The Biggest International Cybercime Offenders

Cyber criminals at the top level are as technologically sophisticated as the most advanced IT companies and like them, have moved quickly to adopt cloud computing, artificial intelligence, Software-as-a-Service and encryption. 

Cybercrime remains far too easy, since many technology users fail to take the most basic protective measures, and many technology products lack adequate defenses. 

Cybercrime also leads in the risk-to-payoff ratio. It is a low risk crime that provides high payoffs. A smart cyber-criminal can make hundreds of thousands, even millions of dollars with almost no chance of arrest or jail. 

Criminal activity on the internet is much broader than cybercrime as essentially all elements of human criminal activity have moved into cyberspace. A senior British official reported, for example, that half of all reported crime in the UK is cyber-related. 

Over the last 20 years, we have seen cybercrime become professionalised and sophisticated. Cybercrime is a business with flourishing markets offering a range of tools and services for the criminally inclined. 

The most important area for the cost of cybercrime is in the theft of intellectual property and business confidential information. Internet connectivity has opened a vast terrain for cybercrime, and IP theft goes well beyond traditional areas of interest to governments, such as military technologies. One way to measure the cost of intellectual property theft is to look for competing products that take market share from the rightful owners. If hackers steal intellectual property, such as product designs, from a small or medium-size enterprise, it can be a fatal experience. 

For big companies, it can be an unexpected source of revenue lost as competing products enter the market. The theft of intellectual property accounts for at least a quarter of the cost of cybercrime and, when it involves military technology, creates risks to national security as well. 

These losses can often be invisible to the victim. They still have access to the IP that has been copied by the criminals and may attribute a decline in revenue to growing competition rather than theft. As much as $600 Billion is lost annually to cyber-crime as attackers are becoming increasingly sophisticated in their approach, adopting new technologies and leveraging black markets and digital currencies. 

A few countries, however, stand out as the most active sources of attacks in cyberspace. 
According to a Report produced by the Center for Strategic and International Studies (CSIS), a think tank based in Washington, 2018 was an active year for cyberattacks, with more than 100 significant incidents occurring in the past year. 

Looking at publicly available data on cyber-espionage and warfare but excluding cybercrime, the CSIS study reveals that China and Russia have been the largest source of attacks in cyberspace since 2006. In December of 2018 alone, four major incidents were reported involving China, while three involved Russia.

  • From 2006 to 2018, China was involved in 108 cyber incidents with losses of more than $1 million each, compromising communications across Europe, conducting cyber-espionage spying on 12 countries and stealing information from hundreds of millions of customers of a US hotel chain, according to the CSIS report. 

The CSIS report examined data on China, North Korea, Iran, India, Russia, the UK, the US, Germany, Australia, Japan, South Korea, Ukraine, Israel and France, with the rest of the world listed as a separate category. 

The study named the rest of the world as the third-worst offender, with 67 incidents. Next in the ranking came Iran with 44 incidents, and North Korea with 38. India was listed as guilty of 16 important cyber incidents from 2006 to 2018, while the US was accused of nine. 

Just two countries were identified as having not been the source of cyber-attacks in the past 12 years: Japan and Australia.
"Cyber-attacks are a global-phenomena, and it's only growing." says Kurt Baumgartner, principal security researcher in the Global Research and Analysis Team at Kaspersky Lab. 

"There are hot spots in the world that both source cyber activity and attract that activity, and (this) is only growing to the point that more and more nations are budgeting offensive cyber-security operations."

The CSIS report found the "rest of world" category was the victim of no fewer than 165 incidents from 2006 to 2018, while US government agencies, defense and tech companies, and other entities were the target of 117 cyberattacks with losses of more than $1 million each. There have been 35 major cyber incidents targeting India and 34 targeting South Korea. China was attacked 25 times in major cyber incidents from 2006 to 2018, according to the report, including one involving an Indian group hacking Chinese government agencies and research institutions. 

The United Kingdom also reported 25 important cyberattacks, including one reported in May 2018 that had targeted its electric utility networks since 2017. In Israel, 24 important cyberattacks have occurred since 2006, while Ukraine saw 23. 
Russia was the victim 16 major cyberattacks in the past 12 years, the report said, with that figure including an attack by a state-sponsored Middle Eastern hacking group that targeted a Russian oil company with operations in Pakistan, Russia, Saudi Arabia, Turkey and North America.

Experts warn that regardless of the type, cyberattacks come at a great cost economically and in public regard. Organisations that expose users to such attacks are more likely to lose their customer's trust, while cyber-crimes may also deter those interested in investing in new technologies. 

"Over the past decade we've seen all sort of cybersecurity challenges and issues and they range anywhere from massive financial crime, sometimes performed on behalf of groups that are known to be sponsored and associated with state-owned groups, to events that affect people's daily lives," says Baumgartner. 

"It's a huge problem when money is just flushing around because of cybersecurity issues." 

USNews:          Mcafee:

You Might Also Read:

Australian Defence Chief Issues Cybercrime Warning:

Cyber Criminals Are Aiming At Business:

 

« Metro Bank Hacked
Please Login Or Sign Up »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

WhiteHat Security

WhiteHat Security

WhiteHat’s products enable customers to “Hack Yourself First” so that they gain a greater understanding of the actual risk to their business.

Continuity Shop

Continuity Shop

Continuity Shop provides training and consultancy in Business Continuity and Information Security to some of the world's biggest organisations.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

CSA Events

CSA Events

Cloud Security Alliance conducts a series of conferences around the world. This listing provides a link to details of upcoming events.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

Salt Communications

Salt Communications

Salt communications is a global leader in secure communications. Our bespoke platform is the secure communications solution that uniquely gives complete control to our customers.

limes datentechnik

limes datentechnik

limes datentechnik is an authority in the fields of cryptography and data compression. The FLAM product family is an internationally accepted standard for efficient and safe handling of data.

Myra Security

Myra Security

The fully automated Myra DDoS Protection reliably protects web applications, websites, DNS servers, and IT infrastructures.

iProov

iProov

iProov delivers authentication and verification simply and securely, based on a genuine one-time biometric.

CyberQ Group

CyberQ Group

CyberQ is an award winning cyber security consultancy and services provider and an innovator in Artificial Intelligence and Automated Cyber Security.

IEEE Cyber Science and Technology Congress (CyberSciTech)

IEEE Cyber Science and Technology Congress (CyberSciTech)

CyberSciTech provides a platform for scientists, researchers, and engineers to share their latest ideas and advances in the broad scope of cyber-related science, technology, and application topics.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

Nanitor

Nanitor

Nanitor is a powerful cybersecurity management platform focusing on hardening security fundamentals across your global IT infrastructure.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.

Oasis Security

Oasis Security

Oasis is the market leading platform for non-human identity management. Our mission is to fortify cybersecurity defenses by enabling enterprises to efficiently secure non-human identities.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.