The rise of cybercrime on a global economy scale

The COVID-19 pandemic has certainly “helped” all kinds of cybercriminals by forcing businesses and individuals alike to move most of their activities online. As the US-based Association of Certified Fraud Examiners found in a report that found 79% of respondents saw an increase in fraudulent events following the pandemic outbreak, and 90% expected even more instances of cyber crime in the future. Just to give an example, there were almost 400,000 cases of credit card fraud in the US in 2020.

Ecuador is also on the list of countries that have received the most cyberattacks, according to a Kaspersky study presented in August 2021.

Ecuador on the list: cyberattacks in Latin America have increased by 24% this year

If a country were considered, cybercrime would have one of the largest economies in the world. Cybercrime Magazine estimated that, by 2021, cyber-related crime will cost the world $6 trillion. By 2025, the losses caused by fraudsters could reach as high as $10.5 trillion.

Furthermore, cyber attacks are no longer just a problem for large and influential corporations. In fact, 43% of cyberattacks targeted small and medium-sized businesses, which often don’t have enough money for cybersecurity and aren’t prepared to recover from such attacks.

Even more staggering are the costs of attacks against individuals. The US Federal Trade Commission reported that consumers lost around $547 million to romance scams in 2021 alone.

trillions and trillions

“Technologies and computers have been an essential part of human growth, providing platforms that help us in our daily lives, but all this goes further, since they have worked with algorithms or instructions that help them to have a degree of artificial intelligence. to process information that is generated within these, however, all of these protect in a certain way the operation of the equipment or computers keeping the information safe and complete, but cybercriminals use flaws in these to extract, steal or compromise the information of large or small companies by executing deception techniques to achieve their goal, thus damaging the integrity, confidentiality or availability of the stored information”, says Armando Monzón, from the National Cybersecurity Institute of Guatemala, Researcher and Director of International Programs.

Thus, the cybercrime economy of 2022 is now worth at least $1.2 trillion, according to economists. That makes it the 15th largest economy in the world, according to estimates by the International Monetary Fund. It generates more profit than the combined global trade in all illegal drugs.

So that you have an idea, every day, the Google Threat Analysis Group blocks around 100 million emails containing phishing links and malware downloads.

According to the Parachute site these are the facts and implications of cybercrime incidents as they unfold:

• Cybercrime costs the global economy 50% more than forecast in 2018. In addition, it is more than 1% of global GDP.
• The average cost of a data breach in 2020 was $3.86 million. In 2021 it was $4.24 million.
• A data breach that compromises between 1 and 10 million records costs on average $50 million, while one that compromises 50 million records can cost up to $392 million.

One specific case that came to light was that of a 16-year-old from Oxford who was accused of being one of the leaders of the Lapsus$ cybercrime gang. The teenager, who allegedly amassed a fortune of 14 million dollars thanks to piracy, has been identified by hackers and rival researchers. As reported by the BBC, under his online moniker White or Breachbase, the boy, who is autistic, is said to be behind the prolific Lapsus$ hacker team, which is believed to be based in South America.

“These actions occur because there is no culture of acquiring original software, but obtaining it fraudulently or the lack of awareness of cybersecurity issues in both schools and companies to minimize these risks. In recent months, the increase in ransomware attacks (attack where the cybercriminal deceives the person with techniques to download files that contain malicious or dangerous code) to appropriate their information and then ask for a ransom are part of the most frequent attacks or or phishing techniques, which is nothing more than sending information by email to users to install programs that can steal their passwords or infect their computers, among others”, Monzón points out.

The number of cybercrime reports to the US Federal Bureau of Investigation has increased. Total money lost to cybercrime rose 64% to $6.9 billion, the FBI said in its annual Internet Crime Report last March, which highlighted how remote communication and virtual meetings can make businesses and individuals vulnerable to social engineering attacks by fraudsters.

human intelligence

With highly motivated threat actors seeking payments from organized cybercrime groups, attacks have shifted from automated to human-operated attacks. Researchers at Agari (a US email identity company that protects businesses and individuals from phishing and social engineering attacks) determined that the majority of leaked password reuses were done by humans and not by automation. It’s one thing to defend against automation, but it’s much harder to defend against human intelligence and perseverance fueled by multi-million dollar payouts.

The US Department of the Treasury recently said that $5.2 billion in Bitcoin transactions can be linked to ransomware payments in the last two years.

In just one example, US travel services company CWT Global paid $4.5 million in July 2020 to the Ragnar Locker ransomware gang. Additionally, a recent report from security consulting group Unit 42 indicated that the average ransomware payout increased 82% from 2020 to a record $570,000 in the first half of 2021.