What do cybercriminals want?

What do cybercriminals want?


Every week we encounter a business owner, executive, or manager who confidently states that they do not need to worry about cybersecurity because, “We don’t have anything a hacker would want.” This statement is baffling to us because what most hackers ultimately want is not data – They want money!

Cybercrime has proliferated throughout the United States at an astonishing rate mainly because it is very profitable. In 2019, ransomware is estimated to have cost over $7.5 billion in the United States, according to cybersecurity firm Emsisoft. Small to medium-sized businesses, local governments, and education systems continue to be a popular target for cybercriminals because they have the means to pay and often lack adequate cybersecurity.

Hackers profit off business-targeted cybercrime in several ways. Here are two threats every business should be prepared for:


Ransomware has become a frequent security threat to US businesses of all sizes and industries over the last decade. Since reporting cybercrime isn’t mandatory, and because many businesses try to hide ransomware attacks, it is hard to know the exact number of victims. However, the FBI received over 2,000 reported incidents of ransomware in the United States in 2019, according to the FBI IC3 2019 Internet Crime Report. This represents a 37% increase in ransomware attacks since 2018. As the frequency of ransomware has increased, so too has its impact on business.

Ransomware used to be an expensive nuisance, where hackers intruded on your network, encrypted your data, and sold you a key to unlock it. Your data could be completely worthless to the hacker on the black market. But if it was worth something to you than it was exploitable to a hacker.

Businesses continue to increase their cyber risk by moving more information, processes, and systems to the internet. The COVID-19 pandemic caused many businesses to migrate nearly all daily processes online to accommodate work from home orders. These hasty migrations have increased many businesses cyber vulnerability and hackers have noticed.

Hackers are using new strands of ransomware to seize business production systems, capture devices, and lock up servers, in addition to shutting down cloud service providers and thwarting back-up and disaster recovery systems. In 2019, A US Coast Guard facility was forced offline when ransomware took over cameras, access systems, and critical monitoring systems, seriously jeopardizing the base’s security systems. The incident was reported by the BBC.

Hackers are adapting and improving their ability to cripple operations and infrastructure, which means you may not be able to just restore from a backup to defuse ransomware in some cases anymore.

It is estimated that ransomware related costs will reach over $20 billion by 2021. More and more businesses and government entities are deciding to pay ransom demands, leaving hackers emboldened and well-funded.

Ransomware is a product line for career cybercriminals intending to make a profit. Ransomware exposes kinks in IT infrastructure, backup and disaster recovery systems, and employee training. Many businesses quietly pay the ransom to avoid expensive reconstruction costs and bad publicity, and thus, richly rewarding hacker-groups.

Ransomware attacks have become so lucrative to hackers that even hackers seem a little surprised by their success. Over the last few years, the average ransom demand has skyrocketed. The inflation cost on ransom demands plays like a price adjustment to a previously undervalued product line. In fact, according to ransomware recovery vendor, Coveware, in 2019 the average ransom payment increased by 184% from Q1 to Q2.


Compromised Business Email Accounts

Like ransomware, compromised business email accounts are a security risk for businesses of all sizes. Business email is at the heart of organizational communication, privacy, integrity, and security. Hackers can use compromised business email accounts to impersonate vendors, company employees, especially executives and business owners, in a virtual confidence game where they attempt to profit through fraud, manipulation, and intimidation.

By relying on phishing and social engineering techniques, cybercriminals manipulate or intimidate victims into relinquishing something of value such as account or network access, and financial information. Hackers have been known to use business email accounts to distribute fraudulent invoices, redirect electronic payments, spread viruses, malware, and ransomware, fake system failure or outage notifications, and more. These types of attacks are incredibly successful because they do not require a great deal of technical knowledge and rely mainly on the fallibility of people.

In 2019, Verizon Data Breach Investigation Reports showed that 94% of known malware was delivered by email. For this reason, organizations see phishing as their biggest security risk for the simple fact that it is easier to trick an employee than a security program.

The best way to prevent cyber-crime is to understand the tactics and motives behind attacks. Educate employees on cyber risk and cyber-crime. Empower employees to recognize and respond to cyber-threats.

The undeniable success of cybercrime means three things:

  1. Cybercrime is not going away.
  2. Anyone can become a victim.
  3. Cybersecurity is everyone’s responsibility.