A new cyber security report by Trustwave attempts to guess how lucrative online crime is. The researchers estimate attackers can get $84,000 of net revenue for each $5,900 investment in exploit kits and ransomware schemes, resulting in a 1425 percent return on investment (ROI)!
Return on investment: Attackers receive an estimated 1,425 percent return on investment for exploit kit and ransomware schemes ($84,100 net revenue for each $5,900 investment).
Weak application security: 98 percent of applications tested by Trustwave in 2014 had at least one vulnerability. The maximum number of vulnerabilities Trustwave experts found in a single application was 747. The median number of vulnerabilities per application increased 43 percent in 2014 from the previous year.
The password problem: “Password1” was still the most commonly used password. 39 percent of passwords were eight characters long. The estimated time it took Trustwave security testers to crack an eight-character password was one day. The estimated time it takes to crack a ten-character password is 591 days.
Where victims reside: Half of the compromises Trustwave investigated occurred in the United States (a nine percentage point decrease from 2013).