In 2019, reports of cybercrime to the IC3 reached a new high of 467,361 reports after a gradual upward trajectory. The next year, that total leaped to 791,790 and has not dropped below 800,000 since(1).
Needless to say, the threat of cybercrime has increased drastically in recent years. The annual losses to cybercrime have nearly tripled since 2020(2). Because of this, it’s never been more of a priority to take your online security and threat intelligence seriously.
Common Cyber Threats and Attack Vectors
New technology has presented cybercriminals with the ability to reach large quantities with high efficiency and minimal effort. However, many scams still rely on the same strategies that have worked for years. This has led to the current cyber threat landscape where perpetrators meticulously manipulate and blackmail their targets, both electronically and emotionally.
Phishing and Social Engineering:
Phishing attacks were far and away the largest threat to cybersecurity in 2023 with nearly 300,000 victim(3). With virtually endless communication methods, perpetrators can target their victims through every outlet of their online occupancy.
These scams play on the human aspect of their victims by posing as a trusted entity and extracting personal data or monetary assets. Even large companies can fall prey. This was seen with Change Healthcare, who lost an estimated $1.6 billion dollars in a combination phishing-ransomware attack in 2024(4).
Ransomware & Malware:
Speaking of malicious programs, ransomware and malware attacks are of the largest growing cybersecurity threats facing companies. In 2023, over 72%(5) of business worldwide succumbed to ransomware attacks, with the average cost per attack sitting at $5.13 million(6).
Different types of malware attacks include:
- Viruses: A malicious program that can duplicate and spread throughout your entire system when running on your device
- Worms: These operate similarly to a virus, except this malware does not need an active host application for it to spread
- Trojans: These programs disguise themselves as useful software to infiltrate a network, getting their name from the Greek myth
- Ransomware: A software that encrypts network data and provides the perpetrator with blackmail leverage to demand a ransom to resume access
- Rootkits: A sophisticated software that gives unauthorized parties remote access to your network and goes largely undetected by security systems
- Keyloggers: A program which tracks each keystroke on a device to harvest log-in credentials and other confidential data
Data Breaches & Identity Theft:
Data breaches pose a cyber threat to both companies and their consumer base. Even the government isn’t without risk, with 137 cases of government data breaches in 2023(7). This results in obvious reputational damage and financial loss for the organizations, while also leading to additional cyber threats like identity theft, financial fraud, online blackmail, and sextortion targeting patrons.
These attacks often utilize an amalgamation of a few of the other strategies we’ve discussed, commonly beginning with a phishing email that contains malware that compromises the targeted system or deceives the recipient through social engineering. In fact, roughly 90% of data breaches begin with a phishing attack(8).
Sextortion:
Sextortion is one of the fastest-escalating cyber threats in recent years. NCMEC’s CyberTipline received an average of 812 reports per week in 2023, an increase of roughly 250 compared to the prior year(9).
These scams utilize social engineering to wear down the victim’s safeguards and gain enough trust to initiate the exchange of intimate content. Sextortionists attack both their victims mentally and monetarily, with fear and shame being the driving factors.
Some tips for avoiding sextortion schemes and red flags to look out for include:
- Don’t exchange any sensitive data with online strangers
- Avoid oversharing and use increased privacy settings on online platforms
- Be wary of individuals who try to coerce you into any action online
The Rise of AI assisted Cybercrime.
The previously mentioned cyber threats are being fast-tracked thanks in large part to the development of AI. So much so that in 2024, the FBI released a warning in regard to the increase in speed, scale, and automation of cyber threats due to AI technology(10).
This technology can be used to scan security systems for vulnerabilities, generate and translate phishing messages, and create deepfake content that increases the validity of their deception. Deepfake content has also expedited blackmail and sextortion with perpetrators manufacturing explicit or compromising media of their victims.
Deepfakes were used to facilitate cyber threats at a 3,000% higher rate in 2023 than in 2022(11), displaying the rapid explosion of the technology’s use in the criminal circle. The technology led to threats of violence and nearly cost a Maryland High School principal his job after a deepfake audio clip of him making racist remarks about students was created(12).
Why Cybercrime is Getting Out of Control.
There are numerous factors at play when it comes to the constantly rising prevalence of cyber threats. As already discussed, the development of new technologies and their corresponding nefarious uses has expanded the volume and volatility of online criminal activity.
Another driving force is our expanding reliance on Internet of Things (IoT) devices in both the personal and professional partitions of our lives. While these devices allow for unparallelled connectivity between devices on a network, they also facilitate the compromission of those very networks through the infiltration of a singular point.
This is compounded with a rapid increase in online operations within businesses that is not matched with heightened threat intelligence. A large contributor is a lack of proper employee training, with roughly 95% of all breaches tied back to human error(13). This shows just how crucial threat analysis is for both electronic systems and those operating them.
Implementing Appropriate Measures.
The escalation of cybercrime is an issue that impacts the entire world. Therefore, a collective effort between individuals, businesses, sectors, and nations is needed in order to combat cyber threats effectively.
It is necessary for national governments to prioritize protection and prevention practices. While laws have been passed around the world in a global effort to deter cybercriminals, there is a dire demand to allocate resources for creating better public awareness and threat intelligence.
These efforts must also be met by the private sector. Businesses like social media platforms need to continue implementing tools such as Take It Down and perform hasher enforcement of policies against cybercrime. Additionally, cybersecurity firms must continue to evolve to stay ahead of cyber threats.
However, the most important contributor to our concerted cybersecurity is you. We all need to individually make a committed effort to improving our online awareness by researching current cybercrime trends and implementing safe online habits.
Taking Proactive Steps to Combat Cybercrime.
The data would suggest that cyber threats are not just here to stay; they’re expanding. Even so, this doesn’t mean you can’t safely spend time online. Educating yourself on cybersecurity may feel daunting, but DFC has a library of free informational resources available online.
We’ve got information on safe online practices, strong security system software, common cybercrimes, and everything in between. Check out our online blogs and start taking a proactive approach to your online safety today.
Source:
- Complaints on internet crime annual 2023 | Statista
- Cybercrime: monetary damage United States 2023 | Statista
- U.S. most reported cybercrime by victim number 2023 | Statista
- What the Change Healthcare Cyber Attack Means for the US Healthcare Industry
- Global firms targeted by ransomware 2023 | Statista
- Cybersecurity Statistics in 2024
- U.S. government data breaches by state 2023 | Statista
- The Silent Threat: How 90% of Data Breaches Start with Phishing ?
- Thorn_TrendsInFinancialSextortion_June2024.pdf
- FBI Warns of Increasing Threat of Cyber Criminals Utilizing Artificial Intelligence — FBI
- Deepfake fraud attempts are up 3000% in 2023 — here’s why
- The AI clip that convinced – and divided – a Baltimore suburb
- The State of Human Risk 2025 | Mimecast
DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.
