Try to wrap your brain around these numbers…
Cyber criminals launched 1.5 billion web attacks in 2012, infiltrating 6.5 million unique domains. Malicious codes corrupted servers in the internet zones of 202 countries, just 20 of which accounted for 96.1% of all of those detected by IT security vendor, Kaspersky Labs.
The United States earned the dubious distinction of holding the No. 1 spot. We’ve been a victim of 413,622,459 attacks.
Think we have a big problem on our hands? The scary thing is, sometimes I’m not so sure whose side our government is on.
On one hand, the Department of Homeland Security acknowledges that public and private sectors need to share information intimately to advance the fight against cyber security. After all, private companies own the majority of critical infrastructure in the United States.
On the other hand, since March, the DHS has cancelled two training and networking conferences that teach utility companies how to defend against cyber attacks. The reason? Budget cuts.
And not to rub salt in any cyber victims’ wounds, but the Cyber Intelligence Sharing and Protection Act (CISPA) is barely limping along. As of April 18, the Senate refused to vote on it and is in the process of drafting its own version of the legislature.
Besides, CISPA – a law that would allow for information sharing by opening the gates of internet traffic between the U.S. government and some private sectors to beef up security – is hardly an adequate, long-term fix.
I seriously doubt it would have prevented what the Pentagon called “the largest leak of classified documents in its history.” (If you recall, WikiLeaks posted 400,000 pages on the Iraq War two years ago, and 4.8 million people had access to Top Secret information.)
As big a concern as national security is, it doesn’t even scrape the surface. For criminals, there’s really no limit to the havoc they can wreak on countries, businesses and individuals.
In fact, this headline just popped up on my computer screen: “Leak Exposed Securities and Exchange Commission Workers’ Data.” Apparently information on SEC employees kept appearing on federal agency computers after a former worker downloaded names, birthdays, and Social Security numbers and transferred them to another network.
On the heels of that news – and the recent Nasdaq community website hacking – the International Organization of Securities Commissions (IOSCO) released a report saying that “half the world’s financial exchanges suffered cyber attacks in the past year.”
Like I said, nothing is sacred.
A recent report by the Ponemon Institute, 2012 Cost of Cyber Crime Study: United States, paints an even uglier picture:
- The average annualized cost of cyber crime for 56 organizations is $8.9 million per year, with a range of $1.4 million to $46 million. In 2011, the average annualized cost was $8.4 million.
- Companies in the study experienced 102 successful attacks per week and 1.8 successful attacks per company each week. This represents an increase of 42% from last year’s successful attack experience.
- The most costly cyber crimes are those caused by denial of service, malicious insiders and web-based attacks. Mitigation of such attacks requires enabling technologies such as security information and event management (SIEM), intrusion prevention systems, application security testing and enterprise governance, risk management and compliance solutions.
And as the costs of these attacks continue to mount, companies that provide theses “enabling technologies” will continue to thrive.
Our Chief Investment Strategist, Louis Basenese, recommended just such a company to WSD Insiders – KEYWAVE Holdings (KEYW). They’re already up by double digits with the position. But that’s not the only cyber security opportunity he’s recommended in the portfolio. Go here to upgrade your subscription now.
Ahead of the tape,