October is cybersecurity awareness month, but, judging by the rapidly escalating threat cyberattacks pose to companies of all sizes in all regions, that awareness should be expanded to every month.
The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) notes in an October 1 ransomware advisory that the FBI’s Internet Crime Complaint Center received 37% more reports of ransomware incidents in 2019 than in 2018. That resulted in a 46% increase in associated financial losses for companies victimized by software that blocks access to financial and other critical data.
Main cyberattack targets have thus far been government entities, health-care institutions and financial organizations. But businesses everywhere can expect the range of targets to widen exponentially as more data is warehoused online and more criminal hackers allocate more resources to hijack that data.
Consider for example that all four of the world’s largest maritime shipping companies have been hit by major cyberattacks since 2017.
The costs of this new form of faceless techno-crime are staggering.
Cybersecurity Ventures estimates that annual damages from global cyberfraud and data breaches will total US$6 trillion by 2021. That’s up from what the cybereconomy research organization estimates was US$3 trillion in 2015.
It’s not just criminal enterprise that is driving the cybercrime boom. Legitimate businesses are contributing to the cause by not taking the threat of cybercrime seriously.
BDO Canada notes in its Cybersecurity 2020: Myths vs. Reality paper that most small to medium-sized enterprises do not have effective cybersecurity programs and “have made relatively limited technological investments to enhance cybersecurity.”
Most countries are also doing a poor job of catching and prosecuting cybercriminals.
Until those and other issues related to the expansion of online crime are seriously addressed, the costs borne by businesses and economies will continue their rapid upward spiral.