Cybercrime Costs Over $600 Billion Annually

Uploaded on 2018-02-26 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cybercrime and espionage have caused more than $600 billion worth of damage annually in recent years, according to some new estimates from the US think tank Center for Strategic and International Studies (CSIS) and American cybersecurity firm McAfee.

“When we talk about impact of cybercrime, really it’s an economic impact with significant ramifications toward things like jobs, opportunity, investment, innovation,” said Raj Samani, McAfee’s chief scientist. “The objective is to change the discussion from this-country-does-that to how cyber-crime impacts all of us, why it matters and how to address it.”

The total cost is rising.

A 2014 estimate from CSIS put the annual cost of hacking at around $500 billion. Increasingly sophisticated hacking tools, the quick adoption of new technology and the growing professionalisation of cyber-crime have made it easier than ever to be a profitable crook online.

Even so, cyber-crime ranks behind government corruption and narcotics trafficking for annual cost to the world, according to the International Monetary Fund. “Cyber-crime also leads in the risk-to-payoff ratio,” the authors of the report wrote. 

“It is a low risk crime that provides high payoffs. A smart cyber-criminal can make hundreds of thousands, even millions of dollars with almost no chance of arrest or jail. When you think of big cyber-crimes, from Target to SWIFT to Equifax, none of the perpetrators have been prosecuted to date. 
“Law enforcement agencies can be aggressive and skillful in pursuing cyber-criminals, but many operate outside their reach. This is one reason why the cost of cyber-crime continues to grow.”

Plenty of Targets

The report’s authors estimate that more than 2 billion people, about two-thirds of the people online today, have had personal information stolen or compromised by hackers. As the number of people online grow, the number of compromises is poised to rise as well because new users usually come from low-income nations with systemic cyber-security problems.
East Asia, Europe and North America see annual costs ranging from $120 billion to $200 billion each. Higher-income nations tend to be more frequently targeted but lower income nations are often more easily exploited.
Ransomware is spotlighted in the report as the fastest growing cyber-crime. In 2015, about $24 million in total ransoms was paid. In 2016, that number jumped to $1 billion, according to the FBI. In 2017, estimates put the total amount of ransom paid at $2 billion.

According to CSIS, the published research is intended to help governments and the public understand the costs of cyber-crime, a category of illegal activity that is notoriously opaque and difficult to understand.
“The more that governments understand what those costs are, the more likely they are to bring their laws and policies into line with preventing those sorts of losses,” Stewart A. Baker, a former senior NSA and DHS official, said at the release of the last CSIS report.

Almost Nothing Works

To that end, the report’s authors put eight countries under a microscope to study the unique impact of cyber-crime on each nation.

“The most disturbing thing we found is that whether a country takes significant efforts against cyber-crime or whether it does almost nothing, cyber-criminals will still be successful,” the report’s authors wrote.

The think tankers ended the report with recommendations including increased international law enforcement cooperation, improving mutual legal assistance treaties to request help across borders and up-to-date and standardised laws around the world.

There are numerous “state sanctuaries” called out in the report. Russia, North Korea and Brazil are pointed to as world capitals, for various reasons, of cybercrime that need painful but temporary penalties to pressure for change, according to CSIS. Otherwise, there’s no reason the problem won’t continue to grow.

“There was a recent claim by a law enforcement official saying, oh if we see an attack from such-and-such country then we don’t even bother investigating,” McAfee’s Samani said. 
“You, kind of think to yourself, ‘That’s insane.’ We’re going to have to start small and ensure there is a global, collaborative agreement between law enforcement to work together as fast as possible. It’s crucial.”

Cyberscoop

You Might Also Read: 

Cybercrime: £130bn Stolen From Consumers In 2017:

FBI's Ability To Disrupt Cybercrime Has  Deteriorated:

British Banks Are Hiding Cyber Attacks:

« Discover Hidden Cybersecurity Talent
Eight Reasons Why Facebook Has Peaked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Information Security Group (ISG) - Royal Holloway

Information Security Group (ISG) - Royal Holloway

The Information Security Group, Royal Holloway, University of London, is an Academic Centres of Excellence in Cyber Security Research.

Vaddy

Vaddy

Vaddy provide an automatic web vulnerability scanner for DevOps that performs robust security checks to ensure that web app code is secure.

Indeed

Indeed

Indeed is a worldwide employment-related search engine for job listings covering job types in all industries, including cybersecurity.

FutureCon Events

FutureCon Events

FutureCon produces cutting edge events aimed for Senior Level Professionals working in the security community, bringing together the best minds in the industry for a unique cybersecurity event.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

Mindsight

Mindsight

Mindsight is a technology consulting firm with expertise from cybersecurity to cloud, disaster recovery to infrastructure, and collaboration to contact center.

SnapAttack

SnapAttack

SnapAttack is a collaborative platform that empowers your security team to stay ahead of threats, create robust behavioral analytics for your existing tools, and prove your program's effectiveness.

Appurity

Appurity

Appurity specialises in mobile and application security, delivering comprehensive solutions across all verticals.

Cybersecurity Dubai

Cybersecurity Dubai

Protect your business from cyber-attacks with Cybersecurity Dubai, your partner in online security solutions.

OneCollab

OneCollab

OneCollab, your unwavering ally in the dynamic landscape of IT services and cybersecurity.

Cytidel

Cytidel

Cytidel is a vulnerability and risk management platform that utilises threat and business intelligence to help IT Security teams.

Athena7

Athena7

Athena7 is a dedicated assessment practice committed to helping organizations understand how their infrastructure, backups, and security controls will withstand the latest threat actor tactics.

CIP Cyber

CIP Cyber

CIP Cyber is an online learning community with a mission of connecting, training, and certifying cybersecurity professionals to protect critical infrastructure.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.