The old saying that “crime doesn't pay” doesn't seem to apply to cybercrime. It pays for cybercriminals and it costs businesses a great deal of money.
Cybercrime costs businesses close to $600 billion, or 0.8 percent of global GDP, according to a report from McAfee and the Center for Strategic and International Studies, a Washington, D.C.-based think tank. The $600 billion figure is up from costs of about $445 billion that the pair calculated in 2014. The new study, “Economic Impact of Cybercrime – No Slowing Down,” attributes the growth over three years to several factors.
First, cybercriminals have quickly adopted new technologies. It's also easier to engage in cybercrime, the report notes. And top-tier cybercriminals have become more financially sophisticated.
Ransomware is the fastest growing cybercrime tool, the report says, with more than 6,000 online criminal marketplaces and Ransomware as a Service gaining in popularity. Cybercrime as a service has become more sophisticated, with "flourishing markets offering a broad diversity of tools and services such as exploit kits, custom malware and botnet rentals," according to a statement from McAfee and CSIS.
Banks remain the favorite target of cybercriminals, the report says, and nation-states are the most dangerous source of cybercrime. Russia, North Korea and Iran are the most active in hacking financial institutions, while China is the most active in cyber espionage, according to the report.