Cybercrime trends - what are you seeing?

Although break-ins and holiday house crimes increase this time of year, what about the cybercrimes online and in the cloud?

What do small business owners or IT managers need to be protecting against right now in the would of cyber crime, data security and tech safety best practices?

As a tech pro, what are you seeing trending that others need to be guarding against? Please exchange your thoughts in the comments below!

  •   I think it is almost to the point that is more important than traditional anti virus software.  Several types of malware now phone home to get the payload after they get to the computer.  If you have blocked their access to the home servers then they are pretty much dead in the water before they can do any damage.  

  •  excellent point! I had not considered that 2nd threat from this scenario. Thank you for mentioning it!

  • Jason and Ray, so true. When people ask me what I worry about in my job, it's cryptoviral extortion. Having backups and redundancy is great, but it still is a lot of time that we have to take to secure our organizations and if we have to restore our data.

  • We had subscribed to security awareness training which is good to inform and help our staff learn about all the dangers. But when our IT budget had to tighten up, I had to remove that. I'm still trying to inform our staff about security through articles in our monthly newsletter. I don't think it's as effective.

  •  I appreciate the details you provided. Setting up a good defense, and the training of employees you mentioned in a post this week as well. Plus, then the project management of being prepared for, and then executing a plan, when things do go wrong, similar to a disaster recovery plan (DRP), except for extortion versus a disaster. I can imagine the surge of work if a company did have to rework all their systems back up to fully operational, from scratch! 

  • I think leaked information is also something which is a constant threat and has been a while. I'm still surprised how easy personal or business information gets online, whether through wilful yet unsafe sharing (e.g., on social networks) or hacks of companies (e.g., leaked banking information). Sharing as little as possible whenever possible seems to be a safe bet, as well as thoroughly vetting any new contacts beforehand with third-party sources.

    Also, I'd like to add that people passing other stuff off as their own is very much prevalent. It's not just the painfully obvious copy of a facebook page either - even online sales for items can have pictures etc. "borrowed" and added to new listings on places like facebook or eBay which then funnel money to people who have nothing to sell in the first place. Watermarking important photos (even physically with proof, such as a handle name and date on a sticky note) make it much more difficult for someone to pass it off later as a scam. Often happens in the collecting communities, both these scams and the measures against them.

  • The town we live in had their system blocked and access denied until a ransom was paid. This is a smallish college town of no real importance and IT was caught completely off guard. Whatever precautions they were taking were obviously insufficient! I don't know that there is a way to be 100% secure.

    • I am going for my Masters in Criminal Justice and Homeland Security. There is not a easy fix however once we are able to gather the data when a breech accures and find the suspects.  They will face prosecution in our federal prison system. The more this is done and the criminals realize that we no longer will tolerate fhe crime done to the victims and we catch on to a bulletproof course of action I believe eventually we won't have to worry about this thing as much with everything else we also have going on in the world today. My suggestion is for all individuals and businesses to always have a secure and reputable security and Data breech blocking on companies and individuals electronics and privacy of them and or their customers.  Hopefully this can be done sooner then later. 

  • Still need to remind people to follow standard protocols including not to click on attachments from emails(I know that this should be S.O.P., but this doesn't always sink in for some people).

  •  this sounds great in theory, but if the criminal is in a non extradition there is not much we can do to them.