Cyber-criminal activities worldwide continue to increase, in many cases, organized crime rings operate worldwide, and their profits are very high.
The consolidation of a model of sales such as crime-as-a-service, attack-as-a-service, and malware-as-a-service is attracting criminal organizations and wannabe hackers.
According to the experts, the monetization of stolen data and cyber criminals’ activities seems to have become less difficult because of the improvements in cybercrime ecosystem (i.e., black markets) and the adoption of anonymizing methods of payment, such as digital currencies. Digital currency makes ransomware payments easier challenging to track.
Cybercriminal organizations operate at scale; everyday crooks attempt to monetize their efforts with a fantastic number of attacks. Below a list of the estimated daily cybercrime activity:
- 80 billion Malicious scans of the Internet for vulnerable web services;
- 300,000 to one million new samples of malware;
- 4,000 ransomware attacks every day;
- 33,000 phishing messages;
- 780,000 Records lost due to security breach;
Which is the cost of cybercrime? Due to the intensification of cybercriminal phenomena, it is very difficult hard to provide an estimation of the costs of cybercrime on a global scale. Every day we read about, cyber-attacks, malware infections, data breaches, scams and so on, but these illegal activities are just the tip of the iceberg because in many cases victims do not report crimes to the authorities.
Global cybercrime costs reached $600 Billion
According to the report recently published by McAfee in collaboration with the Center for Strategic and International Studies (CSIS), the global cost is estimated at $600 billion annually, a worrisome figure that corresponds to 0.8% of the global GDP. Comparing the value with the cost of cybercrime estimated in a past study we can verify that the overall cost is jumped from $500 billion in 2014 to $600 billion (+20%).
“In 2014, taking into account the full range of costs, CSIS estimated that cybercrime cost the world between $345 billion and $445 billion. As a percentage of global GDP, cybercrime cost the global economy 0.62% of GDP in 2014. Using the same methods, CSIS now believe the range is now between $445 billion and $600 billion,” states the report.
The increase is mainly caused by the significant increase in theft of intellectual property and confidential business information; intellectual property theft accounts for at least 25% of overall cybercrime costs.
Almost any region suffers cybercrime losses, according to the report there are variations by region that are linked to income levels and level of cybersecurity maturity. The countries with higher losses are the richest ones; the significant cybercrime cost is suffered by Europe and Central Asia ($160 Billion to $180 Billion) and North America ($140 Billion to $175 Billion).
An essential element to consider when estimating the impact of cybercrime is the hidden costs. Crimes like the theft of intellectual property have a dramatic impact on businesses, damages to the reputation, business interruption, recovery costs and opportunity costs, are relevant in case of security breaches.
CSIS sustains that the growth of cybercrime has been enabled by anonymizing networks like Tor and by cryptocurrencies. Crooks can operate a black market hidden in the tor network to allows payments difficult to track.
“Bitcoin and Tor, which have allowed cybercriminals to conceal their identities while paying for services through a digital medium that significantly complicates law enforcement tracking efforts. Bitcoin has long been the favored currency for darknet marketplaces, with cybercriminals taking advantage of its pseudonymous nature and decentralized organization to conduct illicit transactions, demand payments from victims, and launder the proceeds from their crimes,” continues the report.
“Cybercriminals benefit from the fact that no personally identifying information is linked to the use and exchange of Bitcoin, allowing criminals to operate with near impunity even though all Bitcoin transactions are publicly recorded.”
Financial institutions are a privileged target of skilled crime rings; banks spend three times as much on cybersecurity as non-financial institutions to protect their assets from hackers.
Unfortunately, banks are targeted not only by cyber criminals but also by nation-state hackers. The researchers at the CSIS explained that Russia, North Korea, and Iran are the most active in hacking financial institutions. We have assisted to numerous attacks against banks worldwide powered by the North Korea-linked APT group tracked as Lazaurs. Between 2015 and 2016, alleged North Korean hackers targeted dozens of banks in the SWIFT network and stole tens millions of dollars.
While Iranian hackers are becoming even more aggressive, Russia and North Korea target banks to steal money and finance their campaigns.
“The attacks provided a lucrative means to supplement the North Korean government’s limited access to foreign currency. North Korea has also turned to cryptocurrency theft to help fund its regime. North Korean hackers have targeted at least three South Korean cryptocurrency exchanges in 2017,” continues the report.
According to the report, Russia leads cybercrime activities worldwide; the reports also highlighted the thin line between crime rings and nation-state actors.
“CSIS believes that Russia leads overall in cybercrime, reflecting the skill of its hacker community and its disdain for western law enforcement. The complex and close relationship between the Russian state and Russian organized crime means that Russia provides a sanctuary for the most advanced cybercriminals, whose attention focuses on the financial sector,” continues the report.
Ransomware is a profitable business for the criminal ecosystem. Currently, more than 6,000 black marketplaces offer for sale such kind of malware and related services, an overall offer of more than 45,000 different products.
Another report published by the tech giant Cisco-provided further information about the impact of criminal activities on businesses. The study is based on interviews with 3,600 CISOs.
Cisco report confirms the fear of security breaches is mainly founded on the financial cost of attacks and for this reason, it tried to estimate it based on the CISOs’ experience.
Breaches cause real economic damage to organizations, in the majority of cases they can spend weeks, months or years to fix the problems and implement additional measures to prevent further incidents.
According to Cisco, almost any attack will cost to the victims at least $500,000. The cost dramatically increased for 8% of companies in the Cisco report that admitted that cyber-attacks had cost them over $5 million, 11% the companies suffered economic losses between $2.5 million and $4.9 million.
Cisco highlighted the risk of attacks aimed at the supply chain of the companies. These attacks have increased in complexity and frequency.
Figure 1 – Fifty-three percent of attacks result in damages of $500,000 or more (Cisco Report)
Ethical Hacking Training – Resources (InfoSec)
According to CISCO, the most challenging areas and functions to defend are mobile devices, data in the public cloud, and user behavior
The report states that cybercrime costs are rapidly increasing, with organizations spending nearly 23 percent more than last year, US $11.7 million, on average.
Financial services companies more exposed to cybercrime, cyber-attacks cost them more to address and contain than in any other industry.
The average number of security breaches per company has more than tripled over the past five years; the report states that the figure passed from 40 in 2012 to up 125 in 2017.
The average annualized cost of cybercrime for firms in the Financial industry globally has increased by more than 40 percent over the past three years passing from $12.97 million per firm in 2014 to $18.28 million in 2017. This figure is higher than the average cost of $11.7 million per company across all industries reported in the analysis.
Figure 2 – Cost of Cybercrime – Financial Industry (source Accenture – Ponemon Institute)
Currently, the types of attacks with the most significant economic impact on banks and insurers are:
- Denial of service
- Social engineering
- Malicious insiders
Malware and web-based attacks were most costly among attack techniques reported by Accenture/Ponemon, the annualized costs faced by companies reached $2.4 million and $2 million, respectively.
According to this study malware attacks cost $5,000 on average per each security breach, while denial-of-service attacks carried the most severe financial losses, $227,000, followed by phishing and social engineering $196,000.
The above figures suggest that criminals are winning the battle.
Organizations need to better balance investments in cyber-security technologies, all the reports analyzed in this post highlight the huge economic impact of cybercrime on modern businesses.
We expect further growth in cybercrime, the attack surface of modern companies will continue to increase due to the adoption of “internet of things” (IoT) devices and cloud storages.
“Cybercrime will also continue to grow as hackers increase their use of artificial intelligence tools to create malware and identify targets and move into the cloud. Criminals will take advantage of cloud services both as targets and as tools to house malware and launch DoS attacks,” concluded McAfee.