WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 18, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
This week, the Federal Bureau of Investigation released its 2018 Internet Crime Complaints Center (IC3). In 2018, the IC3 responded to over 350,000 complaints and observed an estimated $2.7 billion in financial losses as a result of reported cybercrime. This annual report provides readers a glimpse into the types of cybercrimes being reported to the FBI and the trending threats the Bureau has responded to in the last year.
The report itself is a short 28-pages and a really interesting read for those wanting to learn more about the ongoing threats, the sheer scale of cybercriminal activity, and real-world examples from FBI cases. This blog covers the main highlights from the report, though I encourage everyone to go download it for themselves.
BEC or Email Account Compromise (EAC) fraud accounted for $1.2 billion of adjusted loss over 2018, which is just under half of the overall reported losses for the entire year. The closest attack technique in terms of adjusted loss numbers was Confidence/Romance scams which had a reported loss amount of $362 million. While significant, the nearly $1 billion-dollar difference between those two highlights just how prevalent BEC/EAC scams remain. Digital Shadows (now ReliaQuest)’ Photon Research Team outlined the market for stolen corporate email accounts as well as highlighting the already 33,000 accounting email credentials exposed publicly in Pst! Cybercriminals on the Outlook for Your Emails. Interestingly, the IC3 report noted a sharp increase in BEC threat actors requesting their victims to purchase gift cards as the payment option.
Extortion-style attacks increased in 2018 according to the FBI, rising 242% from the previous year, resulting in a reported $83 million in losses. The majority of the complaints handled by the IC3 were related to the mass sextortion campaigns being distributed in the latter half of the year. Sextortion was a topic that Digital Shadows (now ReliaQuest) heavily covered in several blogs and in a Photon Research report A Tale of Epic Extortions. Interestingly, ransomware’s reported losses accounted for about $3.6 million, a 54% increase from the previous year. However, the report this year included the caveat that this does not include the losses that business may have experienced as a result of a ransomware infection (like lost revenue or remediation costs).
Whereas BEC fraud averaged almost $59,000 per incident according to the IC3’s statistics, payroll diversion averaged $1 million. From the 100 complaints of victims reportedly affected by a payroll diversion scam, the combined losses totaled $100 million. For those that don’t know, the payroll diversion scam occurs when a threat actor gains access to an employee’s payroll account, disables any notifications that may alert the employee to account changes, and replaces the employee’s direct deposit information with their own.
The IC3 established a dedicated team Recovery Asset Team (RAT) in February 2018 to open more direct communication channels with financial institutions to help combat BEC/EAC fraud. Since the team’s inception, RAT has recovered over $192 million from the $257 million in reported losses. A recovery rate of 75% shows how critical law enforcement cooperation can be when attempting to recuperate stolen funds. For further information of FBI recovery techniques and assistance, check out a webinar I recorded with the FBI in late 2018. Additionally, a new role at IC3 called Victim Specialists-Internet Crimes (VSIC) was created to provide crisis intervention and critical resources to victims of cybercrime activity.
Between 2014 and 2018, the IC3 has steadily increased in the amount of complaints they handle, though 2018 took it to a new level. Nearly 50,000 more complaints were handled in 2018 than in 2017; for reference, there was only a 3,000-complaint difference between 2016 and 2017. In seemingly a direct correlation, total reported losses increased $1.28 billion; again, for reference, the total reported losses actually decreased between 2016 and 2017 by about $32 million. If there was any thought that cybercrime activity was slowing down, that notion has been surely put to bed.
Figure 1: IC3 statistics showing a significant increase in total losses during 2018 (source: FBI IC3)
I highly encourage you, dear reader, to download the report and read for yourself as there are several other interesting statistics to analyze.
To stay up to date with the latest digital risk and threat intelligence news, subscribe below.