Part One
Cisco and Cybersecurity Ventures (CV) have officially made available to the press this year the special first annual edition of the Cybersecurity Almanac, a historic handbook containing the most pertinent statistics and information for tracking cybercrime and the cyber-security market.
Steve C. Morgan, founder and editor-in-chief of the prestigious Cybercrime Magazine, has called my attention on Tuesday that I incorrectly mentioned in my column, “Cybercrime worldwide to cost $6 trillion in two years,” that The Global Risks Report (2019) on cyber security came from the World Economic Forum (WEF) instead of the CV, the world’s most trusted source for cyber-security facts, figures and statistics.
“Cisco’s commitment to security and partnerships starts at the top, and it’s one of the reasons why we’re collaborating with them. At Cisco, security is foundational to everything we do,” said Chuck Robbins, chairman and CEO.
According to Robbins, last year Cisco blocked 7 trillion threats, or 20 billion threats a day, on behalf of customers.
Cisco and CV have compiled 100 of the most important facts, figures, statistics and predictions to help frame the global cybercrime landscape, and what the cybersecurity industry is doing to help protect governments, citizens and organizations globally.
Cybersecurity Ventures formulates their own ground-up research—“plus we vet, synthesize and repurpose research from the most credible sources” (analysts, researchers, associations, vendors, industry experts, media publishers)—to provide readers with a bird’s-eye view of the most dangerous cyber threats, and the most important solutions.
Cybercrime damage
According to the Cisco and CV 2019 Cybersecurity Almanac, cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades. Cyberattacks are the fastest-growing crime globally, and they are increasing in size, sophistication and cost.
The Almanac said:
- Cybersecurity Ventures predicts that cybercrime damages will cost the world $6 trillion annually by 2021—exponentially more than the damage inflicted from natural disasters in a year, and more profitable than the global trade of all major illegal drugs combined.
- Cybersecurity Ventures also predicts that by 2021 more than 70 percent of all cryptocurrency transactions annually will be for illegal activity, up from current estimates ranging anywhere from 20 percent (of the five major cryptocurrencies) to nearly 50 percent (of Bitcoin).
- Around $76 billion of illegal activity per year involves Bitcoin, which is close to the scale of the US and European markets for illegal drugs, according to a study published by the University of Sydney in Australia, ranked as one of the top 100 universities globally.
- Digital ad fraud is rising sharply. One report found that advertisers lost an estimated $19 billion to fraudulent activities last year, equivalent to $51 million per day. This figure, representing advertising on online and mobile devices, is expected to rise, reaching $44 billion by 2022.
- The “Cyber’s Most Wanted” list on the FBI web site features 63 notorious people (up from 19 in 2016) that have conspired to commit the most damaging crimes against the US, including computer intrusions, wire fraud, identity theft, money laundering, false registration of domain names, espionage, theft of trade secrets and other offenses—costing the affected organizations and individuals tens of billions of dollars.
- Cybercrimes are vastly undercounted because they aren’t reported —due to embarrassment, fear of reputational harm and the notion that law enforcement can’t help (among other reasons). The unit chief at the FBI’s Internet Crime Complaint Center (IC3) stated that the number of reported cybercrimes in the agency’s reports only represent 10 to 12 percent of the total number actually committed in the US each year.
- Asia-Pacific companies received six cyber threats every minute, according to Cisco. A Frost & Sullivan study commissioned by Microsoft revealed that the potential economic loss across Asia Pacific due to cybersecurity incidents can hit a staggering $1.745 trillion.
Breaches and vulnerabilities
Advances in technology are the main drivers for economic growth but have also led to a higher incidence of cyber attacks. The leading trends such as e-commerce, mobile payments, cloud computing, Big Data and analytics, Internet of Things, artificial intelligence, machine learning and social media, all increase cyber risk for users and businesses.
- The 10 biggest data breaches of all time—with the number of accounts hacked and year occurred—according to Quartz: Yahoo, 3 billion (2013); Marriott, 500 million (2014-2018); Adult FriendFinder, 412 million (2016); MySpace, 360 million (2016); Under Armour, 150 million (2018); Equifax, 145.5 million (2017); eBay, 145 million (2014); Target, 110 million (2013); Heartland Payment Systems, 100+ million (2018); LinkedIn, 100 million (2012);
- Cryptocrime is an emerging segment of the cybercrime ecosystem. One report estimates that hacks on cryptocurrency exchanges suffered roughly $1 billion in losses in 2018.
- The five biggest Bitcoin hacks of all time—with the exchange name, amount stolen and year occurred—according to CoinSutra: Mt. Gox, 2,609 BTC | +750,000 BTC (2011); BitFloor, 24,000 BTC (2012); Poloniex, 12.3 percent of all BTCs—97 BTC (2014); BitStamp, 19,000 BTC (2015); Bitfinex, 120,000 BTC (2016).
- The cost of the 2018 Coincheck hack, the biggest cryptocurrency heist to date, was $530. Five hundred twenty three million NEM coins (known as XEM) had been stolen from a hot wallet (a wallet connected to the Internet) allowing hackers to drain the coins into a separate account. The cost of those stolen coins has since declined dramatically.
- In a keynote at DevNet Create, Susie Wee, SVP and CTO of Cisco DevNet, shared research from Cybersecurity Ventures that estimates there are 111 billion lines of new software code being produced each year—which introduces potential for a massive number of vulnerabilities that can be exploited. Zero-day exploits alone are predicted to reach one per day by 2021, up from one per week in 2015.
To be continued
To reach the writer, e-mail cecilio.arillo@gmail.com.