Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/9/2020
08:40 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Global Cybercrime Losses Cross $1 Trillion Mark

A shift from attackers targeting individual systems to entire organizations is pushing up cost of cyberattacks sharply, McAfee says.

Security industry estimates of global cybercrime losses tend to vary quite widely, and sometimes the projections can be startling in terms of magnitude. But the data still helps lend some broad perspective to the mushrooming nature of cybercrime.

Such is the case with the latest cybercrime loss estimates from McAfee.

Related Content:

Cybercrime May Be the World's Third-Largest Economy by 2021

The Changing Face of Threat Intelligence

New on The Edge: BECs and EACs: What's the Difference?

According to the company, a study it conducted along with the Center for Strategic and International Studies (CSIS) shows cybercrime cost the world economy in excess of $1 trillion in 2019. That staggering figure — and there have been even higher previous estimates — represents a 50% increase from a 2018 study, which pegged global cybercrime losses at around $600 billion.

The study found that in addition to direct financial losses, more than nine in 10 organizations that experience a significant cyber event also have to contend with significant unplanned downtime, business disruption, and damage to their reputation and brand.

"The analysis that CSIS did, showing that [cybercrime losses] is in the trillion-dollar range, was alarming," says Steve Grobman, chief technology officer at McAfee. "That is a good indicator that we need to dial up defensive measures more aggressively."

This is especially true for organizations in industries that are usually considered relatively safe from cyberattacks, Grobman says.

McAfee and CSIS's cybercrime loss estimates counted a variety of costs they say organizations incur after a major security incident. Costs include those involved in detecting, mitigating, and responding to a breach, notifying victims, and implementing remedial measures. Also included are a variety of other costs that organizations do not always consider when evaluating the financial impact of a security incident, says Grobman. Examples include costs associated with lost and missed business opportunities, business disruption and downtime, productivity losses, and damage to the brand.

A survey of 1,500 IT business decision makers McAfee commissioned as part of the study found organizations experienced 18 hours of downtime, on average, following a major security incident. The survey found the average cost to organizations was more than $500,000 per incident. Financially motivated cyberattacks and IP theft accounted for at least 75% of the cybercrime losses organizations experienced last year, according to McAfee.

The data shows how constantly evolving adversary tactics is worsening the impact of cyberattacks for many organizations, Grobman says. In the past, attackers used to target individual devices and systems; now they have now switched to targeting the entire organization.

"One of the things we see today is cybercriminals entering an organization likely by finding credentials on the Dark Web, using a malware implant to create a back door, and then have human operators enter the company's environment," Grobman says.

Shift in Targeting
The goal is often to move laterally and find high-value targets and assets they can then target with ransomware and other malware to create most damage. Even the nature of ransomware attacks has changed from attacks seeking ransoms for encrypted data to attacks that hold entire factories and businesses to ransom. Many of these attacks are the work of sophisticated nation-state-backed threat actors, Grobman says.

The shift from attacks targeting systems and devices to attacks targeting the whole enterprise has exposed weaknesses in incident detection and response capabilities and made cyberattack costlier overall for many organizations. Previously, mitigating an attack often involved removing malware from an infected system or systems and, in drastic scenarios, reimaging them from scratch.

The survey shows that organizations take an average of 19 hours to move from initial incident discover to remediation. Less than 20% of organizations have the resources to be able to handle a security incident internally. The remaining has to hire a third party to come in and help remediate fall out from a cyberattack — another factor driving up the costs associated with cybercrime.

"One important takeaway is that cybersecurity defense is no longer something that only specific sectors have to make a top priority,'" Grobman says. There are a lot of other industries that are part of a broader supply chain — logistics and shipping companies, for instance — that need to make cybersecurity a top investment priority, he says.

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...