More than $1m is lost every minute to cybercrime, while 1861 people fall victim to scams.
According to research by RiskIQ of proprietary and third-party research, despite businesses spending $171,233 every minute on cybersecurity, $1,138,888 is lost to cybercrime.
Its research found that every 60 seconds:
- 1.5 organizations fell victim to ransomware attacks, with an average cost to businesses of $15,221
- A new site appeared running the CoinHive cryptocurrency mining script
- Four potentially vulnerable web components were discovered
It also found that a new phishing domain appears every five minutes, and a new site running the CoinHive cryptocurrency mining script was detected every 10 minutes.
In an email to Infosecurity, security author Raef Meeuwisse said that cybercrime continues to be a profitable industry, and cyber-criminals continually evolve their tactics to remain one step ahead of the average cybersecurity function.
He said: “Cybercrime and cybersecurity co-exist in a constant cycle of innovation. As one particular criminal trend towards a particular technique increases, so the security functions create or strengthen the required defenses.
“However, it is evident at both the level of personal and organizational cybersecurity that spending is usually too low. In fact, most of these cyber-criminals are not going after the hard targets with great defenses, they are targeting the low hanging fruit – and there is still far too much of it.”
He said that despite the examples cited by RiskIQ, he still has regular conversations where a person will talk about someone they know who has lost a fortune through an online scam, “yet they are still reluctant to consider paying £5 a month for home security software or even sparing the time to strip administration (installation) rights from their day-to-day account.”
RiskIQ CEO Elias Manousos said: “Leveraging the latest research as well as our own global threat intelligence, we're defining the sheer scale of attacks that take place across the internet to help businesses better understand what they’re up against on the open web.
“As companies innovate online to make more meaningful touchpoints with their customers, partners, and employees, attackers prey on their lack of visibility into their internet-facing attack surface to erode users’ trust and access credentials and sensitive data. Businesses must realize that they are vulnerable beyond the firewall, all the way across the open internet.”