By Kristi M. Rogers, Security and Risk Expert, Vice Chairman and Founding CEO, AEGIS LLC.
It's an attack that you cannot see, but you most certainly have felt it. According to government figures, the United States has lost hundreds of billions of dollars as the result of cyber crime, cyber espionage and cyber war. In today’s economy, one would think that the alarm bells would be ringing. It's happening now, it happened yesterday, and it will happen at an even greater extent tomorrow.
The National Security Administration's director general, Keith Alexander, states that economic espionage through cyber attacks is the "greatest transfer of wealth in [American] history." It does seem a bit unreal. Unfortunately, it is very real. Most security experts today will tell you that there are only two types of companies in the United States: one that knows it has been "hacked" or attacked via its computers, and the other that does not know it has been attacked.
In 2O11, software company Norton estimated U.S. costs due to cybercrime at $14O billion, $32 billion of which came directly from theft, the rest as a result of time lost to repairs from malware. ($388 billion in worldwide costs)
Growing threat: the Ponemon Institute's sample growth saw a 5O percent cost increase to companies from cybercrime and a 40 percent increase in the frequency attacks from 2O1O to 2O11
Even if your identity has not been stolen your computer may have been co-opted to serve in a vast net, a "zombie army" that disrupts, attacks and steals on a large scale. Where are the attackers? Is it the teenager in his or her parent s basement with bunny slippers and a Mountain Dew who has just hacked into the principal's computer to change his grades? We should all wish for those days. Today, the attackers are lone "entrepreneurs," organized "hacktivists,"and cyber crime syndicates — organized syndicates, mercenary for sale, nation state warfare, zombie armies, invisible botnets, Operation Shady Rat — this sounds like the trailer for the next movie blockbuster, or the next Vince Flynn novel, or even the next Avengers movie. Unfortunately, this is today’s reality.
SONY CORPORATION: One of the most newsworthy attacks in recent history is that of Sony. In 2011, hackers breached Sony's customer network compromising more than 70 million records. Sony estimated the cost at $171 million.
STRATEGIC FORECASTING: A data breach at the intelligence analytics firm, Strategic Forecasting, disclosed in December 2011, was attributed to Antisec, a "hacktivist" group affiliated with Anonymous that used the 68,000 stolen credit card numbers to make donations to charity.
EPSILON: The Texas-based marketing firm suffered a data breach ir2011 in which 60 million names and email addresses were stolen from customers for more than 50 major retailers and banks. Estimate for the total costs — projected to include forensic analysis, monitoring, fines, litigation and lost business reputation damage — varies from $100 million to as much as $4 billion.
TJ MAXX: In 2007, the clothing retailer breach caused by a remote intrusion resulted in the compromise of more than 94 million credit card accounts, estimated at $64 million in costs.