9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
You’ve heard it time and time again–cybercrime is on an unpredicted rise. This encompasses everything from malware to online scams to intellectual property theft. And if you’re anything like me, it’s increasingly hard to grasp the exponentially climbing figures (hence the title of this week’s column). If the day ends in y, there’s some sort of data leak or hack in the news.
And it is Sunday, after all…
In today’s Security Bite, I want to again shed light on a recent Statista Market Insights survey that predicts the annual cost of cybercrime globally will reach $10.29 trillion by 2025. For perspective, that’s more than one-third of the United States’ GDP, which sits at $25.44 trillion as of writing.
The estimated cost of damage is calculated based on historical cybercrime data. According to the same Statista Market Insights survey, global cybercrime costs have increased drastically in recent years, rising by 245% from $860 billion to $2.95 trillion between 2018 and 2020.
The cost increased to $5.49 trillion in 2021, mainly due to the impact of the COVID-19 pandemic. This sudden increase resulted from companies transitioning to remote work and relying more on digital services, which significantly expanded hackers’ attack surface. Moreover, the cyberattack surface is expected to be ten times larger in 2025 than it is today.
The costs of cybercrime include data damage and destruction, stolen funds, reduced productivity, theft of intellectual property, personal and financial data, embezzlement, fraud, disruption to normal business operations following an attack, forensic investigation, restoration, and deletion of compromised data and systems, as well as reputational damage.
via Statista
Contributing factors
Growing attack surface: It’s a bit on the nose, but the continued proliferation of IoT devices and digital services has provided cybercriminals with a growing attack surface with more potential victims. This doesn’t exclude Mac users. As I mentioned in a previous Security Bite post, Jamf reported a 50% increase in new Mac malware families in 2023. Each of these families could have dozens of malware instances. In addition, Mac’s rising user base makes it a more attractive target for cybercriminals.
“I use Mac. Not because it’s more secure than everything else – because it is actually less secure than Windows – but I use it because it is still under the radar. People who write malicious code want the greatest return on their investment, so they target Windows systems. I still work with Windows in virtual machines”
Kevin Mitnick in his book “Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker”
Geopolitics: Often, countries resort to cyberattacks to gain strategic advantages, disrupt critical infrastructure, or gather intelligence. With the ongoing conflict in Ukraine and Israel, we’re seeing a heightened escalation in high-profile state-sponsored attacks.
Cybersecurity skills shortage: Due to the skills shortage we’re experiencing, there are a significant number of unfilled cybersecurity positions. This means fewer professionals to monitor and defend against specific threats. The shortage of skilled professionals can also lead to increased workloads for existing staff, resulting in decreased productivity. Moreover, employee burnout. Threat actors count on this.
Low barrier of entry: Ransomware, now the fastest-growing and most damaging type of cybercrime, has become a go-to method for hackers. The right combination of tough economic factors, quick financial gain, and low technical know-how has specifically made ransomware-as-a-service (RaaS) very popular for newbie cybercriminals. This is a subscription-based model in which more technical operators write the software, and affiliates pay to launch attacks using the pre-built tools and packages. It allows people lacking the skill to develop their own ransomware to execute attacks. Unfortunately, RaaS kits have become a dime a dozen on the dark web.
Lack of awareness: Many individuals and organizations remain vulnerable to cyber attacks due to a simple lack of awareness of the risks and consequences. In Jamf’s annual trends report mentioned above, 40% of its mobile users and 39% of organizations were running a device with known vulnerabilities. Of course, the popular Apple device management platform notified users, but this shows a lack of awareness that still exists.
More: Security Bite: Apple (finally) making it harder to override Gatekeeper is a telling move
FTC: We use income earning auto affiliate links. More.
Comments