US Cyber Security Survey: Fear of Cyber Crime Up 66%

Press release from the issuing company

Friday, February 27th, 2015

GFI Software today released the findings of an independent study examining the business and societal impacts of cyber security issues, revealing stark concerns over the increasing personal and business risks posed by cyber crime and the growing likelihood that cyber crime acts will escalate to physical retaliation. With multiple recent high-profile attacks targeting household names and large employers – including the Sony hack, the Netflix-user data leak and the hit on health insurer Anthem that exposed valuable employee and member records – the survey shows that individuals increasingly fear cyber crime and its resulting consequences at work as well as at home.

According to the survey, 46 percent of respondents have been victimized by at least one cyber crime in the last year alone. Credit card fraud was the most prevalent form of such with 24 percent of respondents hit in the last year, followed by 16 percent having at least one social media account breached or defaced.

The blind, independent study was conducted for GFI Software by Opinion Matters and surveyed 1,008 US adults, working for companies with up to 5,000 staff that use a computer or mobile computing devices.

Key findings from the survey include:

  • 43 percent see banks as the main target for cyber criminals in the coming year 
  • 17 percent fear that large business institutions will be targeted for crime and cyber espionage, but only 12 percent believe retailers will be a major target, despite the potential for high levels of credit card data theft 
  • With healthcare data increasingly digitized, 10 percent are concerned that cyber criminals will target hospitals, HMOs and health insurers in the coming year 
  • The perceived threat from cyber attacks is hurting adoption of Internet of Things (IoT) technology, with almost 60 percent either viewing Internet-connected home devices as too risky to own, or hesitating to purchase more devices 
  • 57 percent of respondents believe malware still poses the biggest threat to both individual and business information security

The Business Impact of Cyber Crime 
The research revealed that almost all cyber crimes have a noticeable, detrimental impact on businesses, with 88 percent of respondents believing that a cyber attack against their employer would have measurable financial and productivity implications. An additional six percent believe that a single cyber attack against their employer could easily put the organization out of business permanently.

"Cyber attacks have profound consequences for the business community, whether companies are the target, or the victim of an attack elsewhere. In the last few months alone we've seen major corporations targeted in systematic acts of espionage and geopolitical retaliation, as well as hundreds of thousands – potentially millions – of individuals affected by the fallout of data being stolen and misused," said Sergio Galindo, general manager of GFI Software. "Usernames, passwords, credit card data, health records – malicious use of this data by criminals can quickly create financial hardship and significant stress for affected individuals, while the negative fallout for organizations the data was stolen from can range from loss of reputation to fines, falling sales, civil and criminal legal proceedings and more," 

Impact of Cyber Crime on Public Services 
Until recently, companies and individuals rarely thought of hackers accessing everyday public and utility services to wreak havoc. Such services are at much greater risk, however, with everything from traffic lights and CCTV cameras to power stations and smart meters being increasingly computerized and networked to improve efficiency, centralize management and reduce cost. This new vulnerability was highlighted in November 2014, when the NSA reported that hackers successfully accessed the US power grid.

As a result, nearly three quarters (71.5 percent) of those surveyed now believe the hijacking of major services (utility services, traffic management, transport etc.) by cyber criminals is a genuine threat to US national security.

In addition, 50 percent believe that increased cyber crime is making life harder, by making it more challenging to access everyday services, and 37 percent believe the heightened cyber crime environment hinders productivity. Our reliance on digital devices makes us more of a target, according to 28 percent of respondents who believe that our everyday use of technology has left individuals and businesses more exposed than ever to virtual crime. Most worrying is that more than one third (35.3 percent) believe that acts of cyber crime and cyber terrorism are likely to spill over into physical acts of crime and terrorism.

"Cyber crime is not a victimless activity – virtual acts of criminality affect real people, put jobs at risk and have lasting consequences for everyone impacted by them," Galindo added.

Taking steps to improve online security 
The survey also revealed that growing cyber security concerns have prompted people to take more aggressive steps to protect themselves and their online footprint, both at work and at home:

  • 63 percent now regularly change passwords for web sites and online services 
  • 56 percent have taken steps to strengthen their anti virus protection 
  • 51 percent have activated PIN or password protection on tablets and smartphones 
  • 50 percent now avoid duplicating passwords across multiple sites and services 
  • 32 percent have, where supported, activated two-factor authentication for logging in 
  • 5.5 percent have done nothing to improve their online security

"It is particularly encouraging to see that one third of those surveyed have embraced two-factor authentication. While some financial institutions now insist on this technology to protect online banking access, people are increasingly activating two-factor to protect social networking, email, e-wallet and other online services," said Galindo.

Comparison with the UK 
The same survey, conducted among a parallel demographic in the UK, produced broadly similar results – with one interesting difference: US respondents were between four and five percent more security conscious with regards to the steps taken to secure personal data and prevent unauthorized access to online services.

In the UK, just over one quarter (27 percent) of those surveyed have begun creating dedicated email addresses for use with specific online services in an effort to minimize the impact of a security breach. In the US, the site of several high-profile username and password thefts, this number is as high as one third.