It’s a New High For Cybercrime

If it seems like there are a lot more frauds online than there ever were, there’s a good reason: there are. New reports suggest that, in 2017, businesses were hit with some kind of attack—including information loss or outright data theft—in just under 30 percent of cases in 2017. That’s just where the numbers begin, and taken together, they tell a story that will make you think twice about offline backups.

That 30 percent number is frightening enough, but it gets worse; executives reported in nearly 40 percent of interviewees that the company had suffered an attack by either worm or virus, and email phishing proved to be the second most common attack. The latest Kroll’s global fraud and risk study found that 86 percent of firms worldwide had been hit at least once in a 12 month period.

Perhaps worse is that, as attacks grow, confidence in systems wanes. The Kroll’s survey had the number of users who were “highly or somewhat vulnerable” to attack as over half, which is up six points from the previous year.

Just to round it out, Kroll’s senior managing director Jason Smolanoff pointed out “There is a convergence between physical and digital threats, with issues arising from equipment with sensitive data being stolen or lost, for example, or employees with access to highly sensitive information accidentally or intentionally causing a breach.”

Thus even your offline backups may not be perfectly secure; someone could wander in with a USB stick and wander out with 64 gigabytes or more of highly-sensitive customer data. That’s got to leave anyone concerned; how does anyone manage to protect themselves fully in an environment where everybody and his mother wants a hold of your data?

The usual admonitions about secure passwords, frequently-rotated, and practicing proper email discipline—don’t click on those links in email addresses—just don’t seem to go far enough. Yet we only have so many options; we require data to operate, particularly these days. Those who aren’t using data are falling behind, whether it’s analytics data for businesses looking to get ahead or our own mobile payments data.

So in the end, we must do what the song “Let’s Go to Prison” admonished. It’s zone defense; do what you can.