Light Dark
February 23, 2018 By David Bisson 2 min read

The global cost of cybercrime rose to unprecedented levels in 2017, according to recent research.

In its new report titled “Economic Impact of Cybercrime — No Slowing Down,” McAfee and the Center for Strategic and International Studies (CSIS) revealed that cybercrime cost the world between $445 and $608 billion in 2017. That is $100 billion more than the minimum worldwide cost estimated for 2014.

What’s Driving Up the Global Cost of Cybercrime?

The report’s authors attributed this increase to five trends, most notably the rise of ransomware. The FBI noted that victims of ransomware paid $209 million to recover stolen files in the first quarter of 2016, a significant increase over the $24 million in ransom payments made throughout the year prior, SC Magazine reported.

In addition, 70 new cryptomalware strains emerged over the course of the year, more than double the number of ransomware samples that emerged between 2013 and 2015. The threat of ransomware arguably reached its peak in Q1 2017 with the WannaCry outbreak before declining in the next six months as cryptominers surged in popularity among computer criminals.

Cybercrime-as-a-service, a greater reliance on anonymization services such as Tor, the rise of state-sponsored theft, and the increasingly popularity of both identity theft and intellectual property theft also drove up the cost of cybercrime in 2017, according to the report.

Reducing the Cost of Cybercrime

Responding to these trends, McAfee chief scientist Raj Samani noted that organizations can protect themselves against cybercriminals by improving their internal communication channels.

“Businesses often struggle to remain vigilant against threats because they have too many tools operating in silo at once — and failing to communicate with each other,” he said, as quoted by Infosecurity Magazine. “By making sure that tools can work together and removing siloed security teams, organizations can find the right combination of people, process and technology to effectively protect data, detect threats and, when targeted, rapidly correct systems.”

Companies should implement security measures, as well as share threat intelligence with other organizations and law enforcement, to reduce the global cost of cybercrime.

 |  |  |  | 
David Bisson
Contributing Editor

More from

March 26, 2025

We are moving!

< 1 min read - SecurityIntelligence.com is being sunset, but have no fear!We have a new home for all of your favorite security and X-Force content.Follow us to www.ibm.com/think to maintain access to the stories and news you love, both new and old.Security Intelligence will officially sunset on Friday, March 28, 2025. To access the latest security thought leadership, go here. To access the latest X-Force research, go here.If you are experiencing cybersecurity issues or an incident, contact X-Force® to help:US hotline: 1-888-241-9812 | Global hotline:…

March 18, 2025

Bypassing Windows Defender Application Control with Loki C2

10 min read - Windows Defender Application Control (WDAC) is a security solution that restricts execution to trusted software. Since it is classified as a security boundary, Microsoft offers bug bounty payouts for qualifying bypasses, making it an active and competitive field of research.Typical outcomes of a WDAC bypass bug bounty submission:Bypass is fixed; possible bounty awardedBypass is not fixed but instead "mitigated" by being added to the WDAC recommended block list. Likely no bounty awarded but honorable mention is typically givenBypass is not…

March 4, 2025

FYSA — VMware Critical Vulnerabilities Patched

< 1 min read - SummaryBroadcom has released a security bulletin, VMSA-2025-0004, addressing and remediating three vulnerabilities that, if exploited, could lead to system compromise. Products affected include vCenter Server, vRealize Operations Manager, and vCloud Director.Threat TopographyThreat Type: Critical VulnerabilitiesIndustry: VirtualizationGeolocation: GlobalOverviewX-Force Incident Command is monitoring activity surrounding Broadcom’s Security Bulletin (VMSA-2025-0004) for three potentially critical vulnerabilities in VMware products. These vulnerabilities, identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, have reportedly been exploited in attacks. X-Force has not been able to validate those claims. The vulnerabilities…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature