The specter of cybercrime continues to grow, with losses soaring to $12.5 billion in 2023, according to the recently released Internet Crime Report by the FBI's Internet Crime Complaint Center (IC3).
The revelations underline an alarming surge in cybercrime, affecting both business and personal interests alike, with the main attack vectors being investment fraud, business email compromises and an increased surge of ransomware attacks on nearly every critical infrastructure sector.
This report paints a chilling picture of our ever-evolving cyber threat landscape. In 2023, a staggering 880,418 complaints were logged by the IC3 — a nearly 10% increase from the preceding year. More worryingly, this surge in cybercrime resulted in reported losses swelling by about 22%, with the total financial hit exceeding $12.5 billion.
As for the types of crimes reported, phishing attacks topped the chart, followed by personal data breaches, nonpayment or non delivery of goods, extortion and tech support fraud. Notably, this order of prevalence has remained unchanged in recent years, pointing towards a persistent set of threats to digital security.
When analyzed by financial impact, the top three contributors to the skyrocketing losses included investment fraud, business email compromise and tech support scams — amassing $4.57 billion, $2.9 billion,and $1.3 billion in losses, respectively. Especially vulnerable to these fraudulent acts were individuals aged 30 to 49 years, and those over 60 years of age, with the latter bearing nearly 60% of all losses associated with tech support fraud.
America’s four most populous states California, Texas, Florida and New York reported the highest number of cybercrime complaints and related losses. However, in an unnerving admission, FBI Executive Assistant Director Timothy Langan wrote, “We found that only about 20% of Hive's victims reported to law enforcement.” This finding means that the totals provided in the IC3 report are likely significantly under-representational, making the true extent of damages even more ominous.
Ransomware continued its devastating path in 2023, accounting for an additional $60 million in losses, a staggering 74% increase from 2022. Especially concerning is the data showing that ransomware attacks are not confined to specific sectors, with victims in all but two of the 16 sectors of critical infrastructure having filed a report in 2023.
As the FBI tirelessly works in tandem with global law enforcement agencies to disrupt cybercriminals' operations and assist victims, it wants the public to know that paying a ransom should not be considered as a solution. As eloquently stated, "paying ransoms drives more attacks and validates the illicit business model for criminals, and paying never guarantees that a victim can get their files back."
In conclusion, the IC3 report underscores the rising tide of cybercrime, the scale and speed of which are growing more severe. Security awareness training is essential in ensuring users understand the mechanisms of ransomware and other calculated attacks. After all, in the burgeoning field of cybersecurity, knowing how to stay safe from any attack vector type is half the battle.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Data Breach Today has the full story.
Here's how it works:
