Extortion is big business. If measured as a country, cybercrime would be the third largest economy after the U.S. and China (Morgan, 2020). It is an understatement to say cybercrime has increased considerably since 2013. Billionaire businessman and philanthropist Warren Buffet recently wrote that cybercrime is now mankind’s greatest challenge, suggesting that cyberattacks are a bigger threat than nuclear weapons.
How Bad is the Cybercrime Threat?
The overwhelming cybercrime statistics reveal that cyber criminals have become vastly more proficient and dedicated, while FBI data shows the U.S. to have limited success in averting cyber crime.
- Symantec Internet Security Threat Report of 2017 reported more than three billion zero-day attacks since 2016 (Symantec Internet Security Threat Report, 2017).
- The Symantec 2020 report painted an ominous picture that ransomware had changed course: In 2019 targeted ransomware attached began to proliferate, the shift in tactic occurred in 2020 when ransomware groups conspired in their techniques and uncovered a new way to pressure victims into paying (O’Brien, 2020).
- “Criminals are highly organized into different groups. There’s a group doing the first part where they get the intrusion into the company. Then they’ll sit on it and maybe sell it to another group that does just the ransomware. And then you have another group that moves the money through crypto (currency).”- Ken Schmutz, Omaha-based supervisory special agent and member of the Cyber Task Force for the FBI.
- McAfee ATR observed an average of 588 threats per minute, an increase of 40% in the third quarter of 2020. By the fourth quarter the volume averaged 648 threats per minute and an increase of 60 threats per minute (60%) (McAfee ATR, 2021).
- In 2020, the number of data breaches in the United States totaled 1001 cases. During the same year over 155.8 million individuals were affected by data exposures - due to less-than-adequate information security. (Johnson, 2021) The frequency of ransomware attacks is projected to be once every 11 seconds in 2021, a 4x increase since 2016 (Embroker, 2021).
Which sectors are suffering the most from cybersecurity attacks? The Scientific and Technology sectors had an one hundred percent increase in attacks. The Public Administration sector had an increase of ninety-three percent.
Cyber criminals exploited companies through:
- Vulnerabilities 100%
- Targeted Attacks 43%
- Malware 43%
- Account Hijacking 30%
The cost of cybercrime is extremely steep! By 2025 cybercrime will cost companies worldwide an estimated $10.5 trillion, up from $3 trillion in 2015.
Fighting Attacks with Graph
Large firms often find monitoring for intrusions to be overwhelming. Cyber criminals are sophisticated and organized. Speed in detecting abnormalities in data is critical to highly information-reliant industries such as financial institutions, medical and pharmaceutical organizations, and governments.
Katana Graph solves security problems by implementing a system for real-time intrusion detection in computer networks. The system builds online interaction graphs representing how network users interact with each other and with network resources. CEO Keshav Pingali notes Katana’s specific interest in risk areas including intrusion detection, fraud detection, and anti-money laundering.
How can Graph based intrusion detection help? There are many advanced Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) practices that use machine learning and artificial intelligence to find anomalies in network and system behaviors.
The detection of anomalies relies on identifying outliers in the feature space via observing the relational information in real-world data. Graphs have shown great success in representing the structural and relational information relevant to cyber crime. In particular, network-based IDS can be well modelled by a flow network graph, where nodes represent endpoints and edges represent traffic flows. Hence, the network topology and relational information can help detect network attacks.