Key Findings From “The Economic Impact of Cybercrime” Report
Today endpoint security solution provider McAfee, in collaboration with the Center for Strategic and International Studies (CSIS), released their global study on the financial consequences of cybercrime: “Economic Impact of Cybercrime—No Slowing Down.”
The report is a comprehensive look at the total losses hackers inflict on the world. By McAfee’s current estimation, that total loss is $600 billion—a significant jump from a 2014 study that estimated cybercrime losses at $445 billion. Cybercrime no constitutes a .059% to .8% loss of global GDP; in North America those losses constitute 0.69% to 0.87%
In a statement, McAfee’s Chief Technology Officer Steve Grobman said “The digital world has transformed almost every aspect of our lives, including risk and crime, so that crime is more efficient, less risky, more profitable and has never been easier to execute. Consider the use of ransomware, where criminals can outsource much of their work to skilled contractors. Ransomware-as-a-service cloud providers efficiently scale attacks to target millions of systems, and attacks are automated to require minimal human involvement.”
The key findings of McAfee’s report include:
- Banks remain the favorite target of cybercriminals, continuing a decade-long trend.
- A quarter of losses to cybercrime stem from theft of intellectual property or vital enterprise data.
- The estimated cost of the average data breach is $3.6 million, but the damage to a brand’s reputation may be far more extensive and lasting.
- Only a projected 13% of cybercrime is reported; the totals given here may in reality be much higher.
- High-end hackers are growing increasingly sophisticated, mimicking their innovations to match their enterprise targets; including cloud computing and AI.
- Hacking as a service, ransomware-as-a-service, and ransomware kits all speak to the increasing professionalization and organization of cybercrime threat actors.
According to the report, cybercrime is the third most lucrative criminal enterprise in the world behind government corruption and narcotics trafficking. They note, however, that no other criminal endeavor can match cybercrime’s relative ease, its ability to strike multiple targets at once, or its anonymity.
Indeed, most hackers operate outside the reach of their target’s law enforcement agencies. Combined with anonymizing software and services, it is no wonder that so many hackers go unpunished.
But it may not even be relevant, as the report finds that the most dangerous cybercrime actors aren’t individuals but nation-states. James Lewis, senior vice president at CSIS, said in his own statement: “Our research bore out the fact that Russia is the leader in cybercrime, reflecting the skill of its hacker community and its disdain for western law enforcement. North Korea is second in line, as the nation uses cryptocurrency theft to help fund its regime, and we’re now seeing an expanding number of cybercrime centers, including not only North Korea but also Brazil, India and Vietnam.”
McAfee’s report paints a grim picture: cybercrime will only continue to rise in both severity and in proliferation. The ease of attacking the incredibly vulnerable internet of things and more sophisticated tools for creating malware such as AI are creating opportunities hackers can’t pass up. And if the research proves anything, it’s that they won’t.
You can read the full report here.