 |
| Source: Malwarebytes The New Mafia report cover. |
The New Mafia: Gangs and Vigilantes – A Guide to Cybercrime for CEOs demystifies cybersecurity by drawing parallels between today’s criminals and the Mafia gangs of the 1930s. This new generation of cybercriminals increasingly resembles traditional Mafia organisations, not just in their professional coordination, but their willingness to intimidate and paralyse victims, the company said. Malwarebytes’ data also confirms the capacity of these fast-maturing gangs to inflict greater damage on businesses.
Ransomware attacks in 2017 up to October have surpassed total figures for 2016 by 62%. In addition, there was an almost 2,000% increase in ransomware detections since 2015—rising to hundreds of thousands of detections in September 2017 from under 16,000 in September 2015. Ransomware detections have increased more than threefold from 90,351 in January to 333,871 in October.
“The new Mafia, identified by our report, is characterised by the emergence of four distinct groups of cybercriminals: traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire,” said Marcin Kleczynski, CEO of Malwarebytes. “Through greater vigilance and a comprehensive understanding of the cybercrime landscape, businesses can support the efforts of legislators and law enforcement, while also taking action into their own hands.”
The growth of cybercrime and a lack of clarity over how best to tackle it – particularly within the context of policing – has a profound impact on victim confidence. Those affected by cybercrime are often embarrassed, resulting in a reluctance to speak out. This is true for consumers and businesses alike and can have dangerous ramifications as firms bury their heads in the sand instead of being open and working to reduce future incidents. The report suggests that the answer lies in engaging and educating the C-suite so that CEOs are as likely as IT departments to both recognise the signs of an attack and be able to respond appropriately.
“CEOs will soon have little choice but to elevate cybercrime from a technology issue to a business-critical consideration,” said Kleczynski. “The most damaging cyberattacks to businesses are the ones that go undetected for long stretches of time. In spite of high-profile occurrences over the last year, this report shows that many business executives may still have some knowledge gaps to fill.”
The report also looks at the future of cybercrime and the implications of the ongoing melding of our physical and digital worlds. It argues that the Internet of Things (IoT) will enable crime to come full circle, potentially enabling someone to be physically executed by digitally hacking their internet-enabled pacemaker. Thus, it suggests that our understanding of, and legislation against, cybersecurity must drastically improve. If we can imagine a pacemaker being hacked or an autonomous getaway car used in a robbery, we should be able to legislate against it.
Malwarebytes’ analysis shows that, in spite of acknowledging the severe reputational and financial risks of cybercrime, many business leaders largely underestimate their vulnerability to such attacks. The report concludes the potential for businesses and consumers to fight back by acting as ‘vigilantes’ through greater collective awareness, knowledge sharing and proactive defenses. This includes a shift from shaming businesses who have been hacked and instead engaging with them. Only then can we learn from one another how to tackle this rampant issue.
Explore:
*The report features original data and insight taken from a global panel of experts from a variety of disciplines including PwC, Leeds University, University of Sussex, the Centre for Cyber Victim Counselling in India and the University of North Carolina.
No comments:
Post a Comment