Security Bite: Annual cost of cybercrime to hit $9.2 trillion in 2024

Arin Waichulis | Apr 14 2024 - 9:19 am PT

Security Bite 9to5mac, macos Mac Adload malware

Cybercrime is on an unprecedented rise. A new Statista Market Insights survey predicts that the annual cost of cyberattacks will reach $9.2 trillion this year. For perspective, that’s about one-third of the United States’ GDP or 24 times Apple’s annual revenue in 2023.

Here’s what I’ve learned after calling up a few industry professionals.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

You’re reading Security Bite, a weekly security-focused column on 9to5Mac. Every Sunday, Arin Waichulis delivers insights on data privacy, uncovers vulnerabilities, and sheds light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices. Stay secure, stay safe.

According to the same Statista Market Insights survey, cybercrime costs have increased drastically in recent years, rising by 245% from $860 billion to $2.95 trillion between 2018 and 2020. Due to the pandemic, the cost doubled to $5.49 trillion in 2021, and it is expected to reach $8.15 trillion in 2023, with an annual increase of $1 trillion.

The global projected cost of cybercrime will reach $13.82 trillion in 2028.
*via Statista*

Cybercrime has become one of the largest illegal economies globally, affecting not only businesses and governments but also everyday people. The financial losses from cyberattacks include ransom payouts, lost productivity, system downtimes, data theft, etc.

So, why do cyberattacks, including ransomware attacks, data breaches, cyber espionage, and phishing, continue to grow exponentially despite our efforts to prevent and minimize threats?

Contributing factors

Growing attack surface: It’s a bit on the nose, but the continued proliferation of IoT devices has provided cybercriminals with a growing attack surface and more potential victims. This doesn’t exclude Mac users. As I mentioned in a previous Security Bite post, Jamf reported a 50% increase in new Mac malware families in 2023. Each of these families could have dozens of malware instances. Mac’s rising user base makes it a more attractive target for cybercriminals.

Geopolitics: Often, countries resort to cyberattacks to gain strategic advantages, disrupt critical infrastructure, or gather intelligence. With the conflict in Ukraine and Israel, we’re seeing a heightened escalation in high-profile state-sponsored attacks.
Cybersecurity skills shortage: Due to the skills shortage we’re experiencing, there are a significant number of unfilled cybersecurity positions. This means fewer professionals to monitor and defend against specific threats. The shortage of skilled professionals can also lead to increased workloads for existing staff, resulting in decreased productivity. Moreover, employee burnout. Threat actors count on this.
Low barrier of entry: The right combination of tough economic factors, quick financial gain, and low technical know-how has made ransomware-as-a-service (RaaS) very popular. This is a subscription-based model in which operators write the software, and affiliates pay to launch attacks using pre-built tools and packages. It allows people lacking the skill to develop their own ransomware to execute attacks. Unfortunately, RaaS kits are a dime a dozen on the dark web.
Lack of awareness: Many individuals and organizations remain vulnerable to cyber attacks due to a simple lack of awareness of the risks and consequences. In Jamf’s annual trends report mentioned above, 40% of its mobile users and 39% of organizations were running a device with known vulnerabilities. Of course, the popular Apple device management platform notified users, but this shows a lack of awareness that still exists.

How to protect your Mac

Keep your device up-to-date: Whether it’s an iPhone, Mac, or iPad, everyone should first keep the OS up-to-date with the latest security patch goodness. This will address known vulnerabilities that malware can exploit.
Use antivirus software: Macs aren’t invincible to malware! I’d recommend using Malwarebytes, which provides a free app for individuals that can detect and remove possible threats. Additionally, MacPaw’s CleanMyMac X now includes a malware removal tool powered by MoonLock.
Exercise caution when clicking: Email continues to be the most popular vertical for malware. Minimal effort for criminals, maximum success. 9% of phishing attacks were successful in 2023, up 1% in 2022, according to a recent report. As you know, exercise caution when clicking any links and opening attachments.
Enable firewall: Enabling your Mac’s firewall is the best way to prevent accepting unauthorized applications and services. This is helpful for managing incoming and outgoing connections.
Use strong (unique) passwords: Your dog’s name, followed by an exclamation mark, is not okay.
Enable disk encryption: On Mac, this is called FileVault and will encrypt all user data saved to disk on the fly. This will keep sensitive information safe in case your device is lost or stolen. According to Jamf’s report, this was disabled on 36% of client devices.
Limit user privileges: It is important to restrict user privileges to prevent unauthorized installation of software and to limit the potential impact of malware infections. See how to limit privileges on Mac here.