FBI Cyber Crime Report Shows the Weakness of Password Protection

FBI Cyber Crime Report Shows the Weakness of Password Protection

For my previous column, I demonstrated how quickly modern hacker tools could crack weak passwords, and why in some cases, the government probably shouldn’t rely on passwords at all. This week, there is even more evidence to support this claim as the FBI has released its latest report on internet crime.


The FBI’s 2019 Internet Crime Report covers all incidents of cyber crime reported to the bureau over the past year. And you might be surprised to learn that the most destructive cyber crime for 2019 in terms of money stolen isn’t something flashy like ransomware that is always making the news. It was business email compromise and email account compromise, which were grouped into one category. Basically, hackers take over an email account either by cracking the account password (the ease of which was demonstrated in my last column) or they use social engineering tactics to trick a user into giving them their password. 


Once compromised, the email is used to initiate fake wire transfers from businesses or to steal bank information from private individuals. When a business suffers from this kind of crime, it’s called business email compromise. When a private person falls victim, the FBI calls it email account compromise. Both together resulted in almost $2 billion dollars in total losses in 2019. The total amount stolen, that was reported to the FBI, was $1,776,549,688. By comparison, ransomware losses amounted to a comparatively paltry $8,965,847. 


Viruses and malware, which used to be the superstars of cyber crime, were close to the bottom of the list causing only $2,009,119 in damages last year. That’s still quite a lot, so you shouldn’t ditch your ant ..