Behind the Hack: “INTERPOL + First Light 2022”

Target: Thousands of cybercriminals around the world
Date of operation: March 8 to May 8, 2022
 
Quick take: Over the course of two months in spring of this year, 76 countries participated in First Light 2022 – a massive coordinated law enforcement operation to identify and arrest cybercriminals on every continent. According to a press release issued by INTERPOL on June 15, many of these cybercriminals relied on social engineering to defraud their victims: “Police in participating countries raided national call [centers] suspected of telecommunications or scamming fraud, particularly telephone deception, romance scams, e-mail deception, and connected financial crime.”
Why it matters: INTERPOL reports that First Light 2022 led to raids on 1,770 locations, the identification of 3,000 suspects, 2,000 arrests, the freezing of 4,000 bank accounts, and the interception of $50 million of illicit funds. While it’s reassuring that so many law enforcement agencies took part in such a large-scale operation to combat cybercrime, this is also a sign that the number of cyberattacks is continuing to surge around the world. 
The FBI tracks the number of cyberattacks every year, and its most recent IC3 Internet Crime Report found that annual losses surged between 2017 and 2021 – from $1.4 billion to $6.9 billion. Meanwhile, social engineering remains the strategy of choice for many cybercriminals – Verizon’s 2022 Data Breach Investigations Report found that 82 percent of breaches involved a human element. Duan Daqi, Head of the INTERPOL National Central Bureau in Beijing, says “social engineering fraud continues to present grave challenges for local police authorities, because perpetrators operate from a different country or even continent than their victims and keep updating their fraud schemes.”
We’ve got a hack for that: As social engineering attacks continue to evolve, consistent and engaging cybersecurity awareness training has never been more essential. While NINJIO’s educational platform relies on real-world examples of recent cyberattacks to capture employees’ attention and demonstrate the severe consequences of successful breaches, our content is also built around a set of fundamental cybersecurity principles that can be applied to many different scenarios. The ultimate goal of any cybersecurity education program should be sustainable behavior change, and this is what NINJIO has always been focused on. 
Law enforcement agencies will continue to track and apprehend cybercriminals who launch social engineering attacks, but a company’s most effective defense against these attacks is an educated workforce. By building healthy cybersecurity habits and establishing a culture of security at every level of your company, you will be in a much stronger position to avoid becoming a victim of cybercrime.