The FBI recently released their 2016 Internet Crime Report, which tallies the overall U.S. financial loss from cybercrimes last year at more than $1.3B, a 24 percent increase over the previous year. The report is based on information gathered from more than 300,000 cyber complaints filed with IC3. However, only an estimated 15 percent of the nation’s fraud victims actually report their crimes to law enforcement, so the real cost of cybercrime is more likely closer to $9B.
Regardless, the report highlights some interesting information. For example, the most destructive and rampant types of cybercrimes are listed as ransomware, tech support fraud, business email compromise (BEC) and extortion. BEC complaints accounted for losses in excess of $360 million, extortion complaints exceeded $15 million, tech support fraud totaled $7.8 million, and ransomware was over $2.4 million. The top three crime types reported to the bureau were non-payment and nondelivery, personal data breach and payment scams. While the top three crime types by reported loss were BEC, romance and confidence fraud, and non-payment and non-delivery scams.
The report also showed that most age groups are equally targeted (minus people under age 20). However, the older the target the higher the loss. For example, total losses for folks over 60 years of age was $339M, compared to 30-39 at $190M, and so on. The top 10 states by several reported victims include California, Texas, Florida, New York, Illinois, Maryland, Pennsylvania, Virginia, Ohio and Washington. South and North Dakota, not surprisingly were last on the list of states with less than 800 combined complaints. The top 10 states by reported number of victim loss (the monetary loss) includes California ($255M), New York ($106M), Florida ($88M), Texas ($77M), Virginia ($49M), Illinois ($32M), Colorado ($30M), Pennsylvania ($27M) and Washington ($25M).
IC3 has been collecting cybercrime data since 2000 and has logged more than 1.4M complaints with an associated total loss of $4.63B. They get on average 800 complaints a day. To get more insight on this report, read the recent SC Magazine article.
- Linux malware is on the rise.
- Legacy antivirus (AV) continues to miss new malware; at a higher rate.
- The cybersecurity battleground is shifting toward web servers.
- Attackers still exploit a major Android exploit from 2015.
- New research on IoT device vulnerabilities.