Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Attacks on Individuals Fall as Cybercrime Shifts Tactics

Cybercriminals shifted away from stealing individual consumers’ information in 2020 to focus on bigger, more profitable attacks on businesses, according to a report from the Identity Theft Resource Center.

Cybercriminals shifted away from stealing individual consumers’ information in 2020 to focus on bigger, more profitable attacks on businesses, according to a report from the Identity Theft Resource Center.

The nonprofit, which supports victims of identity crime, found that the number of U.S. data breaches fell 19% in 2020 to 1,108. But the number of individual victims of such cybercrimes fell 66% compared with the year prior.

Ransomware and phishing attacks are now the preferred form of data theft because they require less effort and generate bigger payouts. The ITRC said that one ransomware attack can generate as much revenue in minutes as hundreds of individual identity theft attempts over months or years.

According to cybersecurity firm Coveware, the average ransomware payout has grown from less than $10,000 per event in 2018 to more than $233,000 per event in 2020.

However, experts urge consumers not to let down their guard.

According to the ITRC report released Thursday, even with the decline, there were still 300.5 million individuals impacted by data breaches in 2020. Although this figure may include repeats, where a person is victimized multiple times.

“People should understand that this problem is not going away,” said Eva Velasquez, ITRC’s president and CEO. “Cybercriminals are simply shifting their tactics to find a new way to attack businesses and consumers.”

One rising trend is attacks on third parties, such as a vendor, that would yield access to multiple organizations through a single attack. Often, the organization is smaller, with weaker security measures than the companies they work for.

Advertisement. Scroll to continue reading.

Additionally, the pandemic may have fueled some changes, with employees working remotely and potentially exposing their company networks to criminals. There was also an increase in unemployment fraud as cybercriminals tapped into those systems, which were overwhelmed with claims and new protocols.

Velasquez urged consumers to remain vigilant in protecting their personal and professional information. Criminals will continue to use personal information even if the means by which they obtain it has changed.

“We are not out of the woods,” she said. “It’s not time for consumers to breathe a sigh of relief.”

Related: Over 250 Organizations Breached via SolarWinds Supply Chain Hack: Report

Related: Verizon 2020 DBIR: More Extensive, More Detailed and More Thorough Than Ever

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Cloud and cybersecurity MSP Ekco has appointed Ben Savage as UK CEO.

Shane Barney has been appointed CISO of password management and PAM solutions provider Keeper Security.

Edge Delta has appointed Joan Pepin as its Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.