The latest FBI Internet Crime Complaint Center (IC3) report details the real risks consumers and businesses of all sizes are facing in ransomware among other cyber losses.
2020 IC3 Report Overview
In March of 2020, the FBI’s Internet Crime Complaint Center released their 2020 crime statistics report, detailing the losses of cyber crime and internet scams.
Cyber criminals capitalize on Covid-19 fears and uncertainty
The report highlights how COVID-19 was used throughout the various scams reported over the year. Cyber criminals used global fear and uncertainty to craft more deceptive crimes such as COVID-related phishing scams. Additionally, business email compromise was the costliest scam reported to the IC3 in 2020, with phishing emails a close second.
Additionally, email phishing campaigns were reported as one of the most common means of ransomware infection. The FBI warns to “use extreme caution in online communication and always verify the sender of an email”.
Financial losses to ransomware artificially low due to underreporting
Ransomware is an ongoing cyber threat that’s highlighted in the report. Organizations faced significant financial burdens due to ransomware attacks throughout the past year:
However, the report includes a disclaimer that ransomware losses reported are known to be artificially low, given the victims often do not provide:
- Lost business time
- Missed wages
- File/equipment damage
- Third-party remediation services.
This number is also not accurate given how many ransomware attacks go unreported by victim businesses of all sizes. It is critical for victims to report ransomware so that more data can be collected on this growing cyber threat.
Popular vulnerabilities exploited by ransomware and how to protect yourself
The IC3 report highlights the popular vulnerabilities ransomware actors lean on to deploy the malware.
- Email phishing campaigns
- Open/Unsecured Remote Desktop Protocol (RDP)
- Software exploits
Organizations can greatly reduce their risk of ransomware and other cyber intrusions by actively looking to close these vulnerabilities. Learning how to prevent common ransomware attacks will make it more difficult for someone to victimize your network.
These are not new concepts when it comes to best practices for reducing your risk of a cyber attack. Being diligent in implementing proactive cyber security and training employees to detect incoming cyber threats can go a long way in being cyber smart.
What you can learn from 2020 cyber crime statistics
A key takeaway from this year’s report is that consumers and businesses face a growing risk when it comes to the ways they can be compromised. If you understand what types of cyber threats are present, you can better prepare yourself and your organization.
The report should encourage you to take appropriate action:
- Understand: You are the target of the hacking community. It doesn’t matter the size of your business or network
- Educate: Continuously educate your workforce regarding internet behavior and best practices. Stay up to date with the latest threat landscape.
- Collaborate: Businesses, individuals, and law enforcement need to talk to each other. The hacking community talks to each other all day long.
- Prepare: Think and prepare for the worst. When you let your guard down it can happen to you. The first 24 hours after a cyber attack are the most impactful.
Proven Data showcases these frameworks in the documentary Operation Cyber Aware to help bring awareness and promote stronger data security.
It’s time for you to get cyber serious today
The 2020 IC3 report is another example of how both consumers and businesses must take more action to protect their data. The main objective of the annual IC3 report is to bring awareness to how different areas of crime are evolving. This helps underscore what can be done to protect ourselves and our organization’s assets as we move forward.
Cyber crime only thrives when society chooses not to be proactive and rigorously defend their systems and network. As scams and malware become more prevalent, organizations and individuals must take responsibility to educate themselves to have a lasting impact on better cyber security culture.
Today you can start with the top cyber security practices which can greatly reduce cyber risk (and for no cost to you). Taking these actions now will ensure you’re not a statistic in the next cyber-crime report.