Where The Money Is
Even though digital era banks have best-in-class cybersecurity, today’s criminal hackers still go where the money is. Ransomware payments by banks DOUBLED in 2021 to $1.2 Billion!
Bonnie and Clyde, John Dillinger, “Pretty Boy” Floyd, Willie Sutton: If you recognize any of these names it is because they were old school bank robbers. In their day, no storefront had more security than the local bank and yet, these folks focused on banks. When a reporter asked Willie Sutton why he robbed banks, he replied “because that’s where the money is.”
In just one year, criminal hackers struck banks almost 1500 times according to the Financial Crimes Enforcement Network of the US Government.
Why This Matters
The monsters of cybercrime have names like REvil, and Evil Corp. While it is the large corporate attacks that get the headlines, don’t relax. These monsters create versions of their ransomware software that they lease or sell to much smaller criminals who think businesses like yours are just right for their extortion plans.
The growth in attacks on banks is well documented because US banks are required by law to report cyber-attacks to the Federal government. On the other hand, attacks on other industries and smaller businesses often go unreported. Smaller attacks are so common that they don’t even make the news anymore. Aggregated data about ransomware attacks is hard to come by for these reasons.
However, a confidential survey by the global cybersecurity firm Sophos has 66% of the business leaders surveyed admitting that their business has been a victim of a ransomware attack. The average ransomware payment was $812,000.
21% of ransomware payments were less than $10,000. This shows the degree to which even very small companies are being extorted in big numbers.
Small-time cybercriminal hackers are everywhere and they are attacking businesses like yours. They license ransomware software and they compromise IT networks with email fraud techniques that take minimal resources to implement.
How To Protect Yourself
If you think that your business can fly under the radar because of your industry or your size, forget about it. Instead, your mindset needs to be this; if US Banks are this vulnerable, imagine how vulnerable your company might be.
Get used to the idea that in the digital world, you are “where the money is” for small-time criminal enterprises and they are looking for you right now.
The actions you take because of your mindset will make a world of difference in preventing an attack or mitigating an attack when a criminal does get into your networks. In the Sophos research mentioned above, 35% of companies that were attacked stopped the attack before their data was encrypted. That’s not luck, that’s good planning.
We offer a Cyber Security Assessment that will help you understand where you are today in terms of security and what to do next to improve. This assessment matches up closely with the demands that cyber-risk insurance providers are requiring before they will underwrite a policy.
It’s hard to stay ahead of cybercriminals but underestimating the threat will eventually create a much harder problem.