Security researchers revealed that cybercrime incidents are on a dramatic rise. According to a report from the Internet Society’s Online Trust Alliance (OTA), cybercrime has become a $45 billion industry in 2018.
The report, Cyber Incident & Breach Trends, was prepared from the sources including the Federal Bureau of Investigation, Symantec, Risk Based Security, the Identity Theft Resource Center, and the Internet Society’s internal data.
The report stated that the number of ransomware, data breaches, and DDoS incidences came down in 2018. However, the financial damage due to ransomware rose by 60 percent. It also said that losses from business email compromise (BEC) doubled while damage from Cryptojacking tripled.
“It is difficult to get a complete, accurate picture of the overall cyber incident landscape. Much like putting together a jigsaw puzzle with only a handful of key pieces, it is possible to get a sense of the overall picture, but many of the details are missing. In tracking cyber incidents, many key data “pieces” exist, but are limited for a variety of reasons – they often represent only one vendor’s view of their user base, they are typically regional and not global, it is easier to measure attacks than measure which are successful, there is a lack of consolidated reporting mechanisms, and finally, it is still the case that most incidents go unreported,” OTA said in a statement.
Security experts opined that Phishing and Ransomware attacks are the most reported types of cyber-attacks on financial services firms. According to the Audit and Consulting firm RSM International in the United Kingdom, around 819 cyber incidents were reported by Financial services firms to the Financial Conduct Authority (FCA) last year.
RSM said that Retail Banks were the most frequently affected by cyber-attacks (486 security incidents) followed by wholesale financial markets (115 attacks), and retail investment firms (53 incidents). In 2018, financial firms reported around 93 cyber-attacks, in which half of these (48 attacks) were phishing attacks while 20 percent (19 attacks) were ransomware attacks.
RSM said the sudden increase in the companies reporting security incidents was due to the introduction of the European Union’s General Data Protection Regulation (GDPR) laws that took effect last May.