Cybercrime cost corporations 56 percent more this year than last, according to an annual study from the Ponemon Institute and sponsored by ArcSight, an HP company.
Larry Ponemon, founder and chairman of the Traverse, Mich., company that bears his name, told PCWorld there have been several root causes for the bump up in the cost of cyber crime. “Sophisticated stealthy types of cyber crime are happening more frequently,” he said.
When the study was done last year, he explained, more visible forms of cybercrime dominated the mix – viruses, worms, Trojans, malware and botnets. “Now we’re seeing more insidious kinds of attacks like malicious code, denial of service, stolen devices, Web-based attacks and malicious insiders,” he observed.
Stealth attacks are more difficult to clean up because they “move in quietly to position the attacker lower in the infrastructure and to be able to go after information in a longer term, strategic way,” according to ArcSight Public Sector CTO Prescott Winter.
“They’re more ingenious in how they launch the attack, which makes them harder to find once they launch it,” Winter said.
It’s also getting more difficult to defend against intruders, Ponemon noted. “Some of these intruders throw a one-two punch,” he said. At the front door, there’s a denial of service attack that consumes a defender’s resources, he explained, but at the same time other attacks are launched on the defender’s position – an insider threat, for instance, and proliferating botnet software.
That’s especially true for organizations who believe strong perimeter defenses alone will protect them, Winter contended. “There’s no such thing as a bulletproof perimeter anymore,” he said.
“It’s absolutely guaranteed these days that the attacker will get in,” he maintained. “So the strategy has to change from watching the outside wall to trying to figure out what’s happening inside the network.”
The study also discovered:
- The cost to smaller organizations of a cybercrime incident is higher on a per capita basis than to larger organizations.
- The number of attacks on the companies in the survey increased over last year by 44 percent, to 72 successful attacks per week.
- Forty percent of the external costs to an organization for cybercrime were attributed to data theft, a 2 percent dip from 2010, and 28 percent to business disruption and lost productivity, a 6 percent increase from last year.
- The biggest internal costs attributed to cybercrime were tagged to detection and recovery (45 percent).
- The cost of cybercrime can be moderated by the use of security information and event management systems. The outlay for dealing with a cybercrime incident for firms with those systems was 24 percent lower than for those without the systems, the study noted.