That’s more than South Korea’s GDP. In fact, if cybercrime were a nation state, it would have the thirteenth largest GDP in the world!
Figures like this are shocking. But, according to experts, the $1.5 trillion figure is actually conservative.
Of course, it’s very difficult to gauge the true scale of cybercrime – the most successful cybercriminals are experts at keeping their activities hidden. However, Dr Mike McGuire, the academic behind the report, deliberately calculated conservatively, so that inaccuracies involve only underestimates rather than overestimates.
Whatever the true figure, it’s safe to say that cybercrime is huge. In this article, we’ll take a deeper look at the state of cybercrime in 2018, and outline some simple things businesses can do to remain protected.
According to Dr McGuire’s report, the totality of cybercriminal activity is best thought of as an economy – a multifaceted, sophisticated and growing economy, in which “a hyper-connected range of economic agents, economic relationships and other factors are now capable of generating, supporting and maintaining criminal revenues at an unprecedented scale”.
Revenue generation in the cybercrime economy takes place at all levels.
For example, there are cybercriminal equivalents to large “multi-national” organisations, which can generate in excess of $1 billion (£736 million) annually. There are cybercriminal SMEs, which generate profits of around $30,000–$50,000 (£22,000–£37,000) a year. And there are cybercriminal sole traders, who operate alone, either as a full time occupation or for some extra cash on the side.
The cybercrime economy is dominated by three major “services”. These are: illegal online markets, theft of trade secrets and data trading.
Additionally, so-called Crimeware-as-a-Service and ransomware contribute $1.6 billion (£1.2 billion) and $1 billion (£736 million) respectively.
Taking part in this economy is now easier than ever. Some cybercriminals are productising their services, making it easy for less techie individuals to get involved. Those at the top – those who are creating these services – have access to millions and millions of dollars, though, unlike legitimate business magnates, you’re unlikely to ever hear their names.
The owners of Crimeware-as-a-Service “businesses”, for example, are creating platforms and processes that give users a way to conduct criminal activities in an organised, automated and intuitive way. With services such as these, becoming a cybercriminal really is as easy as doing some online shopping.
The information economy is home to many of the world’s most famous brands. Facebook, Uber, Amazon, Google, Apple, Alibaba – companies such as these know how to exploit the advantages of Big Data and have used this to dominate their industries.
A large percentage of those at the top of the information economy are known as “platform capitalists”. Platform capitalism has become central to the global economy, and operates on the premise that bringing different groups of users together can be hugely profitable
Facebook and Google, for example, connect advertisers, businesses and everyday users. Uber connects riders and drivers. Amazon and Siemens are building huge platforms that underlie much of the modern economy.
In order for the platform model to work, companies need data. And lots of it.
Since their inception, legitimate platform businesses have been treading a thin line between legality and illegality in terms of their data practices. Recently, the Facebook-Cambridge Analytica scandal has given us the clearest example of what can happen when they get it wrong.
But while legitimate platform businesses struggle to balance on the tightrope of data legislation, cybercriminal businesses are more than happy to jump right into illegal activities.
Unfortunately, legitimate platforms offer cybercriminals fertile ground for conducting their activities. Criminals can hack platforms to acquire user data, disseminate malware and sell illegal goods. They can use them to set up fake shop fronts to launder money. They can use them to connect buyers and sellers of illegal goods.
Though legitimate businesses are unwitting in their involvement in criminality, they have also helped cybercriminals in another – perhaps more dangerous – way: they have given them inspiration.
A model of platform criminality is beginning to emerge. Described by Dr McGuire as a “monstrous double” of the legitimate information economy, illegal platforms are copying legal platforms, often by mimicking the way they extract data – though in much less prudent and much more invasive ways.
Much like their legitimate counterparts, criminal platform owners are making far more money than those who use them. An individual hacker has been estimated to make around $30,000 (£22,000) a year; whereas a manager can make $2 million (£1.5 million) per job. In other words, the most successful cybercriminals are those who are selling crimes rather than committing them.
In 2018, the number of threats businesses and individuals face online is greater than ever. However, by following some basic best practice policies, you can go a long way to avoid being exploited.
Cybercriminals will often target low-hanging fruit. This means that SMEs, whose security processes are often lacking, receive the brunt of cybercriminal activity. Indeed, 58 percent of all malware attack victims are categorised as small businesses, and the average cost of a single attack is a whopping $2,235,000 (£1,645,407)
Ensuring your business is secure, then, should be a high priority.
As a starting point, all businesses should:
To ensure maximum protection, many businesses can benefit from consulting with professionals. Unified Threat Management (UTM) is a modern approach to security management that allows an administrator to monitor and control and range of security applications and infrastructure via a single console.
The UTM approach allows businesses to adopt key security features with ease: anti-virus, Intrusion Prevention Systems (IPS), web-filtering, anti-spam, traffic shaping and more. Such a multi-layered approach ensures complete protection for SMEs.
Digital technology moves fast. This means that cybercriminals and the companies trying to stop them are engaged in an ongoing battle. A development on one side must be countered quickly by the other.
It’s very hard to predict what the cybercrime economy will look like in a year – let alone five or 10. However, there are a few developments we can be quietly confident will materialise.
According to RSA’s whitepaper, 2018 Current State of Cybercrime, in the near future it’s likely that:
Elite Group is the leading unified communications provider. We deliver an unrivalled product portfolio, including UTM security solutions and next-generation firewall defence.