We now live in a world where digital communication and technology has become a large and complex part of society. Almost everything we touch is now interconnected, and leaving some form of digital footprint behind is a virtual dead-certainty.
An unfortunate side-effect of this digital dependency is that cyber-crime has become a huge problem, resulting in an estimated $600 billion in losses every year. A new business was hit with a ransomware attack every 14 seconds in 2019 . The number of ransomware attacks on businesses grew 365% from 2018 to 2019. The scariest part of this statistic is only around 5% of cyber thieves get caught, leading many to believe that fighting this pandemic is a battle that will never be won.
But why is it so difficult for cyber thieves to get caught and prosecuted? And what does this mean for businesses when it comes to their data security? Below is a list of some of the current roadblocks that governments face when locating and catching cyber thieves, and what you can do to stay protected.
Most cyber thieves attack remotely
Penalties can vary greatly for those convicted of a cyber-crime. If considered a federal offense, the sentence could be anything from paying a series of fines up to serving 20 years in prison. The reality is that the majority of cyber-crimes are managed from a remote source, and there’s a good reason for it – jurisdiction. The most common attack vectors in 2019 were: remote desktop protocol with 63.5% of attacks, email phishing at 30.4% and software vulnerability at 6.1%. In the US, every state has different criteria for how they address cyber-crime. By committing crimes outside of the jurisdiction of local courts and prosecutors, criminals know they face little or no chance of prosecution.
While there have been instances of international collaboration between countries to shut down well-known hackers and syndicates, criminal law varies widely from one country to the next. What might be unacceptable online behavior in some countries may well be permissible in others. This makes it difficult for authorities to get the support they need to apprehend individuals responsible for remote cyber-crimes.
Cybercrimes are getting harder to convict
Cyber thieves now use advanced artificial intelligence (AI)-driven tools and services to help carry out their attacks, making them harder to spot and even harder to convict. Hackers will often use secure proxy servers, VPN tunnels and virtual machines to hide their identities and funnel communications through various countries. These tactics help cover their tracks and eliminate all traces of evidence a crime has been committed.
Of course, a lack of hard evidence makes it incredibly difficult, if not impossible, to convict. In fact, there’s almost no such thing as bulletproof evidence when addressing cyber-related crimes. Any evidence that is provided will almost certainly reference digital records, such as logs, which can be easily manipulated. This allows defending legal teams to simply claim that these have been tampered with along the way.
Capturing cyber thieves is costly
Another reason why many cyber-crimes go unanswered is the sheer volume, complexity and sporadic nature of the crimes themselves. Today’s cyber-crime is much more sophisticated and difficult to dissect than in the past. A significant amount of time and resources needs to be budgeted in order for a criminal investigation to take place. Many times, this budget is not easy to justify. For example, is it worth paying $50,000 to a 3rd party forensics team to investigate a $500 loss? Is it worth it for a $5000 loss?
So what can you do?
Roughly 45% of companies have paid the ransom when hit with a ransomware attack yet only 26% received access to their data. Even if governments could track down and prosecute all cyber-criminals, which they can’t, it’s still crucial that your business takes the necessary steps to protect itself.
One way to do this is by ensuring your organization is supported by an advanced endpoint protection solution that not only actively monitors for cyber threats, but uses powerful containment tools to stop them in their tracks.
Comodo Cybersecurity is an endpoint protection platform built on a zero-trust architecture, designed to protect organizations from military-grade threats and data breaches 24 hours a day, 7 days a week. Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally and can give you the tools and services you need to keep cyber thieves at bay while avoiding becoming another sad statistic.
If you want to harden your business systems and networks while ensuring they remain protected from the latest cybersecurity threats, contact Comodo Cybersecurity for a free demo of their Dragon platform https://platform.comodo.com/signup?af=16153.
TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE