9to5Mac Security Bite is brought to you exclusively by Mosyle, the only unified Apple platform. We keep Apple devices ready and enterprise-grade. Our unique integrated approach to management and security combines cutting-edge Apple-specific security solutions for fully automated hardening & compliance, next-generation EDR, AI-powered Zero Trust and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a fully automated Apple Unified Platform that is currently trusted by over 45,000 organizations to get millions of Apple devices ready effortlessly and at an affordable cost. Request your EXTENDED TRIAL today and find out why Mosyle is everything you need to work with Apple.

You’ve heard it many times before – cybercrime is on the rise at unpredictable rates. This includes everything from malware to online fraud to intellectual property theft. And if you’re anything like me, it’s increasingly difficult to comprehend the exponentially increasing numbers (hence the title of this week’s column). When the day ends in jThere are reports in the news about data leaks or hacker attacks.

And it is Sunday after all…

In today’s Safety biteI would like to reiterate a recent survey by Statista Market Insights, which predicts that the annual cost of cybercrime worldwide will reach $10.29 trillion by 2025. For comparison, that’s more than a third of the United States’ GDP, which stands at $25.44 trillion at the time of this writing.

The estimated cost of damage is calculated based on historical cybercrime data. According to the same Statista Market Insights survey, the global cost of cybercrime has increased dramatically in recent years, increasing by 245% from $860 billion to $2.95 trillion between 2018 and 2020.

The cost rose to $5.49 trillion in 2021, mainly due to the impact of the COVID-19 pandemic. This sudden increase is due to companies switching to remote work and relying more on digital services, which significantly increased the attack surface for hackers. In addition, the cyber attack surface is expected to be ten times larger in 2025 than it is today.

The costs of cybercrime include data corruption and destruction, stolen funds, lost productivity, theft of intellectual property, personal and financial information, embezzlement, fraud, disruption to normal business operations following an attack, forensic investigations, recovery and deletion of compromised data and systems, and reputational damage.

Influencing factors

Growing attack surface: It may sound a bit superficial, but the increasing proliferation of IoT devices and digital services has provided cybercriminals with an ever-larger attack surface with more potential victims. This does not exclude Mac users. As I mentioned in a previous article, Safety bite Jamf reported in this post a 50% increase in new Mac malware families in 2023. Each of these families could contain dozens of malware instances. In addition, the Mac’s growing user base makes it a more attractive target for cybercriminals.

“I use Mac. Not because it’s more secure than anything else – because it’s actually less secure than Windows – but because it’s still under the radar. People who write malicious code want to get the most value out of their investment, so they target Windows systems. I still run Windows in virtual machines.”

Kevin Mitnick in his book “Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker”

Geopolitics: Countries often resort to cyberattacks to gain strategic advantages, disrupt critical infrastructure, or gather intelligence. With the ongoing conflict in Ukraine and Israel, we are witnessing an increasing escalation of spectacular state-sponsored attacks.

Lack of cybersecurity professionals: Due to the skills shortage we are experiencing, there are a significant number of unfilled cybersecurity positions. This means fewer professionals who can monitor and defend against specific threats. The lack of skilled professionals can also lead to increased workloads on existing staff, resulting in lower productivity. In addition, it can lead to employee burnout. Threat actors are banking on this.

Low barrier to entry: Ransomware, the fastest-growing and most damaging form of cybercrime, has become a popular method for hackers. The right combination of hard economic factors, quick financial gain, and low technical know-how has made Ransomware-as-a-Service (RaaS) very popular, especially among novice cybercriminals. It is a subscription-based model where more technically savvy operators write the software and pay partners to carry out attacks using the ready-made tools and packages. This allows even people who lack the skills to develop their own ransomware to carry out attacks. Unfortunately, RaaS kits are now a dime a dozen on the dark web.

Lack of awareness: Many individuals and organizations remain vulnerable to cyberattacks because they are simply unaware of the risks and consequences. In Jamf’s annual trends report mentioned above, 40% of mobile users and 39% of organizations were using a device with known vulnerabilities. Of course, Apple’s popular device management platform has notified users, but this shows that a lack of awareness still exists.

More: Security Bite: Apple (finally) making it harder to override Gatekeeper is a significant step