The American, non-profit organization helps victims infringements data and provides regular updates on the magnitude of this challenge for businesses. In his forecasts for 2021, reported that cybercriminals rely less on stolen personal information information and more on "bad consumer behavior", such as reusing a password to carry out attacks.
"Cybercriminals focus on attacks requiring connections and passwords to gain access to corporate networks and carry out ransomware attacks and Business Email Compromise (BEC) scams. These attacks require less effort, are largely automated, the risk of catching criminals is lower and the profits are much higher", Said the ITRC.
According to the organization, the ransomware payments have increased significantly in recent years. In the third quarter of 2018, criminals earned an average of $ 10.000 and now this amount has reached at least 178.000. The big business victims fall into ransomware gangs over $ 1 million. On the other hand, the BEC scams were responsible for the $ 1,8 billion loss in 2019.
The ITRC is already seeing a drop in data breaches. In October, the number of violations reported (including all violations by the third quarter of 2020) was 30% lower than the number of violations reported in the same period in 2019.
The agency claimed that 2020 could be the year with the lowest number of violations in the US in the last five years.
However, this does not mean that there should be complacency. Phishing attacks and pandemic-related identity theft scams will continue in 2021, as stolen IDs are used to claim unemployment benefits, etc.
Source: Infosecurity Magazine