AUSTRALIA, Sydney – September 8, 2011 – For the first time a Norton study calculates the cost of global cybercrime: $114 billion annually.[i] Based on the value victims surveyed placed on time lost due to their cybercrime experiences, an additional $274 billion was lost.[ii] In Australia it is estimated that more than 4.5 million people fell victim to cybercrime last year, suffering $1.8 billion in direct financial losses and an additional $2.8 billion in time spent resolving the crime. With 431 million adult victims globally in the past year and at an annual price of $388 billion globally based on financial losses and time lost, cybercrime costs the world significantly more than the global black market in marijuana, cocaine and heroin combined ($288 billion).[iii]
According to the Norton Cybercrime Report 2011 more than two thirds of online adults (69 percent) have been a victim of cybercrime in their lifetime. Every second 14 adults become a victim of cybercrime, resulting in more than one million cybercrime victims every day.[iv] In Australia, seven in ten online adults (72 percent) have been a victim of cybercrime.
For the first time, the Norton Cybercrime Report reveals that 10 percent of adults online (8 percent in Australia) have experienced cybercrime on their mobile phone. In fact, the Symantec Internet Security Threat Report, Volume 16[v] reported there were 42 percent more mobile vulnerabilities in 2010 compared to 2009 – a sign that cybercriminals are starting to focus their efforts on the mobile space. The number of reported new mobile operating system vulnerabilities increased, from 115 in 2009 to 163 in 2010. In addition to threats on mobile devices, increased social networking and a lack of protection are likely to be some of the main culprits behind the growing number of cybercrime victims.
Male, Millennial, Mobile
The study identifies men between 18 and 31 years old who access the Internet from their mobile phone as even more likely victims: in this group four in five (80 percent) have fallen prey to cybercrime in their lifetime. Globally, the most common – and most preventable – type of cybercrime is computer viruses and malware with 54 percent of respondents saying they have experienced it in their lifetime. Viruses are followed by online scams (11 percent) and phishing messages (10 percent). Earlier this year the Symantec Internet Security Threat Report, Volume 16, found more than 286 million unique variations of malicious software (“malware”) compared to the 240 million reported in 2009, representing a 19 percent increase.[vi]
“There is a serious disconnect in how people view the threat of cybercrime,” said Adam Palmer, Norton Lead Cybersecurity Advisor. “Cybercrime is much more prevalent than people realise. Over the past 12 months, three times as many adults surveyed have suffered from online crime versus offline crime, yet less than a third of respondents think they are more likely to become a victim of cybercrime than physical world crime in the next year. And while 89 percent of respondents agree that more needs to be done to bring cybercriminals to justice, fighting cybercrime is a shared responsibility. It requires us all to be more alert and to invest in our online smarts and safety.”
The disconnect between awareness and action is further illustrated by the fact that while 74 percent of respondents say they are always aware of cybercrime, many are not taking the necessary precautions. Forty-one percent of adults indicated they don’t have an up to date security software suite to protect their personal information online. In addition, less than half review credit card statements regularly for fraud (47 percent), and 61 percent don’t use complex passwords or change them regularly. Among those who access the Internet via their mobile phone, only 16 percent install the most up to date mobile security.
For more findings from the Norton Cybercrime Report globally and by country, please visit: http://norton.com/cybercrimereport.
[i] Findings are extrapolations based upon results from a survey conducted in 24 countries among adults 18-64. The financial cost of cybercrime in the last year ($114bn) is calculated as follows: Victims over past 12 months (per country) x average financial cost of cybercrime (per country in US currency).
[ii] The value of time lost due to cybercrime experiences in the last year ($274 billion) is calculated as follows: Victims over past 12 months (per country) x average time cost of cybercrime (per country in US currency). Figure shown in the sum of all countries total cost.
[iii] 431 million victims in 24 countries over past 12 months is calculated as follows: Latest research from NCR shows 69% of adults in 24 countries have been a victim of cybercrime ever and of these 65% have been a victim in the past 12 months. Online population per country (24 country total = 802,872,752 according to CIA World Factbook) x % cybercrime ever per country x % cybercrime past 12 months per country = 431,504,885 (sum of 24 countries)
Total cost of cybercrime is calculated as follows: Total financial cost $114billion plus value attributed to lost time trying to resolve cybercrime $274billion = $388 billion
Total value of the world’s marijuana, cocaine and heroin market ($288 billion) is calculated as follows:
· Total value of the world’s marijuana market is $141.80 billion according to the 2005 United Nations World Drug Report, http://www.unodc.org/unodc/en/data-and-analysis/WDR-2005.html
· Total value of the world’s cocaine market is $85 billion according to the 2011 United Nations World Drug Report, http://www.unodc.org/unodc/en/data-and-analysis/WDR-2011.html
· Total value of the world’s heroin trade is $61 billion according to the 2011 United Nations World Drug Report, http://www.unodc.org/unodc/en/data-and-analysis/WDR-2011.html
[iv] 14 cybercrime victims per second and one million cybercrime victims per day calculated as follows: victims over past 12 months (as above) 431,504,885 / 365 days per year / 24 hours / 60 minutes / 60 seconds
[v] Source: Symantec Internet Security Threat Report published April 2011 https://www4.symantec.com/mktginfo/downloads/21182883_GA_REPORT_ISTR_Main-Report_04-11_HI-RES.pdf
[vi] Source: Symantec Internet Security Threat Report published April 2011 https://www4.symantec.com/mktginfo/downloads/21182883_GA_REPORT_ISTR_Main-Report_04-11_HI-RES.pdf