Every 11 seconds, there’s a ransomware cyberattack against a business. These types of attacks happen even more frequently to individuals.
For Claudette McGowan, Global Executive Officer – Protect Fusion & Cyber Experience at TD Canada, these statistics are painful but not surprising. On a recent episode of her podcast C Suite, McGowan spoke with an ex-intelligence agent and Yung Wu, CEO of MaRS Discovery District, about the growing ransomware industry and how individuals can protect themselves.
“The ransomware business model is low risk and high-potential reward.”
– Claudette McGowan
While cybercriminals are often portrayed as lone hackers working in a garage, the reality is that cybercrime is a multibillion-dollar global industry. Wu said that the current market size sits around $170 billion when you factor in the technology, labour costs, and other traditional ‘startup’ costs like marketing and recruiting. That number could grow as high as $300 billion in the next five years, but Wu said the real “eye-popping” statistic is the damage that cybercrime has wrought on the global economy: anywhere from $9 trillion to $21 trillion in economic damage from lost funds, lost productivity, and lower security.
The pair noted that a key reason behind the rapid growth of the cybercrime industry is the increasing ease of becoming a hacker.
“[The] ransomware business model is low risk and high-potential reward,” said McGowan.
Wu explained that on the dark web, you can purchase services like a DDoS attack, a fake corporate email, and fake corporate social media accounts for a few hundred dollars each. For less than the cost of a new laptop, you can become a fully-fledged cybercriminal ready to launch a fake version of a reputable company to scam people with ransomware or other types of attacks.
“When you think about the cost to do this, and the ease to do this, almost anybody can decide they are going to become a hacker,” said Wu.
Unfortunately, the current power dynamics of cybercrime tilt towards hackers. McGowan said that only one to two percent of cybercriminals are ever prosecuted, leaving the risk of consequences is fairly low. That makes cybercrime even more attractive because it’s easy to get into, cheap to start, potentially highly profitable, with little to no risk of repercussions.
On the podcast, the ex-intelligence agent advised that any person who is concerned they’ve been the victim of a cyber attack should shut down their computer immediately, removing all internet connections that a hacker might use to steal or freeze your data. Then contact law enforcement, which increasingly have departments dedicated to cybercrime. Finally, change all personal information on other applications as soon as you can (usernames, passwords, security questions, and other verification codes) to avoid a hacker breaking into one system, like your email, then using the information to get into other accounts, like your online banking.
Feature image courtesy Unsplash.