Reports: Threats More Sophisticated, More Costly Than Ever

Cybercrime has become a cottage industry, and companies are feeling it in their bank accounts, researchers say

Tim Wilson, Editor in Chief, Dark Reading, Contributor

September 19, 2007

4 Min Read
Dark Reading logo in a gray background | Dark Reading

Computer crime is becoming good business, and the crooks are becoming increasingly efficient at what they do. The net result: Each attack is hitting victims harder, both in the data center and on the bottom line.

These are some of the takeaways from four major studies published in the last few days by some of the best-known researchers in the industry: the Computing Technology Industry Association (CompTIA), the Computer Security Institute (CSI), IBM's X-Force security research unit, and Symantec.

The four reports, each offering a separate view on the state of information security, agree on several trends that are shaping the evolution of cybercrime.

The IBM report and the Symantec study, for example, suggest that attacks are becoming increasingly sophisticated.

Symantec found an increase in the number of attacks that use complex toolkits, such as MPack, as well as an increase in multi-staged attacks, in which an attacker deploys an exploit to lay the groundwork for future attacks. (See Cyber Criminals Become More Professional.)

"The Internet threats we are currently tracking demonstrate that hackers are... making cybercrime their actual profession, and they are employing business-like practices to successfully accomplish this goal," said Arthur Wong, senior vice president for Symantec's Security Response and Managed Services unit.

IBM's study confirms both the increase in sophistication of attacks and the increasing commercialization of cybercrime. IBM's X-Force unit has identified more than 210,000 new samples of malware so far this year -- more than it found all of last year -- and an increasing instance of Trojan-type attacks suggests that the malware is becoming more complex and difficult to detect, the researchers say.

IBM also has detected an increase in the trend toward selling "exploits as a service," in which cybercriminals offer support as well as code. The latest trend is "exploit leasing," in which attackers test exploitation techniques with a smaller customer base and a smaller initial investment before attempting to broadly market their discoveries. (See IBM X-Force Report: Exploit-Leasing Popular.)

As cybercrime becomes increasingly more lucrative and professional, there is a corresponding increase in the effectiveness of each exploit, according to the studies. CompTIA's report indicates that the average severity level of a security breach has nearly doubled in the past 12 months, growing from 2.6 to 4.8 on a 10-point scale.

"This suggests that while the number of security breaches has stabilized, the breaches that are occurring are having a greater impact than ever on organizations," said Brian McCarthy, chief operating officer at CompTIA.

According to the CompTIA study, the average cost of a security breach now stands at $369,388. This figure is skewed by handful of companies who reported breach costs in excess of $10 million, CompTIA observes; about half of the respondents said their cost per breach in the last year was $10,000 or less. (See Severity Level of Breaches on the Rise.)

The Computer Security Institute study confirms that while the number of security breaches continues to grow slowly, the cost of those breaches is growing rapidly. The number of companies reporting 10 or more incidents grew from 9 percent in CSI's 2006 study to 26 percent in the 2007 study. (See Nokia Siemens in Talks to Buy Atrica.)

Perhaps more importantly, the cost of security breaches has more than doubled in the past 12 months, according to the CSI study. While breaches cost organizations an average of $168,000 in the 2006 report, 2007 respondents reported average losses of $350,424. (See Annual CSI Study: Cost of Cybercrime Is Skyrocketing.)

And the trend toward more numerous and more sophisticated attacks isn't limited to the enterprise. Distributed denial of service (DDOS) attacks are rising in the ISP space, and developments in botnet technology are making these emerging threats even harder to combat, according to a survey published earlier this week by Arbor Networks. (See Report: Attacks on ISP Nets Intensifying.)

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author

Tim Wilson, Editor in Chief, Dark Reading

Contributor

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights