CYBER ATTACK

Cyber Attack

Cyber Attack

Introduction

Cybercrime is criminal activity, using computers and the Internet to steal, whether directly or indirectly, from consumers or businesses. The global scale of the cybercrime problem is not known, although by most estimates it is running at several billion dollars (USD) per year. This paper focuses solely on ensuring that cybercrime is contained. Even within cybercrime, there are different subcategories, such as direct theft of money from bank or credit card accounts, identity theft, as well as theft of intellectual property where the financial costs are indirect (potential loss of sales revenue).

The most costly cyber crimes are those caused by malicious code, denial of service, stolen or hijacked devices and malicious insiders. These account for more than 90 percent of all cyber crime costs per organization on an annual basis. Mitigation of such attacks requires enabling technologies such as SIEM and enterprise GRC solutions.

Cyber attacks can get costly if not resolved quickly. Results show a positive relationship between the time to contain an attack and organizational cost. The average time to resolve a cyber attack is 18 days, with an average cost to participating organizations of $415,748 over this 18 day period. This represents a 67 percent increase from last year's estimated average cost of $247,744, which is compiled for a 14 day period. Results show that malicious insider attacks can take more than 45 days on average to contain.

Information theft continues to represent the highest external cost, followed by the costs associated with business disruption. On an annualized basis, information theft accounts for 40 percent of total external costs (down 2 percent from 2010). Costs associated with disruption to business or lost productivity account for 28 percent of external costs (up 6 percent from 2010).

Protecting the web: what makes it so challenging?

As organizations are becoming more dependent on information technology, the emphasis on information security is getting more significant. Threats to information security have several dimensions including internal vs. external, human vs. non human, and accidental vs. intentional. While initially information security was seen as a technology problem that can be addressed via sophisticated hardware and software solutions, increasing number of security breaches proved that this is indeed mostly a people problem (Durkheim, 1938).

Correcting inaccurate information about the personal or financial status, and trying to reinstate the reputations and good names are intimidating jobs for the victims of identity theft and fraud. The damages done by the criminals take much greater time to rectify than the actual crime took time to get committed. Victims can suffer a lot once their identity has been stolen and abused. The hard-earned money of the person is lost for no reason at all. Apart from the financial aspect, peace of mind is also stolen along with the identity, as the victims have to go through a lot of trauma as a result of the crime. The proportion with which the crime has grown has also caused a dent on the ...