Total reported cybercrime losses dropped slightly last year to just over $1.4bn, with ransomware reports falling sharply, according to the latest annual stats from the FBI.
The IC3 Internet Crime Report for 2017 claimed the FBI received just 1783 ransomware complaints last year, linked to losses of only $2.3m. That’s a big drop from the 2673 reports it processed in 2016 and the 2453 from 2015 and could indicate that organizations are failing to contact the authorities when infected.
“People are losing their confidence in government and law enforcement agencies to protect them from cyber-criminals,” argued High-Tech Bridge CEO, Ilia Kolochenko. “At the end of the day, private cybersecurity companies will most likely benefit, as people consider them as a more reliable alternative to the government. However, the long-standing authority of government may be undermined due to its inability to ensure the security of its citizens in the digital space.”
However, reports this year have suggested that cyber-criminals are increasingly eschewing ransomware in favor of easier ways to make money such as crypto-jacking.
The top money-earner from 2017 was BEC, netting the black hats over $675m from 15,690 complaints, an average pay-out of over $43,000 per attack.
The next most lucrative attack types of 2017 were confidence/romance fraud ($211m) and non-payment/non delivery ($141m).
The latter also topped the top three most popular attacks, with the FBI receiving over 84,000 complaints last year, followed by personal data breaches (30,904) and phishing (25,344).
Overall losses of $1.42bn were topped by 2016’s total of $1.45bn, bringing the total since 2013 to $5.5bn and over 1.4m complaints.
Perhaps unsurprisingly, the over 60s represent the most frequently targeted age group (49,523) and those suffering the biggest cumulative losses ($343m).
Outside the US, the top victim countries were Canada (3164 cases), India (2819) and the UK (1383).