A new report has been released that shows there has been a massive rise in the global cost of cybercrime, highlighting the seriousness of the threat from hackers and scammers. 2017 global cybercrime costs exceeded $600 billion, according to the McAfee report. That represents a 20% increase since 2014, when the global cybercrime costs were calculated to be around $500 billion. The current global cybercrime costs equate to 0.8% of global GDP.
The report shows that in spite of increases in cybersecurity spending, hackers and scammers are still managing to breach organizations’ defenses and gain access to sensitive data, login credentials, corporate bank accounts, and intellectual property.
Accurately Determining the Global Cost of Cybercrime
Any calculation of global cybercrime costs involves some margin of error, as the figures cannot be totally based on reported losses by businesses. Many companies do not disclose details of data breaches, and even fewer publish information of the financial impact of cyberattacks. When details about financial losses are published, typically only a fraction of the losses are reported. In many cases the losses are not known until many years after the event. It is therefore difficult to obtain a true picture of the losses due to cybercrime because of the shortage of data.
To try to gain an accurate picture of the total cost of cybercrime, McAfee had to turn to the same modelling techniques used by government agencies to determine the costs of criminal activities such as drug trafficking, prostitution, maritime piracy, and organizational crime groups.
McAfee is not the only company to make these predictions. Compared to some reports the figures from McAfee seem quite conservative. The true cost could be considerably higher.
Factors Contributing to the Increase in Losses
McAfee reports that several factors have contributed to the large increase in cybercrime costs over the past few years. The growth in popularity of ransomware has played a part. Ransomware has proved to be a particularly plump cash cow, allowing cybercriminals to rake in millions by extorting companies. The anonymity of cryptocurrencies has helped these cybercriminal gangs obtain payments without detection, while the use of TOR has helped the gangs stay under the radar of law enforcement agencies.
Ransomware-as-a-service has also boosted profits for cybercriminals. The increase in the number of individuals conducting attacks has made it possible to increase the scale of operations and distribute the malicious code more effectively. State-sponsored hacks have also increased, including attacks aimed at sabotaging businesses and critical infrastructure as well as major heists that have seen millions of dollars stolen.
McAfee cites research showing around 300,000 new malware samples are now being identified on a daily basis, while data breaches are exposing a staggering 780,000 records a day.
Personal records can sell for big bucks on darknet forums; however, one of the biggest costs is the theft of intellectual property, which McAfee estimates has resulted in at least 25% of the annual losses to cybercrime. When patented processes are obtained, the benefits of millions in research and development is lost and companies can lose their competitive advantage.
One thing is clear from the report. With global cybercrime costs rising, and the sophistication and frequency of attacks increasing, companies have little alternative than to invest more in cybersecurity and develop more sophisticated defenses.