Experts evaluated the damage to the Russian economy from cyber attacks in 200 billion rubles.

92% of victims

Damage to the Russian economy from cybercrime in 2015 amounted to 0.25% of Russia’s GDP, or more than 200 billion rubles, according to experts of the Foundation for Internet development initiatives (FRIA), Microsoft, and Group-IB. The results of a joint study presented at the opening of the Russian Internet forum (RIF+KIB 2015) Manager of investment portfolio FRÍA Sergey Villains.

Loss of 200 billion rubles that approximately half of the funds allocated from the state budget in 2015 to support health, or more than 200% of the money that the state allocated to the media, said Villains. The head of research FRÍA Margarita Zobnina compares the resulting figure with the R & d expenditure: the damage from cyber-attacks is comparable to 23% of expenditure on R & d in 2015. “Cybercrime threatens not only the financial condition but also innovative development in Russia”, — said Zobnina.

The study is based on a survey of 600 representatives of Russian companies, of which 58% of small and medium business, while 42% of large commercial companies and government agencies, said during the presentation of the research founder and CEO of Group-IB Ilya Sachkov. In the study involved companies from most economic sectors — Finance, telecommunications, retail, manufacturing, etc. the Survey was conducted among top-managers “the highest level” — financial Directors, heads of IT departments.

Almost 92% of the respondents in the study admitted that they were faced with a real cyber attack, indicating that “serious and massive” problems, Sachkov noted. Two-thirds of companies believe that the number of network attacks over the last three years increased on average by 75%, and the financial damage — twice. However, only less than half of the victims were able to assess in monetary terms the damage done to their business.

From total RUR 203.3 billion rubles, which the researchers estimated losses of the Russian economy, direct damage business amounted to 123,5 billion rubles Almost 80 billion rubles — is the cost of business to eliminate themselves of cyber crimes and their consequences mentioned in the study. In Russia every day are more than 1 thousand only DDoS attacks, says Sachkov.

Representatives FRÍA, Microsoft and Group-IB has suggested to oblige legislatively the organization reveal the facts of cyber threats is necessary in order to begin to effectively combat network criminality. “Need a revolution in legislation and technical means. You must connect all information to the interior Ministry, including regional and Moscow branches, to enable more effective operational-investigative activities”, — said Sachkov. Representatives FRÍA, Group-IB and Microsoft has not yet talked with representatives of legislative authorities regarding their initiatives.

The difference of approaches

To estimate the General damage from actions of criminals at the level of individual countries, and even in percent of GDP, is a very complex task, and its result depends on the methodology and ways of counting, said the “Kaspersky Lab”. The situation is complicated by the fact that the income of the cyber criminals is virtually impossible to quantify, and many companies to not only hide the damage from cyberincidents, but the fact of the attacks, he continues. About five years ago, “Kaspersky Lab” conducted an assessment of the damage and have found many scammers stealing through a variety of cyber attacks. “Got $100 billion a year worldwide,” according to the founder of Kaspersky Lab Eugene Kaspersky.

“Kaspersky lab” annually conducts a study in which the company interviewing representatives from all levels of the business. In 2015, 95% of companies are faced with external cyber threats, roughly half of organizations have lost as a result of attacks on your data, gives statistics recent studies representative of “Kaspersky Lab”. In 2014 as a result of a security incident, the average loss for a large company was about 20 million rubles, while small and medium businesses in a similar situation losing 780 thousand rubles, he says.

In the financial sector network attacks resulted in losses of $790 million for 2012-2015, the third of which is stolen in countries of the former USSR, it follows from another study of “Kaspersky Lab”, dedicated to Russian-speaking cybercriminals. “In reality, we can talk about much larger amounts”, — said in the study.

In December 2015, first Deputy Chairman of Sberbank Lev Khasis has estimated losses from cybercrime is approximately 70 billion rubles (about $1 billion). He stated that “the state does not understand the level of threat” of cyber crime and the responsibility for them is not significant. Half of all cyber crime related to a “method of social engineering”: the user is asked to click on the link and leave your details on sites that attackers have access, then the scammers use the username, password, and other data of the person to, for example, to steal money from his Bank account, explained Khasis.

The justification for reducing damage from network attacks in the future no, I am sure Khasis. Representatives of the companies interviewed during the research FRÍA, Microsoft and Group-IB, fear that the number of cyberincidents and the damage from them in the next three years will increase significantly by 173% and 192% respectively. The specialists Group-IB expect a sharp increase in targeted attacks, predict a decrease in “average ticket” attack instead of multiple attacks on 1 million roubles will be 1 million attacks per 1 ruble.