It’s 2021, and the digital revolution shows no signs of slowing down. In fact, thanks in part to the pandemic, there are more businesses online than ever before as more small business owners realize the value of being on the web. However, with an increase in visibility comes an increase in risks and threats.
Recent Cybersecurity threats ranging from phishing and social engineering attacks to fraud and identity theft can wreak havoc on your business. While patching up any security vulnerabilities in your system is a great start, our predictions prove just how important it is to leave no stone unturned.
Cybersecurity Predictions in 2021
A small business is just as vulnerable to cybercrime as a large corporation – perhaps even more so given that it is far less likely to invest in advanced security solutions.
With the media biased toward reporting cases involving large businesses, it is no wonder that most people view cybersecurity as only a necessity for multi-million dollar companies and organizations.
In the past year, cybercrimes have targeted remote workers, many of whom were caught off-guard due to being unaccustomed to or unfamiliar with the threats associated with working online.
Unaware workers are particularly susceptible to social engineering attacks that involve some level of deception or manipulation.
Because COVID-19 coincided with the widespread introduction of 5G technology and a general global move toward online connectivity, there are more people online than ever before.
This spike in the number of online users translates into an increase in the number of hackable spaces, potential cybercrime victims, and data breaches.
With the devastating economic impact of the pandemic permanently shutting the doors of thousands of both new and well-established businesses, securing your business’s online presence by employing various security solutions may be just the thing that keeps it on its feet.
As anticipated, recent trends reveal a substantial increase in the number of security incidents for businesses of all sizes.
Here are some cybersecurity facts you need to know.
Keep Your Small Business Safe!
We have more than twenty years of experience working with financial firms, so you can be assured that we’ll take care of your every need.
How Many Cyberattacks Happened in 2020?
From January to September 2020, 36 billion records were exposed as a result of data breaches.
While the sheer frequency of these security breaches has shocked IT leaders and the cybersecurity industry as a whole, affected businesses are still reeling from the costs of data breaches.
This number is all the more shocking considering that many businesses do not report data breaches for fear of public opinion, loss of clients and reputation, and regulator fines. In some cases, businesses may simply consider the breach to be insignificant or may be entirely unaware of it.
Of these data breaches, 86 percent were focused on financial profit and business records and 10 percent on government information. This means that in addition to costs associated with a data breach, breaches have the potential to directly affect your business’s financial well-being and the security of its customers.
To put these crimes in perspective, it may be useful to take a look at some of the most prominent cybercrimes reported in 2020.
- Social networking site Twitter experienced a significant breach that attacked 130 high-profile accounts. Victims included past US presidents, Elon Musk, and others. Hackers also managed to steal about $121,000 in Bitcoin across a total of around three hundred cyber transactions.
- Several million records were exposed through data breaches aimed at other social networking sites, including Facebook, Instagram, Tik Tok, and Youtube.
- International hotel chain Marriott reported a major cyber breach in 2020. The data breach impacted over 5.2 million hotel guests, exposing their private information, including sensitive data such as credit card information.
- Carnival Corporation, the largest cruise ship operator in the world, experienced a ransomware attack that resulted in a massive data breach in August 2020. The cyberattack exposed confidential information relating to the business’s employees and guests. Security services reported that in addition to exposing the records, the hackers encrypted a vital portion of the company’s IT infrastructure.
- Adult live streaming website CAM4 was hacked in 2020, with hackers exposing over 10 billion records. A research team discovered that the system had been breached in March, with the breach ongoing for over a month.
- Two hundred and one records were exposed by a breach in the Google Cloud server.
Do Employees Cause Cyberattacks to Occur?
According to one report on major data breaches, 95 percent of breaches occur as a result of human error.
Employees are often an essential piece of the puzzle when it comes to giving hackers access to private information. Basic cybersecurity training can go some way in protecting your business against threats, specifically those aimed against workers and employees.
High-ranking members of staff, particularly those in management positions, are prime targets for cybercrimes, as they often have access to valuable information.
Although security service providers should be equipped to handle breaches when the vulnerability lies within the workforce, it can be difficult to adequately protect the business.
Even though the information security market offers some advanced cybersecurity solutions, increasingly sophisticated AI-backed cyberattacks necessitate an industry-wide shift toward AI-backed security services.
Enlisting the help of security services that cater to new and evolving cyber threats should be one of your business’s main priorities.
How Many Cyberattacks Occur Daily?
Someone falls victim to a cybercrime every 32 seconds.
That means cyber-attack occurs about 22,444 times every single day, and that number is growing. However, cybersecurity statistics are limited by the actual number of crimes reported.
This means that the actual number of crimes far exceeds what is reported.
How Many Businesses Are Targeted by Spear-Phishing Attacks Daily?
Breaking down threats by category sheds light on the vulnerabilities that may exist in your business.
Spear-phishing freezes your operating systems and can leak sensitive information that leads to identity theft, bank hacks, and more.
Criminals use this type of social engineering attack to steal user data, such as passwords, log-in data, and credit card information. Cyberattackers work to pass as a trusted colleague, friend, or relative by duping a victim into clicking on a link or opening an email or text message. Once the target complies, they are tricked once again to click on a malicious link that will gain access to their device and systems’ software.
Experts report that spear-phishing scams targeted 1 in every 22 users in the wholesale trade via emails in 2020.
Here are some specific cybersecurity statistics to review.
- In a survey of cybersecurity industry professionals, 80 percent said they experienced a higher volume of threats since workers had shifted to working from home.
- The same survey reveals that 62 percent of cybersecurity service providers saw higher phishing campaigns above and beyond any other form of cyber threats.
- These IT professionals said they believe that there would be many fewer phishing attacks if they’d been in the office.
- In another study, researchers state phishing is the number one cause of all cybersecurity incidents when staff is working remotely.
What Are the Projected Costs of Cybercrime in 2021?
Overall, 2021 is already the most expensive cybercrime year in history. What’s more, due to the pandemic and employees working from home, that cost is likely to continue to go up.
The cybersecurity industry predicts that globally, breaches will be more profitable in 2021 than the entire worldwide combined trade of all illegal drugs.
2020 and 2021 have created the perfect cyber storm. The new reality of people working from home has opened the doors for criminals to prey more easily on unsuspecting companies. Cybercriminals are gaining access to supposedly secure files at shocking rates, using a range of tactics from malware and spear-phishing to corrupted links.
While the cybersecurity market has made some significant efforts to raise awareness about the importance of implementing security measures, many small businesses are lagging behind.
Here are some startling cybersecurity statistics that delineate the cost of cybercrime in 2021.
- In 2021, the projected costs of global cybercrime are $6 trillion. Only six years ago, in 2015, these same costs were only $3 trillion, so this is a 50 percent bump in costs!
- A cybersecurity study found that over 4,000 criminal COVID-related websites went live on the internet within mere months of the pandemic lockdown.
- Cybercrime security experts also predict that ransomware damage costs in 2021 will exceed $20 billion globally. Only six years ago, the global cost for ransomware was just $325 million.
- A 2021 cybercrime report predicts that new attacks will happen every eleven seconds based upon current data reports. This is four times the hacking rate of 2016.
- In 2021, cybercrime will likely become the world’s third-biggest economy. This data means cybercrime will rank just after the United States and China.
What Are the Top Five Cybercrimes of All Time?
These top five cybercrimes are the most notorious to date. Of course, potentially larger attacks are undoubtedly in the works. However, taking a look back at past attacks and learning from those vulnerabilities may be useful.
1. Google China Hack (2009)
In 2009, the security team at Google China discovered a data breach. Once the security specialists dug deeper, they found evidence that the Chinese government was behind the hack.
The cyber attackers had broken into numerous Google servers and then stolen high-level intellectual property. As the Google IT team investigated this data breach, they found that numerous Gmail accounts had been hacked from the US, China, and Europe. These hacked Gmail accounts belonged to human rights activists focused upon China.
2. The United States Department of Defence and Nasa Hack by an American Teenager
A fifteen-year-old boy orchestrated this infamous major security breach. In 1999, Jonathan James broke into the US Department of Defense and installed spyware on its servers. This hack gave him access to many thousands of emails from numerous government agencies while also revealing both usernames and passwords for many military computers.
James also stole NASA software that cost the agency about $41,000 to correct since they had to run a total shutdown for three weeks. Even worse, this NASA software was valued at the time at $1.7 million and was used for vital support for the internal, physical environment for the International Space Station that included the living space for astronauts.
3. Scientology Hack
Another teenager made global news when he and a group of hackers attacked the Church of Scientology in 2008. Dmitriy Guzner, 18, was charged in the attack on Scientology when he hacked their servers. After pleading guilty, he had to pay damages of $37,500.
What makes this one of the most significant cyberattacks is that a teenager hacked into a heavily guarded religion as a part of his work in the online organization Anonymous.
4. PlayStation Network Hack
This particular hack demonstrates that more than just computers are at risk of being compromised. In 2011, a hacker accessed the PlayStation Network system, which resulted in the loss of data and personal information for some 77 million users. The company had to shut down for twenty days and lost an estimated $171 million.
5. US Charge and Debit Card Hacking
A hacker in 2009 was one of the first to create international news when he stole tens of millions of credit card data, exposing Americans to identity fraud. With over one hundred and seventy accounts hacked, this case was the largest fraud case in US history at the time.
Miami resident, Albert Gonzalaz, was convicted for the theft of credit card and debit card numbers that were stolen from over two hundred and fifty banks and financial institutions. Gonzalaz also breached the large 7-Eleven store chain, stealing customer credit card information.
What Are the Biggest 2021 Cybercrimes to Date?
In 2020, there was a constant flow of fraud, scams, and all sorts of data breaches targeting governments, businesses, and individuals.
This year, consumers continue to experience cyberattacks that target access to their Personally Identifiable Information (PII) daily, with about three hundred million people targeted via numerous forms of cybercriminal activity aimed explicitly at identity fraud.
Simultaneously, these malicious cyber actors are using sophisticated ransomware, malware, and more. Cybercriminals also hack into Virtual Private Networks (VPNs), systems that are supposed to be highly secure and are most often used to protect businesses, including banks and governments.
Here are the top recent cybercrimes of this year so far.
It’s worth noting that the growth of data breaches means there is always new “top” cybercrime to report.
The gaming world took a big hit in January when VIPGames.com, a trendy free gaming platform, was hacked. Cybercriminals stole more than 23 million records from more than 66,000 laptops and phone accounts. The hack was due to a cloud misconfiguration.
US Cellular, the country’s fourth-largest wireless carrier, was hit with a cyberattack that targeted their retail employees. This data breach resulted from a successful cybercriminals’ scheme to trick employees into downloading malicious software onto their company computers.
The malicious software then allowed the cyber thieves access to the wireless carrier’s customer relationship manager’s system, with information on about 4.9 million clients.
A T-Mobile hack was shocking in its ambitious reach. The company did not share the number of impacted users but reported it was the victim of a cyberattack that targeted SIM data. The T-Mobile customers experienced “SIM hijacking” when the cybercriminals took remote control over their phone numbers. As part of the scheme, the hackers switched their targets’ SIM cards to ones they controlled using social engineering.
The cybercriminals then stole the TMobile customers’ phone numbers, text messages, and calls. This attack gave the cyber thieves access to the victims’ bank accounts to steal funds, change passwords, and lock out people from their own bank accounts! Concurrently, the cybercriminals stole the vital private identity data of customers, such as their names, addresses, email addresses, TMobile account numbers, social security numbers, account personal identification numbers (PINs), and all account security question answers.
Nebraska Medicine became a victim of a malware attack where the cyber thieves accessed and copied personal plus medical files. A malware attack allowed a hacker to access and copy files containing the information of 219,000 patients. In this case, the data stolen included typical information, such as patients’ names, addresses, dates of birth, and insurance information. However, this data breach also stole medical imaging, doctors’ notes, laboratory results, diagnosis documents, treatment information, prescription details, and social security numbers.
The California Department of Motor Vehicles (DMV) experienced a data breach due to a third-party invoice contractor. The invoicing firm Automatic Funds Transfer Services was the victim of a ransomware attack. Cybercriminals stole drivers’ personal information going back to almost two years before the data breach. Data theft included California vehicle registration records, drivers’ names, addresses, license plate numbers, and vehicle identification numbers (VINs).
The patients, providers, and workers at the nonprofit MultiCare Health System were attacked in a massive data breach. The confidential information of more than 200,000 patients, workers, and providers was stolen by malicious actors. These cybercriminals stole highly personal data, including names, email addresses, social security numbers, dates of birth, insurance policy numbers, bank account information, and more.
A large, international IT firm was hacked by cybercriminals in early March. The company, SITA, provides IT services for about 90 percent of the world’s airlines. The company reported the data breach impacted airline passengers’ private information, including names, service card numbers, and more.
Microsoft was targeted via their Microsoft Exchange Server email software. This cyberattack got access to about 30,000 different businesses in the US. The businesses included not only firms but also local government agencies such as cities and towns. Hackers took over the business and government agencies completely and stole an undisclosed number of files and personal information.
Cybersecurity statistics are shocking due to the growing number of threats and their massive impact on the whole world. Although the cybersecurity market has developed in leaps and bounds, with the pandemic opening up new malicious opportunities for cybercriminals, these hackers’ new schemes will likely only get harder to handle.
As security experts report, companies are now realizing how vital it is to hire professionals to stem the tide of cyberattacks upon their livelihood. With the evolving creation of sophisticated cybersecurity hacks, business owners should consider complementing their own IT teams with professional cybersecurity firms that offer AI-backed technology.
If you want the best protection for your business’s systems, consider our company. We offer amazing tech solutions and top-notch cybersecurity; contact us for a free consultation!
Keep Your Small Business Safe!
We have more than twenty years of experience working with financial firms, so you can be assured that we’ll take care of your every need.