The Chicago-based firm Hillard Heintze is one of the leading security risk management companies in the world, and Steven Bova is Vice President for the firm's Private Client + Family Office division.
On March 8th. Mr. Bova wrote:
"For many of our private clients, we are seeing evidence that cyber-criminals are employing the same methods they use in corporate espionage to target them and the offices that support them."
"Wealthy families are an attractive target for cyber-attacks because their cyber defense systems are usually not as robust as those in a corporate environment ..."
Bova is a colleague with deep experience in security and law enforcement, especially in technological and cyber activities. For our readers and subscribers, it is inordinately valuable to have his view from the field of private clients and family office professionals.
Bova's observation that enterprise-grade hacking tools are being used to attack small targets is a real-world demonstration of the two primary drivers of all change today; the "democratizing" effect of the internet - it spreads and shares everything it touches, and Moore's Law, which states digital technology will always keep getting more powerful, yet more accessible and affordable.
The mega-trend toward the "personalization of cyber risk" is predictable and unavoidable. Targeted and sophisticated attacks will increase in volume and effectiveness. Those most vulnerable and unprepared will bear the brunt of what will in our day be one of the greatest challenges society will face.
"Cyber attacks are the #1 threat to mankind today.”
Warren Buffett on May 6th, 2017 – Berkshire Hathaway Shareholder Meeting.
What's It Mean?
The nature of cybercrime coupled with the lure of easy money in a troubled society equates to a vast pool of potential victims. Trillions of dollars are at stake, and it won't be long before cybercrime is an existential problem for more than just the wealthy.
The digital equivalent of financial theft, fraud, blackmail, and extortion are on the rise and cybercrimes committed against anyone that has anything to lose will soon be an experience of everyday life, and a consequence of mainstream activity.
For a view of the future as it pertains to risk, loss, and fraud for private clients and affluent families use an understanding of the internet's democratization effect and in your mind's eye apply Moore's Law. The vision you're focusing on represents an era-scale power-shift between the affluent and the criminal, desperate, and marginalized.
Eventually, like the early innings of other era-scale changes, the new digital era will redefine society's haves and have-nots.
"Opportunistic" Mass Attacks are the Future
The future of cybercrime is mass-targeted "opportunistic attacks" against the 'haves' that are the most vulnerable and unprepared. These are private individuals, homes and families, offices, and professional practitioners.
Here's a chart by F-Secure Labs illustrating how "opportunistic" attacks have already become the most active cyber-related threat today:
The Game Changer in Cybercrime
Here's the deal though; mass opportunistic campaigns are no longer random shots in the dark. Now they are highly engineered for increased effectiveness with each individual target.
Our cybersecurity guru Brian Krebs says it best:
"It has never been easier for scam artists to launch convincing, targeted phishing and extortion scams that are automated on a global scale.
And given the sheer volume of hacked and stolen personal data now available online, it seems almost certain we will soon witness many variations on these phishing campaigns that leverage customized data elements to enhance their effectiveness."
Brian Krebs, Krebs on Security, Aug8th, 2018. Read more.
Over the next 5-years, it's the mass-opportunistic attacks where most of the damage will occur in cybercrime.
Where to Start?
With our private clients the first place we start is email. If our digital home has a front door, it's our personal email account. Most users don't protect and secure their email, so it's not surprising most cybercrime activity starts at the inbox.
"Today, a new generation of cybercriminal organizations is the driving force behind rapidly-evolving, socially-engineered email threats that grow more dangerous by the day."
Agari, an email security company in their Q1-2019 report.
The term "socially-engineered" implies attacks targeted at people. People need to think differently about their email systems as a starting point to an overall cybersecurity plan.
Of course device protection and network security are crucial too, but to get people engaged and on the road to adaptation to the new digital age, it starts with email.
We call it the Four Fundamentals of Cybersecurity for Life and use enterprise-grade, best-in-class solutions to fulfill each of them. This creates an eco-system of cybersecurity that works all the time, where ever you are, across all your devices, and substantially mitigates all cyber risk.
Just being off the radar of the opportunistic campaigns that target the vulnerable and unprepared avoids most most of cyber risk today.
If you would like to know more about how we protect private clients, families, and professionals, please contact us.
Cybersecurity for Life.