Cyber criminals are running amuck. Steve Langan, chief executive at Hiscox Insurance recently told CNBC that in 2016:
“…cybercrime cost the global economy over $450 billion, over 2 billion personal records were stolen and in the U.S. alone over 100 million Americans had their medical records stolen.”
And the predictions look outrageous:
Cybersecurity Ventures predicts global annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion annually by 2021, which includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.
Why is the situation getting so much worse?
It’s because today’s law enforcement is not set up for success. We lack the ability to systematically identify and swiftly apprehend persistent cyber criminals.
Cyberspace just doesn’t conform to our existing legal and criminal justice approaches. Traditional law and order relies on familiar but outmoded ideas about geographic boundaries.
And that allows cybercrime to flourish
Thus, police rely largely on heroics just to make a dent in the trend.
Take, for example, the Russian hacker Roman Seleznev. As described in the Seattle Times, he perpetrated a…
“…credit-card theft scheme from behind keyboards in Vladivostok, Russia, and Bali, Indonesia. Over a decade, Seleznev stole and sold on the black market more than 2 million credit-card numbers, resulting in losses of at least $170 million, and maybe into the billions, according to documents filed in U.S. District Court in Seattle.”
How did they catch him? In June 2014, agents learned that Seleznev would soon travel to the tropical island country of the Maldives in the Indian Ocean. While the U.S. did not have an extradition treaty with the Maldives, officials there agreed to let U.S. agents arrest Seleznev at the airport.
And Seleznev was stunned to be in U.S. custody.
How does technology fit into the picture?
In the same way the Internet revolutionized business, it also revolutionized crime. All the technology that Amazon uses to disrupt brick-and-mortar retailers is being used by cyber criminals.
We have to look back about a hundred years to find a similar challenge to law enforcement. Think 1930s rural America.
Criminals were more heavily armed than the police and used surprisingly fast cars to conduct lightning-fast strikes on many soft targets: Bank branches in small, rural towns.
The police weren’t equipped for it. They had clumsy weapons, relatively slow cars, no radios, and limited jurisdiction. In fact, all a bank robber had to do was speed across a state line and they were free from pursuit.
The New Scourge
Cyber-criminals include the likes of Bogachev, who used malicious code to steal over $100 million from US banks. This guy is so effective at cyber-crime that the FBI is offering a $3 million reward.
We need a cohesive, cross-functional, sustainable solution. There are some preliminary blueprints for what this requires, but authorities haven’t sorted out how to implement a truly effective solution.
In the meantime, we’re all on our own to deal with cyber criminals and the fallout resulting from their mostly successful attacks.
Cyber Risk Opportunities helps middle market companies avoid costly cyber-crimes by prioritizing and reducing your top cyber risks, including the specific requirements of PCI, HIPAA, SOC2, ISO 27001, DFARS, and more.
Get in touch today to learn more and take advantage of a free 30-minute Q&A session with one of our cyber risk experts. Call 253-332-7867, or email us at info@cyberriskopportunities.com.