Cybercrime Costs Over $600 Billion Annually

Uploaded on 2018-02-26 in NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cybercrime and espionage have caused more than $600 billion worth of damage annually in recent years, according to some new estimates from the US think tank Center for Strategic and International Studies (CSIS) and American cybersecurity firm McAfee.

“When we talk about impact of cybercrime, really it’s an economic impact with significant ramifications toward things like jobs, opportunity, investment, innovation,” said Raj Samani, McAfee’s chief scientist. “The objective is to change the discussion from this-country-does-that to how cyber-crime impacts all of us, why it matters and how to address it.”

The total cost is rising.

A 2014 estimate from CSIS put the annual cost of hacking at around $500 billion. Increasingly sophisticated hacking tools, the quick adoption of new technology and the growing professionalisation of cyber-crime have made it easier than ever to be a profitable crook online.

Even so, cyber-crime ranks behind government corruption and narcotics trafficking for annual cost to the world, according to the International Monetary Fund. “Cyber-crime also leads in the risk-to-payoff ratio,” the authors of the report wrote. 

“It is a low risk crime that provides high payoffs. A smart cyber-criminal can make hundreds of thousands, even millions of dollars with almost no chance of arrest or jail. When you think of big cyber-crimes, from Target to SWIFT to Equifax, none of the perpetrators have been prosecuted to date. 
“Law enforcement agencies can be aggressive and skillful in pursuing cyber-criminals, but many operate outside their reach. This is one reason why the cost of cyber-crime continues to grow.”

Plenty of Targets

The report’s authors estimate that more than 2 billion people, about two-thirds of the people online today, have had personal information stolen or compromised by hackers. As the number of people online grow, the number of compromises is poised to rise as well because new users usually come from low-income nations with systemic cyber-security problems.
East Asia, Europe and North America see annual costs ranging from $120 billion to $200 billion each. Higher-income nations tend to be more frequently targeted but lower income nations are often more easily exploited.
Ransomware is spotlighted in the report as the fastest growing cyber-crime. In 2015, about $24 million in total ransoms was paid. In 2016, that number jumped to $1 billion, according to the FBI. In 2017, estimates put the total amount of ransom paid at $2 billion.

According to CSIS, the published research is intended to help governments and the public understand the costs of cyber-crime, a category of illegal activity that is notoriously opaque and difficult to understand.
“The more that governments understand what those costs are, the more likely they are to bring their laws and policies into line with preventing those sorts of losses,” Stewart A. Baker, a former senior NSA and DHS official, said at the release of the last CSIS report.

Almost Nothing Works

To that end, the report’s authors put eight countries under a microscope to study the unique impact of cyber-crime on each nation.

“The most disturbing thing we found is that whether a country takes significant efforts against cyber-crime or whether it does almost nothing, cyber-criminals will still be successful,” the report’s authors wrote.

The think tankers ended the report with recommendations including increased international law enforcement cooperation, improving mutual legal assistance treaties to request help across borders and up-to-date and standardised laws around the world.

There are numerous “state sanctuaries” called out in the report. Russia, North Korea and Brazil are pointed to as world capitals, for various reasons, of cybercrime that need painful but temporary penalties to pressure for change, according to CSIS. Otherwise, there’s no reason the problem won’t continue to grow.

“There was a recent claim by a law enforcement official saying, oh if we see an attack from such-and-such country then we don’t even bother investigating,” McAfee’s Samani said. 
“You, kind of think to yourself, ‘That’s insane.’ We’re going to have to start small and ensure there is a global, collaborative agreement between law enforcement to work together as fast as possible. It’s crucial.”

Cyberscoop

You Might Also Read: 

Cybercrime: £130bn Stolen From Consumers In 2017:

FBI's Ability To Disrupt Cybercrime Has  Deteriorated:

British Banks Are Hiding Cyber Attacks:

« Discover Hidden Cybersecurity Talent
Eight Reasons Why Facebook Has Peaked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

VMworld

VMworld

VMworld is a global conference for virtualization and cloud computing, including associated security issues.

Foundation for Strategic Research (FRS)

Foundation for Strategic Research (FRS)

The Foundation for Strategic Research is France's main independent think tank on strategic, defense and security issues. Cyber security is covered as part of the study areas.

Intrinsic-ID

Intrinsic-ID

Intrinsic-ID's authentication technology creates unique IDs and keys to authenticate chips, data, devices and systems.

FAMOC

FAMOC

FAMOC is an enterprise mobile management solution that delivers comprehensive security and management for applications, documents, email, and mobile devices.

Security Brigade

Security Brigade

Security Brigade is an information security firm specializing in Penetration Testing, Vulnerability Assessment, Web-application Security and Source Code Security Audit.

Clusit

Clusit

Clusit is the Italian Association for Information Security, a nonprofit organization devoted to promoting every aspect of information security.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

SecuTech Solutions

SecuTech Solutions

SecuTech is a global leader in providing strong authentication and software licensing management solutions.

Core Security

Core Security

Core Security provides threat-aware identity, access, authentication and vulnerability management solutions.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

THEC-Incubator

THEC-Incubator

THEC-Incubator program is designed for international and ambitious tech startups in the Netherlands. Areas of focus include Blockchain and Cyber Security.

Focal Point

Focal Point

We aspire to be the focal point for Medium and Small size companies providing 24/7 cyber security advice, services and solutions.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.