The report compares the results of a mass attack to those of a targeted attack. In a typical mass attack, a million emails may be sent out. Most will be blocked, but enough will get through that eight people are victimized for a loss of $2,000 each, or $16,000 total. If it costs $2,000 to conduct the attack, the criminal has made a profit of $14,000. But in a targeted attack, only 1,000 emails are sent, and only two people are victimized, but their losses are $80,000 each or $160,000 total. It may cost the criminal $10,000 to conduct that campaign, yielding a net profit of $150,000.
Cyber criminals are developing more sophisticated scams because profits are declining for conventional mass attacks, which are becoming less and less effective. Cisco estimates that profits from mass email attacks, which had been rising steadily between 2005 and 2010, fell by more than 50%, to $500 million, in June 2011, from $1.1 billion in June 2010.
"The tide turned tremendously at the end of 2010, tremendously in 2011, and we actually continue to expect criminal profits from these mass attacks to drop year over year," says Peterson. He attributes the decline to "botnet decapitation," taking down networks of computers used to launch attacks, as well as improved success by law enforcement in catching cyber criminals.
Enterprises have to protect against phishing attacks and other security threats to their networks, says Tom Gilles, VP and general manager of Cisco's security technology business unit. He says there also are security implications from two of the latest trends in enterprise IT: the consumerization of IT, in which workers bring personal devices into work to get access to the corporate network, and the emergence of cloud computing, in which data may be stored beyond the firewall.
"Taken together, these two trends mean that we have more people accessing more information and more people on the network than ever before, and it’s having an impact on how we build security solutions," Gilles says.
Cisco is expected to introduce new security products and services at its Cisco Live convention later this month in Las Vegas.
See more on this topic by subscribing to Network Computing Pro Reports Research: 2011 Strategic Security Survey (subscription required).
