The Biggest International Cybercime Offenders

Cyber criminals at the top level are as technologically sophisticated as the most advanced IT companies and like them, have moved quickly to adopt cloud computing, artificial intelligence, Software-as-a-Service and encryption. 

Cybercrime remains far too easy, since many technology users fail to take the most basic protective measures, and many technology products lack adequate defenses. 

Cybercrime also leads in the risk-to-payoff ratio. It is a low risk crime that provides high payoffs. A smart cyber-criminal can make hundreds of thousands, even millions of dollars with almost no chance of arrest or jail. 

Criminal activity on the internet is much broader than cybercrime as essentially all elements of human criminal activity have moved into cyberspace. A senior British official reported, for example, that half of all reported crime in the UK is cyber-related. 

Over the last 20 years, we have seen cybercrime become professionalised and sophisticated. Cybercrime is a business with flourishing markets offering a range of tools and services for the criminally inclined. 

The most important area for the cost of cybercrime is in the theft of intellectual property and business confidential information. Internet connectivity has opened a vast terrain for cybercrime, and IP theft goes well beyond traditional areas of interest to governments, such as military technologies. One way to measure the cost of intellectual property theft is to look for competing products that take market share from the rightful owners. If hackers steal intellectual property, such as product designs, from a small or medium-size enterprise, it can be a fatal experience. 

For big companies, it can be an unexpected source of revenue lost as competing products enter the market. The theft of intellectual property accounts for at least a quarter of the cost of cybercrime and, when it involves military technology, creates risks to national security as well. 

These losses can often be invisible to the victim. They still have access to the IP that has been copied by the criminals and may attribute a decline in revenue to growing competition rather than theft. As much as $600 Billion is lost annually to cyber-crime as attackers are becoming increasingly sophisticated in their approach, adopting new technologies and leveraging black markets and digital currencies. 

A few countries, however, stand out as the most active sources of attacks in cyberspace. 
According to a Report produced by the Center for Strategic and International Studies (CSIS), a think tank based in Washington, 2018 was an active year for cyberattacks, with more than 100 significant incidents occurring in the past year. 

Looking at publicly available data on cyber-espionage and warfare but excluding cybercrime, the CSIS study reveals that China and Russia have been the largest source of attacks in cyberspace since 2006. In December of 2018 alone, four major incidents were reported involving China, while three involved Russia.

  • From 2006 to 2018, China was involved in 108 cyber incidents with losses of more than $1 million each, compromising communications across Europe, conducting cyber-espionage spying on 12 countries and stealing information from hundreds of millions of customers of a US hotel chain, according to the CSIS report. 

The CSIS report examined data on China, North Korea, Iran, India, Russia, the UK, the US, Germany, Australia, Japan, South Korea, Ukraine, Israel and France, with the rest of the world listed as a separate category. 

The study named the rest of the world as the third-worst offender, with 67 incidents. Next in the ranking came Iran with 44 incidents, and North Korea with 38. India was listed as guilty of 16 important cyber incidents from 2006 to 2018, while the US was accused of nine. 

Just two countries were identified as having not been the source of cyber-attacks in the past 12 years: Japan and Australia.
"Cyber-attacks are a global-phenomena, and it's only growing." says Kurt Baumgartner, principal security researcher in the Global Research and Analysis Team at Kaspersky Lab. 

"There are hot spots in the world that both source cyber activity and attract that activity, and (this) is only growing to the point that more and more nations are budgeting offensive cyber-security operations."

The CSIS report found the "rest of world" category was the victim of no fewer than 165 incidents from 2006 to 2018, while US government agencies, defense and tech companies, and other entities were the target of 117 cyberattacks with losses of more than $1 million each. There have been 35 major cyber incidents targeting India and 34 targeting South Korea. China was attacked 25 times in major cyber incidents from 2006 to 2018, according to the report, including one involving an Indian group hacking Chinese government agencies and research institutions. 

The United Kingdom also reported 25 important cyberattacks, including one reported in May 2018 that had targeted its electric utility networks since 2017. In Israel, 24 important cyberattacks have occurred since 2006, while Ukraine saw 23. 
Russia was the victim 16 major cyberattacks in the past 12 years, the report said, with that figure including an attack by a state-sponsored Middle Eastern hacking group that targeted a Russian oil company with operations in Pakistan, Russia, Saudi Arabia, Turkey and North America.

Experts warn that regardless of the type, cyberattacks come at a great cost economically and in public regard. Organisations that expose users to such attacks are more likely to lose their customer's trust, while cyber-crimes may also deter those interested in investing in new technologies. 

"Over the past decade we've seen all sort of cybersecurity challenges and issues and they range anywhere from massive financial crime, sometimes performed on behalf of groups that are known to be sponsored and associated with state-owned groups, to events that affect people's daily lives," says Baumgartner. 

"It's a huge problem when money is just flushing around because of cybersecurity issues." 

USNews:          Mcafee:

You Might Also Read:

Australian Defence Chief Issues Cybercrime Warning:

Cyber Criminals Are Aiming At Business:

 

« Metro Bank Hacked
Please Login Or Sign Up »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

RCMP Cybercrime Strategy

RCMP Cybercrime Strategy

The RCMP Cybercrime Strategy sets out in an Operational Framework and Action Plan to combat cybercrime.

Optimum Insurance

Optimum Insurance

Optimum's Cyber Risk & Data Protection Insurance policies are designed to protect against cyber exposures that arise when a company’s data and customer information is breached or stolen.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

AppSec Labs

AppSec Labs

AppSec Labs specialise in application security. Our mission is to raise awareness in the software development world to the importance of integrating software security across the development lifecycle.

Lynx Technology Partners

Lynx Technology Partners

Lynx Technology Partners is a full service, full life-cycle risk-based security consulting firm.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

THEC-Incubator

THEC-Incubator

THEC-Incubator program is designed for international and ambitious tech startups in the Netherlands. Areas of focus include Blockchain and Cyber Security.

Enet 1 Group1

Enet 1 Group1

Enet 1 Group audits, assesses, recommends, and delivers tested solutions for the ever-increasing threats to your critical systems and digital assets

Stratejm

Stratejm

Stratejm, a Next Generation Managed Security Services Provider, brings innovation and thought leadership to the fight against cyber criminals.

Winterhawk

Winterhawk

Winterhawk is a specialist and leading global Cyber, ESG, GRC, Risk & Identity consulting practice.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

Rubrik

Rubrik

Rubrik helps enterprises achieve data control to drive business resiliency, cloud mobility, and regulatory compliance.

ImmuniWeb

ImmuniWeb

We Simplify, Accelerate and Reduce Costs of Security Testing, Protection and Compliance.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

AHAD

AHAD

AHAD provides cybersecurity, digital transformation, and risk management services and solutions to Government, Fortune 500, And Start-Up Companies in the Middle East region.

Sonet.io

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.