Financial Fraud Tops Malware As Biggest Financial Drain - InformationWeek
Software // Enterprise Applications
05:16 PM

Financial Fraud Tops Malware As Biggest Financial Drain

This year's Computer Crime and Security Survey shows that financial fraud has overtaken viruses as the cause of the greatest amount of financial loss.

For years, IT managers have feared that a massive malware attack could drain their company's financial coffers.

But now, financial fraud has overtaken virus attacks as source of the greatest amount of financial losses, according to the 12th Annual Computer Crime and Security Survey. Financial fraud is estimated to cost surveyed businesses, government agencies and universities $21,124,750 this year alone. By comparison, malware is expected to cost the same enterprises $8, 391,800, according to the study, which is run by the Computer Security Institute.

While a total of 494 companies took part in the study, 194 companies willing to answer the monetary loss part of the survey added up to $66,930,950.

The study also showed that the average annual loss shot up to $350,424 from $168,000 last year. Not since the 2004 report have average losses been this high, according to Robert Richardson, director of the Computer Security Institute.

"We should keep in mind that losses reported in this survey were suffered by enterprises, not individual consumers," Richardson wrote in the report. "The biggest losses reported by organizations throughout most of the survey's history have been caused by computer viruses, but almost all respondents say they have anti-virus software and that software has gotten better and better over time... So whereas a virus such as 'ILOVEYOU' could wreak relative havoc in 2000, causing estimates that 45 million computers were affected in a single day, more recent years (including last year) have been relatively calm."

The Top 10 loss categories include:

  • Financial fraud: $21,124,750;
  • Malware: $8,391,800;
  • System penetration by an outsider: $6,875,000;
  • Theft of data, from all devices except mobile: $5,685,000;
  • Laptop or mobile hardware theft: $3,881,150;
  • Insider abuse of email or net access: $2,889,700;
  • Denial of service: $2,888,600;
  • Phishing (where the company is represented as the sender): $2,752,000;
  • Bots within the organization: $2,869,600, and
  • Theft of proprietary information from mobile device: $2,345,000.

The report also noted that the financial fraud and data loss categories together account for nearly half of the overall reported losses.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll