Cybersecurity threats in 2026 look more like organized international crime rings running revenue operations than a hacker in a hoodie trying to crack a network, according to Barrett Earney, founder and CEO of Wilmington-based Earney IT.
Cybercrime hit home locally when two cyberattacks on the town of Carolina Beach resulted in the theft of nearly $500,000 in December.
“The Carolina Beach Police Department, with assistance from the Federal Bureau of Investigation, investigated the incidents and determined they are related to an ongoing FBI investigation in another state and are international in scope,” a Carolina Beach news release stated in February.
Carolina Beach is not a client of Earney IT, but the firm offers cybersecurity solutions among its services, and Earney answered questions about cybersecurity in general in May.
What is cybersecurity, who does it impact, and why are traditional IT companies expanding into it?
EARNEY: “Cybersecurity is the practice of protecting your data, your money, your identity and your ability to operate from people who want to take any of those things from you. That’s it. The honest answer to ‘who does it impact’ is: everyone with an email address and a bank account. But the threat curve is steepest for small and mid-sized businesses, local governments and nonprofits – the organizations that have enough money to be worth stealing from but not enough scale to fund a full security team. The FBI’s Internet Crime Complaint Center logged $16.6 billion in reported losses in 2024, a 33% jump in a single year. As for why traditional IT companies are racing into security: Customers have stopped treating security as a checkbox and started treating it as survival.”
Is what happened in Carolina Beach the future of cyber breaches?
EARNEY: “Two related thefts (from the town of Carolina Beach) totaling $487,994.80, discovered weeks apart, traced to international actors – the pattern is consistent with Business Email Compromise, or BEC. BEC is not a movie hack. There’s no broken firewall, no malware, no ransom note. Criminals compromise or impersonate a vendor’s email, watch quietly for weeks, then send a perfectly normal-looking email saying, ‘We’ve updated our banking information.’ The next legitimate payment goes straight to them.”
Do 90% of cyber incidents really start with a phishing email?
EARNEY: “Directionally right. Verizon’s 2025 Data Breach Investigations Report found phishing involved in 36% of all breaches; IBM attributes around 41% of incidents to phishing as the entry point. Cast a wider net – any incident where a human was tricked into clicking, opening, or replying – and the figure climbs north of 80%. But the word ‘phishing’ is doing a lot of work. Most folks imagine the typo-ridden Nigerian prince emails of 2005. What we see now is hyper-personalized, grammatically flawless, often AI-generated and built around real details scraped from LinkedIn, your website and public filings. AI-crafted phishing emails get clicked at roughly 54% versus 12% for old-school versions.”
What’s happening when criminals siphon data or hold it for ransom?
EARNEY: “Three buckets: ransomware, where criminals encrypt your data and demand payment; BEC and wire fraud; and data theft – credentials and records sold on dark web markets. The foundational defenses every business needs today: multi-factor authentication on every account; endpoint detection and response; managed detection and response – a 24/7 human security team watching for anomalies; immutable off-site backups ransomware can’t reach; rigorous email security; ongoing employee training with simulated phishing; and written financial controls requiring out-of-band verification for any change in payment instructions. Companies are fighting back – 64% of ransomware victims now refuse to pay, up from 50% two years ago, and total tracked crypto ransom payments fell 35% in 2024.”
“The good news is companies are saying no to ransomware more than ever. The bad news is criminals have shifted to scams where they don’t need your permission to take your money.”
How does AI figure into this equation?
EARNEY: “AI is the single biggest accelerant on both sides right now. On the attack side, criminals use large language models to write flawless phishing emails, clone voices to fake CEO calls and generate deepfake video calls – there was a publicized case last year where a $25 million transfer was approved off a deepfake video call. There’s been a roughly 14x year-over-year increase in AI-generated phishing attempts. On the defense side, AI correlates billions of events across thousands of endpoints in real time, spots behavioral anomalies a human analyst would miss and automates the first 30 seconds of incident response – often the difference between a contained event and a catastrophic one.”
See other stories on Technology:
Betting on a Startup Movement
Cybercrime Ramps Up Sophistication
OPINION: Beyond the Lab Bench
nCino CEO Eyes AI Future
