Even though the novel Coronavirus pandemic slowed down life for businesses in 2020, it did not deter the ambitions of cybercriminals. In fact, according to the FBI's 2020 Internet Crime Report, cybercriminals pretty much seized the pandemic as an opportunity to "profit from our dependence on technology to go on an internet crime spree."
The FBI's Internet Crime Complaint Center, also referred to as IC3, received 791,790 complaints in 2020 - a record for the bureau. The reported losses totaled more than $4.1 billion. The total complaints received in 2020 is a 69% increase from 2019, according to the IC3's report.
The most costly complaint was business email compromises, totaling approximately $1.8 billion in losses. Phishing scams were also notable, according to the IC3, totaling 241,342 complaints, with losses of over $54 million.
Probably one of the most news-getting forms of cybercrime were ransomware incidents, during which a type of malware threatens to publish a business's data or perpetually block access to it unless a company pays a ransom.
Worldwide, there were 304 million ransomware attacks in 2020, according to an annual report on cyber security. There hadn't been a higher amount since 2016.
Among the top ransomware attacks worldwide included hits against healthcare organizations. Recently, a woman filed a lawsuit against the hospital where she gave birth, alleging her baby, born with severe brain injury, died because the facility mishandled a ransomware attack, according to a NBC News report.
Other targets included financial organizations, educational institutions, and governments. With those kinds of targets, trustees and administrators of public pension systems and their financial service firms, consultants, and vendors might want to investigate resources to protect the sensitive information they keep.
Here are a few that TEXPERS has found:
- The Internet Crime Complaint Center, or IC3, has been operating since 2000 as an arm of the FBI. The public can file complaints of suspected internet-based criminal activity through the center's website. The site's FAQ explains what happens in the filing process and provides consumer and industry alerts. It is a good resource for smaller fund administrators who may not have enough staff to keep up with the latest cyber scams.
- Attend webinars and online courses. There's a wealth of training online to learn about cybersecurity - from the basic to the advanced. Fees range in pricing, but some courses are available for nominal fees, and introductory lessons are sometimes offered free. Check sites such as Coursera.org and Udemy.com. If you are on LinkedIn, its Learning programming has various cybersecurity courses. You may have to sign up for the social media site's paid membership program to gain access.
- Lean on your fund's service providers and vendors have strong cybersecurity programs and may offer free advice. Don't hesitate to call your representatives and ask to be introduced to their IT professionals to see what you can learn from their expertise. Some may even be willing to make presentations to your fund's staff or board of directors.
- Visit the Cybersecurity & Infrastructure Security Agency for a wealth of information on safeguarding against cyber threats. The CISA is a government agency that works to defend against threats and collaborates to build a more secure and resilient infrastructure, according to its website. The CISA is hosting its 4th Annual National Cybersecurity Summit online as a series of four weekly virtual events at Noon CST every Wednesday on Oct. 6, 13, 20 and 27. The event brings together global cybersecurity and critical infrastructural stakeholders and provides a forum for networking and collaboration on the protection of physical and cyber infrastructure. Each day features a different theme that focuses on the CISA's mission to "Defend Today, Secure Tomorrow," with presentations from targeted leaders across government, academia, and industry. There is no cost to attend the event and it is open to everyone; however, registration is required.
- TEXPERS Associate Member PFM Asset Management is presenting Perspectives on Cybersecurity Playbooks: Preparing for When, Not If, a webinar from 1 to 2 p.m. CDT on Monday, Oct. 18. PFM is bringing together a panel of cybersecurity professionals who will discuss their perspectives on the importance of preparing a playbook to help prevent and recover in the event of a cyber attack. The panelists include Aaron Miller, Business Continuity Analyst at RevSpring; Michael Quinn, Cybersecurity Practice Leader at Kroll's Cyber Risk Practice; and Ryan Reynolds, Director of Security Incident Management at U.S. Bank. Karen Magness, Client Service Group Manager at PFM Asset Management, is to moderate the discussion. Click here to register for the webinar.
About the Author:Allen Jones is Director of Communications and Event Marketing for TEXPERS. He joined the association in 2017. Follow TEXPERS on Facebook, Twitter and LinkedIn as well as visit our website for the latest news about Texas' public pension industry. |