Global Cost of Cybercrime on the Rise
Introduction
Cyber-criminal activities worldwide continue to increase, in many cases, organized crime rings operate worldwide, and their profits are very high.
The consolidation of a model of sales such as crime-as-a-service, attack-as-a-service, and malware-as-a-service is attracting criminal organizations and wannabe hackers.
According to the experts, the monetization of stolen data and cyber criminals' activities seems to have become less difficult because of the improvements in cybercrime ecosystem (i.e., black markets) and the adoption of anonymizing methods of payment, such as digital currencies. Digital currency makes ransomware payments easier challenging to track.
Cybercriminal organizations operate at scale; everyday crooks attempt to monetize their efforts with a fantastic number of attacks. Below a list of the estimated daily cybercrime activity:
- 80 billion Malicious scans of the Internet for vulnerable web services;
- 300,000 to one million new samples of malware;
- 4,000 ransomware attacks every day;
- 33,000 phishing messages;
- 780,000 Records lost due to security breach;
Which is the cost of cybercrime? Due to the intensification of cybercriminal phenomena, it is very difficult hard to provide an estimation of the costs of cybercrime on a global scale. Every day we read about, cyber-attacks, malware infections, data breaches, scams and so on, but these illegal activities are just the tip of the iceberg because in many cases victims do not report crimes to the authorities.
The security experts at McAfee and Cisco published two distinct reports that will help us to have an idea about the economic impact of cybercrime globally.
Global cybercrime costs reached $600 Billion
According to the report recently published by McAfee in collaboration with the Center for Strategic and International Studies (CSIS), the global cost is estimated at $600 billion annually, a worrisome figure that corresponds to 0.8% of the global GDP. Comparing the value with the cost of cybercrime estimated in a past study we can verify that the overall cost is jumped from $500 billion in 2014 to $600 billion (+20%).
"In 2014, taking into account the full range of costs, CSIS estimated that cybercrime cost the world between $345 billion and $445 billion. As a percentage of global GDP, cybercrime cost the global economy 0.62% of GDP in 2014. Using the same methods, CSIS now believe the range is now between $445 billion and $600 billion," states the report.
The increase is mainly caused by the significant increase in theft of intellectual property and confidential business information; intellectual property theft accounts for at least 25% of overall cybercrime costs.
Almost any region suffers cybercrime losses, according to the report there are variations by region that are linked to income levels and level of cybersecurity maturity. The countries with higher losses are the richest ones; the significant cybercrime cost is suffered by Europe and Central Asia ($160 Billion to $180 Billion) and North America ($140 Billion to $175 Billion).
An essential element to consider when estimating the impact of cybercrime is the hidden costs. Crimes like the theft of intellectual property have a dramatic impact on businesses, damages to the reputation, business interruption, recovery costs and opportunity costs, are relevant in case of security breaches.
CSIS sustains that the growth of cybercrime has been enabled by anonymizing networks like Tor and by cryptocurrencies. Crooks can operate a black market hidden in the tor network to allows payments difficult to track.
"Bitcoin and Tor, which have allowed cybercriminals to conceal their identities while paying for services through a digital medium that significantly complicates law enforcement tracking efforts. Bitcoin has long been the favored currency for darknet marketplaces, with cybercriminals taking advantage of its pseudonymous nature and decentralized organization to conduct illicit transactions, demand payments from victims, and launder the proceeds from their crimes," continues the report.
"Cybercriminals benefit from the fact that no personally identifying information is linked to the use and exchange of Bitcoin, allowing criminals to operate with near impunity even though all Bitcoin transactions are publicly recorded."
Financial institutions are a privileged target of skilled crime rings; banks spend three times as much on cybersecurity as non-financial institutions to protect their assets from hackers.
Unfortunately, banks are targeted not only by cyber criminals but also by nation-state hackers. The researchers at the CSIS explained that Russia, North Korea, and Iran are the most active in hacking financial institutions. We have assisted to numerous attacks against banks worldwide powered by the North Korea-linked APT group tracked as Lazaurs. Between 2015 and 2016, alleged North Korean hackers targeted dozens of banks in the SWIFT network and stole tens millions of dollars.
While Iranian hackers are becoming even more aggressive, Russia and North Korea target banks to steal money and finance their campaigns.
"The attacks provided a lucrative means to supplement the North Korean government's limited access to foreign currency. North Korea has also turned to cryptocurrency theft to help fund its regime. North Korean hackers have targeted at least three South Korean cryptocurrency exchanges in 2017," continues the report.
According to the report, Russia leads cybercrime activities worldwide; the reports also highlighted the thin line between crime rings and nation-state actors.
"CSIS believes that Russia leads overall in cybercrime, reflecting the skill of its hacker community and its disdain for western law enforcement. The complex and close relationship between the Russian state and Russian organized crime means that Russia provides a sanctuary for the most advanced cybercriminals, whose attention focuses on the financial sector," continues the report.
Ransomware is a profitable business for the criminal ecosystem. Currently, more than 6,000 black marketplaces offer for sale such kind of malware and related services, an overall offer of more than 45,000 different products.
Another report published by the tech giant Cisco-provided further information about the impact of criminal activities on businesses. The study is based on interviews with 3,600 CISOs.
Cisco report confirms the fear of security breaches is mainly founded on the financial cost of attacks and for this reason, it tried to estimate it based on the CISOs' experience.
Breaches cause real economic damage to organizations, in the majority of cases they can spend weeks, months or years to fix the problems and implement additional measures to prevent further incidents.
According to Cisco, almost any attack will cost to the victims at least $500,000. The cost dramatically increased for 8% of companies in the Cisco report that admitted that cyber-attacks had cost them over $5 million, 11% the companies suffered economic losses between $2.5 million and $4.9 million.
Cisco highlighted the risk of attacks aimed at the supply chain of the companies. These attacks have increased in complexity and frequency.
Figure 1 - Fifty-three percent of attacks result in damages of $500,000 or more (Cisco Report)
According to CISCO, the most challenging areas and functions to defend are mobile devices, data in the public cloud, and user behavior
Recently the leading global professional services company Accenture, working with Ponemon Institute, released another interesting study on cyber-security entitled, "Cost of Cyber Crime Study."
The report states that cybercrime costs are rapidly increasing, with organizations spending nearly 23 percent more than last year, US $11.7 million, on average.
Financial services companies more exposed to cybercrime, cyber-attacks cost them more to address and contain than in any other industry.
The average number of security breaches per company has more than tripled over the past five years; the report states that the figure passed from 40 in 2012 to up 125 in 2017.
The average annualized cost of cybercrime for firms in the Financial industry globally has increased by more than 40 percent over the past three years passing from $12.97 million per firm in 2014 to $18.28 million in 2017. This figure is higher than the average cost of $11.7 million per company across all industries reported in the analysis.
Figure 2 - Cost of Cybercrime - Financial Industry (source Accenture - Ponemon Institute)
Currently, the types of attacks with the most significant economic impact on banks and insurers are:
- Denial of service
- Phishing
- Social engineering
- Malicious insiders
Malware and web-based attacks were most costly among attack techniques reported by Accenture/Ponemon, the annualized costs faced by companies reached $2.4 million and $2 million, respectively.
According to this study malware attacks cost $5,000 on average per each security breach, while denial-of-service attacks carried the most severe financial losses, $227,000, followed by phishing and social engineering $196,000.
The above figures suggest that criminals are winning the battle.
Conclusion
Organizations need to better balance investments in cyber-security technologies, all the reports analyzed in this post highlight the huge economic impact of cybercrime on modern businesses.
We expect further growth in cybercrime, the attack surface of modern companies will continue to increase due to the adoption of "internet of things" (IoT) devices and cloud storages.
"Cybercrime will also continue to grow as hackers increase their use of artificial intelligence tools to create malware and identify targets and move into the cloud. Criminals will take advantage of cloud services both as targets and as tools to house malware and launch DoS attacks," concluded McAfee.
References
http://securityaffairs.co/wordpress/69401/cyber-crime/cybercrime-cost-2017.html
https://www.mcafee.com/us/resources/reports/restricted/economic-impact-cybercrime.pdf
https://blogs.cisco.com/security/cisco-2018-annual-cybersecurity-report
In this Series
- Global Cost of Cybercrime on the Rise
- Dark Web hacking tools: Phishing kits, exploits, DDoS for hire and more
- Dependency confusion: Compromising the supply chain
- BendyBear: A shellcode attack used for cyberespionage
- ATP group MontysThree uses MT3 toolset in industrial cyberespionage
- BlackBerry exposes threat actor group BAHAMUT: Cyberespionage, phishing and other APTs
- Top 9 cybercrime tactics, techniques and trends in 2020: A recap
- KashmirBlack botnet targets WordPress, Joomla and other popular CMS platforms
- BAHAMUT: Uncovering a massive hack-for-hire cyberespionage group
- Linux security and APTs: Identifying threats and reducing risk
- Top 6 ransomware strains to watch out for in 2020
- 2020 Verizon data breach investigations report: Summary and key findings for security professionals
- How hackers use CAPTCHA to evade automated detection
- The State of Ransomware 2020: Key findings from Sophos & Malwarebytes
- Dark web fraud: How-to guides make cybercrime too easy
- Top 6 malware strains to watch out for in 2020
- Top Cybersecurity Predictions for 2020
- Malware spotlight: What is click fraud?
- What does dark web monitoring really do?
- ThreatMetrix Cybercrime Report: An interview
- Are dark web monitoring services worth it?
- Cybercrime and the underground market [Updated 2019]
- Verizon DBIR 2019 analysis
- Common causes of large breaches (Q1 2019)
- The Magecart Cybercrime Group Is Threatening E-Commerce Websites Worldwide
- Russian Cyberspies Target 2018 U.S. Midterm Elections
- The Increasing Threat of Banking Trojans and Cryptojacking
- Leaders’ Meetings: A Privileged Target for Hackers
- Fraud as a Service (FaaS): Everything You Need to Know
- All about SamSam Ransomware
- The Decline of Ransomware and the Rise of Cryptocurrency Mining Malware
- Mechanics Behind Ransomware-as-a-Service
- The Art of Fileless Malware
- ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS
- Which Are the Most Exploited Flaws by Cybercriminal Organizations?
- 5 New Threats Every Organization Should be Prepared for in 2018
- Memcrashed: The Dangerous Trend Behind the Biggest DDoS Attack Ever
- Open source threat intelligence tools & techniques
- An Enterprise Guide to Using Threat Intelligence for Cyber Defense
- The Five Largest Ransomware Attacks of 2017
- Intellectual Property Crimes in the Dark Web
- Top 5 Smartest Malware Programs
- Is Russian Intelligence Using Tainted Software to Access Corporate and Government Networks?
- Vault 7 Leaks: Inside the CIA's Secret Kingdom (July-August 07)
- DragonFly 2.0: The Alleged Nation-State Actor Hits the Energy Sector Again
- Russian APT Groups Continue Their Stealthy Operations
- Massive Petya Attack: Cybercrime or Information Warfare?
- SAP SECURITY FOR CISO: SAP Attacks and Incidents
- Role of Threat Intelligence in Business World
- WikiLeaks Vault 7 Data Leak: Another Earthquake in the Intelligence Community
- Past and Present Iran-linked Cyber-Espionage Operations
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Threat Intelligence
Dark Web hacking tools: Phishing kits, exploits, DDoS for hire and more
Threat Intelligence
Threat Intelligence
Threat Intelligence
ATP group MontysThree uses MT3 toolset in industrial cyberespionage