[ad_1]
Even as defences improve, the economics of cybercrime continue to favour the attacker
The Sweeney was a defining UK crime series in the late 1970’s, following the Flying Squad, an elite unit tackling armed robbery and organised crime. Much of the action centred on Regan and Carter chasing villains, often bank or armoured car robbers operating in a world where cash was king. Viewed through a modern lens, the show is undeniably dated, and often uncomfortable. But it also offers a useful analogy for today’s cybersecurity challenge.
In the 1980s and early 1990s, robbing banks or high-end retail outlets made economic sense. Targets were relatively soft, rewards were tangible and untraceable, and the barriers to entry were low. Crucially, the chances of getting away with it were high enough to make the risk worthwhile.That equation changed dramatically. At its peak in 1992, the UK saw close to 850 bank robbery attempts annually. By the mid-2020s, that number had fallen to fewer than 50, most involving ATMs rather than traditional branch robberies.
The reason is simple, the economics of crime shifted. Banks became harder targets, deploying layered defences such as time-locked vaults, fogging systems, silent alarms and hardened physical barriers. Cash-in-transit introduced dye packs and tracking. CCTV made identification easier. And perhaps most importantly, society moved towards digital payments, reducing the volume of cash available to steal. In short, the reward diminished, the risk increased, and the model collapsed. Cybercrime, by contrast, has not yet reached that tipping point.
Hands up – this is a robbery!
Today’s most lucrative cybercrime model is ransomware, effectively holding critical systems or sensitive data hostage. According to Chainalysis, global ransomware payments were around $1 billion in 2024. That is a small slice of the often-cited $10 trillion “cost of cybercrime” popularised by Cybersecurity Ventures, but it remains highly attractive given the low cost of execution.
As Ciaran Martin, former CEO of the National Cyber Security Centre has often noted, cybersecurity is about managing risk, not eliminating it. The problem is that, for attackers, the risk-reward balance still works. If we follow the bank robbery analogy, the goal is not just to make attacks harder, but to make them less worthwhile.
For ransomware, that means building environments that can be rapidly rebuilt. Cloud-native infrastructure, immutable backups and properly tested recovery processes allow organisations to spin up clean systems, removing the attacker’s leverage. For data theft, it means ensuring stolen data has little value, through tokenisation, encryption and strict data minimisation. These approaches are not cheap. But neither was the transformation of physical banking, which required billions in investment and sustained behavioural change. Cybersecurity is on the same journey, just earlier in the curve.
The final piece is deterrence. Cybercriminals often operate across borders, frequently from jurisdictions where enforcement is limited. According to Europol, attribution and prosecution remain major challenges. If attackers face little risk of being caught, the model continues to work. Addressing this requires coordinated government action, diplomatic pressure and, where necessary, sanctions. Progress is being made, but slowly.
The end of the show
For MSPs, the implication is clear, even well-defended organisations will experience incidents. Not because of negligence, but because the wider ecosystem still incentivises attack. As long as rewards remain high and risks remain low, attacks will continue to scale.
That does not make cybersecurity futile. Resilience is improving, the widespread outages of the early 2000s are far less common. I would argue that cyber security is much better than say in 2017 when the WannaCry attack on the National Health Service disrupted at least a third of NHS trusts, cancelled around 19,000 appointments and cost an estimated £92 million. It exploited a known vulnerability, but it worked because the systems were critical and difficult to replace quickly.
This is not just about preventing breaches. It is about reducing impact, building systems that cannot be held hostage, and ensuring stolen data has limited value. And collectively, resisting ransom payments that reinforce the attacker’s business model.
Regan and Carter’s solution in The Sweeney was simple, grab some “shooters”, jump in a Ford Cortina, catch the suspects, and finish with a pint. In 2026, organised crime requires a different response. The lesson from the decline of bank robbery is not just better defences, it is a change in economics. Reduce the rewards, increase the risks, and the model collapses.
Until then, the villains will keep coming.
[ad_2]
Click Here For The Original Source.
