Cybercrime Costs Over $600 Billion Annually

Uploaded on 2018-02-26 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cybercrime and espionage have caused more than $600 billion worth of damage annually in recent years, according to some new estimates from the US think tank Center for Strategic and International Studies (CSIS) and American cybersecurity firm McAfee.

“When we talk about impact of cybercrime, really it’s an economic impact with significant ramifications toward things like jobs, opportunity, investment, innovation,” said Raj Samani, McAfee’s chief scientist. “The objective is to change the discussion from this-country-does-that to how cyber-crime impacts all of us, why it matters and how to address it.”

The total cost is rising.

A 2014 estimate from CSIS put the annual cost of hacking at around $500 billion. Increasingly sophisticated hacking tools, the quick adoption of new technology and the growing professionalisation of cyber-crime have made it easier than ever to be a profitable crook online.

Even so, cyber-crime ranks behind government corruption and narcotics trafficking for annual cost to the world, according to the International Monetary Fund. “Cyber-crime also leads in the risk-to-payoff ratio,” the authors of the report wrote. 

“It is a low risk crime that provides high payoffs. A smart cyber-criminal can make hundreds of thousands, even millions of dollars with almost no chance of arrest or jail. When you think of big cyber-crimes, from Target to SWIFT to Equifax, none of the perpetrators have been prosecuted to date. 
“Law enforcement agencies can be aggressive and skillful in pursuing cyber-criminals, but many operate outside their reach. This is one reason why the cost of cyber-crime continues to grow.”

Plenty of Targets

The report’s authors estimate that more than 2 billion people, about two-thirds of the people online today, have had personal information stolen or compromised by hackers. As the number of people online grow, the number of compromises is poised to rise as well because new users usually come from low-income nations with systemic cyber-security problems.
East Asia, Europe and North America see annual costs ranging from $120 billion to $200 billion each. Higher-income nations tend to be more frequently targeted but lower income nations are often more easily exploited.
Ransomware is spotlighted in the report as the fastest growing cyber-crime. In 2015, about $24 million in total ransoms was paid. In 2016, that number jumped to $1 billion, according to the FBI. In 2017, estimates put the total amount of ransom paid at $2 billion.

According to CSIS, the published research is intended to help governments and the public understand the costs of cyber-crime, a category of illegal activity that is notoriously opaque and difficult to understand.
“The more that governments understand what those costs are, the more likely they are to bring their laws and policies into line with preventing those sorts of losses,” Stewart A. Baker, a former senior NSA and DHS official, said at the release of the last CSIS report.

Almost Nothing Works

To that end, the report’s authors put eight countries under a microscope to study the unique impact of cyber-crime on each nation.

“The most disturbing thing we found is that whether a country takes significant efforts against cyber-crime or whether it does almost nothing, cyber-criminals will still be successful,” the report’s authors wrote.

The think tankers ended the report with recommendations including increased international law enforcement cooperation, improving mutual legal assistance treaties to request help across borders and up-to-date and standardised laws around the world.

There are numerous “state sanctuaries” called out in the report. Russia, North Korea and Brazil are pointed to as world capitals, for various reasons, of cybercrime that need painful but temporary penalties to pressure for change, according to CSIS. Otherwise, there’s no reason the problem won’t continue to grow.

“There was a recent claim by a law enforcement official saying, oh if we see an attack from such-and-such country then we don’t even bother investigating,” McAfee’s Samani said. 
“You, kind of think to yourself, ‘That’s insane.’ We’re going to have to start small and ensure there is a global, collaborative agreement between law enforcement to work together as fast as possible. It’s crucial.”

Cyberscoop

You Might Also Read: 

Cybercrime: £130bn Stolen From Consumers In 2017:

FBI's Ability To Disrupt Cybercrime Has  Deteriorated:

British Banks Are Hiding Cyber Attacks:

« Discover Hidden Cybersecurity Talent
Eight Reasons Why Facebook Has Peaked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

InformationWeek

InformationWeek

InformationWeek is the world's most trusted online community for business technology professionals like you.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Portnox

Portnox

In 2007, Portnox set out to create one of the world’s easiest to use, most loved, value-driven network security solutions — and our customers will tell you we’ve succeeded.

Lookout

Lookout

Lookout is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

Latvian Information & Communications Technology Association (LIKTA)

Latvian Information & Communications Technology Association (LIKTA)

LIKTA brings together leading Latvian companies, organizations and professionals in the field of Information & Communications Technology

Canadian Security Intelligence Service (CSIS)

Canadian Security Intelligence Service (CSIS)

CSIS collects and analyzes threat-related information concerning the security of Canada in areas including terrorism, espionage, WMD, cybersecurity and critical infrastructure protection.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Innovative Solutions (IS)

Innovative Solutions (IS)

Innovative Solutions is a specialized professional services company delivering Information Security products and solutions for Saudi Arabia and the Gulf region.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

ECS Ethiopia

ECS Ethiopia

ECS Ethiopia provides Ethiopia’s leading institutions with top cyber-security expertise and technology to enable them to overcome risks and market barriers enabling them to grow their business.

Avocado Consulting

Avocado Consulting

Avocado helps clients deliver with certainty on their complex IT change, with technology services that automate, monitor and optimise.

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

IMC2 brings together resources to carry out ambitious, innovative and multidisciplinary projects in the field of cybersecurity and cyber resilience.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.