With the security perimeter bleeding into the entire internet, the 2021 Evil Internet Minute aims to illuminate the top threats facing organisations today and put the year’s cybersecurity research into context by framing it on a micro-scale.
The report examines industries like e-commerce, which saw a record $861.1 billion in sales yet faced $38,052 in losses to online payment fraud per minute. It also highlights the healthcare sector, which spent $13 per minute on digital security breaches.
The motives of cybercriminals include monetary gain, large-scale reputational damage, political motivations, and espionage.
Additional findings from the 2021 Evil Internet Minute include:
• $1,797,945 per minute: Lost to cybersecurity incidents
• $7.2 per minute: Average cost of a breach
• $280,060 per minute: Predicted cybersecurity spend
• $38,052 per minute: E-commerce losses to online payment fraud
• $13.3 per minute: Average cost of a breach in the healthcare industry
• $3,615 per minute: Amount lost to cryptocurrency scams
• 525,600 per minute: Records compromised
• 6 per minute: Organisations victimised by ransomware
• 1 every 31 minutes: Magecart hosts detected
• 613 per minute: New domains stood up
• 1 every 1.7 minutes: Vulnerable Microsoft Exchange (HAFNIUM) servers patched
• 1 every 5 minutes: Malicious mobile apps blocklisted
• 23 per minute: New mobile apps created
“Cybercrime is easier than ever to participate in. Better threat technology makes cybercriminals more effective and wealthier than ever before,” said RiskIQ CEO Lou Manousos. “We have compiled the vast numbers associated with cybercrime over the past year with help from our Internet Intelligence Graph and third-party sources to help businesses and researchers better understand what they’re up against.”
2020 saw unprecedented attacks leveraging vulnerabilities in SolarWinds and Microsoft Exchange, massive-scale incidents that challenged our notions of cybersecurity and the inner workings of the global threat landscape.
To defend their organisations, security teams need actionable security intelligence that provides a bird's eye view of the global attack surface and illuminates threats most relevant to their unique attack surface. Solutions must clearly show the nature of an organisation's internet relationships and how they fit into the broader global attack surface.
“We are grateful to see an analyst join the RiskIQ Community every 17 minutes to leverage data that gives them a unique vantage point of their organisations and the threats they face. We know that more knowledge and community participation makes a big difference in stopping threat actors in their tracks," Manousos added.