Risk
9/6/2012
05:52 AM
Tim Wilson
Tim Wilson
Quick Hits
Connect Directly
RSS
E-Mail
50%
50%

Global Cost Of Cybercrime: $110 Billion

Cybercrime cost U.S. consumers $20.7 billion in the past 12 months; cost per victim is down, Symantec says

Cybercrime cost consumers about $110 billion in the last 12 months, affecting more than 556 million people, according to a report published Wednesday.

According to the 2012 Norton Cybercrime Report, U.S. consumers absorbed some $20.7 billion of those costs. The study of some 13,000 adults in 24 countries, surveyed users on their experiences with cybercrime and their security practices.

"Every second, 18 adults become a victim of cybercrime, resulting in more than one-and-a-half million cybercrime victims each day on a global level," the study says. "With losses totaling an average of US $197 per victim across the world in direct financial costs, cybercrime costs consumers more than one week's worth of nutritious food necessities for a family of four."

Among U.S. respondents, 72% said they have experienced cybercrime in their lifetime, the study says. The average cost per cybercrime was higher in the U.S. than in most other countries, averaging $290.

More than a third of U.S. users (38 percent) say they don't use complex passwords or change their passwords frequently.

Compared to last year, the survey shows an increase in newer forms of cybercrime, such as those found on social networks or mobile devices, the report says. One in five online adults (21 percent) has been a victim of either social or mobile cybercrime, and 39% of social network users have been victims of social cybercrime, such as scams or hackers breaking into their profiles.

"While 75% of respondents believe that cybercriminals are setting their sights on social networks, less than half [44 percent] actually use a security solution that protects them from social network threats, and only 49% use privacy settings to control what information they share, and with whom," the study says.

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
@sanderiam
50%
50%
@sanderiam,
User Rank: Apprentice
9/17/2012 | 8:29:13 PM
re: Global Cost Of Cybercrime: $110 Billion
This is all about the consumer side, but there is plenty for organizations & enterprises to think about, too. Many of those people who use the same passwords all over the web in their consumer life use the very same ones at work. So each time a phisher or other cybercriminal gets one of those passwords, they only have to figure out where the person works (facebook? twitter? linkedin?), and then they can target those corporate assets as well.-

I would love to see numbers like these for the whole organizational and enterprise side, but the will to disclose that information on the part of the hacked is very low. Too bad...
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-4988
Published: 2014-07-09
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

CVE-2014-0207
Published: 2014-07-09
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

CVE-2014-0537
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-0539
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-3309
Published: 2014-07-09
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.