— Based on proprietary data, research shows an almost 2,000 percent increase in ransomware detections since 2015
— A paradigm shift must occur from shaming businesses who have been hacked to engaging with them
SANTA CLARA, Calif., Dec. 7, Malwarebytes™, the leading advanced malware prevention and remediation solution, today unveiled a report on the new age of organized cybercrime. It describes how this ‘New Mafia’ is accelerating the volume of attacks, sophistication and malice, which have increased 23 percent in 2017 versus 2016.
The New Mafia: Gangs and Vigilantes – A Guide to Cybercrime for CEOs, demystifies cybersecurity by drawing parallels between today’s criminals and the Mafia gangs of the 1930s. This new generation of cybercriminals increasingly resembles traditional Mafia organizations, not just in their professional coordination, but their willingness to intimidate and paralyze victims. Malwarebytes’ data confirms the capacity of these fast-maturing gangs to inflict greater damage on businesses.
- The average monthly volume of attacks in 2017 is up 23 percent versus 2016.
- Ransomware attacks in 2017 through October, have surpassed total figures for 2016 by 62 percent. In addition, there was an almost 2,000 percent increase in ransomware detections since 2015—rising to hundreds of thousands of detections in September 2017 from less than 16,000 in September 2015.
- Ransomware detections increased more than three-fold from 90,351 in January to 333,871 in October.
“The ‘New Mafia’, identified by our report, is characterized by the emergence of four distinct groups of cybercriminals: traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire,” said Marcin Kleczynski, CEO of Malwarebytes. “Through greater vigilance and a comprehensive understanding of the cybercrime landscape, businesses can support the efforts of legislators and law enforcement, while also taking action into their own hands.”
The growth of cybercrime and a lack of clarity over how best to tackle it – particularly within the context of policing – is having a profound impact on victim confidence. Those affected by cybercrime are often embarrassed, resulting in a reluctance to speak out. This is true for consumers and businesses alike and can have dangerous ramifications as firms bury their heads in the sand instead of being open and working to reduce future incidents. The report suggests that the answer lies in engaging and educating the C-suite so that CEOs are as likely as IT departments to both recognize the signs of an attack and be able to respond appropriately.
“CEOs will soon have little choice but to elevate cybercrime from a technology issue to a business-critical consideration,” said Kleczynski. “The most damaging cyberattacks to businesses are the ones that go undetected for long stretches of time. In spite of high-profile occurrences over the last year, this report shows that many business executives may still have some knowledge gaps to fill.”
The report also looks at the future of cybercrime and the implications of the ongoing melding of our physical and digital worlds. It argues that the Internet of Things (IoT) will enable crime to come full circle, potentially enabling someone to be physically executed by digitally hacking their internet-enabled pacemaker. Thus, it suggests that our understanding of, and legislation against, cybersecurity must drastically improve. If we can imagine a pacemaker being hacked or an autonomous getaway car used in a robbery, we should be able to legislate against it.
Malwarebytes’ analysis shows that, in spite of acknowledging the severe reputational and financial risks of cybercrime, many business leaders are largely underestimating their vulnerability to such attacks. The report concludes the potential for businesses and consumers to fight back by acting as ‘vigilantes’ through greater collective awareness, knowledge sharing and proactive defenses. This includes a shift from shaming businesses who have been hacked and instead engaging with them. Only then can we learn from one another how to tackle this rampant issue.
The complete The New Mafia: Gangs and Vigilantes – A Guide to Cybercrime for CEOs guide features original data and insight taken from a global panel of experts from a variety of disciplines including PwC, Leeds University, University of Sussex, the Centre for Cyber Victim Counselling in India and the University of North Carolina. To view the full report, visit https://go.malwarebytes.com/Cybercrime_NewMafia_PR.html.