In the fall of 2024, average weekly attacks per organization increased by 75% compared to the year before, and big business is not the most attractive target. Small businesses with less than 100 employees receive 350% more social engineering attacks than large enterprises.
Despite what the government and law enforcement know about modern cybercrime, attacks targeting sensitive data are more common than ever.
WHY CYBERCRIME IS GETTING EASIER
To the average person with little tech knowledge, hacking a computer network seems like a job you’d need a few years of training to pull off. Yet to criminals with little knowledge about software vulnerabilities, it’s as simple as learning how to use a new interface. As the technology used by cybercriminals continues to advance, getting started and carrying out more sophisticated attacks becomes easier than ever.
The same technology we use to simplify daily tasks makes cybercrime a breeze for a determined hacker. Junior volleyball clubs invest in software-as-a-service for performance analysis and AI solutions for targeted videography that effectively tracks games. Cybercriminals can find similar tools on the dark web to plant ransomware in an organization’s network or craft a convincing phishing letter to access sensitive data.
For example, a campaign targeting Gmail users utilized AI-powered tools to create emails that bypass security filters in conjunction with phone calls to users claiming their Gmail account has been compromised. Users then share the recovery code in an effort to restore the account. With the recovery code, criminals can get into the target’s Gmail and any services they can access from the account.
AI isn’t the only technology making hackers’ lives easier. Phishing-as-a-service platforms provide inexperienced hackers with an API key that allows them to masquerade as well-known entities (like Microsoft) and steal a victim’s authentication credentials or cookies. They can then access the system without even raising suspicions of an attack.
Considering what criminals can accomplish with these tools (and the fact that they’re illegal), you might imagine they cost hundreds of dollars to access. The truth is, AI tools for conducting phishing attacks start at just $5, and phishing kits start as low as $20. Meanwhile, the average cost of a data breach that began with phishing is $4.91 million for the attacked organization. That’s a massive return on investment for a criminal who doesn’t even have to show up to commit the robbery. Due to the anonymity and investigation requirements, cybercrime is extremely hard to discover and prosecute, further tipping the scales in the hacker’s favor that the crime will go unpunished.
DANGERS TO VOLLEYBALL ORGANIZATIONS
While cybercrime is especially lucrative for hackers, it’s devastating for businesses and other organizations that fall victim to the attacks. If the cost of restoring data and repairing the system isn’t enough to close an organization’s doors, restoring member trust and original operations can take years. An organization that falls victim to a phishing attack that leads to a data breach typically experiences reputational damage, non-compliance fines, business delays, and often lawsuits. Unfortunately, that’s just the tip of the iceberg. Here are 10 reasons your volleyball club needs cyber insurance.
CLOSING THE BLOCK: CYBERSECURITY HOT TIP
Effective Offense and Rapid Defense Are Your Best Bet
Identifying and punishing cybercriminals is incredibly difficult. Even with successful prosecution, much of the damage is already done. Effective administrator training combined with strong cybersecurity practices will help you recognize and avoid convincing phishing attacks. A custom cyber insurance policy will mitigate the financial damage when restoring your system if an attack does occur.
Check out more Technology and Business Solutions for Club Directors.
About the Author
Brad Preston is a client advisor at World Insurance Associates (World) specializing in the Sports industry. Prior to World, he spent more than 20 years at Advanced Event Systems and SportsEngine where he worked closely with the JVA and other member clubs in the volleyball space. He is well versed in club operations, staff, and member management, and most importantly, the use of technology and its inherent cyber risks. The JVA and World have partnered together to bring JVA Members educational articles and content to help you learn about your unique cyber risks and exposures, and how to better protect your businesses, members, and families in general. Feel free to reach out to Brad directly with any questions at bradpreston@worldinsurance.com