























Cybercrime is no longer a fringe activity carried out by isolated actors. Today, it has evolved into a mature, scalable business model that operates across borders, targets every sector of society, and exploits the speed and reach of the internet.
In the sixth episode of season 2 of Brass Tacks: Talking Cybersecurity, we examine the industrialization of cybercrime and its implications for society. Joe Robertson speaks with Jürgen Stock, former secretary general of INTERPOL, about how cybercrime has become a low-risk, high-profit enterprise, why individuals and critical infrastructure are equally exposed, and why preparedness, basic cyber hygiene, and cooperation remain essential defenses.
Stock brings more than four decades of policing experience to the discussion, including ten years leading INTERPOL. From that vantage point, the transformation of crime is stark.
While traditional crime is constrained by geography, logistics, and physical evidence, cybercrime removes many of those barriers. Attacks can be launched remotely, at scale, and with limited risk of identification or arrest. And the same tools can be reused endlessly against new victims. The result is a crime environment where speed, volume, and anonymity favor attackers.
What once involved individual “script kiddies” launching opportunistic attacks has evolved into a sophisticated underground economy. Stock describes a modern criminal ecosystem built on specialization. One group develops malware. Another handles access brokerage. Others manage extortion, laundering, or technical support. Services are advertised, sold, rented, and bundled, sometimes with customer service and guarantees.
This division of labor allows cybercrime to operate at an industrial scale. As a result, attacks are faster to launch, easier to repeat, and more profitable than many forms of traditional crime.
A central message of the episode is that cybercrime affects everyone.
Individuals, including children and older adults, are now targeted through scams, fraud, and identity theft. Businesses of all sizes face ransomware, data theft, and operational disruption. And critical infrastructure, from hospitals and water systems to energy and transportation, is increasingly in scope.
Stock emphasizes that this mindset shift is simple but uncomfortable: cyberattacks are not a question of “if,” but “when and how.”
Despite the scale of the threat, Stock stresses that many attacks are preventable. Criminals have always looked for easy targets. As a result, organizations and individuals who consistently apply basic protective measures are often bypassed in favor of less prepared victims.
Cyber hygiene basics include such things as multi-factor authentication, timely patching, firewalls, cautious email behavior, and strong password practices. While such measures may sound obvious, they require discipline, consistency, and ongoing attention to be effective, especially as techniques such as deepfakes and social engineering grow more convincing. The good news, Stock notes, is that improving such fundamentals still delivers meaningful risk reduction.
In today’s evolving threat landscape, preparation matters as much as prevention. Stock argues that comprehensive incident response plans should be in place before an attack occurs. That includes knowing who to contact, how to communicate internally and externally, how to engage external expertise, and how to handle extortion attempts.
Regular rehearsals and tabletop exercises are equally critical. When incidents occur, stress and time pressure make improvisation risky. Prepared teams respond faster and recover more effectively.
Law enforcement capacity varies widely across regions. In some countries, cybercrime units are increasingly sophisticated and focused on preserving business continuity as well as evidence. In others, resources and expertise remain limited.
But even where police capabilities are strong, the scale of cybercrime exceeds what governments can handle on their own. The volume of data, the speed of attacks, and the global nature of networks demand collaboration beyond traditional boundaries.
A recurring theme in the episode is the importance of public-private cooperation.
Only a small fraction of cyber incidents is reported to authorities. At the same time, much of the most valuable threat intelligence resides in the private sector, within security firms, telecommunications providers, and technology companies that continuously monitor networks.
Stock argues for two-way information sharing and joint operations, where public and private actors work together in real time. He points to initiatives such as the Cybercrime Atlas and INTERPOL-led operations as examples of how shared intelligence can disrupt criminal infrastructure and lead to arrests at scale.
Looking ahead, Stock is candid about the challenges posed by artificial intelligence. Attackers have always adopted new tools quickly, and today’s autonomous agents, automated systems, and AI-assisted social engineering accelerate and elevate the sophistication of attacks.
Unfortunately, regulatory and institutional responses tend to move much more slowly. But in this threat environment, time is a critical factor. Delayed coordination and fragmented responses benefit criminals.
The episode closes with a clear call to action. Cybercrime is not solely a technical issue or a law enforcement problem. It is a societal risk that demands awareness, preparation, and cooperation at every level, from individuals and organizations to governments and international institutions.
Basic hygiene, preparedness planning, and information sharing may not be glamorous, but they remain among the most effective tools available. As cybercrime continues to scale, resilience will depend less on any single actor and more on how well societies choose to work together.
Brass Tacks: Talking Cybersecurity is Fortinet’s podcast series focused on the real-world risks shaping today’s digital landscape. In season 2, the series expands its lens beyond technology and business to examine cybersecurity as a societal challenge—one that touches governments, critical infrastructure, public services, and everyday life.
Each episode features conversations with experts from policy, academia, and industry, offering practical insight into how organizations and societies can strengthen resilience, manage risk, and respond to an evolving threat environment.
You can watch Brass Tacks episodes on Fortinet TV and YouTube, or listen on your preferred podcast platform under the Fortinet Cybersecurity Podcast channel.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。