The cybercrime economy personified

While the Center for Strategic & International Studies and McAfee estimated the annual cost to the global economy from cybercrime at $375 billion conservatively and $575 billion maximally as of June 2014, at least one expert stands by cost figures that are many times those numbers.

"U.S. companies and the U.S. economy lose approximately $500 billion each year to theft of trade secrets and innovation. This includes all forms of economic espionage where cybercrime plays a major factor. When you factor the 10-year life of the investment in innovation, the total value of the theft reaches $5 trillion or one-third of the U.S. GDP - each year," says T. Casey Fleming, CEO, BLACKOPS Partners Corporation, a Washington, D.C.-based Information Security Advisor to senior executives & boards of the Fortune 500, U.S. government agencies, and universities.

[ Annual cost of cybercrime hits near $400 billion ]

While the enterprise can't stop cybercrime it can become a hard target. To that end, CSO maps the cybercrime economy with its major components, incentives, and seats of power, finalizing with the means for enterprises to avoid victimization by keeping cyber goons from absconding with their digital goods.

Cybercrime entities

Cybercrime entities include countries such as India, France, Sweden, North Korea, Syria, Russia, and China as well as smaller groups inside eastern-block countries. "Organized crime includes the offshoots of the Russian Business Network, who have a very clear understanding of the financial payment supply chain," says Bob West, CISO Emeritus Fifth Third Bank & Bank One, now Chief Trust Officer, CipherCloud.

Cyber spying by public and private concerns is also a piece in the cybercrime economy puzzle. "Cybercrime targets include U.S. companies in the Fortune 500 & 100, small- to medium- businesses, universities, thank tanks, and government agencies," says West.

Cybercrime incentives

"The hyper-connected world, the adoption of digital banking, the connection of operational technologies to the Internet, and a surge in mobility have greatly increased the attack surface available to digital criminals, which has led to a gold rush mentality in criminal fraternities," says Colin McKinty, vice president of Cyber Security Strategy, Americas, BAE Systems Applied Intelligence.

The ready availability of free cybercrime applications invites participation in the cybercrime economy by just about anyone. "This creates a services-based cybercrime economy, meaning that even those with limited personal expertise can still achieve significant results," says McKinty.

In addition to a growing attack surface and increasing numbers of free tools, the cybercrime economy thrives due to the profit motives of the thieves who grab an organization's enticing personal identifiable information and intellectual property. "Cybercrime feeds on human weakness and on weak security controls, which are the result of enterprises choosing convenience over security. There are many people in large companies who don't understand what they need to do to protect information as part of their daily routine," says West.

To safeguard data, executives and employees must first know what is most precious. Then, learn good general security habits as well as the specific measures for protecting each type of data in so far as using those measures lies within duties and responsibilities you will face in your position.

Seats of power

"Cybercrime is a multifaceted, decentralized, global phenomenon," says McKinty. Still, there are stealthy leaders behind the attacks that criminal hackers carry out.

The nefarious heads of these hacker groups include Russians in seats of power and Chinese communists inside the People's Liberation Army. Members of various criminal syndicates globally work with little or no outside guidance or prompting.

[ Interview with a Mob CIO ]

People who want to avoid muggings don't walk dark alleys alone at night in the wrong part of town. People who want to stay safe travel in groups, take extra measures (carrying pepper spray), and have a game plan, such as run, dial 911, or scream, "fire!" to attract attention and help. Enterprises must be aware of how the information highway as the world itself has changed, and not for the better. They must do the 'must dos' of cybersafety: offer the least amount of privileges necessary to any one person or entity; trust no one; and segregate networks.

"Requiring the use of a reference model that includes governance, such as the NIST Cyber Security Framework ISO 27000, is a good starting point for comprehensively protecting critical infrastructure and the data it carries," says West.

Perimeter defenses alone are insufficient. Use methods instead that locate attacks in progress based on anomalous behavior that you measure against a baseline. "Companies such as Cyveillance, FireEye, and CrowdStrike offer useful technologies," says Fleming.

Methods and tools that remove incentives are very important. "The enterprise needs to attack the economics that drive and sustain cybercrime by making it too costly in terms of resources and time for cybercrime to be profitable," says McKinty. Use risk assessments tailored and targeted to cybercrimes. Make cybercrime too expensive a proposition for attackers by using two- and three- factor authentication, long, strong passwords, and stronger (higher-bit) encryption than your competitors (so you're no longer the lowest hanging fruit). "The enterprise should also find and fix its weakest links in the security chain," says McKinty.

"The CEO must be an information security change agent," says Fleming. Reward people who discover and help to close your vulnerabilities. "Stage annual assessments by unbiased, experienced, intelligence-based outside firms," says Fleming.

Non-technical options for pushing back against cybercrime are largely limited to trade sanctions against nation-states and prosecution of bad actors within the U.S. "The FBI will prosecute any U.S. firm acting in retaliation. The answer is for companies to redefine their information security strategy from perimeter security to data-centric security," says Fleming.

Unite to fight

"In the battle against cybercrime, shared knowledge is a crucial power for slowing digital criminals down," says McKinty. No enterprise should fight armies of cyber-villains, botnets, and nation-states alone. By broadly sharing threat intelligence, tools, and techniques with the global business and law enforcement communities, enterprises plug into a much stronger force for defending their data.

Join the CSO newsletter!

Error: Please check your email address.

Tags mcafeeBLACKOPS Partners CorporationsecurityeconomylegalCSOmalwarecybercrime

More about Bank OneCipherCloudCSOCyveillanceFBIFireEyeISOWest

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Geer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place