4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Cybersecurity  Data  Statistics  and Glossaries April 20  2017  R43310   Jump to Main Text of Report Contents Data and Statistics Cybersecurity  Glossaries  Lexicons  and Guidance Tables Table 1  Data and Statistics  Cyber Incidents  Data Breaches  Cybercrime Table 2  Glossaries  Lexicons  and Guidance Pertaining to Cybersecurity Concepts Summary This report describes data and statistics from government  industry  and information technology  IT  security firms regarding the current state of cybersecurity threats in the United States and internationally  These include incident estimates  costs  and annual reports on data security breaches  identity thefts  cybercrimes  malware and network securities Much is written on this topic  and this CRS report directs the reader to authoritative sources that address many of the most prominent issues  The annotated descriptions of these sources are listed in reverse chronological order  with an emphasis on material published in the last several years  Included are resources and studies from government agencies  federal  state  local  and international  think tanks  academic institutions  news organizations  and other sources The following reports comprise a series of authoritative reports and resources on these additional cybersecurity topics CRS Report R44405  Cybersecurity  Overview Reports and Links to Government  News  and Related Resources  by  author name scrubbed CRS Report R44406  Cybersecurity  Education  Training  and R D Authoritative Reports and Resources by  author name scrubbed CRS Report R44408  Cybersecurity  Cybercrime and National Security Authoritative Reports and Resources  by  author name scrubbed CRS Report R44410  Cybersecurity  Critical Infrastructure Authoritative Reports and Resources  by author name scrubbed CRS Report R44417  Cybersecurity  State  Local  and International Authoritative Reports and Resources by  author name scrubbed CRS Report R44427  Cybersecurity  Federal Government Authoritative Reports and Resources  by author name scrubbed CRS Report R43317  Cybersecurity  Legislation  Hearings  and Executive Branch Documents  by  author name scrubbed Cybersecurity  Data  Statistics  and Glossaries https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 1 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Data and Statistics1 This section describes data and statistics from government  industry  and information technology  IT  security firms regarding the current state of cybersecurity threats in the United States and internationally  These include incident estimates  costs  and annual reports on data security breaches  identity thefts  cybercrimes  malwares and network securities Table 1  Data and Statistics  Cyber Incidents  Data Breaches  Cybercrime Continuously updated reports are listed in alphabetical order by source  followed by reports in reverse­ chronological order Title Date Source Pages Notes Akamai monitors global Internet conditions around the clock  With this real­time data we identify the global Real­Time Web Monitor  Global Continuously Akamai N A regions with the greatest attack traffic Attack Traffic  ­ Map Updated cities with the slowest web connections latency  and geographic areas with the most web traffic  traffic density Continuously Anubis Provides real­time threat intelligence The Cyberfeed N A Updated Networks data worldwide The map is powered by data fed from 270  ISP customers worldwide who have agreed to share network traffic and attack statistics  The map displays Continuously global activity levels in observed attack Digital Attack Map Arbor Networks N A Updated traffic  which is collected anonymously and does not include any identifying information about the attackers or victims involved in any particular attack Akamai monitors global Internet Continuously conditions around the clock  The map Real­Time Web Monitor Akamai N A Updated identifies the global regions with the greatest attack traffic The index of developing countries' ability to withstand cyberattacks and Booz Allen build strong digital economies  rates the Hamilton and countries on their legal and regulatory Continuously Cyber Power Index the Economist N A frameworks  economic and social Updated Intelligence issues  technology infrastructure  and Unit industry  The index puts the United States in the no  2 spot  and the United Kingdom in no  1 Web Hacking Incidents Database Continuously Breach Security N A The web hacking incident database Updated Inc WHID  is a project dedicated to maintaining a list of web application­ related security incidents  The WHID's purpose is to serve as a tool for raising awareness of the web application security problem and provide https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 2 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html information for statistical analysis of web application security incidents Unlike other resources covering website security  which focus on the technical aspect of the incident  the WHID focuses on the impact of the attack  To be included in WHID an incident must be publicly reported  be associated with web application security vulnerabilities and have an identified outcome This timeline records significant cyber Center for events since 2006  It focuses on Significant Cyber Incidents Continuously Strategic and successful attacks on government 15 Since 2006 Updated International agencies  defense and high tech Studies  CSIS companies  or economic crimes with losses of more than $1 million The quarterly report covers the business of cybersecurity  including market sizing and industry forecasts Continuously Cybersecurity from research by IT analyst firms Cybersecurity Market Report N A Updated Ventures emerging trends  employment  the federal sector  hot companies on the Cybersecurity 500 list  notable M A investment and IPO activity  and more Provides a real­time visualization and Overview of Current Cyber Continuously Deutsche map of cyberattacks detected by a Attacks  N A Updated Telekom network of 180 sensors placed around logged by 180 Sensors the world As required by Section 13402 e 4  of the HITECH Act  the Secretary must list breaches of unsecured protected health information affecting 500 or more individuals  These breaches are now posted in a new  more accessible Department of format that allows users to search and Breaches Affecting 500 or More Continuously Health and N A sort the breaches  Additionally  this Individuals Updated Human Services new format includes brief summaries of breach cases that OCR has investigated and closed  as well as the names of private practice providers who have reported breaches of unsecured protected health information to the Secretary           Advanced Threat Report Continuously FireEye https www fireeye com current­ Updated threats annual­threat­report html annual reports N A FireEye gathers and publihes threat intelligence gathered from millions of virtual machines in customer deployments  Expert analysts monitor interpret  and package the data to better arm the public against cyber attackers These annual threat reports include https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 3 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html HoneyMap Continuously Honeynet Updated Project N A Data Breaches Identity Theft Continuously Resource Updated Center  ITRC N A World's Biggest Data Breaches visualization Continuously Information is Updated Beautiful N A Cytherthreat  Real­Time Map Continuously Kaspersky Labs N A Updated McAfee Research   Reports multiple Continuously McAfee Updated Regional Threat Assessment Continuously Microsoft Infection Rates and Threat Updated Security Trends by Location Regional Intelligence Threat Assessment  Infection Report  SIR Rates and Threat Trends by Location  Note  Select  All Regions  or a specific country or N A N A global and regional threat intelligence on industry trends as well as detailed malware analyses The HoneyMap displays malicious attacks as they happen  Each red dot on the map represents an attack on a computer  Yellow dots represent honeypots  or systems set up to record incoming attacks  The black box on the bottom gives the location of each attack  The Honeynet Project is an international 501c3 nonprofit security research organization  dedicated to investigating the latest attacks and developing open source security tools to improve Internet security The ITRC breach list is a compilation of data breaches confirmed by various media sources and notification lists from state governmental agencies  This list is updated daily and published each Tuesday  To qualify  breaches must include personally identifiable information that could lead to identity theft  especially Social Security numbers  ITRC follows U S  federal guidelines about what combination of personal information comprises a unique individual  The exposure of this information constitutes a data breach Selected data losses greater than 30 000 records Kaspersky Labs has launched an interactive cyberthreat map that lets viewers see cybersecurity incidents as they occur around the world in real time  The interactive map includes malicious objects detected during on­ access and on­demand scans  email and web antivirus detections  and objects identified by vulnerability and intrusion detection sub­systems Links to reports by the company on cybersecurity threats  malware cybercrime  and spam Data on infection rates  malicious websites  and threat trends by regional location  worldwide https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 4 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html region to view threat assessment reports ThreatWatch Continuously NextGov Updated N A DataLossDB Continuously Open Security Updated Foundation N A Chronology of Data Breaches Security Breaches 2005 to the Present Continuously Privacy Rights N A Updated Clearinghouse Global Botnet Map Continuously Trend Micro Updated What the Public Knows About Cybersecurity March 22 2017 Pew Research Center N A 18 ThreatWatch is a snapshot of the data breach intrusions against organizations and individuals  globally  on a daily basis  It is not an authoritative list because many compromises are never reported or even discovered  The information is based on accounts published by outside news organizations and researchers The Open Security Foundation's DataLossDB gathers information about events involving the loss  theft  or exposure of personally identifiable information  PII  DataLossDB's dataset  in current and previous forms has been used in research by numerous educational  governmental  and commercial entities  which often have been able to provide statistical analysis with graphical presentations The  U S ­only  data breaches have been reported because the personal information compromised includes data elements useful to identity thieves  such as Social Security numbers  account numbers  and driver's license number The list is not a comprehensive compilation of all breach data Reported incidents affecting more than nine individuals from an identifiable entity are included Trend Micro continuously monitors malicious network activities to identify command­and­control  C C  servers and help increase protection against botnet attacks  The real­time map indicates the locations of C C servers and victimized computers they control that have been discovered in the previous six hours Most Americans lack a basic understanding of online security measures  Although most of the people responding to the survey were able to identify string passwords from a list and knew that public Wi­Fi is not safe just one­third knew what HTTPS is and just one­tenth were able to identify two­factor authentication  The survey of 1 055 American adults consisted of a https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 5 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html IBM X­Force Threat Intelligence Index 2017  The Year of the March 2017 IBM Security Mega­Breach  registration required In 2017  The Insider Threat Epidemic Begins February 2017 Institute for Critical Infrastructure Technology Emerging Cyber Threats  Trends December and Technologies for 2017 2016 Georgia Institute of Technology Institute for Information Security and Privacy 2016 Norton Cybersecurity Insights Report November 23  2016 Symantec The 2016 Cyber Resilient Organization  Executive Summary November 16  2016 Ponemon Institute and IBM 13­question online quiz  The median score was 5 5 In 2016  more than 4 billion personal records were leaked worldwide exceeding the combined total from the two previous years  The leaked documents comprised the usual credit cards  passwords  and personal health N A information  but the report also notes a shift in cybercriminal strategies finding a number of significant breaches were related to unstructured data  such as email archives  business documents  intellectual property  and source code   30 pages The report offers a comprehensive analysis of the Insider Threat Epidemic including research on  1 Characterizing Insider Threats  the insider threat cyber  kill chain  non­ 52 malicious insider threats  malicious insider threats ;  2  The Insider Threat Debate;  3  Policies  Procedures  and Guidelines to Combat Insider Threats; 4  Non­Technical Controls; and  5 Technical Controls The report discusses emerging cyber threats  trends and technologies for the year 2017  The report is broken down into several sections that discuss emerging threats and trends  such as the 20 privacy technology nexus  e­voting systems  ransomware  global information manipulation  healthcare fraud  and dual­use technologies  The report offers solutions to the topics that are derived from experts in the field Researchers surveyed 20 907 consumers in 21 markets  76% of respondents said they know they should actively protect their information online  but still engaged in risky behaviors  including sharing 9 passwords  The report found that globally  35% of people said they have at least one unprotected device vulnerable to ransomware and phishing attacks  and that within the last year 689 million people in 21 countries experienced a cybercrime 5 Cyber resilience is an organization's ability to maintain its core purpose and integrity in the face of cyberattacks https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 6 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Q3 State of the Internet  Security Report November 15  2016 Akamai 40 The global survey features insight from more than 2 400 security and IT professionals from around the world including the United States  United Kingdom  France  Germany  United Arab Emirates  Brazil  and Australia Only 32% of IT and security professionals say their organization has a high level of Cyber resilience—down slightly from 35% in 2015  The 2016 study also found that 66% of respondents say their organization is not prepared to recover from cyberattacks Akamai says it confronted 19  mega attacks  in the third quarter of this year including the two biggest it has ever encountered in history  The prime targets for the 19 mega attacks  which Akamai defines as those that reach over 100 Gbps  were media and entertainment companies  even though gaming and software firms were also hit The two record­breaking attacks reaching 623 Gbps and 555 Gbps  were directed at security blogger Brian Krebs  The attacks succeeded in taking down Krebs' website until Jigsaw  a unit of Google's parent company Alphabet GOOG  deployed its Project Shield service to deflect the attack A survey of 2 000 security officers representing large enterprises worldwide reveals that  on average  an organization will face more than a Building Confidence  Facing the November 1 hundred focused and targeted breach Accenture 8 Cybersecurity Conundrum 2016 attempts every year  and respondents say one in three of these will result in a successful security breach  The report states that is two to three effective attacks per month Researchers found that the typical cost of a breach was about $200 000 and that most cyber events cost companies Examining the Costs and Causes October 10 RAND 15 less than 0 4% of their annual revenues of Cyber Incidents 2016 The $200 000 cost was roughly equivalent to a typical company's annual information security budget Measuring the Financial Impact September Kaspersky Labs N A The survey reveals that on average  a of IT Security on Businesses 13  2016 single cybersecurity incident now costs large businesses a total of $861 000 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 7 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Meanwhile  small and medium businesses  SMBs  pay an average of $86 500  To assess the state of the security landscape in the United States and across the world  Kaspersky Lab looked at the attitudes toward security the cost of data breaches and the losses incurred from incidents  According to the survey results  nearly half  49%  of U S  businesses  and over half globally 52%  assume that their IT security will be compromised at some point The research seeks to examine the composition and costs of cyber events and attempts to address whether there are incentives for firms to improve their security practices and reduce the risk of attack   Specifically  we examine a sample of over 12 000 cyber events that include data breaches  security Examining the costs and causes August 25 Journal of incidents  privacy violations  and 15 of cyber incidents 2016 Cybersecurity phishing crimes  First  we analyze the characteristics of these breaches  such as causes and types of information compromised  We then examine the breach and litigation rate  by industry and identify the industries that incur the greatest costs from cyber events  We then compare these costs to bad debts and fraud within other industries The infographic displays data breach statistics  legal responsibility Legal Issues in Cybersecurity August 24 Labyrinth Law N A information  a brief list of regulatory and Data Privacy  Infographic 2016 enforcement actions  and mitigating threat suggestions Public­sector data breaches exposed some 28 million identities in 2015  but hackers were responsible for only one­ third of those compromises  according to new research  Negligence was 2016 Internet Security Threat April 8  2016 Symantec 98 behind nearly two­thirds of the exposed Report   Government identities through government agencies In total  the report suggests 21 million identities were compromised accidentally  compared with 6 million by hackers 2016 Data Breach Investigations April 2016 Verizon 85 This report covers 100 000  incidents Report  annual including 2 260 analyzed breaches across 82 countries   In 93% of cases  it took attackers minutes or less to compromise systems  Organizations meanwhile  took weeks or more to discover that a breach had even https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 8 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Data Breach Digest  Scenarios from the Field March 3 2016 Emerging Cyber Threats Report November 2016 2015 2015 Global Report on the Cost October 8 of Cybercrime 2015 Verizon 84 Georgia Institute of Technology Cybersecurity Summit 2015 20 HP Enterprise Security and Ponemon 30 occurred â€” and it was typically customers or law enforcement that sounded the alarm  not their own security measures The report is a set of 18 case studies chosen to represent the most common and destructive types of incidents seen over the past eight years  For each incident  the report reveals the events leading up to the breach  details of the investigation and the how Verizon helped the organization recover  The incidents include a water utility at which intruders managed to manipulate water treatment processes and flow; a developer who outsourced his work to China; and pirates  the seafaring variety  who used information stolen from a shipping company's computers to target specific containers on vessels they boarded Nearly two dozen cybersecutity experts from Georgia Tech  business government and defense  share their observations about emerging trends in a more connected world—where cyberattacks grow more persistent and sophisticated by the day  Key findings included the privacy tug­of­war between individuals and organizations has become a tug with no war; exponential growth in the Internet of Things over the past two years creates a larger cyberattack surface; the digital economy is growing more complex while a lack of highly trained security workers persists worldwide; and cyber espionage shows no sign of abating The study found that a benchmark sample of U S  organizations experienced an average cost of cybercrime of $15 million  The study shows that since 2009  the average cost of cybercrime per organization per year increased by 82%  This year the range was anywhere between $1 9 million and $65 million each year per company  While annualized cost increases as organizational size increases  small organizations incur more than double the per­capita cost than large organization  experiencing https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 9 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Follow the Data  Dissecting Data September Breaches and Debunking Myths 22  2015 Trend Micro E­mail Account Compromise EAC FBI Internet Crime Complaint Center  IC3 August 27 2015 Criminals Continue to Defraud and Extort Funds from Victims June 23 Using CryptoWall Ransomware 2015 Schemes FBI Internet Crime Complaint Center  IC3 2015 Cost of Data Breach Global Analysis Ponemon Institute IBM May 27 2015 $1 571 in costs per seat compared with a larger organization's $667 per seat Trend Micro's Forward­Looking Threat Research  FTR  Team has taken 10 years of information on data breaches in the United States from the Privacy Rights Clearinghouse  PRC   from 2005 through 2015  and subjected it to detailed analysis to better understand the real story behind data breaches and their trends  The study identifies a N A number of deeper trends such as 1 hacking or malware attacks account for the single greatest cause of data loss with portable device loss at a close second   2 PII is the data most likely stolen with financial data second  and 3  credentials are not the most commonly stolen data  but the most likely data to lead to additional types of data loss The FBI warned about a significant spike in victims and dollar losses stemming from an increasingly common scam in which crooks spoof communications from executives at the victim firm in a bid to initiate N A unauthorized international wire transfers  According to the FBI  thieves stole nearly $750 million in such scams from more than 7 000 victim companies in the United States between October 2013 and August 2015 Between April 2014 and June 2015  the CryptoWall ransomware cost Americans more than $18 million  The money was spent not only on ransoms which range from $200 to $10 000 N A apiece  but also on  network mitigation network countermeasures  loss of productivity  legal fees  IT services  or the purchase of credit monitoring services for employees or customers 31 According to the study of 350 companies spanning 11 countries  the average consolidated total cost of a data breach is $3 8 million  representing a 23% increase since 2013 The study also found that the average cost incurred for each lost or stolen record containing sensitive and confidential information increased 6% from a consolidated average of $145 to $154  Health care https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 10 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 2015 Data Breach Investigations April 14 Report  DBIR 2015 Verizon HIPAA breaches  The list keeps March 12 growing 2015 Healthcare IT News Federal Information Management Security Act Annual Report to Congress February 27 Office of 2015 Management and Budget OMB emerged as the industry with the highest cost per stolen record with the average cost for organizations reaching as high as $363  Additionally  retailers have seen their average cost per stolen record jump dramatically from $105 last year to $165 in this year's study A full three­quarters of attacks spread from the first victim to the second in 24 hours or less  and more than 40% spread from the first victim to the second in under an hour  On top of the speed with which attackers compromise multiple victims  the useful lifespan of 70 shared information can sometimes be measured in hours  Researchers also found that of the IP addresses observed in current information sharing feeds only 2 7% were valid for more than a day  and the number dwindles from there  Data show that information sharing has to be good to be effective More than 41 million people have had their protected health information compromised in Health Insurance Portability and Accountability Act HIPAA  privacy and security breaches Using data from the Department of N A Health and Human Services  which includes HIPAA breaches involving more than 500 individuals  reported by 1 149 covered entities and business associates  the website compiled a sortable  searchable list 100 The number of actual cybersecurity incidents reported by federal agencies to the DHS decreased last year  Data show the total bulk number of incident reports sent by the largest 24 agencies to US­CERT going up by about 16% during FY2014 from the year before But when two significant categories from that data set are removed— non­cybersecurity incidents  and other — the number actually shows a decrease of about 6%  Non­ cybersecurity incidents involve the mishandling of personality identifiable information  but without a cybersecurity component  meaning the data breach likely occurred through a misplaced paper document  Incidents classified as  other  are things such as https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 11 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 2014 Global Threat Intel Report February 6 2015 CrowdStrike 77 Incident Response Vulnerability February Coordination in 2014 2015 ICS CERT Monitor 15 CISCO 2015 Annual Security Report  free registration required January 20 2015 Cisco 53 The Cost of Malware Containment January 20 2015 Ponemon Institute   scans  blocked attempts at access and miscellaneous events  Reported incidents of actual serious cybersecurity issues  such as malware suspicious network activity and improper usage  declined last year  Real threats that did increase in recorded number include social engineering unauthorized access  and denial­of­ service attacks This report summarizes CrowdStrike's year­long daily scrutiny of more than 50 groups of cyber threat actors including 29 different state­sponsored and nationalist adversaries  Key findings explain how financial malware changed the threat landscape and point of sale malware became increasingly prevalent  The report also profiles a number of new and sophisticated adversaries from China and Russia including Hurricane Panda  Fancy Bear  and Berserk Bear In FY2014  the Industrial Control Systems Cyber Emergency Response Team  ICS­CERT  received and responded to 245 incidents reported by asset owners and industry partners  The Energy sector led all others again in 2014 with the most reported incidents ICS­CERT's continuing partnership with the Energy sector provides many opportunities to share information and collaborate on incident response efforts  Also noteworthy in 2014 were the incidents reported by the Critical Manufacturing sector  some of which were from control systems equipment manufacturers Government agencies worldwide compared with banks and many other companies  are better able to cope when the inevitable data breach occurs according to the study on advances in cybersecurity  About 43% of the public sector falls into the  highly sophisticated  security posture segment  The best security stances can be found within the telecommunications and energy sectors tied at 47% According to the study  organizations typically received nearly 17 000 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 12 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html malware alerts weekly  which pose a taxing and costly endeavor  Of those alerts  only 3 218 were considered to be actionable and only 705  or 4%  were investigated  An average of 395 hours is wasted weekly investigating and containing malware due to false positives or false negatives  costing participating organizations an estimated $1 27 million yearly in average value of lost time The 2014 global study of U S ­based companies  spanning seven nations found that over the course of a year  the HP Enterprise average cost of cybercrime for 2014 Global Report on the Cost October 8 Security and companies in the United States climbed 31 of Cybercrime 2014 Ponemon by more than 9% to $12 7 million up Institute from $11 6 million in the 2013 study The average time to resolve a cyberattack is also rising  climbing to 45 days from 32 days in 2013 The Global State of Information Security Survey  GSISS  on which the report is based  surveyed more than 9 700 respondents worldwide and detected that the number of cyber incidents increased at a compound annual rate of 66% since 2009  As the frequency of cyber incidents have risen so too has the reported costs of Managing Cyber Risks in an managing and mitigating them Interconnected World  Key September Pricewaterhouse Globally  the estimated average Findings from the Global State 31 30  2014 Coopers  PwC financial loss from cyber incidents was of Information Security Survey $2 7 million  a 34% increase over 2013 2015 Big losses have also been more common  with the proportion of organizations reporting financial hits in excess of $20 million  nearly doubling Despite greater awareness of cybersecurity incidents  the study found that global information security budgets actually decreased 4% compared with 2013 In 2013  there were more than 600 data breaches  with an average organization How Consumers Foot the Bill August 7 cost of more than $5 million  But in the NextGov com N A for Data Breaches  infographic 2014 end  it is the customers who are picking up the tab  from higher retail costs to credit card reissue fees Is Ransomware Poised for July 14  2014 Symantec N A Ransomware usually masquerades as a Growth virtual  wheel clamp  for the victim's computer  For example  pretending to be from the local law enforcement  it https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 13 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Critical Infrastructure  Security Preparedness and Maturity July 2014 Unisys and Ponemon Institute The Value of a Hacked Email Account June 13 2014 Krebs on Security Online Trust Honor Roll 2014 June 11 2014 Online Trust Alliance June 2014 CSIS and McAfee Net Losses  Estimating the Global Cost of Cybercrime might suggest the victim had been using the computer for illicit purposes and to unlock it the victim would have to pay a fine—often between $100 and $500  Ransomware escalated in 2013 with a 500%  six­fold  increase in attack numbers between the start and end of the year Unisys and Ponemon Institute surveyed nearly 600 IT security executives of utility  energy  and manufacturing organizations  Overall  the report finds organizations are simply not prepared 34 to deal with advanced cyber threats Only half of companies have actually deployed IT security programs and according to the survey  the top threat actually stems from negligent insiders From the blog   One prominent credential seller in the underground peddles iTunes accounts for $8  and Fedex com  Continental com  and United com accounts for USD $6 Groupon com accounts fetch $5  while $4 buys hacked credentials at registrar and hosting provider Godaddy com  as well as wireless providers ATT com N A Sprint com  Verizonwireless com  and Tmobile com  Active accounts at Facebook and Twitter retail for just $2 50 apiece   S ome crime shops go even lower with their prices for hacked accounts  charging between $1 and $3 for active accounts at dell com overstock com  walmart com tesco com  bestbuy com and target com etc Out of nearly 800 top consumer websites evaluated  30 2% made the Honor Roll  which distinguishes them in best practices for safeguarding data N A in three categories  domain brand protection  privacy  and security Conversely  nearly 70% did not qualify for the Honor Roll  with 52 7% failing in at least one of the three categories 24 This report explores the economic impact of cybercrime  including estimation  regional variances  IP theft opportunity and recovery costs  and the future of cybercrime  Cybercrime costs the global economy up to $575 billion annually  with the United States taking https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 14 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html a $100 billion hit  the largest of any country  That total is up to 0 8% of the global economy  For the United States the estimated $100 million cost means 200 000 lost jobs  and is almost half of the total loss for the G­8 group of Western countries 2014 U S  State of Cybercrime Survey May 29 2014 PwC  CSO Magazine  the U S  Computer Emergency Readiness Team CERT Division of the Software 21 Engineering Institute at Carnegie Mellon University  and the U S  Secret Service The Target Breach  by the Numbers May 6  2014 Krebs on Security Website Security Statistics Report April 15 2014 WhiteHat Security Linking Cybersecurity Policy and Performance  Microsoft February 6 2013 Microsoft Trustworthy The cybersecurity programs of U S organizations do not rival the persistence  tactical skills  and technological prowess of their potential cyber adversaries  In 2013  three in four 77%  respondents to the survey detected a security event in the past 12 months  and more than a third  34% said the number of security incidents detected increased over the previous year A synthesis of numbers associated with the Target data breach of December 19 2013  e g  number of records stolen estimated dollar cost to credit unions N A and community banks  amount of money Target estimates it will spend upgrading payment terminals to support Chip­and­PIN enabled cards WhiteHat researchers examined the vulnerability assessment results of the more than 30 000 websites under WhiteHat Security management to measure how the underlying programming languages and frameworks perform in the field  The report yields findings to specific languages that are most prone to specific classes of attacks  for how 22 often and how long  as well as a determination as to whether popular modern languages and frameworks yield similar results in production websites  The popularity and complexity of  Net  Java  and ASP mean that the potential attack surface for each language is larger; as such 31% of vulnerabilities were observed in Net  28% were found in Java  and 15% were found in ASP 27 Introduces a new methodology for examining how socioeconomic factors https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 15 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html Releases Special Edition Security Intelligence Report Computing Revealed  Operation Shady RAT an Investigation of Targeted Intrusions into 70  Global August 2 Companies  Governments  and 2011 Non­Profit Organizations During the Last 5 Years McAfee Research Labs 14 A Good Decade for Cybercrime December McAfee's Look Back at Ten 29  2010 Years of Cybercrime McAfee 11 in a country or region impact cybersecurity performance  examining measures such as use of modern technology  mature processes  user education  law enforcement and public policies related to cyberspace  This methodology can build a model that will help predict the expected cybersecurity performance of a given country or region A comprehensive analysis of victim profiles from a five­year targeted operation that penetrated 72 government and other organizations most of them in the United States  and copied everything from military secrets to industrial designs A review of the most publicized pervasive  and costly cybercrime exploits from 2000 to 2010 Note  Statistics and other information are from the source publications and have not been independently verified by the Congressional Research Service  CRS Cybersecurity  Glossaries  Lexicons  and Guidance Table 2 contains descriptions of and links to glossaries of useful cybersecurity terms  including those related to cloud computing and cyber warfare Table 2  Glossaries  Lexicons  and Guidance Pertaining to Cybersecurity Concepts Title Sideways Dictionary Hacker Lexicon Source Date Washington Post and Ongoing Jigsaw Wired com Ongoing Pages Notes N A Defines cyber and technology terms using nontechnical analogies Hacker Lexicon is WIRED's explainer series that seeks to de­ N A mystify the jargon of information security  surveillance  and privacy Organization for Security Global Cyber A compilation of definitions of cybersecurity  or information and Co­ November Definitions N A security  terms  The website also includes a submission form to operation in 2014 Database share new or additional definitions Europe OSCE Compilation of Broadly  the documents analyzed for this report fall into one of Existing five categories  national strategies and documents by Cybersecurity governments  documents from regional and global and New October 126 intergovernmental organizations  including member state Information America 2014 submissions to the United Nations General Assembly  UNGA Security and international private and intergovernmental standards Related bodies as well as dictionaries Definitions https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 16 18 4 26 2017 Glossary of Key Information Security Terms Revision 2 NIST Cloud Computing Reference Architecture Glossary of Key Information Security Terms https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html May 2013 222 National Institute of Standards and Technology NIST Besides providing some 1 500 definitions  the glossary offers a source for each term from either a NIST or Committee for National Security Systems  CNSS  publication  The committee is a forum of government agencies that issues guidance aimed at protecting national security systems NIST September 35 2011 Provides guidance to specific communities of practitioners and researchers NIST May 31 2013 The glossary provides a central resource of terms and definitions most commonly used in NIST information security publications and in CNSS information assurance publications CIS Consensus Center for Security Internet Metrics Security 211 November 175 1  2010 Joint Chairman of Terminology the Joint November 16 for Cyberspace Chiefs of 1  2010 Operations Staff November Department of 8  2010 Defense Chairman of as Dictionary of the Joint amended 547 Military and Chiefs of through Associated Staff September Terms 15  2013 Department of Homeland DHS Risk Security September 72 Lexicon DHS  Risk 2010 Steering Committee Provides recommended technical control rules values for hardening operating systems  middleware and software applications  and network devices  The recommendations are defined via consensus among hundreds of security professionals worldwide   Free registration required This lexicon is the starting point for normalizing terms in all DOD cyber­related documents  instructions  CONOPS  and publications as they come up for review Provides joint policy and guidance for Information Assurance IA  and Computer Network Operations  CNO  activities The lexicon promulgates a common language  consistency and clear understanding with regard to the usage of terms by the risk community across the DHS Source  Highlights compiled by CRS from the reports Author Contact Information author name scrubbed  Information Research Specialist  email address scrubbed   phone number scrubbed Key Policy Staff See CRS Report R42619  Cybersecurity  CRS Experts  by  author name scrubbed  for the names and contact information for CRS experts on policy issues related to cybersecurity Footnotes 1 For lists of legislation and hearings in the 112th­114th Congresses  executive orders  and presidential https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 17 18 4 26 2017 https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html directives  see CRS Report R43317  Cybersecurity  Legislation  Hearings  and Executive Branch Documents  by  author name scrubbed https www everycrsreport com files 20170420_R43310_c1301f1c67bd9d53a259e96e5dd1ca66a40dae41 html 18 18