Of the tiny number of criminals that are caught, a tiny number go to prison.
Despite a 90% conviction rate last year, cyber criminals in the UK largely avoided prison time. In fact, of all the crooks found guilty of computer misuse, only 16% were handed an immediate custodial sentence.
These statistics, from an analysis by IT website the Register, also reveal a reluctance to prosecute at all. Although there was a leap in the prosecution rate from 2013 onwards, in 2018 it remained steady in a 50:50 ratio with police cautions.
Think about that for a second. If you commit a cyber crime, you only have a 50% chance of being being prosecuted. Then you’re most likely to get a fine or a suspended sentence.
Such lenience is worrying. It’s no easy thing to identify and track down cyber criminals. In the rare cases when they’re actually caught, it seems important to send a message that their behaviour will not be tolerated.
Instead, cyber criminals have little to deter them and the chance to make millions.
Were hacking limited exclusively to skilled computer programmers, that would perhaps provide some reassurance. But even amateurs can get involved, thanks to hacking software that simplifies and automates cyber crime. Combined with the relatively low risks, the attraction is clear.
For the rest of us, the individuals and businesses who the fraudsters prey on, how we respond is vital. Faced with an inevitable flood of attacks, cyber security is now a necessity for everyone.
You might think your business is too small to be targeted, but that simply isn’t the case. Hacking is so easy, practically any target is worth the effort.
Of course, whatever cyber security you have should be proportionate to what you’re protecting - it wouldn’t make financial sense to have top-of-the-range security tech if your whole business is a white van and a ladder, for example. But you should use a multi-layered approach, including multi-factor authentication, good password practices and email filtering.
What you don’t want to do is bury your head in the sand and expect the authorities to take care of everything. They can’t, and they would expect you to do your part too.