Cybercrime took a $774 billion toll on the global economy in the last year as criminals are increasingly taking advantage of new technologies and the growing availability of hacking services, a new report has found.
The third edition of the Economic Impact of Cybercrime, released by the Center for Strategic and International Studies and McAfee, found that cybercrime has cost 0.8 percent of the global GDP, or $US600 billion.
This is a sharp increase from the same study in 2014, which found this figure to be about $US445 billion.
“Cybercrime is relentless, undiminished, and unlikely to stop,” the report said.
“It is just too easy and too rewarding, and the chances of being caught and punished are perceived as being too low.
“Cybercrime remains far too easy, since many technology users fail to take the most basic protective measures, and many technology products lack adequate defences, while cybercriminals use both simple and advanced technology to identify targets, automate software creation and delivery, and monetisation of what they steal.”
In Australia, the report found 114,000 instances of reported cybercrime just in the last three years, with more than half of local businesses reporting a security incident at least once a month.
The report found that ransomware is the fastest growing cybercrime tool, with services and tools now being sold on the dark web. This cybercrime-as-a-service has become more sophisticated and created “flourishing markets” where anonymous individuals can use untraceable cryptocurrency to avoid law enforcement.
“The digital world has transformed almost every aspect of our lives so that crime is more efficient, less risky, more profitable and has never been easier to execute,” McAfee chief technology officer Steve Grobman said.
“The $US600 billion cybercrime figure reflects the extent to which our technological accomplishments have transformed the criminal economy as dramatically as they have every other portion of our economy.”
In Australia, the report found that since the Australian government established an online reporting platform for cybercrime incidents in 2014, more than 114,000 have been reported in the years since.
This number is rapidly increasing, with nearly 24,000 of these incidents occurring in the first half of last year.
According to a Telstra survey, nearly 60 percent of Australian businesses had detected security incidents at least once a month, while a quarter had suffered from a ransomware incident.
One of the most damaging elements of cybercrime in Australia is business email compromise, which is estimated to have caused associated losses of more than $19 million over the course of 2016-17.
The report points to an incident in 2016 where the Brisbane City Council was a victim of cybercrime. Posing as suppliers of professional services, the criminals tricked the council into changing bank details for payments by sending “legitimate-looking emails” and contacting the council by phone.
Nearly $451,000 was stolen over nine payments in the “sophisticated and targeted scam”.
Australia was also impacted by the two most publicised incidents of cybercrime last year, with the WannaCry and NotPetya ransomware attacks. Dozens of Australian businesses were impacted by the attacks, which caused the Cadbury factory in Hobart to shut down for several hours.
The report recognised that the Australian government has placed a significant emphasis on cyber security in recent years.
“The Australian government has been active in trying to confront this threat, announcing that it would allocate more than $170 million in 2016 towards supporting its new National Cyber Security Strategy and proposing legislation that expands the country’s anti-money laundering rules to domestic cryptocurrency exchanges,” it said.
Australia’s Mandatory Data Breach Notification Laws for all businesses with annual turnover of more than $3 million came into effect at the end of February.
