Is cybersecurity threats actually dangerous?

The Lie That Cyber‑Threats Are “Just a Tech Problem”

Everyone in the media loves to scream “cyber‑war!” as if a handful of code snippets could topple governments. The narrative is tidy: hackers are faceless villains, corporations are victims, and the solution is a bigger budget for private security firms. It’s a story that serves two masters—Wall Street’s cyber‑insurance market and the defense lobby that wants ever‑larger contracts.

The reality? Most “cyber‑threats” are engineered to extract money from already vulnerable communities, and the danger lies not in the malware itself but in the power structures that let it thrive.

• Ransomware attacks cost U.S. businesses $10.8 billion in 2022 alone (FBI Internet Crime Report, 2022).
• Over 80 % of those attacks target small‑to‑mid‑size firms that can’t afford robust defenses.
• The majority of the ransom money disappears into offshore accounts linked to organized crime, not into public safety funds.

The hype distracts from the fact that the true victims are workers laid off after a breach, patients whose medical records are sold on the dark web, and neighborhoods where a school’s network is shut down because the district can’t pay the ransom.

Who’s Cashing In While We Fear the Dark‑Web

The panic over “cyber‑terror” is a cash cow for a handful of corporations that have turned fear into profit.

• Cyber‑insurance giants spent $7 million on Capitol Hill in 2023 to push legislation that makes insurers the de‑facto regulators of corporate security.
• Big‑tech “cloud” providers lobby for “self‑regulation” standards that let them avoid any real public oversight.
• Private military contractors market “cyber‑warfare units” to the Pentagon, promising “national security” while siphoning taxpayer money into profit margins that exceed 30 %.

These interests thrive on the myth that only a “national security” response can protect us. They push for more surveillance, more data collection, and more militarization of the internet—none of which address the root cause: systemic inequality that makes low‑wage workers the most exploitable data points.

The hidden agenda

• Extract wealth: ransomware payments flow to criminal networks that reinvest in illicit economies, reinforcing cycles of poverty.
• Control information: by framing every breach as a national‑security issue, governments justify expanding digital policing powers that target activists and communities of color.
• Stifle regulation: private “standards” keep public agencies out of the picture, allowing corporations to set the rules of the road.

The Real Damage: Lives, Not Log Files

When a hospital’s network is encrypted, patients are turned away. When a city’s water‑utility SCADA system is compromised, residents risk contamination. These are not abstract “data loss” stories; they are public‑health crises that hit the most marginalized first.

Case in point: The Acronis Threat Research Unit (TRU) uncovered a campaign that used protest‑related .LNK files to deliver remote‑access trojans (RATs) and information stealers. The attack was timed with geopolitical unrest, targeting activists who already face police surveillance. The researchers at The Hacker News reported the campaign on January 9, 2024. No evidence shows the payload succeeded at scale, but the very act of weaponizing protest imagery shows who profits from fear—private surveillance firms that sell “protective monitoring” to municipalities.

• Workers lose jobs when a breach forces a company to downsize.
• Families lose privacy when personal data is sold to predatory lenders.
• Communities lose trust in public services that appear defenseless.

These consequences are amplified by a broken regulatory system that treats cyber incidents as private liabilities, not as public emergencies. The Cybersecurity and Infrastructure Security Agency (CISA) lists nation‑state actors as “serious, ever‑evolving cyber dangers,” yet it offers no mandate for public utilities to receive federal resilience funding beyond vague “advisories.” The result? Patchwork defenses that leave low‑income neighborhoods exposed while affluent districts receive the latest security upgrades.

Lies Sold to the Public (Misinformation)

The discourse around cyber‑threats is riddled with falsehoods that keep the status quo intact. Below are the most damaging myths and why they crumble under scrutiny.

• “Cyber‑attacks are random; anyone can be a target.”
  False. Studies from the Emerging Trends in Cybersecurity paper (2023) show attackers prioritize sectors with high payouts: healthcare, finance, and Low‑income hospitals and community banks are deliberately singled out because they lack the capital for sophisticated defenses.

• “Ransomware is a new phenomenon.”
  False. Ransomware dates back to the early 2000s (e.g., the “GPCoder” attacks). What’s new is the scale and the integration with ransomware‑as‑a‑service platforms that lower the barrier to entry for low‑skill criminals. The myth that it’s a “new” threat obscures the long‑standing neglect of cyber hygiene in underfunded institutions.

• “Strong encryption makes data theft impossible.”
  False. Encryption can be bypassed through social engineering, credential stuffing, and insider threats. The Acronis TRU report (2024) demonstrated that attackers exploit human trust rather than technical flaws.

• “The government is already protecting us.”
  False. CISA’s advisories are reactive, not preventive. There is no comprehensive federal mandate for mandatory breach reporting, mandatory cyber‑risk assessments for public schools, or funding for community‑level cyber resilience. The illusion of “government protection” is a smokescreen for budget cuts to public IT departments.

These lies persist because they shift blame onto “the user” and away from the corporate and political structures that underfund security for the most vulnerable.

What Collective Power Can Do

If we stop treating cyber‑threats as an abstract, individual problem and view them through the lens of power, the path forward becomes clear: public investment, democratic oversight, and community‑driven resilience.

Policy levers that actually work

• Universal cyber‑risk insurance funded by progressive taxation. This would pool risk across the entire economy, removing the profit motive from ransomware payouts.
• Mandatory, publicly funded security audits for all entities receiving federal contracts or subsidies. Audits must be performed by independent, non‑profit labs rather than corporate security firms.
• Community cyber‑literacy programs integrated into public schools, libraries, and labor unions. Knowledge is the first line of defense, especially for workers handling sensitive data.
• Strengthened antitrust enforcement to break up the oligopoly of “big‑tech” security providers that lock municipalities into expensive, proprietary ecosystems.

Grassroots wins to emulate

• The “Secure the Vote” coalition in several U.S. states successfully lobbied for state‑funded election‑system hardening, saving millions in potential breach costs.
• The European “Cyber Resilience Fund” allocates €500 million annually to small municipalities for cybersecurity upgrades, showing that public money can be used effectively without private profit‑driven intermediaries.

When communities organize, they can demand that cyber‑security be treated as a public utility—essential, non‑discriminatory, and accountable to the people it serves.

Why This Should Make You Angry

Because the narrative that “cyber‑threats are dangerous” is a weapon.

• Justify the militarization of the internet, expanding surveillance on dissenting voices.
• Divert public attention from the real economic exploitation that makes low‑wage workers the easiest targets.
• Enrich a handful of lobbyists while leaving schools, hospitals, and small businesses to pick up the tab.

The anger should be directed not at the hackers—who are often desperate individuals exploited by organized crime—but at the system that lets them profit. The danger is not the code; it’s the capitalist logic that turns every breach into a payday for the elite.

The solution is a radical re‑imagining of cyber‑security as a collective right, not a market commodity. It means demanding public investment, transparent oversight, and an end to the cozy dance between defense contractors and lawmakers. Only then will the threat stop being a convenient excuse for further oppression and start being addressed as the human crisis it truly is.

Sources

• Acronis Threat Research Unit: Malicious LNK Campaign Exploiting Protest Imagery (The Hacker News)
• Emerging Trends in Cybersecurity: A Holistic View on Current Threats (PMC)
• Cyber Threats and Response – CISA
• 2022 Internet Crime Report – FBI
• Secure the Vote – Coalition for Election Security (Washington Post coverage)