Recognizing and Combating Cybercrime

Don't Click, but if You Do

Stephen Nardone

Being able to recognize potential threats means being able to understand what motivates the criminals who are trying to invade your environment. It’s fair to say that a criminal is going to value your wallet. The question then is, what data in your environment has the greatest value?

Answering that question will help you to recognize some potential threats, but certainly not all of them. Social engineering tactics are convincing and highly successful.

In fact, Verizon’s Data Breach Information Report for 2016 cites a study that shows 30% of phishing messages were opened by the target during an extensive test. About 12% went on to click the malicious attachment or link and thus enabled the attack to succeed.

For whatever reason – curiosity? Inattention? A mistake? – more often than not, the user will unknowingly click on a malicious link. In order to give your employees cause to pause, they need to understand what can happen to the organization and the people within it if they fail to verify before clicking.

Your goal is to protect your organization from fraud and cybercriminals, but there are also steps you need to take to ensure physical security. Those intruders that are savvy enough to physically enter the premises and steal information might walk away with a device or two, but unless they are able to hack into the device, the only loss you incur is the machine itself.

Intruders that you can’t see enter into your network and go after the high value data, which puts everything that the attacker has accessed through lateral movement at risk. Depending on your organization, that could be financial records, health records, PII, Social Security numbers, banking and credit card information, or personal and interoffice emails. They can access information that could be used to get into additional accounts.

Some higher ups have been inclined to dismiss employees who mistakenly welcomed an intruder, but the threat of losing your job will make you less likely to report an incident – not the result they were going for.

If an alert becomes a breach, the results can be catastrophic. Larger enterprises might be able to recover the monetary loss, but not every organization can withstand the financial loss of a breach. A breach can negatively impact consumer trust and brand, resulting in future losses.

Many organizations have also seen the legal implications of having sensitive customer information stolen. Identity theft is always a concern in a breach, which is why recovering from a breach of great magnitude can take millions of dollars and several years. This year’s IBM Cost of Data Breach Study “found the average consolidated total cost of a data breach grew from $3.8 million to $4 million.” The study also reports that the “average cost incurred for each lost or stolen record containing sensitive and confidential information increased from $154 to $158.”

Having a plan in place to stop an innocent click from turning into a breach will help your organization understand how to combat cybercrime. Back up your files, set user controls, segment your network, and have an incident response plan.