Why cybercrime increases during a recession

Why cybercrime is increasing

The economy has taken a battering in recent times, and there’s much talk about the so-called ‘cost-of-living crisis’ we’re now experiencing. Whether there’s a full-blown recession ahead, or not, it looks like the economic outlook won’t improve any time soon. And experts agree this will spark a surge in cyberattacks. So, let’s take a look at why cybercrime increases with the looming threat of recession.

Why we can expect cybercrime to increase

The word among industry analysts is that the ongoing economic downturn will result in a significant rise in cyberattacks. Cybercriminals are already exploiting the financial situation, with an increase in social engineering attacks such as phishing emails offering rebates on energy bills to target vulnerable individuals and businesses. And, by all accounts, we can expect a great deal more of the same to come, as a distinct correlation exists between an uptick in cyberattacks and economic uncertainty.

Data shows that some types of cyberattacks are already rising considerably. According to Kaspersky Lab, the percentage of users affected by targeted ransomware doubled in the first 10 months of 2022. Phishing attacks also increased by 61% in 2022, according to the 2022 State of Phishing report from SlashNext. And, the Anti-Phishing Working Group (APWG) reported that there were a total of three million phishing attacks in the third quarter of the year – amounting to the worst quarter it had ever seen. 

Considering cyber insurance for your business? Check out our new guide for everything you need to know.

What role do businesses play? 

There are many reasons why cybercrime is increasing amid the current economic uncertainty. But most importantly, businesses are having to make difficult decisions to rein in costs. This is completely understandable in the climate. After all, we’re all trying to keep our heads above water, but this could have a direct effect on businesses’ online safety.

Although it’s ill-advised to reduce cybersecurity budgets, many business leaders underestimate the value of cybersecurity. The situation isn’t helped by the perceptions of cybersecurity within organisations. IT leaders can often find it difficult to justify spending on cybersecurity, which doesn’t often deliver visible benefits in the way other OPEX spending does. Think about it; you’re unlikely to hear much about your business’s cybersecurity unless something goes wrong. 

The result is often cuts in places they shouldn’t happen. Consequently, such companies are at higher risk of falling foul of cyberattacks.

Businesses may also decide to cut spending by letting staff go or not replacing those that leave. And this can also impact a company’s resilience to cybercrime. Cutting IT staff may mean you have fewer people to provide the necessary protection. 

This also increases the pressure on your remaining staff which can lead to mistakes and oversights, which weaken your defences further. For example, if they receive a phishing email they’re more likely to make an error of judgement and click on a link that could download malware into your network.

Cybercriminals aren’t immune to economic instability

If you’re still wondering why cybercrime is increasing, well, a recession hits cybercriminals as well as their victims. So, this can be a strong motivating factor for the bad guys to redouble their efforts and make more money. The hard fact is that a recession, or economic downturn, incentivises cybercriminals to invent new types of threats. This was demonstrated during the recession of 2008 when the FBI reported a 22.3% increase in online crime. 

More recently, a crisis of a different sort, the pandemic, sparked a similar surge in cybercrime. And there’s no reason to think the current hardships won’t create a similar spike. Companies will continue to lay off employees in the months ahead, and some may be tempted into cybercrime to make ends meet. Disgruntled employees who’ve been fired could also launch damaging attacks on businesses that have let them go, especially if they still have access to sensitive data.

Another repercussion of the recession is a possible rise in insider attacks from employees who are feeling the pinch. This is particularly likely in businesses that have been forced to freeze salaries. Cybercriminals can specifically target possible insiders to help with data breaches or cyberattacks, using social media and offering bribes. 

Fighting back on a budget

Cybersecurity isn’t a nice to have, it’s business critical. And this is never truer than in times of economic crisis. 

Small and medium-sized businesses often underestimate the danger they’re in. In part, due to the perception that only large corporates are targets. However, the truth is that cybercriminals don’t discriminate and the effects can be devastating. In fact, research has found that 43% of all data breaches involve small businesses.

However, you don’t need expensive tools, expert consultants, or an in-house technical team, to protect your business from cyber threats. It’s perfectly possible to build good defences on a sensible budget. Tools like CyberSmart Active Protect offer everything you need to get your cybersecurity in order, without huge investment. 

Active Protect provides secures all employee devices that touch your company data. Just send a downloadable link to staff, and Active Protect will check around the clock for the most common cyber threats and vulnerabilities It also includes our training academy, which provides your employees with the basic cyber skills to better protect themselves and your business. 

Want to know more? Then check out our guide to cybersecurity on a budget.

Cost of living crisis