Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/9/2020
08:40 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Global Cybercrime Losses Cross $1 Trillion Mark

A shift from attackers targeting individual systems to entire organizations is pushing up cost of cyberattacks sharply, McAfee says.

Security industry estimates of global cybercrime losses tend to vary quite widely, and sometimes the projections can be startling in terms of magnitude. But the data still helps lend some broad perspective to the mushrooming nature of cybercrime.

Such is the case with the latest cybercrime loss estimates from McAfee.

Related Content:

Cybercrime May Be the World's Third-Largest Economy by 2021

The Changing Face of Threat Intelligence

New on The Edge: BECs and EACs: What's the Difference?

According to the company, a study it conducted along with the Center for Strategic and International Studies (CSIS) shows cybercrime cost the world economy in excess of $1 trillion in 2019. That staggering figure — and there have been even higher previous estimates — represents a 50% increase from a 2018 study, which pegged global cybercrime losses at around $600 billion.

The study found that in addition to direct financial losses, more than nine in 10 organizations that experience a significant cyber event also have to contend with significant unplanned downtime, business disruption, and damage to their reputation and brand.

"The analysis that CSIS did, showing that [cybercrime losses] is in the trillion-dollar range, was alarming," says Steve Grobman, chief technology officer at McAfee. "That is a good indicator that we need to dial up defensive measures more aggressively."

This is especially true for organizations in industries that are usually considered relatively safe from cyberattacks, Grobman says.

McAfee and CSIS's cybercrime loss estimates counted a variety of costs they say organizations incur after a major security incident. Costs include those involved in detecting, mitigating, and responding to a breach, notifying victims, and implementing remedial measures. Also included are a variety of other costs that organizations do not always consider when evaluating the financial impact of a security incident, says Grobman. Examples include costs associated with lost and missed business opportunities, business disruption and downtime, productivity losses, and damage to the brand.

A survey of 1,500 IT business decision makers McAfee commissioned as part of the study found organizations experienced 18 hours of downtime, on average, following a major security incident. The survey found the average cost to organizations was more than $500,000 per incident. Financially motivated cyberattacks and IP theft accounted for at least 75% of the cybercrime losses organizations experienced last year, according to McAfee.

The data shows how constantly evolving adversary tactics is worsening the impact of cyberattacks for many organizations, Grobman says. In the past, attackers used to target individual devices and systems; now they have now switched to targeting the entire organization.

"One of the things we see today is cybercriminals entering an organization likely by finding credentials on the Dark Web, using a malware implant to create a back door, and then have human operators enter the company's environment," Grobman says.

Shift in Targeting
The goal is often to move laterally and find high-value targets and assets they can then target with ransomware and other malware to create most damage. Even the nature of ransomware attacks has changed from attacks seeking ransoms for encrypted data to attacks that hold entire factories and businesses to ransom. Many of these attacks are the work of sophisticated nation-state-backed threat actors, Grobman says.

The shift from attacks targeting systems and devices to attacks targeting the whole enterprise has exposed weaknesses in incident detection and response capabilities and made cyberattack costlier overall for many organizations. Previously, mitigating an attack often involved removing malware from an infected system or systems and, in drastic scenarios, reimaging them from scratch.

The survey shows that organizations take an average of 19 hours to move from initial incident discover to remediation. Less than 20% of organizations have the resources to be able to handle a security incident internally. The remaining has to hire a third party to come in and help remediate fall out from a cyberattack — another factor driving up the costs associated with cybercrime.

"One important takeaway is that cybersecurity defense is no longer something that only specific sectors have to make a top priority,'" Grobman says. There are a lot of other industries that are part of a broader supply chain — logistics and shipping companies, for instance — that need to make cybersecurity a top investment priority, he says.

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32716
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-U...
CVE-2021-32717
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 private files publicly accessible with Cloud Storage providers when the hashed URL is known. Users are recommend to first change their configuration to set the correct visibility according to the documentation. The visibilit...
CVE-2021-32712
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview.
CVE-2021-32713
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 suffer from an authenticated stored XSS in administration vulnerability. Users are recommend to update to the version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview.
CVE-2021-32710
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below 6.3.5.2. We recommend to update to the current version 6.3.5.2. You can get the update to 6.3.5.2 regularly via the Auto-Updater or directly via the download overview. For older versions o...