. So, why is the murky world of cybercrime enjoying such notoriety?

Collateral damage from strained international relations

State-sponsored cybercrime is now a major part of cyber-criminal activity, and it will likely continue to flourish amidst heightened geo-political tensions. Taking advantage of our increasing dependency on technology in all aspects of our lives and societies, nation-states use cybercrime for espionage, sabotage, or simply to spread misinformation. Some nations may even turn a blind eye to cybercriminal groups operating inside their borders, as long as they are targeting the private sector in other countries.

Many outside the cybersecurity industry may unknowingly assume that government departments are the key target of state-sponsored criminal activity. However, only a quarter of the cyberattacks in 2021 reported in Europe were directed at public administrations. In fact, more than half of those targeted were private-sector companies across a wide range of industries.

Increased digital adoption

The more companies turn to technology to make their businesses more efficient, the more possibilities open for hackers to exploit. Never was this more clearly demonstrated than during the early pandemic rush to adapt to the “new normal”. With so many more digital systems to exploit, ransomware attacks increased 435%.

Hybrid and remote work have placed additional responsibility for cybersecurity on the shoulders of individual employees, as many of these digital systems are no longer situated in a central office. Insider threats now account for 43% of all cybersecurity breaches, and often employees are not even aware that they are putting their company at risk. In fact, cybersecurity professionals believe their ability to boost employee awareness should be one of the three key pillars that guide companies’ cybersecurity strategies going forward.

However, not all breaches are accidental, and insiders who willingly aid cybercriminals can be very difficult to single out. Fortunately, various analytical metrics can be put in place to assess unusual or erratic user activity. User and Entity Behavior Analytics (UEBA), a tool that uses large data sets to establish typical and atypical human behavior, can be critical to properly vet new hires and to keep an eye out for unusual practices in the workplace.

Hackers know the costs of combating cybercrime

Protecting your digital infrastructure against cyberattacks doesn’t come cheap. Firstly, there’s cybersecurity insurance, which rose on average by 96% in 2021. While this may not be a huge expense for larger corporations, nearly half of the small firms in global supply chains do not have cybersecurity insurance. This introduces many vulnerabilities throughout the supply chain, any one of which can be a prime target for attackers to bring the whole system to a screeching halt.  

Secondly, the fight against hackers requires a team of professionals to defend your digital infrastructure. Sadly, the increased use of technology and the rise of cybercrime has not been accompanied by an increase in the number of qualified cybersecurity professionals readily available to protect companies. Having these specialists in place is very important in order to detect intrusion and build resilience in the event of successful attack. By investing in cybersecurity talent, companies are also investing in their training capacity. Having a trained workforce considerably reduces the risk of successful phishing attacks and creates a security-conscious culture.

Globally, there is an estimated shortage of nearly two and a half million cybersecurity professionals. This shortage means, in many cases, that hackers are not coming up against the best defense possible, and this is only expected to worsen as firms increasingly add more digital platforms to their repertoire, giving the cybersecurity professionals more to protect.

Increased vulnerability of supply chains

Those who work alongside manufacturers have to be extra careful. Globalization has dramatically increased the amount of goods moving around the world. This surge in demand has placed greater pressure on both supplies and manufacturers, resulting in supply chains that are stretched over large distances and logistics that are extremely sensitive to any disruption. Already weakened from pandemic bottlenecks, the manufacturing sector has become an attractive target for cybercriminals. In 2021, the number of supply chain intrusions rose 16% on the previous year.

Manufacturers and service providers often adopt new digital technology to quickly enhance productivity, but sometimes do so without paying sufficient attention to security issues. The introduction of robotics and the Internet of Things has provided hackers with new avenues to explore and exploit. One recent example is Norsk Hydro, one of the largest producers of light metals. In 2019, the Norwegian energy giant had to switch to manual production due to a cyberattack that locked all employees out of the company’s IT network. For several weeks, Norsk Hydro operated without computers, costing the firm $70 million in lost productivity.

Our customers rely on us to safeguard their financial and personal data, and we take cybersecurity threats very seriously. We have a dedicated team spread across the globe that work around the clock to protect our digital infrastructure.

For more information about cyber scams and other digital threats to keep your eye on, check out the Tech section of our blog.