As the world grapples with a pandemic, politics, social justice issues and other global crises, cybercriminals are taking advantage of those distractions and are launching attacks at a rapid pace.
Cybersecurity and antivirus company Bitdefender found that pandemic-related attacks increased five-fold in the first two weeks of March. In May and June, an average of 60% of all received emails were phony.
According to the FBI the agency was at one point receiving more than 3,000 cybersecurity complaints each day, a huge leap from the typical 1,000 daily complaints. And, Microsoft reported that nation states like Russia, China and Iran are targeting political groups, enterprises and other victims leading up to the U.S. election in November.
Using ransomware, hackers, cybercriminals and other bad actors are now asking for an average of over six figures, which for many in the U.S. is better than their yearly salary. According to an April report from ransomware incident response company Coveware, the average ransomware demand in the first quarter was $111,605, a 33% increase from the end of 2019.
Hacking has turned into a massive industry worth a whopping $300 billion, according to cybersecurity insurance firm INSUREtrust.
Despite holding all of the tools and knowledge needed to make out with a six-figure payday in one fell swoop, cybersecurity experts choose to defend us against those attacks and respond to these threats with new programs, software and strategies aimed at thwarting would-be attacks.
With hacking tools readily available to download on the internet, it would take these cybersecurity experts no time at all to utilize them for their own profit, but they don’t. We talked to some cybersecurity professionals about why they choose the good side.
Larry Whiteside, Jr., Co-Founder and President of the International Consortium of Minority Cybersecurity Professionals and Chief Technology Officer of CyberClan
Here’s the reality: It’s an integrity thing. What kind of person are you? It’s really about who you are and what kind of morals you have. Our industry itself, from a white hat standpoint, is built on integrity. You want the best for your fellow humans. For a lot of people on the attacker side, it’s really all about the money. And how much money you can make in the shortest amount of time.
With the whole social culture that’s been created over the last seven to 10 years, that money is the thing. What happens is once you start getting money, you build a following online. People don’t know how you make money, but they see you with nice clothes and see you with nice jewelry and you become an influencer. People don’t pay attention to that and don’t look that deeply.
Joshua Liberman, President and Founder of Net Sciences, Inc.
Plato would gather these acolytes and people that wanted to study philosophy … and ask them “If you were invisible, why would you be good?” In other words, if there are no ramifications of your actions, what would compel you to act virtuously? Why not just do whatever you want? If you replace the world invisible with anonymous, you have the internet. The answer is, “You wouldn’t.”
There was a study in 2016 that found over 100 million people made their living criminally on the internet full time. If you include people that just rent kits and give it a shot now and again, it was close to half a billion. I choose to behave virtuously because it’s what I am and what I do. I cannot make an argument for it because there’s no compelling reason.
You have to make your own choices, and what’s terrible is those choices are harder to make today than they used to be.
Vince Crisler, Founder and CEO of Dark Cubed
For me, it’s a sense of mission, I guess. I started as an Air Force communications officer so I have that kind of military background. I spent some time at the White House and U.S. Department of Homeland Security. When I was active duty Air Force, I was given to the White House to be the chief information security officer, so I was responsible for protecting the networks there.
Then at DHS, I worked on some of the big national security cybersecurity programs like protecting critical infrastructure and the U.S. government from nation state attacks. So for me, it’s about trying to do good and do the right thing. But it is pretty alluring — like you can make a ton of money if you went to the dark side.
This article was originally posted in September 2020.