By Mark Lanterman
From the recent AT&T outage1 to ongoing concerns about the security of U.S. critical infrastructure,2 managing digital risk is a continual process. Though often a daunting task for consumers and organizations, staying apprised of developments in our digital landscape can make a difference in our approach to cybersecurity and the application of best practices.
A helpful place to start: The FBI recently released its 2023 Internet Crime Report. Unfortunately, the document reveals a steady trend of increasing cyberattacks and related losses. The report explains, “In 2023, IC3 received a record number of complaints from the American public: 880,418 complaints were registered, with potential losses exceeding $12.5 billion. This is a nearly 10 [percent] increase in complaints received, and it represents a 22 [percent] increase in losses suffered, compared to 2022.”3 Though the actual number of reported incidents decreased in 2022, financial losses had increased from 2021. In contrast, 2023 saw an increase in both, with phishing-related attacks accounting for the majority of incidents reported. Notably, investment scam damages rose to $4.57 billion last year, up from $3.31 billion in 2022, a 38% increase,4 making them the most reported type of crime (followed by business email compromise and tech support scams). The report goes on to note that cryptocurrency-related investment fraud rose from $2.57 billion in 2022 to $3.96 billion in 2023—a 53 percent increase.5
Ransomware also continues to be a primary threat, with the Healthcare and Public Health sector reporting the greatest number of instances. This is further illustrated by reports of the recent attack perpetrated against United Health: The company “confirmed on the day of the breach that the cybercriminals behind the attack [were] a Russia-based ransomware gang… the group itself claimed responsibility for the attack, alleging it stole more than six terabytes of data, including ‘sensitive’ medical records.”6 While the attack is still being investigated at the time of writing, it has been reported that the cost of the attack will likely be between $1.35 billion and $1.6 billion in 2024.7 The healthcare industry is at particular risk of cybercrime, given the value of the data it gathers and stores; furthermore, the incident showcases the nature of organized ransomware groups and the vulnerabilities they exploit.
The 2023 Internet Crime Report makes clear that cybercriminals are successfully adjusting their strategies to target victims more efficiently and make individual crimes more lucrative. In spite of these challenges, the report also highlights law enforcement successes in supporting victims in recovering assets. Given the uptick in attacks and losses, it is hoped that these sorts of interventions will continue to thwart cybercriminals and assist victims. As cybercriminals adjust their attack methods to increase efficacy, so too must organizations and individuals adapt to changing threats and technologies.
Reporting on current trends can be used to update education programs and training policies. As described in the report, it is valuable to know that multiple ransomware variants are frequently being used in combination, or that fraud involving cryptocurrency is more common than ever. Every organization’s tech support practices should be made well-known internally, as this type of scam is becoming more common. A refresher on business email compromise is always welcome, as is ensuring that standard best practices such as multi-factor authentication are routinely implemented. Since phishing remains a primary tactic to target individuals, the ongoing impact of AI applications may feature in future reporting. For example, “deepfake attacks” add an unprecedented degree of realism to phishing calls; take for instance a recent event involving an audio deepfake of a CEO used to target an employee.8 Developing technologies should be considered when assessing and improving security practices.
In response to a constant stream of headlines and the reality that cybersecurity is an ongoing effort in staying ahead of the curve, making the most of available data can play a critical part in maintaining a proactive stance.
Mark Lanterman is CTO of Computer Forensic Services. A former member of the U.S. Secret Service Electronic Crimes Taskforce, Mark has 28 years of security/forensic experience and has testified in over 2,000 matters. He is a member of the MN Lawyers Professional Responsibility Board.
Notes
1 https://www.cnn.com/2024/02/22/tech/att-cell-service-outage/index.html
2 https://www.nytimes.com/2024/04/17/us/politics/china-cyber-us-infrastructure.html
3 https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf
4 Id.
5 Id.
6 https://www.cbsnews.com/news/unitedhealth-cyberattack-change-healthcare-hack-ransomware/#
7 Id.
8 https://blog.lastpass.com/posts/2024/04/attempted-audio-deepfake-call-targets-lastpass-employee