Cybercrimes cost firms $600 billion last year: McAfee report
New Delhi: In the last three years, costs incurred by businesses across the world due to cybercrimes have gone up from $445 billion in 2014 to $600 billion by the end of 2017.
This cost, which was around 0.7% of global GDP in 2014, is now around 0.8% of global GDP, said a report released on Thursday by McAfee, a cybersecurity company, in partnership with the Center for Strategic and International Studies (CSIS).
Quick adoption of new technologies by cybercriminals, increased number of new users online (usually from low-income countries with weak cyber security), increased ease of committing cybercrimes, growing financial sophistication of top-tier cybercriminals and expanding number of cybercrime centres have been identified as reasons for growth in costs of cybercrimes by the report.
The report titled Economic Impact of Cybercrime—No Slowing Down identifies India as one of the emerging cybercrime centres along with other countries like North Korea, Brazil and Vietnam.
“The $600 billion cybercrime figure reflects the extent to which our technological accomplishments have transformed the criminal economy as dramatically as they have every other portion of our economy,” said Steve Grobman, chief technology officer at McAfee.
The report measures cybercrimes in North America, Europe and Central Asia, East Asia and the Pacific, South Asia, Latin America and the Caribbean, Sub-Saharan Africa, and the Middle East and North Africa.
Cybercrime losses are greater in richer countries. However, the countries with the greatest losses (as a percentage of national income) are mid-tier nations that are digitized but not yet fully capable in cybersecurity, it said.
According to the report, ransomware is the fastest growing cybercrime. “Until 2015, ransomware campaigns were typically run by organized crime groups that wrote their own code. From 2012 to 2015, 33 new ransomware offerings were released, but that number doubled in 2016, with 70 new families of ransomware products made available,” it said.
However, the most important area in terms of the cost of cybercrime is the theft of intellectual property and confidential business information.
“The theft of intellectual property accounts for at least a quarter of the cost of cybercrime and, when it involves military technology, creates risks to national security as well,” the report stated.
The report also highlights that banks remain the favourite target of skilled cybercriminals.
“Our research bore out the fact that Russia is the leader in cybercrime, reflecting the skill of its hacker community and its disdain for western law enforcement. North Korea is second in line, as the nation uses cryptocurrency theft to help fund its regime,” said James Lewis, senior vice president at CSIS.
The report also suggests some steps to reduce the cost of cybercrime such as greater standardization (threat data) and coordination of cybersecurity, particularly in key sectors like finance, uniform implementation of basic security measures (like regular updating and patching and open security architectures) and investment in defensive technologies.
However, it also states that the data on cybercrime remains poor because of underreporting and a surprising laxness in most government efforts around the world to collect data on cybercrime.