In fact, the FBI’s Internet Crime Complaint Center (IC3) reports financial losses from cybercrime is steadily growing but is largely under reported. The FBI reports losses of nearly $1.1 billion across the U.S., stemming 127,145 incidents.
More alarming, agents suggest these extensive losses are just the tip of the iceberg. The IC3 report estimates as few as 15% of fraud victims even report internet crimes to law enforcement.
While data breaches at large retail chains tend to get the headlines, small businesses are increasingly vulnerable to ransomware, a type of malware that infects and seizes control of an entire network by way of an encryption tool. The hacker only releases the data when the victim pays a ransom.
Ransomware demands growing
Bank Info Security recently reported that the ransom demands for the release of encrypted data are increasing in value. It also reports the disturbing trend of hackers using poor quality encryption tools that damage or destroy some of the data so that it cannot be returned fully intact, even if the ransom is paid.
Ransonware schemes are usually launched just like a phishing scam. If someone on the network clicks on a link in a bogus email, perhaps thinking they are responding to a legitimate request, it unleases the malware that infects the entire network. Hospitals, insurance companies, and even police departments have been affected.
In response to this and other cyber threats, the Department of Homeland Security (DHS) and Technology Directorate (S&T) Cyber Security Division (CSD) are studying the best way to alert small businesses to potential threats. The project is called “Dissect Cyber.”
Dissect Cyber
“Through its research project, Dissect Cyber is providing very timely notifications that help small- to mid-sized companies from falling victim to well-targeted and executed internet and email scams,” said program manager Dr. Ann Cox.
The goal, says Cox, is to get this information in the hands of business and corporate leaders before cybercriminals launch their latest schemes. That requires staying one step ahead of the hackers, which is a challenge.
But the program has the goal of establishing an early warning system, which could help companies take steps to avoid being victimized.