According to reports published by the Identity Theft Resource Center, cybercriminals have begun to divert their focus away from the theft of individual consumer data in 2020 to target more profitable attacks on businesses.
Shift in Attention
With its mission to support identity crime victims, the ITRC recorded that data breaches fell 19% throughout 2020 to 1,108, but the number of individual victims of the crimes fell down 66% from the previous year.
Less effort and bigger payouts are being funnelled through ransomware and phishing attacks as the most preferred data theft occurrences, with a singular ransomware attack generating as much revenue in mere minutes as hundreds of individual attacks over months or years.
To date, the average ransomware payout is up from less than $10k per event in 2018 to more than $233k per event in 2020.
This has prompted experts to advise consumers to not let this put their guard down.
Even with the decline, it is still reported that 300.5m individuals have been impacted by data breaches from 2020, including repeat attacks on people who have already suffered the first attack.
Gone But Not Really
The problem is not deemed to be gone but merely dormant, with cybercriminals laying their focus on businesses and developing new tactics to affect businesses and consumers alike. Third-party attacks are also on the rise, where a vendor can yield a single attack on multiple organizations.
The pandemics forced changes on businesses has also played a much bigger part due to employees home-based working on unsecured networks. This had led to huge swathes of unparalleled access to business networks never previously available to hackers and those willing to pay on the dark web for information. Unemployment fraud has also increased with cybercriminals tapping into systems and overwhelming them with new claims and protocols.
Whilst their tactics have changed, data thieves will continue to use personal information in various ways. This means that consumers are not yet free to breathe sighs of relief when it comes to securing their information and businesses can not lax on implementing tougher security protocols in order to protect theirs and consumer information.