The projected cost of cybercrime is predicted to grow from $3 trillion in 2015 to $10.5 trillion in 2025, according to Cybersecurity Ventures. Their published Cybercrime Report enumerates the following as cybercrime costs: “damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.”

While cyberspace offers expansive opportunities for various sectors, it also comes with critical vulnerabilities. An organisation’s information network and technology are constantly at risk from a variety of bad cyber actors. Some of these malicious entities are profit-driven, particularly in the areas of identity theft and other types of financial cybercrime. Europol reports that online investment fraud is on the rise as identified by law enforcement agencies and financial services, causing substantial financial losses, and impacting numerous victims across Europe. 

However, cybercrime extends beyond being a purely economic problem. It is a massive threat to a country’s national security. Cyberthreats also come from nation-states and other entities that seek to exploit information to gain an advantage over other countries. They might seek to access sensitive data, such as confidential military documents or foreign policies, for political reasons or economic advantage. 

Cybercrime could also create lucrative illicit funding streams that are difficult to attribute to any organisation or state. Moreover, proceeds from these illegal activities can be used to fuel terrorism. 

Notably, cyber insecurity ranks as the fourth most severe global risk over a two-year period, according to the 2024 Global Risks Report by the World Economic Forum. Cyber insecurity refers to the use of cyber weapons and tools to conduct cyberwarfare, cyberespionage, and cybercrime to gain control over a digital presence and/or cause operational disruption.  

To add, based on a research paper published by Trend Micro Research, “criminals are likely to make use of AI to facilitate and improve their attacks by maximizing opportunities for profit within a shorter period, exploiting more victims, and creating new, innovative criminal business models — all the while reducing their chances of being caught.”  
The rampant usage of “AI-as-a-Service" nowadays enables less skilled individuals or those with no technical expertise to conduct sophisticated attacks, which will further widen the threat landscape. The potential for AI to be abused by cybercriminals and for it to become a driver of future crimes is a prime example of the downside of technological evolution. 

In the Philippines, the Philippine National Police Anti-Cybercrime Group (PNP ACG) reported 21,300 complaints in 2023, with attacks targeting government websites being particularly prevalent. 2,999 cases of cyber identity theft were reported last year, citing a 12.2 percent increase from 2022.

In response to the recent hacking attempts of the Overseas Workers Welfare Administration (OWWA) website in January of this year, the Senate of the Philippines released a press release strongly condemning the attempted hacking of the government website. These escalating incidents underscore the boldness and persistence of cyberattacks in the country.

Mitigating the threats against modern ransomware, social engineering, crypto crime, and the level of state-sponsored attacks requires a multi-layered defense strategy that includes round-the-clock security monitoring, visibility and coverage over the entire attack surface, and an incident response plan in the event of a successful attack.

The National Institute of Standards and Technology (NIST) cybersecurity framework provides five easy-to-remember strategies to help organisations prevent and recover from cyberattacks, which are “Identify, Protect, Detect, Respond, and Recover.” Organisations should have a plan for: notifying customers, employees, and others whose data may be at risk; keeping business operations up and running; reporting the attack to law enforcement and other authorities, as appropriate; investigating and containing an attack; updating your cybersecurity policy and plan with lessons learned; and preparing for inadvertent events that may put data at risk.

When cybersecurity efforts are solely focused on guarding access to account-based information and not monitoring what users do afterward, organisations are vulnerable to several forms of attack. We need to constantly remind ourselves that nothing is secured in cyberspace. No amount of money, technology, or hardware can provide complete protection from cyberattacks, especially if the weak link in the cybersecurity chain is your people. Creating a human firewall still remains one of organisations’ best defenses in a global war against cybercrime.  


As published in The Manila Times, dated 28 February 2024