The cost of cybercrime is something that’s often the first thing the media latches onto when a major incident happens. When credit rating firm Equifax announced in 2017 that 143 million accounts had been compromised, media outlets led with the fact it was going to cost the company $4 billion. Similarly, in the midst of bitcoin’s value reaching record levels, mining site NiceHash saw $64 million in cryptocurrency stolen by hackers. Although the Slovenian company declined to elaborate on the nature of the breach, experts have warned that cybercriminals are now targeting the increasingly lucrative bitcoin market.
Ransomware Attacking Vulnerabilities on Two Levels
With the cost of attacks increasing, businesses have been forced to respond in kind by spending more money on protection. According to research by the Ponemon Institute and Accenture, major US companies are now spending, on average, $11.7 million on cybersecurity annually. That’s a 22.7% increase on the previous year and is a direct response to the 130 attacks that happen to companies, on average, every year. One of the leading causes of online security breaches this year was ransomware. Having previously cost companies $1 billion in 2016, the malicious software was behind two of 2017’s largest attacks.
Because ransomware exploits human vulnerabilities as well as technological ones, it’s seen as one of the biggest threats of today. Having the ability to prey on uninformed users through a combination of seemingly innocuous links, webpages and attachments mean that ransomware can quickly spread. Indeed, with an unaware user able to accidentally infect an entire network, it’s little wonder ransomware Petya and Shadow Brokers wreaked havoc in recent months. While the latter managed to infiltrate NSA systems, encrypt data and hold it up for ransom, the latter targeted healthcare and utility companies.
The Obvious and Not So Obvious Costs of Cybercrime
One of the worst hit by Petya was shipping giant Maersk. One of the largest shipping firms in the world, Maersk reported that the attack cost more than $300 million. However, despite Petya being used as a form of ransomware in other attacks, those behind it didn’t hold any data for ransom. In fact, what security experts suggested was that the aim was to simply wipe out important information. This, in practice, is the hidden cost of ransomware attacks. While companies are right to focus on an attacker’s obvious patterns i.e. infect, execute, encrypt and demand payment, operational costs are also at stake. With Maersk having to shut down a large part of its network, millions in lost revenue was adding up. In this respect, businesses are essentially fighting costs on two fronts.
As we move into 2018, the threat of cybercrime isn’t going to go away. Various security agencies have already said that ransomware attacks will continue to increase in the coming years, thanks in part to the success of recent attacks. Indeed, as well as holding large corporations to ransom, criminals now realize that there’s profit to be made from casual internet users. By demanding relatively small payments from thousands of users, even cybercriminals with a fairly rudimentary set-up can now make a quick buck. Overall, even with security spend increasing and technology improving, we’re likely to see the cost of cybercrime increase further over the coming months.