According to a recent report by the Office of National Statistics (ONS), cyber criminals are adapting to the modern world. Once upon a time, the cyber criminal preferred virus-based attacks through malware or ransomware; now, the ONS have said that these criminals are looking to exploit social media and emails to successfully defraud the public and businesses.
Computer misuse and fraud involving home computers and devices has reduced significantly throughout 2018. Overall, there was a 33% reduction from the same figures obtained in 2017, the reduction has been attributed to the 45% decrease in malware crimes during this time.
Action Fraud statistics, figures that also include businesses, also found that malware attacks were less prevalent with 25% fewer in 2018.
However, Action Fraud found that computer misuse actually increased by 12% compared with the same time last year; this equates to 24,063 offences.
Email fraud/impersonation and social media hijacking rose by 35% compared with 2017’s figures and indicates that this is where cyber criminals are now focusing their efforts. In total, Action Fraud found 9,458 cases of successful email fraud. These statistics do not cover the cases that were not reported to the police, indicating that the extent of the problem is considerably higher than the figures suggest.
Fraser Kyne, CTO for Europe at malware protection firm Bromium, said: “Once again, we’ve seen a drop in computer misuse, but what’s particularly interesting is that Action Fraud – which collects data from businesses – saw a 12% overall rise in reported cases, driven by an increase in email and social accounts being compromised.
“The risk here for organisations is that hackers are still exploiting the weakest link in security – people. Business email compromise can be particularly effective for spying on organisations or impersonating users to gain funds, hijack further accounts or attempt to gain access to critical IP [intellectual property],”
“This is why we need tools that can protect us from the things that we can’t see or detect, particularly as hackers are constantly changing tactics.
“We want every victim of crime, which includes businesses, to report those crimes – because if we know what the true scale of the problem is, we can start to develop an intelligence-led, coordinated response.”
As cyber criminals look to exploit vulnerabilities in email providers and the human recipients of the fraudulent emails, it will become increasingly important to ensure that a firm’s cyber security plan is robust and considers the training of staff and their obligations towards email awareness and cyber hygiene.
What do these figures suggest about modern methods of cyber criminality? Do you think this trend will continue in the future?