So, let’s do a quick analysis of the cyber battlefield here. What are the bad guys up to? Check Point Software provided some fresh data a few days ago, which gives us the correct order of magnitude of what we are dealing with here. This by the way is great ammo to get more IT security budget.
- 205 Billion emails sent every day
- 39 percent of attachments contain malicious files
- 34 percent of links embedded in emails are malicious
- 77 percent of all malware is installed via email
- Malware by file type: 52 percent are PDF, and 44 percent are EXE format
Now, how about the good guys? What are the Law Enforcement resources at our disposal to protect us against this digital onslaught? I found a September 7, 2016 interview with FBI Special Agent Lawrence Wolfenden who provided some worrisome stats.
He said: “Accept that a breach is going to occur, the issue is, what do you do about it.” That in itself is nothing new, but here are some interesting numbers:
The FBI has about 800 cyber agents, including 600 agents who conduct investigations, so the agency doesn’t have the ability to address every attack, and must triage the most significant ones.
By law, a $5,000 loss must occur before the FBI can get involved in a case, but as a practical matter, the U.S. Attorney’s Office wants to see about $50,000 or more in losses before the FBI gets involved, and the agency itself generally wants to see $100,000 to $200,000 of loss before it can justify spending investigative resources, Wolfenden said.