Introduction
In contemporary modern society, we are all virtually surrounded by a plethora of internet-connected computing devices that are essentially âbaked intoâ into any number of our everyday routines. These devices range from the obviousâcell phones, computers/laptops/tablets, smart televisions, smart watches, and interactive home exercise equipmentâto more subtle devices such as our modern automobiles, high-tech kitchen appliances, and even the garage door opener. We activate our virtual assistants with the sound of our voice, routinely gather our daily news, communicate, date, shop, attend virtual college courses, make travel reservations, and conduct our financial affairs all online. With a few clicks of a button or verbal commands, our logistical and financial well-being is at our fingertipsâin real-time from virtually anywhereâa digital connection can be made.
As Singer and Friedman (2014) point out, for all the conveniences and opportunities afforded to us with instant accessâon-demandâin todayâs information age, unfortunately this easy access has also given rise to wide-spread âcyber anxiety.â Fears of nefarious internet-enabled threats have slowly intertwined into Americaâs national subconscious. Todayâs notions of digital security, physical security, financial/economic security, and even our individual identities and privacy needs all meld together into a pervasive sense of collective vulnerability. Any number of collective vulnerabilities can affect us allâranging from power plants, financial institutions, transportation systems, and the availability of consumable commodities.
While some degree of cyber-threat awareness and the practice of good cyber-hygiene/digital security is becoming more common place, cybersecurity is âone of those areas that has been left to only the most technically inclined to worry [about]âŚanything related to the digital world of zeroes and ones [is] an issue for computer scientists and the IT help deskâŚsome threats are overblown, while others are ignoredâ (Singer and Friedman, 2014, pp. 5â6).
A Broad View of Cybercriminals
Unfortunately, cyber-enabled criminal activity is continuously evolving and is extremely unlikely to diminish anytime soon. Nation-state actors and individual hackers alike can make hundreds, thousands, or even millions of people unsuspecting victims using stolen personal identities to generate fraudulent identities or access stolen credit card data to generate fake financial transactions. According to the 2018 McAfee Annual Cybersecurity Report written by Lewis (2018), McAfee; the American-based global computer security company, suggests a good estimate is a full two-thirds of people operating online todayâmore than two billion usersâhave had their personal/financial information stolen or compromised. Thus, cybercrime is an incredibly important topic that can potentially impact everyone and cause significant disruptions to many aspects of our daily lives.
According to both Buono (2014) and Lewis (2018), for those higher-end and technically-savvy cybercriminals who have the technical knowledge and capabilities to be successful in their nefarious cybercrimes, the perceived rewards often outweigh the perceived risks of getting caught and subsequently punished. This perceived âlow riskâ activity is aided by the relatively high degree of anonymity afforded in cyberspaceâa medium through which crimes can be committed that would never be possible in the physical off-line world (Buono, 2014). This unique combination of factors makes cybercriminal activities a lucrative industryâwith a smart (and lucky) cybercriminal making potentially hundreds of thousands or even millions of dollars with only a minimal chance of arrest or jail time. Even if a cyber-perpetrator is eventually identified as being behind a successful cyberattack, law enforcement officials can find themselves hamstrung by geopolitical or international boundaries that make criminal arrests and overall enforcement incredibly difficult (Lewis, 2018). This is why cybersecurity-minded organization focus their primary efforts on continuous risk mitigation and preventative measures. This dynamic also explains why malicious cybercrimes continue to persist at such a large scale and why cybersecurity is such a critically important component of all modern e-commerce worldwide.
Just as contemporary IT-related technologies are continuously evolving at a lightning-fast pace, so too are high-tech cybercriminals. As the IT Industry has collectively moved toward cloud computing, enhanced encryption methodologies, and artificial intelligence (AI)-enabled software capabilities, so too have those same high-tech cybercriminals moved to take advantage of potential vulnerabilities within each platform or new capability (Ashford, 2018; Cowley, 2018; Lewis, 2018). While there is a natural inclination for public organizations and private industries alike to seek out the most cutting-edge and high-performance IT system-based capabilities possibleâwith the expectation that these âbox solutionsâ will help protect their respective organizations from cyberattacks, this is seldom the case.
An organizationâs cyber-defenses are only as good as its weakest linkâŚand this often ends up not being a technical deficiency, but rather unsuspecting âflesh and bloodâ employees who fail to maintain even the most basic of cyber-hygiene protocols or mistakenly click on a phishing link hidden in a harmless looking email. Beyond ignorance, potential insider threats are another distinct challenge for organizations because of the increased difficulty in detecting âin-houseâ activities when so much of modern cybersecurity efforts are outward-focused beyond the organizationâs IT firewalls. Clearly, the ever-evolving challenges of cybersecurityâthe mitigation of cyber-vulnerabilities through the comprehensive prevention, detection, and protective response to unauthorized activitiesâis by no means exclusively an American problem, but rather a worldwide problem. Cybersecurity threats and mitigation efforts span to virtually every corner of the globe. Every modern governmental organization, financial institution, and business organization with any type of online presence, e-commerce activities, or a public interest shares in the collective threats of faceless cyber-enabled threats by disreputable actors.
Recent Cyberattack Trends
In July 2019, Internet Societyâs Online Trust Alliance (OTA) released its 11th Annual Cyber Incident & Breach Trends Report, which provides a global overview of publicly released cyberattack incidents and offers key mitigation steps public and private organizations alike can take to reduce cyber vulnerabilities to their own networks, thus limiting potential damage. This most recent OTA annual trends analysis reported a total of two million reported cyber incident...