When it comes to fighting cybercrime, there are three major challenges. First, it is a global problem that will never go away and will only get more complex. Second, there is not a single entity to date – from a government agency to a Fortune 1,000 company in the United States – that has developed a foolproof solution to this evolving equation. Finally, we have not put in place real international cyber-enforcement policies to hold criminals accountable for their actions. Some of the biggest failures have been the inability of businesses and organizations to adequately protect their systems through to the end user and to invest in proper employee security and training against cyber threats. Addressing these vulnerabilities will be critical in 2022, not only as business travel begins to experience a resurgence, but especially as many workers continue to work remotely.
In 2020, the FBI’s Internet Crime Complaint Center reported nearly 800,000 Internet crime complaints, an increase of nearly 70% over 2019, with realized losses exceeding $4.1 billion. Of these complaints, business email compromise schemes, phishing scams, and ransomware incidents were among the most notable. One of the main reasons for the increase in cybercrime has been the shift to remote working induced by the Covid-19 pandemic, which has created an enabling environment for cybercriminals to exploit unsecured and vulnerable home networks. As FBI Cyber Engagement and Intelligence Section Chief David Ring explained during a webinar our company hosted last year on cybersecurity trends, “the more access points, the greater the threat to the actors”. By several landmarksremote work is here to stay in one form or another and so it will continue to be a major vulnerability for businesses if they don’t take steps to address it soon.
Whether employees are working from home or traveling on business, companies with the most sophisticated enterprise cybersecurity systems are always at risk. One of the main weaknesses is that these platforms often fail to adequately protect electronic devices outside of the physical office space. The recent news The fact that American athletes heading to Beijing next month to compete in the Winter Olympics are being smartly advised to leave their personal cell phones at home and use “burn-in” phones instead illustrates this point.
Compounding this issue is the lack of employee education and training on end-user protection, including how to identify and deal with a ransomware or phishing attack and how not to use public Wi-Fi. outside the office. To illustrate how easy it is for an intrusion to occur, a hacker can simply mirror a hotel’s Wi-Fi login page so that when someone using the hotel’s Wi-Fi connects with his name and room number, the hacker sitting in the hotel lobby has just broken into this device and opened a honeypot for bad actors. It can happen in any five star hotel in any major city in the world, in an instant.
It’s scary to think that if a company is hacked today, the FBI has an extremely low chance of prosecuting anyone. And, while the United States has made progress in strengthening our country’s cybersecurity, we are playing a catch-up game that has been going on for more than 30 years. But until we have enforcement policies with real teeth, rogue nation states, cartels and hackers will continue to leverage digital platforms to manipulate, steal and blackmail their way into corporate systems. , governments and individuals on an alarming scale. It’s not just a Chinese or Russian problem. It’s a problem everywhere.
With our workforce more dispersed in 2022 than ever before, companies must invest time, effort and money to strengthen their cybersecurity defenses, all the way to the end user by educating and training properly educate employees on how to secure laptops, cell phones, and other devices, while also ensuring the security of home Wi-Fi and routers. A cybersecurity system that ignores the human condition will eventually fail. At that point, a breach will occur, leaving a company with a permanent black mark on its brand and worse, possibly putting it down for good. It’s not a question of if but when.